Matsuda Sangyo Co., Ltd. and its subsidiaries in Japan (hereinafter referred to as “we” or “our”) fully understand the importance of personal information and recognize that handling personal information safely and appropriately is one of our important responsibilities, and declare that we will strive to protect personal information based on the following policy.

 In addition, please also refer to the "Matsuda Sangyo Privacy Policy for EEA and UK Residents" if the European Union’s General Data Protection Regulation (hereinafter referred to as the "GDPR") or the Data Protection Act of 2018, which incorporates the GDPR as the UK GDPR, applies.

1. Compliance with Personal Information Protection Laws

We will comply with all laws and regulations regarding the protection of personal information and handle personal information appropriately.

2. Security Management Measures

We will strive to ensure the accuracy of personal information in our possession, and in order to prevent the leakage, loss, or damage of personal information, we will establish methods for managing and handling personal information, appoint persons responsible for managing personal information, and continuously implement appropriate security control measures, including employee training.

3. Acquisition of Personal Information

We will clearly state the purpose of use of personal information and will acquire personal information through legal and fair means.

4. Use of Personal Information

We will properly manage and use personal information within the scope necessary to achieve the purpose of use. In addition, we will not use personal information in a manner that may encourage or induce illegal or unjust acts.

5. Provision of Personal Information

  1. We will not provide personal information to third parties without prior consent of the individual, except as permitted by law.
  2. We may jointly use personal information held by our domestic and overseas group companies.
  3. We may contract the handling of personal information to third parties to the extent necessary to achieve the purpose of use. When contracting the handling of personal information, we will limit the subcontractors to those who manage personal information appropriately and supervise the subcontractors appropriately to ensure that the personal information is managed safely.

6. Disclosure of Personal Information

We will, upon a request from an individual for notification of the purpose of use, disclosure, correction, etc., suspension of use, etc., or termination of provision to a third party concerning personal information held by us, or disclosure of records of provision to third parties, and after confirming that the request has been made by the relevant individual, take the necessary actions in accordance with the prescribed procedures.

7. Contact

For comments, questions, inquiries, complaints, etc. regarding our handling of personal information, please contact the Personal Information Consultation Office via the contact methods listed below.

8. Revision of Personal Information Protection Policy

We will revise this policy as necessary. When revisions are made, they will be posted on our website.

 

 

About Matsuda Sangyo Group

The Matsuda Sangyo Group refers to Matsuda Sangyo Co., Ltd. and its subsidiaries in Japan. Currently, the following companies are the subsidiaries in Japan.

 

  4-1-9 Tsukiji, Chuo-ku, Tokyo 〒104-0045

  • MATSUDA ECOLOGY Co., Ltd.  President: Hayato Nozaki

  1-26-2 Nishishinjuku, Shinjuku-ku, Tokyo 〒163-0558

Handling of Personal Information

1.Purpose of Use of Personal Information
We will use personal information for the following purposes.

 

(1)Personal information of customers and business partners

 Provision of proposals concerning our products, goods, and services, information about events, and other information and consultations

 Sales and provision of our products, goods and services

 Research, planning, development and improvement of our products, goods and services

 Aggregation and analysis of questionnaires

 Negotiation, communication, order placement, settlement, or other processing related to transactions

 Transfer of goods or services related to transactions

 Responding to, confirming and recording inquiries, consultations and complaints to us Visitor history management

 

(2)Personal information of shareholders

 Exercising of rights and performance of obligations under the Companies Act
 Preparation of records, etc. and management of shareholder data in accordance with laws and regulations

 Sending and communication of company information, etc.

 

(3)Personal information of applicants in recruitment activities

 Personal information of applicants in recruitment activities

 Provision and communication of information related to recruitment

 Consideration and decisions on the hiring of applicants

 Provision of information and communication on procedures for joining the company after an offer is made

 Reference and analysis for future recruitment activities

 

(4)Personal information of our employees (including specified personal information)

 Procedures, exercise of rights, and performance of obligations related to labor-related laws and regulations, including salary payment, attendance management, and employee benefits, tax-related laws and regulations, and social welfare-related laws and regulations

 Provision of welfare services, introduction of various group insurance policies and related procedures

 Communication and provision of information to labor unions, health insurance associations, and the stock ownership association

 Communication for business purposes and in emergencies

 Usage management, monitoring, security, education and training for information systems, etc.

 Personnel management, audits and internal controls (including responding to whistleblowing)

 *We may receive and use personal information of family members from employees for the various procedures mentioned above or as a contact person in case of emergency.

