Privacy Policy

This page has been translated from the official Japanese language version into English solely for the convenience of international readers. The Japanese original text shall prevail in case of any discrepancy.

Privacy Policy

DISCO Inc. makes the following matters public in accordance with the Act on the Protection of Personal Information (hereinafter the "Personal Information Protection Act") and JIS Q 15001: 2017.

  1. 1. Definition of Personal Information and Other Terms
  2. 2. Types and purposes for use of personal information acquired by the Company
  3. 3. Safety management measures
  4. 4. Provision of personal data to third parties
  5. 5. Shared use of personal data
  6. 6. Handling of personal data consigned to outside organizations
  7. 7. Provision of personal data to third parties in countries overseas
  8. 8. The voluntary nature of the individual's provision of personal information
  9. 9. Handling of credit card information
  10. 10. Handling of Cookie information
  11. 11. The individual's right to request disclosure, etc.
  12. 12. Contact point for receiving requests for disclosure, etc. and registering complaints
  13. 13. Global privacy policy (GDPR, CCPA, etc.)

1. Definition of Personal Information and Other Terms

The terms "personal information," "personal data," "retained personal data," and other terms used in this Policy shall have the same meanings as the definitions of those terms stipulated by the Personal Information Protection Act.

2. Types and Purposes for Use of Personal Information Acquired by the Company

Personal information registered by individuals with the Company is used solely for the following purposes and is not used for any other purpose without obtaining the individual's prior consent.

  1. (1) Types of personal information acquired directly in writing from the individual by the Company
    • Personal information of students and adult members of society acquired through services that support opportunities for employment and job changes in Japan, services for support of higher education in Japan, and other products and services operated by the Company (for details, see Services).
      • Transmission of IDs, passwords, and personal authentication
      • Provision of services in accordance with membership rules
      • Provision of personal information to corporations, educational institutions, and organizations, etc. in accordance with the individual's consent
      • Transmission of information regarding opportunities for employment, job change, and higher education, etc. held by the Company or consigned to the Company by individual companies, educational institutions, and organizations, etc.
      • Conduction of surveys and questionnaires regarding employment, job change, and higher education, etc.
      • Provision of information to young adults and recent graduates considered necessary in order to prepare for working life and for career and skill development
    • Personal information of students and adult members of society acquired through the services listed under "Global Recruitment Services" that is one of the Services categories.
      • Transmission of IDs, passwords, and personal authentication
      • Provision of services in accordance with membership rules
      • Provision of personal information to corporations, educational institutions, and organizations, etc. in accordance with the individual's consent
      • Transmission of information regarding opportunities for employment and job change, etc. held by the Company or consigned to the Company by individual companies and organizations, etc.
      • Conduction of surveys and questionnaires regarding employment and job change, etc.
      • Provision of information to young adults and recent graduates considered necessary in order to prepare for working life and for career and skill development
    • Personal information of applicants, etc. in relation to the "e-apply" service
      • Provision of personal information to universities, junior colleges, graduate schools, and other educational institutions, and organizations that grant qualifications and certifications that use the "e-apply" service for making and receiving applications
      • Registration in the database of the information of users of the "e-apply" service to eliminate the need for input of the same information from the second use of the service onward
    • Personal information of customers, etc.
      • Provision of information on the Company's various products and services
      • Confirmation of customers, etc. and supervisors in companies and educational organizations at the time of use of various products and services, confirmation of the Company's standards for use, confirmation of various other matters
      • Implementation of administrative procedures and billing work considered necessary in providing products and services
      • Conduction of various marketing surveys and analysis of survey results for the purpose of improving existing products and services and developing new products and services
      • Work associated with events hosted or operated by the Company including acceptance of reservations, confirmation of reservations, collection of participation fees, reporting of the results of drawings, post-event questionnaire surveys, and notification of details regarding the next event
    • Personal information of employees, etc.
      • Use of employees' personal information necessary for work management, recruitment and employment management, crisis management, management of confidential information, in-house communication, emergency communication, personnel affairs, labor affairs, employee evaluation, payment of wages, health management, health and safety matters, employee benefits, equipment management, etc. by the Company
      • Deposit of information associated with consignment of work to physicians, labor and social security attorneys, accountants, and their incorporated organizations, etc.
      • Deposit or provision of information associated with consignment of work to health insurance associations, corporate pension funds, financial institutions, governmental agencies, and other incorporated organizations and institutions, etc.
      • Personal information of individuals who contact the Company seeking job opportunities, etc.
      • Handling of correspondence and information, etc. associated with the Company's recruitment activities
      Principal transfer destination: America
    • Personal information of the Company's shareholders
      • Management of matters associated with shareholders including notification and correspondence of the general meeting of shareholders in accordance with laws and regulations
    • Personal information acquired through inquiries, etc. made to the Company
      • Replies and correspondence regarding inquiries, complaints, and consultations
  2. (2) Types and purposes for use of personal information that is not acquired directly in writing from the individual by the Company
    • Personal information received from third parties
      • Provision of information on the Company's various products and services
    • Personal information acquired through telephone conversations
      • Replies and correspondence regarding inquiries, complaints, and consultations
      • Identity confirmation of individuals making inquiries, etc. to the Company
    • Personal information acquired from images on security cameras and drive recorders, etc.
      • Confirmation of facts associated with regulated entrance to and exit from facilities, traffic safety management, crime prevention management, and occurrence of emergency situations
    • Personal information acquired from publicly available information
      • Provision of information on the Company's various products and services
  3. (3) Personal information learned by the Company associated with consignment work
    The Company acquires personal information consigned by various customers, etc. Handling of personal information learned by the Company associated with consignment work is confined to the range of the work consigned.
    Further, the Company cannot accommodate requests for disclosure, correction, or deletion of the personal information consigned to us or suspension of the consigned service. Please direct requests directly to the customer, etc. that consigned the service. The Company complies with the direction of the customer, etc. in disposing of the personal information consigned by incinerating, shredding, or deleting it, or by other means used for disposal of confidential information, or by returning it to the customer, etc.

