Our Processing of Your Personal Information
1. How, why and on what legal grounds we process your personal information
Our company collects certain personal information directly from you. We then lawfully process such personal information in compliance with applicable laws. To that end, we rely on the legal grounds listed below.
For each legal ground, the personal information we collect will be processed by our company only in accordance with the purposes specified below. Your personal information will not be subject to unintended use.
- (1) We process personal data to perform contractual obligations towards users of our services.
We rely on the necessity to fulfill our contractual obligations in order to provide services to our users as the legal ground for processing your personal information.
The personal information we collect includes your name, email address, address, phone number, gender and date of birth.
We process your personal information for the following purposes:
We will retain your personal information for the duration of our contract with you and, upon its termination, for the statute of limitation applicable to contractual claims in accordance with applicable laws.
- • To carry out user registration for the services provided by our company
- • To offer information on, and proposals for, services we provide when you make a request in the context of potentially entering into a contract with us as wellz as to negotiate potential contracts
- • To offer maintenance and support to enable the provision of our services
- • To respond to your inquiries when it is necessary for the provision of our services
- (2) We process your personal information to comply with the legal obligations imposed on us.
We process various categories of your personal information only to the extent necessary to comply with the law.
If you exercise any of the rights listed below, we will also process your personal information to ensure we respond to your request properly.
The data retention period depends on the applicable statutes of limitation, to enable us to demonstrate compliance with our legal obligations.
- (3) We also process your data in order to pursue our own business legitimate interests.
We rely on this legal ground for the following purposes:
- • To provide information on, and accept applications for, seminars and events that our company organizes or participates in
The data retention period is one year following the end of the concerned event.
- • To carry out user identity verification for the services provided by our company
The data retention period is one year after the service ends.
- • To confirm identity for responding to inquiries about personal data
The data retention period is one year following the end of the inquiries.
In general, for all the purposes set out above, the personal information we collect includes the name, email address, address, and phone number.
- (4) We also process your data based on your consent.
We obtain your consent for the following purposes:
- • To offer information on, and proposals for , services we provide
- • To set cookies or similar tracking technologies on your devices when you visit our websites
Collecting information through cookies enables us to better understand the visitors who visit our websites, where they come from, and what content on our websites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our websites to our visitors.
For further information on the purposes of the cookies we use and their duration, please see our dedicated Cookie Notice . To manage your preferences, please see our dedicated Cookie Notice.
Any consent given can be withdrawn at any time. The withdrawal of consent is only effective for the future and does not affect the lawfulness of data processing up to the time of withdrawal.
2. Disclosure of personal information to third parties
- • Third party service providers
Processing of personal information may entirely or partly be entrusted to the below categories of third parties acting as data processors and following our instructions. In such cases, our company will select parties we accredit for proper processing of personal information. In compliance with applicable laws, we will also provide for appropriate obligations in our respective contracts with them, notably to ensure an appropriate level of security and the confidentiality of your personal information.
The categories of recipients involved are our service providers such as public cloud, marketing cloud and IoT solutions.
- • Our group companies
We may disclose your personal information to our group companies, as listed on our website at https://uhuru.co.jp/en/about/outline/.
- • Competent law enforcement body, regulatory, government agency or court
We may have to disclose your personal information to competent authorities to comply with a legal or statutory obligation imposed on us.
- • Legal grounds for disclosure
Personal information collected by our company are provided to third parties either with the data subject’s prior consent, or when required by law, or in case of urgent need for protecting a person’s life, corporeity or property.
- • Personal information disclosed
We will never disclose the following personal information relating to you:
- (1) Personal information of customers that we have obtained in the process of our business operations. (this does not include personal information provided by business operators with whom our company is under outsourcing agreement)
- (2) Personal information relating to our business partners
- (3) Personal information pertinent to employment management concerning all our company’s workers
- (4) Personal information relating to all job applicants
- (5) Personal information of all individuals who have made inquiries to our company
3. Transfer of your personal information
We may transfer your personal information outside of Japan, where our company is based. In this case, our transfers are carried out in compliance the data transfer restrictions provided for in Japanese law.
4. Security measures applied to personal information
Our company has established internal regulations with provisions to protect personal information that we collect and process. We shall ensure that all of our employees and staff members are well informed and educated about the provisions therein and shall conduct periodical and thorough audits to confirm that the provisions are abided by. We shall also continue to preserve and improve security measures to protect personal information collected and processed by our company.
5. Your data protection rights
You are entitled to exercise, under certain conditions, the following rights with respect to your personal data: the right of access, the right of rectification, the right to request erasure, the right to restriction of processing, the right to data portability and the right to object to processing.
- • How to exercise your rights
To exercise any of the above-listed rights, please see section 6 below, which specifies the contact details of our Personal Information Inquiry Desk and our Chief Privacy Officer.
- • Identity verification
Upon receiving a request to exercise any of the above-listed rights, we may need to verify the identity of the requestor. In the event of a doubt concerning your identity, we can ask you to provide us with identification data or an identification document, such as your client number.
- • Our response to your request
The format of our reply to an access request will depend on your request.
In case the right of access is unfounded or excessive, we may refuse to respond. In this case, we will notify you the reason for refusing to grant your request.
Lastly, you have the right to lodge a complaint with a supervisory authority about how we collect and use your personal information. You can identify your local supervisory authority in the European Union by clicking here.
However, you should first use the various internal contact points for inquiries set out below to express your complaint or concern, before turning to a supervisory authority.
6. Our contact details for questions, comments, inquiries and complaints related to our processing of your personal information
Our Contact details:
Kamiyacho Trust Tower, 23rd Floor,
4-1-1 Toranomon, Minato-ku, Tokyo
*Please replace (at) with @ when contacting us via e-mail.
Our Personal Information Inquiry Desk:
The contact details of our Chief Privacy Officer (or his/her substitute):
Chief Privacy Officer: Yasuro Katori
*Please replace (at) with @ when contacting us via e-mail.
7. Updates to this Policy