Privacy Policy
Recognizing the importance of protecting personal information, MatrixFlow Co., Ltd., (hereinafter the “Company”) will comply with the Act on the Protection of Personal Information (hereinafter the “Personal Information Protection Act”) and will strive to appropriately handle and protect the information in accordance with the following Privacy Policy (hereinafter the “Privacy Policy”). Unless otherwise provided for herein, the definitions of the terms herein shall be subject to the provisions of the Personal Information Protection Act.
1. Definition of Personal Information
The personal information herein means the personal information defined in paragraph 1 of Article 2 of the Personal Information Protection Act.
2. Purposes of Using Personal Information
Retained Personal Data [subject to disclosure]
| Classification | Purposes of Use |
|---|---|
| Information of a customer who contacts the Company through the inquiry form of the website | (1) To respond to the inquiry of the customer (2) To provide the customer with information about the services (3) To study the improvement of the services and new services (4) To investigate and analyze the usage condition of the services |
| Customer information – Information of MatrixFlow users – Information of event participants – Questionnaire information |
(1) To provide the services suitable to the customer (2) To respond to an inquiry by the customer (3) To charge for products (4) To provide the customer with information about the services (5) To safely provide the services (*1) (6) To study the improvement of the services and new services (7) To investigate and analyze the usage condition of the services (*2) (8) To send e-mail newsletters |
| Information of the representative of a business partner | (1) To confirm details of orders (communications records) (2) To charge for products (3) To provide customers with information about the services (4) To study the improvement of the services and new services (5) To make necessary business contacts, execute contracts, conduct business negotiations. (6) To manage information on a business partner |
| Employee Information | For human resources, business, health, and safety management |
| Information of a job applicant of the Company | (1) To contact the job applicant (2) To manage the recruitment of the Company(includes reference checks and other verification procedures) (3) For purposes incidental to recruitment activities, such as statistical use for future recruitment plans |
| Specific personal information | To be used for the purposes of use set forth in the Number Act |
*1: This includes finding a customer in violation of the terms of service to give notice to the customer; investigating, detecting, and preventing fraudulent misuse of services, unauthorized access and any other wrongdoings or responding to these wrongdoings.
*2: Notwithstanding the foregoing, the Company will use personal information in accordance with the separate stipulations on the purposes of use if the Company receives disclosure of the information from a third party with such stipulations provided.
3. Name and Title of Personal Information Protection Manager (or Agent)
Manager: Masako Shibusawa
Department: backoffice Department
Contact: Point of contact for inquiries set forth below
4. About Voluntariness of Provision of Personal Information
The person concerned will choose whether to provide personal information or not on a voluntary basis. However, if the person does not provide the requisite items, the Company may be unable to respond to you appropriately.
5. Change of Purposes of Use of the Personal Information
The Company may change the purposes of use of the personal information to the extent that is reasonably considered relevant, and in the event of a change in the purposes, the Company will notify the individual to whom the personal information relates (hereinafter the “Person Concerned”) to obtain consent.
6. Limitation on Use of Personal Information
Without the consent of the Person Concerned, the Company shall not handle personal information beyond the scope necessary to achieve the purposes of use unless it is permitted by the Personal Information Protection Act or any other laws or regulations. However, this does not apply to any of the following:
(1) When it is handled under laws and regulations
(2) When it is necessary for the protection of human life, body or property, and it is difficult to obtain the consent of the Person Concerned
(3) When it is particularly necessary for the improvement of public health or the promotion of healthy child development, and it is difficult to obtain the consent of the Person Concerned
(4) When it is necessary to cooperate with a national government organ, local public entity, or person commissioned thereby to perform business stipulated in laws and regulations, and obtaining the consent of the Person Concerned is likely to interfere with the performance of the business
7. Appropriate Collection of Personal Information
7.1. The Company shall collect personal information in an appropriate manner not using any fraudulent or other wrongful means.
