I. Basic Policy on the Handling of Personal Information
ULTIMEDIA Inc. (hereinafter referred to as “the Company”) recognizes that the proper handling of users’ personal information is an important social responsibility of a company, and therefore complies with the EU General Data Protection Regulation (GDPR), and any other relevant laws and regulations (hereinafter referred to as the “GDPR, etc.”) concerning persons located in the European Economic Area (hereinafter referred to collectively as the "EEA, etc."). The Company has established the following basic policy for the protection of personal information.
- The term “the Site” refers to “CoolJapanVideos” (https://cooljapan-videos.com/en), operated by the Company.
- The term “the Service” refers to all services provided on the Site.
- The term “user” refers to any person/entity who uses the Site and or the Service.
- If the Company discovers that it has collected and processed the personal information of children under the age of 16 or who have not reached the minimum age specified by the GDPR, which varies according to the laws of the EU member states, without parental permission and consent, the Company will take steps to delete the information as quickly as possible. If you become aware that a child under the age of 16 has provided the Company with personal information, please contact the Company immediately via the contact information specified in Section 11.
IV. The Utilization of Personal Information
- The Company collects, stores, and uses the personal information of users to the extent necessary to provide the Service as specified below. If a user does not provide such personal information, the use of some parts of the Service may be restricted. The information that the company collects includes, but is not limited to:
- Name, gender, date of birth, nationality, email address, the name associated with the SNS account (Facebook, Google, Twitter, LINE, etc.) that a user registers with.
- Country of residence, city of residence, experience visiting Japan, and other information users have provided on the Site, including profile information.
- Unique information regarding the user's mobile device, etc. (including individual identification information, such as the device's unique ID).
- IP addresses that are generated or automatically generated and stored when the Service is used, the date and time of requests from users, and information regarding users' history of use of the Service.
- Location information sent from smart phones, tablets, and other information terminals. It is possible to stop the transmission of location information by changing the settings on the information terminal, but user may not be able to use some parts of the Service.
- The GDPR, etc. requires companies that handle personal data obtained from the EEA, etc. to process it based on the following specific legal bases.
- On the basis that the company has obtained prior consent for the handling of personal data.
- On the basis that it is necessary for the fulfillment of contract between the main constituent of the data and the Company, or if it is necessary for pre-contractual procedures between the main constituent of the data and the Company.
- On the basis that the handling of information is necessary to comply with a legal obligation to which the Company is subject.
- On the basis that it is necessary to protect the user that the data belongs to or another person's vital interests.
- On the basis that it is necessary to handle the information in the public interest or in the execution of work performed for the purpose of exercising official authority granted to the Company.
- On the basis that the handling of information is necessary for the legitimate interests pursued by the Company or a third party.
- The Company will use users’ personal information with their consent for the purposes and on the legal bases stipulated below.
- For administering the Service: fulfillment of contract
- For dealing with violations of the Terms and Conditions of Use stipulated by the Company for the Service, and the prevention of abuse: legitimate interests, legal obligations
- For the smooth provision, maintenance, and improvement of the Service, including notification, communication, and other communication features available to users on the Service: legitimate interests
- To conduct surveys etc. with users regarding the Service: legitimate interests
- To provide information and respond to inquiries about the Service: fulfillment of contract
- To notify about or provide new services related to the Service: legitimate interests
- To verify a user's identity: fulfillment of contract
- Uses incidental to the above purposes: fulfillment of contract, legitimate interests
- For the provision of affiliated services, display of advertising information and other materials tailored to users’ needs, interests, and concerns, and the analysis of advertising effectiveness: fulfillment of contract, legitimate interests
- Market analysis and marketing: legitimate interests
- For the execution of other purposes that the Company deems necessary: fulfillment of contract, legitimate interests
- For provision to partners: legitimate interests
- With the permission of the user, the Company may obtain IDs used by the user on affiliated services and other information that the user has allowed to be disclosed to affiliated partners based on the privacy settings of such affiliated services.
- If the Company handles personal data it has obtained for purposes other than those stipulated in section IV. 2, the Company will inform users of the additional purposes of use and other relevant information (such as retention periods, the rights of users, and other information stipulated in the GDPR, etc.).
V. The Acquisition of Personal Information
The Company will acquire user information in a proper manner without using deception or other wrongful means. In the event that the Company acquires user information by methods other than through the use of the Service, the Company will notify of or disclose the purpose(s) of use in advance.
VI. The Processing and Management of Personal Information
- The Company will always process personal data in accordance with the legal bases stipulated in Articles 6 and 7 of the GDPR. The Company processes personal information for specific, clear, and legitimate purposes and does not further process that personal information in a manner that is not consistent with these purposes. If the Company intends to process personal information originally collected for one purpose for the accomplishment of any other purpose, the Company will always inform users accordingly.
