Protection of Personal Information
Personal Information Protection Policy
Sugitec Co., Ltd., VIC JAPAN Corporation, and Comprehensive Building Data Services Corporation (hereinafter referred to collectively as the 'Company Group') consider it a social responsibility to protect all personal information handled by the Company Group and will implement the following initiatives to ensure its proper management.
1.We will establish compliance regulations for the protection of personal information and ensure their proper implementation and maintenance.
2.We will take preventive and corrective measures to prevent unauthorized access to personal information, as well as its loss, destruction, alteration, and leakage. We will strive for continuous improvement in these areas.
3.We will provide education and training on personal information protection to all personnel involved in handling personal information, in order to raise awareness and improve management of personal information.
4.When collecting personal information, we will clearly define the purpose of collection and use it only within the necessary scope. Unless with the consent of the customer or when it is necessary to outsource business within the scope required to provide services requested by the customer, we will not disclose or provide the collected personal information to external third parties. Furthermore, when outsourcing business, we will obligate the third party to appropriately manage and protect personal information similar to the Company Group.
5.We will comply with applicable laws and other regulations regarding personal information.
6.We will establish a contact point for complaints and consultations regarding personal information and respond promptly.
April 2022
Sugitech Co., Ltd. Representative Director: Tatsuya Sugiyama
VIC JAPAN Corporation Representative Director: Koichi Umeda
Comprehensive Building Data Services Corporation Representative Director: Koichi Umeda
Handling of Personal Information
Sugitec Co., Ltd. (hereinafter referred to as "the Company") endeavors to appropriately manage all personal information (including information about our customers, including those who use our website, as well as all other personal information used in the course of business activities such as addresses, names, telephone numbers, email addresses, and any other information that can identify individuals, whether already held within the company or acquired in the future [hereinafter referred to as "personal information"]) in compliance with laws and regulations related to the protection of personal information and other standards. Additionally, the Company will address all personal information handled in business operations as follows.
1.Compliance with Laws and Regulations
We will comply with the Personal Information Protection Act, as well as other laws and regulations related to personal information, regarding the handling of personal information.
2.Implementation of Security Measures
To ensure the accuracy and security of personal information, we implement information security measures, including with our cooperating partners, to prevent the loss, leakage, unauthorized access, tampering, and other risks associated with personal information.
3.Purpose of Use of Personal Information
When the Company Group obtains personal information, it does so by appropriate means based on legal compliance. Furthermore, if the Company Group intends to acquire personal information and it is provided by customers through written documents or via the web, the purpose of use of the personal information will be clearly indicated.
The personal information acquired by the Company Group will be used within the following scope of purposes:
・For providing services desired by customers.
・For providing information via email or other means regarding services provided by the Company.(such as seminars, events, etc.)
・For conducting business related to employee recruitment activities of the Company.
・For sending materials related to services (newsletters), seasonal greetings, etc. from the Company.
・For responding to online free consultations or inquiries from customers, and contacting customers as necessary.
・For responding to troubles related to services provided by the Company Group.
・For conducting daily business operations necessary for the operation of the Company's business.
・For creating and analyzing marketing data for the purpose of understanding customer characteristics.
・For conducting surveys on usage and usage environment, etc., to objectively understand customer satisfaction.
・In the case of software development and system operation, if entrusted with all or part of the handling of personal information, it will be managed appropriately by the Company Group, and handled within the scope of the outsourcing contract.
4.Scope of Use of Personal Information
(i) Provision to Business Partners and Outsourcing Partners: We may provide the necessary minimum personal information to business partners and outsourcing partners within the scope required to achieve the above-mentioned purposes. In such cases, we will thoroughly supervise the business partners and outsourcing partners to ensure compliance with this policy.
(ii) Provision to Third Parties: Without the prior consent of the individual, we will not provide personal information to third parties. However, there may be cases where personal information is provided to third parties without consent in accordance with laws and regulations, when it is necessary to cooperate for the performance of duties prescribed by laws and regulations, such as those of national or local governments, or when it is particularly necessary for the protection of human life, body, or property, or for the improvement of public health or the promotion of healthy upbringing of children.
5.Joint Use of Personal Information
The Company Group may jointly use customer's personal information.
・Personal information for joint use:
Address, name, department name, position, telephone number, fax number, email address.
・Scope of parties jointly using the information: The Company Group as defined below.
