Privacy Policy

　The Group may occasionally browse, confirm, analyze, use, or disclose information pertaining to private communications using the Services (“Confidential Communication Information”) to third parties in accordance with the following rules.

• (1)Nature of Information Acquired

  　Data generated while using the Services, including spoken statements, automatic transcriptions of such statements, video images, etc., of the Services.

• (2)Primary Acquirer and User

  　The Group shall acquire and use Confidential Communication Information primarily; provided, however, that the Group may provide its contractors with Confidential Communication Information to the extent necessary for achieving the purposes of use outlined below.

• (3)Purposes and Manner of Use

  　The purposes and manner of use of Confidential Communication Information are as follows:

  • 1.Cases in which the use of Confidential Communication Information is necessary to protect the life, health, or property, etc. of a User or another person;
  • 2.Cases in which disclosure is requested under laws and regulations or any other cases in which disclosure is permitted under laws and regulations;
  • 3.Cases in which a User breaches the Terms of Service or in which it is necessary to confirm whether a User has breached the Terms of Service;
  • 4.Cases in which it confirms whether the communication technology environment that is used by Users conform to the applicable utilization conditions;
  • 5.Cases in which there is a need to operate the Services or to conduct an investigation or analysis, etc. for improvement of the Services (including, but not limited to, automatic transcription of call content, conversation analysis by AI and operational efficiency evaluation); and
  • 6.Cases in which use is within the scope of the Master T&Cs, Individual T&Cs, Explanatory Materials, or a confidentiality agreement, an agreement on the protection of Personal Information, or any other agreements separately executed between the Group and a User in relation to the Services.
• (4)Term of Use

  　The term of use shall be the period necessary to achieve the foregoing purposes of use.

• (5)Point of Contact

  　The point of contact is set forth at the end of this Privacy Policy.

• (6)Method for Revoking Consent etc.

  　In order to revoke your consent to the use of Confidential Communication Information, please contact the point of contact set forth at the end of this Privacy Policy. Please note that the Group sometimes cannot allow consent to be revoked if the use of Confidential Communication Information is indispensable for providing the Services. Please note that the Group may no longer be able to provide the Services to a User that has revoked consent.

　In principle, the Group will not provide Personal Information to third parties unless the consent of Users Et Al. is obtained; provided, however, that the Group may provide Personal Information without the consent of Users Et Al. in the following cases:

• (1)Cases in accordance with laws and regulations;
• (2)Cases in which the provision of Personal Information is necessary to protect human life, health, or property and obtaining the relevant individual’s consent is not possible;
• (3)Cases in which there is a special need to enhance public health or promote the fostering of healthy children and obtaining the relevant individual’s consent is not possible;
• (4)Cases in which it is necessary to cooperate with a governmental organization, a local government, or a person entrusted thereby to handle matters prescribed by laws and regulations and obtaining the relevant individual’s consent would interfere with the handling of such matters; and
• (5)Cases in which the third party is an academic institution, etc. and the third party will handle the relevant Personal Information for academic study purposes (including cases in which a purpose of handling such Personal Information is an academic study but excluding cases in which such handling may unjustifiably infringe upon the rights and interests of an individual).

　The following cases do not constitute third-party provision as described above:

• 　(i)Cases in which all or part of the handling of Personal Information is entrusted within the scope necessary to achieve a purpose of use;
• 　(ii)Cases in which Personal Information is provided pursuant to business succession following a merger or other reasons; and
• 　(iii)Cases in which Personal Information is jointly used under the provisions of the Personal Information Protection Act.

　Due to the Group Companies’ entrustment of part of their businesses to the Company, there may be cases in which a Group Company shares information acquired from Users with the Company within the scope necessary to operate and provide the Services and within the scope of the purpose of use.

　In some cases, the Company will entrust the handling of Personal Information to a contractor located in a foreign country for its business operations. In addition to the provision of this paragraph, the Company may provide Personal Information to any third parties located in foreign countries in accordance with the provisions of the Personal Information Protection Act.

　The outline of such handling procedures of Personal Information of the Company in foreign countries is as follows.

[Personal Information Handled by the Company (RevComm Inc.)]

　Notwithstanding the following, the data stored automatically during the use of MiiTel by Users who entered into contracts with the Company regarding such use in Japan is maintained in a server in Japan.

• (1)Countries in which Foreign Contractors are located
  Please refer to “Handling of Personal Information in Countries Outside Japan”
• (2)Details of the Personal Information Protection Legislation of the Countries Covered by (1)
  Please refer to “Handling of Personal Information in Countries Outside Japan”
• (3)Personal Information Protection Systems of Contractors
  The Company has executed agreements with Contractors obliging them to take action for the protection of Personal Information. These actions include those corresponding to the OECD’s Eight Principles.

