Policy on Protection of Personal Information

Policy on Protection of Personal Information

If the user is an individual located in the European Union or European Economic Area, please refer to the GDPR Privacy Policy as it will apply.

Drecom Co., Ltd. (hereinafter, the "Company") has recognized the significance of our social responsibilities as an enterprise and has made efforts to appropriately handle the personal information (as defined under the Act on the Protection of Personal Information (hereinafter, the "Personal Information Protection Act")).
By complying with the Personal Information Protection Act, related laws and regulations, and guidelines and other rules set forth by the government, we hereby set forth this "Personal Information Protection Policy" (hereinafter, the "Privacy Policy")upon selling the Internet solutions for corporations and providing web services for individuals as part of our business activities for the purpose of properly handling the personal information in accordance with our voluntary rules and system that are adequate for our corporate philosophy and business.
The Company shall make effort to protect personal information by ensuring that all officers and employees of the Company will comply with, enforce, maintain, and continuously improve this Policy and our internal rules pertaining to the protection of personal information.

  1. Acquisition and Use of Personal Information
    The Company shall specify the purposes of use of the personal information obtained as explicitly as possible and make them public in advance. In the event where the personal information stated in written document (including the electromagnetic records) such as contracts is obtained directly from the person himself/herself, the purposes of use thereof shall be clearly specified to the person in advance. Please see the <Purposes of Use of Personal Information> for the details of the purposes of use.
    The Company shall obtain personal information within the scope necessary to achieve such purposes of use by taking fair and appropriate measures. Except in cases where there are justifiable reasons such as where consent is given by the relevant person or where required under law, the personal information shall only be used to the extent necessary for the achievement of such purposes of use and shall not be used for the use beyond the scope necessary to achieve the purposes of use (use beyond the intended scope).
    The Company shall not provide any personal information to a third party (including personally identifiable information where a third party is expected to acquire personal identifiable information as personal data) without consent from the relevant person unless permitted under the Personal Information Protection Act or other laws. In the event where the personal information (including personal identifiable information stated above) is to be provided to any third party, it shall be done under strict management in accordance with the Personal Information Protection Act, etc. With respect to the personal information we obtain, we use cloud services provided by a U.S. company, but no third parties located in foreign countries handle the personal information, and we do not conduct cross-border transfers of personal information.

  2. Purposes of Use of Personal Information

    Personal Information of Users
    ・Sending advertisements and invitations with respect to services and events
    ・Provision of customer support services
    ・Responding to inquiries and consultations
    ・Development of games, conducting of questionnaires and monitoring
    ・Contract fulfillment
    ・Distribution of advertisements and contents based on terminal information, locational information, activity logs, etc.
    ・Communication with respect to the delivery and/or recall of products
    ・Conducting of campaigns, granting of points and delivery of awards for the campaigns
    ・Analysis and research on the number of accesses, site transitions, campaign participation, etc. using Google Analytics (http://www.google.com/intl/ja/policies/privacy/partners/), etc. in a manner that does not identify individuals

    Personal Information of Shareholders
    ・Exercise of rights and performance of obligations under law
    ・Provision of various facilities (such as hospitality programs for shareholders)
    ・Implementation of various policies for shareholders (such as questionnaires)
    ・Shareholder management in accordance with the law (such as creation of shareholder data)

    Personal Information of Government Agency Staffs and Government Officials
    Communication and inquiries to the competent government agencies required for business

    Personal Information of Officers and Employees of Other Companies including Clients
    Communication required for business, management of client information, and payment and income processing

    Personal Information Entrusted by Clients
    Performing contracts pertaining to the entrusted services

    Personal Information of Job Applicants
    ・Provision of company profile, job information, etc. for hiring
    ・Acceptance of applications, implementing the hire, and communication required for recruitment
    ・Notifications required for hiring (notification of the posting, notices of various events such as job offer orientation and welcoming ceremony)

  3. System for Protection of Personal Information
    The company shall appoint a manager (personal information protection manager) to manage personal information properly and put in place an internal system clarifying his/her role and responsibilities.

