1. Home
  2. About CRESCO
  3. Privacy Policy

Privacy Policy

 

Acquisition of Privacy Mark Certification

In June 2004, Cresco established a personal information protection program in compliance with JIS Q15001. Cresco was recognized by Japan Information Processing Development Corporation (JIPDEC) as a company that acts appropriately to protect personal information, and it was granted the right to display the Privacy Mark.

 
  protecting your PRIVACY  
Certification number: 11820262(07)
Acquisition date: June 16, 2004
Mark-granting organization: Japan Information Processing Development Corporation (JIPDEC)
Designated examining authority: Japan Information Technology Services Industry Association (JISA)
Renewal date: June 16, 2016
 

Personal Information Protection Policy (Privacy Policy)

Cresco Ltd. (hereinafter “Cresco” or “the Company”) uses personal information it has received for various purposes such as to develop better services or products that satisfy our customers or to market these services or products. In accordance with the Code of Management and Conduct for Compliance it has formulated, the Company responds to the trust bestowed on it by everyone who provides their personal information by appropriately managing and protecting personal information while ensuring that all persons engaged in the business operations of the Company are made to recognize the importance of protecting personal information.

1. Compliance with Laws, and Regulations, etc. for Personal Information

The directors, corporate auditors and all employees of Cresco Ltd., observe the laws and regulations, guidelines set by the Japanese government, and other rules relating to the handling of personal information.

2. Gathering, Use and Supply of Personal Information

In the gathering, use and supply of personal information, Cresco appropriately protects personal information while stating clearly its purpose by the scope that is necessary for business activities. In addition, Cresco takes measures to ensure that personal information is not used outside the scope of purpose.

3. Implementation of Safety Measures

To realize the appropriate protection of personal information, in addition to taking reasonable safety measures, Cresco conducts education and training and performs audits, etc. as a means of ensuring effectiveness. In the event that a breach does occur, Cresco takes prompt measures to rectify the situation.

4. Continuing Improvement of Personal Information Protection

To ensure that it takes legal and effective measures to protect personal information, Cresco continually revises and improves its management system for protecting personal information.

5. How Cresco Responds to Complaints and Inquiries

Cresco responds sincerely and promptly to complaints and inquiries regarding personal information.

[Handling of Personal Information]

(1) Gathering of personal information

  • In cases where personal information is provided directly, personal information will be collected only with the approval of each individual concerned, clarifying the purpose of its use and in a fair and legal manner.
  • Sensitive or potentially damaging information will only be gathered with the express permission of the individuals concerned or if required by legal or similar directives.
  • Although the personal information gathered will be kept in an accurate and updated condition, if changes occur with respect to the personal information already provided, it is left to the provider’s own judgment to provide updated information.
  • In addition, Cresco may gather personal information indirectly. Such personal information is information that has been publicly disclosed in a legitimate way such as by the Internet or disclosed in another way that makes it public knowledge. This personal information is also used within the scope of intended use only and is managed safely in the same way as personal information that Cresco has gathered directly.

(2) The Purpose and Intended Use of Personal Information

The purpose and intended use of collected personal information will be clearly stated and the information is used within the scope that is required to achieve this purpose. The main purposes and intended uses are as follows:

  • Carrying out business operations commissioned by customers
  • Various communications conducted as part of business operations (including responding to inquiries and requesting payment of service fees, etc.)
  • Exercising rights or fulfilling obligations of the Company based on contracts for the provision of products or services
  • Sending information (including sending email or email magazines, or sending direct mail) on products or services, etc. provided by the Company or by group affiliated companies*
  • Sending information (including sending email or email magazines, or sending direct mail) on seminars, exhibitions, presentations, etc., and various events held (sponsored/co-sponsored/supported) by the Company or by group affiliated companies*
  • Acceptance or communications regarding participant registration required as part of the operation of various events offered by the Company or group affiliated companies
  • Requests of questionnaire surveys for identifying market trends or customer needs
  • Confirmation of personal information of the employees or leased employees of business partners based on fulfillment of contracts
  • Responses to the exercise of rights of shareholders or fulfillment of the Company’s obligations based on the Companies Act or other relevant law or regulation
  • Human resources administrative work related to the employment of the Company’s employees (including retirees) and administrative work required for accounting and general affairs, etc.
  • Administration and recruiting activities related to individuals applying for employment
  • Health administration and contracting welfare programs, etc. of the Company’s employees
  • Other purposes for which prior agreement was obtained from the individual
* Group affiliated companies here and hereinafter refers to subsidiaries and affiliate companies.
・Subsidiaries
  • Cresco e-Solution Co., Ltd.
  • Cresco Wireless, Inc.
  • IOS Co., Ltd.
  • Cresco KYUSHU Co., Ltd.
  • CRESCO HOKURIKU, LTD.
  • C Three Co. Ltd.
  • Creative Japan, Ltd.
  • Media Magic Co.,Ltd.
  • N-System Corporation
・ Affiliate Companies
  • Wain Co., Ltd.
  • Buerger Consulting Inc.
  • LTS,Inc.
  • AIMS Co., Ltd.

