PRIVACY STATEMENT

  1. Overview

    1.1 Introduction
    This Privacy Statement (hereinafter referred to as the “Statement”) describes the purpose of this Privacy Statement. This Statement describes our processing of personal data (information related to an identified or identifiable natural person). If there is any conflict between the Japanese version and the English version, the Japanese version takes precedence.

    1.2 How We Relate to Personal Data
    As the controller of personal data (the entity that determines the purposes and means of processing personal data), we process the personal data described in 2.1. and 2.2. Please refer to 2.1. and 2.2. for the purposes of such processing, and to 2.3. for the legal basis.

    In addition, as a processor of personal data (the entity that processes personal data on behalf of the controller), we process the personal data described in 3. This Statement does not apply to our processing of personal data as a processor, as such processing is performed in accordance with the contract we have entered into with our clients or under the instructions of our clients. For more information, please refer to section 3.

    1.3. Our contact information and the contact information of the Data Protection Officer

    1.3.1. Our contact information
    If you have any questions about this Statement or the personal data we process, or if you wish to exercise your rights as an individual, please contact us. You can contact us by e-mail or postal mail.

    Team Spirit Corporation Tokyo Head Office
    E-mail address: legal@teamspirit.com (Corporate Department)
    Mailing address: 4F Kyobashi Souseikan, 2-5-18 Kyobashi, Chuo-ku, Tokyo 104-0031, Japan

    For general inquiries, please use the Contact Us page of this website.
    https://corp.teamspirit.com/ja-jp/contact

    1.3.2 Contact information for our Data Protection Officer
    To contact our Data Protection Officer, please go to legal@teamspirit.com or by mail to the address above. Please indicate that you are addressing your request to the Data Protection Officer.

  2. Personal data that we process as controller

    2.1 Personal data that we obtain directly from you
    The personal data that we collect directly from you includes your identification information, occupation and other employment-related information, financial account information, business information, and Internet activity information. We collect and use such personal data in the following circumstances.

    2.1.1 Information about customers/potential customers
    (1) When we collect personal data
    We may request personal data (such as name, title, company name, address, telephone number, e-mail address, billing information and bank account information) from our customers or potential customers in the following cases

    • When you express interest in our cloud services and request further information.
    • When you contact us through our website (including the “Contact Us” page) or SNS, etc.
    • When you download specific content or subscribe to a mail magazine, etc.
    • When you apply to participate in a seminar
    • When you use our cloud services
    • When you use our customer support (including access to our portal site for customers)
    • When you respond to a satisfaction survey

    (2) Purpose of use of personal data

    • To establish business relationships, such as sending service, technical, and other administrative emails and messages. For example, our sales or marketing communications team may contact you at the contact information you provide to promote our services (including new product features, promotional communications, and other news about our company).
    • To fulfill our contract with you for the use of our cloud services or to fulfill our obligations under the applicable terms of use/services. In this connection, we may register the customer’s system administrator in the portal site for customers and contact the customer with information necessary for the use of our cloud services (such as service upgrades and error information).
    • In order to improve our services in the future and to thank existing customers for their cooperation with our measures.

    2.1.2 Information about applicants for employment
    If you apply for a position with us through our website or through a referral, we may ask you to provide us with personal data about yourself, such as your name, e-mail address, current employer, age, qualifications to work in the place of employment, educational background, employment history, and other information that you provide on your resume. Such personal data will be used to assess your skills, abilities and interests for the position for which you have applied, and to contact you regarding the recruitment process.

    2.1.3. Information about our employees
    We may collect or request personal data (e.g., personnel information, training performance information, benefits, health information, or emergency contact information) about our employees or their family members. In addition, in compliance with the “Act on the Use of Numbers to Identify Specific Individuals in Administrative Procedures,” we will acquire specific personal data personal data (my number). Such personal data will be used to make decisions on the hiring and assignment of employees, to manage the employment contract relationship with the Company, to process payroll (including payment and deduction of taxes and social insurance) The personal data will be used for the purpose of determining the employment and assignment of employees, managing the employment contractual relationship with the Company, processing payroll (including payment and deduction of taxes and social insurance), evaluating service, managing employee health in accordance with applicable health and safety regulations, IT controls and compliance with the Company’s IT policies.

    2.1.4. Information about Business Partners
    We may ask our business partners (including contractors and resale partners) to provide us with information about their business partners. We may request our business partners (including contractors and resale partners) to provide us with personal data (contact information, financial account information, etc.) of those who belong to the business partner. Such personal data will be used for the purpose of maintaining business relationships with business partners, conducting co-hosted events and seminars, and for payment/billing or related operations.

