Privacy Policy
Date of enactment: September 30, 2011
Date of latest revision: January 22, 2024
Uhuru Corporation’s business domains are public cloud, marketing cloud and IoT solutions. Our management philosophy is to “Create the future with technology and free thinking.” To maintain an organization that embodies such philosophy, we fully acknowledge our social responsibility to protect personal information that we deal with. We shall protect individual rights and interests, and shall comply with laws and regulations relating to personal information.
We also hereby declare that we shall take company-wide initiatives to establish and continuously improve a personal information management system in view of the most up-to-date trends in IT technologies, and changes in social demand and the business environment to materialize our policy as described below.
a) Our company shall obtain, use and provide personal information in a proper manner within the scope of pre-defined purposes including business operations, recruitment and management of human resources. We will not make use of personal information beyond the range justifiable for fulfilling the purposes (unintended use) and shall take appropriate measures to ensure proper processing of personal information.
b) Our company shall comply with laws, regulations, and guidelines pertaining to the processing of personal information.
c) Our company shall take appropriate safety measures to avoid risks of unauthorized access, leak, loss, damage and such of personal information. We shall inject necessary management resources according to actual business circumstances and shall make efforts to continuously reinforce security of personal information. We shall also establish internal regulations for rectifying and preventing wrongful events and shall maintain optimal protection of personal information.
d) Our company shall respond quickly and sincerely to complaints and inquiries related to the processing of personal information in compliance with our internal regulations.
e) We shall reevaluate our personal information management system in a timely and appropriate manner with consideration to the changes in the environment surrounding our company, and shall continue to make improvements to the system.
This policy shall be provided to all executive officers and employees of our company to keep everyone informed. It will also be made available to any other party.
Takashi Sonoda
CEO
Uhuru Corporation
Our Processing of Your Personal Information
The Uhuru Corporation ( "our company", "our", "us", "we") treats compliance with its privacy obligations seriously. This Privacy Policy explains how we, as a data controller, collect, share and use any information that, alone or in combination with other information, relates to you ("personal data" or "personal information").This Privacy Policy also explains your rights in relation to your personal information.If you have any questions or comments about this Privacy Policy, please contact us through the contact details set out in section 7 of this Policy.
1. How, why and on what legal grounds we process your personal information
Our company collects certain personal information directly from you. We then lawfully process such personal information in compliance with applicable laws. To that end, we rely on the legal grounds listed below. For each legal ground, the personal information we collect will be processed by our company only in accordance with the purposes specified below. Your personal information will not be subject to unintended use.
(1) We process personal data to perform contractual obligations towards users of our services.
We rely on the necessity to fulfill our contractual obligations in order to provide services to our users as the legal ground for processing your personal information. The personal information we collect includes your name, email address, address, phone number, gender and date of birth. We process your personal information for the following purposes:
• To carry out user registration for the services provided by our company
• To offer information on, and proposals for, services we provide when you make a request in the context of potentially entering into a contract with us as wellz as to negotiate potential contracts
• To offer maintenance and support to enable the provision of our services
• To respond to your inquiries when it is necessary for the provision of our services
We will retain your personal information for the duration of our contract with you and, upon its termination, for the statute of limitation applicable to contractual claims in accordance with applicable laws.
(2) We process your personal information to comply with the legal obligations imposed on us.
We process various categories of your personal information only to the extent necessary to comply with the law. If you exercise any of the rights listed below, we will also process your personal information to ensure we respond to your request properly. The data retention period depends on the applicable statutes of limitation, to enable us to demonstrate compliance with our legal obligations.
(3) We also process your data in order to pursue our own business legitimate interests.
We rely on this legal ground for the following purposes:
• To provide information on, and accept applications for, seminars and events that our company organizes or participates in The data retention period is one year following the end of the concerned event.
• To carry out user identity verification for the services provided by our company The data retention period is one year after the service ends.
• To confirm identity for responding to inquiries about personal data
The data retention period is one year following the end of the inquiries.
In general, for all the purposes set out above, the personal information we collect includes the name, email address, address, and phone number.
(4) We also process your data based on your consent.
We obtain your consent for the following purposes:
• To offer information on, and proposals for , services we provide
• To set cookies or similar tracking technologies on your devices when you visit our websites
Collecting information through cookies enables us to better understand the visitors who visit our websites, where they come from, and what content on our websites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our websites to our visitors.
For further information on the purposes of the cookies we use and their duration, please see our dedicated Cookie Notice. To manage your preferences, please see our dedicated Cookie Notice.
Any consent given can be withdrawn at any time. The withdrawal of consent is only effective for the future and does not affect the lawfulness of data processing up to the time of withdrawal.
2. Disclosure of personal information to third parties
• Third party service providers
Processing of personal information may entirely or partly be entrusted to the below categories of third parties acting as data processors and following our instructions. In such cases, our company will select parties we accredit for proper processing of personal information. In compliance with applicable laws, we will also provide for appropriate obligations in our respective contracts with them, notably to ensure an appropriate level of security and the confidentiality of your personal information. The categories of recipients involved are our service providers such as public cloud, marketing cloud and IoT solutions.
• Our group companies
We may disclose your personal information to our group companies, as listed on our website at
https://uhuru.co.jp/en/about/outline/
• Competent law enforcement body, regulatory, government agency or court
We may have to disclose your personal information to competent authorities to comply with a legal or statutory obligation imposed on us.
• Legal grounds for disclosure
Personal information collected by our company are provided to third parties either with the data subject’s prior consent, or when required by law, or in case of urgent need for protecting a person’s life, corporeity or property.
