GDPR Privacy Policy

Works Applications Co., Ltd.(the “Company”), in connection with the provision of the any of the service that the Company provides (the “Service”) to users (the “Users”) residing in the European Economic Area (the “EEA”, and the countries that are members of the EEA are individually or collectively referred to as “EEA member countries”), for the purpose of complying with the EU General Data Protection Regulation (the “GDPR”), the applicable national laws, regulations, etc. (“applicable laws”) and to appropriately process the personal data of the Users residing in the EEA, hereby establishes this “GDPR Privacy Policy” (this “Privacy Policy”).

1. Processing Personal data

(1) Definitions

Personal data” means any data relating to an identified or identifiable natural person, including, without limitation, name, address, date of birth, telephone number, e-mail address, cookies and user IDs of User.
Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Controller” means a legal person, etc. which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor” means a legal person, etc. which processes personal data on behalf of the Controller.

(2) Types of personal data to be collected

The Company will collect the following types of personal data concerning Users in connection with the Service:

(a) Name
(b) Company Name, Department, Position
(c) Telephone number
(d) E-mail address
(e) Cookies etc.

(3) Purposes of use of personal data

The Company will process the Users’ personal data for the following purposes:

(a) for customer management in our company's business activities:

  •  to answer questions and inquiries regarding our company or our company's products and services
  •  to provide product information and support information regarding our company's products
  •  for invitations to our company's events, seminars, etc.
  •  to send emails to customers who have requested our email distribution service
  •  to request cooperation in questionnaire surveys, etc.

(b) to supply customers with our company's products and services:

  •  for data migration support, validation confirmation, etc. in the introduction, maintenance support, etc. of our company's products
  •  to provide our company's products, support, and services including group training
  •  to answer questions and inquiries regarding our company's product information, support information, etc.
  •  for invitations to our company's product information, support information, seminars, regular meetings, working groups, group training sessions, etc.
  •  to request cooperation in questionnaire surveys, etc. regarding our company's products and services

(c) to recognize when the Users visit the Company website

If the Company is to process the Users’ personal data for purposes other than the above, the Company will notify Users in advance such new purposes of use and other matters as required by applicable laws.
By manifesting their intention to consent to this Privacy Policy, Users will be deemed to have consented to the processing of their personal data by the Company within the scope of the above purposes of use, and the Company will process the Users’ personal data based on such Users’ consent; provided, however, that Users may withdraw such consent at any time, which such withdrawal shall not affect any legitimate processing performed pursuant to the consent prior to the withdrawal.
The Company may require Users to provide their personal data in connection with the provision of the Services. In such case, if certain Users do not provide its personal data, the Company may be unable to provide the Services.

(4) Retention Period

The Company will retain the Users’ personal data to the extent the Company requires such data for achieving the purposes of use specified in 1.(3) above.

(5) Third Party Transfer

The Company may provide the Users’ personal data to third parties such as the subsidiaries and affiliates of the Company, dealers, retailers, cloud vendors of the Company, etc., to implement the purposes of use specified above. Such third parties which the Company may provide User’s personal data include those located in countries outside the EEA (including, without limitation, Japan; the same shall apply hereinafter), and the Users are deemed to have consented to the following matters by consenting to this Privacy Policy:

(a) Certain countries outside the EEA may not be furnished with the same level of data protection laws as the EEA, thus part of the rights granted to Users within the EEA may not be available;
(b) Users’ personal data may be provided and processed for the purposes specified in 1.(3) above; and
(c) Users’ personal data may be provided to third parties located in a country outside the EEA. 

(6) Rights of Users

The Users are entitled with the rights to access to, request for correction, request for deletion, request to limit the processing, object to the processing, and request for data portability, with regards to the personal data retained by the Company pursuant to the provisions of relevant laws and regulations. Such requests shall be attended to the contact point set forth in “4. Contact” as per below.
The Company may refuse the Users’ request if the Company deems that there is no basis for such request or if the request is deemed excessive.
The Users may file objections to the data protection authorities having jurisdiction over the location of the Users’ domicile with regards to the processing of their personal data by the Company.

(7) Unsubscribing from direct marketing

If Users wish to unsubscribe from the Company’s direct marketing, such Users should contact the contact point set forth in “4. Contact” below.

2. Safety Management Measures

In order to protect the personal data from unauthorized access and loss etc., taking into account the type of personal data, the degree of sensitivity and the degree of affect to the Users including economic influence and mental harm in case the personal data is unlawfully infringed, the Company has comprehensively evaluated and judged the risks of personal data infringement, and has implemented necessary and appropriate personal, organizational and technical safety management measures in accordance with such the risk of personal data infringement, and further, will review such safety management measures as necessary, set up the process for taking corrective actions, and constantly make effort to improve its security.
If the Company, in its role as a Controller, contracts a Processor, the Company shall select a Processor which is capable of implementing appropriate technical and organizational measures and shall manage such Processor in an appropriate manner.
Pursuant to the GDPR, the Company shall prepare records of the processing of personal data.

3. Amendment to this Privacy Policy

The Company may amend this Privacy Policy at any time.

4. Contact

The Company’s contact point regarding this Privacy Policy is as shown below. Any questions or concerns regarding this Privacy Policy or the processing of personal data by the Company, or any requests concerning access, correction, deletion, limitation of processing or data portability of the personal data shall be attended to this contact point:

Issued May 25, 2018

GDPR Privacy Policy Inquiries

  • Works Applications Co., Ltd.
  • Ark Mori Bldg. 19F, 1-12-32, Akasaka, Minato-ku, Tokyo 107-6019 Japan
  • Email:privacy@worksap.co.jp
  • Hours of operation: Weekdays 9.30am-6.30pm, Japan Standard Time (JST) (except weekends and public holidays)

This site uses cookies for comfortable viewing and improving user experience. By continuing to browse the site, you are agreeing to our use ofcookies. Display cookie policy