ORGAN NEEDLE CO., LTD. (hereinafter referred to as “COMPANY”) understands the importance of personal information and handles and protects the customer’s personal information adequately as the basis of its business activities and as its social responsibility.
Therefore, we will implement the following initiatives based on the Organ CSR “Compliance Policy” and “Information Management Policy”.
- Personal information collected by the Company
- The Company may collect personal information in the form of the customer’s name, work affiliation, job title, address, phone number, email address, gender, date of birth, recruitment-related information, IP address, cookie information (including other similar technologies), website access history, and others.
- Purpose of use of personal information
- The Company shall use the personal information that it acquires from the customers for the following purposes:
1. The Company shall use the personal information required for the fulfillment of the agreement with the customer for the following purposes.
・ Delivery of products ordered by the customer and provision of related services
2. After obtaining the customer’s consent, personal information will be used for the following purposes.
・ Providing information on the Company’s products and services
・ Sending emails or materials to respond to inquiries to the Company
・ Sending notifications, announcements, recruitment information, selection, and procedures to join the company to those who applied for jobs.
The customer can withdraw the consent at any time.
3. The Company may collect information such as the browsing history and purchasing history of various websites operated by the Company, to advertise, promote, and provide guidance to the products and services of the Company according to the interests and concerns of customers, and may analyze and use this information by applying marketing automation tools.
4. Other than the above, under any of the following conditions, the personal information will be used to the extent judged necessary to achieve the purpose.
a) To comply with the Company’s legal obligations
b) To protect the vital interest of the customer or a third party
c) To carry out any work required to exercise the public interest or official capacity given to the Company
d) To gain legitimate profit sought by the Company or a third party
- Protection of personal information
- The Company implements the protection of personal information by formulating the “Personal Information Protection Regulations”, establishing a system for the security of personal information, and educating all employees thoroughly for awareness of the importance of personal information protection.
- Safety management measures
- The Company implements the following measures to prevent leakage, loss, or damage of personal information, and also for the proper management of personal information.
b) Development of rules related to handling of personal information
・Handling procedures, as well as responsible personnel, persons in charge, and their duties, are clarified at the individual stages of acquisition, use, storage, provision, deletion, disposal, etc. of personal information.
c) Organizational safety management measures
・Persons responsible for handling personal information are appointed.
・Employees who will handle personal information, and the scope of personal information to be handled by those employees, are clarified.
・Systems are established for reporting to and contacting responsible personnel in the event that any signs or actual circumstances of the violation of laws or internal regulations are identified.
d) Human safety management measures
・Regular education and training for employees are implemented on matters that require attention regarding the handling of personal information.
・Matters related to the preservation of confidentiality of personal information are indicated in the rules of employment and other internal regulations.
e) Physical safety management measures
・In areas where personal information is handled, measures are implemented to control the entry and exit of employees and to restrict devices and other items brought into those areas, and to prevent unauthorized persons from viewing personal information.
・Measures are implemented to prevent the theft or loss of devices, electronic media, documents, and other items used to handle personal information.
・Measures are implemented to prevent personal information from being easily identified when devices, electronic media, and other items used to handle personal information are carried, including during movement within offices.
f) Technical safety management measures
Access control is implemented to set restrictions on the scope of persons in charge and the personal information that is handled.
Systems are introduced to protect information systems that handle personal information from unauthorized external access or unauthorized software.
- Prohibition of the disclosure or provision of personal information to a third party
- The Company appropriately manages the personal information received, and shall not disclose personal information to any third parties, except in the following cases.
・ When a consent from the customer is obtained. The customer can withdraw the consent at any time.
・ When the disclosure of the personal information to a vendor or a company belonging to the Organ Group to which the Company outsources the work is required to provide the service that is requested by the customer.
・ When there is a need to disclose personal information as required by the law.
・ When it is necessary to handle the personal information outside its purpose of use to protect the life, body, or property of an individual, and it is difficult to obtain the consent of the person.
- International transfer of personal information
- If there is a need of an international transfer of the acquired personal information to a third country, the Company shall take appropriate protective measures needed for international transfer based on applicable laws and regulations, such as obtaining prior consent from the person.
- Disclosure of personal information
- When the Company receives a request for personal information disclosure from a person who owns the said personal information or a representative of the said person, the Company shall provide it promptly after confirming that the person who requests personal information is the same person that owns the personal information or an authorized representative, except for the following cases. The Company shall answer accordingly if the personal information cannot be disclosed or does not exist.
・ When the disclosure poses a risk of harming the life, body, property, or other rights of the person who owns the personal information or a third party
・ When the disclosure poses a risk of causing a severe hindrance to the proper implementation of the Company’s business
・ When the disclosure violates the law
In addition, when there is a request from the person who owns the personal information or a representative to revise, add, or delete the acquired personal information due to the incorrect content of the said information or other reasons, or a request for the suspension or deletion of use or the suspension of provision of the said information to a third party due to the handling of personal information that violates the law, the Company shall respond to such requests in accordance with the law after a proper investigation.
- Compliance to laws and regulations and review
- The Company complies with the “Act on the Protection of Personal Information” and other laws and regulations related to the protection of personal information and privacy, as well as related government ordinances, guidelines, etc., and strives to improve its efforts in protecting personal information by reviewing the contents of this Policy appropriately.
- For inquiries regarding the handling of personal information by our Company, please contact the Company using the information below. It is also possible to file a complaint to the Personal Information Protection Commission or other regulatory agencies on the handling of personal information.
Inquiry and Consultation Desk
1 Maeyama, Ueda-shi, Nagano-ken 386-1436, Japan
Corporate Planning Dept., Corporate Planning Office
Phone number: +81-268-38-3111
Alternatively, contact us using the Inquiry Form on the Company website.
About this website
- All information on this website is provided for free. The user is solely responsible for judging whether browsing this website or obtaining the information from it suits the user’s needs, whether storing, copying, or using such information complies with the laws and regulations concerning copyright, confidentiality, defamation, decency, and export.
The Company shall assume no responsibility for any troubles, losses, or damages that may occur from using this website.
The Company makes no warranty, guarantee or representation as to the legality, accuracy, morality, newness, or adequacy of the website and software introduced in this website, as well as the use consent and presence/absence of copyright.When the user is moved to another website by any links, banners, etc. on this website, our Company shall not be held responsible under any circumstances for the information, services, etc. offered by the destination website.
- All the content published on this website is owned by ORGAN NEEDLE CO., LTD. Except for personal use, users are prohibited from using any content without prior written permission.