Inabata & Co., Ltd. (hereinafter referred to as “Inabata”) properly manages personal information, which it has been provided, and handles the same in the following manner, in compliance with the Act on the Protection of Personal Information of Japan and its relevant laws and regulations.

  • 1.Purposes of personal information use

    Inabata will use personal information that it has collected for the following purposes.

    • (1) Personal information of business partners
      • Negotiation, communication, consultation, order placement and receipt, settlement, and other forms of processing, relating to transactions
      • Delivery and receipt of goods and services relating to transactions
      • Communication, notification and greetings made in accordance with social customs between business partners and Inabata
      • Invitation to trade shows, seminars, and other events, and notification to participants of those events
      • Exchange of information and communication with members of industry groups and organizations concerning Inabata’s business
    • (2) Personal information of shareholders
      • Exercise of rights and fulfillment of obligations pursuant to relevant laws and regulations
      • Provision of benefits on account of shareholder status and implementation of measures designed to facilitate relationships between such shareholders and Inabata
      • Management of shareholder information pursuant to relevant laws and regulations, including compilation of shareholder data
    • (3) Personal information of applicants for positions at Inabata
      • Provision and communication of information concerning recruitment (including that for internships) by Inabata, and screening and decision-making regarding whether or not to hire applicants
      • Provision of materials and communication for employment after job offers have been given unofficially
    • (4) Personal information of Inabata’s board members, staffs, resigned/retired staffs, and their families
      • Business communication and information exchange
      • Personnel management (job transfer, temporary or permanent employment transfer, training and competence development, personnel evaluation, and promotion or demotion)
      • Remuneration management (payment of salaries and bonuses, processing of attendance, severance/retirement allowances, and retirement pensions; asset-building savings; and compliance with laws and regulations on taxes and social welfare)
      • Compliance with the Industrial Safety and Health Act (regular medical examinations, comprehensive medical examinations [Ningen Dock], specific health checkups, etc.) and healthcare
      • Performance of procedures stipulated in labor laws and regulations, and internal rules and regulations
      • Communication and sharing with Inabata’s labor union, health insurance association, medical office, employee shareholding association, and group companies
      • Notifications and reports to public agencies and their affiliated organizations or organizations of which Inabata is a member
      • Provision of fringe benefit services, introduction of various types of group insurance, and performance of related procedures
      • Distribution of in-house newsletters and other materials
      • Communication during times of emergency
    • (5) Personal information of resigned/retired staffs and their families
      • Procedures and document preparation and storage stipulated in relevant laws and regulations
      • Communication after resignation/retirement
      • Response to inquiries made after resignation/retirement
  • 2.Entrustment of personal information

    In order to achieve the purposes in “1.” above, Inabata may entrust its outsourcing contractors with personal information under its management. In such cases, Inabata will select competent outsourcing contractors, define their obligations and responsibilities in a contract, and properly supervise them to ensure that personal information is safely managed.

  • 3.Joint use of personal information

    Inabata may, as necessary, jointly use personal information under its management as follows.

    Business partners Staffs
    Information for joint use Company name, position within organization, professional title, name, address, phone number, email address, etc.
    • ① Joint use for business communication
      Company name, position within organization, professional title, name, phone number, email address, etc.
    • ② Joint use for business operation
      In addition to items listed in ① above, items necessary for the ”Joint users' purposes of use" listed below, concerning information on personnel affairs, wage, family, as well as body and health. (*1)
    Scope of joint users Inabata and its group companies*2 Inabata and its group companies*2
    Inabata’s health insurance and employee shareholding associations, Tōyū-kai (association of Inabata’s former employees), companies with which temporary employment transfer agreements have been signed, Inabata’s labor union, and companies providing fringe benefit services
    Joint users’ purposes of use Same as “1. Purposes of personal information use (1)” above For personnel and employment management, fringe benefit services, and support for services necessary for operations within the Group
    Personal information manager Katsutaro Inabata
    Director, President

    Inabata & Co., Ltd.
    2-8-2 Nihonbashi-honcho, Chuo-ku, Tokyo 

    *1 Inabata will obtain individual consent for special care-required personal information.
    *2 Please see "Global Network" for the list of group companies.

  • 4. Announcement of Security Control Measures 

    Inabata will implement various security control measures as follows to protect and manage personal information.

