Personal Information Protection Policy
Photocreate Co., Ltd. (the “Company”) handles personal information of its customers (the “Service Users”) that use the services operated by the Company (the “Services”).
The Company will promote the protection of personal information centered on the safety management of the Service Users’ personal information. The Company will also take appropriate measures to protect the personal information of the applicants for job openings at the Company, registered camera operators, shareholders, and other persons who entrust the Company with their personal information (together with the Service Users, hereinafter collectively referred to as the “Subject Person”).
1. Scope of Application
The personal information which falls within the scope of application of this Personal Information Protection Policy (this “Protection Policy”) shall be the information as defined in Article 2, Paragraph 1 of the Act on the Protection of Personal Information (Act No. 57, May 30, 2003); provided, however, that any personal information which has been registered in websites, etc., that are not managed by the Company shall not fall within the scope of application of this Personal Information Protection Policy.
2. Compliance with Laws and Regulations, Principles Established by the National Government, and Other Rules Related to the Protection of Personal Information
The Company will comply with the Act on the Protection of Personal Information, the principles and guidelines set forth by the Personal Information Protection Committee, and other laws, ordinances, and regulations related to the protection of personal information (collectively, the “Related Laws and Regulations”).
3. Appropriate Acquisition of Personal Information
In the event that the Company obtains personal information directly from a Subject Person, the Company will expressly provide such Subject Person with the necessary information such as the purposes of use, etc., of the personal information, and shall only acquire the same after the Subject Person has given consent. In the event that the Company obtains personal information indirectly through a third party, the Company will confirm that the provider of such information has appropriately acquired such information from the Subject Person, and will post the necessary information, such as the purposes of use, etc., of the personal information on the website for the Services.
4. Appropriate Use and Third-Party Provision of Personal Information
The Company shall limit the use of the personal information to within the scope of the purposes of use which are to be notified or published in advance. Please see the separately prescribed “Published Matters in Connection with Personal Information” for details of the purposes of use. As a general rule, the Company will not provide any third parties with personal information without obtaining the consent of the Subject Person, except for provisions incidental to the entrustment of business; provided, however, that the following cases shall be excluded:
- When it is necessary for the protection of the life, limb or property of a person, and it is difficult to obtain the consent of the Subject Person;
- When it is particularly necessary for the improvement of public health or for fostering the sound development of children, and it is difficult to obtain the consent of the Subject Person;
- When it is necessary to cooperate with a government agency, a local government, or a contractor thereof, in order for them to carry out the operations prescribed by the laws and regulations, and obtaining the consent of the Subject Person may obstruct the carrying out of such operations;
- When the Company must disclose personal information pursuant to any warrants issued by a court, any other decisions or any orders made by a court, or any laws or regulations;
- When the Company receives any information queries through lawful and appropriate procedures from the public prosecutor’s office, the police or any supervisory authority; or
- Otherwise, when the Company discloses personal information pursuant to the provisions of the Related Laws and Regulations.
5. Posting of Photographs on Websites
6. Prevention/Correction of Divulgence, Loss or Damage of Personal Information
The Company has implemented the safety management measures stated below in order to prevent the divulgence, loss or damage of personal information through unauthorized access, etc.; provided, however, that the Company will promptly take corrective measures in the case that any inadequacies in safety management are detected.
- Personal information is stored in an information system with measures against unauthorized access, and the access log thereof will be obtained and monitored.
- Paper and electronic media on which personal information is included or recorded are stored in a locked space.
- Physical safety management measures are taken to prevent unauthorized entrance to the offices and server rooms.
- The Company regularly confirms, with the contractors to whom the processing and storing of personal information is entrusted, that such contractor is appropriately implementing the protection of personal information, and the Company shall supervise such contractor as necessary.
The Company will not be involved in the management of the IDs and passwords of the Service Users, and we ask the Service Users to be responsible for the use and management of the IDs and passwords in using the Services and to pay adequate attention when using the Services to prevent any mistakes in usage and any unauthorized use by third parties.
8. Continuous Improvement of the Management System for the Protection of Personal Information
The Company will continue to make efforts to improve the management system for the protection of personal information, in line with the progress of information security technology and amendments to the Related Laws and Regulations.
9. Inquiries Related to Personal Information
In the event that the Company receives an inquiry related to personal information, it will respond thereto in accordance with the standards set forth by the Company, after confirming that the person making the inquiry is the Subject Person.
Personal Information Protection Office
Person in Charge of the Protection and Management of Personal Information: Keiji Nishio
10. Amendment to this Protection Policy
The Company may amend this Protection Policy as needed, at the Company’s discretion, taking into account any amendments to the Related Laws and Regulations, and the revised version will be applied retroactively. Any amendments hereto will be announced on this webpage.
11. Governing Law and Court with Jurisdiction
This Protection Policy shall be governed by the laws of Japan. The court with exclusive agreed jurisdiction in the first instance shall be the Tokyo Summary Court or the Tokyo District Court, depending on the amount claimed.
Effectuated on October 1, 2005
Amended on July 13, 2009
Amended on November 25, 2009
Amended on March 12, 2010
Amended on July 14, 2010
Amended on July 15, 2011
Amended on January 15, 2016
Amended on October 16, 2019
Photocreate Co., Ltd.
Representative Director, Meg Yoshida