Institution for a Global Society Corporation
Privacy Policy
Institution for a Global Society Corporation (hereinafter referred to as “the Company”) handles personal information in the course of conducting its business and recognizes that it has a responsibility to establish a strict and appropriate management system for the protection of personal information. Therefore, the Company has established the following privacy policy (hereinafter referred to as the “Privacy Policy”). The Company has therefore established the following privacy policy (hereinafter referred to as the “Privacy Policy”). In order to ensure that our customers can use our services and products with peace of mind, all executives and employees of the Company will strive to properly handle, manage, and maintain personal information in accordance with this policy. In addition, based on changes in the environment surrounding the Company and the actual situation, the Company will review and improve the operation of personal information protection in a timely and appropriate manner on an ongoing basis.
Institution for a Global Society Corporation
CEO
Masahiro Fukuhara
Institution for a Global Society Corporation (the Company)
1-11-2 Ebisu-Minami, Shibuya-ku, Tokyo 150-0022
Masahiro Fukuhara, President and Representative Director
Personal Information Management Committee Personal Information Protection Manager
With respect to the handling of personal information, the Company shall comply with the Act on the Protection of Personal Information (Act No. 57 of 2003) (hereinafter referred to as the “Personal Information Protection The Company shall comply with the Act on the Protection of Personal Information (Act No. 57 of 2003) (hereinafter referred to as the “Personal Information Protection Act”), government ordinances and regulations related to the Personal Information Protection Act (hereinafter collectively referred to as the “Personal Information Protection Law”), and guidelines related to the Personal Information Protection Law (hereinafter referred to as the “Guidelines”). ), and guidelines related to the Personal Information Protection Law (General Rules, Pseudonymized and anonymized processed information, Obligation to confirm and record information when providing to a third party, Provision to a third party in a foreign country, Authorized Personal Information Protection Organization, etc.), as well as other laws and guidelines related to our business.
In this Privacy Policy, unless otherwise defined, the terminology used in personal information protection laws and regulations will be used.
This Privacy Policy applies to all of our personal information handling practices and applies to all of our services and products (collectively, the “Services”). This Privacy Policy applies to all of our services and products (collectively, the “Services”). In the event that the privacy policy, terms of use, etc. (hereinafter referred to as “individual terms, etc.”) for each of the services or products that comprise the Services individually stipulate the handling of personal information, the Company shall notify the customer of such individual terms. (“Individual Terms, etc.”) that individually stipulate the handling of personal information, the Individual Terms shall take precedence over this Privacy Policy.
The Company will publicly announce the purposes of use of the personal information it handles (including public announcements through this Privacy Policy), or notify the public of such purposes. In addition, when obtaining personal information directly from the person concerned, we will clearly state the purpose of use in advance and notify the person concerned of such purpose. In addition, when acquiring personal information directly from the person concerned, we will clearly state the purpose of use in advance and acquire personal information in a lawful and fair manner.
When acquiring personal information that requires special consideration, we will obtain the consent of the person in advance, except in cases permitted by law.
We will use personal information in an appropriate manner within the scope necessary to achieve the purpose of use.
1) Introduction
The Company acquires information that forms the basis of your temperament, behavioral characteristics, skills, cognitive tendencies, qualities and abilities, etc., evaluates and analyzes this information, and analyzes and evaluates the results (including the information itself that forms the basis of such analysis and evaluation.) The same shall apply hereinafter). ) to customers, companies using our services (hereinafter referred to as “Service Users”, and in cases where administrative agencies, etc. use services other than those for educational institutions, they are also included), and educational agencies using our services (hereinafter referred to as “Educational Agencies”). ) and educational institutions using our services (hereinafter referred to as “Service-Using Educational Institutions,” and when services for educational institutions are used by administrative agencies, etc., administrative agencies, etc. are also included. (Together with Service-Using Companies, collectively referred to as “Service-Using Corporations, etc.”). The basis of this service is to communicate the results of the analysis and evaluation to the Service Users (including the Service Users’ companies).
While we strive to ensure that the results of such analysis and evaluation are accurate and fair, we cannot guarantee 100% accuracy, and as a result, there is a possibility that some of the analysis results may be inaccurate. Based on the results of such analysis and evaluation, there is a possibility that Service Users may make favorable or unfavorable evaluations or judgments of clients in the areas of personnel management such as recruitment or educational policies such as entrance examinations. We ask our clients to use the information appropriately based on such analysis and evaluation. Customers agree in advance that the Company’s purpose of use of personal information includes such content, and that the Company shall not be held responsible for any evaluation or judgment made by Service Users, etc. toward customers.
