Privacy Policy for Personal Data Subject to GDPR

Privacy Policy

1. Basic Policy on Personal Information Protection

NTT Solmare Corporation (hereinafter referred to as “the Company”) fully recognizes societal demands for the protection of personal information and believes that promotion of the proper handling of personal information is an important social responsibility it must fulfill.

In order to fulfill this responsibility and continue operating as a company with high credibility, the entire Company will strive to protect personal information based on the “NTT Group Information Security Policy” and the basic policy outlined below.

  • The Company will strive for thorough compliance by properly handling personal information according to the provisions stipulated by laws and regulations*1 pertaining to the protection of personal information.
  • The Company will clearly define the purposes for which it uses personal information and properly handle personal information to the extent necessary to achieve those purposes of use. In addition, the Company will strive to keep personal information accurate and updated.
  • In order to properly manage personal information, the Company will establish an internal management system for protecting personal information.
  • The Company will conduct necessary education, training, etc. for its employees who handle personal information in the course of work, and supervise those employees appropriately. In addition, in the case of outsourcing the handling of personal information, the Company will manage and supervise the relevant subcontractor by entering into a confidential agreement, etc. with the subcontractor to ensure that personal information is properly handled.
  • In order to ensure personal information security, the Company will take the necessary security control measures while referring to various standards, guidelines, etc.
  • The Company will appropriately respond to opinions, questions, etc. from customers pertaining to the handling of personal information by the Company.
  • In order to promote greater protection of personal information, the Company will strive to continuously improve the management system, security control measures, and other necessary measures.

Furthermore, the Company recognizes the importance of strictly protecting not only personal information, but also information pertaining to corporate customers and other types of customer organizations. The Company will appropriately handle this information just as it handles personal information.

*1 Examples of laws, regulations, etc. related to the protection of personal information- (Unless otherwise specified, the laws and regulations are those of Japan.)
- Act on the Protection of Personal Information (Act No. 57 of 2003; hereinafter referred to as the “Personal Information Protection Act”)
- Act on the Telecommunications Business (Act No. 86 of 1984)
- Guidelines on the Protection of Personal Information in the Telecommunications Business (Ministry of Internal Affairs and Communications Public Notice No. 695 of 2004)
- Policy on Measures to be Implemented by Companies to Secure the Proper Handling of Personal Information in Employment Management (Ministry of Health, Labor and Welfare Public Notice No. 259 of 2004)

2. Policy concerning the Practical Use of Personal Information

  • Purposes of Use
    With regard to personal information (personal information as defined in Article 2 of the Personal Information Protection Act; hereinafter the same meaning shall apply.)*2 handled in connection with the provision, sale, etc. of information-providing services or digital content delivery services, etc., the Company specifies the purposes of use as follows.

    *2 Personal Information
    With regard to customers other than individuals, this personal information Includes personal information on the representatives, officers, employees, etc. of those customers that is used by Company in providing, selling, etc. information-providing services or digital content delivery services, etc. Hereinafter the same meaning shall apply.

    (i) The personal information below, that is, information the Company handles when customers order, use, or make inquiries about information-providing services or digital content delivery services, etc., will be used to the extent necessary for verifying the identities of customers, controlling credit, providing information-providing services or digital content delivery services, etc., calculating and invoicing charges for information-providing services or digital content delivery services, etc., and making contact with customers in relation to the above, etc.

    In addition, the information will be used to the extent necessary to introduce and propose information-providing services and digital content delivery services, etc., implement measures to improve and enhance quality and customer satisfaction, etc. (including questionnaires), plan and develop new information-providing services or digital content delivery services, etc., manage and improve facilities related to the provision of the services, and conduct any other business related to the information-providing services or digital content delivery services, etc..

    Even after a contract with a customer is terminated by withdrawal, etc., the personal information may still be used within the scope of the above purposes of use.

    - Name, sex, address, telephone number, and e-mail address of the customer, and machinery, services, or products the customer uses
    - Contact information on the customer (name, address, telephone number, e-mail address, etc.)
    - Name, address, telephone number, etc. for billing, the account number at the designated financial institution, the account name and credit card number, the payment history, etc.
    - Items classifiable as personal information among the information items recorded in documents provided by the customer for verification of the customer’s identity
    - Other items classifiable as personal information among the information items the Company handles when customers apply for, use, or make inquiries about the information-providing services or digital content delivery services

    (ii) The personal information below, that is, information the Company handles when the Company’s customer contact point receives questions, requests, etc. (including proposals for the disclosure of personal information, etc.; hereinafter the same shall apply), may be used not only to the extent necessary to handle the contents of the relevant questions, requests, etc., but also to the extent necessary to improve the quality of information-providing services or digital content delivery services or develop new information-providing services or digital content delivery services based on the contents of the opinions, questions, etc. expressed by customers.

    - Name, address, telephone number, email-address, etc. of the customer who submits the questions or requests
    - Other items classifiable as personal information among the contents of the questions and requests

    (iii) The personal information below, that is, information the Company handles when customers participate in questionnaires and other surveys conducted by the Company or apply for prize competitions or members-only programs (hereinafter referred to as “Participation in Questionnaires, etc.”), may be used to the extent necessary to send materials required for questionnaires and other surveys, rewards for questionnaires and other surveys, and gifts for prize competitions, to improve the quality of services, etc., to develop new information-providing services and digital content delivery services, etc., and to introduce the Company’s information-providing services and digital content delivery services, etc.