 

(5)Cookie information obtained from our websites
 *The activity history, usage environment, and other information from our websites will be recorded and analyzed for the following purposes.
 Handling of information related to individuals on websites

 Provision and proposals for our products, goods and services

 Research and development of new products, goods and services

 Marketing and sales activities based on interests by analyzing acquired activity history and other information

 Improvement of the functionality and convenience of our websites

 

2.Joint Use of Personal Information
 We may jointly use the personal information in our possession as follows.

(1)Items of personal information that are jointly used

 Company name, affiliation, title, name, address, telephone number, fax number, email address, date of birth, transaction history

 

(2)Scope of joint users
 Matsuda Sangyo Co., Ltd. and its subsidiaries listed in the Annual Securities Report

 

(3)Purpose of use by users
 The same purposes of use as set forth in 1. above

 

(4)Name, address, representative, etc. of the company responsible for the management of personal information

 MATSUDA SANGYO Co., Ltd.

 163-0558

 6th Floor, Shinjuku Nomura Building, 1-26-2 Nishi-Shinjuku, Shinjuku-ku, Tokyo
 Yoshiaki Matsuda, President, Matsuda Sangyo Co., Ltd.

 

 ※Inquiries regarding joint use will be handled by the "Personal Information Consultation Office" mentioned above.

 

3.Handling of Pseudonymized Information

 When creating pseudonymized information, we will process the information appropriately in accordance with the standards prescribed by law, and will take adequate security control measures to prevent the leakage of information regarding the deleted information and the method of processing. In addition, the information will not be matched with other information to identify the individual whose personal information was the source of the creation.


4.Handling of Anonymized Information

 When creating anonymized information, we will disclose the items of information contained in the created anonymized processed information, will process the information appropriately in accordance with the standards prescribed by law, and will take sufficient security control measures to prevent the leakage of information regarding the deleted information or the processing method. In addition, we will not take any action to identify the individual whose personal information was the source of the creation.

Handling of information related to individuals on websites

  1. Acquisition of Access History, Etc.
     Our websites will use programs provided by advertising distribution businesses and other third parties to automatically save the access history, IP address, search keywords, browsing time, type of browser used, etc. of customers and business partners by using cookies on specific pages. No personally identifiable information is included in the information collected. Cookie functions can be disabled by changing the settings of your browser.

    ※A cookie is a file that is temporarily stored in the browser of a visitor to a website in order for the website's server to identify that visitor's browser. Cookies are stored in the browser of a visitor to a website, enabling the website's server to record browsing information and other information from the website visitor’s browser.
  2. Other companies' tools that are used

    1. BowNow

      Privacy Policy:

      https://cloudcircus.jp/bownow_privacy/
       

    2. Google Analytics

      Google Analytics Terms of Service:
      https://marketingplatform.google.com/about/analytics/terms/us/
      Google Analytics Policy:
      https://support.google.com/analytics/answer/4597324
      Google Privacy Policy:
      https://policies.google.com/technologies/partner-sites?hl=en
       

    3. Google Search Console

      Google Privacy Policy (same as above):

      https://policies.google.com/technologies/partner-sites?hl=en
       

  3. Handling of Cookies, etc. on Other Sites
    We will not be responsible for the handling of cookies, etc. on other websites linked to our websites, so please check the respective websites.

Procedure for Requesting Disclosure Etc. of Personal Information

 We will respond to requests by an individual or their representative for notification of the purpose of use of personal information, disclosure of personal information, correction, addition, deletion, suspension of use, elimination, suspension of provision to third parties, or disclosure of records of provision to third parties, as follows.

 

  1. How to request
    (1)Please send the following information by post to the address below.
    ●Purpose of request
    ・Requests for disclosure, etc. (notification of purpose of use of personal information, disclosure of personal information, or disclosure of records of provision to third parties)
    ・Requests for correction, etc. (correction, addition, deletion, suspension of use or elimination of personal information, suspension of provision to third parties)
    ●Contact information
    Address and name to which documents should be sent, and telephone number

    (2)We will send the prescribed application form and instructions to the contact address provided.  Please return the completed application form and required documents to the application address as described in the instructions. We will confirm the contents and respond to the request.For requests for notification of the purpose of use of personal information, disclosure of personal information, or disclosure of records of provision of personal information to third parties, a predetermined fee will be charged for each request.
  2. Contact Address for Requests for Disclosure, Etc.  163-0558 6th Floor, Shinjuku Nomura Building, 1-26-2 Nishi-Shinjuku, Shinjuku-ku, Tokyo
    Personal Information Consultation Office, Matsuda Sangyo     Co., Ltd.

