Fine Today Industries Co., Ltd. Privacy Policy
- Fine Today Industries Co., Ltd. (the "Company") believes that the protection of all personal information in its possession is its social responsibility and that fulfilling this responsibility is indispensable for the realization of its corporate mission, and will handle personal information in accordance with the following:
- Principle of Acquisition
- The Company will acquire the minimum amount of personal information within the scope necessary for
achievement of the purpose of use. Methods of acquisition can be divided into the following two types, and
in both cases the Company will acquire personal information, in principle, after the Company has acquired
the consent of the principal with respect to acquisition of personal information by the Company.
・ Direct acquisition of personal information from the principal: in principle, the Company will acquire the personal information after the Company obtained the consent of the principal to the provision of personal information.
・ Acquisition of personal information from a third party: the Company will acquire personal information from the relevant third party after confirming the fact that the principal has agreed to the provision of personal information to another company different from a third party to which the principal provided the personal information.
Registry or provision of the principle's personal information is voluntary, however, if the principal does not register or provide each of the required items, there is a possibility that the principal may not receive the respective individual services, etc.
Although the Company will not, in principle, acquire sensitive information that may cause inappropriate discrimination or prejudice about the principal, or any other disadvantage for the principal; however, the Company may acquire the following sensitive information with the consent of the principal and only in the case where a justifiable reason within the scope of the purpose as stated in the "Purpose of Use of Personal Information" is recognized.
<Examples of sensitive information>
・ Matters concerning political views, thoughts, beliefs, and religion
・ Matters concerning race, ethnicity, family origin, physical/mental disability, criminal record, and other matters that may cause social discrimination
・ Matters concerning the right of workers to organize, collective bargaining, and to act collectively
・ Matters concerning participation in collective demonstrations, exercise of petition rights, and exercise of other political rights
・ Matters relating to health, medical care, or sex life
From the principal of the information, the Company may acquire information related to the individual, which by itself, do not fall under personal information, including attribute information (age, gender, area of residence, etc.) and log information related to Internet use (terminal identifiers such as IP address, MAC address, SSID, Cookies, RDID, etc., and web beacons, etc.) and store and use it.
In addition, the Company may receive information related to individuals that are provided by subcontractors and partners such as DMP business operators, other advertising companies, research and analysis companies, media companies, and database management companies, and store and use this.
Although this information by itself may be incapable of identifying a specific individual, the Company may handle it as data capable of identifying a specific individual by linking such information with other information in the possession of the Company with the consent of the principal.
- Purpose of Use of Personal Information
- When the Company acquires personal information, in principle, the Company will clearly indicate the purpose
of use each time by means of writing, website, or verbal explanations.
When the purpose of use of the personal information to be acquired is obvious, such as in the case of requesting contact information as a result of inquiries or requests, etc., from the principal, or in the case of customary exchange of business cards in business, indication of the purpose of use may be omitted. Even in such cases, the acquired personal information will be used within the scope of the purpose of use indicated to the principal.
| Content of personal information | Purpose of use | |
|---|---|---|
| Personal information on the person that made inquiries, consultations, etc. |
- To respond appropriately to inquiries and consultations from the principal - To request for cooperation in questionnaires on degrees of satisfaction regarding the response to the consultations stated above, etc. |
|
| Personal information handled on each service |
- To operate, maintain, and improve the quality of services, and to respond to inquiries
regarding services *For detailed purposes of use of personal information on each service, please check the terms of use for each service or equivalent documents. |
|
| Personal information handled in research and development |
- For planning, development, advertising, introductions, marketing, etc., of products and
services related to beauty and health - For publication in research and papers, presentations at academic conferences, and other academic and research purposes - For publication in training materials and other uses in various training programs - For publication in company brochures, business reports, company history materials and other public relations activities |
|
| Personal information related to business partners | - To conduct business negotiations and related communications | |
| Information on prospective employees (including prospective unofficially determined employees, unofficially determined employees and interns) |
- To provide information to and for contacting prospective employees, including interns - For recruitment screening - For managing unofficially determined employees - For consideration of assignments after formal entry into the company |
|
| Employee information | - For employee management | |
| Retiree information | - To provide information to retirees and to pay retirement allowances and pensions | |
| Information of "applicants for disclosure, etc. regarding personal information, and complaints and consultations, etc.," | - To respond to requests for disclosure, etc. of personal information (disclosure of purpose of use, disclosure, correction, addition or deletion, suspension of use, erasure, and suspension of provision to third parties of personal information subject to disclosure) | |
| Information of applicants for other recruitment activities |
- To manage, maintain, develop, and improve other recruitment activities, and to respond to
inquiries regarding recruitment activities *For detailed purposes of use of personal information in each activity, please check the terms of use for each service or equivalent documents. |
|
In addition, the Company will also acquire and use personal information for business in the Group companies related to the above-mentioned matters.