    - Name, address, telephone number, e-mail address, age, date of birth, occupation, sex, etc. a customer provides the Company when participating in a questionnaire or another survey
    - Other items classifiable as personal information among the information items a customer provides to the Company when the customer participates in a questionnaire, etc.

    (iv) Personal information that the Company handles when conducting business consigned by other business entities (sales, brokerage, surveys, etc. for the products or services of other business entities) may be used to the extent necessary for conducting the consigned business. If the Company consigns part of its business, personal information received from the relevant subcontractor may be used to the extent necessary for the business.

    (v) Pursuant to item 1 of paragraph 4 of Article 23 of the Personal Information Protection Act, personal information that the Company handles may be provided to other business operators to which the Company consigns its business. In addition, personal information may be provided to a third party in accordance with the provisions stipulated in the Company’s contracts and agreements, the Personal Information Protection Act, and other applicable laws and regulations.
  • Basic Concept on Security Control Measures
    The Company will strive to conduct the measures below for the secure control of personal information when it handles the personal information.

    (i) Technical Protection Measures
    -The Company will strive to prevent unauthorized access to or the divulgence, loss, or damage of personal information by taking appropriate measures to control access to personal information, limit the means of transfer, and protect against unauthorized access from outside, etc.

    (ii) Organizational Protection Measures
    - The Company will appoint a person responsible for the protection of personal information at each organization handling personal information and make clear the responsibility and authority.
    - In order to securely manage personal information, the Company will establish company regulations, manuals, etc., have its employees who handle personal information in the course of work comply with them, and appropriately manage and supervise the compliance.
    - By implementing proper education and training for its employees who handle personal information in the course of work, the Company will strive to enhance every employee’s awareness in order to ensure that every employee fully recognizes the importance of personal information and handles personal information appropriately at all times.
    - When outsourcing the handling of personal information, the Company will manage and supervise the relevant subcontractor by entering into a confidential agreement, etc. with provisions to ensure that personal information is properly handled.
  • Personal Information from Children
    The Company’s websites, information-providing services, and digital content delivery services for the United States are not intended to be used by children under the age of 13, and the Company does not knowingly collect personal information from anyone under the age of 13, knowingly allow such persons to register, and does not use or disclose such information to third parties. Children under the age of 13 should not use the Company’s websites, information-providing services, or digital content delivery services at any time. If a child under 13 submits personal information to the Company without verification of parental consent and the Company finds that the person submitting the information is a child under 13 or that no parental consent has been confirmed, the Company will delete the information immediately.
  • Procedures for Disclosure, etc.
    The Company has established the following procedures for responding to requests from customers for the disclosure of personal information or disclosure of the purpose of use of personal information (hereinafter referred to as “Disclosures”), or for corrections, additions to, deletions, or suspensions of use of personal information, or suspensions of the provision of personal information to third parties (hereinafter referred to as “Corrections”) (hereinafter such requests are referred to as “Requests for Disclosures and Corrections”).

    (i) Requests for Disclosures and Corrections
    - e-mail: info@nttsolmare.com

    (ii) Procedures for Disclosures and Corrections

    a. Procedures for Disclosures

    - The Company will respond to a request for Disclosures from a customer in writing. In this case, the customer shall make the request for Disclosures made by submitting a form designated by the Company in advance.

    - Even if a customer requests Disclosures, the Company may refrain from disclosing, etc. a part or all of the information in accordance with the provisions of the Personal Information Protection Act. In this case, the Company will inform the customer that the information will not be disclosed, and explain why. The Company may refrain from disclosing a part or all of requested personal information to a representative, if such disclosure of personal information would violate the secrecy of communications or could conceivably harm a person’s life, body, property, or other rights or interests.

    - Customers who want to request Disclosures can do so by contacting the Company’s customer contact point mentioned above.

    b. Procedures for Corrections

    - Upon receiving a request from a customer for Corrections, the Company will investigate the contents of the request. In this case, the customer shall make the request for Corrections by submitting a form designated by the Company in advance.

    - If, as a result of the investigation, the Company agrees that the existing contents of personal information is incorrect or that the handling of such personal information is improper, the Company will make the Corrections.

    - Even if a customer requests Corrections, the Company may refrain from correcting, etc. a part or all of the information in accordance with the provisions of the Personal Information Protection Act. In this case, the Company will inform the customer that the corrections will not be made, and explain why.

    - Customers who want to request Corrections can do so by contacting the Company’s customer contact point mentioned above.

    (iii) Verification of Identity of Customer, etc.

    - When a Request for Disclosures or Corrections is made, a written document verifying the identity of the customer (a copy of an official form of identification such as a driver’s license or passport) or verifying that the person who submits the request is in fact a representative of the customer whose personal information is involved the request (a certification) will be required.

    (iv) Handling charges etc. for Requests for Disclosure, etc.
    - Handling charge: JPY 1,050 (consumption tax included)
    - Billing method: A bill will be sent for each request.
  • Contact Point for Opinions, etc. regarding the Handling of Personal Information
    The Company’s customer contact point for any questions and requests regarding the handling of personal information in the provision or sale of the Company’s information-providing services and digital content delivery services is as follows.
    - e-mail: info@nttsolmare.com

3. Revisions

The Company may revise a part or all of the content of this privacy policy. If the policy is revised, the Company will make the revisions public by posting the updated content on this website, etc.

November, 2011