Basic Policy on the Protection of Personal Information
Estech Co., Ltd. (hereinafter referred to as "the Company") hereby declares that, based on the Act on the Protection of Personal Information and the Guidelines for the Economic and Industrial Sectors regarding the Act on the Protection of Personal Information, it establishes this "Basic Policy on the Protection of Personal Information" and will strive for the appropriate management and protection of personal information.
Unless otherwise specified, "personal information" includes specific personal information.
1. Handling of Personal Information
(1) Purpose of Use
The Company acquires personal information by fair and appropriate means and uses it within the scope of the purposes of use shown in [Table 1] and [Table 2].
For types of personal information other than those shown in [Table 1] and [Table 2], the Company will use them after notifying or publicly announcing the purpose of use, or after obtaining the individual's prior consent.
However, the acquisition and use of specific personal information is limited to cases explicitly specified in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures, regardless of whether the individual has given consent.
(2) Management of Contractors
As shown in [Table 1], the Company does not outsource ordinary operations related to personal information to external providers. However, if outsourcing becomes necessary for any reason, the Company will treat contractor management as a top priority, select a provider deemed to have a sufficient level of personal information protection, and clearly define the necessary obligations in contracts or similar agreements.
The Company will require contractors to handle personal information appropriately and will continuously conduct the supervision and audits necessary for security management.
(3) Provision to Third Parties
The Company will not disclose or provide personal information to any third party, except when entrusting it to an outsourced contractor or in any of the cases below.
-
When the individual has given consent. However, the provision of specific personal information is limited to cases explicitly specified in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures, regardless of consent.
-
When necessary to protect a person's life, body, or property and it is difficult to obtain the individual's consent.
-
When disclosure or provision is required under laws and regulations.
(4) Joint Use
The Company may jointly use personal information in activities such as seminars co-hosted with group companies or business partners. In such cases, the Company will clarify in advance the purpose of use, data items, scope of users, and the party responsible for management, and will notify or publicly announce them.
The Company also shares health checkup results with the health insurance society it belongs to and provides health guidance and recommendations to visit medical institutions.
In cases of joint use, the Company ensures thorough security management of personal information among joint users.
(5) Disclosure and Inquiries
For the personal information obtained directly by the Company shown in [Table 1], please contact the relevant service desk to which you provided your information or the head of the Business Administration Division regarding requests for disclosure of the source/method of acquisition or other inquiries. We will guide you on application procedures, fees, etc. When responding, we will confirm that the requester is the individual concerned or their authorized representative.
At present, the Company does not belong to any "authorized personal information protection organization."
Contact for inquiries regarding the handling of personal information
Estech Co., Ltd. Business Administration Division
- E-mail g-pa@group.estech.co.jp
- TEL045-661-1661
- FAX045-661-1664
Please note that we may be unable to comply with requests for disclosure, etc. regarding personal information we hold under applicable laws and regulations.
2. Compliance with Laws and Regulations
The Company strictly complies with applicable laws and regulations, contracts, and other norms related to the protection of personal information.
3. Security Control Measures
The Company implements security control measures for personal information through establishing and improving internal frameworks, educating and raising awareness among employees, managing building entry, and implementing information security measures, and strives to prevent leakage or other incidents. Personal information that is no longer retained will be securely disposed of or deleted by appropriate methods.
4. Continuous Improvement
In light of customers' requests and changes in social conditions, the Company will continuously review and improve its personal information protection management system, including this policy, to maintain appropriate handling and protection standards.
[Table 1] Personal information obtained directly by the Company
(As of June 1, 2022)
| Type of Personal Information | Purpose of Use | Method of Acquisition | Outsourcing | Outsourced Work Details |
|---|---|---|---|---|
| Personal information of our customers and partners | Notices and communications related to proposals, services, seminars, surveys, and other activities | Obtained directly from the individual(business cards, email, etc.) | None | None |
| Personal information of visitors to our company | Contacting the person in charge and facility entry management | Obtained directly from the individual | None | None |
| Personal information of applicants seeking employment with our company | Operations and communications related to recruitment and selection; conducting surveys for future recruiting reference; personnel data after hiring | Obtained directly from the individual | None | None |
| Personal information of those who contact us with inquiries, etc. | Responding to inquiries, requests, complaints, etc. | Obtained directly from the individual(phone, email, fax, letters, etc.) | None | None |
| Personal information of our employees | Business operations and establishment of organizational systems for business promotion | Obtained directly from the individual | None | None |
| Specific personal information relating to our employees, etc. | Employment insurance filing Health insurance and employees’ pension insurance filing National pension Category III insured person filing Administrative work related to claims under the Industrial Accident Compensation Insurance Act Preparation of withholding slips for salary income, etc. Preparation of payment records for remuneration/fees, etc. |
Obtained directly from the individual | None | None |
[Table 2] Personal information obtained/provided through joint use
| Type of Personal Information | Purpose of Use | Method of Acquisition | Outsourcing | Outsourced Work Details |
|---|---|---|---|---|
| related to joint seminars and joint projects: Personal information of our customers and partners | Notices and communications related to proposals, services, seminars, surveys, and other activities | Obtained directly from the individualorinformation provided by joint partners(business cards, email, etc.) | None | None |
| Personal information related to our employees’ health checkups | Promotion of collaborative health initiatives | Obtained directly from the individualorinformation provided by the health insurance society | None | None |