　The Group may occasionally entrust the handling of Personal Information to its contractors for business operations.
　In such event, the Group will stringently select contractors that have established a control system that properly protects Personal Information and ensure that they control Personal Information properly by executing an agreement that establishes a system to prevent the leakage of Personal Information of Users Et Al. through proper management and confidentiality of Personal Information.

　The Group will not take any responsibility for the acquisition of Personal Information by third parties in the following cases:

• (1)Cases in which a User reveals Personal Information to a third party using the Services or otherwise;
• (2)Cases in which a User is identified by a third party due to information posted by Users Et Al. in relation to the use of the Services;
• (3)Cases in which Personal Information is provided by Users Et Al. via an external site linked from the Services, which then is utilized;
• (4)Cases in which a third party has obtained information that can identify an individual User (ID and password, etc.) without provision by the Group; and
• (5)Cases in which there are no reasons attributable to the Group.

　The Group will sometimes create statistical data that is processed so as to be unable to identify an individual based on the Personal Information provided. The Group may unrestrictedly use statistical data that cannot identify an individual.

　Browsing histories and characteristics information are history actions taken or attribute information that will not identify an individual of Users Et Al., such as services used, browsed pages, IP address, or cookie information, not including information that identifies an individual (Personal Information).

　The Group uses browsing history and characteristics information for the purposes of protecting the privacy of Users Et Al., improving convenience, distributing advertising, and acquiring statistical data.

　The Group uses cookies for such purposes. In addition, the Group sometimes acquires attribute information (limited to one that cannot identify an individual even by combining) that cannot identify an individual, such as age, sex, occupation, or residential area, provided upon member registration, etc., or user action history on the site (URLs accessed, content, and reference order, etc.) by using technology such as cookies or JavaScript; provided, however, that no Personal Information is gathered by cookies or attribute information and action history. You may choose not to allow cookies via your browser settings. If you choose not to allow cookies, some functions of the Services may be restricted.

[Acquisition of Information by Using Third-Party Services]

　For details of the information which the Group acquires by using third-party services, please refer to the “Acquisition of Information by Using Third-Party Services” section.

　The Group properly responds to requests of Users Et Al. for disclosure (including disclosure of third-party provision records; the same shall apply hereinafter), notice of purposes of use, correction, addition to, deletion, suspension of use, erasure, and suspension of provision to a third party of Personal Information in the possession of the Group (“User Request”) in accordance with the Personal Information Protection Act (or if laws regarding the handling of personal information outside of Japan is applicable, such laws and regulations).

　There may be cases where the Group will not accept the following User Requests:

• (1)Disclosure of Personal Information
  • 1.Cases in which disclosure is likely to harm the life, health, property, or other rights and interests of Data Subjects or a third party;
  • 2.Cases in which disclosure is likely to significantly interfere with the proper operation of the Services;
  • 3.Cases in which disclosure would violate other laws and regulations; or
  • 4.Any other cases which fall under a reason for exception of laws and regulations.
• (2)Suspension of Use, Erasure, or Provision of Personal Information to Third Parties
  • 1.Cases in which great expense would be incurred thereby or in which taking such actions is difficult and substitute actions to protect the rights and interests of Users Et Al. have been taken; or
  • 2.Any other cases which fall under a reason for exception of laws and regulations.
• (3)Correction of, Addition to, or Deletion of Personal Information
  • 1.Cases in which laws and regulations other than the Personal Information Protection Act specify special procedures; or
  • 2.Any other cases which fall under a reason for exception of laws and regulations.

  　Please refer to the point of contact below to submit a User Request.

  [If the Personal Information Protection Act is applicable:]

  　Upon receiving a User Request under the Personal Information Protection Act, the Group will verify the identity of the User with specified materials (driver’s license, Individual Number card, etc.).

  　In addition, upon receiving a User Request by a representative, the Group will verify the authority with the following materials.

  ●For legal representative:
  　Documents confirming that he/she has the legal authority to represent the individual in question (family register, a copy of a health insurance card in which dependents are indicated), documents verifying the identity of the legal representative (a copy of a document indicating the name and current address of the representative, such as a driver’s license, passport, or health insurance card)
  ●For a privately appointed agent:
  　Power of attorney (Personal Information disclosure request form attachment), certificate of the principal’s seal (issued within three (3) months of the User Request), documents verifying the identity of the privately appointed agent a copy of a document indicating the name and current address of the agent, such as a driver’s license, passport, or health insurance card)



• 13.Restriction on the Acquisition of Special-Care-Required Personal Information

  　Except where permitted by laws and regulations or as provided directly by Users Et Al., the Group will not acquire the following Personal Information, which is specified as special-care-required personal information (Article 2, Paragraph 3 of the Personal Information Protection Act), without the prior consent of the relevant Users; provided, however, that this provision shall not apply where such information is provided by Users Et Al:

  • (1)Race;
  • (2)Creed;
  • (3)Social status;
  • (4)Medical history;
  • (5)Criminal record;
  • (6)The fact that the User has suffered damage from a crime; and/or
  • (7)Personal Information prescribed by the Order for the Enforcement of the Personal Information Protection Act as requiring special care in handling so as not to cause unfair discrimination, prejudice, or other disadvantages to the relevant individual.