  4. Safety Management Measures
    The Company shall take preventive, corrective, and other safety management measures necessary and appropriate in accordance with internal rules such as the Basic Rules for the Protection of Personal Information for the prevention of unauthorized access, theft, loss, extinguishment, destruction, falsification, damage, leakage, etc. of personal information.
    In the event where the processing of personal information is outsourced to any third party, the Company shall enter into an agreement setting forth the protection of personal information and manage and supervise such third party to secure a proper management thereof.

  5. Compliance of Laws, Regulations, and other Rules related to Personal Information
    The Company shall comply with the Personal Information Protection Act, related laws and regulations, and guidelines and any other rules set forth by the government.

  6. Request for Disclosure, etc. of Personal Information and Inquiry
    The Company shall make efforts to maintain the obtained personal information and personal data accurate and up to date. For any requests regarding disclosure, correction, addition, deletion, suspension of use, removal, provision to third parties of the personal information, or disclosure of records of third-party provisions, please send to the Personal Information Consultation Desk below, enclosing your identification. The Company shall respond after confirming your identity. For any other requests (complaints or consultation) with respect to the handling of the personal information, please contact the Personal Information Consultation Desk below by sending the request by mail or e-mail.

    Drecom Co., Ltd. Personal Information Consultation Desk
    E-mail:privacy@drecom.co.jp
    ThinkPark Tower 19F
    2-1-1 Osaki,
    Shinagawa-ku, Tokyo
    141-6019, Japan

  7. Efforts for Continuous Improvement
    The company shall continuously review the personal information management system and make efforts to improve for the purposes of preventing the unauthorized access, theft, loss, extinguishment, destruction, falsification, damage, and leakage by coping with the variation of business, amendments to the laws and regulations, and guidelines and other rules set forth by the government surrounding the business, and the changes to the social and IT environment.

  8. Disclosure for Users Residing in California, U.S.
    The Company hereby discloses the following matters to the users residing in California, U.S., in accordance with the CCPA (California Consumer Privacy Act):

    (1) The Company will disclose the categories and contents of the personal information obtained pursuant to the CCPA.
    ① Identifiers: e-mail address, account ID, etc.
    ② Personal information designated by the California Law (personal information categories listed in the California Customer Records statute): name, address, phone number, etc.
    ③ Commercial information: Payment history, etc.
    ④ Internet or other similar network activities: play data, transition history from games to external links, etc.
    ⑤ Geolocation data: users' geolocation data and information relating to migration paths, etc.

    (2) The Company may share the personal information obtained with the following third parties:
    ① Those who provide services of payment processing, data analyzing, marketing, e-mail transmission, hosting, and customer services on our behalf, as well as those who provide support to the Company
    ② Those to whom disclosure is statutorily required

    (3) The Company will use the personal information obtained for the purposes described in "2. Use of Acquired Information."

    (4) Users have the right to request the following matters with respect to the personal information collected and used by the Company:
    ① Right to access the personal information
    ② Right to request the deletion the personal information
    ③ Right of not being discriminated
    ④ Right to opt out with respect to the sale of personal information
     Please contact below if you wish to exercise any of the rights above:
    Drecom Co., Ltd.
    Address: 2-1-1 Osaki, Shinagawa-ku, Tokyo, Japan
    E-mail address: privacy@drecom.co.jp
    We may ask you to provide us with your identification before we respond to your request. Please be advised that we may not be able to respond to your request, if you refuse to provide your identification. The Company shall make its faithful effort to appropriately respond and answer to the users' requests. However, we may not be able to respond due to legal or technical reasons, in which case, we will explain such reasons to the users.

    (5) Residents of California, U.S., may request the Company to refrain from selling their personal information pursuant to the CCPA. Please contact us at the contact point in the Service if you wish to opt out the sale of your personal information.

    (6) In the event where the CCPA applies, the Company will amend this Privacy Policy at least once a year.

Established as of November 16, 2022

Drecom Co., Ltd.
Yuki Naito, Representative Director and President