Personal Information Protection Policy

CRI Middleware Co., Ltd. (hereafter, “CRI”) has established and follows the personal information protection policy stated below in order to protect the personal information handled in the course of conducting our various business operations.

1.Observance of laws, regulations and other standards related to protecting personal information

CRI will observe all laws, regulations, governmentally established guidelines, and other standards related to protecting personal information.

2. Acquisition and usage of personal information

CRI will clearly state the reason for which personal information will be used, and will appropriately obtain, use and provide personal information within the limits necessary for achieving these tasks.

3.Provision and Disclosure of Personal Information to Third-Parties

Except when stipulated by law, CRI will not provide personal information to any third-party without first obtaining the related individual’s consent.

When stipulated by law
When there is a need to protect the life, well-being, or property of an individual, and it is difficult to obtain the consent of this individual
When there is a special need to improve public well-being or promote healthy child development, and it is difficult to obtain the consent of the individual
When it is necessary to cooperate with a national agency, local government, or person entrusted by them with carrying out the tasks prescribed by laws and regulations, and obtaining the consent of the individual is likely to interfere with performing these tasks
When entrusting all or part of the handling of personal data to an appropriate contractor after implementing necessary supervision
When sharing personal data with third parties having strict handling rules in place

4.Personal information protection system

In order to appropriately manage personal information, CRI will appoint personal information managers, formulate rules for managing personal information, and create a system that can effectively conduct the necessary education and supervision. Moreover, we will periodically review the measures necessary for appropriate management and revise or improve them as required.

5.Safe management of personal information

CRI will implement appropriate procedures and carry out safety control measures to prevent the loss, theft, destruction, falsification, unauthorized access, leakage, etc., of any personal information.

6.Disclosure, revision and deletion of personal information

CRI will respond promptly and appropriately to requests from individuals for disclosure, correction, or deletion of their personal information.

Any revision to this Privacy Policy will be announced on our website.

Enacted on 12th June, 2015
Revised on 27th November, 2023

CRI Middleware Co., Ltd.
President and CEO
Masao Oshimi

Personal Information Acquired by the Group and Usage Purposes

1.Your Personal Information

(1) Personal information acquired

CRI may obtain personal information such as the name, affiliation, and contact information of the person in charge or administrator via inquiry and application forms, business cards, etc.
In addition, the personal information of your employees using our software may be obtained when registering or logging into our products and services. The authentication information includes login ID, password, IP address, and others.

(2) Purpose of Use

CRI uses your personal information for the following purposes:

1- To begin providing the products and services requested, e.g., at the conclusion of a contract, opening of an account, user registration, etc.
2- To send various notices and information regarding updates, license periods, renewal timing, changes to the Terms of Use, etc., regarding products and services in use
3- To respond to inquiries and support questions regarding products and services in use
4- To send newsletters and to provide information about the Group’s products and services
5- For sales activities related to the Group’s products and services, such as proposals and business negotiations
6- To activate and manage licenses for products and services in use

2.Personal information of people who have requested materials, applied to participate in trials, seminars, events, or made other inquiries about the Group’s products and services, or who have visited the Group’s booth at exhibitions, etc.

(1) Personal information acquired

CRI may obtain personal information such as names, affiliations, and contact information through contact forms and business card exchanges at exhibitions.

(2) Purpose of Use

CRI uses your personal information for the following purposes:

1- To respond to requests for materials, trials, seminar applications, and other inquiries
2- To send newsletters and to provide information about the Group’s products and services
3- For sales activities related to the Group’s products and services, such as proposals and business negotiations
4- For consideration of sales policies regarding the Group’s products and services

3.Personal Information of Applicants for Positions in the Group

(1) Personal information acquired

By submitting resumes, entry sheets, etc., the Group will obtain personal information such as the name, date of birth, contact information, and work history of the applicants for employment at the Group. This personal information may be submitted by the applicant himself/herself or obtained through a hiring agent representing the applicant.