7.2. Without the advance consent of the Person Concerned, the Company shall not collect any special care-required personal information (meaning the information defined in paragraph 3 of Article 2 of the Personal Information Protection Act), except for any of the following cases:
(1) When any item of Section 6 applies
(2) When special care-required personal information is disclosed by the Person Concerned, national government organ, local government, a person set forth in items of paragraph 1 of Article 76 of the Personal Information Protection Act, or a person prescribed by the rules of the Personal Information Protection Commission
(3) When visually obvious special care-required personal information is acquired by visual observation, filming, or photographing of the Person Concerned
(4) When disclosure of special care-required personal information is received in a mode that does not fall under third party provision under the proviso of Section 9.1
7.3. When receiving disclosure of personal information from a third party, the Company shall confirm the following matters according to the rules of the Personal Information Protection Commission, except where such disclosure of personal information falls under any item of Section 6, or such disclosure is made in a mode that does not fall under third party provision under the proviso of Section 9.1:
(1) The name and address of the third party, as well as the representative in the case of a corporation (including the representative or administrator in the case of a non-corporate body having appointed such person)
(2) Circumstances where the third party has obtained the personal information
8. Security Management of Personal Information
The Company shall provide the necessary and adequate supervision of its employees to securely manage personal information against loss, damage, falsification, leakage, and other risks to personal information. When outsourcing the handling of personal information in whole or in part, the Company shall provide the necessary and adequate supervision so that the personal information will be securely managed at the outsourcing contractor.
9. Third Party Provision
9.1. Without the advance consent of the Person Concerned, the Company shall not provide personal information to a third party, except where any item of Section 6 applies; provided that the following cases do not fall under said third party provision:
(1) When personal information is provided incidental to outsourcing the handling of personal information in whole or in part to the extent necessary for the achievement of the purposes of use
(2) When personal information is provided incidental to business succession by a merger or other cause
(3) When it is jointly used under Section 10
9.2. Notwithstanding Section 9.1, if the Company provides personal information, except where any item of Section 6 applies, to a third party (excluding, under Article 24 of the Personal Information Protection Act, those third parties who provides a system conforming to the standards designated in the rules of the Personal Information Protection Commission) in a foreign country (excluding, under Article 24 of the Personal Information Protection Act, those countries designated in the rules of the Personal Information Protection Commission), the Company shall obtain the consent of the Person Concerned in advance regarding the provision of information to a third party in a foreign country.
9.3. When personal information is provided to a third party, the Company shall create and keep a record in accordance with Article 25 of the Personal Information Protection Act.
9.4. When disclosure of personal information is received from a third party, the Company shall make necessary confirmation, and shall create and keep a record about such confirmation in accordance with Article 26 of the Personal Information Protection Act.
10. Joint Use
The Company will jointly use personal information to the extent necessary for the achievement of business. In this case, the Company shall notify the Person Concerned of the following items regarding the personal information to be jointly used or announce them without delay:
(1) Items of personal information to be jointly used
(2) The scope of joint users
(3) Purposes of use by users
(4) The name of a person responsible for the management of said personal information
11. Outsourcing of Handling of Personal Information
The Company may outsource the handling of personal information in the course of business operation only within the scope of the purposes of use set forth in the preceding section. In this case, the Company shall select an outsourcing contractor with a high level of personal information protection, execute an agreement for proper management and confidentiality of personal information, and require the contractor to implement the appropriate management.
12. Disclosure of retained Personal Information or records provided to third parties
When disclosure of personal information or the record of provision to a third party is requested by the Person Concerned under the Personal Information Protection Act, the Company shall disclose it to the person without delay after having confirmed that it is a request from the Person Concerned (if there is not the personal information concerned, the Company shall notify the person to such effect), except where the Company does not bear the obligation of disclosure under the Personal Information Protection Act or other laws and regulations.
13. Correction of Personal Information
If the correction, addition, or deletion is requested by the Person Concerned regarding personal information under the Personal Information Protection Act on the grounds that the personal information is not accurate (hereinafter “Correction”), the Company shall perform the necessary investigation to the extent necessary for the achievement of the purposes of use without delay after having confirmed that it is a request from the Person Concerned and shall make Correction of the personal information based on results of the investigation and notify the Person Concerned to such effect (if the Company decides not to make Correction, the Company shall notify the Person Concerned to such effect), except where the Company does not bear the obligation of Correction under the Personal Information Protection Act or other laws and regulations.
