1. Home
  2. Privacy Policy

Privacy Policy

We, AGREX INC., will appropriately operate the personal information protection management system established in accordance with Japanese Industrial Standards, Information Protection Management Systems – Requirements (JIS Q 15001) in order to comply with the Act on the Protection of Personal Information, and related laws, regulations and guidelines, and live up to the trust and expectations of our clients and stakeholders.

Description

  1. 1We will comply with our internal rules for appropriate acquisition, use, and provision of personal information with the purpose of use clearly specified by taking the content and scale of our business into account and to the extent necessary for the fulfillment of business.
  2. 2We will, in case of entrusting a whole or part of the handling of personal data acquired under the measures stated in the preceding item, select an appropriate entrustee who has satisfied the sufficient protection level and take appropriate measures, such as entering into an agreement for the entrustment.
  3. 3We will take appropriate safety control and remedial measures for the risks, including any fraudulent access to personal information and any loss, destruction, alteration, and divulgence of personal information.
  4. 4We will respond to requests to disclose/correct/cease utilization, complaints and consultation regarding personal information from the individual concerned without delay in accordance with the laws and regulations.
  5. 5We will continuously improve the management system regarding the protection of personal information.

April 1, 2023
AGREX INC.
Head Office Address.
Tokyo Opera City Building 3-20-2 Nishi-shinjuku, Shinjuku-ku, Tokyo 163-1438, Japan
President and Representative Director
Shuji Yamamoto

Established on September 19, 2001, and revised on April 1, 2023

Contact for Privacy Policy

Risk & Compliance Management Dept., Corporate Planning SBU, AGREX INC.

Handling of Personal Information

We, AGREX INC. (hereinafter referred to as “AGREX”), established the privacy policy and information security policy and have been conducting activities to protect personal information. Specifically, we are granted the use of Privacy Mark (which is in compliance with JIS Q 15001) as well as the approval for Information Security Management System (which is in compliance with ISO/IEC27001). Also, we are conducting improvement activities to enhance our personal information protection. On this page, we clarify what we are doing to protect personal information with a promise to continue improving our activities. We hope that you will be aware of what efforts are made by AGREX and will render further support and advice to AGREX.

Personal Information Protection Manager
Corporate Officer
Iwao Sakuma

Personal Information, etc. Handled by AGREX

AGREX will receive the following personal information and anonymously processed information (hereinafter referred to as “personal information, etc.”) from customers, suppliers, and business partners (hereinafter referred to as the “Clients”) .

  • Personal information pertaining to the Clients themselves
  • Personal information received when business is entrusted
  • Anonymously processed information received when business is entrusted

To ensure the proper handling of anonymously processed information, AGREX will implement similar measures as those described below for personal information in Safety Control Measures for Personal Information, etc.

The personal information of AGREX and TIS INTEC Group companies (hereinafter referred to as “group companies”) handled by AGREX is as follows:

  • Personal information about AGREX directors, employees, and their families
  • Personal information about group company directors and employees

Anonymously processed information handled by AGREX in its own services

  • Currently, AGREX does not create any anonymously processed information nor does it provide such information to third parties.

Purpose of Use of Personal Information, etc.

AGREX will handle personal information, etc. of the Clients within the bounds of the purposes outlined.
When the purpose of use is to be changed, the purpose must be related to that prior to the change and the change must be within reasonable limits.

Handling of Personal Information pertaining to the Clients

  1. 1Purpose of Use
    • Performance of billing, payment, and other business processes, conduct of contractual relations,and communication for business purposes with Clients
    • Response to inquiries and requests from the Clients
    • Guide for products and services of AGREX
    • Invitation to seminars, product presentations, and exhibitions held or sponsored by AGREX or group companies
    • Distribution of questionnaires for customer satisfaction survey
    • Sending of New Year's greeting cards, notice of office move, and notice of personnel change
    • Other purposes notified to, and agreed by, the Clients in advance
  2. 2Provision to Third Parties

    AGREX shall not disclose or provide to third parties personal information about the Clients except in the following cases:

    • If the Clients concerned have consented
    • If disclosure or provision is required by law
    • If disclosure or provision is made in a form in which individual Clients cannot be identified, such as in the form of statistical data

    A record will be created if information is provided to a third party.

  3. 3Entrustment of Personal Information

    AGREX may entrust personal information about Clients that AGREX has received with an outside party to fulfill the purpose of use.
    In such case, AGREX shall enter an agreement on protection of personal information with the entrustees, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper control and supervision in accordance with the laws and regulations and AGREX standards, and recover the personal information about Clients from the entrustees after termination of the entrustment.

  4. 4Sharing of Personal Information in the TIS INTEC Group

    AGREX may share personal information with group companies if it judges it appropriate to do so in order to have group companies respond to inquiries, etc. from Clients or to provide information on, deliver, or enhance products and services handled by group companies.
    For details, please see Sharing of Personal Information in the TIS INTEC Group .

