【1. Our privacy statement】
We request that you review this Policy. If you do not want us to use your personal information as described in this policy, please do not provide us with your personal information. Please note that if you do so, we may not be able to provide you with our services, you may not be able to access and/or use certain features of the website, and your customer satisfaction may be affected.
【2. Use of your personal information】
We will always process your personal information in accordance with one of the legal bases set forth in the GDPR (Articles 6 and 7 of the GDPR). We will also always process sensitive information such as trade union membership, religious views, and health status in accordance with the special standards set forth in the GDPR (Articles 9 and 10 of the GDPR).
We may collect and process your personal information for the purposes detailed below, which are necessary to pursue our legitimate interests and to provide you with appropriate services and products.
To ensure that the content of our site is presented in the most effective manner for you.
to inform you about changes to our services
administer your account
Provide you with our services.
Inform you about our policies and terms.
Improve safety and security by monitoring for fraud and investigating suspicious or potentially illegal activity or violations of our policies and terms.
Provide, improve, and create services and advertising.
Use personal information for purposes such as data analysis, research, and auditing.
Ensure business continuity.
In addition, with your express prior consent, we may collect and process your personal information for the following purposes
Provide you with information that may be of interest to you.
enable you to participate in interactive features of our services (if you so choose)
manage your newsletter subscriptions and contact information.
share your personal information with third parties (our partners) who may provide you with information about their products and services
Perform business analysis.
You may withdraw your consent at any time. However, the withdrawal of consent will not affect the legality of the processing of your personal information based on the consent you gave before the withdrawal.
We process your data for the explicit, legitimate purposes identified above and will not further process that data in a manner incompatible with those purposes. We will always inform you if we intend to process data originally collected for one purpose for another. We will retain your personal data for as long as is necessary to comply with our legal obligations, to ensure the provision of appropriate services, and to maintain our business activities (Articles 5 and 25 (2) of the GDPR).
【3. Types of personal information we use】
For the purposes specified in this policy, we may collect the following categories of personal information
- Job title
- Home address
- Location data
- (e-mail address)
- Phone number
- Online identifier (IP address, cookie identifier)
We may obtain personal information about you directly from you if you decide to provide it to us (i.e., when you fill out a form that appears on the website) or indirectly if your personal information is provided to us by your electronic communication terminal device or Internet browser. We may obtain your personal information directly from you (i.e., when you fill out forms that appear on the Web site) or indirectly if your personal information is provided to us by your electronic communication terminal or Internet browser. We will ensure that the personal information processed is suitable, relevant, and limited to what is necessary in connection with the purpose of the processing.
【4. Sharing of Personal Information】
In accordance with GDPR, we may share your personal data with Osaka Research Foundation for Regional Development Utsuwa Project employees. When sharing your data with data processors, we will establish an appropriate legal framework covering the transfer and processing of data (Articles 26, 28, and 29 of the GDPR). Furthermore, if we share your data with organizations outside the EEA, we will ensure that the appropriate legal framework covering the transfer and processing of such data is in place, in particular the standard contractual clauses between controllers (2004/915/EC) and between controllers and processors (2010/87/EU) as approved by the European Commission (GDPR Article 26). 87/EU) as appropriate (Article 44 GDPR and below).
We may share your personal information with companies that provide various services for us, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling customer orders, data analysis, providing customer service, and conducting customer surveys and satisfaction studies. We may share your personal information with companies that provide various services for us, such as providing customer research and satisfaction surveys.
Subject to your prior consent, your personal information may be transferred to, stored by, and further processed by our strategic partners who work with us to provide our products and services or assist us in marketing to our customers. We share your personal information with our strategic partners only to provide or improve our products, services, and advertising.
Compliance and Security
We may need to disclose your personal information if required to do so by law, legal process, litigation, and/or at the request of public and governmental authorities within or outside your country of residence. We may also disclose your personal information when we believe disclosure is necessary or appropriate because of national security, law enforcement, or other issues of public importance.
