Privacy Policy

ISHIHARA SANGYO KAISHA, LTD. and its group companies (hereinafter collectively referred to as the “Group”) have established the following Privacy Policy (hereinafter referred to as the “Policy”) concerning the handling of personal information of all persons who provide personal information to the Group, including customers and business partners (hereinafter referred to as “Applicable Persons”).
The definitions of “personal information”, “personal data”, “sensitive personal information”, “request for disclosure and other handling” and any other terms used herein shall have the same meanings as those provided in the Act on the Protection of Personal Information (hereinafter referred to as the “Act”) or relevant laws and regulations.

1. Compliance with relevant laws and regulations, guidelines

The Group will comply with the Act and any other relevant laws, regulations and guidelines, and handle personal information in a lawful and appropriate manner.

2. Proper acquisition of personal information and sensitive personal information

The Group will acquire personal information of the Applicable Persons by lawful and appropriate means and will not acquire such information by deception or other wrongful means.
The Group will also not acquire sensitive personal information of the Applicable Persons without their prior consent, except in cases where such acquisition falls under any exceptional circumstances as stipulated by laws and regulations.

3. Purpose of use of personal information

The Group will only use the acquired personal information for the purposes of use specified individually and the purposes listed below. When acquiring and using personal information for purposes other than these, the Group will obtain the consent from the Applicable Persons unless required by laws and regulations.

[Purpose of use]

• To provide the Group's products and services
• To provide information or make proposals regarding the Group's products and services
• To investigate or analyze the usage status, satisfaction level of the customers or the business partners or other necessary items for the marketing on the Group's products and services
• To plan or develop the Group's products and services
• To respond to inquiries, requests for information materials or demands
• To exercise rights or fulfill obligations stipulated in the Companies Act or relevant laws and regulations, or to provide information to, or implement various measures for shareholders of the Group
• To perform procedures related to recruitment screening activities, etc.
• To ensure proper labor management of the Group’s members
• To exercise rights or fulfill obligations in accordance with laws and regulations or contracts
• To perform other business operations in the Group related to or incidental to the above purposes of use

4. Entrustment of personal data

In order to smoothly proceed with its operations, the Group will entrust all or part of the handling of personal data to its third-party contractor, to the extent necessary to achieve the purpose of use of the personal data of the Applicable Persons. In such case, the Group will select a contractor that is deemed to handle personal information appropriately in light of its security control measures, and implement necessary and appropriate management and supervision over the contractor to ensure the security control of the entrusted personal data.

5. Disclosure and provision of personal information to third parties

The Group will appropriately manage acquired personal information and will not provide the personal information to any third party (excluding those who do not fall under the category of a third party under laws and regulations) unless the Applicable Persons give their consent to the Group for such provision or such provision falls under any exceptional circumstances as stipulated by laws and regulations.
In the unlikely event that the Group provides personal information to a third party, the Group will comply with the matters stipulated by laws and regulations, such as notifying the Applicable Persons or making it readily accessible to the Applicable Persons in advance and filing a notification of this to the Personal Information Protection Commission.

6. Joint use of personal data

The Group may jointly use personal data as follows:

1. (1)
   Items of personal data to be jointly used
   Name, address, phone number, email address
2. (2)
   Scope of joint users
   The Group
3. (3)
   Purpose of use
   Same as each purpose of use listed in Section 3 above.
4. (4)
   Person responsible for managing personal data to be jointly used
   ISHIHARA SANGYO KAISHA, LTD.
   Address: 3-15 Edobori 1-chome, Nishi-ku, Osaka 550-0002, Japan
   Representative: Hiroshi Okubo, Executive Director and President & Chief Executive Officer

If personal data is to be jointly used for any items, scopes, or purposes other than those listed above, the Group will notify the Applicable Persons of such matters or make such matters readily accessible to the Applicable Persons in advance of the joint use.

7. Use of cookies

The Group's website may store data packages called cookies on information terminals used by the Applicable Persons and use the cookies to accumulate and utilize information in order to provide optimal products and services or analyze information on browsing history. It is possible for the Applicable Persons to change the settings to disable the use of cookies, but this may prevent the Applicable Persons from receiving some of the services provided by the Group's website.
Cookies will be used only for analyzing information on browsing history or for providing or proposing the Group's products and services.

8. Security control measures for personal information

In order to prevent the leakage, loss or damage of personal information, the Group will take the following necessary measures, maintain and improve security, and endeavor to ensure security control.

1. (1)
   Formulation of the basic policy

   • To formulate the Policy to ensure the proper handling of personal information and to provide a point of contact for handling inquiries and complaints.
2. (2)
   Establishment of internal regulations regarding the handling of personal information

   • To establish internal regulations regarding handling manner of the acquisition, use, storage, provision, deletion, disposal, etc. of personal information.
3. (3)
   Institutional security control measures

   • To appoint a personal information protection manager for the handling of personal information.
   • To establish a system for reporting or communicating the occurrence or potential sign of violation of laws and regulations or internal rules in relation to personal information.
   • To conduct self-inspections or audits regarding the status of handling of personal information.
4. (4)
   Human security control measures

   • To provide employees with training and other in-house education regarding the handling of personal information.
   • To include provisions regarding the confidentiality of personal information in internal regulations.
5. (5)
   Physical security control measures

   • To implement access control to areas where personal information is handled.
6. (6)
   Technological security control measures

   • To implement access control to limit the scope of persons in charge and the personal information to be handled.
   • To introduce a mechanism to protect information systems that handle personal information from unauthorized access from outside or malware.
7. (7)
   Understanding of the external environment

   • To take security control measures based on an understanding of the system for personal information protection in that country if personal information is handled in a foreign country.

9. Disclosure of matters concerning personal data the Group holds

The purposes of use of personal data the Group holds are as listed in Section 3 above.
If an Applicable Person or his/her representative requests that the Group notifies the purpose of use of personal data the Group holds that can be used to identify that person, the Group will notify such person or his/her representative without delay, except in cases where such a notification falls under any exceptional circumstances as stipulated by laws and regulations.

10. Matters concerning procedures for requests for disclosure and other handling.

If an Applicable Person or his/her representative requests disclosure or other handling of personal data the Group holds that can be used to identify that person, the Group will respond appropriately to such request without delay, except in cases where such handling falls under any exceptional circumstances as stipulated by laws and regulations. However, please note that the Group will not be able to disclose or otherwise handle the personal data if such handling falls under any exceptional circumstances as stipulated by laws and regulations, if the applicable personal data the Group holds does not exist, if documents for identification or other necessary documents are missing, or if the prescribed application documents are incomplete.

11. Matters concerning the point of contact

For inquiries regarding Sections 9 or 10 above or any other handling of personal information, please contact the following:

Human Resources Division, General Affairs & Human Resources Headquarters,
ISHIHARA SANGYO KAISHA, LTD.
TEL :06-6444-1855 (main) (Weekdays 9:00 a.m. – 5:30 p.m.)
FAX :06-6444-0313
Email :

Please note that the Group is unable to accept any inquiries made in person by visiting its office.

12. Revisions to the Policy

The Group will review the details of the Policy as appropriate and may revise it if necessary. In such case, the revised Policy will be applied from the date of publication thereof.

Established on April 1, 2005
Revised on February 9, 2024
Ishihara Sangyo Kaisha, Ltd.
Executive Director and President & Chief Executive Officer
Hiroshi Okubo