- In order to prevent leakage, loss, or damage of user information and to otherwise protect user information, the Company takes necessary and appropriate measures to manage the security of user information, such as restricting access to personal information files, recording access logs, and implementing security software to prevent unauthorized access.
- The Company, with the Representative Director as the User Information Administrator, will manage user information in an appropriate manner and continuously improve the management of user information.
- In the event of a breach of users’ personal information, the Company will promptly notify the appropriate supervising body.
- The Company will keep personal data and processing records for as long as necessary to adhere to the Company's legal obligations, to ensure the provision of adequate services, and to sustain the Company's business activities (Article 5 and Article 30.2 of the GDPR).
- The Company has systems and measures in place to detect data processing activities that may pose a high risk to users’ rights and freedoms (Article 35 of the GDPR). If such data processing activities are detected, the Company will evaluate them internally and then stop them or ensure that appropriate technical and systematic safeguards are in place to ensure that the processing complies with the GDPR and will continue to do so. When in doubt, the Company will also contact the relevant data protection supervisory authority for its advice and suggestions (Article 36 of the GDPR).
VII. Regarding the Shared Use of Personal Data
The Company may share users’ personal information with its affiliated partners to the extent necessary to achieve the purpose of use and provide affiliated services, subject to the appropriate systems in place as defined by the GDPR, etc. In such cases, the Company shall disclose in advance the name of the partner (including the name or names of the person(s) responsible for administration), the purpose of joint use, the type of information to be shared, and other matters in compliance with the GDPR, etc.
VIII. Regarding the Provision of Personal Information to Third Parties
- The Company will not provide users’ personal information to third parties. However, this does not apply in the below cases, but the Company will not provide the information in violation of the GDPR, etc.
- If the Company has received the consent of the user.
- If a user commits or attempts to commit an act that is detrimental to the interests of others, against public order and morals, or otherwise violates the Terms and Conditions of Service regarding the use of the Service, the Company will take the necessary measures against such actions.
- When it is necessary for the protection of a person's life, body, or property and it is difficult to obtain the consent of the user.
- When it is particularly necessary for improving public health or promoting the sound upbringing of children, and it is difficult to obtain the consent of the individual.
- When it is necessary to cooperate with a national or local government agency or a person entrusted by such an agency to carry out legally prescribed duties, and obtaining the consent of the user may interfere with the execution of such duties.
- When the business, including users’ personal information, is transferred due to a merger, corporate separation, business transfer, or other reasons.
- When all or part of the handling of personal information is outsourced, to the extent necessary to achieve the purposes specified in Article 4.
IX. Retention Period
X. Regarding Procedures for the Disclosure and Correction of Personal Information
- Users may request the disclosure of the personal information provided by the user to the Company in accordance with the procedures set forth below.
- Please contact the Company for such requests. In the case of a written application, a fee of 1,000 yen will be charged for each application.
- After confirming the identity of the user, the Company will respond to the user's request in accordance with the Personal Information Protection Law and other provisions. However, this does not apply if the request is made without a valid reason.
- Please contact the Company to make a claim.
- After confirming the identity of the user, the Company will investigate without delay and, based on the results, correct, add, suspend, or delete the personal information in accordance with the Personal Information Protection Law, etc. However, this does not apply if the Company is under no obligation to do so under the Personal Information Protection Act, etc., or if the request is made without justifiable reason, or if excessive technical work is required.
- If a user has consented to the collection and processing of their personal data, they have the right to withdraw their consent at any time. However, this does not affect the lawfulness of the processing consented to prior to withdrawal.
- Users may receive their personal data in a structured, publicly available and machine-readable format, provided the requirements stipulated by the GDPR are met, and users may transfer such data to another custodian without the Company's interference (Article 20 of the GDPR).
XI. Contact Information for Consultations Regarding the Handling of Personal Information
Contact form (https://cooljapan-videos.com/en/contact)
XII. Regarding the Collection of Cookies, etc.
The service may use a technology called "cookies" or other similar technologies. Users can disable cookies by changing the settings on their computer, but they may not be able to use all or part of the Service.
XIII. SSL Security
The Site may use SSL (Secure Sockets Layer) encryption to protect users’ personal information. SSL is an encryption technology that prevents the leakage of information exchanged between the browser and the web server. The use of SSL increases the level of security because personal information is encrypted before it is transmitted.
XIV. Web Analytics
XV. Regarding the Use of External Services
- The Site and a portion of the Service uses the YouTube API service and other services as defined in Section 2 of this article, and the Company may display advertisements on the Website as defined in Article 11 of the Site’s Terms and Conditions of Use.
・YouTube Terms of Service（https://www.youtube.com/t/terms）
・Vimeo Terms of Service（https://vimeo.com/terms）
・Facebook Terms of Service （https://www.facebook.com/legal/terms）
・Facebook Data Policy（https://www.facebook.com/about/privacy）
・Twitter Terms of Service （https://twitter.com/en/tos）
・Instagram Data Policy（https://help.instagram.com/519522125107875）