Such disclosures as described above include transferring your personal information from the European Union to the following countries: Japan
Such transfers may be for the purposes of employee performance evaluations, payroll processing, reimbursement, and contact with business partners. For each of these transfers, we will ensure an appropriate level of protection for the transferred data. In particular, we ensure this by entering into the standard contractual clauses set forth in Commission Decisions 2001/497/EC, 2002/16/EC, 2004/915/EC, and 2010/87/EU.
【5. Data processing records】
We will handle records of all processing of personal data, whether acting as a data controller or data processor, in accordance with the obligations set forth in the GDPR (Article 30 of the GDPR). We will reflect in these records all information necessary to comply with the GDPR and to cooperate with the supervisory authorities in accordance with the GDPR (Art. 31 GDPR).
【6. Security Measures】
We process your personal information in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or corruption. To achieve this level of protection, we will take appropriate technical or organizational measures (Article 25, paragraph 1 and Article 32 GDPR).
Unless a longer retention period is required or permitted by law, we will retain your personal information only for as long as is necessary to achieve the purposes outlined in this policy.
【7. Notification of data breaches to the competent supervisory authority】
In the event of a security breach resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal information subject to transfer, storage, or other processing, we have mechanisms and guidelines in place to promptly detect and evaluate the breach. Depending on the results of our assessment, we will provide the necessary notifications to the supervisory authorities and inform affected data subjects, including you (Articles 33 and 34 GDPR).
【8. Processing that may pose a high risk to your rights and freedoms】
We have mechanisms and guidelines in place to detect data processing practices that may pose a high risk to your rights and freedoms (Article 35 GDPR). If such data processing activities are detected, we will evaluate them internally and either stop them or ensure that appropriate technical and organizational safeguards are in place to ensure that the processing complies with or continues to comply with the GDPR.
In case of doubt, we will contact the competent data protection supervisory authority for advice and suggestions (Art. 36 GDPR).
【9. Your rights】
You have the following rights with respect to the personal data we collect and process
Information about the processing of your data: You may obtain from us all necessary information about our data processing activities that concern you (Articles 13 and 14 GDPR).
Access to personal data: You may check with us whether personal data relating to you are being processed and, if so, you may access your personal data and related information (Art. 15 GDPR).
Correction or erasure of personal data: You may have inaccurate personal data relating to you corrected without undue delay, and you may have incomplete personal data, if any, made complete (Article 16 GDPR). You may also have personal data relating to you erased without undue delay if the requirements set forth by the GDPR are met (Article 17 GDPR).
Restriction of the processing of personal data: You may also have us restrict the processing of your personal data if the requirements set forth in the GDPR are met (Art. 18 GDPR).
Objection to the processing of personal data: If the requirements set forth by the GDPR are met, you may, at any time, object to the processing of personal data relating to you on the grounds of your particular situation (Article 21 of the GDPR).
Data portability of personal data: If the requirements set forth by the GDPR are met, you may receive your personal data in a structured, publicly available, and machine-readable format, and you may transfer such data to another controller without our interference (GDPR Article 20).
Not being subject to automated decision-making: If you meet the requirements set forth in the GDPR, you may not be subject to automated decision-making (including profiling) based on the processing of your personal data that has legal or equivalent effects on you. (Article 22 GDPR), you may be able to opt out of being the subject of the decision (Article 22 GDPR).
If you wish to exercise any of the above rights, please refer to the section on Contact Information.
We do not knowingly collect and process information about children under the age of 16 without their parents' permission and consent. If we discover that we have directly collected and processed personal information about children under the age of 16 or who have not reached the minimum age for the purposes of the GDPR, which varies according to EU Member State law, we will take steps to delete the information as soon as possible. If you become aware that a child under the age of 16 has provided us with personal information, please contact us immediately using the contact information provided in this policy.
【11. Links to other sites】
We may offer hypertext links from the website on which this Policy is posted to third party websites or Internet sources. We do not control the actual handling and content of the personal data protection practices of third parties and cannot be held responsible for them. Please read carefully the personal data protection policies of such third parties to determine how they collect and process your personal data.
【12.Updating this Policy】
We may revise or update this Policy from time to time. Any changes to this Policy will be effective upon posting of the revised Policy. If we make any changes that we deem important, we will notify you through our website to the extent possible and, in some cases, we may ask for your consent.