PRIVACY POLICY

ASMARQ Co., Ltd. contributes to society by surveying and collecting (acquiring) consumer awareness and actual conditions related to products and services through marketing research, processing that information statistically, and providing it to corporations and organizations. We collect (acquire) information, including the personal information of numerous consumers on a daily basis. We believe it is our responsibility as a business which uses such information to collect (acquire) and use such information properly, and to manage it safely. In order to clarify our position, we have established this Privacy Policy, and declare its practice inside and outside the company.

<For people residing in Japan>

1. Collection (acquisition), use and provision of personal information

  1. We collect (acquire) personal information with a clear purpose of use, and by proper and fair means.
  2. We use personal information within the scope of the purpose of use agreed upon by the person providing the information. We do not use the information for purposes which exceed the specified necessary scope, and have measures in place to prevent its use outside the intended purpose. In the case when information is used for purposes which exceed the specified necessary scope, we obtain the prior agreement of the person providing the information.
  3. As a rule, we do not provide information to third parties, however in cases when we do, we obtain the prior agreement of the person providing the information.
  4. Personal information is used within the necessary scope to achieve the purpose of use and is managed in its accurate and latest form.

2. Observance of laws related to personal information protection and other standards

  1. When handling personal information, we observe laws and guidelines stipulated by the country, the Marketing Research Code of Conduct and Marketing Research Industry Personal Information Guidelines established by the Japan Marketing Research Association, of which we are a member, and others.

3. Safe management of personal information

  1. In order to prevent personal information leakage, destruction or damage, for its correct management, we have in place safe management measures at the organizational, personal, physical and technical levels.

4. Response to complaints and consultation

  1. We respond rapidly to inquiries and complaints about our handling of personal information. We respond without delay to demands by the person in question or a proxy regarding the information subject to disclosure for usage purpose notifications, disclosure, corrections (correction, addition or deletion of contents), and suspension of use (suspension of use, erasure or suspension of provision to third parties).

5. Continual improvement of the personal information protection management system

  1. In order to actualize the Privacy Policy, we have formulated, and operate, a personal information protection management system, which includes regulations. In order to enhance its effectiveness, we conduct regular education of all employees, and audit the operation situation, and continually review and improve our personal information management system.
    All of our employees have sufficient understanding of the Privacy Policy aims and the procedures for handling personal information. We pay meticulous attention to our daily duties and promise to strive to protect personal information

October 31, 2005 Enactment
January 7, 2008 Revision
November 29, 2017 Revision
November 12, 2018 Revision

Masakazu Machida
CEO
ASMARQ Co., Ltd.

<Inquiry desk regarding the Privacy Policy>
Manager: Masakazu Naito, Personal Information Protection Manager
Affiliated department: Internal Audit Dept.
Tel: 03-5468-5101
Email: naito@asmarq.co.jp
Please note that we cannot respond to requests made through visitations to our office.

<For details regarding the handling of personal information, please see below>

Purpose of use of personal information

Marketing research

  1. Our main duty is the implementation of marketing research, opinion polls, and social research. Our purpose is to survey and collect (acquire) consumer awareness and actual conditions related to products and services, process that information statistically, and provide it to corporations and organizations. As a rule, the collected (acquired) personal information is gathered as statistical data and is not used in a way in which an individual can be identified.
  2. In order to identify people who cooperate with our marketing research (survey respondents), there are cases when we collect (acquire) names, addresses and other information. The methods of collection are from a variety of proper and legal information sources, including survey respondents registering as such on websites we operate, questionnaire answer pages and answering at interview sites, and information provision by marketing research outsourcers (clients).
  3. We use the personal information (name, address, telephone number, email address, gender, date of birth, other related information, survey details, etc.) of survey respondents obtained for the purpose of marketing research or acquired in the process of marketing research for the following purposes. In the case where the handling of personal information exceeds the scope of the purpose of use, we will inform the respondent in advance by posting the terms on a website we operate, explicitly stating it in writing, or by contacting the respondent by email or telephone, to obtain agreement.
    • Survey respondent sampling, survey requests, sending of questionnaires, confirmation and analysis of survey results, provision of information to clients and other matters required to conduct marketing research.
    • Confirmation and reception of participants at survey sites and in discussions.
    • Visitation and implementation of interview or visitation surveys by investigators.
    • Award or exchange of points, payment of rewards, sending gifts or survey sample products to respondents.
    • Response to inquiries by survey respondents, support, and contact to confirm registered information details.
    • Display and other procedures related to identity verification and registered information on survey respondents’ membership pages.
    • Implementation of campaigns and competitions related to marketing research operation, and the sending of e-mail newsletters.
    • For reasons outlined in points 3 and 4 below in “Provision of personal information to third parties” – 3. Provision of web monitor name lists to cooperating survey companies for name identification, 4. Provision of recruitment-related information for clients who are offline survey organizers.
    • Other incidental or related matters to the above.
  4. We conduct marketing research that does not identify the cooperating people (survey respondents). There are cases in which we collect (acquire) the names, addresses and other personal information of the respondents, however, in those cases, we inform the respondents verbally or in writing of the purpose of use.

