Handling of Personal Information
SEPTENI INCUBATE, INC. (the "Company," "we" or "our") will handle personal information obtained in relation to our business operations as follows. Rules regarding the Company's handling of personal information in individual services and initiatives shall be set forth separately for each individual service and initiative.
1. Acquisition on Personal Information
(1) The Company shall acquire personal information or personally referable information* (hereinafter referred to, collectively, as "personal information, etc.,") in relation to its business operations using any of the following methods.
- Direct acquisition, from the individual in question
E.g.: We acquire personal information from the individual by them filling out a paper form, or by direct entry into a website form.
- Indirect acquisition, from the individual in question
E.g.: We acquire personal information, etc., published in a publication or on the internet.
- Direct or indirect acquisition, from a website operated by the Company
E.g.: We acquire site usage history automatically via tags set on a website operated by the Company.
- Indirect acquisition from a third party
E.g.: We acquire personal information via a data management platform or social media.
(2) The Company may acquire personal information, etc., by methods that may not be easily perceived by the individual in question. Please see here for information regarding cookies and acquisition of personal information, etc., by ad technology, etc.. This includes cases where the Company does not acquire personal information but providers of ad technology services, etc., do acquire personal information.
*About personally referable information
“Personally referable information” means information relating to an individual which does not fall under the categories of personal information, pseudonymously processed information and anonymously processed information. It does not include statistical information.
E.g.: Postal (zip) codes, email addresses, gender, occupation, hobbies and interests, customer ID numbers, information stored in cookies, IP addresses, device ID numbers, advertisement identifiers (AAID/IDFA), other identifiers and location data, browsing histories, purchasing histories and other log data pertaining to Internet usage, etc.
The Company acquires (and handles) any personally referable information as personal information if it can be readily collated with other information and thereby identify a specific individual.
2. Purpose of Utilizing Personal Information
The purpose(s) of utilizing personal information, etc., that the Company acquires are as follows.
(1) For conclusion of agreements with our customers and partners (including membership registration for use of websites operated by the Company)
(2) For handling requests from our customers and partners and implementing agreements with customers and partners
(3) For communicating with our customers and partners
(4) For sending information about trade shows, seminars, products, and services etc. of the Company and Group companies
(5) For developing and improving products and services of the Company and Group companies and improving their quality
(6) For the marketing, sale and sales promotion of the products and services of the Company and Group companies
(7) For creating statistics
(8) For analyzing site usage and browsing status, for the purpose of improving this site
3. Use of Personally referable Information Provided to the Company by Third Parties in Conjunction with Personal Information
The Company may make use of personally referable information provided to it by third parties in conjunction with personal information already in the possession of the Company. Please see here for details regarding such cases.
4. Provision and Entrusting the Handling of Personal Information to Third Parties
(1) The Company may provide personal Information to third parties within the extent permitted by law (including when obtaining the consent of the individual in question, and performing procedures required by law.)
(2) The Company may entrust the handling of personal information to third parties ("contractors"), within the necessary scope to achieve the purpose(s) of utilizing Personal Information described in Section 2. In such cases, the Company shall enter into an agreement with the contractor, who must meet selection criteria for contractors, and appropriately manage work performed by the contractor.
(3) Third-party providers and contractors may include third parties located outside of Japan (*).
*The Company provides details regarding cases where we provide, or entrust the handling of, personal information to third parties located outside of Japan.
5. Shared Use of Personal InformationThe Company makes shared use of personal information as follows.
(1) The categories of the jointly utilized Personal Information:
- Information acquired in relation to an agreement between the Company and a customer and/or partner
- Contact details of customers and/or partners
(2) The scope of a jointly utilizing entity: The Group companies
(3) The utilization purpose for the jointly utilizing person:
- For having an appropriate Group company respond to inquiries about the Group’s products and services
- For developing and improving products and services of the Group companies and improving their quality
- For the marketing, sale and sales promotion of the products and services of the Group companies
(4) The entity responsible for controlling the jointly utilized Personal Information:
8-17-1 Nishishinjuku, Shinjuku-ku, Tokyo
SEPTENI HOLDINGS CO., LTD.
