Privacy Policy

1.1 This Policy applies to the Company’s handling of users’ personal information (hereinafter referred to as “User Information”) and Contact Subjects’ personal information (hereinafter referred to as “Contact Information”) within Japan.

1.2 When there are additional individual provisions regarding the handling of User Information within the Service (hereinafter referred to as “Individual Policies”), the provisions of the Individual Policies shall take precedence within the scope of their application.

1.3 Unless otherwise specified in this Policy, terms defined in the Terms shall have the same meaning in this Privacy Policy.

2.1 The Company acquires personal information only through lawful and fair means, without deception or other improper methods.

2.2 The User Information that the Company acquires and uses includes the following:

1. Name, gender, affiliated organization, position, qualifications, areas of expertise, educational background, work history, achievements, and publicly available addresses, phone numbers, fax numbers, email addresses, and other contact information and other attributes related to users that users register in the Service
2. Information registered in the Service by other users of the Service
3. Information related to identity verification matters provided when users are registered in the Service (limited to cases where identity verification is conducted)
4. Service usage history, access history, device information, and other information related to service usage by users
5. Internal identifiers assigned to users by the Company and other information generated by the Company in association with users

2.3 The provision of some User Information and Contact Information is voluntary, but if not provided, all or part of the Service may not be available.

2.4 In addition to the User Information specified in Section 1, the Company may use Cookies and associate them with internal identifiers assigned to users by the Company. The Company uses this for identity verification, normal service provision, and prevention of fraudulent activities that interfere with service provision. Users can choose whether to allow the use of Cookies, but if you refuse to save Cookies, some features that require login may not be available.

3.1 The Company uses acquired personal information for the following purposes:

1. To provide the Service
2. For improvement and development of the Service and other products and services provided by the Company, and for accompanying analysis, interpretation, and other information processing
3. To conduct surveys regarding products and services provided by the Company (including those to be provided in the future)
4. To create content provided by the Company on the Service and to provide content optimized for users
5. To provide information, introductions, advertisements, and other information about third-party products or services tailored to users (including sending emails related to such information provision)
6. For information security measures or fraud prevention for the Company’s products and services (including identity verification)
7. To respond to inquiries from users
8. To send notifications and other emails from the Company
9. For communications regarding Company services such as maintenance and important notices
10. To allow users to view and change their registration information and view their usage status
11. To anonymize or otherwise process customer information so that specific individuals cannot be identified, or to perform statistical or other mathematical processing
12. For purposes incidental to the above purposes of use

4.1 The Company will not provide personal information to third parties except in the following cases, through joint use as defined in this Policy, through third-party provision as defined in Article 27, Paragraph 2 of the Personal Information Protection Act, or as permitted by the Personal Information Protection Act and other laws and regulations:

1. When there is consent from the individual
2. When necessary for the protection of life, body, or property of a person and it is difficult to obtain the consent of the individual
3. When particularly necessary for improving public health or promoting the sound growth of children and it is difficult to obtain the consent of the individual
4. When it is necessary to cooperate with a national government agency, local government, or a person entrusted by them in executing affairs prescribed by laws and regulations, and obtaining the consent of the individual may impede the execution of such affairs
5. When the Company outsources all or part of the handling of personal information within the scope necessary to achieve the purpose of use
6. When personal information is provided due to business succession through merger or other reasons

5.1 Among the personal information held by the Company, personal information corresponding to the following [Personal Information Items] may be provided to third parties by the method specified in [Method of Provision to Third Parties] below. However, such handling will not be conducted if requested by the individual. If you wish to stop the provision of personal information to third parties, please contact us using the method specified in [Method of Accepting Requests to Stop Third-Party Provision] below.

6.1 The Company may outsource all or part of personal information handling operations to external parties within the scope necessary to achieve the purpose of use. In such cases, the Company will exercise necessary and appropriate supervision over the outsourced party.

7.1 The Service may use APIs provided by Google LLC (hereinafter referred to as “Google APIs”). When the Company uses Google APIs, they will not be used for the purpose of developing, improving, or training generalized AI or machine learning models. They will also not be used for developing, improving, or training individually personalized AI or machine learning models.