Matsuda Sangyo Privacy Policy for EEA and UK Residents

Last updated on 1 September 2024

Matsuda Sangyo Co., Ltd. acknowledges the importance of personal data and other information pertaining to the privacy of our business partners, officers, employees (including job seekers and our employees’ family members), etc. and website visitors located in the European Economic Area (the “EEA”) and the UK (collectively referred to as the “Business Partners, etc.”, “you” or “your”). We will therefore process your personal data pursuant to this “Privacy Policy for EEA and UK Residents” (this “Policy”) in accordance with the EU and UK General Data Protection Regulation (respectively referred to as “EU GDPR” or “UK GDPR” and collectively referred to as “GDPR”).


Please note that this Policy only applies to our processing of personal data regarding the Business Partners, Etc. located in the EEA and the UK.

 

Matsuda Sangyo Group (“we” or “our”) includes Matsuda Sangyo Co., Ltd. in Japan and our overseas branch and subsidiaries. For more details regarding our overseas branch and subsidiaries, please refer to https://www.matsuda-sangyo.co.jp/en/company/overseas-base.html

1. Types of Personal Data We Process

The types of your personal data we collect and process shall be as follows:

Data Subjects

Specific Types of Data

Business Partners
  • Name, phone numbers, signatures, e-mail addresses, physical addresses, birth date, company name and its address, department, job titles, gender, nationalities, proof of residence and other contract information;
  • Purchase, payment and other information obtained through transactions between us;
  • Communications that you have with our personnel;
  • Photographs, surveillance images and other image data;
  • Information for identity verification which are required by applicable laws etc. such as driver’s license, passport, national ID number, social security number and proof of residence; and
  • Personal data required pursuant to statutory provisions.

Officers, Employees etc.
  • Name (including legal and preferred names), phone numbers, signatures, e-mail addresses, physical addresses, birth date, job titles, gender, nationalities, other contact information, professional qualifications, previous work experience, education level, competencies and skills, current base compensation, personal interests, driver’s license, passport, national ID number, social security number, curriculum vitae;
  • Communications that you have with our personnel;
  • Photographs and other image data;
  • Information for identity verification which are required by applicable laws etc. such as driver’s license, passport, national ID number, social security number and proof of residence; and
  • Personal data required pursuant to statutory provisions.

Website Visitor
  • Name, phone numbers, e-mail addresses, physical addresses, birth date, company name and its address, department, job titles, signature, gender and other contract information;
  • The information you have requested, the items you view on our website, information related to your interests in our products or services and other information related our website use;
  • Digital identifiers such as a device numbers, browsers, cookies and IP addresses; and
  • Personal data required pursuant to statutory provisions.

2. Purposes and Legal Bases for Processing

The purposes of processing that we assume and the legal bases for the processing shall be as follows:

Categories of Personal Data

Purposes

Legal Bases

Personal Data of our Business Partners

To collect information required for services and under agreements, greetings, correspondence and announcements

Necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract

Necessary for our legitimate interests

(to conduct our business)

To fulfill obligations and exercise rights pertaining to transactions

Necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract

To make announcements concerning products, services or events

Necessary for our legitimate interests

(to conduct our marketing activities)

To send products, samples, documents or information

Necessary for our legitimate interests

(to conduct our business)

To perform services pertaining to sales, delivery billing, payment, etc., of products or services

Necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract

To implement and correspond regarding plant visits, taste-testing parties or events

Necessary for our legitimate interests

(to conduct our business)

To respond to business partners who make inquiries or comments in regard to products, advertisements or others (including sharing information and dealing with inquiries, etc., with the body designated by the business partners or found appropriate by ourselves

, depending on the details of various inquiries made by the customers)

Necessary for our legitimate interests

(to conduct our business)

Personal Data of Officers, Employees, etc.

To perform screening for recruitment of and administrative procedures for the people who have applied for recruitment or internships

Necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract

Necessary for our legitimate interests

(to conduct our recruiting activities)

To perform labor and employment management of employees and other procedures required by ourselves for its business

Necessary for the performance of a contract or to take steps at the request of the data subject prior to entering into a contract

Necessary for our legitimate interests

(to conduct our recruiting activities)

To provide information and send items for distribution to the family members of employees

Necessary for our legitimate interests

(to operate labor and employment management)

To correspond with, provide information to and send items for distribution to retired employees

Necessary for our legitimate interests

(to operate labor and employment management)

To respond to the officers, employees, etc., who made inquiries or comments (including sharing information of and dealing with inquiries, etc., with the body designated by the officers, employees, etc., or found

appropriate by ourselves, depending on the details of various inquiries made by the officers, employees, etc.,)

Necessary for our legitimate interests

(to conduct our business)

To generate responses equivalent to the item in the previous purpose with respect to applicants for recruitment or internships

Necessary for our legitimate interests

(to conduct our business)

Sometimes we indicate that we process your personal data based on the legal ground “legitimate interest”. Legitimate interest means that a balance of interests is performed between the interests: the interests that are served by the processing on one hand and your privacy interests on the other hand, and that the interests in favor of the processing prevail. The related legitimate interests are included above per processing activity.
We do not conduct any decision-making based solely on automated processing, including profiling, that produces any legal or similar material effects on you.

