HOME > 
Privacy Policy

Privacy Policy

Policy on the Protection of Personal Information

NTT Advanced Technology Corporation, as a Value Partner that constantly evolves with its customers, provides ICT (Information and Communication Technology) services and products, and solves various problems for society and customers through “Clearing the way for the future and moving it in a big way by multiplying the strength and technology.”  In order to realize a fulfilling and healthy advanced information communication society, we have adopted this Policy on the Protection of Personal Information based on the philosophy of respect for individuality. Therefore we strive to protect personal information appropriately.  Please take note that this policy does not cover “Individual Numbers” and “Specific Personal Information” under the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures” of Japan.

  1. We will collect, use and provide Personal Information appropriately.
    1. When we collect personal information, we will clearly define the purpose of use of Personal Information, and conduct collection by lawful and fair means to the extent necessary to achieve the defined purpose.
    2. Use and provision of Personal Information will be conducted within the scope of the predetermined purpose of use, in compliance with regulations under the Act on the Protection of Personal Information.
  2. We will manage Personal Information safely and appropriately, take necessary and appropriate measures to prevent unauthorized access to Personal Information, as well as loss, destruction, falsification or leakage of Personal Information, and make further improvements.
  3. We will comply with the laws, regulations, guidelines established by the government and other standards concerning the handling and protection of Personal Information.
  4. We will respond appropriately to complaints and inquiries about the protection of Personal Information.
  5. In order to ensure the protection of Personal Information, we will develop and operate a Personal Information protection management system and improve the system on an ongoing basis.

Enacted January 1, 2005
Revised June 17, 2022
NTT Advanced Technology Corporation
Representative Director, President and CEO

Tadashi Ito
Tadashi Ito

 

* For information on the handling of Personal Information, please refer to “5. Contact point for inquiries about the handling of Personal Information and for complaints to be filed” in the privacy statement below.
* For the handling of “Individual Numbers” and “Specific Personal Information” under the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures”, please refer to “Policy on the Protection of Specific Personal Information”.

Privacy Statement

NTT Advanced Technology Corporation (hereinafter referred to as the “Company”) publish this Privacy Statement in accordance with the Act on the Protection of Personal Information of Japan.  Please take note that this Privacy Statement does not cover “Individual Numbers” and “Specific Personal Information” under the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures” of Japan, unless otherwise specified.

1. Purpose of Use of Personal Information

Business activities of the Company are as follows.

  1. Total Solution Business
    Systems integration, network integration, and related software and service developments, etc.
  2. Smart Community Business
    Town development, disaster prevention, smart energy, and related software and service developments, etc.
  3. Security Business
    Security services, maintenance, and sales of related products, etc.
  4. Cloud and IoT Business
    Cloud and IoT services, maintenance, and sales of related products, etc.
  5. AI x Robotics
    RPA, etc.
  6. Global Business
    Network and media application products and their maintenance, optical product and development, cutting edge material development and analysis, environment management, etc.
  7. Intellectual Property Business
    IPR (patent and trademark) research, analysis, management, and training, etc.

(1) Purpose of use when acquiring Personal Information directly through documents, e-mail or website, etc.

  1. Purpose of delivering products and services to customers (hereinafter referred to as the “Customer”), and the purpose of informing Customers about after-sales services, product upgrades, the latest information, and new services in the above business.
  2. Purpose of answering to Customer inquiries, delivering services such as product introductions, information of exhibitions and seminars.
  3. Purpose of distributing e-mail magazines
  4. Purpose of use for recruitment activities

In the event if Personal Information is acquired directly through document or otherwise for a purpose other than the above, the purpose of use shall be clearly indicated on a case-by-case basis.

