for Overseas Customers
- Management of Personal Data and Security Measures
- We keep your personal data that we collect accurate and up-to-date and do not allow unauthorized access to, loss, damage, alteration, leakage, or disclosure of your personal data. For this purpose, we have implemented the following security measures in view of the nature of personal data and the potential risks thereto:
- Establishment of Internal Data Protection Policies
To ensure proper and lawful processing of personal data, we comply with and ensure that our directors and employees comply with our internal data protection policies.
- Organizational Security Measures
We have implemented the following measures:
- We have appointed a person responsible for our processing of personal data;
- We have clarified the scope of employees who can access personal data and instituted limitations thereon; and
- We have established reporting systems to respond to security incidents immediately after they are recognized or detected.
- Personal Safety Control Measures
- We provide periodic training to our employees regarding information security and processing of personal data.
- We have established and implemented employment rules to ensure that our employees keep personal data confidential.
- Physical safety control measures
- We control the access of employees in order to prevent unauthorized access to personal data.
- We take appropriate measures to prevent theft or loss of any equipment, electronic media, or documents that contain personal data and to minimize the impact in the event of such theft or loss.
- Technical security control measures
- We always try to keep our systems updated in order to protect against unauthorized access.
- We continually acquire the latest security information, periodically assess security risks, and take appropriate measures against any known threat.
- Establishment of Internal Data Protection Policies
- Personal Data Collected
- Categories of Personal Data
We collect the following personal data about you for the purposes stated in Section 4:
- Customer Information
- Company name and address
- Position and title
- Email address
- Phone number
- Any other information that you provide to us when we seek business opportunities with you
- Information we collect on our website
- Device ID
- Operating system and internet connection-related information
- Referring URL
- IP Address
- URLs viewed and time stamps
- Other server log information
- Information we collect in operating Waf Charm (auto-optimization tool)
- IP address
- User agent
- Any other information that you provide to us in relation to the Services
- Customer Information
- Legal basis
We process your personal data when we obtain your consent or have a legitimate interest in using your personal data. When such legitimate interest is overridden by your interests or fundamental rights and freedoms, we ask you for your prior consent to our processing of personal data for specific purposes of use.
- Categories of Personal Data
- Purpose of Use
- We use personal data within the scope of the following purposes. When we need to use your personal data for any purpose not specified below, we obtain your prior consent thereto.
- To communicate with you for various purposes including direct advertising.
- To provide you with new product information or technical alerts.
- To keep you informed about our products, promotions and special offers, the processing of personal information.
- To respond to or address your requests, enquiries, complaints or feedback.
- To enhance our customer relationship management including, but not limited to, account management, confirmation of service usage status, etc.
- To inform you of our services or event information and proposals for cooperation through mail, telephone, email, fax, etc.
- To improve visitors' experiences on our website and develop our products.
- To carry out certain processing activities to comply with a legal obligation to which CSC is subject.
- Prohibition of Disclosure and Provision of Personal Data to Third Parties
- We will not disclose your personal data to any third party, except in the following cases:
- When you consent to our processing of personal data;
- When we have a legitimate interest in processing your personal data;
- When we need to disclose your personal data to perform our obligations under contracts we have entered into with you;
- When we outsource part of our business to a third party pursuant to appropriate security measures, including, but not limited to, executing a data processing agreement with such third party; and
- When we share customer information with (i) Cyber Security Cloud, Inc. (Japan) or (ii) Cyber Security Cloud Inc. (US). Provided, however, that Cyber Security Cloud Inc. (US) only processes customer information obtained in the European Economic Area and United Kingdom under the instruction by Cyber Security Cloud, Inc. (Japan). Cyber Security Cloud Inc. (US) may not determine the purpose and means of processing of such information at its own discretion.
- Transfer of Personal Data
- We may transfer your personal data to countries other than the country of your residence, where the laws and regulations may not provide the same level of the data protection as the country of your residence does. In such cases, we shall take appropriate security measures to ensure that receiving parties are bound by legally enforceable obligations to provide a standard of protection over the transferred personal data comparable to the standard of protection afforded under the laws and regulations of the country of your residence.
- Retention Period
- We will keep your personal data as long as necessary to fulfil the purposes of use described in Section 4.
- Inquiries about Personal Data
- You have the right to access, request the correction of, request the deletion of, request the limitation of the processing of, object to the processing of, and request the data portability of your personal data retained by us. For inquiries or complaints regarding the processing of your personal data, please contact us the following address:
JR Tokyu Meguro Building 13F, 3-1-1 Kamiosaki, Shinagawa-ku, Tokyo 141-0021, Japan
Cyber Security Cloud, Inc.
Email address: firstname.lastname@example.org
Our EU representative under the GDPR for the purposes of this Policy is as follows.
PLANIT // LEGAL Rechtsanwaltsgesellschaft mbH
Dr. Bernhard Freund
Jungfernstieg 1, 20095 Hamburg
Our UK representative under the UK GDPR for the purposes of this Policy is as follows.
TMI Associates London LLP
Citypoint, One Ropemaker Street, London, EC2Y 9SS
Our Data Protection Officer can be reached at email@example.com.
When we receive a request to exercise such rights, we will promptly perform all investigations necessary and provide the relevant personal data to you or to your nominated representative or otherwise respond to such request.
You also have the right to lodge a complaint with the local data protection authority if you have any complaint regarding our processing of your personal data.
