oRo

CLOSE

PRIVACY POLICY

Privacy Policy

We have developed the following policy regarding the protection of personal information, have established a management system for personal information protection (the Personal Information Protection Management System), and are carrying out activities to implement, maintain and improve it.

  1. Purpose of operating the Personal Information Protection Management system (purpose of personal information protection)
    We will handle personal information appropriately and strive to prevent personal information leakage accidents to maintain trust as a company.
  2. We will clearly define the purpose of use within the scope necessary for business execution and will acquire, use, and provide personal information appropriately.
  3. We will use acquired personal information only within the purpose of use, and will take measures to prevent it from being used for purposes other than the intended purpose, and will provide to a third party without the consent of the person, except when permitted by the Personal Information Protection Law and other related laws and regulations.
  4. We will take preventive measures with respect to unauthorized access to personal information, and the loss, destruction, falsification and divulgence thereof. Moreover, in the unlikely event that an incident involving any of the foregoing issues occurs, we will take prompt corrective measures.
  5. We will comply with laws and regulations, guidelines stipulated by the government, and any other rules that are applicable to personal information held by us.
  6. We will properly respond to your complaints and consultations concerning our handling of personal information.
  7. We will continually improve the personal information protection management system.

Established on April 1, 2006
Amended on January 21, 2025
Atsushi Kawata
CEO, oRo Co., Ltd.

Handling of Personal Information

Name of Representative, Business Name, Address

Atsushi Kawata
CEO, oRo Co., Ltd.
Meguro Suda Building, 3-9-1, Meguro, Meguro-ku, Tokyo, 153-0063

Person in Charge of Protection and Management of Personal Information

Company Name: oRo Co., Ltd.
Person in charge of the management: Head of Security Office
Location: Meguro Suda Building, 3-9-1, Meguro, Meguro-ku, Tokyo, 153-0063
Tel: 03-5724-7001

Purpose of Use of Personal Information

The purposes of use of personal information that we obtain are as follows. If we use personal information for any other purpose, we will clearly state the purpose of use when we acquire the personal information.

  1. (1) Personal information entered into our services (ZAC, Reforma PSA, and other services) and personal information entrusted to us by our customers as part of our outsourcing services
    • ・To execute and manage contracts for services and other business activities for which we are contracted to handle personal information in whole or in part as part of our services or outsourced operations
  2. (2) Personal information of the person in charge of customers who use our services
    • ・To manage the operation of our services
    • ・To provide client information to referral sources based on the person's request
    • ・To provide information and support regarding our services, and to respond to customer inquiries, complaints, disputes, and lawsuits
    • ・To provide information on services, products, events, seminars, etc. of the Company and its partner companies including the Company's group companies
    • ・To notify customers of changes to our terms and conditions, policies, etc. regarding our services
    • ・To manage the operation of campaigns, etc.
    • ・To perform tasks, communications, and procedures associated with the above, and to respond to inquiries
  3. (3) Other personal information related to our business partners
    • ・To select business partners, etc., to perform contracting procedures, to manage business partners, etc., and to perform related work
    • ・To provide information on services, products, events, seminars, etc. of the Company and its partner companies including the Company's group companies
  4. (4) Personal information acquired in connection with requests for information materials, email newsletters, applications for events, seminars, etc. sponsored by the Company or other companies
    • ・To manage and administer events, seminars, etc. (including providing participant information to co-sponsors and sponsors)
    • ・To provide information on services, products, events, seminars, etc. of the Company and its partner companies including the Company's group companies
    • ・To send or administer questionnaires, pay rewards, or send goods
  5. (5) Personal information provided by publicly available personal information and database providers, and personal information acquired through referrals from our service customers or business partners
    • ・To provide information on services, products, events, seminars, etc. of the Company and its partner companies including the Company's group companies
  6. (6) Personal information obtained when receiving inquiries, comments, etc.
    • ・To respond to inquiries, etc.
  7. (7) Personal information regarding applicants for employment with the Company and participants in recruitment activities
    • ・For our company's recruiting activities (communication, selection, and procedures for joining the company, etc.)
  8. (8) Shareholder Information
    • ・To manage shareholders in accordance with the Companies Act and other laws and regulations, to implement various shareholder policies, and to communicate with shareholders

Disclosure of Personal Information to Third Parties

Except as permitted under laws and regulations, we will not provide any of your personal information to any third party without your consent. If we expect to provide any of your personal information to any third party, we will ask your consent upon notifying you of the following information:

  1. a) Purpose of the provision to such third party;
  2. b) Items of your personal information to be provided;
  3. c) Measures or method of the provision;
  4. d) Type and characteristics of the person who will receive such information or the organization of such person; and
  5. e) Statement on the existence of a contract regarding the handling of personal information, if any.

Outsourcing of the Handling of Personal Information

We may outsource the handling of the personal information obtained from you to third parties within the extent necessary to achieve the purpose of use. We will select those third parties upon confirming that they have an adequate level of security regarding the handling of personal information, and shall conduct the necessary and appropriate supervision by way of contracts, etc.

Security Control Measures for Retained Personal Data

  1. a) Formulation of basic policy
    In order to ensure the proper handling of personal data, we have established the basic policies: "compliance with relevant laws and regulations, guidelines, etc." and "contact for inquiries and complaints."
  2. b) Development of disciplines related to the handling of personal data
    For each stage of acquisition, usage, storage, provision, deletion, disposal, etc., we have established rules regarding the handling method, the persons in charge, and their duties of handling personal data.
  3. c) Organizational security control measures
    In addition to appointing a person responsible for the handling of personal data, we have clarified the scope of personal data and the employees who handle these data. Also, we have established a system of reporting and contacting employees in the event of facts or signs of violation of laws and handling regulations.
  4. d) Personnel security control measures;
    We provide regular training to our employees regarding precautions of the handling of personal data.
  5. e) Physical security controls
    In the area where personal data is handled, we manage the entry and exit of employees and restrict the equipment they bring in, and take measures to prevent unauthorized persons from viewing personal data.
  6. f) Technical security measures
    Access control is implemented to limit the scope of the person in charge and the personal information database, etc. handled.
  7. g) Grasping the external environment
    When providing personal data to a third party in a foreign country, we will implement security control measures upon understanding the system protecting the personal information in the particular country and the management system of the third party.

Disclosure, Etc. of Disclosable Personal Information and Contact Information

Upon your request, we will
・Notify the purpose of use
・Disclose
・Correct
・Suspend use
・Erase
・Disclose third party provision records
・Suspend provision to third parties
(“Disclosure, etc.”) the personal information held by the company.

Requests for disclosure, complaints, and inquiries regarding the privacy policy is as follows:
Meguro Suda Building, 3-9-1, Meguro, Meguro-ku, Tokyo, 153-0063
Person in charge of the handling of personal information at oRo Co., Ltd.
Tel: 03-5724-7001 (main)
Hours of operation: Monday through Friday 10:00 a.m. - 5:00 p.m. (excluding Saturdays, Sundays, public holidays as well as the Japanese New Year holiday period)

Matters to be Noted When Entering Personal Information

It is optional for you to enter your personal information. However, if you do not enter your personal information, we may not be able to take an appropriate response.

Acquisition of Personal Information by Methods Not Easily Recognizable by Users

We use cookies only as system information necessary for you to browse pages and information used to identify you when you use the website. They do not contain any personally identifiable information.

In case of any inconsistency between the Japanese version and the English version in our website, the Japanese version prevails.