This page has been translated from the official Japanese language version into English solely for the convenience of international readers. The Japanese original text shall prevail in case of any discrepancy.
Enacted: August 1, 2000
Amended: December 1, 2014
Amended: October 13, 2016
DISCO Inc. (hereinafter the gCompanyh) is engaged in a business contributing to the growth of people, companies, and society by providing global recruitment and education and training services that support personal growth (support for self-growth), connecting people with companies (support for human resource recruitment), and supporting people in their performance in the company after they are employed (support for development of human resources) in order to enable people to play meaningful roles in companies and society.
- The Company will comply with all laws and regulations, requirements of JIS Q 15001, government policies, and other standards and company rules and regulations pertaining to processing of personal information.
- The Company will make clear the purposes of use of personal information, and appropriately obtain, use, outsource processing of, and provide personal information with due respect for the wishes of the owners of personal information and taking into account the content and scale of its business. Further, the Company will not obtain or process personal information beyond the scope necessary to achieve the specified purposes for its use, and will implement measures necessary to ensure this.
- The Company will establish a permanent personal information contact center in order to respond with sincerity to complaints and consultations from individuals pertaining to their personal information.
- The Company will strictly store and manage the personal information retained by the Company the personal information entrusted to the Company for contracted services, and the personal information of the Companyfs employees, and will implement technical safeguards and systems to prevent occurrence of improper use, loss, destruction, alteration, and leaking of personal information, and take corrective measures in case of occurrence of such event.
- The Company will establish management system for protection of personal information and make the Companyfs rules and regulations pertaining to personal information fully understood by all officers and employees of the Company.
- In case of outsourcing the processing of personal information to outside contractors, the Company will establish standards for selection of contractors, outsource the work only after executing a confidentiality agreement with the contractor, and strictly manage and supervise the outsourced work with the objective of maintaining conformance with the Companyfs system of personal information protection.
- The Company will implement regular audits, re-examine and continually improve the Companyfs methods of use and system for protection of personal information and the Company rules and regulations pertaining to personal information in response to establishment and revision of laws, regulations, standards, and social changes in the aim to maintain and improve the personal information protection management system.
PrivacyMark System is a system set up to assess private enterprises that take appropriate measures to protect personal information. The System is in compliance with Japan Industrial Standards (JIS Q 15001: 2006 [Personal Information Protection Management System - Requirements] )
DISCO Inc. is certified and granted the PrivacyMark by the Japan Institute for Promotion of Digital Economy and Community (JIPDEC) on May 11, 2001.
- Personal data shall be properly collected and used. We shall collect personal information only after notifying the information subject or obtaining the information subject's consent.
- We shall use such personal data only within the scope consented.
- Personal information shall never be disclosed or entrusted to a third party, except when the information subject has given consent for such disclosure or entrustment.
- All personal information collected shall be safely stored under strict control.
- The information subject has a right to confirm the content of his/her own personal information in the possession of DISCO Inc., and /or to request deletion and/or revision to his/her personal information. We shall follow strict procedures in responding to all such requests.
Handling of Personal Information
The following matters will be disclosed to the public in accordance with the Act on the Protection of Personal Information and JISQ15001:2006.
- Definition of personal information
- Types and purposes of use of personal information obtained by the Company
- Provision of personal information to third parties
- Shared use of personal information
- Outsourcing of personal information processing to outside contractors
- Voluntary provision of personal information
- Handling of credit card information
- User data (attribute information) sent from application services, etc.
- Individualfs right to request Disclosure, etc. of personal information
- Service for receiving requests for Disclosure, etc. and complaints, etc.
1. Definition of Personal Information
Our definition of personal information is any information with respect to an individual that can be used to identify the individual including the individualfs name, address, telephone number, e-mail address, name of the educational institutions attended, name of the company or educational institution in which the individual is employed, numbers, symbols, and codes assigned to the individual, and images and audio recordings (including information that cannot in itself identify the individual but can easily be compared with other information to identify the individual).
2. Types and Purposes of Use of personal Information Obtained by the Company
An individualfs registered personal information is used only for the purposes stated below and is not used for any other purpose without the prior consent of the individual.