(2) Purpose of use when acquiring personal information by means other than such stated in (1) above

  1. Purpose of delivering products and services to Customers and the purpose of informing Customers about after-sales services, product upgrades, the latest information, and new services in the above business.
  2. Purpose of ensuring security of the Company and the purpose of managing visitors and purpose of visits by using images obtained with security cameras.
  3. Purpose of accurately identifying Customer inquiries by recording the contents of calls at the Product Inquiry Center.
  4. Purpose of handling personal information in connection with the execution of entrusted business.
  5. Purpose of responding to inquiries from Customers, introducing products and services, and providing information on exhibitions and seminars, etc., in the event that applicant information, such as information of applicant of seminars sponsored by other companies , are provided.

2. Personal Information to be Shared

In the event of joint use of Personal Information held by the Company with a specific party, the following matters shall be notified to the Customer in advance.

  1. Joint use of personal information
  2. Items of Personal Information to be jointly used
  3. Scope of joint users
  4. Purpose of use by joint users
  5. The name and address of the person who is responsible for the management of the Personal Information to be used jointly, or the name, address and representative’s name of the party which is responsible for the management of the Personal Information to be used jointly 

In the case of changing the contents of items 1 through 4 after notifying the Customer of the above items, the Company shall inform the Customer to that effect in advance. Also, in the case of changing the contents of item 5, the Company shall inform the Customer to that effect without delay.

Joint use of information related to procurement related business partners

The Company will jointly use information related to procurement related business partners.
For more information, including purpose and scope, please refer to the website of Nippon Telegraph and Telephone Corporation.
Please check here.
https://group.ntt/en/protection/partners_procure.html

3. Provision of Personal Information to a Third Party

The Company will properly manage the Personal Information of the Customer in the Company’s possession and will not provide it to any third party without obtaining the prior consent of the Customer.  Provided, however, that the following cases shall be excluded:

4. Procedures for Disclosure of Personal Information

Personal Information and Specific Personal Information of the Customer held by the Company that is subject to disclose, that is subject to correction (correction, addition, or deletion), or that is subject to suspension of use (suspension of use, deletion, or discontinuation of provision to a third party) under the Act on the Protection of Personal Information, and record of provision to a third party shall be disclosed, corrected, or suspended of use (hereinafter referred to as "Disclosure, etc.") upon the request of the Customer or his or her agent.

(1) Documents required for requests for Disclosure, etc.

When requesting Disclosure, etc., please download the following requesting document, complete all the required information, enclose the required documents, and send them by mail to the mailing address stated in (2) below.

(2) Mailing address

NTT Advanced Technology Corporation
Information Security Department Executive Manager

Tokyo Opera City Tower, 3-20-2,
Nishi-shinjuku, Shinjuku-ku, Tokyo, 163-1436, Japan

(3) Fees

(4) Method of Answering Requests for Disclosure, etc.

A written reply will be mailed or e-mailed, according to the Customer’s preference, to the address of the person indicated on the requesting document.  When requested by an agent, it will be mailed or e-mailed, according to the agent’s preference, to the address of the agent. It may not be able to respond in the preferred method, depending on the content of the response, etc.

(5) Handling of Personal Information Acquired in Relation to a Request for Disclosure, etc.

Personal information acquired in relation to a request for Disclosure, etc. shall be handled only to the extent necessary for the purpose of meeting a request for Disclosure, etc.  Documents submitted shall be retained and disposed of for two years from the end of the fiscal year (April to March following) in which the response is completed.

(6) Events of Failure to Meet Requests for Disclosure, etc.

In the following cases, the Company may not comply with requests for disclosure, etc.

5. Contact Point for Inquiries about the Handling of Personal Information and for Complaints to be Filed

(1) If the Customer has an inquiry about the handling of Personal Information and Specific Personal Information of the Company, please fill out the form below.  The Company would appreciate the Customer’s understanding as the Company is unable to accept the Customer’s offer to visit the Company directly.

Contact point:

Executive Manager
Information Security Department
NTT Advanced Technology Corporation

Tokyo Opera City Tower, 3-20-2,
Nishi-shinjuku, Shinjuku-ku, Tokyo, 163-1436, Japan

Inquiry form regarding Privacy Policy

* Please refer to "4. Procedures for Disclosure of Personal Information" for disclosure procedures.