3. Safety Management Measures

The Company implements measures for appropriate management of personal data acquired as follows.

  1. (1) Establishment of basic principle
    The Company has established a Privacy Statement as our basic principle for ensuring appropriate management of personal data.
  2. (2) Formulation of rules concerning handling of personal data
    The Company has established internal rules and regulations that stipulate methods for handling personal data, the supervisors and persons responsible for handling personal data, and their individual roles and duties, etc.
  3. (3) Organizational safety management measures
    1. 1) The Company appoints and installs a Personal Information Protection Manager as the personal responsible for handling of personal information by the Company's organizational system.
    2. 2) The Company has established a personal information protection management system and implements controls for internal protection of personal information.
    3. 3) The Company ensures compliance by employees (including contract employees and temporary employees) with internal rules and regulations concerning safety management measures. A system is established for reporting to and contacting the Personal Information Protection Manager and persons responsible for handling personal information when facts or indications of violations of laws and internal rules and regulations by employees are discovered.
    4. 4) In consigning handling of personal information, we implement strict supervisory measures in regard to subcontractors as well as supervision to ensure that measures implemented for safe management of personal information are strictly maintained by subcontractors.
  4. (4) Human safety management measures
    The Company implements regularly scheduled education and training for employees in regard to appropriate handling of personal data.
  5. (5) Physical and technical safety management measures
    1. 1) The Company controls entry and exit by employees and third parties to areas where personal data is handled and also places restrictions on devices containing personal data carried from place to place.
    2. 2) The Company implements locked storage and other measures to prevent theft of documents, media, and devices, etc. containing personal information.
    3. 3) The Company restricts access to personal data and information systems that handle personal data, implements countermeasures for computer viruses and rogue software, and monitors information systems, etc.
  6. (6) Awareness of the external environment
    Of the personal data acquired through provision of various services operated by the Company, the personal information of students and adult members of society acquired as stated in "2. (1) Personal information of students and adult members of society acquired through the services listed under "Global Recruitment Services" that is one of the Services categories," is handled for the two types of work listed below by the following countries. The Company implements safety management measures in the full awareness of the personal information protection systems of each of these countries.
    1. 1) Consignment of work connected with operation of events in countries where overseas events are hosted: America, Great Britain, Hungary
    2. 2) Consignment of work connected with system development and operation of Careerforum.net and various other global services operated by the Company: Vietnam

4. Provision of Personal Data to Third Parties

The Company appropriately manages personal data acquired, and does not provide personal data to third parties without obtaining the individual's prior consent except in the following cases or when provision of personal data to third parties is otherwise provided

  1. (1) When provision is in accordance with laws and regulations
  2. (2) When it is necessary to protect the life, body, or assets of an individual and the individual's consent cannot be obtained
  3. (3) When it is particularly necessary to improve public hygiene or promote the healthy growth of children and the individual's consent cannot be obtained
  4. (4) When it is necessary to cooperate with a national organ or local public organization or a person entrusted by such an authority in the execution of duties pursuant to laws and regulations and when obtaining the consent of the individual is likely to impede the execution of the duties
  5. (5) When the third party to whom personal data is provided is an academic research institution, etc. and the third party requires handling of the personal data for the purpose of academic research, (including when the purpose for handling of personal data is partly for the purpose of academic research, except when unreasonable violation of personal rights or interests is likely)
  6. (6) When personal data is provided due to merger or for other reasons in connection with business continuity and the personal data is handled within the same range of purposes for use established prior to business succession
Further, when providing third parties with personal data for which the individual's prior consent has not been obtained, the individual is notified of the following matters and the personal data is provided after obtaining the consent of the individual.
  • Method of acquisition
  • Name of the business operator or the name of the business organization
  • Name of the person responsible for personal information protection (or the person's representative), or the official title, affiliation, and contact information
  • Purposes for use
  • Matters notified when provision of personal information to third parties is planned
    • The purpose for provision to third parties
    • The items of personal data to be provided
    • The means or method of provision
    • The person receiving provision of the information or the type and attributes of the person's organization receiving provision of the information

