Privacy policy
As of April 1, 2024
Japan Nutrition Co., Ltd. (“JNC”) recognizes that it is our social responsibility to properly manage and protect personal information that is provided to us, such as names, addresses and other information of individuals, which could allow specific individuals to be identified (“Personal Information”). Accordingly, the Company will handle Personal Information in accordance with this Privacy Policy (this “Policy”).
GDPR Privacy Policy1 Compliance with laws and control of Personal Information
The Company will comply with Japan’s Act on the Protection of Personal Information and all other related laws and regulations, and the Company will strive to take all necessary and appropriate measures with regard to the Personal Information that it collects and receives, in order to prevent any unauthorized access to, and leakage of, such Personal Information.
2 Purpose of use of Personal Information
The Company will use Personal Information solely within the scope of the following purposes, and to the extent deemed relevant to those purposes (the “Purpose(s)”), unless individually specified or informed or announced:
1. In the conclusion and execution of agreements, and in the conduct and management of any other transaction related to the Company’s business;
2. For communications related to the Company’s business, and in correspondence, greetings, and other acts of general etiquette;
3. Providing information related to the Company’s business;
4. In research, analyses, studies, and audits related to the Company’s business;
5. In the production of statistical information, analysis of anonymously processed information, and other processing of Personal Information for the Company’s use;
6. Exchanging information and communicating with industry and organizational stakeholders related to the Company’s business; or
7. Any other activities related to or incidental to the above Purposes.
3 Disclosure and provision of Personal Information to third parties
The Company will not disclose or provide Personal Information to any third party without obtaining in advance consent from the individual to whom such Personal Information relates (the “Principal”), unless such disclosure or provision of Personal Information is permitted, required, or enforced by any applicable laws or regulations.
4 Joint use of Personal Information
The Company may jointly use your personal information with our parent company and subsidiaries for the purpose of appropriately responding to your requests and inquiries, as well as for business notifications, communications, and information sharing in accordance with the purposes stated in Section 2 of this Privacy Policy. Please note that we will take full responsibility for the handling of personal information in the joint use.
Categories of Personal Data subject to joint use:
Information provided by customers through inquiries on our website (company name, address, affiliation, position, name, address, telephone number, email address, etc.) Information obtained through business card exchange (company name, address, affiliation, position, name, telephone number, fax number, email address, etc.) Scope of parties with whom the personal data will be jointly used: The Company and our parent company, and domestic and international subsidiaries.
5 Notification of the Purpose
In the event that a Principal wishes to be notified about the Purpose for which the Principal’s Personal Information is being retained by the Company (the “Retained Personal Data”), the Company will inform the Principal of such Purpose only after verifying the identity of the Principal (or his/her representative). Notwithstanding the foregoing, the Company may not be able to provide such information in whole or in part in the event that: (i) there is a possibility of harm to the life, body, or property of, or any other rights or interests of, the Principal or a third party, (ii) there is a possibility of harm to any of the Company’s rights or legitimate interests, (iii) there is a possibility that such provision of information might interfere with the performance of affairs by a national or local government authority as prescribed by applicable laws and regulations to the extent that the Company is required to cooperate with such performance, (iv) the Purpose is clear, given the circumstances under which the Personal Information was obtained, or (v) such provision of information is prohibited under any applicable laws or regulations.
6 Disclosure of Personal Information to the Principal
In the event that a Principal wishes to receive a disclosure of the Retained Personal Data about the Principal, records on third party provision of personal information which constitutes a database that enables the Company to search for personal information (the “Personal Data”), or records on receipt of the Personal Data from a third party, the Company will, after verifying the identity of the Principal (or his/her representative), make such disclosure either by electronic data or in writing at the selection of the Principal (or if the Principal has no preference, as selected by the Company). Notwithstanding the foregoing, the Company may not be able to provide such information or records in whole or in part in the event that: (i) there is a possibility of harm to the life, body, or property of, or any other rights or interests of, the Principal or a third party, (ii) there is a possibility that the Company’s proper execution of business could be seriously harmed, damaged or impeded, or (iii) such disclosure violates any applicable laws or regulations.
