Established on 2 April, 2023
1. Compliance with Applicable Laws and Regulations
2. Definition of Personal Information
Personal information means information about a living individual that can be used to identify the specific individual by name, date of birth, or other description contained in the information. This includes information that can be easily cross-checked with other information to identify a specific individual.
3. Purpose of Personal Information Usage
The Company handles the personal information of users of this service within the scope necessary to achieve the purpose of use, except in cases where the Company has obtained the consent of the user of the service or where such information is treated as an exception by law or other regulations. The purposes of our use of personal information are as follows:
- To solicit and sell this service to users
- To provide information on applications for this service, cancellations of membership, and changes to registered information, and to perform various other administrative procedures such as confirmation procedures.
- To confirm, investigate, or reply to inquiries from users regarding the Service
- To conduct questionnaires and surveys for users
- To exercise rights or fulfill obligations based on contracts with users, laws, and regulations, etc.
- To properly perform the entrusted work in cases where all or part of the processing of personal information is entrusted by other businesses and or other entities, etc.
- To properly and smoothly execute other transactions between users of the Service
- To develop the services of our company, our parent company, Metaplanet Inc. and its consolidated subsidiaries (hereinafter collectively referred to as “the Group”), and our group’s affiliated companies. (hereinafter collectively referred to as the “Company Group”), as well as the development, introduction, and provision of services by the Company Group’s partner companies.
- To conduct market research, R&D of new services, and to provide information to users concerning the Service and the Group’s business by analyzing users’ attribute information, usage information, etc.
- To conduct business management and internal control of the Group, such as integrated compliance and risk management
- To perform tasks incidental to the above
- For other purposes for which the Company has obtained the consent of the individual concerned
4. Proper Acquisition and Use of Personal Information
The Company will acquire the personal information of users only to the extent necessary to achieve the purpose of use specified and announced in advance and will use such information appropriately within the scope necessary to achieve the purpose of use.
5. Acquisition of Personally Identifiable Information
The Company may receive personally identifiable information from a third party and link it to personal data held by us to obtain personal data that identifies the user. In such cases, the information will be used within the scope of the purposes of use listed above in “3. Purpose of Personal Information Usage.”
6. Security Control Measures
In order to prevent leakage, etc. of users’ personal information, the Company implements necessary and appropriate security control measures as described below, as well as appropriately supervises our employees and contractors.
- Establishment of Personal Information Protection Policy
- Implementation of regulations concerning the handling of personal information
* Basic handling methods for each stage of acquisition, use, storage, provision, deletion, disposal, etc. are stipulated in the internal rules.
- Safety management measures for the organization
* The Company has established an organizational structure for the protection of personal information and has appointed a person responsible for the protection of personal information for the Company as a whole.
* The scope of employees who handle personal data and the personal data handled by such employees is clarified, and a reporting and liaison system is in place for reporting to the person responsible for handling personal data in the event that facts or signs of a breach of the Personal Data Protection Act or personal data handling regulations are detected.
- Human security control measures
* Employees are required to submit a written pledge of confidentiality of personal information when they join the company.
* Regular training is provided to employees on matters related to the handling of personal information.
- Physical security management measures
* Appropriate controls are in place to prevent theft of media containing personal information.
- Technical security management measures
* Appropriate access controls are in place to limit the scope of personal information handled.
* Appropriate measures are taken to prevent unauthorized external access to information systems that handle personal information.
- Understanding the external environment
* The Company uses cloud services to store some of the personal information. The data centers for this cloud service are located in the United States, Chile, Ireland, the Netherlands, Denmark, Finland, Belgium, Singapore, Taiwan, and Australia. The Company makes every effort to understand the personal information protection laws and regulations in these countries and regions after confirming the usage contracts for such cloud services.
7. Provision of Personal Information to Third Parties
The Company do not provide personal information of users to third parties without their consent, except when the Company outsource our business, use personal information jointly with a specific party, or when permitted by law.
8. Joint Usage of Personal Information
The Company may share users’ personal data as follows:
- Items of personal data to be shared
- Scope of joint users
- The Company, its Group Companies and its consolidated subsidiaries
- Purposes of use by persons with whom personal information is shared
- The Company will use personal information within the scope necessary for the purposes of use stipulated in “3. Purpose of Personal Information Usage.”
- Person responsible for the management of such personal data
- The Company
9. Procedures for Requests for Disclosures
When the Company receive a request for disclosure, etc. (notification of purpose of use, disclosure, correction, etc., suspension of use, etc., suspension of provision to a third party) of retained personal data, etc., the Company will confirm the identity of the person making the request and strive to respond appropriately and promptly. If there is a request for disclosure as to whether or not a personal number is retained, the Company will respond as to whether or not a personal number is retained.
Specific procedures are as follows:
- Request for disclosure
The individual whose personal data the Company hold may make the following requests with respect to such retained personal data:
*Notification of Purpose of Use
*Suspension of use, etc.
*Suspension of provision to third parties
- Method of request
Please contact us using the method specified in 10. Contact Us
- Method of identification
The Company will confirm the identity of the applicant by a method prescribed by us
- Method for answering
In the case of a request by the person himself/herself or his/her representative, the Company will respond to the request by one of the following methods.
- by sending an electromagnetic record of the contents of the response as an attachment to an e-mail to the e-mail address registered with us
- by mailing a document containing the contents of the response to the person’s registered address.
* Fees will be collected along with the usage fee.
* If the person is not a member of our company, payment must be made by postal ticket or fixed-amount money order.
* If the request is made by a proxy, the “Request for Disclosure of Personal Information, etc.”, “Letter of Proxy”, and “Certificate of Seal Registration for the seal affixed to the Letter of Proxy” must be submitted in order to confirm that the request is made by the principal and that the proxy has authority to represent the principal.
* If a request for disclosure is made through a proxy, in principle, the Company will respond to the person in question.
* Requests for discontinuance of use, etc. shall be made in cases where the Company uses the personal information of the person in question for purposes other than those for which it was originally intended, or where the personal information was obtained illegally, or where the personal information was used in a manner that may encourage or induce illegal or unjust acts, or where the Company no longer needs to use the retained personal data, or where there has been a leakage, etc. of the retained personal data, In addition, the provision of personal information to a third party may be suspended when there is a risk that the rights and interests of the person concerned may be harmed by the handling of the retained personal data. In addition, suspension of provision to a third party may be requested in cases where the Company provides personal information to a third party without the consent of the person in question, where the Company provides personal information to a third party in a foreign country without the consent of the person in question, where the Company no longer needs to use the retained personal data, where a leakage, etc. of the retained personal data has occurred, or where there is any other case in which the handling of the retained personal data may harm the rights and interests of the person in question. The Company may make a request when there is a risk that the rights and interests of the person in question may be harmed by the handling of the retained personal data. Please note that the Company may not be able to respond to your request.
10. Contact Us
The Company will respond promptly and appropriately to complaints and other inquiries from users. For inquiries regarding personal information, please use the inquiry form.
Click here for the inquiry form: https://metaplanet.jp/contact/