5. Shared Use of Personal Data

Of the personal data acquired, the Company may share use of the personal information of the Company's employees, etc. The items and range, etc. for shared use of the personal information is as follows.

Items of personal data for shared use

  • Name, current address, telephone number, mobile phone number, e-mail address, school name, place of employment, name of department, job title, etc.
  • Company sharing use
    • DISCO International, Inc. (U.S. subsidiary)
  • Purposes for shared use by the above company
    • The range of the purposes for use stipulated in 2. above
  • Person responsible for managing the personal information whose use is shared
    • DISCO Inc. Personal Information Protection Manager Kazuyuki Shinozaki
      For the Company's address and representative's name, refer to the Corporate Profile page on the Company's Website.
  • Methods of acquisition
    • Acquired through writing on the Internet, in postcards, and by FAX, etc. and orally by telephone and interviews, etc.

In addition to the above-mentioned case, when instances occur of shared use of personal data acquired by the Company, the individual is notified of the following matters beforehand or after shared use is officially announced on the Company's Website or by other means that are readily accessible to the individual.

  • Shared use of personal data
  • Items of personal data subject to shared use
  • Name and range of persons or organizations sharing use
  • Purposes for shared use by the persons or organizations
  • The name of the person or the name, address, and name of the representative of the organization (when it is a corporation) responsible for management of the personal data subject to shared use
  • Methods of acquisition

6. Handling of Personal Data Consigned to Outside Organizations

The Company may consign handling of all or part of the personal data in our possession to outside organizations in the range necessary to achieve specific purposes for use. In such cases, we establish standards for selection of subcontractors and conclude a non-disclosure agreement before placing consignment work, and regularly conduct management and supervision duties for protection of personal information in collaboration with the subcontractors.

7. Provision of Personal Data to Third Parties in Countries Overseas

In the following cases, the Company provides personal data to third parties in countries overseas (countries and regions other than Japan).

  1. 1) When persons seeking employment apply to companies and organizations, etc. in countries overseas for employment or to attend seminars through use of Careerforum.net, and various other global services operated by the Company, their personal data is provided to the companies and organizations, etc. in the countries overseas. Click here to view summaries of the personal information protection systems in each of the countries receiving the personal data. Further, the third parties receiving the personal data comply with the laws and regulations regarding protection of personal information in the relevant country. (Click the link above for information on differences between the personal information protection systems of Japan and the relevant companies.)
  2. 2) Shared use of personal data
    The Company's subsidiary located in America is one of the companies and organizations with whom the Company shares personal data. For details on shared use, see section 5. above.
  3. 3) Consignment of handling of personal data
    Third parties located in countries overseas are among the subcontractors with whom the Company consigns handling of personal data. For details on subcontractors, see section 3. "Awareness of the external environment" and section 6. above.

8. The Voluntary Nature of the Individual's Provision of Personal Information

Whether or not to provide personal information to the Company is at the discretion of the individual. When an individual decides not to provide personal information, the Company may not be able to provide information and services to the individual.

9. Handling of Credit Card Information

The purpose for use of credit card information acquired by the Company, the name of the company acquiring the credit card information, persons and organizations to whom the credit card information is provided, and the storage period are as follows.

  • Purpose for use
    • To settle payment for services provided
  • Company acquiring the information
    • DISCO Inc.
  • Persons and organizations to whom the information is provided
    • Various payment service providers and payment processing providers including credit card companies that the Company uses to settle credit card payments
  • Storage period
    • The PG Multi-Payment Service for settlement of credit card payments that is operated by the payment processing company GMO Payment Gateway, Inc. is used for credit card payments and credit card registration. After disclosure of an individual's credit card information to GMO Payment Gateway, Inc., the Company does not retain any of the individual's credit card information.

