Privacy policy

This Privacy Policy has been created in accordance with Japanese law.

 

This Privacy Policy has been prepared in accordance with the "Act on the Protection of Personal Information" (Act No. 57 of 2003, hereinafter referred to as the "Personal Information Protection Act") and outlines the organizational measures taken by Mono's Co., Ltd. (hereinafter referred to as "the Company") to ensure the proper handling of personal data.

 

1. Acquisition and Use of Personal Information

The Company will publicly announce or notify the purpose of use when acquiring personal information (including public disclosure through this policy). When obtaining personal information directly from individuals through contracts or other documents (including electronic records), the Company will specify the purpose of use in advance and acquire the information by legal and fair means.

The Company will use personal information appropriately within the necessary scope to achieve the specified purposes.

 

2. Purpose of Use of Personal Information

The Company will use customers' personal information for the following purposes:

  • To provide the Company's services
  • To provide information about services offered by the Company’s partner companies
  • To develop, improve, or enhance the Company's services
  • To provide customers' personal information to subcontractors or third parties within the necessary scope for fulfilling contracted tasks
  • To provide event organizers with necessary information for events planned and conducted independently or in collaboration with the Company or its partners
  • To contact customers regarding events, provide guidance, send materials or invoices, and respond to inquiries
  • To analyze event outcomes and utilize them for planning and developing new events
  • To respond to inquiries and consultations from customers, as well as for confirmation and record-keeping
  • To manage customer information and communicate with customers, including emergency contact if necessary
  • To communicate business-related matters, fulfill contracts, and conduct business negotiations
  • To contact customers regarding other relevant matters

 

3. Provision of Personal Data to Third Parties

The Company will not provide customers’ personal data to third parties except in the following cases:

  • When prior consent has been obtained from the customer
  • When outsourcing within the necessary scope to achieve the intended purpose
  • When required by law
  • When necessary to protect human life, body, or property, and it is difficult to obtain the customer's consent
  • When particularly necessary for improving public health or promoting the healthy upbringing of children, and obtaining the customer's consent is difficult
  • When cooperation with a national or local government authority is required by law, and obtaining the customer's consent may interfere with the execution of such duties

 

4. Security Control Measures

The Company will take necessary and appropriate security control measures to prevent the leakage, loss, or damage of personal data. The Company will also properly supervise employees and subcontractors (including secondary subcontractors) who handle personal data. Details of these measures are specified separately in the "Personal Information Handling Regulations."

 

(Establishment of Personal Information Protection Policies)

To ensure the proper handling of personal data, the Company has established policies regarding compliance with relevant laws and guidelines, as well as handling inquiries and complaints.

 

(Development of Regulations on Personal Data Handling)

The Company has established internal regulations for each stage of personal data handling, including acquisition, use, storage, provision, deletion, and disposal. These regulations specify handling methods, responsible personnel, and their duties.

 

(Organizational Security Control Measures)

The Company has appointed a manager responsible for handling personal data and has defined the scope of personal data that employees can access. If any violation of the Personal Information Protection Act or internal handling regulations is detected, a reporting system to the Personal Information Protection Manager is in place. The Company also conducts regular self-inspections and audits by other departments or external parties.

(Human Security Control Measures)

The Company conducts periodic training sessions for employees on personal data handling and includes confidentiality obligations related to personal data in its employment regulations.

 

(Physical Security Control Measures)

Access control is implemented in areas where personal data is handled, restricting entry and device usage. Measures are also taken to prevent unauthorized access to personal data by unauthorized individuals. The Company also implements precautions to prevent theft or loss of devices, electronic media, and documents containing personal data, including secure transport measures.

 

(Technical Security Control Measures)

Access control is implemented to limit the scope of personal information databases that employees can access. The Company has introduced security measures to protect personal data from unauthorized access or malware attacks.

5. Requests for Disclosure, Correction, or Deletion of Retained Personal Data

If you wish to inquire about, correct, suspend the use of, or delete your retained personal data, the Company will promptly respond after verifying your identity through the prescribed procedures. If you have any questions or wish to exercise your rights regarding this Privacy Policy, please contact the inquiry desk listed in section 6.

 

6. Contact Information

For inquiries regarding the handling of personal information, please contact the following:

Mono's Co., Ltd. Personal Information Consultation Desk
E-mail: info@wearemonos.co.jp

Business Hours: Monday to Friday, 10:00 AM to 5:00 PM JST (excluding holidays and year-end/New Year holidays)