Establishment date: April 1, 2005
Final revision date: July 7, 2016
Kenichi Aoyama, President and CEO
About personal information protection
SecureBrain Corporation has been certified with the PrivacyMark, recognition that is given by JIPDEC (formerly Japan Information Processing and Development Center) to enterprises who handle personal information appropriately.
About personal information protection
As threats on the Internet become ever more diverse, SecureBrain Corporation (hereinafter referred to as “Company”), as a dedicated cyber security company that ensures IT security for enterprises and companies providing Web services, handles a variety of information including some received from customers under our mission, “Protecting all people from cybercrimes”.Accordingly, SecureBrain strives to establish an information management system and its thorough implementation to respect the value of such information. Based on this background, in terms of personal information protection, SecureBrain has established a personal information protection management system compliant with JIS Q15001 and the Act on the Protection of Personal Information, and also specifies the following personal information protection policy, ensures it is disseminated to our directors and employees, and that the general public can easily obtain the same. Then, we strive to protect personal information appropriately in accordance with this policy.
Personal Information Protection Policy
Establishment of rules concerning personal information protection and continuous improvement of the personal information protection management system
SecureBrain ensures its directors and employees are fully aware of the importance of protecting personal information, has established management rules on how to use and protect personal information appropriately, and steadfastly implements its personal information protection management system as well as maintaining and continuously improving the system.
- Acquisition, use, and provision of personal information, and prohibition on any utilization other than for intended purposes
SecureBrain has established a management system to protect personal information for business activities in accordance with each business status with due consideration on receiving personal information, and appropriately acquires, uses, and provides personal information in accordance with its predetermined rules. SecureBrain will not utilize said information for any purpose other than intended, and takes measures to ensure that./li>
Implementation of safety measures and corrective actions
SecureBrain implements safety measures including information security measures to ensure the accuracy and safety of personal information, and strives to prevent any leakage, loss of or damage to said personal information. In the event of any safety related issues, SecureBrain will also identify the cause, and take corrective action.
Compliance with laws, regulations, guidelines, and rules
SecureBrain complies with the laws, Japanese government policies, and other rules regarding the handling of personal information. SecureBrain also conforms our company’s rules related to personal information protection to these laws, policies and other rules.
- SecureBrain respects the rights of each individual whose personal information it holds, and will respond in good faith to any request for disclosure, correction or deletion of personal information, or if refusal to use or provide same is requested by the person concerned, or complaint, or request for consultation is received.
Definition of personal information measures for protection
Regarding the definitions, personal information refers to information concerning individuals, such that a specific individual could be identified from their name, numbers allocated per description or person such as date of birth, codes or other symbols, image or voice data, that are contained in the information (including any information that does not by itself identify specific individuals, but could easily be used to identify specific individuals by cross-referencing with other information).
In addition, not only information that can be used to identify individuals, but also any information that represents personal facts, decisions or evaluations, regarding attributes such as individual’s physical, property, occupation, and title are included as personal information.
SecureBrain has assigned a person responsible for handling personal information based on “SecureBrain’s concept for personal information protection” and the “Personal information protection policy”, and makes the utmost effort to protect and manage personal information with the greatest care.
SecureBrain also strives to protect personal information with due consideration for the following from the perspective of further ensuring the protection of rights and interests of said individuals, such as consumers.
- Voluntary response to requests to suspend use of personal information from person concerned
- Regardless of whether outsourced or not, increase the transparency of outsourcing, such as clarifying entrusted service details
- Clarifying utilization purpose of personal information for the person concerned
- Specific clarification as far as possible, such as sources and methods, etc. of personal information acquisition, for disclosure requests, etc.
Acquisition of personal information and utilization purpose
SecureBrain acquires and utilizes personal information only within the scope necessary to achieve the following purposes regarding its business activities, mainly concerning the development, sales, and service provision of Internet security solutions.
Personal information concerning customers (personal information to be disclosed)
Implementation of contract concluded with customers
Contact for business discussions or meetings with customers
Provision of follow-up service for products
Sending information about holding events, new products and services
Response to enquiries
Analysis and surveys to further enhance products and services
Response to other consultations or your requests
Personal information concerning directors and employees, etc. of clients and other companies (personal information to be disclosed)
Contact required for business, and business discussions, etc.
