Introduction
FRANCE BED CO.,LTD. (hereinafter referred to as "Company".) shall be fully aware of its social and business obligations relating to the protection of personal information, and comply with the compliance program regarding personal information protection set out by Company in accordance with JIS Q 15001, as well as ensure and improve the security for all of Company’s operations (hereinafter referred to as "Operations" ) including all of the Internet services operated by Company (hereinafter referred to as "Services"), and endeavors for the protection of personal information. The basic policy on the protection of personal information (privacy policy) is set out as follows.
Terms and Conditions
Company shall endeavor to improve and ensure security and strive to appropriate protection of personal information through adoption of the latest security technology, construction and Operations of robust server environment, and take the most recent and all possible measures considered necessary for the maintenance of a robust management structure.
The basic principles are defined as follows;
Company shall endeavor lawful and fair collection, use, and provision of personal information and to form recognition, understanding, agreement and consensus with its users and customers of Services whose personal information is protected (hereinafter referred to as "Persons").
Company may collect personal information to the extent recognized as reasonable and lawful, and necessary for Operations with prior consent from Persons, and shall accurately, completely, safely and properly store, use or provide to the extent necessary for Operations.
Company shall ensure the security of the facilities, including the office and the data center to prevent unauthorized access, loss, damage, falsification and leakage of personal information as well as take full measures to properly handle information devices and software, and stored digital information.
Company shall comply with provisions of laws and regulations, guidelines, and guidance from government offices and relevant organizations. Company shall assign a person in charge for personal information protection, and under his instruction, endeavor to provide thorough and practical training and personal education to all employees.
In addition, Company shall make ceaseless efforts for improvement and enhancement of the personal information protection system.
If there is a claim or a request regarding personal information, such as disclosure, correction or deletion of personal information from Person, Company shall appropriately correspond the claim or the request through a designated representative or the person in charge within a reasonable period of time.
The basic principles are specified as follows;
Full efforts shall be made to maintain security for the entire hardware, software, and humanware.
Robust, safe and advanced security measures shall be taken for the entire system, including physical and systematic security measures for the office and data centers, the entry and exit management, firewall, hardware configurations, including routers, software configurations, operating systems, application systems, database systems and the operational system composed of multi-layered full-time administrators.
For user authentication via the Internet and entrance of personal information, the encryption technology of communication data, called SSL (Secure Sockets Layer) should be able to be used. By using SSL, information flowing on the communication path can be encrypted to avoid the risk of eavesdrop or falsification. If SSL is enabled on your browser, please use an SSL-enabled browser for entering information.
Passwords are stored in encrypted formats. In addition, once the entered passwords are stored using a robust security system, even the administrators cannot decipher them. Therefore, the administrators cannot answer any inquiries regarding the passwords. Therefore, the administrators never contact Persons regarding passwords.
The operators who can enter or exit the data center for storage and management of personal information shall be limited only to experienced senior administrators. The system is configured so that the administrators have to access via a certain limited root in order to maintain the server and data. A strong management system consisting of multi-layered administrators, who have different management authorities is established to directly observe access status and personal data using both the automated system, with a full-time automatic scanning program, and the visual management system with compound eyes.
However, private communications (personal communications) among individuals, such as communication using PO box e-mail service, are excluded from the visual management. Personal communications shall be carefully handled according to the "principle of self-responsibility". In addition, information stored by our users (hereinafter referred to as "Users") or our customers themselves on the server under our management is deemed as information outside the scope of this policy regardless of its contents or to be personal information (hereinafter referred to as "Information outside of our control").
Article 2. Definition of Personal Information
In this policy, personal information shall mean information identifying individuals stored on our production server for long-term or temporary use of our services by persons own volition, information linked or related to this information and information identifying individuals obtained by Company to promote Operation. Information outside of our control information shall be excluded.
The other terms used in this policy shall be defined according toTerms and Conditions for Services.
Article 3. Disclosure of Personal Information
Company shall respect will of Users when collecting and using personal information and providing it to other users. In addition, personal information collected by Company shall be limited to necessary information and only used to provide our or our partner's’ services. Personal information provided by Users shall be under the control of the users themselves and they may correct and delete information items as well as finely set whom and what to disclose according to the principles of free will and self-responsibility.
Personal information recorded on the server to be used or provided is information directly provided to Company by Users to use our services, Users’ action histories in our and our partners’ services, and information automatically collected by Company such as IP address.
In order to provide optional services or collaborate with our partner companies, Company may request to provide certain personal information within a reasonable range. In this case, Company shall collect only information necessary for providing the services after obtaining prior permission.The combination of information items and the information range to be provided to other users may be selected by the Users or selected uniformly by Company depending on the differences in individual functions and services. Change or deletion of personal information is processed by computers according to the User's’ intention.
Information items collected by Company are divided into required items and optional items.
Whether the requesting person is really the authorized person, and whether the specified range matches the person's will shall be determined through comparison of data from personal information and disclosure classification set by Person according to each administrator’s standards.
