Personal Information Protection Policy

Sansan, Inc., a corporation established and existing under the laws of Japan, having its principal office at: Aoyama Oval Building, 13F, 5-52-2, Jingu-mae Shibuya-ku Tokyo 150-0001, Japan, (“Sansan”) engages in information management service for corporations and individual customers (compiling business cards into a database, etc.) and has the privilege of contributing to the society. In addition, in view of the advancement of informatization and increasing recognition of privacy in recent years, we believe the proper handling of personal information is now strongly requested. Based on this philosophy, we have set forth the following personal information protection policy, and we will properly handle personal information in accordance with this policy.

  1. Rules

    The Company shall comply with the laws and regulations, governmental guidelines, and other rules related to the handling of personal information.

  2. Acquisition

    We will acquire personal information in an appropriate manner without using any false or otherwise dishonest means.

  3. Purpose of Use

    When handling personal information, we will specify the purpose of use as much as possible.

  4. Notification

    When acquiring personal information, we will notify the customers of the purpose of use in the event we are required to comply with the provisions of JIS Q 15001: 2017 (hereinafter called “JIS Q 15001”).

  5. Use

    We will handle personal information in an appropriate manner only within the scope necessary to achieve the specified purpose of use, and we will take the necessary precautions for that purpose.

  6. Consent

    When we obtain personal information, change the purpose of use, or gain access to any individual customers, we will obtain the consent of such individual customers in question in accordance with the provisions of JIS Q 15001.

  7. Accuracy

    We will keep the contents of personal information in an accurate and updated condition as much as we can within the scope necessary to achieve the purpose of use.

  8. Safety Management

    We shall endeavor to prevent or correct any unauthorized access, leakage, loss, or damage of personal information and take all other necessary and proper precautions to safely manage personal information.

  9. Employees

    For the purpose of safely managing personal information, we will provide our employees with necessary and proper supervision as well as regular and proper education.

  10. Entrustment

    When we entrust the handling of personal information, we shall endeavor to select a contractor who can fully meet the standards to protect personal information. And in order to strive for the safety management, we shall endeavor to provide such contractor with all necessary and appropriate supervision.

  11. Provision

    Except for cases based on the provisions of JIS Q 15001, we will obtain the prior consent of an individual customer when we provide personal information to third parties.

  12. Disclosure

    In connection with the disclosure of personal information subject to disclosure, we will take the necessary precautions in accordance with the provisions of JIS Q 15001.

  13. Complaints and Consultations

    We will strive to deal with complaints and consultations regarding the handling of personal information in an appropriate and prompt manner and will strive to put in place an organization to achieve such processing.

  14. Audit

    We will regularly audit the status of conformance of our personal information protection management system to JIS Q 15001 and the operating status of our personal information protection management system.

  15. Correction

    We will securely implement corrective and preventive measures for any nonconformities found as a result of the audit.

  16. Review

    In order to maintain appropriate protection of personal information, we will regularly review and endeavor to continuously improve our personal information protection management system.

  • Date of enforcement: August 15, 2007
  • Date of the latest revision: January 31, 2019
  • Chika Terada, Sansan, Inc.

Handling of Personal Information

*For Handling of Personal Information of Eight service, please visit here.

  1. Name or Trade Name of Business Operator

    Sansan, Inc. (“Sansan”)

  2. Personal Information Administrative Manager

    CISO (Chief Information Security Officer) (Please refer to the contact details “Personal Information Complaints and Consultations Counter” at the bottom of this page.)

  3. Purpose of Use on Acquiring Personal Information

    In light of our service where we are provided personal information from customers and operate information management services for enterprise and individual users (“Service”), the purpose of use of personal information are set forth as follows:

