Privacy Policy

In order to promote the protection of personal information, coly Inc. (hereinafter referred to as the Company) has established the following privacy policy (hereinafter referred to as This Policy) and built a system for protecting personal information to ensure that all employees recognize the importance of protecting personal information by taking the appropriate measures to do so.

Definition of Personal Information

According to This Policy, personal information refers to information that can be used to identify a specific individual through their name, date of birth, or other descriptive information (including information that can be easily cross-checked with other information to thereby identify a specific individual). The Company also obtains information generated, stored, and registered on the communications devices of users that does not represent personal information on its own, including but not limited to IP address and activity history( hereinafter referred to as Personally Referable Information). In the event that the Personally Referable Information is associated with Personal Information during use, said Personally Referable Information shall also be handled as Personal Information.

Purpose of Use of Personal Information

The Company may use the customer’s Personal Information within the scope necessary for the purposes listed below, in the following cases, in order to provide the customer with better services.

1. To verify the identity of the customer.
2. To provide services and after-sales services related to the applications provided by the Company, and to give notice of said.
3. To customize services and advertisement delivery by analyzing viewing and activity history obtained to prevent the improper use of the services of the Company. Note that the Company may obtain customer information such as viewing and activity from a third party and associate it with the customer’s personal information already held by the Company for use. In that case, the Company shall obtain the prior consent of the customer and use the information within the scope of the Purpose of Use.
4. To respond to inquiries from the customer regarding the business of the Company.
5. To assist in improving the services provided by the Company and to develop new services, etc.
6. To ship awards for gift campaigns.
7. To carry out communications and trade negotiations and execute contracts required for business.
8. To contact the customer when necessary, such as to provide important notifications about the services of the Company.

Measures for the Management and Protection of Retained Personal Information

In order to prevent the unauthorized access, loss, damage, falsification, or leakage of our customers’ personal information and maintain it in an accurate and up to date state, the Company maintains and manages security systems and take all necessary measures, such as the thorough training of our employees, to implement security measures and manage the personal information under the strictest controls.
Note that the handling of personal information may be consigned to a third party in order to provide better services.
In that case, the Company shall oblige the subcontractor to manage the personal information, maintain confidentiality, and prevent information leakage under a subcontracting agreement, etc., and shall provide the necessary and appropriate supervision thereof.
Furthermore, the primary measures carried out for the secure management of the retained personal information are as follows.

1. This Policy has been prepared as the basic policy regarding Compliance with Related Laws, Regulations, and Guidelines etc. and Contact for Processing Questions and Complaints, to ensure the proper handling of Personal Information.
2. The Regulations on Handling Personal Information have been prepared to establish the handling methods, officers in charge, and their responsibilities at each stage including acquisition, use, storage, provision, and deletion/disposal.
3. An officer in charge of the handling of Personal Information has been established, while the employees engaged in the handling of Personal Information and the scope of said handling has been clarified. Furthermore, a system for reporting and notification to the officer in charge to track violations of the laws and Regulations on Handling has been prepared.
4. Regular self-inspections are carried out on the status of the handling of Personal Information, and audits are carried out by other departments and external parties.
5. Regular training is provided to employees regarding the precautions related to the handling of Personal Information.
6. Stipulations on the confidentiality of personal data is described in the Rules of Employment.
7. Employee access to areas where Personal Information is handled is subject to controls, while measures have been put in place to prevent the viewing of Personal Information by unauthorized persons.
8. Measures have been put in place to prevent theft and loss of equipment, electronic media, and documents used in the handling of Personal Information. When said equipment is transported, including transport within a business location, measures are taken to prevent Personal Information from being easily revealed.
9. The scope of databases containing Personal Information, including the persons with access and the Personal Information handled, is limited through access control.
10. A system has been adopted to protect the information systems that handle Personal Information from unauthorized access and malicious software.

Sharing of Personal Information

The Personal Information provided to the Company may be subject to joint use within the scope of the purposes of use of Personal Information described in items 1 through 8 under Purpose of Use of Personal Information above. In that case, the business location, representative, and other information of the businesses engaged in joint use will be published in This Policy.

Prohibition of Disclosure or Provision of Personal Information to Third Parties

The Company shall properly handle the personal information we collect from customers and shall not disclose said personal information to any third party except under the following circumstances.

1. When the user’s consent has been received.
2. When the Personal Information is disclosed to a business to which the Company has outsourced operations after concluding an outsourcing contract, including a confidentiality agreement, in order to provide the services desired by the customer.
3. When a request for disclosure is made by a court, police agency, or other public agency in accordance with the relevant laws and regulations.

Disclosure, Correction and Deletion of Personal Information

The Company shall disclose, correct, or delete the Personal Information obtained from the customer within a reasonable scope when requested by the customer themselves.

Use of Access Analysis Tools

The related websites of the Company use Google Analytics, a tool provided by Google for analyzing web traffic. Google Analytics requires the use of cookies to collect traffic data. The traffic data is collected anonymously and cannot be used to identify individuals. Google Analytics can be disabled via your browser addon settings. By doing so, you can prevent the collection of information by the Company via Google Analytics. Please refer to the opt-out addon provided by Google for information regarding disabling Google Analytics.
Furthermore, refer to the Google Analytics website regarding the Terms of Use of Google Analytics, and to the Google website regarding the Google privacy policy.

Compliance with laws and regulations, review of this policy

We will comply with Japanese laws, regulations, and other norms applicable to the personal information in our possession, and will review and improve the content of this policy as appropriate.

Disclaimer

The Company shall not be held liable in any way in the following cases.

1. When the user discloses their personal information to a third party through the use of the functions of the services of the Company or through other means.
2. When an individual can be identified by a third party using the information disclosed by the user through the services of the Company.

Created December 1, 2017
Revised March 31, 2022