Hitachi Social Information Services, Ltd. (hereinafter referred to as "the Company") has obtained certification under the Privacy Mark System, which is granted by the Japan Institute for Promotion of Digital Economy and Community (JIPDEC) to organizations that properly handle personal information.
Registration Number: 11820133 (13) (*)
Date of Initial Registration: January 11, 2002
Date of Latest Renewal: January 11, 2026
Date of Expiration: January 10, 2028
Certification Standard: JIS Q 15001:2023
(*) The number in parentheses indicates the number of renewals.
For details on the Privacy Mark system, please refer to:
http://privacymark.jp/
Hitachi Social Information Services, Ltd. (hereinafter referred to as "the Company") handles a variety of information, including our technical information and information entrusted to us by our customers, as a company that takes on the challenge of new information technologies and social innovation and realizes IT services that deliver new value to society together with our customers. For this reason, the Company has made efforts to establish and thoroughly implement an information management system in order to respect the value of such information.
Based on this background, the Company will establish rules and a management system for the protection of personal information at our company, establish a personal information protection policy, make it known to officers and employees, and take measures that are easily available to the general public. The Company will also strive to appropriately protect personal information in accordance with this policy.
The Company will make its officers and employees aware of the importance of protecting personal information, formulate personal information management rules to appropriately use and protect personal information, and steadily implement a personal information protection management system. In addition, The Company will maintain and continuously improve it.
In consideration of the fact that the Company handles personal information in its business activities, the Company will establish a management system for the protection of personal information according to the actual situation of each business, and The Company will handle personal information appropriately in accordance with the prescribed rules in the acquisition, use, and provision of personal information. In addition, the Company will not use personal information beyond the intended purpose and will take measures to prevent such use.
In order to ensure the accuracy and safety of personal information, the Company will implement measures such as managing access to personal information, restricting the means of taking out personal information, and preventing unauthorized access from the outside in accordance with various rules related to information security, and will strive to prevent the leakage, loss, or damage of personal information. When issues related to security measures are identified, the Company investigates the causes and takes corrective actions.
The Company will comply with laws and regulations, guidelines established by the government, and other norms regarding the handling of personal information. In addition, the Company's personal information management rules comply with these laws, guidelines, and other norms.
When the Company requests the disclosure, correction, or deletion of information regarding personal information, or the refusal to use or provide it, or when the Company receives a complaint or request for consultation, the Company will respect the rights of the individual regarding personal information and respond in good faith.
Established on: July 1, 2001
Revised on: April 1, 2018
April 1,2026
Hitachi Social Information Services, Ltd.
President & CEO
Hirotake Ichikawa
For opinions, consultations, inquiries, or complaints regarding the content of this Privacy Policy and the handling of personal information, please refer to the section "Contact Regarding Personal Information."
The Company collects information such as your name, company name (organization name), department name, address, telephone number, and e-mail address (hereinafter referred to as "personal information") when responding to questions and comments from customers and sending catalogs and materials of our products that have been requested.
In addition, please note that the Company may use it for seminars planned and participated in by the Company, introductions and guidance of new products and services, information on other special services, and analysis to improve products and services based on questionnaires (Comments received may also be used to improve the Company's website).
Please note that personal information collected at seminars and other events jointly planned and held with other companies may be shared with the co-organized company.
On the "Recruitment Information" page, personal information will be collected from Recruit Co., Ltd. and Mynavi Co., Ltd. for the purpose of using it only for the Company's recruitment activities, such as sending materials and contacting recruitment schedules.
In addition, our website collects customer logs for the purpose of system management. The logs the Company obtain will be used to analyze what information you are interested in on our website. The Company's website does not associate the acquired logs with the customer's personal information.
Personal information received via our website is managed strictly and appropriately. Preventive measures are taken against unauthorized access, loss, destruction, leakage, and falsification, and corrective actions are implemented promptly in the event of an incident.
Personal information collected for recruitment purposes is destroyed or completely deleted after the recruitment process is completed.
Please note that the Company cannot guarantee the security of personal information transmitted over communication paths outside our control between users' devices and our website.
