System Friend information protection policy
Our company declares that we shall take companywide initiatives, and fully recognizes the social responsibility related to handle anonymous personal information to keep the rights of data subjects and trust relationship with our clients as a company operating Internet sales business, rental server business and a position of hiring employees.
- It limits personal information within the necessary range in software contract development, ASP business, Internet sales and rental server business, employee’s employment and personal management is collected and used. Our company shall not use information for the other purposes and take efficient measures to prevent the utilization of purposes other than above.
- We will observe laws related to the handling of personal information, national guidelines, and other standards.
- We respond to complaints or consultations by individuals about the handling of their personal information and our company’s management system of personal information protection in a prompt and proper manner. We will seek to establish an internal system for the purpose.
- We will take reasonable safety measures in an effort to prevent leakage, loss or damage of personal information collected, invest management resources with the latest technology, improve continuously the system of personal information security, and correct them on an ongoing basis.
- Based on individual needs and the latest IT technology trends, we will review its personal information protection management system in a timely and appropriate manner and continuously implements improvements.
- The policy has been distributed to all our employees. We will improve the awareness of prevention of personal information among employees by education and enlightenment.
<Contact desk for personal information>
- System Friend Inc. personal information protection manager: Teranishi
- TEL: 082-943-9530 FAX: 082-943-9531 (Business hours: 9:00~17:30)
- E-mail:privacy@systemfriend.co.jp
enacted: December 10, 2007
revised: July 1, 2002
System Friend Inc. Representative director, Toshio Asayama
Handling of personal information
1. The name and address of the business operator handling personal information
- Company name: SYSTEM FRIEND INC.
- Head office location: 1-11-20, Itsukaichi-Ekimae, Saeki-ku, Hiroshima city, Japan 731-5125.
- Representative: Toshio Asayama
2. Handling of personal information collected
Our company stores personal information collected under the strict management. We have a strict precaution towards unauthorized access, leakage, loss, or damage to protect such personal information. Our personal information protection manager is as follows.
- System Friend Inc. personal information protection manager: Teranishi
- TEL: 082-943-9530 FAX: 082-943-9531 (Reception hours: 9:00~17:30)
- E-mail:privacy@systemfriend.co.jp
3. The use of personal information
The purposes of using personal information are as follows. We will not use beyond the scope necessary to achieve each purpose without obtaining the prior permission of the person.
【Personal information we may disclose】
- Personal information relating to business partners (clients as original contractors, alliance partners)
- For negotiation, contract conclusion, and contract management
- For contact about dealing and business
- For payment confirmation, transfer procedure and other accounting procedures.
- For contract and demand performances
- For taking a survey and given service after dealing
- For providing information regarding to our business activities including our company’s products and services
- Personal information whose want to join us as an employee
- For contact and providing information regarding to recruitment process such as company information
- For inform recruitment process required and announcement of screening results
- For contact relating to human resources and labor and sending recruitment information after making employment decisions
- Personal information whose visits our offices
- For management of entrance/exist logs in order to secure our company
- Personal information whose contacts us
- For answering to inquiry
- Intended use of purposes of using inquiry (prescribed in said paragraph from a to f)
- Employees’ personal information
- For contact relating to our business practices
- For management of human resources and labor
- Personal information of stockholders
- For stockholders’ management including preparation and maintenance of stockholder list
- For the execution of rights and duties based on laws
- For providing convenience against a position as a stockholder
【undisclosed personal information】
- Provided personal information from business partners as test data
- Personal information used in system development, maintenance or other contracts upon requests from business partners will be undisclosed
4. Security control measures for personal information
- Formulation of the basic policy
In order to organizationally ensure the proper handling of personal data, we have established the following basic policies: “Compliance with relevant laws, regulations and guidelines”, “Security control measures”. (” System Friend Information Protection Policy” mentioned above)
- Establishing the discipline of the processing of personal data
We have formulated how to handle personal data when collected, used and stored, and the responsibilities of each staff and manager.
- Organizational security control measures
We have established the manager of handling personal information, clarified the range that the workers handle personal data and reporting requirements to the manager in the fact or sign that the law or handling regulations has been violated or is likely to be violated. Periodic self-assessment is conducted about the condition of handling personal data and audits by other departments or the third parties.
- Human security control measures
We conducted regularly trainings relating to notes of handling personal data for employees.
Matters relating to confidentiality for personal data is written in employment regulations.
- Physical security measures
In the area that handles individual data, we have managed entrance/exist logs of employees and established measures to prevent from viewing person without the authority.
We have prevented from theft or loss of devices handling individual data or electronic media or documents, and established measures in order not to identify individual data such as encryption if moving devices or electronic media.
Adopt means that cannot be restored easily when discards devices that stored individual data or electronic media or documents.
- Technical security measures
Access control is executed, and it is limited the range and staffs of handling personal information database.
We have used the information system handling individual data safely and introduced system to protect against unauthorized external access.
- Understanding external environment
We have established the security control measures with understanding the system relating to the personal information protection in the United States stored individual data. (It may be stored some of the backup individual data in cloud service on oversea regions.)
In addition, we received Privacy Mark and information security managements system certification by a third-party organization, we have kept and improved continuously the system of personal information protection in order to ensure that these security control measures appropriately taken.
5. Provision of personal information to third parties
We appropriately manage personal information collected, we will not use beyond the scope necessary to achieve each purpose without obtaining the prior permission of the person, except in the following cases.
- Situation based on laws and regulations
- In particularly required for the protection of life, persons or property and approval from the relevant person is difficult to obtain.
- If particularly required in order to improve public health or to promote the healthy education of children and obtaining the agreement of the user is difficult.
- If it is required to cooperate with a government organization, local government or a third-party performing affair consigned by them as stipulated in the law and obtaining the consent of the Customer may interfere with the performance of the said affairs.
6. The procedure for responding to requesting disclosure of personal data
We will respond the requests from the person his/herself (including in cases where there is an agent officially appointed) relating to personal data retained or data the third party provided such as below. (Including cases only notification that the request cannot be responded in reasonable reasons)
- Request of disclosure of retained personal data
- Request of disclosure of data the third party provided
- Request for correction of retained personal data
- Request for addition of retained personal data
- Request for deletion of retained personal data
- Stop using or deletion of retained personal data
- Stop providing retained personal data to the third party
Please refer to the “Request procedure for disclosure, etc., of personal data in possession” as regards concrete methods and the required form for requests. In addition, please note that there is a fee charged for requests for disclosure and requests for notification of intended use.
7.Optional provision of providing personal information
We will leave it to the person if his/her personal information is provided or not and the range of provide information; however, it may be hardly possible to fulfill the purpose or limited the range of services available if there is less information provided to fulfil each purpose as mentioned “3. For the use of personal information” above.
Inquiry
For inquiries regarding personal information, please contact the following our personal information protection manager.
In addition, it is available for any complaint relating to personal information to contact the authorized personal information organization we belonged.
Contact desk
- System Friend Inc. personal information protection manager: Teranishi
- TEL: 082-943-9530 FAX: 082-943-9531 (Business hours: 9:00~17:30)
- E-mail:privacy@systemfriend.co.jp
Accredited Personal Information Protection Organization
- JIPDEC, Personal Information Protection Complaints Desk
- Office location: 12F Roppongi First Building, 9-9 Roppongi 1-chome, Minato-ku Tokyo, 106-0032 Japan
- Tel: 03-5860-7565 or 0120-700-779
enacted: December 10, 2007
revised: September 8, 2002