Information exceeding the specified range shall not be provided or transferred to any third parties except in cases of obtaining prior consent from Person or examples provided in the next paragraph.
In the following cases, personal information may be exceptionally provided or transferred to third parties;
* if disclosure of personal information is requested by a court, Public Prosecutor's Office, police or agencies holding applicable rights of such institutions in accordance with the procedure for the provisions of law,
* if an agent legally having right of representative submits a written request of disclosure of personal information with a power of attorney,
* if all or part of the Services are transferred to other companies,
* if disclosing as statistical or analysis information after personal information is appropriately processed for reasonable purposes such as explanation and report for third parties, including media organizations,
* if an administrator acknowledges disclosure of personal information is necessary and inevitable due to imminent danger with a great urgency to human life, a body or a property, or
* if Company recognizes disclosure of personal information is necessary to protect Company’s or a third party’s rights, property or a service, when a User breaches laws or Terms and Conditions in connection with the services provided by Company or a Company’s partner and obtaining the consent of the person is difficult.
Article 4. Use of Personal Information Related to Users of Services
Company may use Users’ personal information only for the following purposes;
* To fulfill purposes of our service features, including introductions of member profiles, sending, receiving or mediating messages, confirmation or identification of action histories.
* To verify member authentication or identification to ensure legal and proper use of Services through checking.
* For Users to confirm or change registered information and browse usage of the services, or for Company to correspond inquiries from Users.
* To improve the convenience for Users, such as personalized advertisements and contents for each User, and auxiliary functions for easier re-entering user data.
* To improve Services, review new services or to create analysis documents in which personal information is used in a way of individuals cannot be identified, such as effect references and statistic references for sponsors.
* To conduct social or market research or user surveys to improve Services.
* To directly communicate with Persons for operational reasons of Services, such as notification of the services and charge of usage fee and to prevent use in a way of violating the Terms of Conditions and use with illegal or unjustifiable purposes.
* To select applicants for promotional projects for the services such as prizes or campaigns and to notify winners.
Article 5. Registration, Deletion and Change of Personal Information
In principle, registration, deletion and change of User's’ personal information shall be performed by Users themselves. For a justifiable reason, if a user cannot perform registration, deletion and change the personal information, Company can perform on behalf of the person according a request through a designated contact, within a reasonable period of time.
All of the personal information related to the withdrawal users shall be deleted after their withdrawal as soon as possible. However, in case an administrator determines there is a risk of conflict with laws and regulations of the public policy or Terms and Conditions herein, he may decide to hold the deletion of the personal information of the user for a reasonable period of time. In addition, the provision in this paragraph will also be applied to the 3rd and 4th paragraphs of this section. All or part of the personal information that the user specified or requests to delete or change, Company shall delete or change as soon as possible according to the request. Deletion or change of personal information related to Operation, Company shall handle according to the inquiry or request of the person as soon as possible within a reasonable and legitimate time.
Users, in principle, may check, change or delete registered information at any time online. For viewing or changing the registered information, please click here. For an inquiry or a request, please click here.
Article 6. Storage and Management of Personal Information
Personal information shall be securely stored and managed. In addition, personal information shall be properly and carefully handled according to this policy and Terms and Conditions in a way of respecting Persons’ will.
Personal information related to Users may be entrusted only with prior clarification of the purpose and agreement.
Prior to the registration of personal information, the principle of self-responsibility shall be reminded and purpose and precautions of the registration shall be expressly provided. The registration shall be accepted only if the person agrees and in principle, the only necessary information shall be entrusted. In the case where excessive personal information is registered, all or a part of the services may not be provided.
For Services, IP address and type of browser are collected. The same information is used for the management and creating references for the services. The administrators of personal information shall be skillful operators selected through rigorous examination. Practical training and ethical education of the administrators shall be conducted on a regular or irregular basis. In addition, the administrators of personal information shall endeavor to listen to outside opinions, cultivate their mindset as persons who handle personal information, improve their quality and learn the latest technology.
Article 7. Maintaining Security and Use of Cookies
Cookies may be used in Services for security and specifications related reasons.
Article 8. Scope of This Policy
This policy shall be applied only to Services and Operations, and shall not apply to individuals or companies beyond our direct management, or holders of information of our direct management rights. This policy constitutes a part of Terms and Conditions of our services.
In Services, there are some links to other sites or services, this policy shall not refer to handling of personal information on other sites and no responsibility will arise from it. By the "principle of self-responsibility", we recommend to read and understand the privacy policy on each linked site beforehand to determine use of their services.
In the services integrally provided by our partners, or services to provide with the help of our partners, personal information may be directly provided to the extent necessary for the services.
In these cases, Company shall obtain prior consent of Persons to provide personal information to their partners, and shall obligate the partners to use such personal information to the extent necessary for the services according to the privacy policy set by them after obtaining consent of Persons. In addition, when Company enters contracts for alliances with partners, strict confidentiality provisions shall be set out.
Article 9. Revision of Privacy Policy
Revision of this privacy policy shall be performed according to the procedures prescribed in Terms of Conditions.