- Handling of Website Access Information
We use the following Google Analytics advertising functions:
- Google Analytics, remarketing
- Google Display Network, display frequency
- Google Analytics, user distribution and interest categories
- Google Analytics, Integrated service to collect data using advertising cookies and anonymous IDs
Date of Establishment: June 28, 2013
Date of revision: May 1, 2023
- Information Collected by CSC
- Disclosure of Personal Information
- We may disclose your personal information to third parties for business or commercial purposes. When disclosing personal information to a service provider or contractor for such purposes, we execute an agreement that indicates such purposes and that requires that the service providers or contractors keep such personal information confidential and not use personal information for any purpose except performing such agreement.
We have disclosed personal information to the following categories of third parties for business or commercial purposes during the last twelve (12) months:
- Our affiliated companies;
- Third parties that provide services to us (such as providers of cloud services in which the data of CSC is processed and stored);
- Competent authorities as set forth under applicable laws and regulations (including courts and other public authorities that have jurisdiction over CSC); and
- Any other third parties that may reasonably require access to your personal information in connection with the foregoing purposes.
- Sale or Sharing of Personal Information
- We have not sold or shared any personal information in the preceding twelve (12) months.
In these supplementary provisions, the term “sale” means disclosing, etc. your personal information to a third party for monetary or other valuable consideration, and the term “sharing” means disclosing your personal information to a third party for cross-text behavioral advertisements, whether for monetary or other valuable consideration or free of charge.
- Retention of Personal Information
The criteria for determining CSC retention periods, includes, but is not limited to, the duration of the contractual relationship between you and CSC; the legal obligations assumed by CSC; and a need to perform an agreement to which you are a party.
- Your Rights and Choices Under the CCPA
- The CCPA grants rights regarding personal information to consumers who are residents of California. The following describes your rights and how to exercise those rights under the CCPA.
- Right to Access Specific Information
You have the right to request that CSC disclose certain information to you in relation to the collection, sharing, disclosure, or use of your personal information by CSC over the twelve (12) months preceding the date of your request. Upon receipt and confirmation of your verifiable consumer request, CSC will disclose to you any and all of the following information:
- The categories of your personal information that CSC has collected;
- The categories of sources from which CSC has collected your personal information;
- The business or commercial purposes of CSC for the collection, sale, or sharing of such personal information;
- The categories of third parties to which CSC discloses, sells, or shares such personal information;
- The categories of your personal information that CSC has disclosed, sold, or shared; and
- The specific personal information that CSC has collected about you.
- Right to Request Deletion
You have the right to request that CSC delete any of your personal information that CSC has collected from you and retained, subject to certain exceptions. Upon receiving your verifiable consumer request, CSC will delete your personal information from our records and will notify any service providers and contractors, as well as third parties to which CSC has sold or with which CSC has shared personal information, that they must delete such personal information from their records, unless an exception applies.
CSC may deny your request to delete your personal information if it is necessary for CSC or CSC's service providers or contractors to retain your personal information in order to:
- Complete the transaction for which CSC collected the personal information, fulfill requirements for a product recall conducted in accordance with a written warranty or federal law, provide a good or service that you requested, enable you to take measures reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform an agreement between CSC and you;
- Provide support to ensure the security and integrity of your personal information to the extent reasonably and proportionally necessary for the purpose of use;
- Debug products to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of other persons to exercise their free speech rights, or exercise other rights provided by law;
- Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres or adapts to all other applicable ethics and privacy laws, where CSC’s deletion of such information may render impossible or seriously impair the ability to compete such research, if you previously provided informed consent;
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with CSC and compatible with the context in which you provided the information; or
- Comply with legal obligations.
- Right to Request Correction of Inaccurate Personal Information
You have the right to request that CSC corrects any of your inaccurate personal Information that CSC collected from you and retained, subject to certain exceptions. Once CSC receives and confirms your verifiable consumer request, CSC will correct your inaccurate personal information and will notify any service providers and contractors, as well as third parties to which CSC has sold or with which CSC has shared your inaccurate personal information that they must correct such inaccurate personal information. CSC may deny your correction request if we determine that the contested personal information is more likely than not accurate based on the totality of the circumstances.
- Right to Opt Out of Sale or Sharing
CSC has not and will not sell or share any personal information collected from you.
- Right to Request Restriction of Use
CSC has not and will not collect sensitive personal information from you.
- Right of Non-Discrimination
CSC will not discriminate against California residents due to the exercise of any of their rights under the CCPA. Unless permitted by the CCPA, CSC will not engage in any of the following:
- Denying goods or services to you;
- Charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Providing you with a different level or quality of goods or services;
- Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services; or
- Retaliating against an employee, applicant for employment, or independent contractor.
- Exercising Your Rights to Access, Delete, and Correct
To exercise your rights to access, delete, and correct your personal information, please submit a verifiable consumer request to CSC by contacting us via the information in “Contact Information for Inquiries and Complaints.”
Only you, or a natural person or a person registered with the California Secretary of State that you authorize to act on your behalf, or a person who has power of attorney or is acting as a conservator for you, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
A “verifiable consumer request” must:
- Provide sufficient information that allows CSC to reasonably verify that you are the person whose personal information CSC has collected or an authorized representative thereof; and
- Describe your request with sufficient detail that allows CSC to properly understand, evaluate, and respond thereto.
- Right to Access Specific Information
- Contact Information for Inquiries and Complaints
- Please contact us at the following address for inquiries or complaints about the processing of your personal information:
Contact Information: firstname.lastname@example.org