Privacy Policy

Chapter 1: Personal Information Protection Policy

As a member of the information service industry, ID Holdings Corporation, DX CONSULTING CO., LTD., K.K. PURAIDO, ID AI Factory CO., LTD., AI FACTORY CO., LTD., INFORMATION DEVELOPMENT Wuhan CO., LTD. (ID Wuhan), INFORMATION DEVELOPMENT SINGAPORE PTE. LTD. (ID Singapore), INFORMATION DEVELOPMENT AMERICA INC. (ID America), and IDM INFORMATION DEVELOPMENT MYANMAR CO., LTD. (ID Myanmar) (hereinafter it is called “ID Group”) works to contribute to the healthy development of an advanced information-oriented society, to recognize our social responsibility in taking suitable measures to protect personal information, and to bring all of our employees together as a single unit for the sufficient protection of personal information.

1. The acquisition of personal information shall be performed using legitimate and fair means, upon clarifying the purpose of use, while the use and provision of this information shall be done within the scope of purpose. If we ever use or provide personal information in a manner beyond this scope, we will obtain the subject individual’s consent prior to doing so.
However, when dealing with specific personal information, we shall only use or prescribe that which is prescribed in the Basic Resident Registration Act, Article 19, regardless of whether or not consent is obtained from the subject individual.

2. Executives and all employees (including contractors, part time employees, temporary workers, and outsourced workers) shall comply with the laws and ordinances, government prescribed policies, and other criteria related to personal information.

3. All behavioral criteria and operation standards needed to protect personal information shall be integrated into company regulations
(via the personal information protection management system) and be complied with.

4. We shall do our utmost to always take the best possible security control measures to prevent personal information risks, such as leakage, destruction, or damage of personal information. Moreover, if any deficiencies are discovered, we shall revise them as needed.

5. A help desk is available to provide appropriate response to any complaints or queries concerning the handling of personal information the subject individual may have.

6. In order to maintain adequate protection of personal information, we shall work to continually improve upon our personal information protection management system through in-house oversight, management environment, etc.

※Please contact us in Chapter 7 for the Personal Information Protection Policy.

Enacted on April 1, 2003
Latest Revision: April 1, 2024

Masaki Funakoshi
President, Representative Director and Group CEO
ID Holdings Corporation

Chapter 2: Handling of Personal Information by Our Company

1. Purpose of use for personal information

We collect and use personal information solely to the extent required to achieve the following purposes. If we ever use personal information in a manner beyond the following scope, we will obtain the subject individual’s consent before doing so.

[Consulting / Software development / System management / Cloud・Security / BPO business]
(1)Communications required for contract-based business.
(2)Various information and questionnaire surveys regarding exhibitions and seminars in which we participate in.
(3)Notifications and questionnaires regarding our products and services.
(4)Response to various queries and comments.
(5)Implementation of information processing services, etc. based on the consignment contract with the consignor.

[Management of shares]
(6)Exercise of voting rights and fulfillment of duties under the Companies Act
(7)Provision of various benefits
(8)Implementation of various shareholder measures
(9)Shareholder management

[Employee Management]
(10)HR management (including human resource evaluations and management of labor, salaries and other remuneration, and health, as well as welfare benefits usage)
(11)Personnel management (certification management, personnel training, placement and transfer, skill evaluations, and management of education and training)
(12)Consigned operations (providing resumes and documentation for supervisors and co-planning personnel)
(13)Correspondence with government organizations and industry groups (reporting to dispatcher supervisors, health supervisors, submitting agreements, tabulating various statistics)
(14)Safety management (making photo IDs for entry and management of entry and exit (including monitoring information and video) and access management)
(15)Advertising activities (posting photos, video, and audio to the company homepage, group bulletins, etc.)
(16)Handling complaints, litigation, etc.

