Handling of Personal Information
We, TIS Inc. (hereinafter referred to as “TIS”), established the privacy policy and information security policy and have been conducting activities to protect personal information. Specifically, we are granted the use of Privacy Mark (which is in compliance with JIS Q 15001) as well as the approval for Information Security Management System (which is in compliance with ISO/IEC27001). Also, we are conducting improvement activities to enhance our personal information protection. On this page, we clarify what we are doing to protect personal information with a promise to continue improving our activities. We hope that you will be aware of what efforts are made by TIS and will render further support and advice to TIS.
Tsuneyoshi Ito, Managing Executive Officer, Personal Information Protection Manager
Ⅰ.Personal Information, etc. Handled by TIS
TIS will receive the following personal information and anonymously processed information (hereinafter referred to as “personal information, etc.”) from customers, suppliers, and business partners (hereinafter referred to as the “Clients”) and from shareholders.
- Personal information pertaining to the Clients themselves
- Personal information about shareholders
- Personal information received when business is entrusted
- Anonymously processed information received when business is entrusted
To ensure the proper handling of anonymously processed information, TIS will implement similar measures as those described below for personal information in Safety Control Measures for Personal Information, etc. (VIII).
The personal information of TIS and TIS INTEC Group companies (hereinafter referred to as “group companies”) handled by TIS is as follows:
- Personal information about TIS directors, employees, and their families
- Personal information about group company directors and employees
Anonymously processed information handled by TIS in its own services
- Currently, TIS does not create any anonymously processed information nor does it provide such information to third parties.
Ⅱ.Purpose of Use of Personal Information, etc.
TIS will handle personal information, etc. of the Clients and shareholders within the bounds of the purposes outlined in (Ⅲ-Ⅶ).
When the purpose of use is to be changed, the purpose must be related to that prior to the change and the change must be within reasonable limits.
Ⅲ.Handling of Personal Information pertaining to the Clients
1. Purpose of Use
- Performance of billing, payment, and other business processes, conduct of contractual relations,
and communication for business purposes with Clients - Response to inquiries and requests from the Clients
- Guide for products and services of TIS
- Invitation to seminars, product presentations, and exhibitions held or sponsored by TIS or group companies
- Distribution of questionnaires for customer satisfaction survey
- Sending of New Year's greeting cards, notice of office move, and notice of personnel change
- The following purposes to help TIS provide information on products, services, and events of TIS or group companies that align with the interests and preferences of the Clients, as well as develop and improve the quality of such products and services:
- Analyzing and studying findings from customer satisfaction survey questionnaires
- Surveying, analyzing, and studying Client information collected through sales activities; the Clients' inquiry, event registration, and other action history data; and the Clients' browsing history - Other purposes notified to, and agreed by, the Clients in advance
2. Provision to Third Parties
TIS shall not disclose or provide to third parties personal information about the Clients except in the following cases:
- If the Clients concerned have consented
- If disclosure or provision is required by law
- If disclosure or provision is made in a form in which individual Clients cannot be identified, such as in the form of statistical data
A record will be created if information is provided to a third party.
3.Entrustment of Personal Information
TIS may entrust personal information about Clients that TIS has received with an outside party to fulfill the purpose of use.
In such case, TIS shall enter an agreement on protection of personal information with the entrustees, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper control and supervision in accordance with the laws and regulations and TIS standards, and recover the personal information about Clients from the entrustees after termination of the entrustment.
4. Sharing of Personal Information in the TIS INTEC Group
TIS may share personal information with group companies if it judges it appropriate to do so in order to have group companies respond to inquiries, etc. from Clients or to provide information on, deliver, or enhance products and services handled by group companies.
For details, please see Sharing of Personal Information in the TIS INTEC Group .
Ⅳ.Handling of Personal Information about Shareholders
1.Purpose of Use
- Exercise of rights and performance of obligations under the Companies Act
- Provision of convenience by TIS in accordance with status as shareholders
- Consideration and implementation of measures to facilitate relations between shareholders and TIS
- Shareholder management, such as the preparation of shareholder data in accordance with prescribed standards as required by law
2.Provision to Third Parties
TIS shall not disclose or provide to third parties personal information about shareholders except in the following cases:
- If the shareholder concerned has consented
- If disclosure or provision is required by law
- If disclosure or provision is made in a form in which individual shareholders cannot be identified, such as in the form of statistical data
3.Entrustment of Personal Information
TIS may entrust personal information about shareholders received with an outside party to fulfill the purposeof use.