10. Handling of Cookie Information

The Company may acquire Cookie information from the Website operated by the Company and tools provided by business operators, etc. Click on the link below to view the Company's policy on handling of Cookie information.
DISCO Inc. Cookies Policy

11. The Individual's Right to Request Disclosure, etc.

When the Company receives a request from an individual for notification of disclosure (including records of disclosure to third parties) and purposes for use, correction, addition, or deletion, and suspension of use or refusal of provision of the individual's personal information (hereinafter "disclosure, etc."), the Company promptly responds to the request in accordance with the Personal Information Protection Act after verifying the identity of the individual making the request. Please make requests for disclosure, etc. by the following procedure.

  1. (1) Direct requests for disclosure, etc. of personal information to the contact below either by e-mail or telephone. You will be informed of the procedure and documents required depending on the content of the request for disclosure, etc.
  2. (2) As a general rule, the Company does not receive requests for disclosure, etc. of personal information from anyone other than the individual whose personal information it is. In requesting disclosure, etc. of personal information, you must submit the "Request for Personal Information Disclosure, etc." form sent to you by the Company and a document that confirms your identity.
    Please enclose any one of the following three documents to confirm your identity.
    1. 1) A copy of your driver's license
    2. 2) A copy of your certificate of residence (not containing your national identity number and issued within 3 months of submission)
    3. 3) A copy of your passport, alien registration certificate, or another official document that certifies your identity
  3. (3) When the person requesting disclosure, etc. of personal information is a legal representative of the individual, or minor or adult ward, etc., whose personal information it is, or a representative authorized by the individual to request disclosure, etc., please also attach one of the following documents in addition to one of the documents to confirm the individual's identity listed in the preceding paragraph.
    • When you are the legal representative, a document to confirm that you are the legal representative
      • A certificate of registered matters as a legal representative (issued within 3 months of submission)
      • A copy of your certificate of residence (not containing your national identity number and issued within 3 months of submission)
      • A copy of another type of document the certifies your qualification as a legal representative (the location of the permanent docile need only include the name of the prefecture)
    • A document to confirm the identity of the legal representative or representative authorized by the individual
      • A copy of your driver's license, passport, or another official document that certifies your identity (the location of the permanent docile need only include the name of the prefecture)
  4. (4) When you request disclosure and notification of purposes for use of personal information, you are charged the postage for the reply by delivery-certified mail as a handling charge. When you request disclosure and notification of purposes for use of personal information, please mail an envelope with stamps in the amount of 860 yen along with the other documents you submit. As soon as we receive all of the required documents (the "Request for Personal Information Disclosure, etc." form and a document confirming your identity) and the stamps, we will follow the procedure to fulfill the request for disclosure, etc.
  5. (5) As a general rule, the method used by the Company to reply to requests for disclosure, etc. is either to reply in writing or provide data in line with the request made by the individual. Further, please note that persons wishing provision of data may be charged an additional fee that is separate from the handling charge stated in (4) depending on the storage method (the type of data storage medium, etc.).
  6. (6) The personal information acquired in regard to the request for disclosure, etc. is handled only within the range necessary to process the request for disclosure, etc. The documents you submit in connection with the request are stored for a period of one year and then disposed of. Please note that the Company cannot return the documents you submit.
  7. (7) All of the cases stipulated below are reasons for nondisclosure of personal information and in such cases the Company will not disclose the personal information requested. If the Company decides not to disclose the requested personal information, we will inform you of the reasons for the decision.
    • When the address on the application, the address on the document confirming the individual's identity, and the address registered with the Company do not match, or for some other reason that the individual's identity cannot be confirmed
    • When the right of representation of the individual's representative making the request cannot be confirmed
    • When the prescribed documents are incomplete
    • When the information requested for disclosure, etc. does not correspond to personal data retained by the Company
    • When provision of the personal information is likely to harm the life, body, assets, or other rights and interests of the individual or a third party
    • When provision of the personal information would violate stipulations of other laws and regulations

12. Contact Point for Receiving Requests for Disclosure, etc. and Registering Complaints

Please direct requests for disclosure, etc. and register complaints in regard to the Company's handling of personal information by e-mail or telephone to the contact below.

[Contact]
DISCO Inc. Personal Information Help Desk
Iidabashi First Building 9F
2-5-1 Koraku, Bunkyo-ku, Tokyo 112-0004
TEL: 0120-77-5078 (weekdays 10:00-12:00, 13:00-17:00)
E-Mail: privacy-madoguchi@disc.co.jp

[Personal Information Protection Manager]
Kazuyuki Shinozaki, Personal Information Protection Manager
DISCO Inc.

[Name of accredited personal information protection organization]
JIPDEC

[Contact for resolution of complaints]
Personal Information Protection Complaints and Inquiries Office
JIPDEC
Address: 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
Toll-free numbers: 0120-700-779, 0120-116-213

13. Global Privacy Policy (GDPR, CCPA, etc.)

Access the link below to view the Company's global privacy policy.
DISCO Inc. Global Privacy Policy

Revised April 1, 2022