SIGMAXYZ Holdings Inc. (the “Company”), as a corporation supporting the creation of its clients’ corporate value, believes that information security is a critical duty. The Company is fully aware of the importance of handling personal information (information concerning an individual whereby a specific individual can be identified or which contains an individual identification code; hereinafter the same), as well as individual numbers and specific personal information(“Specific Personal Information etc.”; collectively with personal information, “Personal Information etc.”), and will act in compliance with the Act on the Protection of Personal Information (the “Personal Information Protection Act”), the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (the “Number Act”), guidance, guidelines and other codes issued by the national government, will endeavor to protect Personal Information etc. pursuant to this Personal Information Protection Policy (this “Policy”), and will build personal information protection management systems which will be reviewed in a timely manner and continuously improved.

1.Utilization Purposes of Personal Information etc.

The Company will utilize client personal information (excluding Specific Personal Information etc.) for the purposes set forth in (1) through (6) below to the extent necessary to carry out its business, and will take measures to ensure that such information is not utilized for any other purposes:

  1. To respond to inquiries and questions to the Company;
  2. To give notice of fairs, events and seminars held or offered by the Company;
  3. To use as survey materials for marketing activities associated with the Company’s business;
  4. To prepare internal statistical materials (age breakdown, gender breakdown, etc.) for the Company;
  5. To use in the Company’s business (provision of assorted business consulting services) and to build relationships with clients and others; and
  6. To use in the Company’s hiring activities and post-hiring human resources management (salary payment, attendance management, emergency contact, etc.).

In a case where, when acquiring client personal information (excluding Specific Personal Information etc.), the Company obtains the client’s consent for utilization of such personal information for purposes in addition to those described above, the Company will utilize such personal information within the scope of the purpose for which the consent was obtained.
The Company will utilize Specific Personal Information etc. to the extent necessary to carry out its administrative obligations in handling the Individual Numbers set forth in the Number Act, and will take measures to ensure that Specific Personal Information etc. is not utilized for any other purposes.

2.Collection of Personal Information etc.

The Company will acquire Personal Information etc., with the prior consent of the person in question, and in a lawful and fair manner.

3.Provision of Personal Information etc. to third parties

Without the prior consent of the person in question, the Company will not provide such person’s personal information (excluding Specific Personal Information etc.) to any third parties (excluding joint users under Article 4 and contractors referenced in Article 5 of this Policy); provided, however, that if necessary to protect a person’s life, body or property, or if otherwise permitted by law, personal information may be provided to third parties without the consent of the person in question.
Unless permitted or required by the Number Act, the Company will not provide Specific Personal Information etc. to any third parties.

4.Joint utilization of personal information

In a case where the Company will jointly utilize client personal information (excluding Specific Personal Information etc.) for any of the purposes set forth in Article 1 of this Policy, prior to such joint utilization, the Company will notify the client of the matters relating to such joint utilization, or will provide conditions that the client can easily learn such matters.

5.Provision of personal information to contractors

The Company may, to the extent necessary for any of the purposes set forth in Article 1 of this Policy, entrust to third-party contractors the handling of personal information in whole or in part. In such case, such entrustment will be carried out on the condition that such contractors take or perform measures for the protection of personal information pursuant to applicable law and regulation.

6.Security measures

To prevent the leakage, loss or damage to, and to ensure the security of, Personal Information etc. handled by the Company, the Company will take or perform necessary and appropriate measures and, where necessary, corrections in accordance with its internal rules related to information security.

7.Disclosure, correction etc., and cease of utilization etc.

In a case where the person in question requests notice of the purpose of utilization of such person’s Personal Information etc. or disclosure, correction etc. or cease of utilization etc. of such Personal Information etc., the Company will provide such person with notice of the purpose of utilization, or disclose, correct, or cease the utilization of Personal Information etc. in accordance with applicable law and regulation.

8.Personal information management system

The Company handles Personal Information etc. under the management of a personal information protection manager. If a client wishes to request notice of the purpose of utilization or disclosure, correction etc. or cease of utilization of Personal Information etc. in the Company’s possession, or to offer opinions, ask questions, lodge complaints, or engage in consultation relating to the Company’s handling of Personal Information etc., please contact the Company at the following address:
SIGMAXYZ Inc. Personal Information Desk
9th Floor Toranomon Towers Office, 4-1-28 Toranomon, Minato-ku, Tokyo 105-0001
Telephone no.: 03-6430-3400

9.Amendment of Personal Information Protection Policy

Upon amendment of applicable law and regulation or change to the nature of the Company’s business, the Company may revise this Policy. If the Company revises this Policy, the Company will post such revisions on the Company’s website.

10.Definitions

For the purposes of this Policy, the terms “personal information,” “entrustment,” “disclosure,” “correction etc.” and “cease of utilization etc.” have the same meanings ascribed to them in the Personal Information Protection Act, and the terms “individual number” and “Specific Personal Information” have the meanings ascribed to them in the Number Act.

SIGMAXYZ Holdings Inc.
Hiroshi Ota, Representative Director

 

Adopted October 1, 2008
Revised May 1, 2010
Revised March 18, 2014
Revised November 11, 2014
Revised November 25, 2015
Revised July 21, 2017
Revised June 27, 2018
Revised November 20, 2018
Revised February 10, 2021
Revised October 1, 2021
Revised June 27, 2023