  5. 5Sharing of Personal Information with other organisations

    AGREX may share personal information in the below manner with various co-organizer companies for seminars, events, etc.

    • Items of personal information to be shared
      Client's name, company name, department name, title, address, phone number, email address, and survey responses
    • Joint users
      Various co-organizer companies for seminars, events, etc.
    • Purpose of sharing
      Stated in “1. Purpose of Use” under “Handling of Personal Information pertaining to the Clients”
    • Name, address and name of representative of parties responsible for the management of personal information
      AGREX INC.
      Head Office Address.
      Tokyo Opera City Building 3-20-2 Nishi-shinjuku, Shinjuku-ku, Tokyo 163-1438, Japan
      President and Representative Director
      Shuji Yamamoto
    • Method of acquisition
      Application through the Internet or in writing and questionnaires at venues

Handling of Personal Information, etc. Received When Business Is Entrusted

  1. 1Purpose of Use
    AGREX shall handle personal information, etc. received from customers to the extent necessary for the purpose of fulfillment of entrusted business, such as data processing.
  2. 2Provision to Third Parties
    AGREX shall not provide personal information, etc. received from customers to third parties.
  3. 3Entrustment of Personal Information, etc.
    AGREX may entrust the handling of personal information, etc. received to a third party in order to fulfill entrusted business.
    In such case, AGREX shall enter an agreement on protection of personal information with the entrustees, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper control in accordance with the laws and regulations and AGREX standards After termination of the entrustment, AGREX shall recover from the entrustees the personal information, etc. received.
  4. 4Sharing of Personal Information, etc. in the TIS INTEC Group
    AGREX shall not share personal information, etc. received.

Handling of Personal Information about AGREX Directors, Employees, and Their Families

AGREX shall handle personal information about AGREX directors and employees (permanent employees, senior employees, contract employees, temporary employees, associate directors, counselors, seconded employees and dispatched employees), applicants for positions at AGREX, and former employees of AGREX (hereinafter referred to collectively as “Employees, etc.”) as follows.

  1. 1Purpose of Use
    • Activities related to employment screening (for job applicants) and procedures for entering the company once offered a position
    • Employment management, work management, salary administration
    • Preparation and filing of notifications, reports, and other materials as required by law
    • Employee welfare and management of health and safety
    • Education and training
    • Communication in emergencies
  2. 2Provision to Third Parties

    AGREX shall not provide to third parties personal information about Employees, etc. except in the following cases:

    • If the Employees, etc. concerned have consented
    • If disclosure or provision is required by law
    • If disclosure or provision is made in a form in which individual Employees, etc. cannot be identified, such as in the form of statistical data

    A record will be created if information is provided to a third party.
    In such case, AGREX shall enter a non-disclosure agreement on the handling of personal information with the third party.

  3. 3Entrustment of Personal Information

    AGREX may entrust with a third party personal information about Employees, etc. in the form of documents or electronic data if necessary to fulfill the purpose of use.
    In such cases, AGREX shall enter an agreement on protection of personal information with the entrustee, take proper and thorough safety control measures in accordance with the laws and regulations and AGREX standards, execute proper supervision, and recover the personal information about Employees, etc. from the entrustee after termination of the entrustment.

  4. 4Handling of Personal Information in Foreign Countries

    AGREX may provide with a third party entrustee in foreign countries personal information about Employees, etc. if necessary to fulfill business as follows.
    In such cases, AGREX shall not provide personal information to a third party in a foreign country unless the Employees, etc. concerned have consented.

  5. 5Sharing of Personal Information in the TIS INTEC Group

    AGREX may share personal information about Employees, etc. with group companies if necessary to fulfill the purpose of use.
    For details, please see Sharing of Personal Information in the TIS INTEC Group .
    In such case, AGREX shall enter a non-disclosure agreement on the handling of personal information with the parties with which personal information is shared.

Handling of Personal Information regarding Group Company Directors and Employees

  1. 1Purpose of Use
    • Activities necessary to the group’s management, including personnel management and education/training
    • Communications necessary to the group’s management and administration
  2. 2Provision to Third Parties

    AGREX shall not provide to third parties personal information about group company directors and employees except in the following cases:

    • If the group company directors and employees concerned have consented
    • If disclosure or provision is required by law
    • If disclosure or provision is made in a form in which individual group company directors and employees cannot be identified, such as in the form of statistical data

    A record will be created if information is provided to a third party.

  3. 3Entrustment of Personal Information

    AGREX may entrust with a third party personal information about group company directors and employees if necessary to fulfill the purpose of use.
    In such cases, AGREX shall enter an agreement on protection of personal information with the entrustee, take proper and thorough safety control measures in accordance with the laws and regulations and AGREX standards, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper supervision, and recover the personal information about group company directors and employees from the entrustee after termination of the entrustment.