1.The Company acquires and uses personal information only to the extent necessary to achieve the following purposes:
a. Performance of contracts concluded with individuals or customers
b. Contact for business negotiations and meetings
c. Provision of after-sales services, event notifications, and information on new products (including promotional emails)
d. Performance of operations entrusted to the Company by customers (e.g., system development, operation, and maintenance)
e. Provision of various membership-based services
f. Stock-related administrative matters
g. Responding to inquiries
h. Analysis based on surveys to improve products and services
i. Administrative tasks related to Company-sponsored recruitment programs
J. When the Company requests the person to provide personal information directly in writing (including electronic means such as the web and e-mail) among the above items regarding the Company's recruitment activities, the purpose of acquisition and use shall be clearly stated in advance and the consent of the person concerned shall be obtained.
*1 Personal information acquired in connection with outsourcing is not the personal data of the individual held by the Company (= retained personal data).
2.The Company will not provide the personal information of the individual to a third party without the prior consent of the person in question. However, the following items apply:
a. When it is based on laws and regulations.
b. When it is necessary to protect human life, body, or property, and it is difficult to obtain the consent of the person in question.
c. When it is particularly necessary to improve public health or promote the healthy development of children, and it is difficult to obtain the consent of the person concerned.
d. When it is necessary to cooperate with a national agency, a local government, or a person entrusted by them to carry out the affairs prescribed by laws and regulations and obtaining the consent of the person concerned may interfere with the execution of such affairs.
e. When entrusting the handling of personal information to the extent necessary to achieve the purpose of acquisition and use.
f. When providing personal information in connection with business succession due to mergers or other reasons.
3.The Company may provide (including joint use) of the Company's parent company (Hitachi, Ltd.) and affiliated companies the personal information of the individual, such as the name, workplace and home address, telephone number, fax number, and e-mail address, to the extent necessary to achieve the purposes of each item in paragraph 1 above. In this case, when obtaining personal information from the individual, The Company will obtain the consent of the individual to provide it in a document that confirms the handling in advance (on this website, the "Handling of Personal Information on the Company's Website" indicated on the individual inquiry screen is applicable). In addition, the personal information of the person in question will be provided in paper or electronic media. The individual may request the Company to stop providing personal information to the Company's parent company (Hitachi, Ltd.) and its affiliates.
1.With regard to its business activities mainly in the information service industry, the Company will comply with the Act on the Use of Numbers to Identify Specific Individuals in Administrative Procedures (hereinafter referred to as the "Number Act"), the Act on the Protection of Personal Information, and the Guidelines for the Appropriate Handling of Specific Personal Information (Business Operators).
2.The Company will ensure the proper handling of specific personal information based on the Company's "Personal Information Protection Policy" as the "Basic Policy on the Proper Handling of Specific Personal Information".
3.The Company shall acquire and use Specific Personal Information to the extent necessary to achieve the purpose of the implementation of administrative procedures related to social security, taxation, and disaster countermeasures stipulated in each item of Article 9 of the Number Act. The main scope of use of specific personal information handled by the Company is as follows.
a. Administrative work in which the Company receives specific personal information from employees, etc., and submits it to the head of the tax office, the mayor of a municipality, the Japan Pension Service, etc., in necessary documents such as withholding tax certificates for salary and retirement income, salary payment reports, employment insurance notification, notification of acquisition of health insurance and employees' pension insurance qualifications, and various statutory records related to individual resident tax.
b. Administrative work for the Company to submit to the Director of the Tax Office the provision of specific personal information, such as payment records for remuneration and fees, dividends, distribution of surplus and fund interest, payment records for the use of real estate, etc., and payment reports for the transfer of real estate, etc.
c. The Company may submit it to the Director of the Tax Office, or execution of tasks entrusted by other businesses to handle specific personal information. Since our business activities are wide-ranging, the Company may notify and announce the purpose of use of specific personal information on our website and other sites.
4.The Company will not provide the specific personal information of the individual to a third party, except as stipulated by laws and regulations. The Company will also not share personal information. However, if any of the items specified in Article 19 of the Number Act (Restrictions on the Provision of Specific Personal Information) apply, the Company may voluntarily provide specific personal information.
5.The Company may entrust the handling of specific personal information within the scope of the purpose of use stipulated by laws and regulations.
6.The method of disclosure, correction, addition, deletion, suspension of use, suspension of provision to third parties, suspension of provision to third parties, or notification of the purpose of use, or receipt of complaints regarding specific personal information held by the Company shall be carried out as described in the Company's "Method of Disclosure, Correction, and Deletion of Personal Information".
You may request disclosure, correction, addition, deletion, suspension of use, suspension of provision to third parties, notification of the purpose of use, or disclosure of records of provision to third parties (hereinafter referred to as "disclosure, etc.") of retained personal data. If you wish to submit your opinion, please read this page ("Regarding the Protection of Personal Information") and agree to the contents of the statement. If you do not agree, please note that The Company will not be able to answer your questions.
