YUKI GOSEI KOGYO CO., LTD. (“YGK,” “we,” or “our” as applicable) and Yuki Techno Service Co., Ltd. (collectively, our “Group”) recognize that privacy is important and should be respected. Our Group takes the utmost care in handling personal information in our business operations and has established this privacy policy (“Policy”).

Company Name, Address, and Name of Representative

YUKI GOSEI KOGYO CO., LTD.（Click here: Company Information, Offices）
Yuki Techno Service Co., Ltd.（Click here: Company Information）

Compliance with Relevant Laws, Regulations, and Guidelines

Our Group shall comply with the Act on the Protection of Personal Information (Act. No. 57 of 2003; the “APPI”), cabinet orders and commission rules regarding the APPI (collectively, “Personal Information Protection Laws”), guidelines regarding the APPI (the guidelines of General Rules, Pseudonymized Personal Information and Anonymized Personal Information, Confirmation and Record-keeping Obligations for Transfer to Third Parties, Transfer to Third Parties in Foreign Countries, Accredited Personal Information Protection Organizations, etc.), and other applicable laws, regulations, and guidelines related to our Group’s business. We shall handle personal information as follows.

Unless otherwise defined, this Policy uses the terminology set forth in the Personal Information Protection Laws.

Scope

This Policy applies to all of our Group’s handling of personal information and personal-related information and to all of its products and services; provided, however, that if the handling of personal information is separately stipulated in individual policies or agreements, such policies or agreements shall prevail over this Policy.

Collection and Use of Personal Information

Our Group collects personal information by lawful and proper means after publishing (including through this Policy) or providing notice of the purpose of its use. In addition, when collecting personal information directly from an individual subject in writing or by electromagnetic means, our Group will clearly state the purpose of use in advance before collection.

When collecting sensitive personal information, our Group will obtain the prior consent of the subject in advance, except when otherwise permitted by laws and regulations.

Our Group will not use personal information beyond the scope necessary to achieve the purpose of use without the consent of the individual subject or as otherwise permitted by Personal Information Protection Laws. In addition, our Group will not use personal information in an improper manner.

Purposes of Use

（1）Personal information of participants in exhibitions, seminars, academic conferences, and other events, as well as those who cooperate with questionnaires and other surveys:

• a. To carry out the purposes specified at the time of implementation of such questionnaires and surveys;
• b. To plan and develop our Group’s products and services, or to consider measures to improve customer satisfaction;
• c. To provide information on exhibitions, seminars, academic conferences, and other events related to our Group’s products and services;
• d. Quality control and intellectual property management of our Group; or
• e. To provide information, advertisements, promotions, etc., to customers and business partners regarding our Group’s products and services, and to contact customers and business partners for meetings, consultations, business negotiations, and other business matters.

（2）Personal information of visitors to our facilities or plants for the purpose of touring our plants, conducting business with our Group and other business matters:

• a. To confirm visitors;
• b. To implement smooth factory tours; or
• c. To respond to inquiries and other requests.

（3）Personal information provided by customers and business partners (including public institutions):

• a. To conduct transactions with our Group and provide related services such as storage and transportation;
• b. Quality control and intellectual property management of our Group;
• c. To provide information, advertisements, promotions, etc., to customers and business partners regarding our Group’s products and services, and to contact customers and business partners for meetings, consultations, business negotiations, and other business matters; or
• d. To provide information on exhibitions, seminars, academic conferences, and other events related to our Group’s products and services.

（4）Personal information provided through the inquiry form on our Group’s website:

• a. To conduct transactions with our Group and provide related services such as storage and transportation;
• b. Quality control and intellectual property management of our Group; or
• c. To provide information, advertisements, promotions, etc., to customers and business partners regarding our Group’s products and services, and to contact customers and business partners for meetings, consultations, business negotiations, and other business matters.