[HR Tech]
Employee information collected from customers who use services related to HR Tech and personal information registered on the service is used for matters pertaining to service provision and the handling of inquiries.

1. For service provision, registration, operation management: name, employee number, affiliated department, title, time of entry to the company, contact details, facial photograph data, response data, etc.

2. For handling inquiries during service use

3. For sending notifications to necessary users in the operation of service


Commercial activity business deals

In cases when we receive inquiries about our services from clients, including customers and related companies, and in cases when they participate in seminars or campaigns organized or sponsored by us, the personal client information acquired by us through the exchange of business cards, etc. will be used for the following established purposes:

  1. Negotiations, contact, consultation, consideration, orders, settlement and response related to business deals
  2. Transfer of services, etc. based on business deals
  3. Information provision, collection and communication related to our company’s services, etc.

Recruitment activity

The personal information of job applicants or job seekers who apply or inquire will be used for the following established purposes. In the case that a job applicant joins our company, the applicant’s personal information will continue to be used for employment management.

  1. Provision of employment information to job seekers
  2. Notification and contact regarding examination of application and decision
  3. Checking applicants’ history

[Employees, retired employees and those who have left our company]

  • The personal information of employees is used for the following purposes:
    • Internal disclosure information (for business communication)
    • Basic information (hiring personnel management, assignment, employee register, salary payment, welfare provision, social insurance procedures, procedures required by law, other employment management)
    • Compensation-related information (decision and payment of salary, etc., tax withholding procedures, social insurance procedures, tax procedures, other employment management)
    • Personnel information (understanding of human resources, place of assignment/job role, education training, promotion/demotion, other employee management)
    • Family and relative information (decision and payment of salary, etc., tax withholding procedures, social insurance procedures, tax procedures, childcare/nursing care leave procedures, welfare procedures, other employment management)
    • Physical and health condition (health management, securement of an appropriate working environment, leave of absence, working hours management, other employment management)

The personal information of retirees and those who have left our company is used to respond to inquiries from the person in question.

In addition to the purposes of use listed above, there may be cases in which individual purposes of use are established through service/questionnaires, etc.

Retained Personal Data (personal information subject to disclosure)

Retained personal data is defined in the Act on the Protection of Personal Information Act No. 57 of 2003 Article 2, Item 7, as follows:

"Retained personal data" in this Act means personal data which a personal information handling business operator has the authority to disclose, correct, add or delete the contents of, cease the utilization of, erase, and cease the third-party provision of, and which shall be neither those prescribed by cabinet order as likely to harm the public or other interests if their presence or absence is made known nor those set to be deleted within a period of no longer than one year that is prescribed by cabinet order.

About our company’s retained personal data (personal information subject to disclosure)

  • Our company name, head office location and name of our representative
    ASMARQ Co., Ltd., 4F Shibuya Property Tower, 1-32-12 Higashi, Shibuya-ku, Tokyo 150-0011, Masakazu Machida, CEO
  • Name, affiliation and contact details of the Personal Information Protection Manager
    Masakazu Naito, Personal Information Protection Manager, affiliated department: Quality Control Group, President’s Office, Tel: 03-5468-5101
  • Purpose of use of retained personal data (personal information subject to disclosure)
    Please see our company’s Handling of Personal Information
  • Measures taken for the safe management of retained personal data (personal information subject to disclosure)
  • - [Formulation of a basic policy] We have formulated a personal information protection policy regarding compliance with related laws and guidelines, and a questions and complaints desk, etc., for the appropriate handling of personal information.
    - [Maintenance of rules related to the handing of personal data] We maintain basic handling methods in the collection, use and saving of personal data.
    - [Organizational safe management measures] We make regular self-checks and implement internal audits by other departments regarding the handling situation of personal data.
    - [Personal safety management measures] We hold regular training sessions for our staff regarding the important points of handling personal data.
    - [Physical safety management measures] We take measures to prevent the theft or loss of devices, electronic media or documents containing personal data.
    - [Technical safety management measures] We have introduced a system which protects against external unauthorized access of information systems which handle personal data and from unauthorized software.

Procedures regarding requests for disclosure

We will respond without delay to requests regarding retained personal data (personal information subject to disclosure) from the individual or a proxy for the notification of purpose of use, disclosure, correction, etc. (hereinafter disclosure). In the case that Article 23 Item 1 of the Act on the Protection of Personal Information applies, we will conduct third party provision only.

