Processing of Personal Data
CCS Inc. (the “Company”) processes personal data received from the Customers (including not only customers of the products and services we provide but also users of the Company’s website, hereinafter the same shall apply) appropriately in compliance with laws and regulations, as well as guidelines, other rules and the like concerning the protection of personal data.
Policy on Protection of Personal Data
The Company has stipulated its “Policy on Protection of Personal Data” as described below concerning personal data we process, and endeavors to use and protect such data appropriately.
1. Formulation and Continuous Improvement of Compliance Program
The Company will formulate and comply with its internal rules as a compliance program for its officers and employees to recognize the importance of the protection of personal data, and appropriately use and protect personal data. Also, the Company will establish and maintain an administrative structure to comply with its internal rules, and continuously improve the same.
2. Collection, Use and Provision of Personal Data
The Company will appropriately process personal data when collecting, using and providing the same in accordance with its compliance program.
3. Implementation of Security Measures
The Company will endeavor to keep personal data accurate and updated, and prevent unauthorized access to, loss, falsification and divulsion of personal data to ensure the accuracy and security of personal data through taking information security measures and other security measures.
4. Compliance with Laws and Regulations as well as Other Rules and the Like concerning the Protection of Personal Data
In addition to the foregoing, the Company will comply with laws and regulations concerning the protection of personal data, as well as guidelines, other rules and the like stipulated by supervisory agencies and other authorities.
Particulars of Personal Data We Obtain
Personal data means information about a living individual which can identify a specific individual by name or other description contained in that information (including information which can be readily collated with other information and thereby identify a specific individual) or which contains an individual identification code. The Company will obtain the following personal data concerning the Customer from himself/herself, the Company’s group companies, the Company’s customers and the like.
1) Customer information
Name, information of affiliation (name of the company, title, department and division the Customer belongs to), contact information (address, telephone number, FAX number, mail address), history and particulars of inquiries, information on whether transmission of direct mails or the like is approved, and other Customer information.
2) Details of transactions with the Company
Information concerning the details of the Customers’ transactions with the Company and consultations relating thereto, bank accounts and payment information of credit cards or the like and other information generated in the course of the Customers’ transactions or consultations with the Company.
3) Information generated from the use of the Company’s website
The registered ID, password, IP address, browsing history of and date/time of access to the website, information concerning terminals/OS/browsers or the like that Customers are using, location information, other status of use of the services, as well as analytical findings based on such information (such as information concerning the Company’s products and services which customers are presumed to be concerned with or interested in), and other information generated from the Customers’ use of the Company’s website.
4) Other information
Information concerning the Customers’ comments, requests, inquiries, replies to surveys to and communication or the like with the Company, records of Customers’ entry into and exit from premises which the Company controls, security camera footage, and other information provided to the Company based on any involvement of the Customers with the Company.
Purposes of Use of the Customers’ Personal Data
The Company (hereinafter including its group companies) will use the Customers’ personal data for the purposes described below.
In addition to the following purposes of use, we will appropriately use the Customers’ personal data within the scope of the purposes of use which are otherwise specifically approved.
1) Provision of, consultation on, and communication concerning products and services of the Company.
- a. Communication, consultation, negotiation, and entrustment of business in relation to transactions with the Company.
- b. Performance, communication, and provision of after-sales services in relation to contracts formed with the Company.
- c. Comprehension, investigation and analysis of the status of transactions for and reviews of the products and the like provided by the Company.
- d. Administration, supervision, performance and other appropriate implementation of services entrusted by the Company.
- e. Responses to comments, requests, inquiries and other matters concerning contracts.
2) Promotions regarding the products and services.
- a. Promotions of mail magazines, newsletters, information and advertisements concerning products, services and the like of the Company, its business partners or the like.
- b. Promotions on various campaigns, trade exhibitions, seminars and the like held by the Company, its business partners or the like.
- For avoidance of doubt, to fulfill these purposes, the Company may analyze the information obtained therefor, such as the Customers’ browsing history and/or purchase history, and direct messages tailored to the Customers’ concerns and/or interests.
3) Planning, development, analysis and improvements of the Company’s products, services and the like.
- a. Analysis, quality improvement of, and enhancing dealings with people concerning the Company’s existing products and services.
- b. Planning and development of the Company’s new products and services.
- c. Investigation and analysis of the status of the Company’s sales and the Customers’ usage as well as planning and development using the results thereof.
- d. Implementation, analysis and measurement of effects and use of survey research associated with the Company’s marketing activities.
4) Improvement of and other activities concerning the Company’s website.
- a. Improvement of user-friendliness and other qualities of the Company’s website.
- b. Planning and development based on the usage status of the Company’s website.
5) Implementation of recruiting activities.
- a. With respect to recruiting activities, consideration of candidates, hiring decisions, and notification of the same.
- b. Verification, analysis of recruiting and screening activities, review of and taking measures for future recruiting and screening activities.
- c. Implementing internships and using the same as a reference in planning and conducting future programs.
- d. Implementing procedures prior to joining the Company and employment administration after joining the Company.
6) Responses to comments, requests, inquiries and the like to the Company.
