Privacy Policy
ARCS Inc. (hereinafter referred to as “the Company”) is engaged in the planning, development, sale, and maintenance of healthcare software and systems. In order to appropriately handle all personal information used in the Company’s business activities, the Company hereby establishes this Privacy Policy as a code of conduct to be observed by all officers and employees, and ensures full compliance with applicable personal information protection laws and regulations, including, but not limited to, the Act on the Protection of Personal Information of Japan, related laws, regulations, guidelines, and policies, as well as foreign personal data protection laws such as the EU General Data Protection Regulation (GDPR).
Personal Information Protection Policy
Recognizing that personal information is closely related to an individual’s personality and must be handled with due care under Article 13 of the Constitution of Japan, which guarantees respect for individuals, the Company establishes and implements the following policy for the protection of personal information handled in the course of its business operations.
-
Appointment of a Responsible Person
The Company appoints a person responsible for the protection of personal information (including “My Number” and “Specific Personal Information”), ensures that this policy is fully communicated to all officers, employees, and related parties, and implements appropriate management of personal information. -
Acquisition of Personal Information
Personal information shall be acquired by lawful and fair means, and, in principle, with the prior consent of the individual concerned regarding the purpose of use. When personal information is acquired indirectly, the Company shall publicly disclose the purpose of use on its website. My Number shall be acquired by appropriate means as prescribed by the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures and shall not be used for any purpose other than those permitted by law. -
Use of Personal Information
Personal information shall be used only within the scope of the purpose of use agreed upon by the individual or publicly disclosed, and only by authorized personnel. The Company shall not use personal information beyond the scope of such purposes and shall take necessary measures to ensure this. -
Management, Provision, and Disposal of Personal Information
The Company shall take necessary and appropriate security control measures to prevent leakage, loss, or damage in the acquisition, use, provision, storage, deletion, and disposal of personal information. If any issue is identified, corrective measures shall be taken promptly. Personal information shall not be provided to third parties without the individual’s consent, except where business operations are outsourced or as required by law. Specific Personal Information shall be provided only in accordance with applicable laws, including in cases of outsourcing. -
Outsourcing
When outsourcing the handling of personal information, the Company shall enter into necessary agreements with contractors and exercise appropriate supervision to ensure adequate security management. -
Requests and Complaints
Requests for disclosure, correction, deletion, suspension of use, or other matters concerning personal information, as well as complaints or inquiries, shall be handled in accordance with separately established procedures. -
Compliance and Continuous Improvement
The Company shall comply with applicable laws, government policies, and other relevant standards regarding personal information, and shall continuously review, improve, and enhance its personal information protection management system.
Purposes of Use of Personal Information
The Company shall use acquired personal information only to the extent necessary to achieve the following purposes.
Personal Information Acquired at Seminars and Events Hosted, Co-hosted, or Sponsored by the Company
-
Providing information on seminars and events, introducing the Company’s products and services, and delivering advertisements such as email newsletters
-
Contacting applicants and handling administrative procedures related to participation
Personal Information Acquired via the Company’s Website
-
Providing information on seminars and events, introducing the Company’s products and services, and delivering advertisements such as email newsletters
-
Analyzing behavioral history and providing information based on analysis results
Personal Information Acquired through Surveys and Questionnaires
-
Providing information on seminars and events, introducing the Company’s products and services, and delivering advertisements such as email newsletters
-
Responding to opinions and inquiries
Personal Information Related to Inquiries
-
Responding to inquiries and requests made to the Company
Personal Information of Business Partners (Including Prospective Partners)
-
Contract execution, management, and communication with business partners
Personal Information of Shareholders
-
Communication with shareholders, provision of IR information, and administrative management related to shares
Personal Information of Employees, etc.
-
Personnel management, employment administration, and employee benefits
-
Access logs to internal systems, facility management, information security management, and compliance measures
Personal Information Related to Recruitment
-
Communication, correspondence, and document delivery throughout the recruitment and onboarding process
Personal Information of Visitors to the Company
-
Ensuring security, crime prevention, and managing visitor records
Personal Information Entrusted by Clients
-
Proper performance of contracts with clients
Personal Information Acquired for Businesses Related to Healthcare Software and Systems Designed and Developed by the Company
-
Collection, processing, management, and provision of medical data for the development and manufacture of healthcare software and systems
Provision of Personal Information to Third Parties
The Company shall not provide personal information to third parties without the individual’s consent, except as required by law.
International Data Transfers
When transferring personal information outside Japan, the Company shall comply with applicable laws by obtaining consent and/or confirming the legal systems and security measures of the recipient country, and shall take necessary measures to ensure lawful protection, such as contractual arrangements, standard contractual clauses, or consent.
Requests for Disclosure, etc.
If an individual requests notification of the purpose of use, disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of provision to third parties (collectively, “Disclosure Requests”), the Company shall verify the identity of the requester and respond without delay in accordance with applicable laws. For details regarding procedures for Disclosure Requests, please contact the inquiry desk below.
Security Control Measures
The Company establishes and periodically reviews internal rules for the protection of personal information, and implements appropriate organizational, human, physical, and technical security control measures to prevent leakage, loss, or damage of personal information.
Contact Information
For questions, complaints, requests for disclosure, or other inquiries regarding the handling of personal information, please contact:
Company Name: ARCS Inc.
Address: Shibuya Dogenzaka Tokyu Building 2F-C,
1-10-8 Dogenzaka, Shibuya-ku, Tokyo, Japan
Contact:
Please use the inquiry page on our website.
Amendments to This Policy
The Company may revise this policy as necessary due to changes in laws or other reasons. Any revisions shall be announced by posting on the Company’s website or by other appropriate means.
Miscellaneous
Any matters not specified in this policy shall be handled lawfully and appropriately in accordance with applicable personal information protection laws.