Privacy Policy個人情報保護方針

最終更新日:2022年5月9日

Hoyu Co., Ltd., located at 501 Tokugawa 1-chome, Higashi-ku, Nagoya and its group companies (the “Group,” “we,” “our,” or “us”) provide this Privacy Policy to describe how we process the personal data of customers including visitors of the website of the Group (each, a “customer” or “you”) 
In addition to this Privacy Policy that applies to all customers, the Group has prepared exhibits that may also apply to you depending on the area where you live or are located. In such cases, please refer to the applicable exhibits. If this Privacy Policy conflicts with any country-specific exhibit, the exhibit in question will prevail.

1. Categories of personal data subject to processing

The Group processes the following data of customers.

  • Name, age, date of birth, gender, occupation, address, country of residence, and information related to contact details, including phone number, e-mail address, and social media accounts;

  • Information regarding products and services that you purchase (or intend to purchase), such as serial number, manufacturing information, warranty information, information related to the condition and use of products, positional information, service history, and store of purchase;

  • Communications from customers, such as requests;

  • Information relating to an individual acquired or generated in connection with products and services provided by the Group (including operations incidental or related to those products or services);

  • Information relating to an individual acquired or generated in connection with any research or event conducted by or related to the Group;

  • Cookies of customers who access any website of the Group and other terminal identifiers, information about visitors’ interactions with the website of the Group, such as pages viewed, features used, and browser type, and attributes known or inferred from such visitors’ interactions with the website of the Group (age, gender, interests categories, affinity categories, in-market segments, etc.)

  • IP addresses of visitors who access the website of the Group, provider information, terminal information, and web browser information (such as version and date and time of use of the browser software), operating system of the computer used to access the website of the Group, any websites the customer accessed in order to visit the websites of the Group, any websites the customers visited while browsing the websites of the Group, and search terms if the customer searched the websites of the Group;

  • Name and email address of each customer who makes an inquiry;

  • Any content requested by a customer, such as site content, text, images, downloaded data files, etc.; and

  • Any other information relating to an individual collected in the course of achieving the purposes set out in Section 2 “Purposes of Processing” or after providing separate notice at the time of collection in accordance with applicable law.

2. Purposes of processing

The Group processes your personal information for the following purposes:

  • to provide our products and services;

  • to manage client information and various records, and to conduct internal management, such as information sharing among the Group;

  • to collect and analyze information, such as market research for the purpose of enhancing the quality of, developing, and improving products and services provided by the Group;

  • to conduct quality assessments and other internal evaluations of the products and services provided by the Group;

  • to conduct marketing activities, analysis, and sales promotional activities related to products and services provided by the Group;

  • to deliver email magazines and direct mail;

  • to provide information relating to the products and services provided by the Group;

  • to provide information about various events, seminars, and campaigns conducted by or related to the Group; to make requests related to questionnaires; to dispatch prize products; to conduct operations and management; 

  • to measure attributes of customers who access any website of the Group; to analyze the use of the website of the Group; to conduct maintenance, respond to problems, and conduct improvements in relation to the website of the Group; and to investigate server problems;

  • to respond to inquiries from customers;

  • to cooperate with supervisory authorities and other public institutions in response to disputes or legal processes, or as otherwise required by applicable laws or other requirements, or on a voluntary basis;

  • to comply with laws, rules, and other regulations;

  • to conduct other operations necessary for the provision of services incidental thereto;

  • to develop new products and services;

  • to ensure the security of services, including prevention against cyber attacks;

  • to conduct early comprehension of, and respond to, information on accidents related to products and services provided by the Group, and to promptly respond to and resolve accidents and other matters in dispute;

  • to conduct examinations, make requests, and communicate with business partners of the Group for mutual business activities, and to select, examine, and communicate with business partner candidates;

  • to carry out procedures for a business partner who have signed a nondisclosure agreement with us;

  • for other purposes as explained upon collection of personal data; and

  • for other purposes permitted under applicable laws and regulations.

3. Legal basis for processing

The Group processes your personal data in accordance with applicable personal information protection regulations. Please refer to the country-specific exhibits regarding the legal basis for processing in each country. If personal data is required to provide the Group’s products and services and you do not provide such personal data, the Group might be unable to provide you with such products and services.

