Privacy Policy
Privacy Policy
【Philosophy of Personal Information Protection】
HEARTBEATS Corporation (hereinafter referred to as “the Company”; For details of our location and the name of our representative, please see Company) operates as an information technology support company that contributes to corporate creativity by providing safe, secure, and highly reliable services. Through its core businesses—server operation management outsourcing, server monitoring outsourcing, and server hosting—the Company aims to contribute to the development of customers, employees, and society at large.
The personal information (including specific personal information, hereinafter collectively referred to as “Personal Information”) obtained in the course of business activities from customers, business partners, employees, and others is an extremely important information asset. We recognize that ensuring the protection of such Personal Information is a critical social responsibility of the Company. Accordingly, we handle Personal Information in accordance with the following policies to provide peace of mind to our customers and employees and to fulfill our social responsibility.
【Policy】
-
Acquisition, Use, and Provision of Personal Information
- We will acquire Personal Information through lawful and fair means.
- We will use Personal Information only to the extent necessary to achieve the specified purposes of use.
- When providing Personal Information to a third party, we will obtain prior consent from the individual concerned.
- We will not use Personal Information for purposes other than those specified. Appropriate measures will be implemented to ensure compliance.
- If it becomes necessary to use Personal Information for new purposes, we will obtain renewed consent for such use before proceeding.
-
Compliance with Laws, Guidelines, and Regulations
- We will make every effort to stay informed of all applicable laws, guidelines, and other regulations (“Laws and Regulations”) related to the handling of Personal Information.
- We will ensure that all employees engaged in the Company’s operations are made aware of and comply with such Laws and Regulations.
-
Security Management of Personal Information
- We will establish and maintain a system that promptly implements corrective measures to prevent risks such as unauthorized access, leakage, loss, or damage of Personal Information.
- We will conduct regular inspections, promptly correct any violations or incidents, and implement preventive measures against identified vulnerabilities.
- We will provide thorough training on information security to all employees.
-
Complaints and Inquiries
- We will establish a dedicated contact point for inquiries and complaints regarding the handling of Personal Information.
- A system will be maintained to ensure prompt response, and we will respond sincerely to all such matters.
-
Continuous Improvement
- To protect Personal Information, we will monitor and audit compliance with internal rules, strive to detect violations, incidents, accidents, and vulnerabilities, and conduct management reviews by our executives.
- We will reflect the results of these reviews in our controls and internal rules, and strive for the continuous improvement of our Personal Information Protection Management System.
- Improvements will comply with applicable Laws and Regulations as well as JIS Q 15001 standards.
Contact for Inquiries Regarding the Privacy Policy
HEARTBEATS Corporation
Personal Information Inquiry Desk
Kosugi Building 5F, 1-28-11 Shinjuku, Shinjuku-ku, Tokyo 160-0022, Japan
Phone: +81-3-3356-1236(Weekdays 10:00–17:00 JST)
- If you have any questions or concerns, please do not hesitate to contact us.
Handling of Personal Information
1.Scope of Application
This Policy applies to all personal information obtained in connection with all services provided by the Company (hereinafter referred to as “Services”).
For certain services, the Company may establish separate terms of use or individual policies (hereinafter referred to as “Individual Policies”). In such cases, both this Policy and the relevant Individual Policy shall apply to the relevant service. If there is any inconsistency between the two, the Individual Policy shall take precedence.
2.Business Operator Information
HEARTBEATS Corporation
Kosugi Building 5F, 1-28-11 Shinjuku, Shinjuku-ku, Tokyo 160-0022, Japan
Representative Director: Masanori Fujisaki
3.Responsible Person for Personal Information Protection
Chief Information Security Officer (CISO), Personal Information Protection Manager
Phone: +81-3-3356-1236(Weekdays 10:00–17:00 JST)
4.Purpose of Use of Personal Information
| Type of Personal Information | Purpose of Use | Disclosure Category |
| Business Partner Information (including contact details in “Management and Monitoring Specifications” and ticket management information) | For communication with business partners, performance of contracts, and related claims | Disclosed |
|---|---|---|
| User Information of the Company’s Services | For the performance of contracts, related claims, usage analysis, service improvement, and marketing | Disclosed |
| Inquiry Information (such as requests for materials) | For responding to inquiries and providing information related to services | Disclosed |
| Survey Responses | For marketing analysis | Disclosed |
| Employee Information | For employment management, including personnel and general affairs | Disclosed |
| Information of Applicants for Recruitment and Internship Programs | For use in recruitment activities and consideration of employment | Disclosed |
| Data Stored on Servers by Business Partners | For server management and monitoring | Not Disclosed |
5.Provision to Third Parties
Except as required by law, the Company will not provide the personal information it has acquired to any third party without obtaining the prior consent of the individual concerned.
6.Outsourcing of Handling
For the purpose of providing better services to our customers in the course of business operations, the Company may outsource part of its operations to external parties. In such cases, we will carefully select contractors that are recognized as handling personal information appropriately. Furthermore, through contracts and other arrangements, we will stipulate necessary matters to prevent leakage of personal information—such as proper management and confidentiality obligations—and ensure appropriate management by such contractors.