Koki Sato, Representative Director
6. Voluntary Nature of Provision of Personal Information by Individuals and the Result of Refusal to Provide Personal Information
Customers and partners may decide voluntarily whether to provide their personal information to us. If they do not provide their personal information, they may be unable to receive the services which they wish to receive.
7. Procedure for Demand for Disclosure etc.
(1) Individuals may make the following demands ("Demands for Disclosure, etc.") to the Company, within the scope permitted by law, with regard to personal information handled by the Company.
- Notification of the purpose of use
- Disclosure of records of personal information or records of provision to third parties
- Corrections, additions or deletions of personal information, a utilization cessation or deletion, or cessation of provision to third parties
(2) Procedures regarding Demands for Disclosure, etc., are as follows.
- Privacy Consultation Desk, which is written about in “Inquiries” below, will receive the Demand for Disclosure etc.
- The person who makes a procedure for Demand for Disclosure etc. is required to send by mail a request form prescribed by the Company and necessary documents, including identification documents. When you wish for information disclosed to be provided in electronic record form, please make that fact known when requesting disclosure. We will inform you regarding specific methods of disclosure.
- The person making the Demand for Disclosure, etc., will be charged a prescribed fee per demand for notification of the purpose of utilizing personal information, disclosure of the contents of personal information or records of provision to third parties.
The details of the procedure are available here.
8. Security Control Action
The Company shall endeavor to keep personal information accurate and up-to-date, and will implement necessary and appropriate action for the security control of the information as follows for protecting the information from unauthorized access, falsification, leakage, loss or other damage.
(1) Formulation of basic policy
To ensure that personal information is handled appropriately, the Company has formulated a basic policy covering matters such as compliance with relevant laws, regulations and guidelines and a point of contact for dealing with privacy-related questions and complaints.
(2) Development of rules governing the handling of personal information
The Company has formulated rules on the handling of personal information, setting out handling methods, the persons responsible/in charge, their responsibilities, etc., at every stage of the process, from collection, use, storage and provision to deletion and destruction.
(3) Systematic security control action
- The Company has established a person responsible for the handling of personal information and has also clarified the employees who handle personal information and the scope of personal information handled by these employees, and developed a system for reporting to and liaising with the person responsible in the event of discovery of an actual or suspected breach of laws or privacy regulations.
- The Company implements periodic self-inspections on the status of handling personal information.
(4) Human security control action
- The Company regularly provides training to employees on matters to be considered when handling personal information.
- The Company stipulates rules regarding maintaining the confidentiality of personal information in its work regulations.
(5) Physical security control action
- In areas where personal information is handled, the Company restricts employee access and the equipment which can be brought in and we also take measures to prevent unauthorized persons from viewing personal information.
- The Company takes measures to prevent the theft and loss of equipment, electronic media and documents containing personal information. Moreover, when carrying such equipment, electronic media or documents around, such as when moving between offices, the Company takes measures to ensure they cannot be easily accessed.
(6) Technological security control action
- The Company uses access control to limit the scope of persons in charge of handling personal information and the scope of the personal information database they handle.
- The Company introduces frameworks to protect information systems that handle personal information against illegal access from outside or malware.
(7) Assessment of external environment
When the Company handles personal information in overseas countries (including cases where the Company entrusts the handling of personal information to third parties located outside of Japan), it implements security control action based on an understanding of privacy legislation and other systems in place for the protection of personal information in the countries in which it stores personal data.
9. Response to Information Leaks and Other Incidents
In the event of a personal information leak or other such incident, the Company reports to the relevant supervisory authorities in accordance with the Act on the Protection of Personal Information and related guidelines, and takes necessary measures, such as measures to prevent recurrences or the occurrence of similar incidents, in accordance with the instruction of the relevant supervisory authorities.