7) Rendering services consigned to the Company.
8) The Company’s responses to statutory obligations and requirements, and implementing the necessary investigations and other responses in relation to governance in the Company and the exercise of its rights.
9) Performing the Company’s duties concerning the shareholders’ rights and obligations pursuant to the Companies Act as well as other laws and regulations, implementing various measures and policies to facilitate its relationship with the shareholders.
10) Implementation of other responses associated with fulfilling the aforementioned purposes.
Provision of Personal Data to Third Parties
Except in the cases specified below, the Company will not provide personal data to third parties.
1) In cases where the consent of the Customer is obtained.
2) In cases where the Company entrusts a third party to process personal data to the extent necessary for the Company to achieve the purposes of use of personal data. In this case, the Company will be responsible for administering personal data provided to the entrustee of the services to ensure that the entrustee processes the same appropriately.
3) In cases where the provision is based on the joint use.
4) Other cases in accordance with laws and regulations.
Upon the provision of personal data to third parties in these cases, the said provision may be made to, in addition to businesses located in Japan, those located in the EU or other countries including the UK, Korea, the U.S., Singapore, Taiwan, China, Thailand, and Malaysia. The EU and UK are respectively designated by the Personal Information Protection Commission, Japan (“PPC”), as “a foreign country establishing a personal information protection system recognized to have equivalent standards to that in Japan in regard to the protection of an individual’s rights and interests.” Also, Korea is recognized by the European Commission as a country that ensures an adequate level of protection of personal data, and the U.S., Singapore and Taiwan, as signatories of the APEC Cross-Border Privacy Rules (CBPR) System that is the framework developed by the APEC for cross-border privacy protection, are considered likely to have approximately equivalent protection standards to that in Japan. Beyond that, with respect to the eight principles of the OECD’s Guidelines governing the protection of privacy and transborder flows of personal data (“OECD’s Privacy Guidelines”) (i.e., principles of Purpose Specification, Use Limitation, Collection Limitation, Data Quality, Security Safeguards, Openness, Individual Participation, and Accountability), China stipulates all of these principles, Thailand stipulates all but the principle of Accountability, and Malaysia stipulates all but the principle of Openness. Also, the recipients of data from the Company address these eight principles of the OECD’s Guidelines. On the other hand, some of these countries have systems concerning: (i) government access; and (ii) data localization, which may cause a significant impact on a person’s rights and interests. Specifically, Singapore, Thailand and Malaysia have the system described in (i), and China has the systems described in (i) and (ii). For the avoidance of doubt, any recipient of data from the Company has never been subject to a request in (i) above for government access. For the details of the systems and the like concerning protection of personal data in these countries, please refer to the research findings by the PPC.
Joint Use
The Company will jointly use the personal data within the scope described below to provide comprehensive service through its group companies and partner firms.
1) Personal data to be used jointly
Name, information of affiliation (name of the company, title, department and division the Customer belongs to), contact information (address, telephone number, FAX number, mail address), history and particulars of inquiries, information on whether transmission of direct mails and the like is approved, and other items necessary to achieve the purposes of use.
2) Scope of the joint users
The Company’s group companies (including firms which will join the group in the future, please visit ( https://www.optexgroup.co.jp/en/company/group.html ) for the details). The Company’s partner firms (business entities that have a business relationship or engage in transactions with the Company concerning the development, manufacturing, sale, consulting or the like of the machine vision apparatus for inspection, UV irradiation equipment or other products and services of the Company).
3) Purposes of use
To enhance the products and services provided to the Customers and realize efficient provision of the same.
To promote the products and services provided by the joint users.
To achieve the aforementioned purposes of use.
4) The entity in charge of administering the joint use
Use of Cookies and the Like
A Cookie is a small text file downloaded in the browser of a device (such as a smart phone) and used for the access when the Customer accesses a website. Through the use of cookies, the Company can recognize the device of a Customer, and obtain information concerning the Customer’s browsing history, status of use of the Company’s website or the like. The Company uses technology including Cookies for the purposes of, among other things, providing a more convenient website to the Customers, and making predictions about the Customers’ needs, the details of which are as follows:
Providers of Cookies, Etc. | Information which will be transmitted to the provider | The Company’s purposes of use | The recipients’ purposes of use, Etc. |
---|---|---|---|
Google LLC | OS/version of the browser, IP address, communication carrier, URL/history of use of the website browsed, identifier for advertisers and the like. | Comprehension of the status of use of a website, aggregation/analysis for improvement of services and merchandise, distribution of advertising and measurement of the effect of advertising corresponding to website visit history and predicting the Customers’ needs. |
Policy Ad settings Opt-in plug-in |
LY Corporation | OS/version of the browser, IP address, telecommunication carrier, history of use of the website browsed, identifier for advertisers and the like. | Distribution of advertising corresponding to website visit history and predicting the Customers’ needs. | Policy |
Microsoft Corporation | OS/version of the browser, IP address, telecommunication carrier, history of use of the website browsed, identifier for advertisers and the like. | Distribution of advertising corresponding to website visit history and predicting the Customers’ needs. | Policy Opt-out |
Salesforce, Inc. | URLs, history of use of the website browsed and the like. | Comprehension of the status of use of a website, aggregation/analysis for improvement of services and merchandise. | Policy |
Kobe Digital Labo Inc. | Membership information upon registration on the website, information on downloaded materials and the like. | Provision of website functions (membership registration, inquiries, downloading materials). | Policy |
Markerise, Inc. | Membership information upon inquiry/downloading materials, URLs, history of use of the website browsed and the like. | Provision of website functions (membership registration, inquiries, downloading materials), promotion of contents. | Policy |
Baidu, Inc. | URLs, history of use of the website browsed and the like. | Comprehension of the status of use of a website, aggregation/analysis for improvement of services and merchandise. | Policy |
Where to Request, Comment and Complain
In cases where the Customer wishes to make inquiries, corrections, deletions or the like regarding the particulars of his/her personal data, we will respond thereto in accordance with laws and regulations, after verifying the Customer’s identity.