    1. (1) Customers’ personal information
      • To provide and manage the Service properly
    2. (2) Provided personal information from customers
      • To provide and manage the Service properly
    3. (3) Venders, suppliers or business partners’ personal information other than above (1)
      • To provide and manage the Service properly
    4. (4) Shareholders’ personal information
      • To exercise rights and to perform obligations under the Companies Act and Commercial Code of Japan
      • To provide various conveniences
      • To implement various measures to facilitate the relationship between shareholders and us
      • To prepare and manage the shareholders’ database in accordance with the standards of various laws and regulations
    5. (5) Prospective employees’ personal information
      • To provide recruiting information with and contact the persons who are interested in and applied for a position in us
      • To conduct recruiting activities
    6. (6) Our employees’ personal information
      • To contact an employee in the course of business operations, make a list of employees, proceed with any legally required procedures including those after retirement, and manage the employment operations
      • To make decisions on personnel selection, transfer, secondment or dispatch
      • To make decisions on compensation and payment, handle taxes and social insurance, and provide welfare benefits
      • To execute the safety control measures such as video and online monitoring
      • To conduct our PR or advertisement activities
      • To operate proper health management (Except in the case of the requirement of laws and regulations, we do not acquire, use or provide health information of employees such as results of medical check-ups. )
    7. (7) Personal information of customers who contacted us
      • To improve our customer service satisfaction
      • To understand accurately and deal with the inquiries and notifications
    8. (8) Publicly disclosed personal information (including information on directors, officers and shareholders of a corporation or other entities which is disclosed or publicly announced by such individuals themselves or by such corporations or entities) and personal information provided by our business partners such as news media (“Disclosed Information”)
      • To keep information up-to-date in providing the Service
      • To provide Disclosed Information to customers or business partners using the Service on condition that the provision to the third parties of such information is suspended upon request from a person whose personal information is at issue (“Data Subject”).
        • Details of Disclosed Information to be provided to the third parties
          Company name, department name, job title, address, name, contact information, etc.
        • Method of acquisition and provision of Disclosed Information provided to the third parties
          By telephone, facsimile, e-mail or on the Internet Procedure to suspend the provision of Disclosed Information to the third parties
        • We will suspend the provision of Disclosed Information to the third parties, upon request from a Data Subject. If you would like to request it, please contact at the following email address.
          pms mail - Privacy Policy
  4. Sharing of Personal Information

    1. (1) Items of personal information to be shared

      Such items of personal information acquired for “Purpose of Use on Acquiring Personal Information” set forth in Section 3 above may be shared between or among our subsidiaries.

    2. (2) Scope of such sharing

      Sansan, Inc.
      Sansan Global Pte. Ltd.
      Sansan Corporation

    3. (3) Purpose of use of such shared personal information

      Same as those in Section 3 above, “Purpose of Use on Acquiring Personal Information”

    4. (4) Name or trade name of business operator in charge of the management of such shared personal information

      Sansan, Inc.

    5. (5) Method of acquisition or provision

      By telephone, facsimile, e-mail or on the Internet

  5. Purpose of Use of Personal Information Subject to Disclosure

    Same as Section 3 above, “Purpose of Use on Acquiring Personal Information”. Notwithstanding the foregoing, “Provided Personal Information from Customers” set forth in Section 3. (2) shall not be included in Personal Information Subject to Disclosure.

  6. Personal Information Subject to Disclosure: Notification of Purpose of Use, Amount of Request Fee and Request Procedures

    1. (1) Request procedures for Personal Information Subject to Disclosure

      We will accept such request by telephone call, postal mail and E-mail. After your request, we will inform you in detail how to proceed. Upon your request, your identification documents shall be offered.

    2. (2) Amount of request fee

      For notification and disclosure of the Personal Information Subject to Disclosure, request fee of JPY1,000 per request (JPY1,000/request) will be charged. In addition, depending on your requests, we may charge extra fees according to the amount of work when it requires us a lot of time for such disclosure. In this case, a quote will be notified in advance.

  7. Acquisition of Personal Information in a Manner not Easily Recognizable by a Data Subject

    1. (1) Our Service may use Cookies, web beacons and other similar technologies (“Cookies”) and acquire customer and visitor (“Visitors”) information regarding the state of usage by the Visitors and the Visitors’ attribution information in order to protect the Visitors’ privacy, to enhance the usage, to distribute advertisements and to acquire statistical data. The Cookies do not contain personal information and they cannot be used to identify the Visitors.
      We use behavior targeting advertising service provided by the following companies by way of using Cookies in order to optimize the distribution of advertisements to the Visitors. If the Visitors want to invalidate these services, the Visitors can access to either of the webpages of the following companies and follow the respective procedures.

    2. (2) We may automatically create and save information such as an IP address, type of browser and browser language of Visitors who use the Service or visit Sansan’s webpages. We may use such information to analyze user environment, to offer better services, and to prevent improper acts which disturb normal provision of the Service

  8. Personal Information Complaints and Consultations Counter

    If you have any complaints or inquiries regarding our handling of personal information, please contact the following. There is no accredited personal information protection groups we belong to.

    Contact details:

    Personal Information Complaints and Consultations Counter of Sansan, Inc.
    Address: Aoyama Oval Building, 13F, 5-52-2, Jingu-mae, Shibuya-ward, Tokyo, 150-0001, Japan
    TEL: +81-3-6758-0033
    Business Hours: Monday through Friday 10:00a.m.-4:00p.m. JST excluding national holidays in Japan

*¹”Personal Information Subject to Disclosure” is personal information which comprises systematically organized information’s aggregation that can be searched by using a computer or systematically organized information’s aggregation that can easily search specific personal information by organizing, classifying, indexing and coding according to a certain rule, and which we have authority to respond all requests from a Data Subject to disclose, correct, add and delete his/her own personal information and to suspend providing such personal information to third parties. Please feel free to contact the “Personal Information Complaints and Consultations Counter” for further information.