(1) The Personal Information handled by the Company includes the name, sex, date of birth, age, email address, language used, name of the country and region of residence, IP address, information on cookies (including technologies similar thereto; hereinafter referred to as the “Cookies”), and browser history, etc. of the Person in Question. If the Person in Question signs up for a service on the Company website through a social media service, the Company may, in addition to the above, acquire the nickname, profile image and other content posted by the Person in Question on the social media service.
(2) In the following cases, the Person in Question is expected to provide Personal Information:
(1) The Company shall use the Personal Information provided by the Person in Question in accordance with Paragraph 1 above for the purpose of attaining the purpose and within the scope thereof as shown in the following examples. However, the case set forth in (2) below shall not be subject to the restriction under this paragraph:
(2) The cases set forth in the proviso of the preceding (1) are as follows:
When changing the purpose stated in Paragraph 2-(1) above, the Company shall notify the Person in Question or make an announcement (in principle, such announcement shall be made by posting the information on the website). However, this shall not apply to the following cases:
The Company shall endeavor to keep personal data (compiled database of Personal Information) accurate and up-to-date to the extent necessary for attaining the purpose of use.
When outsourcing all or part of the handling of personal data, the Company shall perform necessary and proper supervision of the outsourcee so as to facilitate security control.
If the Person in Question requests that the Company notify them of the purpose of use of the retained personal data (personal data which the Company is authorized to disclose, correct and delete), the Company shall, in principle, verify the identity of the Person in Question, and then give such notification without delay. However, this shall exclude the cases stated in the proviso of Paragraph 3 above.
The Company shall not provide or disclose Personal Information the Company receives to any third party without obtaining the consent of the Person in Question beforehand. However, the following cases are exceptions:
The Company may jointly utilize the personal information provided as follows. In addition, jointly utilizing persons are responsible for protection, handling of personal information, formulation and change of the privacy policy, etc. of the jointly utilized persons, however the Company bears absolutely no responsibility for thereof.
If the Person in Question requests that the Company disclose the retained personal data which can be used to identify the said individual, the Company shall verify the identity of the Person in Question, and then disclose such information without delay. However, this shall exclude the case where such disclosure violates laws and regulations, or where such disclosure is deemed likely to significantly hinder the proper operation of the Company's business.
If the Company receives a request from the Person in Question for the correction or other alteration of the retained personal data concerning the said individual on the grounds that there is an error in the data, the Company shall in principle, upon verifying the identity of the Person in Question, make the correction and notify the Person in Question without delay. If the Company receives a demand for suspension of use and deletion of the retained personal data (hereinafter referred to as the “Suspension of Use, etc.”) on the grounds that it violates a law or regulation, and when the grounds for the Suspension of Use, etc. are found, the Company shall implement the Suspension of Use, etc. to the extent necessary for correcting such violation and also notify the Person in Question without delay.
The Company shall perform security control of personal data and take preventive measures against unauthorized access, leakage, loss, falsification, etc.
(1) Use of Cookies
The Company may use Cookies to improve the experience of those who access the Company website. However, the use of Cookies shall be within the standard industry scope and shall not deviate from the scope of the purpose of use stated in the Privacy Policy.
(2) If the Person in Question is under 16 years old
As stated in Chapter III, Paragraph 6, when the Person in Question is under 16 years old, the Person in Question is expected to provide Personal Information after obtaining the consent of a person with parental authority.
(1) The personal information handled by the Company regarding recruitment activities includes the following personal information of the applicant.
(2) Personal information handled by the Company may include information on gender, health condition, nationality, etc. (hereinafter collectively referred to as "sensitive information"). Providing sensitive information is voluntary, and the Company shall only obtain such sensitive information with the prior consent of the applicants. The acquired sensitive information shall only be used to the extent necessary to improve recruiting process including increased diversity in recruitment activities, to ensure appropriateness of the Company’s business (assignment, etc.) and health assurance, and to support the acquisition of necessary entry visas and work permits.