(2) The "Accredited Personal Information Protection Organization" Dealing with Complaints against the Company is as Followed.

  1. Accredited Personal Information Protection Organization
    Personal Information Protection Consultation Service Office (JIPDEC)
  2. Contact point
    JIPDEC
    Personal Information Protection Consultation Service Office
    Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo, 106-0032, Japan
    Tel: +81 3-5860-7565
    Toll free number: 0120-700-779 (calls from within Japan only)

6. About Measures for Safety Management

In handling personal information, the Company will take appropriate measures for organizational, personnel, physical, and technical security management, and grasp the external environment properly.

  1. Measures for organizational security management
    The Company has established an organizational management system that includes each committee and management representative for each organization, the development of internal rules, the preparation of statements such as management ledgers and process management charts, and further continuous improvement.
  2. Measures for personnel safety management
    All employees who handle personal information, whether directors, employees, or temporary workers, are informed and educated about the importance of protecting personal information, and are required to sign confidentiality agreements as well as necessary audits and supervision are performed to ensure the effectiveness of such protection. In addition, when outsourcing the handling of Customers' personal information, the Company will ensure that the outsourced company (including subcontractors, etc.) is not entrusted with the handling of personal information. If any improvement is necessary, the Company will promptly request such improvement. If no improvement is done, the Company will take necessary measures such as changing the outsourced party, to strictly deal with the situation.
  3. Measures for physical security management
    Measures are taken to control access to buildings and floors where personal information is handled, to prevent theft, to prevent damage to Customers' personal information due to fire, lightning, etc., and to keep systems and documents under lock and key when they are taken out of the building, transported, or stored.
  4. Measures for technical security management
    The Company will take technical management measures such as access control including authentication, authority management, control and recording when accessing personal data, protection of system against unauthorized software and viruses, encryption and clarification of responsibilities during transfer, transmission and reception, and monitoring of information systems.
  5. Grasp of external environment
    When handling Customers' personal information in a foreign country, the Company will take appropriate measures after having grasped the systems for the protection of personal information in that foreign country.

7. About Anonymously Processed Information / Pseudonymously Processed Information / Personally Referable Information

(1) Anonymously Processed information

The Company may process the Customer’s personal information into anonymously processed information ("anonymously processed information" as defined in the Personal Information Protection Law, hereinafter the same shall apply) or statistical information, which is processed in such a way that the individual Customer cannot be identified, and may use this. When the Company create anonymously processed information based on the Customer’s personal information, the Company will create anonymously processed information by generalizing the information by deleting data items or replacing them with random character strings so that they cannot be recovered. The Company will handle the anonymously processed information appropriately within the scope of the purposes of use described in this Privacy Statement in compliance with laws, national guidelines, and other norms regarding the handling of personal information protection.

(2) Pseudonymously Processed Information

The Company may process the Customer’s personal information into pseudonymously processed information ("pseudonymously processed information" as defined in the Personal Information Protection Law, hereinafter the same shall apply), which is processed in such a way that the individual Customer cannot be identified, and may use this. When the Company creates Processed Pseudonymously processed Information based on the Customer’s personal information, the Company will create it by generalizing the information by deleting data items or replacing them with random character strings so that individuals cannot be identified unless they are matched with other information. The Company will handle the pseudonymously processed information appropriately within the scope of the purposes of use described in this Privacy Statement in compliance with laws, national guidelines, and other norms regarding the handling of personal information protection.

(3) Personally Referable Information

The Company may obtain the Customer’s personally referable information ("personally referable information" as defined in the Personal Information Protection Law, such as Cookies, IP address, website browsing history, location information, hereinafter the same shall apply), and may use this. The Company will handle the personally referable information appropriately within the scope of the purposes of use described in this Privacy Statement in compliance with laws, national guidelines, and other norms regarding the handling of personal information protection. The personally referable information obtained in the Company’s website shall be handled following “(2) – (4) in 8. About using the Company’s website”.  