Sugitec Co., Ltd. Representative: Tatsuya Sugiyama
Comprehensive Building Data Services Corporation Representative: Koichi Umeda
VIC JAPAN Corporation Representative: Koichi Umeda
・Purposes of use by the users:
Same as the purposes of use described in "3. Purposes of Use of Personal Information".
・Person in charge of personal data management:
Sugitec Co., Ltd.
Administrator: Takashi Hashimoto
6.Collection and Security Management System of Personal Information
(i) Our company collects personal information in an appropriate and lawful manner.
(ii) Our company manages personal information appropriately and strictly, and takes safety measures to prevent information leaks, destruction, and unauthorized access.
(iii) To ensure the execution of safety management, our company appoints a person responsible for personal information management and conducts education and awareness activities within the company.
(iv) If a personal data breach occurs and it is likely to significantly harm the rights and interests of individuals as specified in certain cases defined by regulations (Article 22-2 (26) of the Act on the Protection of Personal Information), we will promptly report to the Personal Information Protection Commission and sincerely notify the affected customers.
7.Disclosure, correction, and suspension of use of personal information, etc.
□Disclosure of Personal Information
If our company is requested by a customer to disclose personal information in accordance with the provisions of the Act on the Protection of Personal Information, we will confirm that the request is from the customer themselves and will disclose the information to the customer without delay (if the requested personal information does not exist, we will notify the customer to that effect). However, this does not apply if our company is not obligated to disclose the information under the Act on the Protection of Personal Information or other laws and regulations.
【Contact for Complaints Regarding the Handling of Retained Personal Data】
Please refer to "Inquiries Regarding Personal Information.
【Regarding Accredited Personal Information Protection Organizations】
Our company group is not a covered business operator of any "accredited personal information protection organization."
【Request Procedures for Disclosure, etc.】
・Requests for disclosure, etc., within our company group should be directed to the "Personal Information Management Officer of each group company."
・Requests for disclosure, etc., will only be accepted in writing using the "Request Form for Disclosure, etc. of Personal Information." Please contact the designated contact point to obtain the request form.
R・equests for disclosure, etc., will only be accepted from the individual concerned or their representatives (representatives of minors or adult wards, or representatives authorized by the individual). Requests from any other persons will not be accepted.
<Method of Identity Verification>
"Driver's license, health insurance card, passport, or proof of proxy authority (such as a power of attorney) will be used to verify the individual's identity in the case of a proxy."
・When notifying the purpose of use of retained personal data or responding to requests for disclosure of retained personal data, only the actual cost equivalent of postage, etc., will be charged, and no administrative fees will be collected. The method of collecting fees will be cash on delivery.
・Upon reviewing the contents of the request, if it is determined that it falls under "matters for which there is no need to respond to requests for disclosure, etc.," we will inform the requester of this fact and the reasons for not complying with the request.
□Correction, Suspension of Use, etc. of Personal Information
ⅰ. If our company is requested by a customer to correct the content of personal information based on the provisions of the Act on the Protection of Personal Information, due to the reason that the personal information is not true, except where special procedures are prescribed by other laws and regulations, we will promptly conduct necessary investigations after confirming that the request is from the customer themselves, and based on the results, we will correct or suspend the use of the personal information and notify the customer accordingly.
ⅱ. Our company, when requested by a customer to cease or erase the use of personal information (hereinafter referred to as "suspension of use, etc.") on the grounds that the personal information is being handled beyond the scope of the purpose of use previously publicly announced, or on the grounds that it was acquired through fraudulent means, promptly conducts necessary investigations, and based on the results, suspends the use, etc. of the personal information and notifies the individual concerned accordingly. However, if suspending the use, etc. of the personal information entails significant costs or if it is otherwise difficult to suspend the use, etc., and if alternative measures that are necessary to protect the rights and interests of the individual concerned can be taken, our company will implement such alternative measures.
8.The Handling of Personal Information on the Website
・Security of Personal Information
For the security of customer information during transmission, we use SSL (Secure Sockets Layer) encryption technology with server certificates issued by GMO to encrypt communications.
9.Regarding the Revision of the Privacy Policy
In our company group, we may revise this Privacy Policy in response to changes in service content, purposes of use, security enhancements, as well as revisions to relevant laws and regulations or standards. We kindly ask our customers to regularly check our company group website for any updates.
□Contact Information
For inquiries, comments, questions, complaints, or any other matters related to the handling of user information, please contact the following departments:
Sugitec Co., Ltd. Information Security Management Department.
VIC JAPAN Co., Ltd.
Comprehensive Building Data Services Co., Ltd.
Revised: April 15, 2022