(3) Disclosure and Supply of Personal Information to Third Parties

Cresco provides no personal information to any third party except in the following cases.
There are cases where Cresco outsources part of its business operations in order to conduct business smoothly. The personal information disclosed and supplied in such cases shall be the absolute minimum that is required and the scope of its use shall be limited. In addition, when selecting contractors to outsource to, Cresco carries out checks on potential contractors, and in addition to choosing contractors who fulfill the Company’s criteria, Cresco performs appropriate management and monitoring through safety management measures such as concluding a confidentiality agreement regarding the handling of personal information.

  • When Cresco already has consent of the individuals concerned
  • When disclosing or supplying statistical data that is stripped of information that could identify individuals
  • When based on laws or regulations
  • When Cresco carries out commissioned work to the extent necessary for the purpose and intended use
  • When a portion or entirety of customers’ personal information is jointly used to the extent of meeting the purpose and intended use
     ・ When jointly used with a Group affiliated company
        * In cases of joint use, the manager of personal informationprotection is
              Cresco Ltd.
     ・ When joint use is with a company that is not a Group affiliated company
  • In cases when the information is necessary to protect human life, safety or property and it is difficult to obtain permission from the individual.
  • When Cresco has made reasonable judgment that the information is necessary for the provision of another service.

(4) Safety Management Measures

  • Cresco establishes a promotion organization for personal information protection, and it appoints a personal information protection manager, as well as persons responsible for auditing personal information protection, providing education on personal information protection, handling inquires on personal information, and the operational units of personal information protection.
  • Cresco establishes internal company procedures that comply with rules and regulations related to personal information protection, the requirements of JIS Q15001 Personal Information Protection Management System, and industry guidelines.
  • Cresco conducts education and awareness promotion activities to ensure everyone knows the importance of personal information protection and the
    above-mentioned internal procedures.
  • While observing the requirements of the Personal Information Protection Management System, Cresco secures the safety of personal information by taking reasonable safety measures (including limiting access) and corrective measures for personal information.
  • Cresco takes an appropriate and reasonable level of measures to prevent unauthorized access, loss, destruction, alteration or leaking of personal information.
  • Encryption of communication
     ・ When individuals provide personal information, Cresco uses communication encryption technology such as SSL (Secure Sockets Layer) on the Company’s website to protect the personal information.
     ・ When the Company’s website is commissioned to third parties, Cresco only selects contractors who have cleared strict information security criteria including the PrivacyMark and ISMS.
     ・ In addition, Cresco has established systems that take care of individuals’ important information assets by methods such as regular vulnerability assessments conducted by a third party. In some cases, the Company’s website will deny access to a page when the browser does not support SSL or fulfill another security requirement.

(5) Requests for Disclosures, Revisions, Deletions and Termination of Use, etc.

  • When receiving requests from individuals relating to that individual’s personal information, such as requests for notification of purpose and intention of use, disclosure, revision, etc. (including corrections, additions, deletions), termination of use, etc. (including termination of use and removal), and termination of information provision to any third party, unless there is an appropriate reason for not being able to respond to a request, Cresco, after verifying the identity of the inquiring individual, endeavors to swiftly respond to such requests to an extent that is reasonable according to socially-accepted norms.
  • Cresco has established a point of contact for inquiries on the handling of personal information on its website.

(6) Ongoing Improvement of the Personal Information Protection Management System

  • Cresco implements and complies with the Personal Information Protection Management System, appointing a person responsible for each unit.
  • The Company also endeavors to improve the system continuously, using as reference the audit reports that are periodically conducted.

Formulated:October 1, 2003
Revised:July 1, 2005
June 22, 2006
January 7, 2008
August 1, 2008
October 1, 2011
January 1, 2012
April 1, 2012
September 1, 2012
December 14, 2012
April 1, 2013
May 1, 2013
February 1, 2014
April 1, 2014
July 2, 2014
December 26, 2014
April 1, 2015
October 1, 2015
April 1, 2016
August 4, 2016
September 1, 2016
September 26, 2017

CRESCO LTD.
President Hiroyuki Nemoto

[Inquiries Relating to the Privacy Policy]

Please use the contact below for any complaints/inquiries regarding personal information or requests regarding disclosures, revisions, termination of use or deletions, etc.

Name of business operator handling personal information   CRESCO LTD.
Personal information protection manager   Director   Hiroshi Tominaga

Contact for Personal Information

Shinagawa Intercity A-tower 26th Floor, 2-15-1, Kounan, Minato-ku, Tokyo 108-6026
TEL +81-3-5769-8011
FAX +81-3-5769-8019

Mail: kojin_madoguchi@cresco.co.jp

 

Return to page top