Client information management, payment and income processing
Personal information concerning employees in public office and civil servants, etc. (personal information to be disclosed)
Contact, reports, and enquiries, etc. required for business to governing agencies
Personal information entrusted by clients
Any personal information acquired by other enterprises to be handled when SecureBrain conducts services entrusted by other enterprises (e.g. development, sales, and service provision, etc. for Internet security solutions) will only be used within the scope necessary to implement said entrusted services.
Personal information concerning recruitment applicants (personal information to be disclosed)
SecureBrain’s recruitment activities, such as contacting and sending information materials about selection and recruitment
Personal information concerning employees and retirees (personal information to be disclosed)
Fulfillment of obligations and contact for employment, personnel management, and labor-related laws and regulations
Provision to third parties
SecureBrain will not provide customers’ personal information to third parties without obtaining their agreement in advance, except for the following cases:
- Legal requirements
- Obtaining agreement from the person concerned is difficult when required to protect human life, body, or property
- Obtaining agreement from the person concerned is difficult when especially needed to promote improved public hygiene or sound nurturing of children
- When cooperation is required for national authorities, local government, or parties entrusted by the aforementioned to perform clerical work specified by laws and regulations, where acquiring agreement from the person concerned may hinder the implementation of said clerical work
- When personal information handling is entrusted within the scope necessary for acquisition and achieving the utilization purpose
- When personal information is provided in association with business succession following a merger or other reason, and the personal information is handled within the utilization purpose scope before succession
- SecureBrain may jointly use the personal information of the person concerned, such as name, occupation, home address, telephone number, fax number, and email address required to perform business activities jointly with SecureBrain’s group companies with said group companies. In this case, said individual’s personal information will be provided as printed or electronic media. In addition, the person concerned has the right to demand that SecureBrain suspends provision of their personal information to SecureBrain’s group companies.
Personal information items jointly used
Name, occupation, home address, telephone number, fax number, and email address, etc.
Scope of parties for joint use
Hitachi, Ltd., Hitachi Group Companies
Click here for further details. (Opens a new window)
Utilization purpose of joint users
Enquiries, confirmation, etc. required for implementation of business
Management of information system usage
Name of the person responsible for management of jointly used personal information
Directly acquired in writing (including records created electronically) by Hitachi Group companies
About the handling of personal information entrusted by outsourcers
SecureBrain may receive personal information owned by customers (personal information, etc. acquired in association with customers’ business activities) in relation to the outsourced development, sale, or service provision, etc. of Internet security solutions. SecureBrain handles all personal information in accordance with the requirements for personal information, such as SecureBrain’s personal information protection policy and non-disclosure agreements, etc. concluded with our customers.
About the handling of specific personal information
- SecureBrain shall comply with the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures” (hereinafter referred to as the “Act on the Use of Identifying Numbers”), “Act on the Protection of Personal Information,” and “Guidelines concerning appropriate handling of specific personal information (Enterprise edition).”
- SecureBrain shall comply with our “Personal information protection policy” as the “basic policy for the appropriate handling of specific personal information,” and ensure the appropriate handling of specific personal information.
SecureBrain shall obtain and use the specific personal information necessary to achieve the purpose, while implementation of administrative procedures for social security, tax, and disaster countermeasures stipulated under Article 9 of the Act on the Use of Identifying Numbers defines the usage range for specific personal information.Main usage range for any specific personal information we handle is as follows.
- Clerical tasks regarding filling in necessary papers, such as the withholding-tax statement for salary income and retirement income, salary payment reports, reports on employment insurance, reports on insured persons for health and employee pensions, and legal records including claims based on the Industrial Accident Compensation Insurance Act, and their submission to the district director of the tax office, mayor of the municipality, or Japan Pension Service, etc. following provision of specific personal information from employees, etc. to SecureBrain.
- Clerical tasks regarding filling in payment reports for remuneration/fees, etc., payment reports for dividends, retained earnings, and interest from funds, payment reports on fees for use of real estate, and payment reports on consideration for receipt of real estate, etc.; and their submission to the district director of the tax office following provision of specific personal information to SecureBrain.
- Implementation of services entrusted to SecureBrain for clerical tasks involving the handling of specific personal information by administrative organs or other enterprises
- In terms of specific personal information, SecureBrain does not provide specific personal information on the person concerned to any third party except where legally required to do so. SecureBrain does not use it jointly either. However, we may provide specific personal information if any of the items stipulated under Article 19 (Limitation of provision of the specific personal information) of the Act on the Use of Identifying Numbers is applicable.