1.Items subject to requests for disclosure

  1. Personal information held by us and items which do not correspond to 8.

2. Contact for requests for disclosure

  1. To request disclosure, please inquire by postal mail or email to the addresses below. For postal mail, please write “Request for disclosure” in red on the envelope. For email, please write “Request for disclosure” in the subject line.
    When making your inquiry, please enclose or attach one of the identity verification documents listed below.

    Contact information
    Masakazu Naito
    Personal Information Protection Manager
    ASMARQ Co., Ltd.
    4F Shibuya Property Tower, 1-32-12 Higashi, Shibuya-ku, Tokyo 150-0011
    privacy@asmarq.co.jp

    Document for identity verification
    (ⅰ) Driver's license
    (ⅱ) Passport copy
    (ⅲ) Health insurance copy
    (ⅳ) Pension book copy
    (ⅴ) Resident's card

3.Handling fee for requests for disclosure, etc.

There is no fee to be paid.

4.Response method for requests for disclosure, etc.

We will respond in writing to the address written on the form completed by the applicant, or will reply to the email we received.

5.Purpose of use of personal information collected (acquired) in relation to requests for disclosure, etc.

Personal information collected (acquired) through requests for disclosure will only be handled within the necessary scope to respond to the request for disclosure, etc. Documents submitted will be kept for two years from the response to the request and then will be destroyed.

6.Cases in which we cannot respond to requests for disclosure, etc.

  1. Please note that we cannot respond to requests for disclosure, etc. if any of the following items from a to j apply. We will notify you to that effect with the reason.
    • In cases when we cannot confirm the identity of the individual such as when the address on the form, the identification document and the address registered with us do not match.

    • When we cannot confirm the power of attorney by a proxy.

    • When the prescribed form is incomplete.

    • When the request is made for information which is not personal information subject to disclosure.

    • When there is the risk of harm to the life, body or assets of the individual or to a third party.

    • When there is the risk it could encourage or lead to illegal or unjust acts.

    • When there is the risk of harm to the safety of the country, the loss of a trusting relationship with other countries or international institutions, or disadvantage in negotiations with other countries or international institutions.

    • When there is the risk of hindrance to crime prevention, suppression or investigation, or to public safety and the maintenance of order.

    • When there is the risk of considerable hindrance to the proper implementation of the duties of our company.

    • When it will violate other laws.

*The disclosure procedure is the same for the “record related to third party provision” and “record when receiving third party provision” which our company has created. However, regarding third party provision records related to survey response content etc. which we provide to clients after excluding personal information, in the case that the specific survey response time and survey theme is not specified, we cannot make a disclosure as it will significantly hinder the appropriate implementation of our business activities.

Provision of personal information to third parties

1.We will manage the personal information we collect (acquire) properly, and will not provide it to a third party without the prior agreement of the individual. However, the following exceptions apply:

  • In cases based on law.
  • In cases when it is necessary to protect the life, body or assets of the individual and it is difficult to obtain the agreement of the individual.
  • When there is the particular need to improve public health or to promote the sound growth of children and it is difficult to obtain the agreement of the individual.
  • When it is necessary for national institutions or local public bodies or those entrusted to perform duties to cooperate in carrying out matters which are stipulated by law, and obtaining the agreement of the individual will hinder the implementation of such work.

2.In order for our company to conduct marketing research duties for our clients, we allocate IDs (hereinafter Monitor ID) to survey respondents for the purpose of information management, and may provide the IDs, survey respondent attribute information, questionnaire responses and other information.

3.Regardless of (1) noted above, when our company requests survey cooperation of survey respondents (web monitors), there are times when we request the cooperation of other survey companies (hereinafter cooperating survey companies), and there are cases when we provide personal information to cooperating survey companies.

Specifically, we provide web monitor name lists (name, email address, etc.) in encrypted form to prevent leakage, to cooperating survey companies, and we provide personal information for the purpose of checking for duplicates of email addresses etc. on web monitor name lists held by cooperating survey companies. The purpose of this is to avoid sending duplicate emails for the same reason to the same person, and to carry out deduplication acts (hereinafter name identification acts) such as sending survey cooperation request emails for surveys carried out by us to non-duplicate individuals on web monitor lists held by cooperating survey companies.
When carrying out name identification acts, non-duplicate email addresses on our web monitor name lists will not be newly added to the web monitor name lists of cooperating survey companies, however, in the case that you want us to stop providing information to cooperating survey companies, please contact us at the email address below and we will take immediate measures to suspend such provision.

Contact:ASMARQ Co., Ltd. Inquiries and complaints desk: privacy@asmarq.co.jp

4.Regardless of (1) noted above, our company conducts offline survey recruiting services, and provides the personal information (name, contact details, etc.) of survey respondents necessary for the operation of the survey to the client who is organizing the survey. In such cases, we enter into a contract with the applicable client regarding the protection of personal information, and make it an obligation for the applicable client to conduct proper safety management measures regarding personal information.