8. About using Our Website

(1) Collection of Personally Identifiable Information

When using NTT Advanced Technology website (hereinafter referred to as "the Company’s Website"), the Customer may be requested to provide personally identifiable information (hereinafter referred to as "PII") to the Company’s Website.  PII here includes the Customer’s name, home address, email address, telephone number, and so on.  It is up to the Customer to decide whether to provide PII to the Company’s Website or not.  However, if the Customer denies providing some kind of PII, the Customer may not be able to view certain promotional or merchandise information.

(2) Collection of Non-Personally Identifiable Information

When using the Company’s Website, the Customer may be requested to provide information that is not personally identifiable (Non-Personally Identifiable Information).  For example, the Customer’s age, occupation, zip code, taste/habit information, behavioral tendency, and so on.  This information includes the type of browser and operating system the Customer is using, the domain name of the original site when the Customer links into the Company’s Website, and the order in which the Customer browses the Company’s Website.

(3) Cookie, etc.

The Company collect access logs using Cookie as well as Personal Information in order to grasp Customer usage trends and measure the effectiveness of advertising.  In addition to the accessed URLs, items such as IP addresses, web browser types, domain names, etc. are collected as the access logs.  In addition, the Customer's action history may be obtained when the Customer clicks on a URL or the like written in the email, or when the Customer clicks on image data.

(4) Obtaining Information from Google Analytics

The Company’s Website uses Google Analytics, a service provided by Google, to monitor accesses to the Company’s Website.  Google Analytics uses Cookie to gather access-information.  This access-information is gathered anonymously and does not identify an individual.  Please refer to the terms of service and privacy policy of Google Analytics for more information.

If the Customer wants to disable Google Analytics gathering, the Customer can opt-out by using Google Analytics Opt-out Browser Add-on provided by Google.

9. Processing of Resident Data in EEAs (GDPR Privacy Policy)

The Company process personal data of Customers to whom those regulations apply in accordance with the General Data Protection Regulation 2016/679 (hereinafter referred to as "GDPR") and the applicable EU and EU/EEA Member states’ regulations on data protection (hereinafter referred to as "Users").  This policy explains how the Company, as the data controller, process personal data of Users.

(1) Protection and Management of Personal Data

The Company collects personal data such as the IP address of Users to the extent necessary for the smooth operation of the services provided at the Company’s Website (providing information on the Company’s Website, accepting User’s inquiries on products and services of the Company, etc.).  The Company processes personal data in a lawful and fair manner.

(2) Personal Data to be Collected

The Company collects the following personal data concerning Users of the Company’s Website.

(3) Legal Bases for Processing / Purposes of Processing Personal Data

The Company processes personal data of Users in accordance with the GDPR and data protection laws of EEA member states.  In principle, the Company will process personal data based on the following legal bases for each purposes of processing:

Purposes of processing Categories of personal data
For access analysis in the Company's Website and for security measures of the server on which Our Website is operated Access logs to the Company's Website (IP address, browsing behavior, etc.)
To respond to the comments (product inquiry, etc.) entered to the Company's Website  Information entered to the Company's Website (name, email address, and other registration information) on the product inquiry reception form, etc.
To respond to opinions and inquiries entered to the Company's Website Information related to opinions and inquiries (name, email address, and other registration information) when Users entered opinions or inquiries to the Company's Website.
Purposes of processing Categories of personal data
To respond to the comments (product inquiry, etc.) entered to the Company's Website Information entered to the Company's Website (name, email address, and other registration information) on the product inquiry reception form, etc.
To respond to opinions and inquiries entered to the Company's Website  Information related to opinions and inquiries (name, email address, and other registration information) when Users entered opinions or inquiries to the Company's Website.
Purposes of processing Categories of personal data
To respond to the comments (product inquiry, etc.) entered to the Company's Website Information entered to the Company's Website (name, email address, and other registration information) on the product inquiry reception form, etc.
To respond to opinions and inquiries entered to the Company's Website Information related to opinions and inquiries (name, email address, and other registration information) when Users entered opinions or inquiries to the Company's Website.

