Privacy Policy

At FRONTEO, Inc., its subsidiaries and group companies, (hereafter the “Company”), the right of individuals to the privacy of their personal information and individual number is honored, about personal information (Act on the Protection of Personal Information, Article 2 paragraph 1), and individual number (Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure, Article 2 paragraph 5).

The following practices are in place to protect such information:

  • Company assigns managers to deal with departments at sites which have responsibility for dealing with personal information and individual number.
  • Company acquires personal information by lawful and fair means with obtaining the consent of the Person (“Person” shall mean a specific individual identified by personal information.) and within the scope necessary for the achievement of the purpose of utilization.
  • Company will handle personal information within the scope of the following utilization purpose.
    1. The utilization purpose of personal information that Company acquires in other manner besides Company obtains from the Person in writing directly.
      • Utilization for the purpose of executing the entrusted business adequately when Company accepts on trust.
      • Applicants information for a job opening through the job sites.
        • a.To notify information for a job opening, review and decide candidates
    2. The utilization purpose of personal information for disclosure
      • Dealing with personal information of Company’s service user
        • a.To supply, invoice, and process payment for products/services ordered to Company
        • b.To notify about Company’s products/services and to send/collect surveys
        • c.To send presents as Company’s campaign activities
        • d.To confirm, respond to, and address the content of inquiries to Company
      • Dealing with customer’s personal information
        • a.To conduct business correspondence
        • b.To confirm, respond to, and address the content of inquiries to Company
      • Dealing with personal information regarding inquiries/complaints etc. to Company
        • a.To confirm, respond to, and address the content of inquiries/complaints etc. to Company
      • Dealing with shareholder’s information
        • a.To secure exercise of rights for shareholders, to contact, and to send IR materials
      • Dealing with applicants information for a job opening and employee (including temporary workers and former workers) information
        • a.To notify information for a job opening, review and decide candidates
        • b.To manage human resources and offer welfare programs
      • Beyond above, to use according to the utilization purpose that the Person has agreed previously

    Provided that, the provisions of the preceding two paragraphs shall not apply to the following cases:

    • ⅰ.Cases in which the handling of personal information is based on laws and regulations.
    • ⅱ.Cases in which the handling of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person.
    • ⅲ.Cases in which the handling of personal information is likely to interfere significantly with Company’s proper operation.
    • ⅳ.Cases in which the handling of personal information is specially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person.
  • Company will handle individual number, within laws and within utilization scope that set by the third commission established in laws.
    Provided that, the provisions of the preceding shall not apply to the following cases:
    • ⅴ.Cases in which the handling of individual number is necessary for the payment from financial institution at the time of disasters.
    • ⅵ.Cases in which the handling of individual number is necessary for the protection of the life, body, or property of an individual.
  • When Company changes the purpose for which the personal data is used, Company shall, in advance, notify the person of the content of the change or put it in a readily accessible condition for the person. (excluding the above (1)~(4))
  • Company will not disclose personal information to any third parties without seeking Person’s prior consent. (excluding the above (1)~(4))
  • Company will not share and use personal information with a third party without Person’s prior consent.
  • Company may outsource a part of Company’s job so that Company provides better service to Company’s customer. On this occasion, Company may entrust personal information and individual number to the outsourcing contractor. Company will select the outsourcing contractor which Company can choose according to Company’s selection policy, make a contract including the protection of information, and manage and/or supervise the outsourcing contractor seriously.
  • Company will respond to requests from Person or Person’s representative pertaining retained personal information to disclose, correct, add to, delete, halt or erase utilization, halt provision to a third party (collectively referred to hereafter as “Disclosure etc.”). When requesting Disclosure etc., specify items subject to Disclosure etc. and follow the procedure below or the procedure separately designated by the party Person is issuing the request to for Disclosure etc.

<Disclosure Request Procedure of the personal information>

Those who may request Disclosure etc. Person, Person’s legal representative, or Person’s mandatary
Procedure Prepare the required documents below and send to Request Contact.
Required Document
  • Request for Disclosure etc. (in any format; must include specification of requested content, your name, address, and telephone number.)
  • Identity verification (A copy of a document issued by an official agent, such as a driver license, resident card, or passport)

    If request is being issued by a legal representative or mandatary, the following documents must also be attached.

  • Document to confirm power of attorney:

    <If legal representative>Copy of a document to confirm legal power of attorney, such as a family register

    <If mandatary>A letter of proxy (with your registered seal) and your seal registration certificate (issued within the last three months)

  • Document to verify the identity of the representative (A copy of a document issued by an official agent, such as a driver license, resident card, or passport)
Fee None(however, cost and expense to send the document regarding request for Disclosure etc. shall be borne by a requester.)
Request Contact. Attn; Head of administrating personal information, FRONTEO, Inc.
2-12-23, Konan, Minato-ku, Tokyo, 108-0075, Japan
Other precautions

<Precautions regarding Person’s identity verification documents and document to confirm power of attorney>
Please black out any listed information about registered domicile, medical records, etc. before sending by post.