• 14.Management of Personal Information (Security Control Actions)

  　The Group strives to implement security measures to prevent the leakage, loss, misuse, and alteration, etc. of Personal Information placed under its control and takes the necessary and appropriate security actions. The Group retains Personal Information in a safe environment inaccessible by general Users Et Al.
  　In order to ensure that security actions are properly taken, the Group has acquired an information security management system authentication and a privacy mark certificate in Japan and regularly reviews the management system.

  　An outline of the security actions taken by the Group is as follows:

  • (1)Formulation of the Basic Policy and Policies for the Handling of Personal Information
    

    To ensure the proper handling of Personal Information, the Group has created a Personal Information Protection Policy and this Privacy Policy in order to comply with laws and regulations pertaining to the protection of Personal Information, contact point for inquires and complaint handling and the like.
    In addition, the Group has created internal rules for the handling of Personal Information, including handling methods and responsible persons/persons in charge and their duties, etc., at each stage of acquisition, utilization, retention, provision, and deletion/disposal, etc.

  • (2)Organizational Security Controls
    

    The Group has appointed a manager to handle Personal Information and identified the Group’s employees engaged in the handling of Personal Information and the scope of Personal Information handled by such employees. The Group has also developed a reporting system in the event that a violation of the Personal Information Protection Act or a breach of the Group’s internal rules is discovered.
    The Group regularly conducts audits of its handling of Personal Information and periodically requests audits by other departments and outside auditors.

  • (3)Human Security Controls
    

    The Group provides employees with regular training with respect to the handling of Personal Information. It also sets forth the confidentiality of Personal Information in the Rules of Employment, etc.

  • (4)Physical Security Controls
    

    The Group monitors the entry and exit of employees, restricts equipment, etc. brought into areas where Personal Information is handled, and prevents unauthorized persons from browsing Personal Information. The Group takes actions to prevent the theft or loss, etc. of equipment holding Personal Information, electronic media, and documents, etc. and implements measures to avoid Personal Information from being easily found when carrying such equipment or electronic media, etc., including move within an office.

  • (5)Technical Security Controls
    

    The Group limits access to Personal Information to specific employees and has introduced a mechanism to protect its information system from external unauthorized access or illicit software.

  • (6)Understanding of External Systems
    

    The Group entrusts cloud service providers and the like with the management of information, including some Personal Information, which is stored and managed by such service providers in the countries indicated in “6. Handling of Personal Information in Foreign Countries.” The Group puts security controls in place based on the information provided by the Personal Information Protection Commission in Japan after researching the Personal Information protection systems of each country.

  Please see the point of contact indicated below for the details of the security controls put in place by the Group.



• 15.Optional Provision of Personal Information

  　The provision of Personal Information to the Group is at the relevant individual’s discretion. However, please note that you may not be able to register as a member or User or use the Services or systems if you do not provide the necessary information,



• 16.Amendment to the Personal Information Protection Policy and the Privacy Policy

  　The Company may amend the Personal Information Protection Policy and Privacy Policy at its discretion to the extent that such amendment does not violate any laws or regulations.



• 17.Handling of Links Posted on the Group’s Websites

  　This Privacy Policy does not apply to any third-party websites (websites which are not managed by the Group) linked from the Group’s websites.
  For details of the handling of Personal Information within such third-party websites, please refer to the privacy policies, etc. on such websites.



• 18.Point of Contact

  　The Group’s point of contact for complaints, requests, and disclosures, etc. relating to Personal Information is as follows.

  [RevComm, Inc./Personal Information Complaints and Consultation Counter]

  To: RevComm, Inc.

  Personal Information Protection Supervisor
  Compliance Manager

  Address: HULIC Shibuya 1-chome Building 7F, 1-3-9 Shibuya, Shibuya-ku Tokyo, 150-0002 Japan
  Email address: privacy@revcomm.co.jp

  [Name of authorized personal information protection organization and point of contact for complaint resolution]

  Name of authorized personal information protection organization: Japan Information Processing and Development Center
  Point of contact for complaint resolution: Personal Information Protection Complaints and Consultation Office

  Address: Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo, 106-0032 Japan
  TEL: +81-(0)3-5860-7565 / 0120-700-779 (Only available from Japan）

Enacted: October 1, 2018
Revised: October 3, 2019
Revised: January 5, 2022
Revised: April 1, 2022
Revised: February 1, 2023
Revised: February 1, 2024
Revised: April 1, 2024