Privacy Policy
LQUOM, Inc. (the “Company”) understands the importance of protecting personal information, and will observe the Act on the Protection of Personal Information (the “Act”) and endeavor to handle and protect personal information in an appropriate manner in accordance with this Privacy Policy (the “Privacy Policy”). Unless otherwise provided herein, the definitions of the terms used herein shall be in accordance with the Act.
-
DEFINITION OF PERSONAL INFORMATION
For the purpose of the Privacy Policy, “personal information” shall mean personal information defined in Paragraph 1 of Article 2 of the Act.
-
PURPOSE OF USE OF PERSONAL INFORMATION
The Company shall use personal information for the following purposes:
-
Customer and User Information
- Provision of the Company’s service and products (hereinafter referred to as the “Services, etc.”);
- Notifications and responses to inquiries, with respect to the Company’s service Services, etc.;
- Announcement regarding the Company’s Services, etc.;
- Dealing with breach of the Company’s terms of use, policy, etc. (the “Terms”), with respect to the Company’s service;
- Notifications of amendment to the Terms of the Company’s Services, etc.
- mprovement of the Company’s Service, etc and development of new Services, etc.;
- Creation of statistics data which is processed so that no particular individuals shall be identified, in connection with the Company’s Services, etc.;
- Analysis of acquired customer and user information, such as attributes and preferences, etc., and display of contents, advertisements, etc. of the Company’s Services, etc. or third party services optimized for such attributes and tastes, and delivery of messages using e-mail, SMS, online chat, notifications on browsers, etc.;
- Implementation of sweepstakes, campaigns, etc.;
- Performance of the Company’s customer success and customer support services;
- Distribution of behavioral targeting advertisements using ad-serving providers such as Google and Yahoo!;
- Analysis of attribute information, action history, etc. obtained by the Company to understand customers’ interests, tastes, etc.;
- Organization, operation management, and announcement of various events such as exhibitions, seminars, etc.; or
- Other purposes related to the above purposes.
-
Employee Information
- Employment management and internal procedures;
- Payment of salaries, bonuses, etc.;
- Business communications;
- Notifications, reports, etc. to government and municipal offices, such as for preparing withholding tax certificates for income;
- Investigation of activities prohibited by employment regulations, employment contracts, etc.; or
- Other purposes related to the above purposes.
-
Recruitment Applicant Information
- Selection and communication in recruitment activities;
- Implementation of hiring procedures; or
- Other purposes related to the above purposes.
-
Subcontractor Information
- Business communication;
- Payment of outsourcing fees, etc.;
- Administration related to the preparation of payment records for remuneration, fees, contracts, and rewards;
- Investigation of activities prohibited by contracts, etc.; or
- Other purposes related to the above purposes.
-
Shareholder Information
- Shareholder management and handling of procedures required by the Companies Act and other laws and regulations;
- Notification and communication with shareholders;
- Notification, reporting, etc. to government and municipal offices; or
- Other purposes related to the above purposes.
-
-
CHANGE OF PURPOSE OF USE OF PERSONAL INFORMATION
The Company may change the purpose of use of personal information to the extent that the purpose of use after the change is reasonably recognized to be related to the original purpose of use. When the purpose of use has been changed, the Company shall notify the person which can be identified by the personal information (the “Principal”) of, or publicly announce the purpose of use after the change.
-
RESTRICTION ON USE OF PERSONAL INFORMATION
The Company shall not use personal information, without the consent of the Principal, beyond the scope necessary for the achievement of the purpose of use, unless permitted by the Act or other laws or regulations; provided, however, that this provision shall not apply if such use is:
- based on laws and regulations;
- necessary for the protection of the life, body or property of an individual and it is difficult to obtain the consent of the Principal;
- specially necessary for improving public health or promoting the sound growth of children and it is difficult to obtain the consent of the Principal; or
- necessary for cooperating with a national government, a local government, or a person or entity entrusted thereby in executing the affairs prescribed by laws and regulations and acquisition of the consent of the Principal may impede the execution of the affairs concerned.