[Recruitment Activities]
(17)Confirmation of applicants related to recruitment activities
(18)Notifications for interview examinations, explanatory sessions, seminars, and events
(19)Notifications for employment examination results
(20)Hiring procedures and management related to preparations for joining the company (salary, tax, and insurance operations)
(21)Information provision using social media (providing stamps, sending and receiving data such as resumes and work experience documentation)

[EC site for Group Company employees]
(22)Confirmation and inquiry of order
(23)Confirmation and inquiry of product shipping
(24)Reply to inquiries
(25)Guidance by postal items, e-mail and etc.
(26)Handling related to investigation, detection, prevention, and notifications for fraudulent activity
The above corresponds to the purpose of use of retained personal data except for (5).

2. Provision of Personal Information to Third Parties (including those in other countries)

We will not disclose any personal information to third parties, except in the following cases.

(1)When the subject individual’s consent has been obtained.
(2)When required by law.
(3)When required to protect the life, body, or property of an individual while it is difficult to obtain the individual’s consent.
(4)When required to improve public health or promote sound childrearing while difficult to obtain the subject individual’s consent.
(5)When required to cooperate with a government institution, local public entity, or designated individual or entity for executing administrative tasks prescribed by law or ordinance, and there is a risk that obtaining the subject individual’s consent would interfere with the execution of those tasks.

3. Shared Use of Personal Information

We may carry out shared usage of personal information acquired in the course of its business and sales activities in some cases. The items used, scope of usage, and other details are as follows.

(1)Content of personal information for shared usage
   Personal information acquired from customers which is essential for achieving the usage purpose: Name, company name, address (for individuals), department name, job title, phone number, fax number, email address, provided documents, participating event or seminar, etc., questionnaire survey results, personal information contained in sales information
(2)Scope of third parties for shared usage
   The following ID Group companies (excluding overseas branches):
    ・ID Holdings Corporation
    ・ID AI Factory CO., LTD.
(3)Usage purposes
   Identical to the purposes listed in Chapter 2 1. (1) through (5) above.
(4)Party responsible for management of shared usage personal information
   Chief Information Officer of each of the companies listed in (2) above.
(5)Acquisition methods
   Acquired by the companies listed in (2) above through business card exchange, online contact form input, contracts, emails, faxes, questionnaire surveys, oral communication (such as phone calls), or other written means

4. Entrusting another entity to handle personal information

In some cases, we may entrust the handling of some or all of an individual’s acquired personal information within the scope of stated purpose of use.
In such a case, the selected entity must fulfill our consignee selection standards, and we shall perform necessary and appropriate oversight of selected consignee.
In addition, employee personal information may be consigned to our Group Company, INFORMATION DEVELOPMENT Wuhan CO., LTD. (ID Wuhan). In order to ensure a system compliant with Japan’s Act on the Protection of Personal Information is in place at ID Wuhan, in addition to maintaining the standards for protection of personal information used by the ID Group within Japan, we have also acquired an ISO/IEC27001 (ISMS) certification and are carrying out measures for maintaining this certification and carrying out appropriate security management.

5. Security Control Measures for Personal Information

We shall safely and appropriately manage personal information in accordance with each risk to prevent leakage, destruction, or damage of that information. Moreover, we shall carry out the necessary and suitable oversight of employees and contractors that handle personal information.