- The types of personal information obtained by the Company directly from individuals in writing are as follows:
Types and purposes of use of personal information obtained by the Company by methods other than directly from the individual in writing
- Personal information of students and working adults (or those looking for a job) collected through recruitment and career change support services, higher education and study abroad support services, and other services and products provided by DISCO Inc. (see http://www.disc.co.jp/service/ for details)
- To send and authenticate IDs and passwords;
- To provide services to members in accordance with the membership agreement;
- To provide an individualfs personal information to companies, schools, and organizations, etc. with the consent of the individual;
- To send information from the Company or information entrusted to the Company by individual companies, schools, and organizations, etc. pertaining to employment, career change, and higher education;
- To conduct studies and surveys pertaining to employment, career change, higher education and study abroad; and
- To provide information considered necessary for preparing to enter the workforce, or for career enhancement and improvement of skills.
- Personal information of applicants provided in connection with ge-applyh services
- To provide personal information to universities, junior colleges, graduate schools and other educational institutions, or organizations conferring certifications and qualifications, which receive applications through ge-applyh services; and
- To register in the database the information provided on the first ge-applyh application for the purpose of eliminating time and effort when making subsequent applications through ge-applyh.
- Personal information of customers
- To provide information on the Company's products and services;
- To verify customers who use products and services, supervisors of products and services, the Companyfs standards for use of products and services, and to make other types of verifications;
- To perform office procedures and billing operations necessary in connection with providing products and services;
- To perform and analyze the results of market surveys for the purpose of improving existing products and services and developing new products and services; and
- To receive reservations, confirm reservations, collect participation fees, make notification of lottery results, conduct surveys after events are held, and make notification of upcoming events, etc. in connection with events organized or operated by the Company.
- Personal information of employees
- To use as necessary for performing operations of the Company including business management, hiring and employment management, risk management, confidential information management, internal communications, emergency communications, human resources management, labor management, employee evaluations, payment of wages, health management, industrial safety management, payment of welfare benefits, and equipment maintenance, etc.;
- To entrust information required for outsourcing certain services to physicians, social and labor insurance consultants, accountants, or corporate bodies and other associations composed of these specialists; and
- To entrust or provide information required for outsourcing certain services to health insurance associations, company pension fund associations, financial institutions, administrative bodies, and other corporate bodies and organizations.
- Personal information of persons seeking employment at DISCO Inc.
- To contact and provide information to such persons in connection with the Companyfs hiring activities.
- Personal information of shareholders of DISCO Inc.
- To perform management of shareholders including making notifications to and contacting shareholders in accordance with laws and regulations pertaining to holding of general meetings of shareholders, etc.
- Personal information obtained from persons making an inquiry to DISCO Inc.
- To reply to and contact persons who has made an inquiry, registered a complaint, or requested consultation.
- Personal information received from customers, etc. entrusted to the Company for processing
- To perform work within the scope of the work request received from the customer.
- Personal information received from third parties
- To provide information on the Companyfs products and services.
- Personal information obtained by telephone
- To reply to and contact persons who has made an inquiry, registered a complaint, or requested consultation; and
- To confirm the identity of persons who make an inquiry, etc.
- Personal information obtained from security camera images, etc.
- To manage entrance and exit in buildings and perform other security activities.
- Personal information obtained from information available to the public
- To provide information on the Companyfs products and services.
- Personal information known to the Company in the course of performing contracted services will be processed by the Company within the scope of the contracted services. For avoidance of doubt, the Company is unable to comply with requests pertaining to disclosure, correction, or deletion of such personal information, or suspension of service. Please make such requests directly to the customer, etc. which entrusted the Company to process the personal information. The Company will properly process the personal information entrusted for performing the contracted services and will incinerate, shred, erase, or otherwise dispose of, or return the entrusted personal information to the customer, etc. in accordance with the customerfs instructions.