In such case, TIS shall enter an agreement on protection of personal information with the entrustees, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and take proper and thorough safety control measures in accordance with the laws and regulations and TIS standards, exercise proper supervision, and recover the personal information about shareholders from the entrustees after termination of the entrustment.
4.Sharing of Personal Information in the TIS INTEC Group
TIS shall not share personal information about shareholders with group companies.
Ⅴ.Handling of Personal Information, etc. Received When Business Is Entrusted
1.Purpose of Use
TIS shall handle personal information, etc. received from customers to the extent necessary for the purpose of fulfillment of entrusted business, such as data processing.
2.Provision to Third Parties
TIS shall not provide personal information, etc. received from customers to third parties.
3.Entrustment of Personal Information, etc.
TIS may entrust the handling of personal information, etc. received to a third party in order to fulfill entrusted business.
In such case, TIS shall enter an agreement on protection of personal information with the entrustees, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper control in accordance with the laws and regulations and TIS standards After termination of the entrustment, TIS shall recover from the entrustees the personal information, etc. received.
4.Sharing of Personal Information, etc. in the TIS INTEC Group
TIS shall not share personal information, etc. received.
Ⅵ.Handling of Personal Information about TIS Directors, Employees, and Their Families
TIS shall handle personal information about TIS directors and employees (permanent employees, senior employees, contract employees, temporary employees, seconded employees and dispatched employees), applicants for positions at TIS, and former employees of TIS (hereinafter referred to collectively as “Employees, etc.”) as follows.
1.Purpose of Use
- Activities related to employment screening (for job applicants) and procedures for entering the company once offered a position
- Employment management, work management, salary administration
- Preparation and filing of notifications, reports, and other materials as required by law
- Employee welfare and management of health and safety
- Education and training
- Communication in emergencies
2.Provision to Third Parties
TIS shall not provide to third parties personal information about Employees, etc. except in the following cases:
- If the Employees, etc. concerned have consented
- If disclosure or provision is required by law
- If disclosure or provision is made in a form in which individual Employees, etc. cannot be identified, such as in the form of statistical data
A record will be created if information is provided to a third party.
In such case, TIS shall enter a non-disclosure agreement on the handling of personal information with the third party.
3.Entrustment of Personal Information
TIS may entrust with a third party personal information about Employees, etc. if necessary to fulfill the purpose of use.
In such cases, TIS shall enter an agreement on protection of personal information with the entrustee, take proper and thorough safety control measures in accordance with the laws and regulations and TIS standards, execute proper supervision, and recover the personal information about Employees, etc. from the entrustee after termination of the entrustment.
4.Handling of Personal Information in Foreign Countries
TIS may provide with a third party entrustee in foreign countries personal information about Employees, etc. if necessary to fulfill business as follows.
In such cases, TIS shall not provide personal information to a third party in a foreign country unless the Employees, etc. concerned have consented.
5.Sharing of Personal Information in the TIS INTEC Group
TIS may share personal information about Employees, etc. with group companies if necessary to fulfill the purpose of use.
For details, please see Sharing of Personal Information in the TIS INTEC Group .
In such case, TIS shall enter a non-disclosure agreement on the handling of personal information with the parties with which personal information is shared.
Ⅶ.Handling of Personal Information regarding Group Company Directors and Employees
1.Purpose of Use
- Activities necessary to the group’s management, including personnel management and education/training
- Communications necessary to the group’s management and administration
2.Provision to Third Parties
TIS shall not provide to third parties personal information about group company directors and employees except in the following cases:
- If the group company directors and employees concerned have consented
- If disclosure or provision is required by law
- If disclosure or provision is made in a form in which individual group company directors and employees cannot be identified, such as in the form of statistical data
A record will be created if information is provided to a third party.
3.Entrustment of Personal Information
TIS may entrust with a third party personal information about group company directors and employees if necessary to fulfill the purpose of use.
In such cases, TIS shall enter an agreement on protection of personal information with the entrustee, take proper and thorough safety control measures in accordance with the laws and regulations and TIS standards, in case of handling personal information in a foreign country, understand its laws and regulations, etc., and exercise proper supervision, and recover the personal information about group company directors and employees from the entrustee after termination of the entrustment.