-
PROPER ACQUISITION OF PERSONAL INFORMATION
The Company shall acquire personal information by proper means, and shall not acquire it by a deception or other wrongful means.
Except in the following cases, the Company shall not acquire special care-required personal information (defined in Paragraph 3 of Article 2 of the Act) without obtaining a prior consent of the Principal.
- cases where such acquisition falls under any of Items of Article 4;
- ases where the special care-required personal information is being made available to the public by the Principal, a government organization, a local government, a person set forth in Items of Paragraph 1 of Article 57 of the Act or other persons prescribed by the rules of the Personal Information Protection Commission;
- cases where the Company acquires special care-required personal information clearly recognized from the Principal’s appearance by seeing or taking pictures; or
- cases where the Company receives special care-required personal information from a third party and such provision of the information by the third party falls under any of Items of Article 7.1.
When the Company receives personal information from a third party, the Company shall confirm the following matters pursuant to the rules of the Personal Information Protection Commission, except where such provision of the personal information by the third party falls under any of Items of Article 4 or any of Items of Article 7.1.
- the name or appellation and address of the third party and, for a corporate body, the name of its representative (for a non-corporate body having appointed a representative or administrator, such representative or administrator)
- circumstances under which the personal information was acquired by the third party
-
SECURITY CONTROL OF PERSONAL INFORMATION
The Company shall take necessary and appropriate security control measures to ensure the security control of personal information against the risk of loss, destruction, alteration or leakage, including sufficient and appropriate supervision of employees, establishment of a personal information manager, maintenance of internal discipline, access control, restriction of equipment brought into the company, restriction of access to information, and measures to prevent unauthorized access. When the Company entrusts a third party with the handling of personal information in whole or in part, the Company shall sufficiently and appropriately supervise the third party to ensure the security control of personal information. For questions regarding security control measures, please contact the Company using the inquiry form in Section 13.
-
PROVISION TO A THIRD PARTY
The Company shall not provide personal information to a third party without the prior consent of the Principal, except where such provision falls under any of Items of Article 4; provided, however, that the following cases shall not be regarded as the provision to a third party:
- Cases where the Company provides personal information accompanied by entrustment to a third party with the handling of personal information within the scope necessary for the achievement of the purpose of use;
- Cases where personal information is provided as a result of the succession of business in a merger or otherwise; or
- Cases where personal information is used jointly with others in accordance with the provisions of the Act.
Notwithstanding Article 7.1, in cases where the Company provides personal information to a third party (excluding a party establishing a system conforming to the standards specified by the rules of the Personal Information Protection Commission based on Article 28 of the Act) in a foreign country (excluding countries specified by the rules of the Personal Information Protection Commission based on Article 28 of the Act), the Company shall obtain the Principal’s prior consent to the effect that the Principal approves the provision to a third party in a foreign country, except where such provision falls under any of Items of Article 4.
When the Company has provided personal information to a third party, the Company shall make and maintain a record pursuant to Article 29 of the Act.
When the Company receives personal information from a third party, the Company shall conduct necessary confirmation pursuant to Article 30 of the Act, and make and maintain a record concerning such confirmation.
-
DISCLOSURE OF PERSONAL INFORMATION, ETC.
In cases where the Company is requested by the Principal to disclose the personal information (including disclosure of records of provision or receipt of personal data to third parties) or notify of the purpose of use under the Act, the Company shall, after confirming that the request is made by the Principal itself, disclose the personal information or notify the purpose to the Principal without delay (in cases where the Company does not have such personal information, the Company shall notify the Principal to that effect); provided, however, that this provision shall not apply to cases where the Company is not obliged to disclose such personal information under the Act or other laws or regulations. Please note that the Company will charge the fee (1,000 yen per disclosure) to the Principal in connection with the disclosure of the personal information.