Request for Disclosure of Personal Information of Customers who have requested catalogs and explanatory materials for our products.
Please contact us by filling in either "Request for Update of Personal Information" or "Request for Deletion of Personal Information" along with your name, address, and phone number on the inquiry form at the bottom of the relevant page. In the case of "Request for Update of Personal Information", please also include the details of the information to be updated. In this procedure, The Company will confirm the identity of the customer.
In addition to the above
Please contact us with your name, address, and phone number, as well as your name, address, and phone number, as well as one of the following statements: "Request for update of personal information", "Request for deletion of personal information", or "Complaint regarding the handling of personal information by our company". In the case of "Request for update of personal information", please also write the content of the information to be updated. In addition, The Company will confirm that you are the customer in this procedure.
Former employees who have inquiries regarding the handling of their personal information, or who wish to request disclosure or submit complaints, are requested to contact us via the inquiry form.
- Personal information of those who have left the Company
- Invoices for disclosure of employment management information
- Complaint Form for Handling Employment Management Information
- About identity verification documents
Personal Information Protection Manager,
CSR Department, Human Resources and General Affairs Division
In order to establish a management system that complies with the Personal Information Protection Act and JIS Q15001, the Company has appointed a personal information protection manager and a personal information protection audit manager.
In addition, to confirm the operation of the management system, the Company conducts annual audits by personal information protection auditors and self-inspections by the managers of each department at least once a month. In addition, the Company provides training for all employees and non-regular employees, including temporary employees.
Based on the personal information protection system, the Company has established a "Personal Information Protection Management System" (hereinafter referred to as "PMS"), which is a mechanism for protecting personal information. It is positioned as part of the "Information Security Management System" (hereinafter referred to as "ISMS"), and the PDCA cycle of PMS is implemented as part of the ISMS.
In addition, the "PMS Document" that describes the basic elements of the PMS as a document consists of the "Personal Information Protection Policy", "Personal Information Protection Management Regulations (Internal Regulations)", "Plans" such as audits and education, and "Records" of PMS implementation.
Strengthening Efforts to Protect Personal Information
(a) Introduction of a personal information protection management system
The Company strives to strictly manage and handle the personal information it receives in accordance with the "Personal Information Protection Management Regulations", which is an internal rule. The Company has an information asset manager at each workplace to identify all personal information handled by the Company, manage the ledger according to the importance and risk of such personal information, and take appropriate measures.
In managing such ledgers, the Company has introduced a Personal Information Protection Management System, which allows employees with appropriate access rights to register and refer to information from all terminals, enabling quick response to ledger management. In addition, daily inspections (operation confirmations) using this system can be easily performed.
(b) Implementation of personal information protection education
At least once a year, the Company conducts "personal information protection education" through e-learning to raise employees' awareness.
Strengthening management of subcontractors
In recent years, there has been no end to the leakage of confidential information, including personal information. In particular, there are many leakage accidents from outsourcing companies that handle personal information, which has become a social problem. The Company has strengthened the management of subcontractors handling personal information, established internal regulations for outsourcing the handling of personal information, and supervised the contractors in accordance with the regulations.
When outsourcing, the Company evaluates and selects according to the outsourcing selection criteria set by the Company. In addition, the Company has signed a contract that includes strict personal information management clauses, such as the establishment of a management system and the prohibition of sub-outsourcing in principle. In addition, the Company recognizes its responsibilities as a contractor by regularly conducting re-evaluations and audits of its contractors and supervising and educating its contractors.
In order to ensure the proper handling of personal information (including personal information acquired or intended to be acquired by the Company) as an organization, the top management has formulated a personal information protection policy and formulated internal regulations such as personal information management rules and guidelines in accordance with this basic policy. In addition, the Company has a system in place to check and evaluate whether its internal regulations comply with laws and regulations and JIS Q 15001, which is a compliance with the Privacy Mark. In addition to the establishment of these regulations, the Company has taken specific safety management measures from four aspects (organizational, human, physical, and technical) when actually handling personal information.
If you have any other opinions or requests regarding the handling of personal information on our website, please send them to the following.
〒140-0013 Tokyo, Shinagawa-ku, Minami-Oi 6-26-3 Omori Belport Building D 17th floor
03-5471-2345