• Personal information disclosed
We will never disclose the following personal information relating to you:
(1) Personal information of customers that we have obtained in the process of our business operations. (this does not include personal information provided by business operators with whom our company is under outsourcing agreement)
(2) Personal information relating to our business partners
(3) Personal information pertinent to employment management concerning all our company’s workers
(4) Personal information relating to all job applicants
(5) Personal information of all individuals who have made inquiries to our company
3. Transfer of your personal information
We may transfer your personal information outside of Japan, where our company is based. In this case, our transfers are carried out in compliance the data transfer restrictions provided for in Japanese law.
4. Provision of your personal data to third parties
(1) We may provide your personal data to third parties (excluding third parties in foreign countries) in the following cases:
a) we have obtained your consent in advance to provide personal data to third parties.
b) providing your personal data in connection with entrusting all or part of the processing of your personal data to our contractors (including subcontractors) within the scope necessary to achieve the purpose of use of your personal information.
c) your personal data is provided in connection with business succession due to merger or other reasons
d) your personal information is provided to our group companies in accordance with the section 2 above
e) any of the following items apply such as:
- cases in which there is a need to protect a human life, body or fortune, and when it is difficult to obtain a principal's consent.
- cases in which there is a special need to enhance public hygiene or promote fostering healthy children, and when it is difficult to obtain a principal's consent.
- cases in which there is a need to cooperate in regard to a central government organization, a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and when there is a possibility that obtaining a principal's consent would interfere with the performance of the said affairs.
- cases when providing personal data to an academic research institution and when such academic research institution needs to process the personal data for academic research purposes. (This includes cases where the purpose of handling the relevant personal data is partly for academic research purposes, but excludes cases where there is a risk of unjustly infringing on the rights and interests of individuals.)
- cases based on laws and regulations.
(2) We may provide your personal data to third parties in foreign countries in the following cases:
a) we have obtained your consent in advance to provide personal data to third parties in foreign countries.
b) providing your personal data to such third parties that have implemented measures in accordance with the provisions of Chapter 4, Section 2 of the Japanese Personal Information Protection Act by an appropriate and rational method regarding the handling of personal data and have committed to our company to implement such measures.
c) any of the above (1) (a) to (e) applies.
(3) When providing your personal data to third parties in the foreign countries based on the preceding paragraph (2), we will confirm the system regarding the protection of personal information in the country to which your personal data is provided in an appropriate and rational manner by using the website, such as Personal Information Protection Commission.
> "Survey on Systems Concerning Protection of Personal Information in Foreign Countries"
5. Security measures applied to personal information
In order to prevent the loss, falsification, leakage, etc. of personal information when processing personal information, we will take strict security measures as follows in accordance with the guidelines regarding the Act on the Protection of Personal Information and in accordance with internal regulations.
• Establishment of Rules for Processing Personal Information
We have established rules and regulations regarding the protection of personal information, and have established a system for promoting the protection of personal information, operating procedures for the personal information protection management system, and methods for processing personal information.
• Organizational Security Control Measures
We regularly conduct internal audits of the status of the processing of personal information.
We have established a reporting system in the event of an emergency such as a leak of personal information.
• Physical Security Control Measures
We control access to areas where personal information is handled.
We take measures to ensure that personal information is not easily identified when carrying equipment or electronic media that handle personal information, including when moving around the office.
• Human security management measures
We provide regular training to our employees regarding the protection of personal information.
The confidentiality of personal information is stipulated in the Rules of Employment.
• Technical Security Control Measures
Access control is implemented by adopting user authentication using IDs and strong passwords and two-step verification.
We have introduced a mechanism to prevent unauthorized access from the outside to information systems processing personal information.
• Management of Contractors
When we outsource the processing of personal information, we select a contractor that can handle it appropriately and conduct periodic operational confirmations.
• Understanding the external environment
When storing personal information in a foreign country, we implement safety management measures based on an understanding of the system for the protection of personal information in the foreign country.
6. Your data protection rights
You are entitled to exercise, under certain conditions, the following rights with respect to your personal data: the right of access, the right of rectification, the right to request erasure, the right to restriction of processing, the right to data portability and the right to object to processing.
• How to exercise your rights
To exercise any of the above-listed rights, please see section 6 below, which specifies the contact details of our Personal Information Inquiry Desk and our Chief Privacy Officer.
• Identity verification
Upon receiving a request to exercise any of the above-listed rights, we may need to verify the identity of the requestor. In the event of a doubt concerning your identity, we can ask you to provide us with identification data or an identification document, such as your client number.
• Our response to your request
The format of our reply to an access request will depend on your request. In case the right of access is unfounded or excessive, we may refuse to respond. In this case, we will notify you the reason for refusing to grant your request.
Lastly, you have the right to lodge a complaint with a supervisory authority about how we collect and use your personal information. You can identify your local supervisory authority in the European Union by clicking here.
However, you should first use the various internal contact points for inquiries set out below to express your complaint or concern, before turning to a supervisory authority.
7. Our contact details for questions, comments, inquiries and complaints related to our processing of your personal information
If you have any questions or comments about this Privacy Policy, or any concern or complaint on how we handle your personal information, feel free to contact our Personal Information Injury Desk or our Chief Privacy Officer.
Our Contact details:
Uhuru Corporation
WeWork
Kamiyacho Trust Tower, 23rd Floor,
4-1-1 Toranomon, Minato-ku, Tokyo
105-6923 JAPAN
Email: privacy(at)uhuru.jp
*Please replace (at) with @ when contacting us via e-mail.
Our Personal Information Inquiry Desk:
The contact details of our Chief Privacy Officer (or his/her substitute):
Chief Privacy Officer: Takashi Sonoda
Email: privacy(at)uhuru.jp
*Please replace (at) with @ when contacting us via e-mail.
8. Updates to this Policy
We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
CONTACT
For inquiries and requests please click the CONTACT FORM button.