7.2 The use of information obtained from Google APIs by the Company’s services complies with the Google API Services User Data Policy, including limited use requirements.

8.1 For the purposes specified in this Policy, the Company uses Google Analytics by Google LLC to measure the usage status of websites and other services provided by the Company. Google LLC may set Cookies or read existing Cookies to acquire data. In doing so, information such as the URL of the page accessed by the user and IP address is automatically sent to Google LLC. The Company may use such information to understand usage status and for Company services.

8.2 Google LLC may handle user information acquired by Google LLC in California, United States, to the extent necessary for the use of Google Analytics. For information about the personal information protection system in California, United States, please refer to this document. The Company ensures Google LLC’s compliance with applicable personal information protection systems through the Google Analytics Terms of Service and other applicable contracts with Google LLC.

9.1 The Company will retain acquired user personal information for the period necessary for handling such personal information. However, this does not apply when retention for a longer period is required by law, in which case the Company will retain such personal information for the period required by law. After the retention period ends, the Company will delete the personal information.

10.1 The Company implements the following measures for the security management of personal data:

1. Development of Regulations for Handling Personal Data
   We have established internal regulations that define handling methods at each stage of acquisition, use, storage, provision, and deletion/disposal of personal data. We have also separately developed operational procedures with detailed specifications to enable all employees handling personal data to perform their duties more appropriately.
2. Organizational Security Management Measures
   We have established a management supervisor for personal data handling and clarified the scope of employees who handle personal data and the personal data they handle. We also regularly review access privileges. We have established a reporting and communication system to the responsible person when violations of internal regulations or facts or signs of personal data leakage or loss are detected. We have established a system to respond quickly to incidents.
3. Human Security Management Measures
   We regularly conduct training on personal data handling and information security considerations for all employees, confirm their understanding, and work to further raise awareness.
4. Physical Security Management Measures
   We implement entry and exit management for employees in work areas. We take measures to prevent theft or loss of devices, electronic media, and documents that handle personal data, and when carrying such devices and electronic media, including movement within business premises, we implement measures such as encryption and locking to minimize the impact when theft or loss occurs.
5. Technical Security Management Measures
   We limit employees who handle personal data and the personal data they handle. We have introduced mechanisms to protect systems that handle personal data from unauthorized access or malicious software from outside, and we monitor access logs and other data.

11.1 When the Company receives requests from individuals for notification of the purpose of use, disclosure, correction of content, addition or deletion, suspension of use, erasure, or suspension of provision to third parties (collectively referred to as “Disclosure, etc.”) of retained personal data, the Company will promptly disclose this to the individual. However, when we cannot respond to requests for Disclosure, etc., such as in the following cases, we will promptly notify the individual of this fact. Please note that if some or all of the retained personal data is deleted, suspended from use, erased, or stopped from being provided to third parties, we may not be able to provide Company services and transactions as requested.

1. When there is a risk of harm to the life, body, property, or other rights and interests of the individual or a third party
2. When there is a risk of significant hindrance to the proper implementation of the Company’s business
3. When identity verification cannot be performed
4. When proxy authority cannot be confirmed in requests by a proxy
5. When there are deficiencies in the prescribed submission documents
6. When retained personal data cannot be identified due to deficiencies in the prescribed submission documents
7. When the subject of the request for Disclosure, etc. does not fall under retained personal data
8. When Disclosure, etc. would violate laws and regulations

11.2 A fee of 1,000 yen per case is required for disclosure of retained personal data and notification of the purpose of use.

11.3 Personal information acquired in connection with requests for Disclosure, etc. will be handled appropriately only to the extent necessary to respond to the request. Additionally, documents submitted in connection with requests cannot be returned.

12.1 The content of this Policy may be changed without notice to users, except for matters otherwise specified by law or in this Policy.

12.2 Unless otherwise specified by the Company, the revised Policy will take effect when posted on the Company’s website.