Personal Information Protection Policy

Our company provides system integration, IT services, and information security services to support our customers' business foundations. In these businesses, we believe that realizing mechanisms for protecting information that supports our customers' businesses and providing computer systems and software that our customers can use with confidence are of utmost importance.

To ensure the strict handling of all personal information (including personal information, personal-related information, pseudonymized information, or anonymized information) entrusted to us by our customers in the course of our Personal Information Protection Policy activities, we have established this Personal Information Protection Policy as a code of conduct to be observed by our officers and employees, and we will strive to ensure its thorough compliance.

1. Acquisition, use, and provision of personal information

When acquiring personal information, our company will clearly state the purpose of use, obtain the individual's consent, and acquire the information through lawful and fair means, except for the exceptions stipulated by the Personal Information Protection Act.

The personal information we collect will be used and provided appropriately within the scope of its intended purpose.

If we use or provide personal information beyond what is necessary to achieve the stated purpose, we will obtain the individual's consent again.

Furthermore, when creating pseudonymized and anonymized information, our company will process personal information in accordance with the standards stipulated by law. Pseudonymized and anonymized information that we create or receive will be used lawfully, with security management measures equivalent to those for personal information in place.

Please note that you may refuse to provide your personal information at your own discretion. In this case, you may suffer disadvantages, such as the inability to achieve the purpose of use. Thank you for your understanding.

2.Compliance with laws and regulations, national guidelines, and standards concerning personal information, etc.

We will ensure that our employees comply with laws and regulations, national guidelines, and other standards applicable to the protection of personal information, etc., when handling personal information, etc. We will also ensure that our personal information protection management system complies with such laws and regulations, national guidelines, and other standards.

3. Safety measures applied to personal information and personal data

We will strictly manage personal information and personal data, and take the following measures to prevent and mitigate various risks including leakage, loss, and damage of or to such information.

(Organizational safety management measures)

We have established a personal information management system, appointed a person responsible for handling personal information and personal data, and, when acquiring personal information from websites, etc., we will clearly indicate the source of that information on the specific web page from which the personal information is acquired. In addition, we have established rules regarding the handling of personal information and personal data (acquisition, protection/storage, outsourcing/provision, disposal), and have established a system to ensure that all officers and employees comply with them.

Furthermore, in order to maintain the effectiveness of our management system, we have established a system that involves regularly conducting internal audits and external reviews to ensure continuous improvement.

(Human safety management measures applicable to employees)

Our Rules of Employment include provisions on confidentiality obligations regarding personal information and personal data, which employees are required to comply with. In addition, we provide regular training to employees on issues involved in the handling of personal information and personal data.

(Physical safety management measures)

Even in areas where personal information and personal data are handled, measures are taken to prevent unauthorized persons from viewing personal information and personal data, and measures are taken to prevent theft or loss of devices, electronic media, documents, etc. that handle personal information and personal data. In addition to taking measures to prevent personal information and personal data from being easily revealed when carrying such equipment, electronic media, etc., including when moving within the office.

(Technical safety control measures)

In order to prevent information leaks due to unauthorized access, etc., we have taken measures such as controlling access to information systems that handle personal data, and introducing technical measures such as countermeasures against unauthorized software and encryption.

(External environment study)

When storing personal information and personal data outside Japan, we will implement safety management measures after fully familiarizing ourselves with the policies related to personal information protection in the relevant country.

4. Provision of personal data to third parties

As a general rule, our company will not provide personal data we have acquired to third parties without the consent of the individual concerned. We will only provide such data with the individual's consent.
However, in the following cases, personal data may be provided without the individual's consent:

(1) When disclosure is required by law.
(2) When necessary to protect the vital interests of persons (including legal entities), such as life, health, and property.
(3) When it is particularly necessary for the improvement of public health or for the sound upbringing of children who are still in the process of physical and mental development.
(4) When it is necessary to cooperate with a national or local government agency or an entity entrusted by them in carrying out duties prescribed by law.

Furthermore, we may provide statistical data in which information has been processed in a way that does not identify individuals. However, in the following cases, the recipient of such personal data shall not be considered a third party.

(1) When entrusting the work to a third party based on our purpose of use.
(2) When personal data is provided in connection with the succession of a business due to a merger or other reasons.

5. Entrustment of personal data

When we are to use personal data via entrustment to a third party, we shall select a company that meets the personal information management standards stipulated by us, and only provide data after concluding a confidentiality agreement with that third party. We will also exercise appropriate supervision over the entrusted party.

6. Acquisition of information related to personal information on websites

We collect information related to personal information of users on our website in order to improve our services. Collected information will be used solely for usage analysis, compiling of reports to the site operator, and provision of other services.

Details of the collection method

• About Cookies
  Our website uses cookies.
  Cookies are a technology that allows websites to temporarily store information on your computer via your web browser and retrieve it later. You can refuse cookies through your browser settings, but in that case, some functions of our website may not be available.
  However, we cannot assume responsibility for the security of personal information on websites linked from this website. Regarding the protection of personal information on linked sites, please check the privacy policy and other relevant information on those sites yourself.

• Using Google Analytics
  Our website uses Google Analytics to understand how our users are using our website.
  Google Analytics uses cookies to collect, record, and analyze how you use our website.
  For information regarding Google Analytics, please refer to the Google Analytics Terms of Service and Privacy Policy.

< Google Analytics Terms of Service >
< Google Analytics Privacy Policy >

7. Handling of requests for disclosure, correction/deletion, complaints and consultations regarding handling, and inquiries regarding this policy.

Our company has established the following contact points and will respond sincerely and promptly to requests regarding personal information and personal data held by our company (requests for notification of purpose of use, disclosure, correction/addition/deletion, suspension/erasure of use, suspension of provision to third parties, and disclosure of records of provision to third parties), complaints and consultations, and inquiries regarding this policy, to a reasonable extent.

Focus Systems Corporation
Personal Information Inquiry Desk
141-0022
Focus Gotanda Building, 2-7-8 Higashi-Gotanda, Shinagawa-ku, Tokyo
TEL: 03-5421-7785 FAX: 03-5421-3201
E-mail: PrivacyMark@focus-s.com

8. Continuous improvement of our personal information protection management system

We will continuously aim to improve our personal information protection management system in line with changes to the environment surrounding us and the information that we handle.

Established June 1, 2004
Revised March 30, 2018
Revised March 7, 2022
Revised January 29, 2024
Revised April 1, 2026

President Keiichi Mori