4.Sharing of Personal Information in the TIS INTEC Group
TIS may share personal information about group company directors and employees with group companies if necessary to fulfill the purpose of use.
For details, please see Sharing of Personal Information in the TIS INTEC Group.
In such case, TIS shall enter an agreement on the sharing of personal information with the parties with which personal information is shared.
Ⅷ.Safety Control Measures for Personal Information, etc.
TIS shall manage all information, including personal information, etc., in accordance with the requirements for the Privacy Mark and information security management systems.
Measures taken by TIS for safety control purposes may include those taken for preventing leakages and other incidents of personal information acquired or to be acquired by TIS that is expected to be handled as personal data held by TIS.
1.Organizational Safety Control Measures
- Development of organizational system
Appointment of the chief manager and operation of the security meeting - Establishment of rules and operation in accordance with the rules
Development and operation of the security policy (i.e., provisions and bylaws) based on the information security policy - Keeping in order records for handling of personal information
Administration of records for businesses for which personal information is entrusted and businesses for which personal information is acquired - Evaluation, review, and improvement of safety control measures
Improvement by voluntary inspection by those who handle information, internal audit, and management review - Response to trouble and violation regarding information security
Establishment of a task force and legal measures against violating party
2.Human Safety Control Measures
- Agreement with employees or entrustees about handling of personal information.
Collecting written oath from employees or entering into contract with entrustees.
- Education and training of employees
Education to all employees by e-learning
3.Physical Safety Control Measures
- Entry and exit control
Control of entry and exit by setting security levels and using IC card - Countermeasures against theft
Locked safekeeping of confidential documents and media, wire lock for portable PCs, and implementation of clear policy - Physical protection of machines and equipment
Implementation of measures against power failure and for disaster prevention and establishment of terminal room exclusive to real business requiring access to confidential information
4.Technical Safety Control Measures
- Identification and authentication of access
Personal authentication by IC card and/or fingerprint - Access control
Minimization and control of access - Control of access authority
Controlled setting of scope and authority of access according to type of job - Access record
Acquisition and storage of work records and access log - Measures against malicious software on information system
Automatic application of the virus definition (DAT) and security patch - Measures for transfer and telecommunication
Use of VPN and secure mail in encoding, electronic transmission, and telecommunication of transport media - Measures when checking the information system operation
Prohibition of use of operation data or, if necessary, restricted use by authorized person in monitored area - Monitoring of information system
Monitoring of access log and verification with work record
5.Supervision of Employees and Entrustees
- Video monitoring in monitored areas and restriction of access to the Internet
- Appointment and periodical education of chief manager of the entrustees and audit of delegated entrusted services
IX.About Cookies
This website uses the cookies.
For details, please refer to TIS Cookie Policy.
X.Disclosure, Correction, and Utilization Cease, etc. of Personal Information
TIS shall make a disclosure without delay in respect of personal information about Clients (excluding personal information received when business is entrusted) received by TIS and personal information about Employees, etc. and group company directors and employees held by TIS upon request by the individual concerned except in the following cases. When a disclosure is not made or there is no applicable personal data, TIS will give a reply to that effect.
- If it would harm the individual concerned or third party's life, body, fortune or other rights and interests
- If it would significantly impede the proper conduct of business
- If it would violate other laws or regulations
TIS shall conduct an investigation and correct, add, delete, cease utilization, eliminate or cease provision to third-parties in respect of the personal data held by TIS in accordance with the laws and regulations upon request by the individual concerned. Please address requests to the point of contact for inquiries shown below.
As a charge for the procedures for disclosure or other actions, TIS may charge the actual expenses incurred (up to 1,000 yen).
XI.About Personal Information Handling Business Operator
TIS Inc.
17-1, Nishishinjuku 8-chome, Shinjuku-ku, Tokyo, 160-0023, Japan
Yasushi Okamoto, President
Contact for Handling of Personal Information
Compliance Management Dept., Corporate Management SBU., TIS Inc.
About Accredited Personal Information Protection Organization
Name of the accredited personal information protection organization and contact for complaints
Name of the accredited personal information protection organization
JIPDEC
Contact for complaints
Personal Information Complaint and Consultation Office
Address: Roppongi First Building, 9-9, Roppongi 1-chome, Minato-ku, Tokyo 106-0032, Japan
Tel: +81-3-5860-7565; Toll-free number: 0120-700-779
*The telephone number and toll-free number stated above are not for inquiries about our products or services.