4. Retention period for personal data

The Group retains the personal data of visitors as long as it is necessary in order to fulfill the purpose of use or to perform obligations under applicable laws and regulations. In order to determine the appropriate retention period for personal data, the Group considers (i) the volume, attributes, and confidentiality of the personal data, (ii) risks of potential damage from abuse or disclosure of personal information, (iii) the purposes for which the Group processes the personal data and whether those purposes may be achieved by other means, and (iv) applicable legal prerequisites. When the personal data of customers that the Group collects is no longer needed, the Group deletes or anonymizes such personal data, or if these processes are not possible (for example, when the personal data is saved in a backup archive), the Group will store the personal data of customers safely until such data can be deleted, and then prevent any further processing of such personal data.​ ​​ ​

5. Sources of personal data

The Group may obtain your personal data directly from you in particular when you interact with us and our websites, and when you purchase goods and services from us or indirectly from other sources in particular service providers (processors) of the Group.

6. Sharing and disclosure of personal data

The Group shares with and discloses to the following third parties the personal information of visitors in order to fulfill the purposes set forth in Section 2 “Purposes of Processing.”

(1) The Group

The Group may provide the personal data of visitors within the Group to the extent necessary to achieve the purposes set forth in Section 2 “Purposes of Processing.”

(2) Contractors

In providing you with products and services, the Group may delegate a part or all of its operations to contractors and provide such contractors your personal data to the extent necessary to achieve the purposes set forth in Section 2 “Purposes of Processing”. The Group takes necessary and appropriate measures in accordance with any provisions stipulated by applicable laws and regulations if the Group delegates to these contractors the handling of the personal data of customers. 

In addition, the Group may share personal data with a third party in the following cases:

  • when sharing is conducted in accordance with a demand from public authorities (and government authorities, regulatory authorities, etc.), subpoenas, court orders, government investigations, or other legal proceedings, or when required by laws;

  • when sharing is necessary to protect the life, body, or property of an individual;

  • when the personal information is shared as a result of sale, merger, acquisition, or any other transfer of all or a portion of assets (including as part of bankruptcy proceedings) of a company;

  • when your consent has been obtained; and

  • other cases permitted by applicable laws and regulations.

7. Overseas transfer of personal information

Your personal data may be transferred to the following countries as a result of sharing and disclosure described above.

The U.S., Canada, the UK and Commonwealth of Nations, Netherlands, South Korea, China, Taiwan, Thailand, Singapore, Malaysia, Indonesia, and Japan.

If data is transferred to one of the above countries, the Group will comply with data protection measures required by the applicable laws and regulations. Please refer to the country-specific exhibits for the transfer mechanisms used with respect to each country.

8. Safety management measures

The Group takes the following safety management measures for the safe management of your personal data.

  • Formulation of basic policies: To ensure proper processing of personal data, the Group formulates basic policies, including those related to “compliance with related laws and regulations, guidelines, etc.” and “reception desk for processing questions and complaints.”

  • Preparation of rules related to handling personal data: The Group formulates regulations for handling personal data in relation to methods of handling, persons responsible, persons in charge, their duties, etc. for acquisition, use, storage, provision, deletion, disposal, and all other steps.

  • Organizational safety management measures: In addition to appointing persons responsible for handling of personal data, the Group restricts access to personal data to those who require access to such data as part of their employment and restricts the scope of personal data handled by such employees to only data needed as part of their employment. The Group maintains a reporting and communication system for persons responsible if any instance or indication of a violation of laws or handling regulations is discovered.

  • Human safety management measures: The Group conducts regular training for employees in relation to important matters regarding the handling of personal data.

  • Physical safety management measures: In areas where personal data is handled, the Group takes measures to prevent access to personal data by persons without authority to access such personal data, in addition to managing employees’ physical access to such areas. The Group also takes necessary measures to prevent personal data from being readily viewed when carrying such devices, electronic media, etc. (including when relocating inside the office), in addition to taking measures to prevent theft, loss, etc. of devices, electronic media, documents, etc. that handle personal data.

