じぶんシリーズ

Privacy Policy

Privacy Policy


Sonic Garden Inc. (hereinafter referred to as the "Company" or "We") has established this Privacy Policy as a code of conduct to be observed by all directors, officers, and employees of the Company in order to properly handle all personal information of our clients and other stakeholders (hereinafter collectively referred to as the "person concerned") used for the Company's business.

Basic Policy

(1) We shall comply with laws, regulations, national guidelines, and other norms regarding the handling of personal information. To this end, we have established a personal information protection management system in accordance with the Japanese Industrial Standard "Personal Information Protection Management Systems - Requirements" (JIS Q 15001), and will operate it appropriately.

(2) We will acquire, use, and provide personal information in an appropriate manner, taking into consideration the nature and scale of our business. This includes not handling personal information beyond the scope necessary to achieve the specified purpose of use and taking measures to ensure that such personal information is not used for any other purpose.

(3) In the event that the Company outsources all or part of the handling of personal information, the Company shall exercise necessary and appropriate supervision over the outsourced party to ensure the safe management of the personal information entrusted to the Company.

(4) We will not provide personal information to any third party, except with the consent of the person concerned or as required by law.

(5) The Company will take measures to prevent leakage, loss, or damage of personal information and to correct such leakage, loss, or damage.

(6) The Company shall strive to respond appropriately and promptly to complaints and consultations regarding the handling of personal information. We will also accept requests for disclosure, etc. (notification of purpose of use, disclosure, correction, addition, or deletion, and cessation of use or provision) of personal information subject to disclosure held by us. Please contact the "Personal Information Complaints and Inquiries Desk" herein regarding the procedures for requesting disclosure, etc.

(7) The Company will conduct periodic self-inspections of the handling of personal data, as well as audits by other departments or outside parties.

(8) The Company will provide regular training to its employees on matters to be considered in the handling of personal data, and will enter into agreements with its employees regarding the confidentiality of personal data.

(9) The Company implements access control for the handling of personal data and has introduced a system to protect against unauthorized access from outside or unauthorized software to the information system handling personal data.

(10) We will continuously improve our personal information protection management system.

1. Definition of Personal Information

In this Privacy Policy, personal information is defined as information that can be used to identify a specific individual, such as e-mail address, name, password, gender, date of birth, address, occupation, complaints, consultations, or inquiries, and other information that can be used to identify a specific individual by combining one or more of the following.

2. Purpose of Use of Personal Information

The main purposes of use of personal information are as follows:

  • To provide our MySuite for Kintone (MyForm for Kintone, MyRecord for Kintone, MyPage for Kintone) services (the "Services") and other relevant services, including but not limited to: (i) identification of users, (ii) communication with the customers and users (such as sending important notices and customer support), (iii) internal purposes such as necessary record keeping, (iv) improving and updating our products and services, (v) account and network security purposes, (vi) payment for use of our Services.
  • To communicate for commercial purposes, such as proposal of our other services as well as other marketing and advertisement purposes to existing and potential customers and users.
  • To invite customers and users to seminars and other events.
  • To build, facilitate and manage customer, developer, and entrepreneur communities.
  • To comply with applicable laws.
  • To exercise or defend the Company’s legal rights; including without limitation disclosure required by enforcement agencies.
  • In the event of a proposed merger, acquisition, sale or other business transaction involving our business or its assets, to support or give effect to the transaction.

3. Acquisition of Personal Information

We will obtain personal information by legal and fair means after obtaining the consent of the person concerned. When personal information is obtained indirectly, we will confirm that the provider of the personal information has obtained it through legal and fair means.

4. Information Collection Module

The Services may incorporate the following information collection modules selected by the Company for the purpose of analyzing information on the usage of the Services and advertising effects related to the services, including the Services. In accordance with this, we may provide user information, etc. to the providers of the following information collection modules. These information collection modules collect user information without including personally identifiable information, and the collected information will be managed in accordance with the privacy policy and other rules stipulated by each information collection module provider.