Specifically, the Company will handle personal information within the scope necessary to achieve the following purposes of use. In the event that the Company changes the purpose of use, it shall do so within the scope that is reasonably deemed to be relevant to the purpose of use before the change.
2) Personal information acquired for the provision and development of our products and services
A) To provide services and products related to labor relations such as recruitment, placement, training, and personnel evaluation
B) To provide services and products related to students and students’ abilities and school education
C) Provision of other educational products and services
D) Provision of products and services related to marketing
E) Information managed under contract from other companies
F) Other actions necessary for our business
3) Personal information acquired in connection with recruitment and employment at the Company
4) Personal information concerning shareholders
5) Use for Academic Research
In the STAR Project, which is a joint research project between the Company and an academic research institution, the Company will provide your personal data to the academic research institution with the consent of the customer. The academic research institution will ensure the security of the customer’s personal data in accordance with its internal regulations and use such personal data for the purpose of academic research (this purpose of use includes provision to third parties).
(Note) “Data Analysis” in this Privacy Policy cannot determine or diagnose the existence of Sensitive Personal Information itself. However, it may be possible to infer sensitive personal information and other sensitive information, for example, by identifying a characteristic tendency of a customer, which may lead to the inference of a tendency to a specific mental disorder, and the “data analysis” results the Company provides to Service Users may include such sensitive information. The results of “data analysis” provided to Service Users may include information from which such sensitive information can be inferred.
The company may analyze data, prepare reports on the results of analysis and evaluation, and provide them to Service Users, as well as provide consulting services such as advice on personnel policies and training programs, and evaluations. The results of such analysis/evaluation and consulting services may work to the advantage or disadvantage of individual customers. The Company will indicate this Privacy Policy to the customer and let the customer decide whether or not to agree to it, and the customer agrees that by agreeing to this Privacy Policy, the Company will not be responsible for the implementation of such consulting services by the Company or any evaluation or judgment of the customer by the corporation using the service, etc.
The Company shall take organizational, personnel, physical and technical safety management measures to prevent leakage, loss or damage of personal data and to manage other personal data. We will take organizational, human, physical and technical safety control measures to prevent leakage, loss or damage of personal data and to otherwise manage personal data. The Company’s security control measures are as follows.
Outline of security control measures taken by the Company
1 Formulation of basic policy
In order to ensure the proper handling of personal data, we have established this Privacy Policy regarding “compliance with related laws and guidelines,” “contact point” for questions and complaints, etc.
2 Discipline for handling personal data
For each stage of acquisition, use, storage, provision, deletion/disposal, etc., “Personal Information Management Regulations” have been established regarding handling methods, responsible persons/persons in charge, and their duties.
3 Organizational Safety Control Measures
・The Company has established a Personal Information Protection Manager as the person with overall responsibility for the protection of personal information, division managers in the divisions under his/her jurisdiction, and a cross-divisional Personal Information Management Committee to determine authority and responsibility for the protection of personal information, as well as to clarify the employees who handle personal data and the scope of personal data handled by such employees, and to establish a system for reporting to the Personal Information Protection Manager in the event that a violation of the law or company regulations or signs of such violation are detected. We have also established a system for reporting to the personal information protection administrator in the event that a fact or indication of a violation of the law or company regulations is detected.
・With regard to the status of handling of personal data, the Company regularly inspects the handling of personal data in daily operations and conducts internal audits systematically based on the internal audit plan.
4 Personnel safety control measures
・The department manager informs the employees of the department under his/her jurisdiction of the bylaws concerning personal information and the information system that handles such information, and clarifies the roles and responsibilities of the employees.
・Regular training is provided to employees on information security considerations, including personal information.
・We require employees to submit a “confidentiality pledge” when they join or leave the company.
5 Physical Security Control Measures
・In areas where personal data is handled, the company controls employee access to rooms and restricts the equipment they may bring in, and implements measures to prevent unauthorized persons from viewing personal data.
・The Company has taken measures to prevent theft or loss of equipment, electronic media, and documents that handle personal data, and has implemented measures to prevent personal data from being easily discovered when such equipment, electronic media, etc. are carried, including within the business site.
6 Technical security control measures
・Access control is implemented to limit the scope of persons in charge and the personal information databases, etc. handled.
・A system is in place to protect information systems that handle personal data from unauthorized external access or unauthorized software.