（5）Personal information collected in connection with our Group’s recruitment and employment:

• a. To send documents to applicants or candidates (“Applicants”) for the purpose of employment selection, and to contact Applicants for scheduling interviews and other communications;
• b. To Evaluate Applicants’ skills, qualifications, suitability for the job, and to conduct other recruitment and selection activities;
• c. Management of Applicants and prospective employees;
• d. Employment management (including investigation and improvement of working conditions such as salary and social benefits, access control to our facilities, various procedures at the time of hiring and retirement, and various procedures after retirement);
• e. To plan and implement our Group’s human resources policies; or
• f. Any other actions necessary in connection with recruitment or employment.

（6）Personal Information on shareholders:

• a. To exercise rights and to perform obligations under applicable laws and regulations;
• b. Shareholder management (including keeping records in accordance with applicable laws and regulations);
• c. To send notices and other information about shareholders; or
• d. To respond to inquiries and other requests.

（7）Other personal information provided to us through our Group’s business:

• a. Actions necessary for the smooth performance and business management of our Group, improvement of our Group’s products and services, and other business management of our Group;
• b. Quality control and intellectual property management of our Group;
• c. To provide information on exhibitions, seminars, academic conferences, and other events related to our Group’s products and services; or
• d. To provide information, advertisements, promotions, etc., to customers and business partners regarding our Group’s products and services, and to contact customers and business partners for meetings, consultations, business negotiations, and other business matters.

Security Control of Personal Data

We take organizational, personnel, physical, and technical security control measures to prevent leakage, loss, or damage of personal data and to otherwise manage personal data. The details of the security control measures taken by YGK are as follows:

Outline of Security Control Measures Taken by Our Group

1 Establishment of Basic Policy

To ensure the proper handling of personal data, we have established the “YGK Action Guidelines for the Protection of Personal Information” and the “YGK Basic Policy for the Handling of Specific Personal Information.”

2 Development of Rules for Handling Personal Data

For the proper handling and protection of personal data, we have established internal rules such as the “Rules for Personal Information Protection” and the “Rules for Handling Specific Personal Information,” which stipulate handling methods, persons in charge, and their duties.

3 Organizational Security Control Measures

We have established the personal information protection administrator as the chief manager for the protection of personal information and the personal information protection manager as the person in charge. In addition, the Board of Directors defines the authority and responsibility for the protection of personal information, clarifies the employees who handle personal data and the scope of personal data handled by such employees, and establishes a system for reporting to the personal information protection administrator in the event of facts or signs of violations of laws or internal rules.

We also implement regular inspections of the status of personal data handling in daily operations, and systematically conduct internal audits based on the internal audit plan.

4 Personnel Security Control Measures

The personal information protection administrator informs the officers and employees of the relevant departments of the internal rules concerning personal information and the information systems handling such personal information and clarifies the roles and responsibilities of the officers and employees.

We require our employees submit a “Confidentiality Pledge” upon employment and retirement and have established the employment regulations and “Rules for Personal Information Protection,” which stipulate the handling of confidential information including personal information and the penalties for violations.

5 Physical Security Control Measures

We have established the “Rules for Personal Information Protection” and the “Information Security Guidelines” and implemented measures to prevent access to personal data by persons not authorized to handle personal data, including supervision of employees.

We have taken measures to prevent theft or loss of equipment, electronic media, and documents that handle personal data, and implemented measures to prevent personal data from being easily discovered when such equipment, electronic media, documents are carried around, including within our facilities.

6 Technical Security Control Measures

We have implemented access control including password assignments to limit the scope of persons in charge and the personal information database handled by such persons.

7 Understanding the External Environment

We have identified the foreign countries in which personal data is handled and the countries where the servers are located to the furthest extent possible, and implemented proper security control measures by understanding the regulations for the protection of personal data in these foreign countries. We will respond without undue delay to customer requests for an overview of the implementation of such security control measures regarding the external environment, in accordance with applicable laws and regulations.