(4) Refusal to Provide Your Personal Data

When viewing the Company's Website, it is necessary to provide Users’ personal data to a certain extent.  If personal data cannot be provided, Users may not be able to receive all or part of our services.

(5) Transfer of Personal Data

  1. In order to achieve the objects described in this chapter, the Company may share and disclose Users’ personal data to the Company’s affiliates and third parties in accordance with the GDPR.
  2. In compliance with EU and EU/EEA member states’ laws and regulations, personal data may be shared and disclosed to the parties to whom ordered by such laws and regulations and to the parties to whom the Company reasonably deems it necessary. 
  3. In the event of a merger, reorganization, acquisition, joint venture, transfer, division, assignment or sale or disposition of all or any part of the Company's business (including in connection with bankruptcy or other similar proceedings), the Company may transfer all relevant personal data to third parties.
  4. The Company may disclose personal data if the Company determines that disclosure is reasonably necessary for the protection of rights of the Company, the pursuit of possible remedies, the investigation of misconduct, or the protection of Users or of business of the Company.

(6) Transfer of Personal Data to Third Countries outside the EU

All personal data processed by the Company to achieve the objects set forth in this Privacy Statement are transferred to and stored in Japan.

(7) Retention Period for Personal Data

The Company preserves Users’ personal data for up to five years.

(8) Rights of Users

  1. With respect to personal data processed by the Company, Users have the following rights.
    Right of access by Users (Article 15 of the GDPR)
    Users shall have the right to obtain from the Company confirmation as to whether or not personal data concerning Users are being processed, and, where that is the case, access to the personal data and certain related information.
    Right to rectification and erasure (Articles 16 and 17 of the GDPR)
    Users shall have the right to obtain from the Company without undue delay the rectification of inaccurate personal data concerning Users, and Users shall have the right to have incomplete personal data completed.  Users also have the right to obtain from the Company the erasure of personal data concerning Users without undue delay, if certain requirements are met.
    Right to restriction of processing (Article 18 of the GDPR)
    Users shall have the right to obtain from the Company restriction of processing of personal data, if certain requirements are met.
    Right to object (Article 21 of the GDPR)
    Users shall have the right to object to processing of personal data concerning Users, if certain requirements are met.
    Rights to data portability (Article 20 of the GDPR)
    Users shall have the right to receive the personal data concerning Users, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Company , if certain requirements are met.
    Rights not to be subject to automated individual decision-making (Article 22 of the GDPR)
    Users shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning Users or similarly significantly affect Users, if certain requirements are met.
  2. Where processing is based on consent, Users shall have the right to withdraw consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.  (Article 7(3) of the GDPR)
  3. If the user is a child below the age of 16, the consent must be given by the holder of parental responsibility over the child.  (Article 8 of GDPR)
  4. Users shall have the right to lodge a complaint with a supervisory authority on the processing of personal data relating to Users by the Company.  (Article 77 of the GDPR)

(9) Changes to this Chapter

The Company may change this Privacy Statement from time to time.  In the event of a substantial or material change, The Company will inform Users through the Company's Website, or by email notification to Users if necessary.

(10) Contact Point

For questions or inquiries regarding this chapter, please contact:

Contact point:

Executive Manager
Information Security Department
NTT Advanced Technology Corporation

Tokyo Opera City Tower, 3-20-2,
Nishi-shinjuku, Shinjuku-ku, Tokyo, 163-1436, Japan

Inquiry form regarding Privacy Policy

 

Enacted January 1, 2005
Revised April 1, 2023
NTT Advanced Technology Corporation
Representative Director, President and CEO

Tadashi Ito
Tadashi Ito
 
Share on Twitter Share on Facebook