7 Understanding the external environment
We identify as much as possible the foreign countries where personal data is handled and the countries where our servers are located, etc., and implement appropriate security control measures by understanding the systems, etc., for the protection of personal data in these foreign countries. We will respond without delay to any requests from customers regarding an overview of the implementation of safety control measures regarding the external environment, in accordance with laws and regulations.
In principle, we do not provide personal data to third parties without the consent of the individual, except for provision to third parties to which the customer has consented as described in “6. However, we may provide personal data to third parties without the consent of the customer to the extent that it does not violate related laws and regulations, including in the following cases.
1) When required by law
2) When it is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the individual
3) When it is especially necessary to improve public health or to promote the sound growth of children, and it is difficult to obtain the consent of the person in question.
4) When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and obtaining your consent is likely to impede the execution of those affairs.
5) Where the third party is an academic research institution, etc., and it is necessary for the third party to handle the relevant personal data for academic research purposes (including cases where part of the purpose of handling the relevant personal data is for academic research purposes, but excluding cases where there is a risk of unjustified infringement on the rights and interests of individuals) (iii) When there is a need for the third party to handle the personal data for academic research purposes.
When we provide personal data to third parties in foreign countries, we will take necessary measures such as obtaining consent in accordance with laws and regulations.
We provide personal data related to ONGAESHI provided in Japan to BOUNDLESSEDU PTE. LTD. located in Singapore based on joint use and equivalent measures.
・Disclosure Items Related to Shared Use
(1) Joint Use of Personal Data
The Company jointly uses personal data related to ONGAESHI provided in Japan as follows.
(2) Items of personal data to be shared
Name, nickname, e-mail address, telephone number, gender, date of birth, hometown/place of residence, desired and current annual income, personal PR (including education and employment history), qualifications and skills possessed, learning history and grades of courses taken within the ONGAESHI system
(3) Scope of joint use
The Company and BOUNDLESSEDU PTE.
(4) Purpose of use by those who jointly use the information
・For the management and operation of the LMS, Position NFT Market, NFT Rental Market, Recruitment Auction Market, and Solidarity Contribution (Token) granting system within the services provided in Japan under the name of ONGAESHI (the use of personal information for the purpose of this paragraph includes the provision to third parties).
・To analyze data based on information including learning and behavioral history obtained on the services provided in Japan under the name of ONGAESHI for students and adults who wish to find employment or change jobs, convert the data into employment matching scores, and provide the scores to hiring companies (use of personal information for the purposes described in this section includes provision to a third party).
・To develop and improve our products and services
(5) Name and address of the person responsible for the management of personal data and name of the representative of the corporation
Institution for a Global Society, Inc.
1-11-2 Ebisu-Minami, Shibuya-ku, Tokyo 150-0022, Japan
Masahiro Fukuhara, President and Representative Director
・Regarding the Company and equivalent measures
The company continuously take measures equivalent to those required to be taken by business operators handling personal data (hereinafter referred to as “equivalent measures”) with respect to the handling of personal data for BOUNDLESSEDU PTE. LTD. on an ongoing basis. The individual may request information on the Reasonable Measures from the Company in accordance with Article 28, Paragraph 3 of the Personal Information Protection Law. In addition, in order to implement the Corresponding Measures, the Company will make the following public announcement on behalf of BOUNDLESSEDU PTE. LTD. based on the agreement with BOUNDLESSEDU PTE. LTD.
(1) Purpose of use by BOUNDLESSEDU PTE. LTD.
Same as the description in (4) of the disclosure regarding joint use.
(2) Response to leakage, etc.
In the unlikely event of a leakage, etc. of personal data at BOUNDLESSEDU PTE, the Company will take responsibility for reporting and notifying the individual concerned.
(3) Public Announcement, etc.
BOUNDLESSEDU PTE. LTD. will make the following public announcements regarding the transferred retained personal data in accordance with Article 32 of the Personal Information Protection Law:
①Name and address of the business operator concerned, and in the case of a corporation, the name of its representative BOUNDLESSEDU PTE.
1 Raffles Place, #20-01 One Raffles Place Tower One, Singapore
Director:Narumi Nakahara
②(Purpose of use of all retained personal data (related to joint use)
The same as the description in (4) of the disclosure items regarding joint use.
③Procedures for responding to requests or demands from the individual
Same as the Company (refer to 11)
④Measures taken for the secure management of retained personal data
BOUNDLESSEDU PTE. LTD. complies with the Singapore Personal Data Protection Act 2012 (PDPA) and other personal data protection laws and guidelines that are relevant or applicable to BOUNDLESSEDU PTE. LTD. BOUNDLESSEDU PTE. LTD. will take organizational, personnel, physical, and technical security control measures to prevent leakage, loss, or damage of personal data and to manage other personal data securely. BOUNDLESSEDU PTE. LTD. uses appropriate passwords, criteria for data disclosure, data encryption, data anonymization, periodic security reviews and testing, and other authentication and authentication measures.
