Through the mobile-content distribution and other services we provide, our company handles a variety of personal information, including the personally identifiable information and personal identification numbers of customers, clients, and employees (that information collectively, “Personal Information”). As an information-services company, we recognize that protecting Personal Information is a great social responsibility of ours.
We will create a personal-information management system that clearly defines our company’s basic approach for protecting all Personal Information (including personally identifiable information) as well as our standards and criteria for handling it. In addition to ensuring that our executives and employees are fully familiar with the system, we will continue striving to manage Personal Information as strictly as possible in order to earn the trust of our customers.

Privacy Policy

1. When handling Personal Information, our company complies with all laws, governmental guidelines, and other standards related to the handling of personal information and personally identifiable information. To protect all the Personal Information we handle, we will also create a personal-information management system that conforms to the Japanese Industrial Standard Personal-information protection management system – Requirements (JIS Q15001).
2. When acquiring or using Personal Information, we will specify its purpose of use and never handle it in a way that exceeds the scope required to achieve that stated purpose of use. We will also take the appropriate steps to ensure that Personal Information is not used beyond its specified purpose of use.
3. Except where required by law, we will never provide the Personal Information we acquire to a third party without first obtaining consent from the owner of that information. And even if we obtain consent from the owner, we will not provide Personal Information to a third party beyond the scope permitted by law.
4. We may sometimes entrust the handling of Personal Information to a third party. In such cases, we will properly manage that third party as needed in accordance with the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures and the Act on the Protection of Personal Information.
5. To strictly maintain the privacy of our customers, we will create guidelines for properly handling data that has been processed so that it cannot be used to identify an individual or reconstructed into the original Personal Information (anonymized data).
6. Upon receiving complaints or inquiries related to our handling of Personal Information, we will quickly investigate and respond to them in good faith within a reasonable time period.
7. To ensure that the Personal Information we acquire is properly managed, we will enact and regularly update organizational, personnel, physical, and technical safety measures that prevent its loss, destruction, or unauthorized disclosure.
8. We will continue to review our management system for protecting Personal Information based on social changes as we work to improve our protection of Personal Information.

Created: October 1, 2004
Latest Revision: May 18, 2017

MTI Ltd.
Toshihiro Maeta, Representative Director

Contact:
MTI Ltd.
Mail: privacy@mti.co.jp

About the Handling of Personal Information

Personal-Information Protection Supervisor

1. Purpose of use for personal information
Our company uses the personal information we collect for the following business within the scope described below.

(1) Business details
Content business, healthcare business, other business (AI service, DX service, etc.), and related business

(2) Purpose of use
 a) To appropriately and seamlessly provide our services to users who registered or applied for them, or to appropriately and efficiently operate those services
 b) To verify if someone is a genuine registrant of our membership-based services
 c) To send emails about new features, updated information, or campaigns related to the services we or third parties designated by our company provides
 d) To send products as winnings in various campaigns, or to provide services as winnings
 e) To manage user registration or usage history when entering agreements with corporate associations or other organizations regarding our company’s services
 f) To identify and deny usage to individuals who have violated laws or our company’s agreements or terms of use
 g) To allow users view, change, or delete their own registered information or view or change their usage terms
 h) To give one of our business partners the minimum personal information required to provide a service jointly offered by us and that partner in cases where a user will use one of those services
 i) To analyze data or create statistical documentation for the purpose of marketing or improving our services (the generated documentation or other data may be provided to other companies within our corporate group or to our business partners)
 j) To respond to inquiries or consultations from users
 k) To improve the quality or features of all our company’s services (including services that a user has registered or applied for), or to research and develop new services
 l) To provide services or advertising tailored to a user’s age, gender, occupation, or tastes
 m) To bill users for usage fees
 n) To contact users regarding our company’s services
 o) For employment screening at our company
 p) For managing the employment of personnel
 q) To protect an individual’s life, health, or property
 r) For crime or disaster prevention using surveillance cameras*
*Surveillance cameras are installed in our reception lobby and internal office areas to prevent crime and disasters. The data is erased after a designated period of time and is not used for any purposes other than crime or disaster prevention.
 s) To provide users with sales information or promotional items
 t) To fulfill entrusted business
 u) To improve response quality*
*Recording capability is installed on our phone system. The data is erased after a designated period of time and is not used for any purposes other than the above.

2. Purpose of use for individual numbers and personally identifying information
Our company uses the individual numbers and personally identifying information (collectively, “PII”) we collect for the following business within the scope described below.