<Cases in which Disclosure etc. cannot be accommodated>
Please note that Company cannot accommodate requests for Disclosure etc. in the following cases. Should this occur, Company will advise so and specify the reason.

  • When Company cannot confirm that the person requesting Disclosure etc. of retained personal information is Person or its representative
  • When the information subject to the Disclosure etc. request does not qualify as retained personal information
  • When there is danger of harming Person or a third party’s life, health, property, or other rights and interests
  • When there is risk of significant interference in appropriate execution of Company’s operations
  • When this will result in violation of other laws

<Purpose of utilization of personal information obtained through Disclosure etc. requests>
Personal information obtained through Disclosure etc. requests will be handled only as needed for Disclosure etc. Submitted documents will not be returned. Company will appropriately manage and dispose the documents after completing our response to the request for Disclosure etc.

  • To maintain the accuracy of personal data, Company shall strive to manage to personal information and individual number strictly and make them as up-to-date, within the scope of the utilization purpose.
  • Handling of personal information and individual number provided from our customers is in compliance with applicable laws and regulations regarding personal information held by Company. Company continues, at all times, to review and improve its handling of personal information.
  • Please contact the below for complaints and inquiries regarding handling of personal information and individual number by Company.
Attn; Head of administrating personal information, FRONTEO, Inc.
2-12-23, Konan, Minato-ku, Tokyo, 108-0075, Japan
Phone: +81-(0)3-5463-6344
Business hours (Japan Time): 10:00 AM to 5:00 PM; closed Saturdays, Sundays,
national holidays, and holidays designated by Company

Company’s services may require Company’s customers to allow Company to handle critical data besides personal information and individual number. The following preventive measures accompany critical processes such as e-discovery and advanced forensics services:

  • Only authorized personnel are allowed within some purpose-built Labs for data-analysis (including the Forensics Lab and e-discovery Lab, hereinafter “Lab”).
  • Biometrics authentication systems are set up at entry and exit points of the Lab, which logs all entry and exits.
  • Surveillance Cameras are set up in the Lab. The surveillance cameras record and preserve any event of anyone entering or leaving the Lab or accessing the Server or PC terminals.
  • The integrity of Data Acquisition from the HDD of in-house PCs are done through Company’s forensics hardware, eliminating the possibility of human misappropriation of data.


Privacy Policy for Residents of the EEA

Concerning handling of personal information of residents within the European Economic Area (“EEA”) where the European Union’s General Data Protection Regulation (“GDPR”) is applied, this “Privacy Policy for Residents of the EEA” (the “Privacy Policy”) shall be applied in addition to the Company’s “Privacy Policy.” In the event of conflict or inconsistency between the Company’s Privacy Policy and the Privacy Policy, stipulations of the latter shall prevail.

  1. Term definitions

    The definitions of terms used in the “Privacy Policy” are as stated below.

    • Applicable Laws and Regulations on Privacy

      Applicable laws and regulations on privacy including the European Union’s General Data Protection Regulations (“GDPR)” and relevant acts for enforcement in respective countries

    • EEA

      The member states of the European Union and other contracting parties to the Agreement on the European Economic Area (“EEA”)

    • The Company

      FRONTEO, Inc.
      2-12-23, Konan, Minato-ku, Tokyo

    • Personal Data

      Any information that can directly or indirectly lead to identifying an identified or identifiable natural person (“Website User”) by reference to an identifier related to the Website User such as a name, an identification number, location data, an online identifier or to one or more factors

    • Processor

      A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller

    • Controller

      A natural or legal person, governmental authority or agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data

    • Third Party/Parties

      A natural or legal person, public authority, agency or body other than the Website User, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorized to process Personal Data

    • Restriction of Processing

      The marking of stored Personal Data with the aim of limiting their processing in the future

    • Processing

      Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction

    • Profiling

      Any form of automated processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements

    • Consent of the Person

      Any freely given, specific, informed and unambiguous indication of the Website User’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her