    2.1.5. Other information about the person who made the inquiry
    We may request personal data (name, title, company name, address, telephone number, e-mail address, etc.) of the person who made the inquiry or applied for participation when the person makes an inquiry via web form or e-mail, or applies for participation in an event or campaign hosted by us. The personal data will be used for inquiries and applications. Such personal data will be used to answer or respond to inquiries or requests, or to conduct the event for which you have applied.

    2.1.6 Data related to the use of our website
    As is the case with many websites, we automatically collect certain information from individual users when they visit our website, using tracking technologies such as cookies. This information may include, in addition to identification and business information, IP addresses (or proxy server information), device and application information, identification numbers and features, location information, browser type, plug-ins, additional features, Internet service provider or mobile carrier, pages viewed and This information may include Internet activity information such as pages and files viewed, searches, referring websites, applications, advertisements, operating systems, system configuration information, advertisements and language settings, date and time stamps associated with your use, and frequency of website visits. This information is used to analyze overall trends in the use of our website, to provide and improve our website, to provide customized information and settings to website users, and to secure and maintain our website.

    2.1.7. Data related to the use of our cloud services
    The Company automatically collects certain information when an individual user uses the Company’s cloud services. Such information includes, in addition to identification information, IP address (or proxy server), mobile device number, device and application identification numbers, location information, browser type, Internet service provider or mobile carrier, pages and files viewed, searches and other operations, etc. This may include Internet activity information, such as your browser type, operating system, system configuration information, and date and time stamps associated with your use. In addition, in connection with the use of our cloud services, we collect information about the usage of the service functions in a form that does not identify the individual. We use this information to maintain the security of our services, to provide necessary functionality, to improve service performance, to understand and improve the service experience for our customers and users, to check compliance with applicable terms and conditions, to understand error conditions and future service improvements, to assess necessary capacity, and for our overall security purposes. security purposes.

    2.2 Personal Data We Collect from Other Sources
    We collect information from other sources, such as third-party providers and publicly available information. The personal data we collect from other sources may include contact information, business information, professional or employment-related information, and educational information. The specific sources from which we collect personal data are as follows:

    2.2.1 Customer Information Referred by Business Partners
    The Company may receive personal data (name, title, company name, address, telephone number, e-mail address, etc.) from business partners, including companies that co-host events and webinars, and from advertising media operated by other companies. Such personal data will be used for the purposes described in “2.1.1. Information about customers/potential customers.

    2.2.2. Information on Recruitment Applicants Introduced by Recruitment Support Services and Recruitment Agents
    The Company may obtain personal data (such as name, e-mail address, current workplace, age, nationality, educational background, employment history, and other information to be included in the resume) of employment applicants from recruitment support services and recruitment agents. Such personal data will be used for the purposes described in “2.1.2. Information on employment applicants” above.

    2.2.3. Shareholders
    The Company shall acquire personal data of shareholders (including name, contact information, address, class and number of shares, and date of acquisition of shares) by appropriate and fair means. Such personal data shall be used in accordance with the relevant laws and regulations. Such personal data shall be used for the purpose of exercising shareholders’ rights and fulfilling the Company’s obligations under the relevant laws and regulations, maintaining relationships as shareholders of the Company, maintaining and updating the shareholders’ register, paying dividends, contacting shareholders with relevant information, and responding to inquiries and requests.

    2.3 Legal basis for processing personal data
    Where required by the laws and regulations applicable to the personal data in question, the consent of the individual will be sought prior to the collection, processing, and use of personal data for the above purposes. Similarly, unless otherwise required by law, if we use personal data for new or different purposes other than those described above, we will notify the individual and obtain his or her consent.

  3. Personal Data Processed by the Company as a Processor and its Legal Basis

    The Company has entered into a contract for the use of the Company’s cloud services with the Company’s customers (hereinafter referred to as the “Contract for Customers”). (hereinafter referred to as the “Company”), and the personal data of the customer entered on the Company’s cloud service for the Company’s customer or the Company’s customers (hereinafter referred to as the “Customer Management Data”). (hereinafter referred to as “Customer Management Data”) in accordance with the instructions of the Company’s customers. As the processor of the Customer Data, we have no authority over the processing of the Customer Data by our customer, who is the controller himself, so if you wish to exercise your rights under the applicable data protection laws, please contact the customer directly. If you wish to make a request directly to us, please provide us with the name of the customer who submitted or entrusted the relevant personal data to us, as we do not have access to customer administrative data unless instructed by the customer. We will inform the customer of the nature of the request and assist the customer as necessary to respond to the request within a reasonable period of time.