Provision of Personal Data to Third Parties

Our Group will not provide personal data to third parties without the consent of the individual subject, except as permitted by Personal Information Protection Laws; provided, however, that the following cases do not constitute provision to third parties:

（1）When providing the information in connection with outsourcing;
（2）When providing the information in connection with business succession, etc.; or
（3）When jointly used.

Provision of Personal Data to Third Parties in Foreign Countries

When providing personal data to a third party in a foreign country, our Group will take necessary measures, such as obtaining consent, in accordance with applicable laws and regulations.

Outsourcing the Handling of Personal Data

When we outsource the handling of personal data to a subcontractor such as a business partner within the scope of the purposes of use specified in “Purposes of Use” above, we will select an appropriate subcontractor, sign a contract regarding the outsourced operations, and conduct proper supervision such as monitoring the handling of personal data at the subcontractor.

Disclosure of Personal Information

When our Group receives a request from an individual subject (or their representative), regarding the retained personal data that identifies the subject, for notification of the purpose of use, disclosure, modification, addition or deletion of the content, suspension of the use or deletion, suspension of the provision to any third party, or disclosure of records of the provision to any third party (“Request for Disclosure”), our Group will respond to such Request for Disclosure in accordance with the procedures of our Group. For specific information on how to make such a request, please contact us using the inquiry form provided in this Policy. Please note the following:

（1）To prevent leakage of personal information, we will verify the identity of the subject when our Group receives a Request for Disclosure. If we are unable to confirm the identity, we may not be able to respond to the request.
（2）Requests for Disclosure must be made in accordance with the procedures of our Group.
（3）If we are unable to respond to a Request for Disclosure, we will explain the reason in accordance with laws and regulations.
（4）A fee of 1,000 yen (excluding tax) per Request for Disclosure will be charged for each request including notification of the purpose of use of retained personal data, disclosure of retained personal data, or disclosure of records of the provision to any third party.

Use of Cookies and Google Analytics

Cookie technology enables the exchange of information between a website and a site user’s computer, thereby making it possible to obtain a record of the site user’s visits and to change the display of the website for each site user. Our Group’s website uses cookies to understand how the website is used (e.g., number of visits), but we do not use cookies to collect personal information (including the collection of cookie information using Google Analytics, as described below).

Our Group also uses Google Analytics to monitor the use of the aforementioned websites. Google Analytics uses cookies to collect information about users. Please refer to the Google website for an explanation of the Google Analytics’ Terms of Service (https://marketingplatform.google.com/about/analytics/terms/us/ ) and its Privacy Policy (https://policies.google.com/privacy?hl=en-US ). Our Group shall not be liable for any damages resulting from the use of Google Analytics’ services.

Our Group may also place advertisements, including banner advertisements on websites other than our Group’s website, in which case they are subject to the cookie rules of the websites on which the advertisements are placed. You can change your browser settings to disable the acceptance of cookies or delete stored cookies.

Personal Information to be Provided

You may voluntarily choose whether to provide personal information to our Group. However, if you do not provide our Group with the necessary information, we may not be able to provide you with the products and services we intend to offer. In addition, if you set your browser not to accept cookies, depending on the content of the service, some functions may be limited or you may not be able to use the service.

Changes and Amendments to the Privacy Policy

Our Group reviews and strives to improve this Policy from time to time and may amend it at any time. Any amendments to this Policy will be posted on this website and will be effective from the time they are posted.

Inquiry Form

If you have any questions, comments, or complaints regarding our Group’s handling of personal information, please contact us using the inquiry form（Click here: inquiry form）.

YUKI GOSEI KOGYO CO., LTD.
3-10-4 Nihonbashi Ningyocho, Chuo-ku, Tokyo

*Personal information provided in the inquiry form will be used only for the purpose of responding to your inquiry.

If you do not receive a reply within 5 business days after submitting your inquiry form, it is possible that your inquiry has not reached us due to a server error or other reason. In that case, please contact us again.