7 Correction, addition, or deletion of Personal Information
In the event that a Principal wishes the Company to correct, add, or delete any of the Retained Personal Data about the Principal (collectively, “Correction”), the Company will make such Correction after verifying the identity of the Principal (or his/her representative). Notwithstanding the foregoing, the Company has the right to refuse to make such Correction in the event that: (i) the contents of the Retained Personal Data are factually accurate and correct, (ii) special procedures are set forth in applicable laws and regulations, or (iii) such Correction is unnecessary in light of the Purpose.
8 Discontinuance of use and erasure of Personal Information
In the event that a Principal desires the discontinuance of use or the erasure of the Retained Personal Data about the Principal (collectively, “Discontinuance of Use”), the Company will carry out such Discontinuance of Use after verifying the identity of the Principal (or his/her representative). Notwithstanding the foregoing, the Company has the right to refuse such Discontinuance of Use in the event that: (i) the reasons for Discontinuance of Use prescribed in the Act on the Protection of Personal Information are not met, such as where the Retained Personal Data is properly handled by the Company to the extent required to achieve any relevant Purpose specified in advance or is collected in an appropriate manner, or (ii) the Company takes alternative measures necessary to protect the rights and interests of the Principal where the Company has difficulty with the Discontinuance of Use. Please note that the discontinuance of any use, or the erasure of, all or part of the Retained Personal Information may prevent or impede the provision of any service or transaction requested by the Principal.
9 Handling of Personal Information on our Website
(1)Acquisition of access history
The Company records customer information in the form of access logs on the Website. This includes information such as a user’s IP address, the type of browser used, and the frequency of access to the Website, but such records do not include identifiable personal information. The access log will be used for statistics and analysis concerning the status of the use of the Website, but will not be used for any other purpose.
(2)Security
The Company uses SSL (Secure Sockets Layer protocol) and/or TLS (Transport Layer Security) on the Website to encrypt communications to protect Personal Information.
(3)External Links
This Policy applies to Personal Information obtained through the Website. However, in no event shall the Company be responsible for any other websites that are accessed through or from the Website.
10 Control of the Retained Personal Data
The Company will take measures to control access to the Retained Personal Data, restrict methods of taking out the Retained Personal Data, and prevent unauthorized access from the outside, and will take other necessary and appropriate measures for preventing leakage or loss of, or damage to, the Retained Personal Data and other security control of the Retained Personal Data (the “Security Control Measures”). When taking the Security Control Measures, the Company will utilize the frameworks of related laws and regulations, guidelines, and information security systems, and appropriately implement technical security control measures and Organizational Security Control Measures, as follows:
(1)Technical Security Control Measures
1. The Company will control access to the Retained Personal Data (such as physical and electronic management of access authority, measures to prevent unauthorized access, and supervision of access status).
2. The Company will restrict the methods of taking out the Retained Personal Data (such as measures against unauthorized removal outside the company using external storage media and e-mails).
(2)Organizational Security Control Measures
1. Supervision of officers and employees (collectively, the “Employees”)
・The Company will appoint a manager who is responsible for managing personal information and clearly prescribe the responsibility and authority of the Employees with regard to security control of the Retained Personal Data.
・The Company will establish internal rules and manuals concerning security control of the Retained Personal Data and have the Employees comply with them, as well as conduct appropriate compliance audits.
2. Supervision of outsourcing contractors
・The Company may outsource all or a part of the handling of the Retained Personal Data. In such case, the Company will select outsourcing contractors deemed capable of handling the Retained Personal Data properly and implement necessary and appropriate management to ensure compliance by the outsourcing contracts with the obligations imposed on them by the Company.
11 Methods and contact points for the application or request for disclosures, etc.
With regard to any of the foregoing requests in paragraphs 5 to 8 concerning the Retained Personal Data and other information, please send identity verification documents (copy of driver's license, passport, insurance card, etc.) to the following address by mail.
〒107-0062
1-1-1 Minami Aoyama, Minato-ku, Tokyo
Japan Nutrition Co., Ltd, Business Control Unit No.2
12 Revision
The Company may revise this Policy from time to time to appropriately reflect any changes of laws, regulations, and other requirements as necessary.