Name: Google Analytics
Provider: Google Inc.
Privacy Policy: https://www.google.com/intl/ja/policies/privacy/

5. Disclosure and Provision to Third Parties

We will not disclose personal information to third parties except in the following cases:

  • When we disclose to our affiliated companies
  • When we disclose to service providers
  • When we disclose to our business and event partners
  • When we disclose to our marketing and advertising partners
  • When the customer agrees to the disclosure
  • When the customer goes against the terms of use and/or guidelines, and disclosing its information is considered necessary to protect the rights, property, and/or the Services of other customers and/or the Company
  • When the Company is required to disclose your information under applicable laws and regulations

6. Non-Mandatory

Provision of some personal information is basically non-mandatory. However, if the personal information provided is insufficient, the Company may not be able to provide some of the services for which the information is intended.

7. Entrustment of Personal Information

We may entrust personal information to outside parties for the operation of this Service or to carry out the purpose of use.

8. Correction and Deletion of Personal Information

Personal information may be verified and corrected by the user in the manner prescribed by each Service. If the user withdraws from the Service, the personal information will be stored for a certain period of time and then deleted.

In cases other than the above, the Company will accept requests for notification of purpose of use, disclosure, correction, addition, or deletion, and suspension of use or provision of your personal data held by the Company via the Contact Us page. We will respond to the customer's request by the method requested by the customer among the following:

(1) by providing electromagnetic records, (2) by delivering written documents, or (3) by any other method determined by the Company. We will respond to your request after confirming your identity.

9. Measures Taken for the Safe Management of Personal Data

(Formulation of basic policy)
In order to ensure the proper handling of personal data, the Company has formulated a basic policy regarding "compliance with relevant laws, regulations, guidelines, etc." and "contact for handling questions and complaints".

(Establishment of Rules for Handling Personal Data)
The Company has established rules for handling personal data at each stage of acquisition, use, storage, provision, deletion/disposal, etc., including handling methods, responsible persons/persons in charge, and their duties.

(Organizational Safety Control Measures)
In addition to appointing a person responsible for the handling of personal data, the Company clarifies the employees who handle personal data and the scope of personal data handled by such employees, and has established a system for reporting to the person responsible in the event that a violation of the law or handling regulations is detected or any indication of such a violation is detected.
The Company conducts periodic self-inspections of the status of personal data handling, as well as audits by other departments and outside parties.

(Personnel Safety Control Measures)
Regular training is provided to employees on points to keep in mind regarding the handling of personal data. The Company enters into confidentiality agreements with its employees regarding the confidentiality of personal data.

(Physical security control measures)
In areas where personal data is handled, the Company controls employee access to rooms and equipment, and implements measures to prevent unauthorized persons from viewing personal data.
Measures are taken to prevent theft or loss of equipment, electronic media, and documents that handle personal data, and measures are taken to prevent personal data from being easily discovered when such equipment, electronic media, etc. are carried, including during transportation within the business site.

(Technical safety control measures)
Access control is implemented to limit the scope of persons in charge and the personal information databases, etc. handled. A system is in place to protect information systems that handle personal data from unauthorized external access or unauthorized software.

(Understanding the external environment)
The Company uses cloud services whose servers are located in foreign countries. For the safe management of retained personal data, the Company confirms if the location of the server is within the EU or the UK, which is recognized by the Personal Data Protection Commission Regulations as a foreign country with a personal data protection system recognized as being of a similar level to that of Japan, or that it has obtained CBRP certification. If none of the above applies to the server, we will implement appropriate safety management measures, such as checking the information security of the cloud service in question, based on our understanding of the system, etc. of the relevant foreign country.

10. Links to Other Websites and Cookies

This site uses cookies to improve user convenience and for user authentication. Cookies may also be used by advertisements displayed on this site. In this case, the advertiser's use of cookies is subject to the advertiser's privacy policy. The Service contains many links to external websites, but we are not responsible for the privacy practices of those websites. We recommend that you read the privacy policy of each linked site before using it.

Some internet browsers offer a “do not track” or “DNT” option. We do not currently respond to browser’s DNT signals with respect to our website.

11. Revision of Privacy Policy

This Privacy Policy may be revised in whole or in part. Any revisions will be posted on this page.

12. Inquiries

If you have any questions regarding our Privacy Policy, please contact us at info@sonicgarden.jp.

<Personal Information Complaints and Inquiries Desk>
Sonic Garden Inc.
Personal Information Protection Manager: Shiro Fujiwara
TEL: 81-3-4405-9876
E-mail: privacy@sonicgarden.jp

Established: 01/07/2024
Sonic Garden Inc.
Yoshito Kuranuki, President and Representative Director