14. Discontinuation of Use of Personal Information
If discontinuation of the use or deletion is requested by the Person Concerned regarding personal information under the Personal Information Protection Act on the grounds that the personal information is used beyond the purposes of use announced in advance, or it has been collected by fraudulent or other wrongful means (hereinafter “Discontinuation of Use”), or if discontinuation of provision is requested under the Personal Information Protection Act on the grounds that the personal information is provided to a third party without the consent of the Person Concerned (hereinafter “Discontinuation of Provision”), the Company shall, when it turns out that the request is reasonable, make Discontinuation of Use or Discontinuation of Provision of the personal information without delay after having confirmed that it is a request from the Person Concerned and shall notify the Person Concerned to such effect, except where the Company does not bear the obligation of Discontinuation of Use or Discontinuation of Provision under the Personal Information Protection Act or other laws and regulations.
15. Dissemination of Matters concerning Retained Personal Data
a) Information of the business operator handling personal information
For company name, address, and representative name, please see below.
b) Personal information protection manager
As set forth in the 3 “Name and Title of Personal Information Protection Manager (or Agent)”
c) Purposes of using every kind of retained personal data
As set forth in 2 “Purposes of Using Personal Information”
d) Point of contact for complaints regarding the handling of retained personal data
Please contact the point of contact for inquiries set forth in 19 ”Inquiries”.
e) Accredited personal information protection organization
Currently, the Company is not a member of any accredited personal information protection organization.
f) Procedures for responding to a request for disclosure or other steps of retained personal data
1) Point of contact for a request for disclosure or other steps
Please contact the above point of contact for inquiries to request disclosure or other steps.
2) Procedures for requesting disclosure or other steps
Upon the receipt of a request, the Company will mail a request for disclosure or other steps of retained personal data, which is the request form you are requested to use.
You will mail the request form you filled out, as well as documents showing the power of attorney in the case of a request by a proxy, and a postal money order for the handling fee (limited to a request for notice of usage purposes and disclosure) to the above point of contact provided for inquiries about personal information.
After the receipt of the said request form, to verify your identity, the Company will ask you to provide few pieces of information selected from the personal information registered with the Company (e.g., telephone number and date of birth) by which your identity can be verified.
As a rule, a reply will be provided by the method of your choice.
3) Documents showing the power of attorney in the case of a request by a proxy
When requesting disclosure or other steps by a proxy, please enclose documents showing the power of attorney and the identity of the proxy. Only the prefecture will be left in these documents as information on the domicile of origin, and any further detailed information will be blacked out. In addition, please send documents not containing an individual number, or black out all digits.
Documents showing the power of attorney
Letter of attorney from the Person Concerned (original)
A copy of the family register
Certificate of residence (showing a family relationship)
Other official documents showing the right of legal representation
Certificate of registered information concerning guardianship registration
Other official documents showing the right of legal representation
Documents showing the identity of the proxy
Driver’s license
Passport
Health insurance card
(Please submit the card with all digits of the insured person’s symbol and number blacked out.)
Certificate of residence
4) A fee for a request for notice of usage purposes or disclosure
1,000 yen per request
(Please enclose a postal money order in the request form you send.)
16.Measures taken for the secure management of retained personal Information
The Company takes the following steps to ensure the security of personal information in its possession.
(1)Organizational security management measures
In addition to appointing a “Personal Information Protection Manager” as the person responsible for handling personal information, we have established a management system, including a person responsible for the management of each organization, and developed internal regulations and an ongoing management system.
(2)Human security management measures
The Company enters into non-disclosure agreements regarding personal information at the time of employment contracts with employees, etc., and conducts regular training on the proper handling of personal information.
(3)Physical security management measures
To prevent unauthorized access to personal information, we have implemented measures to prevent unauthorized viewing of personal information, including access control, locked storage, encryption, and password protection of documents and data containing personal information.
(4)Technical security management measures
We take measures to control access to information systems that handle personal information, to identify and record accesses, to prevent unauthorized access, etc., to prevent information leakage by encrypting data and protecting it with passwords, and to monitor information systems.
