Privacy policy

Privacy policy

TOHO HOLDINGS CO., LTD. (hereinafter referred to as the “Company”) develops a personal information management system while handling personal information properly in consideration of the importance of the protection of personal information, in compliance with the Act on the Protection of Personal Information (hereinafter referred to as the “Personal Information Protection Act”) and other rules, and in accordance with the Code of Ethical Practice of Kyoso Mirai Group and the Personal Information Handling Regulations stipulated by the Company.

Definition of Personal Information

In this Privacy Policy, the term “personal information” means information that the Company has obtained or intends to obtain, that is personally identifiable that consists of one or a combination of the following: name, address, telephone number, gender, e-mail address, occupation, position and other information that has been provided to the Company by a person himself/herself.

Acquisition and Handling of Personal Information

The Company acquires personal information properly and fairly and specifies the purpose of use before the acquisition. The Company handles personal information to the extent necessary for the achievement of the purpose of use reported or announced in advance.

Provision of Personal Data

The Company does not provide or disclose any retained personal data to a third party, except for the following cases:

  • When the approval of the person who has provided the data is granted;
  • When the data is processed into statistical data that is not personally identifiable;
  • When it is considered appropriate for the data to be dealt with by any of the Company’s group companies;
  • When the data is provided or disclosed in accordance with the provisions of laws and regulations; and
  • When information on the data is provided in compliance with the procedure set forth in paragraph 2 of Article 27 of the Personal Information Protection Act.

Provision to and Supervision of Contractor

When the Company entrusts services or places an order for systems related to the handling of personal information in order to advance work smoothly, it provides or discloses personal data to the contractors concerned to the extent necessary for the business on condition that the following measures are taken:

  • Conclusion of a confidentiality agreement and others with the contractors to make the safety management of personal information compulsory; and
  • Provision of necessary and proper supervision to the contractors.

Joint Use of Personal Information

  • The Company may use acquired personal information jointly with each group company.
    1. The items of personal information to be jointly used:
      1. Personal information concerning the business partners of the joint user
        •Personal information such as the names, addresses, workplaces, positions, telephone numbers, fax numbers, e-mail addresses, transaction information
      2. Personal information concerning the directors, auditors, corporate officers, regular employees, contracted employees, temporary employees, part-time workers, dispatched workers, etc. of the joint user
        •Personal information such as the names, addresses, workplaces, positions, telephone numbers, fax numbers, e-mail addresses and employment management
    2. The scope of joint users
      The joint users shall be the Company’s group companies.
    3. The purpose of joint use
      1. The matters described in “Purpose of Use of Personal Information”
      2. The general operational management of the entire group by risk management and other means
      3. The consolidated accounting processing of the group
      4. Other performance necessary to perform transactions properly and smoothly
    4. The person responsible for joint use
      With respect to any person’s personal data to be jointly used, the company receives any requests and complaints regarding disclosure and others from the person, and is eligible for disclosure, revision, the suspension of use and the like, and is liable for the safety and other management of the personal data.
      Adress:4-43-11, Daizawa,Setagaya-ku, Tokyo 155-8655, Japan
      Company Name:TOHO HOLDINGS CO., LTD.
      Representative:Hiromi Edahiro  
    5. Joint Use of Medical Database
      The Company uses the personal information stored in theMedical Data Base managed and operated by Nihon Ultmarc INC. (hereinafter referred to as the “MDB”) jointly with specific companies. For information on the items, scope of joint users, purpose of the use by joint users and person responsible for the management of personal data to be jointly used, please refer to the web site of Nihon Ultmarc INC. Each of the Company’s group companies jointly using the MDB is found in the List of MDB Members on the foregoing web site.

Management of Personal Data

The Company develops a personal data management system and maintains it in compliance with the following matters:

  • To make efforts to maintain the accuracy and recency of the content of the personal data;
  • To make efforts to take proper safety management measures for the personal data, such as the prevention of leakage, loss, destruction or alteration of, and unauthorized access to, the personal data, and to maintain such measures.

Education for Protection of Personal Information

The Company aims at thoroughly urging its officers and employees to enhance their recognition of the importance and need of protecting personal information.

Inquiry, Notice of Purpose of Use, Disclosure, Revision, and Suspension of Use Concerning Retained Personal Data

When the Company receives any inquiry or request for the notice of the purpose of use, disclosure, revision or the suspension of use concerning personal data retained by the Company from the person who has provided the data, it responds promptly to such inquiry or request within a reasonable scope.

Safety Management Measures

Regarding personal information that we receive from you, we prevent unauthorized access, loss, destruction, falsification, leakage, etc. by taking the following organizational, physical, human, and technical measures.

(Organizational safety management measures)
We have assigned a responsible person for handling personal data and thus built a liaison structure for reporting to the responsible person, in cases where there is any fact or sign of a violation of laws or handling regulations.

(Human safety management measures)
We provide employees with regular training for key points concerning personal data handling.

(Physical safety management measures)
We have taken measures to prevent personal data processing devices, electronic media, documents, etc. from being stolen or lost, and to prevent personal data from being easily identified when carrying such devices, electronic media, etc. or transferring them within the office.

(Technical safety management measures)
We have introduced a structure to protect information systems used to process personal data from unapproved external access or software by implementing access control to limit the accessible personnel and the scope of the personal information database, etc. to be handled.

Revision of Privacy Policy

The Company reviews the policy of each provision above, aiming at improving it, from time to time in compliance with laws and regulations related to the protection of personal information.
Therefore, the policy of each provision above may be revised without prior notice. We ask for your prior understanding.
The revised Privacy Policy will be published on this web site.

Concluded.
Enacted as of April 1, 2009
Revised as of October 1, 2012
Revised as of April 1, 2018
Revised as of April 1, 2022
Revised as of June 27, 2024
Revised as of July 23, 2024