Privacy Policy Statement

Japan Outsourcing Solutions K.K. (JOS) takes the security of and our legal responsibilities around your personal data seriously. This statement explains relevant information about our processing of personal data collected via this website.
Should you engage us to provide you with services, the fair processing of information will be notified to you at the time.

The following information is primarily for visitors to this site from within the EU and pertains to our obligations to you under the General Data Protection Regulation (EU) 2016/679. Information required under the Protection of Personal Information Act 2017 (Japan) is also incorporated.


Data Controller  
Unless you make a request to us concerning your personal data for which we are a Data Processor, JOS is the Data Controller for all personal data you provide us with via our website. 

What personal data do we process?
The personal data we process as a result of your visiting our website depends on the data you provide to us.  If you access our site but do not interact further with us, we will only process the data contained in cookies which are necessary to be able to run our site.  Should you decide to interact with us by, for example, submitting a request form we will process the data you provide for the purposes stated on the form.  Some fields are mandatory as without them we will be unable to make further contact with you to answer your request.

When you contact us we make certain fields of data mandatory to enable us to process your request. You may choose to provide us with additional personal data, including Special Category Personal Data.  Where you provide us with any Special Category Personal Data you give us your consent to process the same.  

 

Use of personal data 
We may process your personal data collected through our website for the purposes outlined below:

Contract entry and performance:

Should you indicate an interest in becoming a client of JOS we will use the personal data in order to take steps to enter into a contract for services with you.  We may continue to use the data provided through our website in order to perform our duties under a contract with you. 

 

Our legitimate interests:
We process personal data in order to run our business, including managing our relationship with you, meeting our administrative, accounting and corporate rights and obligations, maintaining and using our IT systems and developing our business and services. 

 

Recruitment and personnel administration:

If you apply for a job through our website, we collect personal data from job applicants in order to recruit new employees.


Security, quality and risk management:

Personal data may be processed in the context of maintaining security and within the scope of internal quality and risk analysis. 


Direct marketing:

We may process personal data for direct marketing purposes to promote and develop our services and to provide you with information we think will be of interest to you. In all cases, we will give you the opportunity to opt-out of our direct-marketing activities. Opt-out can be achieved by responding using the unsubscribe options contained within the information you have received or by contacting us.  

 

Complying with legal requirements, regulations or a professional body of which we are a member of:  

We are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data. 
All personal data submitted through this site may be used by us in an anonymized form to assess and improve the services delivered herein and for our wider business development activities. 

Who do we disclose personal data to? 
We may from time to time transfer or disclose your personal data to other entities such as third parties for any of the purposes listed above, including to governmental and professional agencies and third parties who perform services on our behalf, such as web hosting providers, IT-providers, payment providers, customer relationship management providers.

When we disclose your personal data to third parties who perform services on our behalf, we ensure that such service providers use your data only in accordance with our instructions. 

We may also disclose your personal data to third parties where we are required to do so by law, regulators, or for the purposes of, or in connection with any legal proceedings, or otherwise for the purpose of establishing, exercising, or defending our legal rights. 

We do not sell or rent your personal data for any purpose.   

 

Data Subject Rights 
You may exercise a number of rights over your data including: 

-Accessing the personal data we hold about you 
-Asking us to correct any of your personal data we hold which are inaccurate 
-Request to have your personal data deleted 
-Withdraw consent to our processing of your personal data (where we process your personal data based on consent) 

-Put in place restrictions on our processing of your personal data 
-Objecting to our processing of your personal data 
-Asking us to transfer your data to another controller (data portability) 

 

We will handle all exercise of your data subject rights in accordance with the requirements of applicable privacy law.  Should you wish to exercise any of your data subject rights or have any questions about this statement please contact us using our contact form. 

If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the Personal Information Protection Commission.  

 

Further details can be found via their website. For EU citizens, the European Commission maintains a list of data protection supervisory authorities.

Duration of Processing  
We will hold your personal data on our systems for the longest of the following periods: (i) as long as is necessary for the purpose of which it was collected; (ii) any retention period that is required by law; or (iii) the end of the liability period in which litigation or investigations might arise in respect of our services.  

After the applicable retention period(s) have expired, personal data will be deleted or anonymized.  

Data Security 
We ensure appropriate technical and organizational controls are in place to protect your personal data from loss, misuse, alteration, and unintentional destruction, such as the use of anti-virus, firewalls, secure servers, hard disk encryption software, password protection, physical access controls, two-factor authentication, intrusion and anomaly detection.

 

Our personnel who have access to your personal data have been trained to maintain the confidentiality of such data.  They will only be granted access to your personal data to the extent that they need this information to perform their duties properly. The persons who can consult your data are also bound by strict professional discretion.  

Conditions to protect data to at least the same standard as we do are cascaded to all our contractors, (sub) processors, and suppliers.    

 

Regular monitoring and testing of our security defenses are carried out to ensure they continue to be effective against the latest threats.  

Data transferred over the internet by us and through this website are protected using encryption technologies. No transaction carried out over the internet can ever be guaranteed to be secure. 

 

Cookies 
Navigation on our website will result in cookies being placed on your computer. Cookies are small text files that are placed on your computer by the websites that you visit.  

 

Changes to this privacy statement 
This privacy statement was last updated in September 2021. We may amend it from time to time. Any changes will be published on this page and we recommend you check here regularly to ensure you remain in agreement with our data processing activities.