Privacy Policy

■Personal Information Protection Policy

■Regarding the use of cookie-based tools on websites operated or managed by the Company

■Personal Information Protection Policy
 [Revised on September 11, 2023]

To comply with the Act on the Protection of Personal Information (Act No. 57 of May 30, 2003; hereinafter referred to as "the Personal Information Protection Law") and related laws (including guidelines), D.A.Consortium Inc. (hereinafter referred to as "the Company") has formulated basic policies for personal information protection (hereinafter referred to as "the Privacy Policy") and has devised measures for the adequate protection and management of personal information.

1. Name, address, and representative of the Company

D.A.Consortium Inc.
4-20-3 Ebisu
Shibuya-ku, Tokyo 150-6033
President, CEO & CCO: Yuzo Tanaka

2. Scope of application

This policy shall be applied to personal information handled by the Company.

3. Acquisition and use of acquired personal information

When acquiring personal information, the Company shall clearly specify the purpose of use in advance and shall acquire such information from individuals by appropriate and lawful means. The Company shall use personal information to the extent of achieving the initially intended purpose. If the purpose of use changes, the Company shall notify of disclose this, or obtain prior consent from individuals who provide the Company with their personal information.

4.Types of acquired personal information, method of acquisition, and purpose of use

Types of acquired personal information, method of acquisition, and purpose of use are as follows: See "Data Policy for Online Advertising" for handling of Internet user data utilized in ad and other services operated by the Company and its subsidiaries.

1. The Company shall acquire the following types of personal information:
(1) Name, address, and contact details (telephone number, email address)
(2) Occupation, name of company or affiliated organization, and age
(3) Login information (ID, password) and other information necessary for the Company to provide its services
(4) Personal information obtained from transaction parties for outsourced operations
(5) Other information acquired for the purpose of use

2. The Company shall acquire personal information primarily through the following ways:
(1) Through Company-prescribed input forms used to introduce or deliver a service, to conduct a survey, or to submit an inquiry
(2) Through the stock transfer agency of the Company
(3) Provided by applicants during recruitment activities or by the employment agency that supports the Company with recruitment activities, or by the employees after being employed
(4) Provided by transaction parties for outsourced operations

3. The Company shall use personal information for the following purposes:
(1) Personal information provided by customers and transaction parties shall be used:
- To provide services, to contact customers, to implement agreements or contracts, to manage other administrative matters, to improve and enhance the services the Company provides
- To introduce services, to provide information of events, seminars, and other matters
- To verify the customer, for personal authentication
(2) Personal information provided by customers related to inquiries and other shall be used:
- To accurately access the nature of the inquiry, provide a response to the inquiry, to send requested reference materials, etc.
- To improve customer service
(3) Personal information provided by shareholders shall be used:
- To prepare a registry of shareholders and manage other shareholder matters in accordance with the Companies Act and related laws.
- To provide shareholders with information, materials, and other services.
(4) Personal information provided by management executives, employees, temporary employees, and others shall be used:
- To manage personnel and labor management matters and to provide welfare services.
- To prepare documents in accordance with the Companies Act and other laws and regulations
(5) Personal information provided by recruitment applicants (including internships) shall be used:
- To provide applicants with information regarding interviews, interview results, and other matters
(6) Personal information provided by transaction parties for outsourced operations shall be used:
- To execute contracted work to conduct surveys, analyses, and other duties related to campaigns, events, study sessions, seminars, ad deliveries, and marketing.

5.Provision of personal information to third parties

The Company shall not provide personal information to a third party in principle unless otherwise specified as follows:

(1) With prior consent of the individual concerned
(2) When required by laws and regulations
(3) When necessary for the protection of a person’s life, body, or property and when it is difficult to obtain consent of the individual concerned
(4) When specifically necessary for the improvement of public health or for the sound growth of children and when it is difficult to obtain the consent of the individual concerned
(5) When necessary to cooperate with a national or local government organization, or a business operator entrusted by such an organization to execute affairs prescribed by laws and regulations and in which obtaining the consent of the individual concerned would likely impede the execution of such affairs.

6. Security control measures

The Company shall put into place security control measures that are necessary and appropriate to prevent the leakage, loss, damage or other of personal data. In addition, the Company will provide necessary and appropriate supervision of employees and contracted parties (including subcontractors and others) who handle personal data.

1. Formulation of a basic policy
To ensure the appropriate handling of personal data, we shall strictly abide by the Personal Information Protection Law and related laws (including guidelines) and have formulated this policy (hereinafter, this Policy) to designate the handling party for complaints and other matters.

2. Adherence to strict protocols in the handling of personal data
The methods, persons responsible, persons in charge, and the duties related to the handling personal data are formulated in the Personal Information Handling Rules.

3. Organizational security control measures
(1) In addition to assigning an administrative manager in charge of handling personal data, the Company has clearly defined the scope of personal data that employees and other relevant workers may handle. In the event of a violation or suspected violation of the Personal Information Protection Law and Personal Information Protection Regulations, the Company has put in place a reporting system to the administrative manager.
(2) In addition to assigning the division manager to conduct necessary and appropriate audits regarding the handling status of personal data, the Company implements audits by other divisions or external parties.
(3) The organization has acquired certification that it complies with international standard ISO/IEC 27001:2013 (JIS q 27001:2014), which outlines the requirements to build an ISMS (information security management system).

4. Human security control measures
(1) The Company holds regular seminars for employees regarding the handling of personal data.
(2) The Company obtains written oaths regarding the confidentiality of personal data.