- Provision of Personal Information, etc., to Third Parties
- When providing personal information to a third party (a company other than the company that acquired it),
the Company will obtain prior consent regarding the provision of personal information to third parties,
unless otherwise required by law.
However, even if personal information is provided to a company other than the company that acquired it, in the following cases, the Company may not obtain prior consent regarding the provision because such company is not considered a third party as it is regarded as being substantially the same entity as the company that acquired the personal information.
・ When entrusting all or part of the handling of personal information to an external company, etc.
・ When personal information is provided due to company mergers, business succession, etc.
・ When personal information is jointly used by two or more companies, etc., in order to achieve the purpose of use.
In addition, the Company may handle information related to individuals. When information related to an individual is provided to a third party, the provided information related to the individual may be handled as personal information by the relevant third party, by linking such information with other data in the possession of the relevant third party. If such handling is anticipated, the Company will provide the information to the third party after confirming that the principal concerned to the provision has consented to such provision.
- Provision of Personal Information to Third Parties in Foreign Countries
- The Company may provide personal information in its possession to a third party in a foreign country by any
of the following methods.
1. Provision based on the consent of the principal (for specific information, please check here)
2. Provision of personal information to third parties in EU/EEA member countries and the UK, which are recognized in the Enforcement Rules for the Act on the Protection of Personal Information (Rules of the Personal Information Protection Commission No. 3 of 2016) as having a system for personal information protection equivalent to that of Japan.
3. Provision to parties that are considered to be able to ensure that they are taking measures on an ongoing basis to handle personal information as required by the Act on the Protection of Personal Information in Japan
Example of 3:
・ When entrusting the handling of personal information to a business operator located in a foreign country, and when it is clearly stated in the contract, etc., that the operator will take the measures required by the Act on the Protection of Personal Information in Japan.
・ Provision to an overseas company within the FineToday Group that follows the privacy management rules established within the Group.
- Joint Use of Personal Information
- The Company may jointly use the acquired personal information with other companies in accordance with
procedures permitted by the laws and regulations. When the Company shares personal information with other
companies, the Company will announce the following matters.
・ Intent to use jointly
・ Items of personal information to be used jointly
・ Scope of joint users
・ Purpose of use by joint users
・ The name and address of the party responsible for the management of the jointly used personal information, and the name of the representative in the case of a corporation
- Deletion of Personal Information
- In the use of personal information, when the items described in "Purpose of Use of Personal Information" is achieved and the Company determines that there is no longer the need to retain the personal information, the Company will endeavor to delete the personal information without delay. If possible, the retention period of personal data will be stated in individual terms of service, etc. In addition, if the Company receives a request for deletion of personal information from a principal, the Company will delete the personal information unless there is a special reason not to do so.
- When Consent Is Obtained From a Person Other Than the Principal
- When the principal is considered to have insufficient ability to judge the consequences of consenting to the handling of personal information, the Company may obtain the consent from a representative of the principal, or obtain consent from a person other than the principal in addition to the consent of the principal.
- Ensuring Security of Personal Information
- In order to ensure the security (confidentiality, integrity, availability) of personal information, the
Company will establish and maintain a personal information protection management system and personal
information handling procedures, and will appropriately protect, manage, and use personal information.
・ Confidentiality: to manage personal information so that only authorized persons can access it.
・ Integrity: to manage personal information so that it is not altered or damaged.
・ Availability: to manage the information so that it will be available for use when personal information needs to be handled.
The personal information protection management system consists of taking security control measures from organizational, personnel, physical and technical aspects. An overview is provided below.
<Organizational Security Control Measures>
The Company designates the Chief Information Security Officer ("CISO") as the chief officer of the personal information protection, and develops and maintains a system for the protection of personal information under the direction of the officer.
In the handling of personal information, the person in charge of each division shall be the information management officer (or the person in charge of the organization of an organization not belonging to a headquarters), and under the direction of the information management officer, personnel in charge of handling personal information shall be limited, and appropriate protection, management, and use shall be carried out.
The information management officer is obligated to conduct regular inspections regarding the management and operation of personal information. If an inappropriate handling of personal information is founded through inspection, the information management officer will identify the cause, implement corrective measures, formulate measures to prevent recurrence, and inform employees and others.
<Personnel Security Control Measures>
In order for its employees to handle personal information appropriately, the Company will regularly conduct education and training for all of those engaged in work related to the handling of personal information.