-
CORRECTION, ETC. OF PERSONAL INFORMATION
In cases where the Company is requested by the Principal to correct, add or delete the personal information under the Act on the ground that such personal information is contrary to the facts, the Company shall, after confirming that the request is made by the Principal itself, conduct a necessary investigation without delay within the scope necessary for the achievement of the purpose of use, and on the basis of the result, correct, add or delete the personal information and notify the Principal to that effect (in cases where the Company decides not to make such correction, addition or deletion, the Company shall notify the Principal to that effect); provided, however, that this provision shall not apply to cases in which the Company is not obliged to make such correction, addition or deletion under the Act or other laws or regulations.
-
DISCONTINUANCE OF THE USE, ETC. OF PERSONAL INFORMATION
In cases where the Company is (i) requested by the Principal to discontinue using or to erase the personal information under the Act on the ground that such personal information is being handled beyond the purpose of use publicly announced in advance, may encourage or induce illegal or unjust acts or has been acquired by a deception or other wrongful means, or (ii) requested by the Principal to discontinue providing the personal information under the Act on the ground that such personal information is provided to a third party without the Principal’s consent, and where it is found that the request has a reason, the Company shall, after confirming that the request is made by the Principal itself, discontinue the use of or erase the personal information, or discontinue the provision of the personal information, without delay and shall notify the Principal to that effect; provided, however, that this provision shall not apply to cases in which the Company is not obliged to make such discontinuance of use or erasure, or discontinuance of provision, under the Act or other laws or regulations.
-
TREATMENT OF ANONYMOUSLY PROCESSED INFORMATION
When the Company produces anonymously processed information (defined in Paragraph 6 of Article 2 of the Act and limited to those constituting anonymously processed information database, etc. prescribed in Paragraph 6 of Article 16 of the Act; hereinafter the same shall apply), the Company shall process personal information in accordance with the standards prescribed by the rules of the Personal Information Protection Commission.
When the Company has produced anonymously processed information, the Company shall take measures for the security control in accordance with the standards prescribed by the rules of the Personal Information Protection Commission.
When The Company has produced anonymously processed information, the Company shall disclose to the public the items of information relating to the individuals contained in the anonymously processed information pursuant to the rules of the Personal Information Protection Commission.
When the Company provides a third party with the anonymously processed information (including the same produced by the Company and the same received by the Company from a third party; hereinafter the same shall apply unless otherwise provided in the Privacy Policy), the Company shall disclose to the public the items of information concerning the individuals contained in the anonymously processed information to be provided to a third party and the method of provision thereof, and state to the third party explicitly that the information being provided is anonymously processed information, in advance pursuant to the rules of the Personal Information Protection Commission.
When the Company handles the anonymously processed information, the Company shall not (1) collate the said anonymously processed information with other information, or (2) acquire descriptions, etc. or individual identification codes deleted from personal information, or information relating to the processing method carried out pursuant to Paragraph 1 of Article 43 of the Act ((2) shall be applied only to the anonymously processed information provided by a third party) in order to identify the individuals concerned with the personal information used to produce the anonymously processed information.
The Company shall make efforts to take measures necessary to ensure the proper handling of the anonymously processed information, including measures necessary and appropriate for the security control of the anonymously processed information and dealing with complaints about the handling, including producing, of the anonymously processed information, and make efforts to disclose to the public the content of such measures taken.