3. Sources of Personal Data

We will collect your personal data in the following ways:

 

  1. Information that you provide to us:
    This includes information about you that is provided by you when filling in forms or when you are communicating with us, whether face-to-face, by phone, by E-mail or otherwise;
     
  2. Information that we collect or generate about you:
    This includes data from and about you through automated technologies or interactions. As you interact with our website, we will automatically collect technical data about your equipment as well as your browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see “Provision of Personal Data on Our Website” on our Personal Information Protection Policy for further details; and
     
  3. Information we obtain from other sources:
    This includes data provided to us by our affiliates and subsidiaries, third-party service providers, agencies or other publicly available sources where applicable.
     

Please note that any personal data that is mandatory to provide is indicated in the relevant forms that you complete. In cases where the provision of personal data is mandatory, we are not able to provide our products and/or services to you if the relevant information is not provided.

4. Processing Security Measures 

We take the following measures in compliance with the laws and regulations of the EEA and the UK related to personal data protection, other standards, guidelines, the Matsuda Sangyo’s “Privacy Information Protection Policy,” etc., to promote security control of personal data in order to prevent leaks, loss or damage of personal data or any other situation potentially causing damage to the security of personal data.

 

  1. Institutional Security Control Measures
    Establishing an institutional system for personal data protection, such as appointing a person responsible for the controlof personal data;
    Establishing regulations on the protection of personal data, etc., and operations pursuant to the regulations;
    Establishing a system for reporting to the person in charge when the fact or sign of violation of laws or handling rules is detected; and Conducting periodic self-inspections of the status of personal data handling, as well as audits by other departments and outside parties, etc.
     
  2. Human Security Control Measures
    Widely disseminating the control system and processing method, including methods for keeping personal data among our officers, employees (including temporary employees and dispatched workers) and other people concerned, causing them to carry out said methods providing regular training for employees, etc.
     
  3. Physical Security Control Measures
    Implementing measures to prevent unauthorized persons from accessing any personal data in the personal data processing area; and Preparing physical protection such as equipment, devices, etc.
     
  4. Technological Security Control Measures
    Performing access control to the system for the processing of personal data;
    Supervising the system etc. for the processing of personal data; and
    Implementing mechanisms to protect information systems that handle personal data from unauthorized external access or unauthorized software, etc.
     
  5. Understanding Outside Circumstances
    Taking security control measures while understanding the personal data protection systems in countries where the personal data is stored.
     
  6. Other
    Ensuring security control of personal data while fully considering the management capabilities of the contractors of the given service to process personal data, concluding agreements pertaining to personal data and exercising supervision over the contractors.

5. Sharing and Disclosure of Personal Data

We share and disclose your personal data to the following third parties in accordance with the GDPR for the purposes of processing described in “2. Purposes and Legal Bases for Processing” above:

 

  1. Companies in Matsuda Sangyo Group and their employees.
  2. Service providers, including IT infrastructure service providers, customer relationship management service providers, website hosting and security service providers and payment service providers.
  3. Business Partners, including ad serving and analytics service companies.
  4. In the event that we sell any business assets, we may disclose personal data to a potential buyer.
  5. Police and competent government authorities when it is necessary to comply with legal obligations, including where an obligation arises as a result of a voluntary act.
  6. Third parties when it is necessary for some other justifiable reasons that are permitted by applicable laws and regulations.

6. International Transfer

We will transfer your personal data in some cases to the third countries and region outside the EEA and UK area where we are located.

The third countries Matsuda Sangyo Group are located can be found at the website 

(URL: https://www.matsudasangyo.co.jp/en/company/overseasbase.html).

 

When we transfer personal data to countries that are not deemed by the EU and/or the UK to provide an adequate level of data protection (Article 45(1) of the GDPR), we will implement appropriate safeguards by executing with the transferee the European Commission’s Standard Contractual Clauses (EU SCC) for the EU (Article 46(2)(c) of the EU GDPR), the International Data Transfer Agreement (IDTA) or the International Data Transfer Addendum to the EU SCC (Addendum) for the UK (Article 46(2)(d) of the UK GDPR). If you wish to receive a documentation related to these safeguards, please inquire via the contact information provided in “10. Contact”.