3. Provision of Personal Information to Third Parties
The Company will appropriately manage personal information it obtains and will not provide an individual's personal information to any third parties without the prior consent of the individual except in the following cases or when a rule is separately established for provision of information to third parties:
- When it is required in accordance with laws and regulations;
- When it is necessary to protect life, body or property of a person, and it is impossible to obtain the consent of the owner of the personal information;
- When it is particularly necessary to improve public sanitation or promote healthy growth of children, and it is impossible to obtain the consent of the owner of the personal information;
- When it is necessary to cooperate with national organizations or local public organizations or persons entrusted by them to execute work specified by laws and regulations, and the obtainment of consent of the owner of the personal information may hinder the execution of the work specified; and
- When it is provided in connection with business succession due to merger or other circumstances, and used within the scope of purposes of use established before the business succession.
For avoidance of doubt, when the Company provides a third party with an individualfs personal information for which prior consent of the individual has not been obtained, the Company will do so only after obtaining the consent of the individual concerned by notifying the following matters.
- Method of acquisition of the personal information
- Name of the business operator
- Name or job title of the supervisor of personal information protection (or the representative), the department the supervisor belongs to, and the supervisorfs contact information
- Purposes of use of the personal information
- Matters related to cases when the personal information will be provided to third parties
- The purposes for which the personal information is provided to third parties
- What personal information will be provided
- The means or method of providing the personal information
- The person who will receive the personal information or the type of organization the person belongs to
4. Shared Use of Personal Information
The Company may share use of the personal information obtained from employees. Types and the scope of shared use of the personal information of employees is as follows.
- Types of personal information shared
- Name, current address, phone number, mobile phone number, e-mail address, school name, name of place of employment, name of department, job title, etc.
- Purposes for shared use by group companies
- The scope of purposes of use prescribed in Section 2 above
- Person responsible for managing shared use of personal information
- Personal information protection supervising manager: Tomoshi Tatsumoto, Chief Privacy Officer, DISCO Inc.
- Method of acquisition
- Personal information acquired in writing via the Internet or by postcard or facsimile, or verbally by phone and interview
In cases when an individual's personal information obtained by the Company is shared with persons or organizations other than the group companies, the individual will be notified in advance of the following matters or the information will be publicly disclosed on the Companyfs website in a way that is readily accessible to the individual.
- Actual or scheduled shared use of the personal information
- What personal information will be subject to shared use
- The name(s) of the person(s) who will share use of the personal information and the scope of shared use
- The purposes of shared use
- The name of the supervisor responsible for managing shared use of the personal information
- Method of acquisition
5. Outsourcing of Personal Information Processing to Outside Contractors
The Company may outsource all or part of the processing of personal information to outside contractors in order to achieve specific purposes of use within the scope necessary. In doing so, the Company establishes standards for selection of outside contractors, outsources work only after executing a confidentiality agreement with the contractor, and performs management and supervision activities on a regular basis in working together with outside contractors to protect personal information.
6. Voluntary Provision of Personal Information
Provision of an individualfs personal information to the Company is voluntary. When an individual does not provide personal information to the Company, the Company may not be able to provide information and services.
7. Handling of Credit Card Information
The purposes of use, the name of the organization that acquires the credit card information, the name of the organization the credit card information is provided to, and the period for storage of the credit card information obtained by the Company is as follows.
- Purposes of use
- To settle payments for services provided
- Who acquires the information
- DISCO Inc.
- Recipient of the information
- Payment service providers and agents of payment service providers including credit card companies which process credit cards used to make payments
- Retention period
- The Company uses the gPG Multi-Payment Serviceh, the settlement service of GMO Payment Gateway, Inc., a payment service agent, for settlement of payments by credit card and credit card registration. The Company does not retain any credit card information after disclosing it to GMO Payment Gateway.
The Company may send files of information called Cookies to a userfs computer at the time the user accesses the Companyfs website, and these information files are stored in the hard disk or memory of the userfs computer. Cookies are used for the purpose of providing better services by presenting users with information about upcoming scheduled services for members and high-value-added services, and also to enable improvement of the advertising management system. Cookies do not infringe the userfs privacy or damage the userfs computer environment.
9. User Data (Attribute Information) Sent from Application Services, etc.
The Company may obtain information about a user through application services (gAppsh) on smart phones, etc. including use history, terminal device information, and location data that the user authorizes to be collected (attribute information), and use the information within the scope that is necessary to improve user-friendliness, improve services, prepare and publicly disclose statistical data utilized for marketing activities, and provide information in connection with advertisements for products and services the user shows an interest in. (However, attribute information does not include personal information.)