5.Within the scope of the purpose of use, there are cases when we outsource the handling of personal information to third parties. In such cases, we enter into a contract with the third party regarding the protection of personal information, and make it an obligation for the third party to conduct proper safety management measures regarding personal information.

Person responsible for personal information protection management and inquiries and complaints desk (in Japan)

1.Person responsible for personal information protection management

Manager: Masakazu Naito, Personal Information Protection Manager
Affiliated department: Internal Audit Dept.
Contact: naito@asmarq.co.jp

2.Inquiries and complaints desk

Inquiries and complaints desk, ASMARQ Co., Ltd.
4F Shibuya Property Tower, 1-32-12 Higashi, Shibuya-ku, Tokyo 150-0011
Tel: 03-5468-5101 Email: privacy@asmarq.co.jp
Please note that we cannot respond to requests made through visitations to our office.

3.Authorized personal information protection organization with which we are affiliated and contact for complaints

JIPDEC (Japan Information Processing and Development Center), Personal Information Protection Complaints and Consultation Office
Tel: 0120-700-779

<For people residing overseas>

*) Please see here for the English version. *We declare the following to people living overseas (including those with Japanese nationality). In the case that there is anything unclear about matters not particularly noted, action will be taken according to <For people residing in Japan>.

Marketing research

1.Governing laws and regulations, industry standards

  • a)Laws of each country on individual data protection, including Japan’s Personal Information Protection Law.
    Our company has obtained certification of the Privacy Mark system which shows compliance with Japan’s Personal Information Protection Law. (Registration No. 12390094)
    When conducting marketing research overseas, our company observes the individual data protection laws of the applicable countries. This includes the EU’s GDPR (General Data Protection Regulation) which is applied in the EEA area, and has mutual sufficiency with Japan’s Personal Information Protection Law.
  • b) ICC/ESOMAR International Code, JMRA Marketing Research Code of Conduct
    Our company is a member of the Japan Marketing Research Association (JMRA), and is committed to observing the Marketing Research Code of Conduct which stipulates survey respondents’ privacy protection. This code of conduct conforms to the code of conduct of ESOMAR (ESOMAR Code), which is an international organization in the market, opinion and social research industry.
  • c)Marketing, opinion and social research international quality management standard ISO 20252 (JIS Y 20252)
    Our company has acquired ISO 20252 (JIS Y 20252): 2019 third party certification (Registration No. JMAQA-R0010), and observes the quality control (including personal data protection) standards which have been established globally.

2.Handling of personal data in overseas survey projects

  • a)As a rule, our company does not handle personal data.
    When our company is contracted for, or operates overseas survey projects, as a rule, we do not collect (acquire), use or provide personal data.
    Regarding the handling of personal data, we ask the contractor (local survey organization, etc.) in the survey country to handle and process it in accordance with the applicable country’s laws, and we only receive data which is processed and dealt with statistically, such as demographic attribute information. As such, we do not provide personal data to clients.
  • b)Self-management rule in the case of exceptional personal data acquisition and use
    As an exception to (a) above, for example, in the case when an online survey of people living overseas is conducted on our server in Japan, in order to check for the prevention of duplicate answers, we may collect (acquire) and use the IP address of the device the respondent used for the survey, and cookies. However, when the purpose of use has been satisfied, (as a rule we keep the data for one year from collection), we will destroy (delete) the data in accordance with our destruction rules.
    In such cases, we will tell the survey respondents before the survey about the purpose of use and the destruction time period through the contractor in the country of the survey, and obtain prior agreement.

Commercial activity business deals (overseas)

In cases when we receive inquiries from clients including overseas customers and related companies regarding our services, and when clients participate in seminars or campaigns organized or sponsored by our company, personal data we receive from clients through the exchange of business cards, etc. will be used for the following established purposes:

  1. Negotiations, contact, consultation, consideration, orders, settlement and response related to business deals
  2. Transfer of services, etc. based on business deals
  3. Information provision, collection and communication related to our company’s services, etc.

Specifically, we may use data such as the following:
Information provided to us by clients, including name, telephone number (including cell phone and fax), email address, company name, organization name, department name, position, location of work, country or region of residence, and other information related to contact details.

Person responsible for personal information protection management and inquiries desk (overseas manager)

1.Person responsible for personal data protection management

Manager: Masakazu Naito Personal Data Protection Manager
Affiliated department: Internal Audit Dept.
Contact:naito@asmarq.co.jp

2.Inquiries desk

Overseas inquiries desk, ASMARQ Co., Ltd.
4F Shibuya Property Tower, 1-32-12 Higashi, Shibuya-ku, Tokyo 150-0011
TEL:03-5468-5101 E-mail: privacy@asmarq.co.jp

End