7. Retention Period

We will retain your personal data for as long as necessary to fulfill the purposes described in “2. Purposes and Legal Bases for Processing” for obtaining and processing your personal data.

Specific retention periods are decided based on the following considerations

  1. the purpose for obtaining and processing the personal data; the nature of the personal date; and
  2. the necessity of retaining the personal data for legal obligation or contractual relationship.

8. Your Rights

You have the following rights regarding personal data obtained and processed by us:

 

  1. Access to Personal Data:
    You have the right to obtain from us confirmation as to whether we are processing personal data concerning you, and, if so, then access to the personal data and certain related information (Article 15 of the GDPR).
     
  2. Rectification or Erasure of Personal Data:
    You have the right to have us rectify inaccurate personal data concerning you without undue delay and the right to have us complete any incomplete personal data. Also, if certain conditions are satisfied, you will have the right to have us delete personal data concerning you without undue delay (Article 16 and 17 of the GDPR).
     
  3. Restriction on Processing of Personal Data:
    If certain conditions are satisfied, you will have the right to have us restrict processing of personal data concerning you (Article 18 of the GDPR).
     
  4. Data Portability of Personal Data:
    If certain conditions are satisfied, you will have the right to receive personal data concerning you in a structured, commonly used, and machine-readable format and the right to transfer those data to another controller without hindrance from us (Article 20 of the GDPR).
     
  5. Objection to Processing of Personal Data:
    If certain conditions are satisfied, you will have the right to object to processing of personal data concerning you (Article 21 of the GDPR).
     
  6. Not to be subjected to Automated Decision-making:
    If certain conditions are satisfied, you will have the right not to be subject to decision-making based solely on automated processing, including profiling, that produces any legal or similar material effect on you (Article 22 of the GDPR).
    Wherever we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Such withdrawal does not affect the lawfulness of any processing performed pursuant to the consent given prior to the withdrawal. To exercise any of these rights, please contact us via the contact information provided in “10. Contact”.

    Furthermore, you also have the right to lodge a complaint with a supervisory authority in the member state of the EEA or the UK where you have a habitual residence or a place of work or where the alleged infringement of the applicable data protection laws took place.

9. Cookies and Similar Technologies

Cookies are small amount of information that’s downloaded to your computer or device when you visit websites. We use cookies which are a mechanism to collect, record and manage the information of users when they visit websites, in order to enhance your convenience on the websites operated by us. If you prefer, you can usually set your browser to remove or reject cookies. However, you are advised to understand in advance that, if your computer is set to block cookies, some of the various services provided may be unable to be used.

Moreover, we will use an information collection module provided by a third party for the purposes of analyzing your visits and other activities on the websites operated by us, including delivering advertisements and measuring their effectiveness. Accordingly, we will transmit your information obtained along with the use of the said information collection module to the third party which provides the same.

The cookies and similar technologies we use on our website shall be as follows:

Cookies/

Similar

technologies

Provider

Purpose/Function

Type

Duration

bownow_act

Cloud CIRCUS

Used to centrally manage various information such as inquiries from

potential customers.

Analytical Cookies

1 hour

bownow_aid

1 hour

bownow_cid

1 year 1 month 4 days

bownow_mbid

1 hour

bownow_sts

1 year 1 month 4 days

bownow_tgs

1 year 1 month 4 days

bownow_tid

1 year 1 month 4 days

_ga

Google

Used to distinguish users and to improve the website.

Analytical Cookies

1 year 1 month 4 days

_gid

1 day

_ga_*

1 year 1 month 4 days

_gat_UA-*

1 minute

_clck

Microsoft

Used to improve our website (analyzing behavioral history of

website visitor)

1 year

_clsk

1 day

CLID

1 year

10. Contact

For questions or inquiries regarding this Policy such as security control measures, please contact the Inquiry Counter of the company of

Matsuda Sangyo Group to which you provided personal data. The contact details of Matsuda Sangyo Co., Ltd. are as follows.

 

Data Controller
Matsuda Sangyo Co., Ltd.
Shinjuku Nomura Building 6th Fl., 1-26-2,

Nishishinjuku, Shinjuku-ku, Tokyo 163-0558, Japan
Tel: +81-3-5381-0001
Contact us at:https://www.matsuda-sangyo.co.jp/en/contact/contact6.html

11. Amendment to this Policy

We reserve the right to change this Policy from time to time by updating our website respectively. We will contact you through this website, and where appropriate by email if we make any substantive or material amendments.