-
USE OF COOKIES AND GOOGLE ANALYTICS
The Company may use Cookies or similar technologies. Such technologies help the Company to recognize the status of use of the Company’s service, etc. and contribute improvement of the service. When a user intends to disable cookies, the user may disable cookies by changing the web browser’s settings. Please note that when cookies are disabled, a part of the service may be unavailable. In addition, the Company uses Google Analytics to monitor the usage of its website. For more information on Google Analytics, including data collection and processing methods, please refer to the following URLs
https://marketingplatform.google.com/about/analytics/terms/jp/ www.google.com/intl/ja/policies/privacy/ www.google.com/intl/ja/policies/privacy/partners/ -
CONTACT
With respect to requests for disclosure, etc., comments, questions, complaints and other inquiries regarding the handling of personal information, please contact the following contact form.
https://lquom.com/en/#index_contact -
CONTINUOUS IMPROVEMENT
The Company shall endeavor to review timely the status of the operation regarding handling of personal information and to improve such operation continuously. The Company may amend this Privacy Policy as necessary.
-
HANDLING OF PERSONAL DATA PROVIDED ON THE BASIS OF AN ADEQUACY DECISION
With regards to personal data provided to Company based on an adequacy decision, in addition to the provisions of the preceding Articles, the provisions in this Article shall apply, and when the provisions in this Article differ from the provisions in the preceding Articles, the provisions in this Article shall prevail.
Definitions
“EU” means European Union that includes the member states of European Union, as well as Iceland, Lichtenstein and Norway under Agreement on the European Economic Area (EEA).
“GDPR” means REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
“Adequacy Decision” means the decision by the European Commission under Article 45 of GDPR to recognize that a certain country, territory, etc. ensures an adequate level of protection about personal data.In the event that personal data provided from the EU region on the basis of the Adequacy Decision contains information regarding sex life, sexual orientation, or labor union which are defined in the GDPR as “Special Categories of Personal Data”, such information shall be treated as special care-required personal information under the Act.
Personal data that the Company has received from the EU region on the basis of the Adequacy Decision shall be treated as retained personal data as set forth in Paragraph 4 of Article 16 of the Act, regardless of the period for the retention before the deletion of such information, unless such data falls under the category of “those prescribed by cabinet order as likely to harm the public or other interests if their presence or absence is made known” as set forth in the said paragraph.
When the Company receives personal data from the EU region on the basis of the Adequacy Decision, the Company shall confirm and keep a record of the history of acquisition, pursuant to Paragraphs 1 and 3 of Article 30 of the Act, regarding such personal data including the purposes of use specified at the time when personal data was provided from the EU region.
In the event that the Company receives personal data from another personal information handling business operator that has received personal data provided from the EU region on the basis of the Adequacy Decision, the Company shall confirm and keep a record of the history of acquisition, pursuant to Paragraphs 1 and 3 of Article 30 of the Act, regarding such personal data including the purposes of use specified at the time when personal data was provided.
With respect to personal data that has been confirmed and kept record of in accordance with 15.4 or 15.5, the Company shall specify the purposes of use regarding such data within the scope of the purposes of use specified at the beginning or when such personal data was provided and shall use such personal data within the specified purposes of use.
In the case the Company provides personal data provided from the EU region on the basis of the Adequacy Decision to a third party in a foreign country, the Company shall obtain the Principal’s prior consent to the effect that it approves the provision of its personal data to the third party in a foreign country on the condition that the Company shares the information in relation to the circumstances of the receiving party necessary for the Principal to make a decision concerning the consent under Article 7.2.
As to Personal data provided from the EU region on the basis of the Adequacy Decision, it shall be deemed as the Anonymously Processed Information only if the Processing Method etc. related Information shall be deleted and nobody may be able to re-distinguish the anonymized personnel. The Processing Method etc. related Information means the information (limited to those which can restore the personal information by use of such relating information) relating to those descriptions etc., and individual identification codes which were deleted from personal information used to produce anonymously processed information and information relating to a processing method carried out pursuant to the Paragraph 1 of Article 43 of the Act.
-
Name, address and name of representative of the business operator handling personal information
LQUOM, Inc.
〒240-0067
79-5 Tokiwadai, Hodogaya-ku, Yokohama-shi, Kanagawa 240-0067
CEO: Kazuya Niizeki
Effective as of August 29, 2022