(1) Business details
 a) For tasks related to the taxes and social insurance of our company’s employees and their dependents
 b) For tasks related to remuneration, fees, or down payments to companies we do business with
 c) For tasks related to the taxes and social insurance of employees within our corporate group (in cases where our corporate group entrusted us with the handling of such matters)
 d) For tasks related to remuneration, fees, or down payments to companies that our corporate group does business with (in cases where our corporate group entrusted us with the handling of such matters)

(2) Purpose of use
 a) PII belonging to our company’s business contacts or those of our corporate group that we were entrusted with
  ・For creating records related to the payment of remuneration, fees, down payments, or prize money
 b) PII belonging to our employees or to employees of our corporate group that we were entrusted with
  ・For creating tax withholding slips
  ・For tasks related to the granting or exercising of stock options
  ・For providing to an employee shareholders’ association for the purpose of that organization creating payment records for its members
  ・For health insurance or employee pension notifications, or applications or invoices
  ・For unemployment insurance or occupational accident insurance notifications, applications or invoices, or creating certificates
 c) PII belonging to spouses or relatives of our employees or those of our corporate group that we were entrusted with
  ・For creating tax withholding slips
  ・For health insurance or employee pension notifications

3. Purpose of use for Pseudonymously Processed Information
Our company uses the Pseudonymously Processed Information for the following purpose described below.
 a) To develop and improve our products and services
 b) To analyze for health promotion research
In case the Pseudonymously Processed Information is used for purposes other than those listed above that are beyond the scope reasonably determined to be relevant to the original purpose, we will clarify and publicly announce the purpose of its use.

4. Joint usage
We may jointly use the personal information our company collects together with one of our business partners within the scope required to achieve the purposes of use described above in cases where we or another company within our corporate group provides a joint service in conjunction with that business partner. In such cases, we will inform the personal information’s owners of the exact data that will be shared; the scope and purpose of the joint usage; the names and titles of the people in charge of the protection of personal information at the organizations that will jointly use the personal information; and the acquisition method. In accordance with law, we will not jointly use PII.

5. Provision to a third party
We will not provide personal information to a third party (including those located overseas; same below) without obtaining consent from its owner, except in cases prescribed by the Act on the Protection of Personal Information (the “Protection Act”) or other laws.

6. Outsourcing
We may disclose personal information or PII to a third-party outsourcer for the purpose of completing tasks that include the handling of such information within the scope required to achieve the purposes of use described above. In such cases, we will properly manage and oversee the outsourcer so that it does not leak the personal information or PII.

7. Use of anonymized data
We may use data that includes personal information that has been processed so that it cannot identify an individual and cannot be restored to its original unprocessed state (“Anonymized Data”), upon publication of relevant items included in such information. When providing Anonymized Data to a third party, we will publicize the items being provided and the provision method while declaring the Anonymized Data to the third party.

8. Disclosing, revising, or ceasing provision of registered information
Within the scope allowed by the Protection Act and the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (the “Numbers Act”), we accept requests from individuals to disclose their retained personal data or PII, to notify them of its purpose of use, to revise it (for instance, in cases where it conflicts with reality), or to cease usage or provision to a third party (collectively, “Requests”). See below for the procedure for submitting a Request. If you require more specific information, please submit an inquiry using the contact information provided later. Note that a processing fee of ¥2,500 is required for Requests related to the disclosure of personal information or PII or the notification of its purpose of use.

(1) Retained personal data
Retained personal data is the “retained personal data” described in the Protection Act (essentially a systematically arranged assembly of personal data that our company has the authority to disclose, correct, append or delete, discontinue the use of, erase, and discontinue the provision of to a third party).

However, if any of the conditions in items a) through d) below apply, the personal information or PII is not considered retained personal data. In addition, there may be cases in which we are unable to comply with Requests due to the Protection Act, the Numbers Act, or other laws or guidelines.

 a) If publicizing the existence or nonexistence of the personal information or PII could cause harm to the life, health, or property of its owner or a third party
 b) If publicizing the existence or nonexistence of the personal information or PII could encourage or induce illegal or improper acts
 c) If publicizing the existence or nonexistence of the personal information or PII could endanger national security, harm the relationship of mutual trust between Japan and other nations or international organizations, or create a disadvantage in negotiations with other nations or international organizations
 d) If publicizing the existence or nonexistence of the personal information or PII could obstruct public order or safety, such as by hindering investigations or the prevention or suppression of crime

(2) Procedure for submitting Requests
 a) To submit a Request, first contact us using the information below.
 b) We will then mail the personal information’s owner or their legal representative our designated forms for Request for Disclosure or Purpose of Use of Personal Information, Request for Revision of Personal information, and Request for Discontinuing the Use of Personal Information, as well as a Power of Attorney form (in cases where a legal representative has been established).
 c) After the owner or their legal representative has completed the forms, please return them to us. Please enclose documentation to confirm identification along with the forms.
 d) We will then send a Notification of the Disclosure of Personal Information in accordance with the Request.
 e) As noted above, there may be cases in which we are unable to comply with a Request for legal reasons.