  • Formulation of basic policy
    To ensure proper handling of personal data, we have established a basic policy based on principles such as compliance with related laws, ordinances, and guidelines and establishment of help desks for handling questions and complaints.
  • Establishment of regulations for the handling of personal data
    We have established regulations for the handling of personal data for handling methods, supervisors, employees in charge, and work operations themselves for each stage in processes such as acquisition, usage, storage, provision, deletion, and disposal.
  • Organization-wide safety management measures
    In addition to establishing a supervisor for personal data handling, we have clarified which employees handle personal data and the scope within which the applicable employees handle this data. If a violation of the law or our handling regulations is found or suspected, a reporting framework is in place for contacting the supervisor.
    We also implement a regular self-assessment for personal data handling conditions, as well as auditing by other positions and outside individuals.
  • Personnel security control measures
    We hold regular training sessions for employees regarding point for consideration related to the handling of personal data.
    Confidentiality requirements related to personal data are listed in the work regulations.
  • Physical security management measures
    In areas where personal data is handled, there are restrictions in place for managing the entry and exit of employees as well as the equipment brought into these areas, and measures are also implemented to prevent browsing of personal data by individuals without sufficient authority.
    In addition to measures for the prevention of theft, loss, or damage to devices, electronic media, and documentation used for personal data, there is a system in place which prevent easy identification of personal data when carrying the applicable equipment and electronic media, including movement within the office.
  • Technical security management measures
    By implementing access controls, we restrict the scope of employees who can access the personal information database as well as the scope within which they can access it.
    A framework is in place for preventing fraudulent access to the personal data handling information system from outside the company as well as protecting it from malicious software.
  • Understanding the external environment
    In cases such as when information including personal data is consigned to overseas cloud service businesses, we implement safety management measures with an understanding of the personal information protection system in the foreign country where the personal data is being consigned.
    Details of the specific safety management measures used are available upon request from applicable individuals.
Personal data relocation sites: People's Republic of China, United States of America

6. Creation and provision of anonymous and kana processed information

We do not create or provide anonymized personal information or pseudonymized personal information.

7. Voluntariness and results of providing personal information

Personal information is provided to us at the discretion of the subject individual. However, if we are unable to receive a portion of or all of the required personal information, we may not be able to provide it in an appropriate manner for the stated purpose of use.

8. Dealing with requests to disclose, revise, or delete personal information

At the request of the subject individual, we shall provide notification, disclosure, revision, etc. of the individual’s retained personal data, as well as suspension of use, halting of provision to a third party, etc. (hereinafter “Disclosure, etc.”) upon request. The procedures involved are covered in Chapter 6.

9. Personal information protection manager and inquiry window

Please see Chapter 7 for details of the personal information protection manager (Chief Information Officer) and the contact point for inquiries.

Chapter 3: Handling of Specific Personal Information by Our Company

1. Purpose of use for specific personal information

When we acquire specific personal information, we will use it for the following purposes.

Office activities (including those to the right) involving the personal numbers of executives and employees (including dependents) Office activities related to tax withholding, etc.
Creation of applications for tax exemptions and deductions (changes), return forms for insurance premium deductions, or applications for special spousal deductions for salaried employees, etc. Creation of special spousal deduction reports, etc.
Creation of salary payment reports, etc.
Creation of salaried worker change forms related to the special collection of salary payment reports, etc.
Creation of transition applications, etc. for special collection
Creation of retirement income related reports, etc.
Creation of reports, forms, applications, etc. for property accumulation and savings for house construction, or property accumulation and savings for retirement
Creation of reports for health insurance, welfare pension, corporate pension, etc.
Notification, etc. for third grade of the national pension
Application for health insurance, welfare pension, corporate pension, etc.
Notification, application, etc. for employment insurance
Provided to create a record of payment for members of the employee shareholding association
Office activities (including those to the right) involving the personal numbers of individuals other than executives and employees Creation of payment records for remunerations, fees, etc.
Creation of payment records for real estate usage fees, etc.

2. Scope of use for specific personal information

When handling personal numbers, our scope of use for these numbers and the specific personal information that is managed in relation to these numbers is as follows.
(1)The personal numbers of executives, employees, and their dependents, as well as information managed with those numbers, such as name, date of birth, gender, address, phone number, and employee number.
(2)The personal numbers of individuals other than executives and employees, including the information managed together with those numbers such as name, date of birth, gender, address, and phone number, to be used for personal number related activities.

3. Provision of specific personal information to a third party

Specific personal information will not be provided to a third party, regardless of whether or not consent is obtained from the subject individual, excluding information as prescribed in the Basic Resident Registration Act, Article 19.