<Physical Security Control Measures>
In order to restrict entry to and exit from facilities and areas, etc., where the Company handles important information assets, including personal information, and stores the media on which such assets are stored, etc. ("security areas"), the Company will guard at the entrance and exit of the security areas, and take measures to prevent persons other than those authorized from entering and exiting the security areas by authenticating those who enter and exit. In addition, the Company prepares an entry and exit log for facilities, etc., so that it is possible to check actual entries and exits after the fact.
<Technical Security Control Measures>
When handling personal information through a system, the construction, management, operation, and security measures, etc., of the system shall be carried out in accordance with the regulations regarding the handling of information systems. The system will be equipped with authentication and authorization functions so that specified personnel can only perform the specified operations, and the handling status will be monitored to ensure that there are no problems.
<Understanding of the External Environment>
When handling personal information in a foreign country, the Company will take security control measures after understanding the system regarding the protection of personal information in the relevant country. For specific information, please check the Exhibit.
- Entrusting Personal Information Handling Operations
- When personal information in the possession of the Company need to be placed with a subcontractor due to entrusting of work that involves the handling of personal information, the Company will carefully select a reliable subcontractor and enter into a contract that obliges the subcontractor to manage the information appropriately as specified by the Company. In addition, in order to confirm that the subcontractor is handling personal information appropriately in accordance with the contract, the Company will receive reports on the handling status from the contractor on a regular basis, and if there is a problem, the Company will expressly indicate that improvement measures are to be taken as needed.
- When Handling Pseudonymous Processed Information
- The Company may handle pseudonymously processed information after appropriately processing the personal
information in the possession of the Company in accordance with the laws and regulations. When using
personal information as pseudonymousy processed information for purposes other than those stated in "Purpose
of Use of Personal Information," the following matters will be announced.
・ Contents of pseudonymous processed information to be created
・ Purpose of use of pseudonymous processed information
- When Handling Anonymously Processed Information
-
The Company may create anonymously processed information by appropriately processing the acquired personal
information in accordance with the procedures permitted by the laws and regulations so that a specific
individual cannot be identified and the personal information used for its creation cannot be recreated, and
provide it to third parties.
When creating or providing anonymously processed information, the Company will announce the following matters.
・ Security control measures, etc. for anonymously processed information
・ Items of personal information included in the anonymously processed information to be created
・ Items of personal information included in anonymously processed information to be provided to third parties and methods of providing such information
・ Methods to make inquiries regarding anonymously processed information
- Matters Concerning Procedures for Responding to Requests for Disclosure, etc.
- Regarding personal information described in "Purpose of Use of Personal Information," the Company will respond to requests for notification of the purpose of use, disclosure, correction, addition or deletion, suspension of use, erasure, suspension of use of provision to third parties and disclosure of records related to provision to third parties or receipt of personal information therefrom ("disclosure, etc."). For disclosure requests, please contact the Company through the contact information given in "Inquiries Regarding Personal Information" below. Please refer to the terms of use for each individual service, etc., for information on where to make a request for disclosure, etc., how to make a request, and what can be addressed. Please note that in some cases where the principal's direct visit to the Company's store is necessary, etc., the Company may not be able to accept such requests.
- Inquiries Regarding Personal Information
- The Company will promptly respond to requests regarding the handling of personal information. When
necessary, please contact us via the following contact information.
Customer Center, Fine Today Industries Co., Ltd.
5 Kiyoku-cho, Kuki-shi, Saitama 346-0035
0480-23-1101
9:00 am- 4:50 pm (except for Saturdays, Sundays, and holidays)
<Caution>
We cannot accept requests via direct visits to our office, thank you for your understanding.
We record inquiries to our toll-free number for improvement of our response services, we ask for your understanding and cooperation in advance.
| Name | Fine Today Industries Co., Ltd. |
| Address | 5 Kiyoku-cho, Kuki-shi, Saitama 346-0035 |
| Representative | Hiroto Morozumi, Representative Director and CEO |
- Amendment of Privacy Policy
- The Company will amend this Privacy Policy as necessary. However, in the event that this Privacy Policy
needs to be amended in a manner that requires the consent of the principal under the laws and regulations,
the amended Privacy Policy shall apply only to the person who consents to the amendment in the manner
prescribed by the Company. In addition, when amending this Privacy Policy, the Company will notify users of
the effective time and content of the amended Privacy Policy through indication on its website or by other
appropriate means, or notify the principal.
This Privacy Policy shall be governed by and construed in accordance with the laws of Japan.
This Privacy Policy may be revised. Please confirm the latest revision date.
Latest revision date: April 1, 2023