17. Use of Cookies and other Technologies
The Company’s service may use cookies and similar technologies. Such technologies help the Company identify the condition of use of the Company’s service and improve the service. To reject cookies, a user may disable them by changing the Web browser settings. However, disabling cookies may make part of the functions of the Company’s service unavailable.
18. External transmission of user information
Our services that may be subject to the External Transmission Discipline for Information Transmission Order Communications based on Article 27-12 of the Telecommunications Business Law and the disclosures under this discipline for such services are as follows.
| Google Analytics | |
|---|---|
| User information externally transmitted |
– Client ID – IP Address – URL of the page viewed – Referrer – Device Type – Operating System – Browser type – Your language – Image resolution |
| Recipient name | Google LLC |
| Purpose of Use |
In order to analyze and improve the performance of our website, we collect and transmit information about the users of our website to Google. Google analyzes and aggregates the information submitted to us for the purpose of providing us with reports on website activity and other information. Google may also use this information to improve its own services and products. |
| Destination Privacy Policy | https://policies.google.com/privacy |
| Opt-out (disable) | https://tools.google.com/dlpage/gaoptout/ |
| Google Ads | |
|---|---|
| User information externally transmitted |
– Client ID – Site user’s activity history on our website – Site user’s browsing history on our site – Site user demographic information – Site user location information |
| Recipient name | Google LLC |
| Purpose of Use |
Google analyzes information about website users and uses this information to provide our advertisements to you on the Internet. Google may also use this information to match and analyze user information collected by other parties and to provide more effective advertising to such other parties. Google may also use this information to improve its own services and products. |
| Destination Privacy Policy | https://policies.google.com/technologies/ads |
| Opt-out (disable) | https://policies.google.com/technologies/ads |
| Facebook Ads | |
|---|---|
| User information externally transmitted |
– Client ID – Site user’s activity history on our website – Site user’s browsing history on our site – Site user’s demographic information – Site user’s location information and browsing date and time (used to calculate time spent on site, etc.) – Web browser and device type and version – Action history on the website visited – Facebook usage status |
| Recipient name | Meta Platforms, Inc. |
| Purpose of Use |
Facebook analyzes information about Site users and uses it to deliver our advertisements to Site users on the Internet. Facebook may also use this information in conjunction with and analyze user information collected by other parties to optimize the advertising of non-Facebook companies. Facebook may also use this information to improve its own services and products. |
| Destination Privacy Policy | https://www.facebook.com/privacy/policy |
| Opt-out (disable) | https://www.facebook.com/help/769828729705201 |
| Hubspot | |
|---|---|
| User information externally transmitted |
– IP Address – Browser type – Domain Name – Internet Service Provider (ISP) – Files (HTML pages, images, etc.) displayed on our site – Your operating system – Data related to page transitions – Time of access – Referrer website address |
| Recipient name | HubSpot, Inc. |
| Purpose of Use |
HubSpot collects and transmits information about users to HubSpot through inquiry forms and other means. HubSpot organizes and analyzes this information and provides reports to the Company for customer management and marketing purposes. |
| Destination Privacy Policy | https://legal.hubspot.com/jp/privacy-policy |
| Opt-out (disable) | https://legal.hubspot.com/jp/cookie-policy |
19. Inquiries
Please contact the following point of contact for requests for disclosure or other steps, opinions, questions, complaints, or other inquiries about the handling of personal information.
#206 TENSHO OFFICE Ueno Suehirocho, 3-16-2 Ueno, Taito-ku, Tokyo,110-0005, Japan
MatrixFlow Co., Ltd.
E-mail: support@matrixflow.jp
(Requests, inquiries, and other communications are accepted between 10:00 and 18:00 on weekdays.)
20. Continual Improvement
The Company will strive to continuously improve the handling of personal information by reviewing the state of handling from time to time, and this Privacy Policy may be subject to revision on an as-needed basis.
21.Language
The governing language of this Privacy Policy shall be Japanese.
If an English translation hereof is made for reference purpose,only the Japanese original shall have the effect of a contract and such English translation shall have no effect.
(Revised on August 24, 2023)
(Revised on June 16, 2023)
(Revised on January 10, 2023)
(Revised on September 15, 2022)
(Revised on July 26, 2021)
(Revised on April 1, 2021)
(Enacted April 10, 2019)