（１）Applicable privacy laws and regulations
EU General Data Protection Regulation (GDPR)
UK Data Protection Act
Law Concerning the Protection of Personal Information in Japan
EU general data protection regulations
The European Union, which includes Iceland, Liechtenstein and Norway, based on the European Union member states and the European Economic Area (EEA) agreement.
Means information about an identified or identifiable natural person (“Data Subject”). An identifiable natural person is, in particular, by reference to an identifier such as name, identification number, location data, online identifier, or the physical, physiological, genetic, mental, economic, and cultural nature of the natural person. A person who can be identified directly or indirectly by referring to one or more elements that indicate physical or social identity.
An identified or identifiable natural person whose personal data is processed by the processing administrator
A natural person or corporation, public institution, department or other organization that handles personal data on behalf of the administrator
It means a natural person or corporation, public institution, department or other organization that receives disclosure of personal data regardless of whether it is a third party or not. However, a public institution that can obtain personal data within the framework of a special investigation in accordance with EU law or the national law of a member state is not considered an acquirer. The handling of the data by public authorities shall be in accordance with the purpose of the handling and shall comply with applicable data protection provisions.
A natural person or corporation, public institution, department or other organization other than the data subject, administrator, processor, and the person who is authorized to handle personal data under the direct approval of the administrator or processor.
Mark personal data stored in records to limit its processing in the future
It shall be available for collection, recording, editing, composition, record keeping, modification or modification, search, reference, use, disclosure by transmission, distribution, or otherwise, whether by automatic means or not.
Performing or performing a group of tasks performed on personal data or a group of personal data, such as things, alignment or combination, restriction, erasure or destruction.
Analyzing or predicting certain personal aspects associated with a natural person, in particular aspects of the natural person’s ability to perform, financial status, health, personal preferences, interests, credibility, behavior, location and mobility. Automatic processing of personal data in any form, consisting of the use of personal data to do so
（13）Consent of data subject
It means an unambiguous, unambiguous, representation of the data subject’s intent, freely given, specified, and pre-explained, by which the data subject, by its statement or explicit positive action. A statement of consent to the handling of personal data related to you
２．Administrator name and address
Address: 2-12-6 Shinyamashita, Naka-ku, Yokohama
Phone number: + 81-45-621-1935
The data subject has the right to file a complaint with the supervisory authority, but we would like you to have the opportunity to respond to the complaint, so please contact us in advance before the data subject contacts the supervisory authority.
Please note that this website uses Google Analytics. For google analytics, please refer to the following site.
※ Types of cookies
（１）Classification by duration
- Session cookie
Cookies that are cleared when the user closes the browser
- Persistent cookie
Cookies that remain on the user’s computer / device for a predefined period of time
（２）Classification by attribution
- First type cookie
Cookies set by a web server and sharing the same domain
- Third-party cookies
４．Purpose of processing personal data
（１）Purpose of processing
We process personal data only for the following purposes:
A. Personal information about customers and business partners
- Entry / exit management to our facilities
- Business partner information management, payment, income processingB.
- Various communications, business negotiations, contract conclusions, etc. necessary for business
- Response to various inquiries
B. Personal information of recruitment applicants
- Providing and contacting recruitment applicants with recruitment information, etc.
- Hiring business management at our company
C. Personal information about employees, etc.
- Personnel / labor management
- Payment of remuneration, salary, bonus, etc.
- Social insurance, tax procedures, etc.
- Contact and provide to labor unions, health insurance unions, corporate pension funds, affiliated companies, seconded companies, etc.
- Procedures for retirement
- Contact in case of emergency
- Notification / report to government offices
- Notification / report / contact to customers and business partners in charge of business
- For other procedures and communication necessary for business
（２）Source of personal data
We will acquire personal data from the following sources for the purpose of processing (1) above.
- Obtained directly from the data subject (example: personal data described in the application form, etc.)
- Obtained indirectly from the data subject (example: IP address obtained when browsing our site)
- Public information (information on the Internet)
- Social media (example: Twitter, LinkedIn, Facebook)
- Survey report provided by a third party
（３）Types of personal data to be acquired
- Personal attribute information
- Personal purchase history of personal data processed by our company
- Products and services provided
- Financial information
- Educational background
- Employee information
（４）Provision and sharing of personal data
We may need to share your personal data with the following third parties for the purpose of processing (1) above. If this is required, we will comply with applicable privacy laws.
・Our group companies
・ Professional specialists such as lawyers, tax accountants, and certified public accountants
・ Financial institutions
・ Current, past and future employees
・ Service providers / suppliers
５．Legal basis for processing personal data
The legal basis for processing is as follows.
- When the data subject gives consent to the processing of his / her personal data for one or more specific purposes.
※ If the processing is based on the consent of the data subject in ① above, the data subject has the right to withdraw this consensus.
- When processing is required to fulfill the contract in which the data subject is a party, or when processing is required to perform the procedure at the request of the data subject before the conclusion of the contract.
- When processing or necessary to comply with the legal obligations that the administrator should obey.
- When processing is required to protect the significant interests of the data subject or other natural persons.
- When processing is required in the performance of business performed for the public interest or the exercise of public authority given to the manager.
- When processing or necessary for the legitimate interests pursued by the administrator or a third party. However, this does not apply when the basic rights and freedoms of the data subject, especially when the child is the data subject, seeking protection of personal data take precedence over such interests.
※ The following cases can be mentioned as cases where the legitimate interest of ⑥ is the legal basis for processing.
・ Marketing to customers (direct marketing)
・ Customer service to customers
・ Application for employment to our company
６．Data subject rights
Under applicable privacy laws, including the GDPR, the data subject has the following rights. To claim these rights, the data subject may contact us at any time.
When collecting personal data from a data subject, the administrator must provide certain information to the data subject when obtaining the personal data.
The administrator must provide a copy of any requests for access to the personal data being processed by the data subject.
（３）Right to correct
The data subject can ask the administrator to correct inaccurate personal data.
（４）Right to erase (right to be forgotten)
In certain cases, the data subject has the right to obtain the deletion of personal data about himself from the administrator without delay.
（５）Processing restriction right
When the data subject is fixed. You have the right to have the administrator limit the processing.
（６）Right to notify regarding correction, deletion, and processing restrictions of personal data
In the cases of (3) to (5) above, the administrator will notify the acquirer of personal data of this process, and if the data subject requests it, will notify the acquirer.
（７）Data portability rights
The data subject has the right to receive personal data about him in a structured, commonly used and machine readable format. You also have the right to transfer such data to another administrator without the intervention of the administrator to whom your personal data was provided.
（８）Right of objection
The data subject reserves the right to object to the processing of its personal data based on the need for processing for the purpose of legitimate interests pursued by the administrator or a third party.
（９）Right not to receive automated processing including profiling
The data subject reserves the right not to make decisions based solely on automated processing such as profiling that has a legal effect on itself or has a similar significant impact on the data subject. In addition, we do not perform automated processing including profiling for personal data of the data subject.
７．Safety management measures
As an administrator, we have taken sufficient technical and organizational
security management measures regarding the protection of personal data. If the data subject is concerned about a particular data transfer method, etc., we will take sufficient alternative measures.
８．Retention period of personal data
The retention period of personal data is the statutory retention period of each EU member state and Japan, and personal data will be promptly and safely deleted after the statutory retention period, unless necessary in connection with the purpose of contract or other processing.