  4. 4Sharing of Personal Information in the TIS INTEC Group

    AGREX may share personal information about group company directors and employees with group companies if necessary to fulfill the purpose of use.
    For details, please see Sharing of Personal Information in the TIS INTEC Group.
    In such case, AGREX shall enter an agreement on the sharing of personal information with the parties with which personal information is shared.

Safety Control Measures for Personal Information, etc.

AGREX shall manage all information (including that we have acquired or are attempting to acquire), including personal information, etc., in accordance with the requirements for the Privacy Mark and information security management systems.

  1. 1Organizational Safety Control Measures
    1. 1Development of organizational system
      Appointment of the chief manager and operation of the security meeting
    2. 2Establishment of rules and operation in accordance with the rules
      Development and operation of the security policy (i.e., provisions and bylaws) based on the information security policy
    3. 3Keeping in order records for handling of personal information
      Administration of records for businesses for which personal information is entrusted and businesses for which personal information is acquired
    4. 4Evaluation, review, and improvement of safety control measures
      Improvement by voluntary inspection by those who handle information, internal audit, and management review
    5. 5Response to trouble and violation regarding information security
      Establishment of a task force and legal measures against violating party
  2. 2Human Safety Control Measures
    1. 1Agreement with employees or entrustees about handling of personal information.
      Collecting written oath from employees or entering into contract with entrustees.
    2. 2Education and training of employees
      Education to all employees by e-learning
  3. 3Physical Safety Control Measures
    1. 1Entry and exit control
      Control of entry and exit by setting security levels and using IC card
    2. 2Countermeasures against theft
      Locked safekeeping of confidential documents and media, portable PCs, and implementation of clear policy
    3. 3Physical protection of machines and equipment
      Implementation of measures against power failure and for disaster prevention and establishment of terminal room exclusive to real business requiring access to confidential information
  4. 4Technical Safety Control Measures
    1. 1Identification and authentication of access
      Personal authentication by IC card and/or fingerprint
    2. 2Access control
      Minimization and control of access
    3. 3Control of access authority
      Controlled setting of scope and authority of access according to type of job
    4. 4Access record
      Acquisition and storage of work records and access log
    5. 5Measures against malicious software on information system
      Automatic application of the virus definition (DAT) and security patch
    6. 6Measures for transfer and telecommunication
      Use of VPN and secure mail in encoding, electronic transmission, and telecommunication of transport media
    7. 7Measures when checking the information system operation
      Prohibition of use of operation data or, if necessary, restricted use by authorized person in monitored area
    8. 8Monitoring of information system
      Monitoring of access log and verification with work record
  5. 5Supervision of Employees and Entrustees
    1. 1Video monitoring in monitored areas and restriction of access to the Internet
    2. 2Appointment and periodical education of chief manager of the entrustees and audit of delegated entrusted services

About Cookies

This website uses the cookies.
For details, please refer to AGREX Cookie Policy.

Disclosure, Correction, and Utilization Cease, etc. of Personal Information

AGREX shall make a disclosure without delay in respect of personal information about Clients (excluding personal information received when business is entrusted) received by AGREX and personal information about Employees, etc. and group company directors and employees held by AGREX upon request by the individual concerned except in the following cases. (including records provided by third parties) When a disclosure is not made or there is no applicable personal data, AGREX will give a reply to that effect.

  • If it would harm the individual concerned or third party's life, body, fortune or other rights and interests
  • If it would significantly impede the proper conduct of business
  • If it would violate other laws or regulations

AGREX shall conduct an investigation and correct, add, delete, cease utilization, eliminate or cease provision to third-parties in respect of the personal data held by AGREX in accordance with the laws and regulations upon request by the individual concerned. Please address requests to the point of contact for inquiries shown below.

About Personal Information Handling Business Operator

AGREX INC.
Head Office Address.
Tokyo Opera City Building 3-20-2 Nishi-shinjuku, Shinjuku-ku, Tokyo 163-1438, Japan
President and Representative Director
Shuji Yamamoto

Contact for Handling of Personal Information

Risk & Compliance Management Dept., Corporate Planning SBU., AGREX INC.

Contact for complaints

Risk & Compliance Management Dept., Corporate Planning SBU., AGREX INC.

About Accredited Personal Information Protection Organization

Name of the accredited personal information protection organization and contact for complaints

Name of the accredited personal information protection organization
JIPDEC

Contact for complaints
Secretariat of Accredited personal information protection organization
Address: Roppongi First Building, 9-9, Roppongi 1-chome, Minato-ku, Tokyo 106-0032, Japan
Tel: +81-3-5860-7565; Toll-free number: 0120-700-779

  • *The telephone number and toll-free number stated above are not for inquiries about our products or services.