(3) Verifying the owner’s identity
 a) Documents that verify the owner’s identity
  ・A copy of a driver’s license
  ・A copy of a passport
  ・An official copy of a family register
  ・A copy of a Certificate of Insurance for health insurance
  ・A copy of a national pension book
  ・Other official documents that can be used to verify the owner’s identity
 b) Requests submitted by the owner
  ・If submitting a form of photo identification such as a driver’s license or passport, please submit a copy of one of the two such documents. (Otherwise, you will generally need to provide at least two forms of identification.)
 c) Requests submitted by a legal representative
  If the Request is being submitted by a voluntary proxy or by the legal representative of a minor or adult dependent, please submit the following documentation in addition to that listed above.
  ・At least two forms of documentation proving the identity of the representative (a copy of a driver’s license, a copy of a passport, an official copy of a family register, a copy of a Certificate of Insurance for health insurance, a copy of a national pension book, or another official document that can be used to verify the representative’s identity)
   *If submitting a form of photo identification such as a driver’s license or passport, please submit a copy of one of the two such documents.
  ・One form of documentation proving that the representative has the legal authority to act as the owner’s proxy (a power of attorney containing the certificate of seal impression of the owner, an official copy of a family register, a copy of a Certificate of Insurance for health insurance, or a Certificate of Registered Matters)
   Note: Please redact information regarding permanent residences from any documentation provided for the purposes of identity verification.

9. Details of the system for handling personal information and the measures being taken
We take technical and organizational security measures strictly to manage the retained personal data.

(Organizational security management measures)
In addition to appointing a person in charge of the handling of personal data, we have clarified the employees who handle personal data and the scope of personal data handled by such employees and have established a reporting system for the person in charge when facts or signs of violations of laws or rules are detected.
We conduct periodic self-inspections and annual internal audits of the handling of personal data.

(Personal security management measures)
We conduct periodic training for our employees on the points of concern regarding the handling of personal data.
We have included sections regarding the confidentiality of personal data in our employment regulations.

(Physical security management measures)
In the designated areas where personal data is handled, we restrict the access of employees and the devices they bring in, and we take measures to prevent unauthorized persons from accessing personal data.
We encrypt the devices that handle personal data.

(Technical security management measures)
We implement access control to limit the scope of the person in charge and the personal information database to be handled.
We have implemented a system to protect information systems that handle personal data from unauthorized access from outside or unauthorized software.

(Understanding the external circumstances)
We select primarily Japanese domestic service providers when we outsource personal data.
We outsource personal data to overseas companies for cloud storage in some cases (including simple data storage). In such cases, we fully understand the regulations regarding the protection of personal information in those countries and outsource to companies that have a system in place for the protection of personal information.
* Outsourcing internal personal data to overseas
Microsoft Japan Office365 (Japan/USA/South Korea/Malaysia/Singapore)
*Outsourcing customer personal data to overseas
USA / Vietnam / South Korea
(Reference)
Personal Data Protection Acts Overseas
USA Vietnam South Korea Malaysia Singapore

10. Disclaimer
Although our company appropriately manages its services in accordance with laws and our own internal regulations to prevent the unauthorized disclosure of personal information or PII, we assume no legal responsibility if a problem occurs due to a third party acquiring such information in the following cases.

 a) If a user discloses personal information or PII to another user via a service feature of our company or one of our outsourcers or through some other method
 b) If the information’s owner is identified from data entered into one of our company’s services by another user
 c) If information leaks because a user utilized a site advertised within one of the services provided by our company
 d) If any other information leak occurs through no fault of our company

11. Miscellaneous
If a user does not provide us with information that is current and accurate, they may be unable to receive the appropriate service.

12. Verifying the usage agreements for each service
Since the information contained in this document may be appended or modified through the usage agreements and individual confirmation screens for each service in order to fit the specifics of those services, be sure to also verify the information in those service-specific agreements and confirmation screens.

13. Changes to this document or the Privacy Policy
We may review our management of the various forms of personal information and modify this document or the Privacy Policy without prior notice in order to maintain a suitable level of protection or to comply with changes in laws or other regulations. We will notify our customers of the modified content of this document or the Privacy Policy by posting the information on our website and within our services. After doing so, we will handle all information (including that which was collected prior to the modifications) in accordance with the modified policies, within the limits recognized by law. The changes to this document or the Privacy Policy will go into effect at the point in time they are posted on our website and within our services.

14. Point of contact for inquiries
We will establish a point of contact for receiving user inquiries related to our handling of personal information and PII.

プライバシーマーク

Contact:
MTI Ltd.
Mail: privacy@mti.co.jp

The inquiry counter for the Accredited Personal Information Protection Organization and grievance resolution.
Organization: Japan Institute for Promotion of Digital Economy and Community (JIPDEC)
Counter: Personal information grievance desk
Address: Roppongi First Building 1-9-9 Roppongi, Minato-ku, Tokyo, 106-0032 Japan
TEL: 03-5860-7565
Toll-free: 0120-700-779
This inquiry counter is not for the Company’s service.

MTI Ltd.
35th Floor, Tokyo Opera City Tower 3-20-2
Nishi-Shinjuku, Shinjuku-ku, Tokyo 163-1435, Japan
President and Chief Executive Officer: Toshihiro Maeta
Created: October 1, 2004
Last Revision: February 28, 2023