Chapter 4: Use of Cookies on Websites

1. About Cookies

Our website uses a technology called “cookies” on some of its pages.
“Cookies” make it more convenient for those who have visited the website once to visit again, by sending data to the user’s browser for reference. However, no personal information is gathered when using cookies. You can also turn off the “cookies” function by going into browser settings.

2. Usage of Google analytics

On the ID Group website, we use Google analytics to maintain an understanding of usage conditions. Google analytics uses Cookies for data acquisition, collecting access information for the ID Group website. However, these analysis results cannot be used to identify individuals. For more information about the handling of data for Google analytics, please see the Google Analytics Terms of Service and Google’s Privacy Policy.

Chapter 5: SSL

Our website includes SSL (secure socket layer) encryption technology, so that all users can enter their personal information safely and securely. SSL encryption technology prevents leakage of information communicated between the browser and web server. Using SSL improves website security by encrypting all personal information before it is sent.

Chapter 6: Procedures dealing with requests for disclosure, etc.

Requests for notification of purpose of use, disclosure, correction, addition, or deletion of content, suspension of use or elimination, suspension of provision to a third party, and disclosure of records of provision to a third party (hereinafter “disclosure, etc.”) by the individual or a representative of the individual of personal information in our possession that corresponds to retained personal data will be handled based on the following procedures, etc.

1. Retained personal data for disclosure, etc.

Disclosure etc. of personal information is only done with personal information that is retained by our company (referred “retained personal data”), which we are authorized to disclose.
In addition, when the EC site in the group company is registered as a user, you can correct your personal information from that site.

2. A form should be submitted to request disclosure, etc. in writing, with other forms of request available as well

Please use the “Application form for the disclosure of personal information” to request in writing.

3. How to confirm that the requester for disclosure, etc. is the actual individual or a representative

We need to see a driver license, passport, or other official document to confirm that the subject individual or a representative is making the request, so please enclose a copy together with the “Application form for the disclosure of personal information” mentioned above before sending. Moreover, when a representative is making the request, a letter of attorney showing proof of representation is required (for a guardian to indicate he or she is the legal representative for a minor, a copy of a family register or resident card establishing proof of relationship, with the names of both the individual and representative on it, must be submitted).

4. Fees, etc.

For purpose of use notification or content disclosure requests, a fee of ¥1,000 must be paid to cover shipping and other actual costs. Please enclose a ¥1,000 postage stamp together with the application. If the fee money is insufficient, or is not included with the application, you will be contacted. If payment is not made within the allowed period, the disclosure request will not be recognized.

5. Other important points related to requests, etc. for disclosure, etc.

Responses will be issued to the individual (or to a representative in the case of a representative) in writing (including electromagnetic means) after confirming the identity of the individual or the representative.
Please be aware that disclosure, etc. of all or a portion of the applicable personal information for requests, etc. for disclosure, etc. cannot be carried out in some cases. If the decision not to disclose as requested is made, we will issue a notification to that effect including the reason for the decision.
In addition, payment of the prescribed fees will still be required in the case of non-disclosure.

Chapter 7: How to Contact Us

If you have any complaints or queries regarding this privacy policy, or wish to request disclosure, revision, or deletion of information as described in Chapter 2 and Chapter 6, please contact us using the information provided below.

Bancho Kaikan Building 12-1 Gobancho, Chiyoda-ku, Tokyo, Japan 102-0076
ID Holdings Corporation
Information Security Help Desk
Business Operations Department. (Phone: +81-3-3262-5298)

Enacted on September 27, 2007
Latest Revision: July 1, 2024
Junichi Aoi
Senior Corporate Officer
(Chief Information Officer)
ID Holdings Corporation

This page is an English translation of our Privacy Policy and is provided solely for reference purposes.
In the event of any inconsistency between the Japanese and English versions, the Japanese version will govern.