    • The Company’s Website

      https://www.fronteo.com/global/

  2. Scope of the Privacy Policy
    • a.The Privacy Policy applies to every use of the Company’s Website by its users and the processing of Personal Data via the Company’s Website to which the Applicable Laws and Regulations on Privacy shall be applied. The Company is the Controller for such processing.
    • b.The Company’s Website may include information of the Third Parties (for example hyperlinks, banners, etc.). The Company does not control such information of the Third Parties and is not responsible for their compliance with the Applicable Laws and Regulations on Privacy. The Company asks the Company’s Website Users to read carefully the privacy policies of the third-party websites you are visiting.
  3. The utilization purposes of Personal Data the Company acquires or holds as well as the basis for lawful handling based on the European Union’s General Data Protection Regulation (“GDPR”) are as follows:
    • a.Customers: To conduct business with the Company and for the Company to conduct business correspondence. The information shall be that based on the Consent of the Person(Article 6 paragraph 1 (a) of GDPR)or legitimate interests (Article 6 paragraph 1 (f) of GDPR )
    • b.To respond to inquiries by the Person. The information shall be that based on the Consent of the Person (Article 6 paragraph 1 (a) of GDPR) or legitimate interests (Article 6 paragraph 1 (f) of GDPR)
  4. Personal Data to be collected

    The Company may acquire the following Personal Data from the Company’s Website Users.

    • a.Name and address
    • b.Email address
    • c.User’s name and password
    • d.IP address
    • e.Cookie
    • f.Information related to employment and resume

    The Company shall not collect sensitive Personal Data such as information on passport and health data via the Company’s Website, except as specified in the Applicable Laws and Regulations on Privacy.

  5. Purposes of processing data

    The Company shall collect Personal Data in cases when the Company’s Website User performs the following acts. As indicated in the Privacy Policy, the Company shall carry out processing of Personal Data only when it is in compliance with the Applicable Laws and Regulations on Privacy.

    • a.Cases of registering on the Company’s Website
    • b.Cases of submitting an application to recruitment via the Company’s Website
    • c.Cases of other use of the Company’s Website

    The Company shall acquire and carry out processing of Personal Data solely for the following purposes.

    • d.Customers: to carry out contracts or to respond to requests from the Company’s Website Users made before concluding contracts
    • e.Customer service: to respond to inquiries related to products and services; to inform important information and to address complaints
    • f.Marketing: to send notifications related to the Company’s products, services or events; to conduct surveys, to send out prizes of campaigns, etc.
    • g.Shareholders: to ensure exercise of rights as shareholders; to contact or respond to inquiries or to send IR materials
    • h.Applicants for a job opening: to convey information on job openings to those who wish to receive such information; to evaluate and decide on candidates
  6. Transfer to a third country

    When the Company provides Personal Data to a company under the Company, an outsourcing contractor or a business partner, there may be cases where the provision is accompanied with the transfer of Personal Data to outside the EEA. The Company shall limit transfers of Personal Data to third parties located outside the EEA to cases falling under the following circumstances.

    • a.Transfer to a country which the European Commission has determined has adequate standards for protection on Personal Data (Article 45 of GDPR)
    • b.Transfer to a counterparty with whom the Company has contracted a data transfer contract that contains standard contractual clauses designated by the European Commission (Article 46 paragraph 2 of GDPR)
    • c.Transfer falling under exceptional reasons specified in Article 49 paragraph 1 of GDPR
  7. Retention period

    The Company shall retain Personal Data over an appropriate period determined based on relevant laws and regulations. The Company shall erase in an appropriate manner Personal Data of which the concerned retention period has passed and for which retention is no longer necessary based on company rules.

  8. Alteration of registered information

    In the case the Company receives a request to disclose, correct, add to, delete, halt or erase utilization of Personal Data, the Company shall respond to such a request in an appropriate method after confirming that the request is from the Person or a person entrusted by the Person.
    (Described in<Disclosure Request Procedure of Personal Information> of the Company’s Privacy Policy)
    Inquiries related to the foregoing request and Personal Data will be taken at the respective points of contact. In the case the responsible point of contact is unknown, please make an inquiry to the following:

    Attn; Head of administrating personal information, FRONTEO, Inc.
    2-12-23, Konan, Minato-ku, Tokyo, 108-0075, Japan
    Phone: +81-(0) 3-5463-6344
    Business hours (Japan Time): 10:00 AM to 5:00 PM; closed Saturdays, Sundays, national holidays, and holidays designated by the Company

    In addition to the indicated requests on items, residents of the EEA can submit requests on the following items concerning his/her own Personal Data.

    • Disclosure (access)
    • Rectification
    • Erasure
    • Restriction of handling
    • Data portability
    • Complaint
    • Withdrawal of consent
  9. Lodging a complaint with a supervisory authority

    Residents of the EEA hold the right to lodge a complaint with a competent supervisory authority (can be confirmed below) concerning the processing of his/her own Personal Data.
    http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

  10. Contact of data protection officer

    Attn; Data Protection Officer, FRONTEO, Inc.
    2-12-23, Konan, Minato-ku, Tokyo, 108-0075, Japan
    dpo@fronteo.com