To inform, comment, complain or take similar action concerning the processing of personal data, please contact our reception desk as described at the bottom of this “Processing of Personal Data”.
Processing of Personal Data of Customers Residing in the EEA or the UK
The Customers residing in the European Economic Area (the “EEA”) or the UK are advised to also see the following items.
1) Legal basis for the processing of personal data
As for items 1) to 10) stated in “Purposes of Use of the Customers’ Personal Data” above, the Company processes the Customers’ personal data based on the following legal basis.
- (i) Provision of, consultation on, and communication concerning products and services of the Company:
The Company processes information concerning the Customer’s name, affiliation, address, telephone number, mail address and the like (the “Customer’s Basic Information”) as well as the details of transactions with the Company for the performance of a contract or to realize the legitimate interest of developing better products and the like.
- (ii) Promotions regarding the products and services:
The Company processes the Customer’s Basic Information for the legitimate interest of the Company of providing better options for the Customers, or upon a Customer’s consent.
- (iii) Planning, development, analysis and improvements of the Company’s products, services and the like:
The Company processes information concerning the details of transactions with the Company or information including inquiries by the Customers for the legitimate interest of the Company of continuously improving its products and services for the Customers.
- (iv) Improvement of and other activities concerning the Company’s website:
The Company processes information generated in association with the use of its website based on the legitimate interest of having a more comfortable use of the Company’s website.
- (v) Implementation of recruiting activities:
The Company processes the personal data of the applicants who responded to the Company’s recruiting activities, to realize the legitimate interest of smooth implementation of the Company’s recruiting activities and procedures for joining the Company, as well as for the performance of a contract in association therewith.
- (vi) Responses to comments, requests, inquiries and the like to the Company:
The Company processes information in relation to comments and the like from the Customer, upon the Customer’s consent.
- (vii) Rendering services consigned to the Company:
In cases where the Company uses the Customer’s personal data, the Company processes such data for the legitimate interest of providing more fulfilling services to the Customers.
- (viii) The Company’s responses to statutory obligations and requirements, and implementing the necessary investigations and other responses in relation to governance in the Company and the exercise of its rights:
The Company may use the Customers’ personal data to comply with statutory obligations, or to realize the legitimate interest of exercising rights held by the Company.
- (ix) Performing the Company’s duties concerning the shareholders’ rights and obligations pursuant to the Companies Act as well as other laws and regulations, implementing various measures and policies to facilitate its relationship with the shareholders:
The Company may use the Customers’ personal data to comply with statutory obligations.
2) Exercise of rights by the Customers
The Customers residing in the EEA or the UK have the following rights towards the Company’s processing of personal data:
- (i) The right to withdraw consent to the Company’s processing of personal data.
- (ii) The right to request data portability.
- (iii) In the following cases, the right to object to the Company’s processing of personal data:
- - In cases where the Company uses the Customers’ personal data for the purpose of direct marketing.
- - In cases where the Company is using a Customer’s personal data for the Company’s legitimate interests, and if there is a reasonable ground for the Customer to object thereto.
- (iv) The right to file an objection with the competent supervisory authority.
3) Transfer to areas outside the EEA or the UK
The Company may transfer the Customers’ personal data to countries outside the EEA or the UK including Japan where the Company’s head office is located. In such cases, the Company will ensure that an appropriate level of protection is implemented for the Customers’ personal data through adequacy decisions stipulated by the EEA or the UK or standard contractual clauses.
Revisions of this “Processing of Personal Data”
If necessitated by laws and regulations or other circumstances, the Company will revise this “Processing of Personal Data.” Please always check the updated particulars of every revised version posted on this web page. For the avoidance of doubt, when a Customer who has provided the Company with personal data upon consent to this “Processing of Personal Data” uses the Company’s website after any revision, it will be deemed that the Customer has also consented to the respective revisions.
Reception Desk for Processing of Personal Data at CCS Inc.
38 Konoe-cho, Demizu-agaru, Muromachi-dori, Kamigyo-ku, Kyoto 602-8019
TEL: +81-75-415-8277 Fax: +81-75-415-8278
Revised on July 29, 2024