Spiber Inc. Privacy Policy

This Privacy Policy (hereafter the “Policy”) outlines the manner in which Spiber Inc., Spiber (Thailand) Ltd., Spiber Holdings America Inc., and Spiber America LLC (hereafter collectively referred to as the “Company”) handle information obtained from users, including Personal Information, via their utilization of services provided by the Company.

1. Concerning collected Personal Information and collection methods

  • Within this Policy, “Personal Information” is defined as information which could be used to identify a user, in accordance with Art. 2, Clause 1 of the Act on the Protection of Personal Information. Personal Information includes other information which could easily be cross-referenced to establish the identity of the user.
  • The types of Personal Information utilized and stored by the Company through its services is dependent upon the various collection methods described below:

    Personal Information supplied by the user

    Personal Information supplied by the user, in order to use the Company’s website or services, may include the following:

    Newsletter and mailing list: email address

    Inquiries form: corporation or company name; email address; full name; phone number; affiliated department or section; website URL; inquiry subject and contents

    Application form: full name; gender; email address; phone number; postal code; address; employment history; current employment status; educational background; reason for application; contents of files submitted at the time of employment (CV, employment history, personal summary); photographs of the user’s face

    Personal Information collected by the utilization of the Company’s website or services

    The Company may collect Personal Information pertaining to access to the Company’s website or services, as well as the method(s) used for such access. This may include:

    Information concerning the user’s device; information stored in the logs; cookies; and IP addresses

2. Intended uses of information

  • The Company collects Personal Information solely for the following purposes, or for other purposes which are evident based on the context in which said Personal Information is collected. Except as described in Article 3, Personal Information is not used for any other purpose.
  • Communications from the Company such as mailing lists or newsletters
  • The sending of materials and/or communication by email, phone, or postal mail, in response to an inquiry from the user or an application to join the Company
  • The creation of statistics generated from anonymized usage data for the purposes of service improvement (hereafter “Anonymized Data”)
  • Communication via postal mail, email, or phone concerning Company products, services, events, or exhibitions
  • Surveys regarding product development, service improvement, or for the purpose of better understanding customer needs
  • As required upon offering any of the Company’s services for the fulfillment of the above purposes

3. Prohibition on the disclosure or provisioning of Personal Information to third parties

  • The Company pledges to handle any collected Personal Information with appropriate care, and to refrain from disclosing said information to third parties, except for the following cases:
  • When the user gives their consent for such disclosure
  • When said information is entrusted by the Company to third parties who performs outsourced work on behalf of the Company for the purposes of offering the service requested by the user
  • When such disclosure is required by law
  • As permitted by the Act on the Protection of Personal Information or other laws

4. Measures taken when Personal Information is entrusted to third parties

  • In order to effectively conduct business operations and continuously provide improved services to our users, the Company may provide users’ Personal Information to third parties for outsourcing. However, the disclosure of such information will be limited to the minimum degree necessary to achieve the intended purpose. Additionally, the Company will take appropriate measures to ensure such third parties’ security management practices. The Company will also carry out appropriate monitoring of such third parties, including by the implementation of non-disclosure agreements.

5. Measures for the protection of Personal Information

  • The Company takes all necessary and appropriate security management measures to prevent unauthorized access to Personal Information, to prevent the leakage, loss of, or damage to Personal Information, and to otherwise safely manage Personal Information, primarily by implementing the following methods:
  • Formulation of a basic policy
    For the proper handling of Personal Information, the Company has formulated a basic policy to ensure compliance with relevant laws, regulations, guidelines, and other prescribed measures.
  • Establishment of rules for the handling of Personal Information
    The Company has established rules for the handling of Personal Information, which stipulate the person or persons responsible for the handling of Personal Information and their roles at each stage of its acquisition, use, storage, provision, deletion, and disposal.
  • Organizational safety management measures
    The Company has established a person responsible for handling Personal Information, clarified which employees handle Personal Information and the scope of such handling, and established a reporting system in the event that a violation or any indication of a violation of relevant laws, regulations, or rules is detected. Furthermore, inspections of the handling of Personal Information are conducted periodically, in addition to audits conducted by other departments and outside parties.
  • Personnel safety management measures
    Items concerning the confidentiality of Personal Information are stipulated in the Company’s employment regulations, and periodic training sessions are held on matters to be noted regarding the handling of Personal Information.
  • Physical safety management measures
    Measures are taken to prevent unauthorized persons from accessing Personal Information.
    In addition, measures are taken to restrict and control the removal of equipment, electronic media, and documents that handle or contain Personal Information in order to prevent theft or loss of such information.
  • Technical safety management measures
    Access controls are implemented to limit the persons in charge of handling Personal Information and the scope of such information when handled. Additionally, systems are in place to protect information systems that handle Personal Information from unauthorized access from outside the Company or from unauthorized software.

6. Creation, provision, and use of Anonymized Data

  • The creation of Anonymized Data will be carried out in accordance with the Act on the Protection of Personal Information or other related laws. The Company will utilize appropriate standards and methods such that Anonymized Data cannot be used to identify a user or be reverse engineered to identify the original information which was used in its creation.
  • When creating the Anonymized Data described in the preceding paragraph, appropriate measures will be taken to ensure that the disclosure of Personal Information used to create the Anonymized Data, as well as the disclosure of details concerning the specific methods used to anonymize it, is limited to those individuals who are responsible for the data’s creation, management, and safeguarding.
  • When disclosing Anonymized Data, the Company will publicly announce which types of information in the Anonymized Data are disclosed and the method(s) of such disclosure.

7. Compliance with regulations and norms, and revisions of this Policy

  • The Company complies with all relevant laws and regulations concerning the Personal Information in its possession, and will revise and improve this Policy as appropriate. Changes to the Policy will be listed on this page, along with the date on which the Policy was updated.

8. Protection of Personal Information on linked sites

  • The Company accepts no responsibility for ensuring the security of any Personal Information on sites which are linked to from the Company’s site but which are not owned or operated by the Company. Please confirm the status of any Personal Information protection offered by such third-party websites by examining their privacy policy, where applicable.

9. Enquiries

  • Please address any opinions, questions, complaints, or other enquiries regarding the handling Personal Information to:

    Spiber Inc., 234-1 Mizukami Kakuganji Tsuruoka, Yamagata 997-0052, Japan
    E-mail: contact@spiber.inc

Last updated: May 23, 2023