(3) The provision of personal information provided by the Person in Question shall assume in the followings:
(1) The Company shall use the Personal Information provided by the Person in Question for achievement of each purpose and within the scope thereof as shown in the following examples. However, the case set forth in (2) below shall not be subject to the restriction under this paragraph:
(2) The cases set forth in the proviso of the preceding (1) are as follows:
The Company may jointly utilize the personal information provided as follows. In addition, jointly utilizing persons are responsible for protection, handling of personal information, formulation and change of the privacy policy, etc. of the jointly utilized persons, however the Company bears absolutely no responsibility for thereof.
The purpose of this Policy is to explain how the Company, acting as the controller, gathers and processes personal data, which has been provided and disclosed by a person residing in the EEA (hereinafter referred to as the “Data Subject”), or which the Company has received and acquired through a third party.
The method and purpose for handling the Personal Information of the Person in Question by the Company, types of the Personal Information of the Person in Question handled by the Company, and the provision and jointly utilization of the Personal Information of the Person in Question to third parties are as stated in Chapter I, Paragraph 1 through Paragraph 8 and Chapter II, Paragraph 1 through Paragraph 3.
In principle, the consent of the Person in Question provides the legal basis for the use of Personal Information by the Company. If the Person in Question does not give his/her consent, the following form the legal basis for the use of Personal Information; as a necessity for performing a contract with the Person In Question, as a necessity for executing the procedures according to a request from the Person in Question before the execution of the contract, as a necessity for legitimate interests sought by the Company or a third party, or as a necessity for complying with legal obligations which the Company is to assume. An increase in profit, etc. due to improvements, etc. of marketing and services, improvements, etc. of the accessibility and security of the Company website fall under “legitimate interests sought by the Company or a third party.”
In addition to complying with Chapter I, Paragraph 6 (Notification of Purpose of Use), Paragraph 9 (Request for Disclosure), Paragraph 10 (Correction and Suspension of Use of Personal Information), the Company shall respond to requests concerning the Personal Information of the Person in Question residing in the EEA within a reasonable period of time and scope as follows. Note that when processing a request, the Company shall verify the identity of the Person in Question in advance.
If the Company is compelled to internationally transfer the acquired personal data to a third country outside of the EEA, the Company shall take proper protective measures necessary for international data transfer. When conducting marketing, business activities or service provision for the Company's various businesses, the Company may use a server provided by an overseas service operator.
When using the Company's services and other similar items, if a Person in Question residing in the EEA is under 16 years old or has not reached the age limit under the laws of the EU member country, the Person in Question is expected to obtain the consent of a person with parental authority or obtain the person with parental authority's permission to give him/her consent. If the person with parental authority files or fills out an application for use, etc. of the Company's services on behalf of the Person in Question, the person with parental authority is expected to obtain the consent of the Person in Question with respect to the handling of the Personal Information by the Company before filing the application.
The Company shall store and manage the personal data acquired or gathered from the Person in Question for a required period according to the purpose stated above. If the personal data becomes unnecessary in light of the purpose stated above, the Company shall, in principle, delete the personal data promptly.
The Company may analyze the access logs of the Company website. However, the Company shall not perform automated processing (including profiling) for analyzing and forecasting the personal preferences and actions of the Data Subject by utilizing the Personal Information provided, and decision-making which legally affects the Data Subject.
With respect to the processing of the relevant Personal Information, the Person in Question has the right to raise an objection to the data protection authorities having jurisdiction over the place of residence of the Person in Question. Data protection authorities in the respective countries can be checked at the URL below:
( http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080 )
(1) This Privacy Policy shall come into effect on December 20, 2021
The contact address for inquiries with respect to Chapter I, Paragraphs 6, 8 and 9, and Chapter II, Paragraph 4 is stated below. The Company shall endeavor to process complaints and opinions sent to us appropriately and promptly.
Good-Feel Co., Ltd.
Osaki New City 3rd. 9F, 1-6-3 Osaki, Shinagawa, Tokyo 141-0032