1. Imoxion Co., Ltd. (hereinafter referred to as the “Company”) attaches great importance to the protection of users’ personal information and uses its best endeavors to ensure that users will feel safe and at ease whenever they use the services provided by the Company. Through its Privacy Policy, the Company informs customers for what purposes and how the Company uses the personal information provided by users and what measures are taken by the Company to protect such personal information.
2. The Company discloses its Privacy Policy on the initial screen of its home page to ensure that users can view the said policy with ease at any time.
3. To improve its Privacy Policy on a continuous basis, the Company is now establishing the necessary procedure for revising the said policy. In revising its Privacy Policy, the Company assigns the revision date (including the effective date of revision), etc., so that users can readily identify the revised provisions of the Privacy Policy.
This Privacy Policy shall come into effect as of August 20, 2018.
1. Personal information items to be collected
The Company collects the following items of personal information:
① Collected items: Company name, full name, contact information, mobile phone number, and e-mail address
② Collection methods: Home page
(Business inquiry, product inquiry, inquiries concerning technical assistance, general inquiries, and requests for demonstration)
2. Purposes for collecting personal information
The personal information collected by the Company is processed for the following purposes. The personal information collected by the Company will not be used otherwise than for the following purposes, and, if the purpose of use thereof is changed, the Company will seek prior consent. In addition, the Company does not collect any sensitive personal information that is likely to violate users’ fundamental human rights.
① Customer consultation: To provide consultation regarding the matters requested by customers
3. Consent for the collection of personal information
The Company has established procedures for users to give or refuse to give their consent to the collection of their personal information or the terms of use, whereby users are deemed to have consented to the collection of their personal information.
The Company does not record any of the text files in any user’s hard disc while the user visits the Company’s home page, but it uses cookies that are activated only while the user’s browser works. Such cookies are used by the Company solely to identify users but not to have access to their personal information. When a user stops operating his/her browser, the information in the cookies is automatically deleted simultaneously. By resetting the settings of the browser, a user may specify whether to allow or refuse the installation of cookies or may allow the installation of any specific cookies only.
The Company does not use otherwise than for the purpose thereof or provide to another person or entity without authorization any of users’ personal information.
Nevertheless, the Company may share users’ personal information with its business partner(s) to provide better services for users. In such a case, the Company will undergo the procedure for seeking consent from users prior to the collection and provision of such personal information by giving an individual notice to each user by e-mail and in writing with respect to the following: who the business partner(s) in question is, why and which personal information is required, and until when and how such personal information is protected and managed. In such a case, if a user refuses to give his/her consent, the Company will not collect any additional information from the user nor will share the user’s personal information with its business partners.
1. Measures for ensuring the accuracy and recency of personal information
The Company has established the following procedures for ensuring the accuracy and recency of personal information:
① To manage personal information in an accurate manner, the Company has in place the procedure for checking the content of such personal information in advance in entering the same;
② The Company also has in place the procedure for correcting or deleting the inaccurate information found, if any;
③ The Company has established the procedure or method for users to access their personal information and make a request for correction, thereby ensuring that accurate information will be entered; and
④ In addition, the Company has in place the procedure for regularly destroying or otherwise disposing of personal information when the stated purpose thereof has been achieved, the period of retention or use thereof has expired, or otherwise it ceases to be needed any longer.
2. Technical, administrative, and physical measures for protecting personal information
The Company takes the following technical, administrative, and physical measures to ensure safety when handling users’ personal information to prevent such personal information from being lost, stolen, leaked, altered, or damaged:
① Users’ personal information is protected by a password, while significant data are protected through separate security functions by encrypting files and transmitted data or using a file locking function (Lock).
② The Company takes measures against damages caused by computer viruses by using vaccine programs. Vaccine programs are updated at regular intervals, and, when a computer virus appears, the Company immediately downloads the corresponding vaccine program as soon as it is made available, thereby preventing personal information from being infringed.
③ The Company adopts a security device (SSL), which can transmit personal information over the network safely by using encryption algorithms.
④ The Company also uses a device designed to block intrusion attempts from the outside to prevent users’ personal information from being leaked through hacking or otherwise and also monitors intrusion attempts 24 hours a day by installing a commercial network intrusion detection system and also a public intrusion detection system for each server.
⑤ Administrative measures to protect personal information
The Company has established the necessary access control procedure for personal information to ensure the security of personal information. In addition, a dedicated user is designated for each terminal device and assigned a password, which is updated at regular intervals, to prevent the unauthorized use of any terminal devices and word processors.
⑥ Destruction of personal information
The personal information collected by the Company is promptly destroyed when the purpose of collecting such personal information, as users have been previously notified, has been achieved. In such a case, personal information printed on paper is shredded with a shredder or incinerated, while personal information stored in an electronic file is deleted by using some technological methods that render such records impossible to be regenerated.
⑦ Entrustment of the processing of personal information
To improve the quality of its services, the Company may entrust a third party or parties with the processing of users’ personal information, in which case the Company seeks consent from each user without fail. The entrustee(s) is selected among entities capable of complying with this Privacy Policy and the entrustment agreement provides the following: the scope of parties’ responsibilities, confidentiality of personal information, no provision of personal information to a third party or parties, period of entrustment of personal information processing, return or destruction of personal information upon completion of the processing thereof, and the other matters that may be necessary for the protection of users’ personal information.