10.Personal Information Protection Manager
Secretary General of Information Security Bureau
For inquiries, complaints, consultations on the handling of and the Procedure for Demand for Disclosure etc. of Personal Information please contact Privacy Consultation Desk.
Privacy Consultation Desk
Company name: SEPTENI INCUBATE, INC.
Contact: Secretary general of Information Security bureau
Location: 8-17-1 Nishishinjuku Shinjuku-ku, Tokyo
Established October 1, 2019
Revised January 1, 2020
Revised April 1, 2022
This English translation is for reference purposes only and not a legally definitive translation of the original Japanese texts. If a difference arises regarding the meaning herein, the original Japanese version shall prevail as the official authoritative version.
Provision and Entrusting the Handling of Personal Information to Third Parties Located Outside of Japan
(1) When providing personal information or entrusting the handling of personal information to third parties located outside of Japan (excluding third parties located in the United Kingdom or EEA member countries; hereinafter referred to as "third parties located overseas"), the Company shall provide the name(s) of the relevant overseas countries and information regarding systems for the protection of personal information in those overseas countries as follows, except in cases where they cannot be identified for operational reasons of third parties located overseas (such as enabling effective operation, improving performance and ensuring redundancy). When there are other reasons why the country cannot be identified, the Company shall clearly state those reasons. Name of overseas country: United States of America Protection system:https://www.ppc.go.jp/files/pdf/USA_report.pdf
(2) The Company confirms that third parties located overseas to which it provides personal information or entrusts the handling of personal information take measures in response to the eight OECD Privacy Principles (part of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data). When third parties do not take such measures, the Company shall provide information to that effect.
(3) The Company may provide personal information or entrust the handing of personal information to third parties located in the United Kingdom or EEA member countries.
Details of Procedure for Demand for Disclosure etc. of Personal Information
The details of the procedure for Demand for Disclosure etc. of personal information are as follows.
1. How to Make a Request
(1) Send an e-mail to Privacy Consultation
2. Necessary Documents, Etc.
(1) Demand for Disclosure etc. request form
Request form prescribed by the Company (Please complete all items inside the bold frame.)
(2) Identification documents
- If the Principal makes a request
Please submit one of the following with your name and current address stated as identification documents.
- A copy of your driver's license (If your name or address has changed, submit a copy of the reverse side)
- A copy of your passport (copies of the pages where your name and address are written and the photograph is attached)
- A copy of your residence card (If your name or address has changed, submit a copy of the reverse side)
- A copy of your special permanent resident certificate (If your name or address has changed, submit a copy of the reverse side)
- A copy of your health insurance certificate and an original of your resident record (issued within the last three months; information about your registered domicile is not necessary) or an original of your registered seal certificate.
- If an agent for the Principal (the “Agent”) makes a request
- Any one of (i) a to (i) e for Principal (identification documents for Principal)
- Any one of (i) a to (i) e for the Agent (identification documents for the Agent)
- Documentary evidence of the Agent relationship
- If the Agent is a statutory representative: A certified copy of the family register or a copy of resident record where both Principal and the Agent are stated and their relationship is shown (issued within the last three months; information about the registered domicile is not necessary).
- If the Agent is a privately appointed agent: A power of attorney (the signature of the Principal and his or her registered seal) and the registered seal certificate of the registered seal that is affixed to the power of attorney.
(3) If notification of the purpose of utilizing Personal Information and disclosure of Personal
Information is requested, a fee of 800 yen (including tax) needs to be paid. Please enclose a postal fixed-amount money order with the necessary documents.
Information Security Bureau SEPTENI INCUBATE, INC. Sumitomo Fudosan Shinjuku Grand Tower 30F 8-17-1 Nishishinjuku, Shinjuku-ku, Tokyo 160-6127