  4. Automated decision making, including profiling

    We do not use automated means, including profiling, to process personal data when making decisions about individuals.

  5. Provision and Sharing of Personal Data

    We will provide personal data to third parties and share it with our affiliates as described below. Except to the extent described below, personal data will not be sold, traded, loaned, disclosed, transferred, or otherwise provided or shared. In addition, when providing or sharing personal data, we will do so in strict compliance with applicable laws and regulations.

    5.1 When instructed by the customer
    We will provide and disclose customer administrative data in accordance with customer instructions, including the applicable terms and conditions of the “Customer Agreement,” and in compliance with applicable laws and legal process.

    5.2. In the event of a change in the Company’s business
    In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of the Company’s assets or stock, or similar transaction or proceeding contemplating such activities, the Company may share or provide personal data in accordance with a security management agreement, including appropriate confidentiality obligations.

    5.3 Contractors
    The Company may entrust the handling of personal data to third parties (including virtual computing and storage service providers) for the purposes of use set forth above. The Company may entrust the handling of personal data to third parties (including virtual computing and storage service providers) for the purposes of use specified above. In addition, for the purpose of providing our cloud services and various corporate related services, we may receive advice from our contracted professional advisors such as lawyers, bankers, accountants, and insurance companies regarding consulting, banking, legal, and accounting services. The Company may disclose personal data to the extent necessary for the above purposes.

    5.4 Joint use with affiliated companies
    The Company may share personal data with its affiliated companies as follows.

    (1) Items of personal data to be shared
    Name, company name, address, telephone number, e-mail address, and other items necessary to achieve the purpose of use

    (2) Scope of joint users
    TeamSpirit Singapore Pte Ltd.

    (3) Purpose of joint use
    For the purpose of use described in “2. Personal Data Acquired by the Company as Administrator” above.

    (4) Name of the person responsible for the management of the personal data
    Data Protection Officer, Team Spirit Co.

    (5) Method of acquisition
    Written (including records made by electronic or magnetic methods, etc.), oral (telephone, interview, etc.)

    5.5 Government agencies, courts, and regulatory authorities
    Personal data may be disclosed if the Company receives a request for information from a government agency, court, regulatory authority, or other public body, or if the Company reasonably believes that disclosure is required under applicable laws, regulations, or legal process.

    5.6. In addition to the above, when we have your consent to provide information to a third party
    In addition to the above, we may provide or share personal data with a third party if we have your consent to do so.

  6. International transfer of personal data

    We may share personal data with our subsidiary, TeamSpirit Singapore Pte Ltd, a company incorporated under the Singapore Companies Act. (a company incorporated under the Singapore Companies Act). When this subsidiary processes personal data, it will do so legally in accordance with Singapore’s Personal Data Protection Act, and will ensure that it has the same level of protection and security systems as our company. In addition, personal data may be processed in other jurisdictions that have not been certified as sufficient by the authorities where you are a data subject. These jurisdictions may not legally provide the same level of data protection as the jurisdiction applicable to you. In such cases, we will transfer the personal data only after ensuring that the recipient of the personal data maintains an adequate level of protection and security systems.

  7. How We Protect Personal Data

    We take data security very seriously. We are committed to protecting the information we hold from loss, misuse, unauthorized access or disclosure. Personal data is processed only by a limited number of officers and employees within our company (e.g., sales, support, legal, finance, human resources, accounting, etc.) for the purpose of performing their respective duties. The above-mentioned processing procedures are determined in consideration of the confidentiality of the information we collect, process and store and the current state of technology. We have obtained an internationally recognized information security certification (ISMS (Information Security Management System)/ISO27001), and have also obtained the Privacy Mark certification in Japan. For more information on our current practices and policies regarding security and confidentiality of our services, please contact info@teamspirit.com.

  8. Retention period of personal data and arbitrariness of providing personal data

    We will not collect or retain any personal data beyond the extent necessary to achieve the purposes described above or to fulfill our legal obligations. With respect to the retention period of customer management data, the Company will retain customer management data in accordance with the instructions of the customer under the customer contract and as required by law. With the exception of customer management data, the Company will retain personal data for the period necessary for the purposes of use described above. We will determine the appropriate retention period for personal data based on the quantity, nature and sensitivity of the personal data to be processed, the potential risk of damage resulting from the unauthorized use or disclosure of the personal data, the likelihood that we will be able to achieve the purpose of the processing by other means, and applicable legal requirements (such as retention periods). The provision of personal data to us is voluntary, but we may not be able to provide you with the service if you do not provide us with your personal data, which is an essential element of the service.