  • Technical safety management measures: The Group limits the number of persons managing personal information and the scope of personal information databases, etc. handled by controlling that access. The Group also installs systems to protect information systems that handle personal data from externally originating unauthorized access and unauthorized software.

  • Ascertainment of the external environment: The Group handles personal data in the U.S., Canada, the UK and Commonwealth of Nations, Netherlands, South Korea, China, Taiwan, Thailand, Singapore, Malaysia, Indonesia, and Japan. The Group takes appropriate safety management measures based on an understanding of the systems for protecting personal information in these countries.

9. Cookies and similar technologies

Please refer to the following cookie policy.

10. Direct marketing communications

The Group takes necessary measures in accordance with applicable laws and regulations when conducting direct marketing communications with customers.
If you no longer want to receive direct marketing communications from the Group, you may opt out by following the instructions contained within each email or by contacting the Group as stated in in Section 13 “Contact Details.” Please note that even if you opt out from receiving direct marketing communications, the Group may send you administrative messages that are not subject to the opting out process.

11. Acquisition of information resulting from use of service tools provided by third parties

Google analytics

In some online services provided by the Group, the Group may obtain statistical usage information by using Google Analytics.
GIn Google Analytics, the Groups collects user information that does not include personal identification information by using cookies, etc. For more information about how Google Analytics collects and uses data when you use our website, visit www.google.com/policies/privacy/partners. and to opt out of Google Analytics, visit www.tools.google.com/dlpage/gaoptout.

The Group and third party vendors, including Google, combine first-party cookies, such as Google Analytics cookies (or other first-party IDs), and third-party cookies, such as Google advertising cookies (or other third-party IDs), to analyze your attributes and interests.

Google Ads

Upon obtaining consent from visitors, the websites of the Group use “Google Ads” provided by Google Ireland Ltd. (Address: Gordon House, Barrow Street, Dublin 4, Ireland) (“Google”) to measure the effectiveness of advertising measures and make further approaches to customers. When you visit a website of the Group, Google Ads sets cookies on your device. Using those cookies, Google analyzes and visualizes the number of reaches to advertisements of the Group and processes information (regarding use status of the websites of the Group, correspondence with the websites of the Group, advertising measures, your IP address, your browser information, websites of the Group you have visited in the past, and dates and times of access) obtained from your device to display personalized advertisements. For that purpose, Google Ads may identify whether each device is yours (or your family members’). “Remarketing” enables re-identification of a user of the websites of the Group, recognition of such user on other websites in the Google advertising network (e.g. Google Search or YouTube), and displaying of advertisements in which the user holds a deeper interest.
The information generated by cookies in relation to your use status of the websites of the Group (including your IP address) is sent to, and stored in, a Google server located in the U.S.  

Social media plug-ins

Social media content management services (cookies or plug-ins for each social media network) are integrated into the websites of the Group. Upon obtaining your consent, each social media company (each, a “Provider”) may provide related services to you. If you use these tools to share personal information or you otherwise interact with these features on the website, such Providers may collect information about you and may use and share such information in accordance with your account settings, including by sharing such information with the general public. 
Your interactions with third-party companies and your use of their features are governed by the privacy policies of the companies that provide those features. We encourage you to carefully read the privacy policies of any accounts you create and use.
Providers are stated below.

Facebook

Operating company: Meta Platforms, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA
Operating company within the EU: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”)

For an overview of Facebook plug-ins and their appearance, please refer to the following site:
https://developers.facebook.com/docs/plugins/page-plugin/

Twitter

Operating company: Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”)

For an overview of Twitter buttons and their appearance, please refer to the following site:
https://dev.twitter.com/web/tweet-button

YouTube

Operating company: Google LLC, 1600 Amphitheater Parkway, Mountainview, California 94043, USA
Operating company within the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland 

For an overview of YouTube plug-ins, please refer to the following site:
https://developers.google.com/youtube/documentation

Instagram

Operating company: Meta Platforms, Inc. 1 Hacker Way, Menlo Park, CA 94025, USA (“Instagram”)

For an overview of Instagram plug-ins and their appearance, please refer to the following sites:
https://developers.facebook.com/docs/instagram

LinkedIn

Operating company: LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, California 94085, USA
Operating company within the EU: LinkedIn Ireland Unlimited Company, Gardner House, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”)