7.Measures Taken for the Security Management of Retained Personal Data
| Formulation of Basic Policy | The Company publicly discloses its Privacy Policy on its website. |
|---|---|
| Development of Rules and Regulations | The Company has established internal rules regarding the handling of personal information at each stage—such as acquisition, use, provision, and disposal—as well as the responsibilities of persons in charge. These rules are reviewed periodically. |
| Organizational Security Control Measures | The Company conducts regular self-inspections, internal audits, and external audits. |
| Human Security Control Measures | The Company obtains confidentiality pledges from employees and provides regular training on information security and personal information protection. |
| Physical Security Control Measures | The Company implements management of areas where personal information is handled and prevents theft or loss of devices and electronic media. |
| Technical Security Control Measures | The Company has implemented systems to protect against unauthorized access from external sources. |
| Understanding of External Environment | In cases where personal data is stored in foreign countries, the Company ensures the implementation of appropriate security control measures by first understanding the personal information protection systems and related regulations of the relevant country. |
8.Procedures for Requests for Disclosure, etc.
When the Company receives a request from the individual concerned or his/her representative regarding the retained personal data held by the Company, for notification of the purpose of use, disclosure (including disclosure of records of provision to third parties), correction, addition or deletion of content, suspension of use, erasure, or suspension of provision to third parties (hereinafter collectively referred to as “Request for Disclosure, etc.”), the procedures shall be as follows:
-
Submission of Requests for Disclosure, etc.
-
Requests for Disclosure, etc. must be submitted by attaching the necessary documents to the “Request Form for Disclosure of Personal Information” and sending them by email attachment or postal mail.
When submitting by postal mail, please use a method that allows confirmation of delivery, such as registered mail or simplified registered mail.
Please also indicate in red on the envelope: “Contains Request Form for Disclosure of Personal Information.”
-
Requests for Disclosure, etc. must be submitted by attaching the necessary documents to the “Request Form for Disclosure of Personal Information” and sending them by email attachment or postal mail.
-
Documents to be Submitted for Requests for Disclosure, etc.
- When making a Request for Disclosure, etc., please fill in all the required items in the “Request Form for Disclosure of Personal Information.”
-
Identity Verification
- To verify the identity of the person making the Request for Disclosure, etc., the Company will conduct a telephone verification. If telephone verification is not possible, the requester may be required to present a copy of a driver’s license, certificate of residence, health insurance card, or equivalent document.
-
Requests by a Representative
-
If a Request for Disclosure, etc. is made by a representative, please submit the following documents in addition to the “Request Form for Disclosure of Personal Information.”
- A document (copy) verifying the identity of the representative: one of the following – driver’s license, certificate of residence, or health insurance card (please ensure the registered domicile is redacted in the copy).
- A power of attorney: The power of attorney must bear the principal’s seal, accompanied by a certificate of seal impression. If the representative is a legal representative such as a parent, a document verifying the relationship with the principal may be submitted in lieu of a power of attorney.
-
If a Request for Disclosure, etc. is made by a representative, please submit the following documents in addition to the “Request Form for Disclosure of Personal Information.”
-
Fees for Requests for Disclosure and Notification of Purpose of Use
-
For each request for disclosure of personal information or notification of the purpose of use, a handling fee of 500 yen (including tax) will be charged.
Payment should be made via bank transfer of 500 yen (including tax).- The transfer account details will be provided at the time of identity verification.
- The bank transfer fees must be borne by the requester.
Please note that if the fee is insufficient or if payment cannot be confirmed, the Company will be unable to respond to the request for disclosure or notification of purpose of use.
-
-
Method of Response to Requests for Disclosure, etc.
- Responses will be provided using the same method (email or postal mail) as that chosen by the requester.
-
Authorized Personal Information Protection Organization and Contact for Complaints
-
If you believe that the Company’s handling of personal information is inappropriate, you are requested to first contact the Company with your complaint. If you are not satisfied with the Company’s response, you may file a complaint with the following Authorized Personal Information Protection Organization.
Japan Institute for Promotion of Digital Economy and Community (JIPDEC)
Personal Information Protection Complaint Consultation Office
Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032, Japan
Tel: 03-5860-7565 / 0120-700-779
-
9.Voluntary Nature of Providing Personal Information
Providing personal information to the Company is voluntary. However, please note that if you choose not to provide such information, we may be unable to respond to your inquiries or provide certain services.
10.Procedures for Changes
The Company may revise this Policy as necessary. However, in cases where changes to this Policy require the consent of the individual under applicable laws, the revised Policy will apply only to those who have consented to the changes in the manner prescribed by the Company.
When changes are made to this Policy, the Company will inform or notify individuals of the effective date and details of the revised Policy by posting on the Company’s website or by other appropriate means.
Use of Cookies
This website uses Google’s analysis tool, Google Analytics. Google Analytics uses cookies to collect data. The data collected is anonymous and does not identify any individual.
You can disable the use of cookies and thereby refuse data collection by adjusting the settings of your browser. For more details on this, please refer to the Google Analytics Terms of Service and the Google Policies and Terms pages.
【What Are Cookies?】
A cookie is a small text file that is stored on your computer (or internet-enabled device such as a smartphone or tablet) when you access this website. By using cookies, the Company can obtain information such as the number of visits to the website from your computer and the pages you have visited.
Please note that the information collected through cookies does not include any personal information that can identify you.
In addition, you may disable the functionality of cookies through your browser settings. Even if you disable cookies, you will still be able to use this website without any issues.