  9. Rights of the individual regarding personal data

    In accordance with the Data Protection Act, the individual to whom personal data pertains has the rights and procedures described below. Please note that the rights you may exercise depend on the applicable data protection law. Please note that when you inquire about the purpose of use of your personal data, we may only provide you with the information described in.

    9.1 How to make a request
    If you wish to exercise the rights described in 9.2. or 9.3., please contact us at the address described in 1.3.1. We will respond to your request after confirming that you are the person in question or your representative. Depending on the nature of the request, you may be asked to submit a written application as prescribed by the Company.

    • There is no charge for this service, except in cases where the request is excessive or clearly unfounded.
    • Responses will be sent by e-mail, in writing, or in a manner separately agreed upon by the Company and the requesting party.
    • Personal information collected in connection with a request will be used only to the extent necessary to respond to such request.

    9.2. Persons to whom the Personal Information Protection Law of Japan applies

    9.2.1. request for disclosure, etc.
    You may request the Company to “notify the purpose of use,” “disclose,” “correct, add, or delete,” or “refuse to use or provide” your personal information subject to disclosure. 9.2.2.

    9.2.2 Cases of refusal to respond
    Please be aware that we may refuse to respond to your request for disclosure, etc. if any of the following applies

    (1) Request for notification of the purpose of use of personal data

    • When there is a risk of harm to the life, body, property, or other rights or interests of the individual or a third party
    • When there is a risk of harm to the rights or legitimate interests of the organization concerned
    • When it is necessary to cooperate with a national agency or local government in executing affairs prescribed by laws and regulations, and notifying the person of the purpose of use or making it public is likely to impede the execution of said affairs.

    (2) Request for disclosure of personal data

    • When special procedures are prescribed by law
    • When there is a risk of harm to the life, body, property, or other rights or interests of the individual or a third party
    • When there is a risk of significant hindrance to the proper execution of our business
    • When it violates the law

    (3) Request for correction, addition, or deletion of personal data

    • When special procedures are required by law

    (4) Request for cessation of use or deletion of personal data

    • When there is a risk of harm to the life, body, property, or other rights or interests of the individual or a third party
    • When there is a risk of significant hindrance to the proper execution of our business
    • When it is in violation of laws and regulations

    (5) Request to stop the provision of personal data to a third party

    • When there is a risk of harm to the life, body, property, or other rights or interests of the individual or a third party
    • Cases in which there is a risk of significant hindrance to the proper execution of our business
    • When it is in violation of laws and regulations

    9.3 Individuals to Whom the General Data Protection Regulation (GDPR) Applies
    When you visit our website or use our services in the EU or within the EU, or as otherwise provided by the GDPR, you have the following rights under the GDPR with respect to the processing of your personal data

    • The right to be informed (the right to be able to check the content of personal data)
    • Right of access (the right to request disclosure of whether personal data is held and for what purposes)
    • Right to correction (the right to request the correction of information that is deemed inaccurate or the addition of information that is deemed incomplete)
    • Right to erasure (the right to request the erasure of personal data)
    • Right to restriction (right to request that the processing of information be restricted)
    • Right to object (right to object to the processing of personal data by the Company)
    • Right to data portability (the right to request the transfer of personal data to another controller)
    • Withdrawal of Consent (the right of the individual to withdraw consent where the Company holds personal data based on the individual’s consent)
    • The right to lodge a complaint (the right to lodge a complaint about the processing of personal data by the Company)

    9.4 Notes on the Exercise of Rights
    Except as otherwise provided by law, we will endeavor to respond to all lawful requests within one month. However, depending on the complexity and volume of the request, it may take more than one month to respond to the request. Employees of our customers who are using our cloud services and wish to correct or update their own information should contact the system administrator of the customer in question.

    9.5 Complaint and Consultation Contact Other Than the Company
    If you have any complaints or concerns regarding the processing of personal data by the Company, you may file a complaint or consultation with the following contact

    • Personal Information Protection Committee (https://www.ppc.go.jp/)
    • Personal Information Protection Complaint Consultation Office, Japan Information Processing Development Corporation
      Address: Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032, Japan
      Phone number (toll free): 03-5860-7565
      Telephone number (toll free) 0120-700-779
  10. Changes to this Statement

    The Company will revise this Statement as necessary to provide greater transparency or to respond to changes in the Company’s cloud services and data processing activities and policies. This Statement may also be amended to reflect changes in laws, regulations, or industry standards. When changes are made to this Statement, the “Last Updated” date at the top of this Statement will be updated. In the event that the Company makes a material update, the Company may notify you before the update takes effect by posting a clear notice on the Company website or by contacting you directly.