For an overview of LinkedIn plug-ins and their appearance, please refer to the following site:
https://developer.linkedin.com/plugins#

To strengthen data protection when you visit the websites of the Group, these social media services are integrated into the websites of the Group as a “two-click button” system. Through this method, you will not connect to a Provider’s server automatically when you access a page from a website of the Group (including plug-ins). Data transmission is permitted only if you enable social media services, and in that case your browser generates a direct link to the Provider’s server. The content of each plug-in is directly sent to your browser by the relevant Provider and displayed on the screen of your device.
A Provider can use social media tools to ascertain websites you have visited in the past, your IP address, your browser information, and the date and time of server requests. If you use social media functions (e.g., clicking the share button or adding comments), that information is directly sent to the Provider from your browser and stored. The relevant Provider may use your data for its own purposes, including analysis, marketing, profiling, or associating that data with data collected about you (through user accounts under each Provider), even when you do not log into such social media account.
For you to recognize the details regarding collection and use of data by Facebook, Twitter, Google, Instagram, or LinkedIn and further detailed information regarding rights and measures you can use to protect your privacy in these circumstances, please refer to the data protection policy or privacy policy of each Provider. 

Objecting to data collection:

You can withdraw your consent any time in the future by disabling cookies in any websites of the Group (by using “Cookies settings” button on the “Cookies” page). You can also select whether to accept or refuse cookies as you like by changing the settings in browser or social media platform.

12. Rights of customers

The Group will respect the rights you hold regarding personal information protection regulations applicable to you. If applicable, visitors may request the following in accordance with the Act on the Protection of Personal Information: disclosure of personal data; correction, addition, and deletion of personal data; suspension of use and erasure of personal data; and suspension of provision of personal data to third parties. Rights may be granted to customers under applicable personal information protection regulations of each country..

These rights may be limited in case they would infringe the rights of a third party (including the Group’s rights). The Group may need to request specific information from you to help the Group confirm your identity. The Group may also contact you to ask for further information in relation to your request so that the Group can expedite our response. For rights granted in each country, please refer to the country-specific exhibits. If you wish to exercise your rights, please contact the Group by using the contact details in Section 13 “Contact Details” of this Privacy Policy.
Pursuant to personal information protection regulations of each country that are applicable, the following rights are examples of those that may be granted to customers. If requirements under the relevant personal information protection regulations are satisfied, the Group will comply with exercise of such rights.

  • Access to your personal data: You may have the right to obtain from the Group the confirmation as to whether personal data concerning you is being processed, and, if so, the right to access the personal data and certain related information.

  • Rectification of your personal data: You may have the right to make the Group correct inaccurate personal data concerning you without undue delay and the right to make the Group complete any incomplete personal data.

  • Deletion of your personal data: You may have the right to make the Group delete personal data concerning you without undue delay.

  • Restriction on processing of your personal data: You may have the right to make the Group restrict processing of personal data concerning you.

  • Objection to processing of your personal data: You may have the right to object to processing of personal data concerning you that affects your rights.

  • Withdrawal of your consent: You may have the right to withdraw your consent in case the Group is relying on your consent to process your personal data.

  • Data portability: You may have the right to receive personal data concerning you in a structured and generally machine-readable format and the right to transfer such data to another manager without any disturbance by the Group.

You may also file a complaint in relation to processing of your personal data by the Group directly to the relevant supervisory authority.

13. Contact Details

For questions and inquiries regarding this Privacy Policy, please contact the consultation center regarding personal information stated below:
https://hoyu-inquiry.secure.force.com/inquiry/

To identify the address of each company of the Group and the name of the representative of each company of the Group, please refer to the webpages displaying the outline of each Company of the Group.

14. Changes to this Privacy Policy

The Group may, in making changes to this Privacy Policy (including country-specific exhibits), change all or part of this Privacy Policy or add to it by publishing the details on the websites of the Group, sending emails to customers, or giving notice by appropriate methods. In that case, the amended Privacy Policy will be applied from the earlier of the date when you use a service, access a website of the Group, or contact the Group for the first time after receiving such notice or the date stated in such notice. If other necessary procedures under personal information protection regulations are applicable, those procedures will be taken.