10. Individualfs Right to Request Disclosure, etc. of Personal Information
When the Company receives requests for disclosure, notification of purposes of use, correction, addition, or deletion of an individualfs personal information, or an individual refuses use or provision of personal information to the Company (gDisclosure, etc.h), the Company will take prompt action to process the request after confirming the identity of the individual making the request. To request Disclosure, etc., follow the procedure described below:
- For requesting Disclosure, etc. of personal information, make such request by letter, e-mail, phone, or fax to the contact addresses or phone numbers below, or fill out the designated gRequest for Disclosure, etc. of Personal Informationh form and mail it together with the necessary documents to the Personal Information Consultation Service at the address below.
- In principle, the Company does not accept requests for Disclosure, etc. of personal information from persons other than the owner of the personal information. When making a request for Disclosure, etc., enclose one identifying document (copy of the driverfs license, passport, or other public authenticated document; the prefecture is sufficient for the legal domicile; the address is not required) together with the request form.
- When the person requesting Disclosure, etc. is the legal representative of the owner of the personal information, a minor, or adult ward, etc., or a representative appointed by the owner of the personal information to request Disclosure, etc., one of the following documents must be enclosed together with the documents described in the preceding clause.
Persons requesting disclosure of personal information or notice of purposes of use of personal information are charged a postage fee for return mail by certified mail. Mail an 860-yen postage stamp in an envelope when requesting disclosure of personal information or notice of purposes of use of personal information. As soon as the Company receives the postage stamp, procedures will be taken to reply to the request for Disclosure, etc.
The Company replies to a request for Disclosure, etc. in writing and mails the written reply to the address on the application form.
Personal information obtained in regard to the request for Disclosure, etc. is handled only within the scope necessary to reply to the request for Disclosure, etc., and documents submitted with the request are retained for one year and then disposed of.
When the Company determines that any of the following grounds for non-disclosure is applicable, the request for Disclosure, etc. will be refused. In cases when the Disclosure, etc. is refused, the Company will notify the owner of the personal information of the purpose and reason for refusal.
- The legal representative must provide one document identifying him/her as the legal representative (certificate of registered matters, copy of the certificate of residence, or copy of another document certifying the personfs qualification as legal representative; the prefecture is sufficient for the legal domicile; the address is not required).
- The legal representative and the appointed representative must provide one identifying document (copy of the driverfs license, passport, or other public authenticated document; the prefecture is sufficient for the legal domicile; the address is not required).
- When the address on the application form, the address on the document identifying the individual making the request, and the address registered with the Company are not the same, or the identity of the individual cannot be confirmed for some other reason;
- When the application is made by a representative and the identity of the representative cannot be confirmed;
- When the designated documents are not complete;
- When the personal information that is the subject of the request for Disclosure, etc. does not exist in the personal data possessed by the Company;
- When disclosure of the personal information requested may cause harm to the life, body, property, or other rights or interests of the owner of the personal information or any third party; or
- When disclosure of the personal information violates laws and regulations.
11. Service for Receiving Requests for Disclosure, etc. and Complaints, etc.
Requests for Disclosure, etc. and complaints in regard to personal information processing by the Company shall be directed to the contact addresses and phone numbers given below by letter, e-mail or telephone.
¤Form for Request for Disclosure ,etc of Personal Information
Personal Information Consultation Service
Iidabashi First Building 9F
2-5-1, Koraku, Bunkyo-ku, Tokyo 112-0004
Tel.: 0120-77-5078 (weekdays 10:00 to 12:00 and 13:00 to 17:00)
[Personal Information Protection Manager]
Chief Privacy Officer, DISCO Inc.
[Name of authorized personal information protection organization]
Japan Information Processing Development Center (JIPDEC)
[Contact for resolution of complaints]
Personal Information Protection Consultations Service Office
Japan Information Processing Development Center (JIPDEC)
Address: 9-9, Roppongi 1-chome, Minato-ku, Tokyo 106-0032
Toll-free numbers: 0120-700-779, 0120-116-213
[Date of last revision] December 1, 2014