⑤Contact for complaints regarding the handling of retained personal data
The company will respond on behalf of BOUNDLESSEDU PTE. LTD. (refer 14)
(4) Disclosure, correction, etc., suspension of use, etc., explanation of reasons, procedures for responding to requests for disclosure, etc., and measures related to fees, etc.
The company will respond on behalf of BOUNDLESSEDU PTE. LTD. (refer 11)
(5) Complaint handling
The company will respond on behalf of BOUNDLESSEDU PTE. LTD. (refer 14)
When outsourcing the handling of a person’s personal data to a subcontractor, such as a subcontractor, within the scope of the purposes of use described in 6, we will select an appropriate subcontractor, exchange a contract regarding the outsourced operations, and implement appropriate supervision, such as ascertaining the status of the handling of personal data at the subcontractor. In this case, the Company will select an appropriate subcontractor.
If we receive a request from a customer for disclosure, etc. of personal information for which we are authorized to respond to notification of purpose of use, disclosure, correction, addition or deletion of content, suspension of use, deletion, suspension of provision to a third party, or disclosure of records of provision to a third party (hereinafter referred to as “Request for Disclosure, etc.”), we will respond as follows. If we receive a request for disclosure, etc. from a customer regarding personal information for which we have the authority to respond to the customer’s request, we will respond as follows
1) To prevent leakage of personal information, we will verify your identity when we receive your request for disclosure, etc. If we are unable to confirm your identity, we may not be able to respond to your request.
2) Requests for disclosure must be made in accordance with the prescribed procedures.
3) If we are unable to respond to your request for Disclosure, etc., we will reply to your request, clarifying the reason in accordance with laws and regulations.
4) A fee of 1,000 yen (excluding tax) will be charged for each request for notification or disclosure of the purpose of use of personal information among the requests for disclosure, etc.
Cookie technology allows a website to exchange information between the website and the site user’s computer, making it possible to obtain a record of the site user’s visits and to change the display for each site. This is a service that is not available on the Company’s Web site. Our website and this service use cookies to understand the usage of the website and this service (number of visits, etc.), but we do not collect personal information using cookies (including the collection of cookie information using Google Analytics, which is described below). However, the Company does not collect personal
information through the use of cookies (including the collection of cookie information through Google Analytics as described below).
We also use Google Analytics to understand the use of the above website and the Services. Google Analytics uses cookies to collect information about users. For an explanation of the Terms of Use (https://www.google.com/analytics/terms/jp.html) and Privacy Policy (https://www.google.com/intl/ja/policies/privacy/) of Google Analytics, please visit Google’s website at Google Analytics. The Company shall not be liable for any damages resulting from the use of Google Analytics services.
In addition, the Company may place banner advertisements, etc. on websites other than the Company’s, in which case the Company will follow the cookie rules of the website on which the advertisement is posted. You can change your browser settings to disable the acceptance of cookies or delete stored cookies.
Whether or not to submit personal information is at the discretion of the customer. However, if you do not register the necessary information for the Service, we may not be able to provide all or part of the Service. In addition, if you set your browser not to accept cookies, some of the functions of the Service may be limited or you may not be able to use the Service depending on the contents of the Service.
If you have any questions, comments, or complaints regarding our handling of personal information, please contact us at the following address.
①Address
4F, 1-11-2 Ebisu-Minami, Shibuya-ku, Tokyo 150-0022
Institution for a Global Society K.K. Personal Information Manager
②Email:pim@i-globalsociety.com
*Personal information provided at the time of inquiry will be used only for the purpose of responding to your inquiry.
*If you do not receive a reply within 5 days after sending an e-mail, it is possible that the e-mail did not reach us due to a server error or other reasons. In that case, please contact us again.
The organization accepts complaints and consultations regarding the Company’s handling of personal information.
1. Name of authorized personal information protection organization
Japan Information Processing Development
2. Contact for resolution of complaints
Personal Information Protection Complaint Consultation Office
Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
Telephone 03-5860-7565 / 0120-700-779
(Note) This is not a contact for inquiries regarding our products or services.
Our website is protected by SSL (Secure Socket Layer) encrypted communication to prevent personal information from being leaked to outside parties.
(Supplementary Provisions)
Date enacted May 18, 2010
Date last amended September 1, 2024