- SecureBrain may entrust the handling of specific personal information within the scope of the usage purpose as stipulated by laws and regulations, etc.
- SecureBrain shall comply with our “About requests for disclosure, etc. of personal information, or statement of complaint” for disclosure, correction, addition, deletion, suspension of usage, suspension of provision to third parties, notification of usage purpose, or statement of complaint regarding specific personal information we retain.
About Cookies and Web beacons
Explanation of terms
Refers to information exchanged between the Web server that manages the Website and the user’s web browser. Cookies may be stored as a file on the user’s computer. When cookies are used, the web server can record which pages of the website were visited by the specific computer. However, we are not able to identify the user unless they input their own personal information on the Website.
*2 Web beacons
Refers to technology that works together with cookies and allow a user to know how many times a specific page was accessed. However, we are not able to identify the user unless they input their own personal information when receiving cookies.
About requests to disclose personal information, etc., and statements of complaints
Please go through the following procedures to request disclosure, correction, addition, deletion, suspension of use, suspension of provision to third parties, or notification of use purpose (hereinafter, referred to as “Disclosure, etc.”) of personal information of the person concerned retained by us, or state complaints.
Request by the person concerned for Disclosure, etc. of personal information provided to SecureBrain’s sales department
Please contact the relevant sales department.
Request by the person concerned for Disclosure, etc. of personal information provided via SecureBrain’s Website
Please contact the department that manages the relevant homepage.
- Request for Disclosure, etc. of personal information other than (1) and (2) above
Please see “About requests for disclosure, etc.” for details of requests for Disclosure, etc.
Complaints concerning SecureBrain’s personal information handling
Please fill in the “Statement of complaint about the handling of personal information” (PDF format, 54 KB), and send it to the following “Contact for enquiries.”
Contact for enquiries
Requests to the user
- Most of the services we provide can be used without requiring the personal information of the user. However, please understand that some services cannot be provided if the user does not provide personal information to us.
- Please also understand that SecureBrain is not responsible for ensuring the security of personal information on Websites other than SecureBrain’s that are linked from SecureBrain’s Website.
- By inputting personal information on SecureBrain’s Website, it is implicitly assumed that the user accepts the terms under “About personal information protection.” If the user does not agree with the terms under “About personal information protection,” use of the services SecureBrain provides (including responding to enquiries, etc.) may not be possible. Users aged 14 or younger must first obtain their guardian’s agreement in advance before entering their personal information.
- SecureBrain’s personal information protection policy is based on Japanese law.
- SecureBrain reserves the right to revise the terms under “About personal information protection” to improve our handling of personal information or to comply with any revision of laws and regulations or other rules.
- The terms under “About personal information protection” shall come into effect from the date posted (including updates).
- When rules related to the protection of personal information are individually specified on each website provided by us, those rules shall take precedence. When the person concerned calls us, the conversation may be recorded to ensure accurate answers.
Enquiries about this page
Please submit any enquiries about this page (“About personal information protection”) except for requests for Disclosure, etc. of personal information, or statement of complaints (See “About requests for disclosure, etc. of personal information, or statement of complaints” for details) by email to the following address, or by post. When submitting any questions or comments, please read this page (“About personal information protection”) and agree to the details described. Please understand that questions cannot be answered without such agreement. Any personal information submitted will be deleted once the questions have been answered, and we do not retain said personal information.
Contact for enquiries
Personal Information Protection Secretariat
Kioicho Building, 7th floor
3-12 Kioicho, Chiyoda-ku
Tokyo, Japan 102-0094
Please include the following details when submitting postal enquiries.
Enquiry details (indispensable)
Affiliation (occupation, school name, etc.)
Email address (indispensable)
(*) Indispensable if not using an email address
Enterprise name and personal information protection manager
Authorized personal information protection organization by which SecureBrain is certified
SecureBrain is certified by JIPDEC, an authorized personal information protection organization.
Complaints concerning certified enterprise’s handling of personal information can be directed to JIPDEC.
Name of the authorized personal information protection organization, and address to send complaints for resolution:
Name of the authorized personal information protection organization: JIPDEC
Attention: Complaint Consultation Office for personal information protection
Address: Roppongi First Building, 12th floor, 9-9 Roppongi 1-chome,
Minato-ku, Tokyo, Japan 106-0032
Telephone: 03-5860-7565 / 0120-700-779