(2) Purpose of use

CRI uses the personal information of applicants for recruitment for the following purposes:

a. Application screening and job interview
b. Coordination of interview schedules, notification of results to applicants, etc.
c. Contact with informal interviews, company information, etc. for those who have been offered or accepted a job offer.

4.Personal information of shareholders and institutional investors

(1) Acquisition of personal information

CRI may collect the personal information of shareholders (such as name, date of birth, address, contact information, number of shares held, etc.).
In addition, CRI may obtain personal information (such as the name, affiliation, and contact information of the person in charge) from institutional investors who attend financial results and IR briefings, or make inquiries.

(2) Purpose of use

CRI uses the personal information of shareholders and institutional investors for the following purposes:

a. Exercising rights and fulfilling obligations under the Companies Act
b. Responding to inquiries about stocks and IR information and managing inquiry history
c. Financial results and IR briefings, etc.
d. Publication in quarterly reports, Nikkei corporate information, annual reports, convocation notices, etc.
e. Management and internal control of CRI

5.Personal information of the visitors of CRI’s websites

(1) Personal information acquired and purpose of use

CRI will use the personal information sent through the inquiry form on the Group’s website to respond to the inquiry. However, if the inquiry falls under 2. above, the information will be used for the purposes set out in (2) of 2. above.

(2) Access logs

CRI’s websites collect access logs as statistical analysis information for the purpose of improving customer convenience and service quality. However, the access logs do not contain any information that could be used to identify individuals, such as the name or address of the customer.

(3) Cookies

We use this information to understand which pages customers have visited, improve the content and services of CRI’s websites to increase customer satisfaction, and to customize them to match the individual needs of each customer. This data is collected anonymously and does not identify individuals.
You can change your browser settings to not use these cookies automatically. However, please note that some services may be limited or unavailable without cookies.

6.Personal information of officers, employees, etc. (including their dependents)

We will use personal information for the following purposes:

Personnel and labor management, including recruitment, as well as operational checks, including accounting and general affairs
Personnel management of CRI’s directors, officers and other employees

7.Personal information of employees and temporary staff of business partners

We will use personal information for the following purposes:

Identification of business partners and temporary employees involved in various contracts

8.Other

We will use personal information only after the individual has been informed of the purpose and has agreed to it.

Regarding the sharing of personal information within CRI

Personal information acquired by CRI may be shared within the company for the following purposes (within the scope of the intended use):

1.Scope of the sharing

2.Purpose of use of the information

To introduce, send, provide, and research products and services
To consider the development and improvement of products and services and operations
To communicate information necessary for business purposes, etc.
To perform the accounting, tax, legal, etc. tasks of the subsidiaries by the parent company
To perform the consolidated accounting of CRI’s companies
To conduct investigations to respond to claims, complaints, etc.
To identify an individual or agent
To send responses and for any necessary communication
To fulfil other obligations under laws, regulations and contracts

3.items of personal information to be shared

Name, company name, address, telephone number, email address, name of employer, department name, other personal information, inquiry details, contract details, other transaction/communication details, claim/complaint details, etc.

4. Person responsible for managing personal information

CRI Middleware Co., Ltd.

Atsushi Sakurai, Executive Managing Director and Chairman of the ISMS Committee

Enquiries about personal information, disclosure, correction, addition or deletion of content, etc.

If you have any inquiries about the personal information you have provided to us, or if you wish to request notifications of the purpose of use, disclosure, correction, addition or deletion of content, suspension of use, erasure, or suspension of provision to a third party, please contact us using the personal information inquiry form below.

CRI Middleware Co., Ltd.
Personal Information Inquiry Desk
Infoss Tower. 11F, 20-1 Sakuragaoka-cho, Shibuya-ku, Tokyo 150-0031

Inquiries regarding personal information

Personal Information Protection Manager

Atsushi Sakurai, Executive Managing Director and Chairman of the ISMS Committee

Last updated: 12th March 2024

For more information on the Basic Policy on Information Security, click here.

Cookie	期間	説明
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.