    1) Organizational Security Control Measures

    Items Security Control Measures
    1) Maintenance of organizational structure
    • Appointment of a person responsible for handling personal data and clarification of responsibility
    • Clarification of employees who handle personal data and their roles
    • Clarification of the range of personal data handled by the above employees
    • A system for reporting to the person in charge when a fact or a sign of a violation of the law is found or a violation of a discipline regarding the handling of personal data maintained by a personal information handling business operator is found
    • A system for reporting to the person in charge when occurrence or signs of cases such as leaks of personal date, etc. are found
    2) Operation in accordance with disciplines regarding the handling of personal data
    • Status of carrying documents, media, etc. in which personal data is mentioned or recorded
    • In the case of handling personal information databases, etc. with an information system, the usage status of the information system by the person in charge (login record, access log, etc.)
    3) Maintenance of a method to check the status of handling personal data
    • Personal data items
    • Purpose of use
    • Persons with access rights, etc.
    4) Establishment of a system to deal with cases such as leaks
    • Investigation of facts and investigation of causes
    • Contact to the person who may be affected
    • Reporting to the Personal Information Protection Commission, etc.
    • Consideration of and decision on measures to prevent recurrence
    • Publication of facts and measures to prevent recurrence, etc.
    5) Understanding the handling status and review of security control measures
    • Regularly carry out self-inspections or audits by other departments regarding the status of handling personal data.

    2) Personnel Security Control Measures

    Item Security Control Measures
    ○ Employee education
    • Provide training to employees regarding points to consider on the handling of personal data.

    3) Physical Security Control Measures

    Items Security Control Measures
    1) Management of areas that handle personal data
    • Entry/exit management and restrictions on equipment brought in, etc.
      Installation of an entry/exit management system using an IC card, number key, etc. as a method for entry/exit management.
    • Prevention of personal data being viewed by unauthorized persons by installing partitions, devising seating arrangements, implementing measures to prevent looking from behind, etc.
    2) Prevention of theft of equipment and electronic media, etc.
    • Store equipment handling personal data, electronic media on which personal data is recorded, documents containing personal data, etc. in lockable cabinets, book storage, etc.
    3) Prevention of leaks when carrying electronic media, etc.
    • Store personal data to be carried around onto electronic media after they are encrypted, protected by a password, etc.
    4) Deletion of personal data and disposal of equipment, electronic media, etc.
    • Adopt unrecoverable means such as incineration, melting, and adequate shredding.
    • When disposing of devices, electronic media, etc. on which personal data is recorded, request an outside contractor to delete them through unrecoverable means.

    4) Technical Security Control Measures

    Items Security Control Measures
    1) Access control
    • Limit information systems that can handle personal information databases, etc.
    • Limit personal information databases, etc. that can be accessed by the information system.
    • Limit the range of access and the employees who can use the information system that handles personal information databases, etc. with access rights assigned to user IDs.
    2) Identification and authentication of person accessing information
    • User IDs, passwords, IC cards, etc.
    • Two-factor authentication using an additional authentication method
    3) Prevention of unauthorized access from the outside
    • Install a firewall, etc. at the connection point between the information system and the external network to block unauthorized access.
    • Install security software in information systems and devices to detect and delete malicious software.
    • Update software, etc. by utilizing the automatic update function, etc. that is a standard feature on equipment and software.
    • Detect unauthorized access, etc. through regular analysis of logs, etc.
    4) Prevention of leaks due to the use of information systems
    • Ensure safety when designing information systems and continuously review them.
    • Encrypt the communication route or the content that includes personal data.

    5) Understanding the external environment

    When handling personal information in foreign countries, Inabata and its group companies take necessary security control measures after regularly collecting and understanding of information regarding the personal information protection system of the country concerned.
    Please refer to our Global Network for the names of countries where Inabata and its group companies handle personal information.
    For an overview of the system for protecting personal information, please refer to the website of the Personal Information Protection Commission.

  • 5.Disclosure, correction, and discontinuation of use of registered information

    When Inabata receives from an individual a request for disclosure, correction, discontinuation of utilization, deletion, disclosure to third parties, or suspension of provision, etc., of his/her personal information handled by Inabata, Inabata will confirm the identity of the owner of the information and respond promptly unless otherwise prohibited to do so by laws and regulations or other special circumstances.

    Please use the “Contact Us” form on the Privacy Policy page to send a request.

    Personal information handling business operator

    Inabata & Co., Ltd.
    2-8-2 Nihonbashi-honcho, Chuo-ku, Tokyo 

    Director, President: Katsutaro Inabata