5. Physical security control measures
(1) In addition to monitoring when employees enter and exit the office and placing restrictions on what equipment they are permitted to use, we have put in place measures to prevent browsing of personal data by unauthorized people.
(2) We have taken measures to prevent the theft or loss of equipment, digital media, documents, and other items that contain personal data.

6. Technological security control measures
(1) We restrict access to personal information as well as the scope of information contained in the personal information database and other.
(2) We have implemented mechanisms to protect our personal data information system against unauthorized access and unauthorized software from outside parties.

7. Understanding the external environment
We implement security control measures with an understanding of the personal information protection systems in the overseas countries where the personal data is stored.

Currently, for the above-stated purposes, the Company stores acquired personal data overseas utilizing cloud services provided by outside third parties. The company names, service names, countries where the personal data is stored, personal information protection systems and the personal information protection measures of these cloud service providers are as follows.

1.Box, Inc./Box
(1) Country
 Headquarters location: United States of America (California)
(2) Personal information protection systems
 Survey of systems and other related to the protection of personal information overseas (link to the Personal Information Protection Commission website Japanese only).
(3) Personal information protection measures being taken by the relevant third party
 Box, Inc. has acquired APEC-CBRP and PRP certification.
(4) Country location of server where personal data is stored:
 United States of America (Nevada)

2.Google LLC/Google Workspace
(1) Country
 Headquarters location: United States of America (California)
(2) Personal information protection systems
 Because the country where the data is stored cannot specified, the personal information protection systems being used cannot be detailed.
(3) Personal information protection measures being taken by the relevant third party
 Google Workspace has been audited by SOC1™, SOC2™, and SOC3™, and has received ISO/IEC 27001, 27017 and 27018 certifications.
(4) Country location of server where personal data is stored:
 Unspecified. As a system failure countermeasure, Google Workspace stores data in a decentralized manner in numerous countries around the world.

7. Use of personal information for online advertising

1. Personal information acquired by the Company may be used for the purpose of delivering advertising using the Internet. In addition, personal data may be provided to third parties to the extent necessary to achieve the stated purpose.

2. Regarding third parties located in foreign countries to whom information is provided
Personal data that is acquired for the above-stated purposes may be stored overseas utilizing cloud services provided by outside third parties or may be provided to overseas business operators.

Regarding personal data that is currently being stored or will be stored, the company names, service names, countries where the companies are located, personal information protection systems, and personal information protection measures being taken by the relevant third parties are as follows.

LiveRamp Japan K. K. / LiveRamp
(1)Headquarters location:
 WeWork, KDX Toranomon 1-Chome Building, 11th floor, 1-10-5 Toranomon, Minato-ku, Tokyo
(2)Personal information protection systems
 Survey of systems and other related to the protection of personal information overseas
 (link to the Personal Information Protection Commission website Japanese only).
(3)Personal information protection measures being taken by the relevant third party
 Measures being taken regarding the handling of personal data are at the same level as those required of business operators handling personal information in Japan.
 For details, please refer to the following: https://liveramp.com/data-ethics-and-privacy/
(4)Country location of server where personal data is stored:
 United States of America

There may be cases where personal data will be stored or provided to overseas entities or services other than those indicated above. However, these cases are still undecided and the foreign countries to which personal data will be transferred cannot be specified. Additional information related to this will be added to this page when it becomes available.

8.Management of personal information

In accordance with the purpose of use, we strive to ensure that the personal information we own is accurate and up to date. The personal information will be stored for no longer than is necessary and afterwards, will be deleted or discarded in a secure manner.

9.Management of outsourcing partners

When outsourcing all or part of the handling of personal information, the Company shall carefully select an appropriate outsourcing partner and shall implement the required and appropriate supervision of the outsourcing partner by entering into a confidentiality agreement with the partner under the Privacy Policy.

10.Disclosure / revision of personal information

If an individual files a request for disclosure, correction or revision of content, addition, omission, termination of usage, deletion, or termination of provision to third parties regarding personal information, the Company shall respond without delay as required under in-house rules after confirming the identity of the individual in question.

11.Handling of leakage and other such incidents

In the event of leakage of personal information or other incident, the Company shall notify the relevant individuals of the leakage or other such incident without delay and shall publicize the incident and the corrective action taken.

12.Response to complaints

If any complaint arises regarding the handling of personal information, the Company shall endeavor to take prompt and appropriate measures.

13.Continual review

In response to revisions in laws and regulations, changes in business scope, and other changes in social trends, the Company shall continually examine and improve the Privacy Policy and related in-house rules.

14.Contact for requesting disclosure and the revision of content, and filing complaints

For any requests regarding the disclosure or revision of personal information, any complaints regarding the handling of personal information, comments, or inquiries regarding Company websites, please see the contact information indicated below.

15.Privacy policies of third parties used on this site

For the privacy policies of social media and other services used on this website, please refer to the service provider’s website or other.





■Regarding the use of cookie-based tools on websites operated or managed by the Company
 [Revised on September 16, 2022]

1.How information is gathered

Websites operated or managed by the Company utilize a variety of tools to collect website browsing information and other data. Acquired data is managed and utilized in accordance with the privacy policies of each of the companies that provide the tools. The following is a list of tools the Company uses, the purpose of use, the websites being used and the privacy policies of the data that is gathered. Users who wish to stop the usage of data should follow the opt-out procedures outlined by each of the tool provider companies.

(1)Purpose of use

①To improve the website
To improve and optimize the website, we measure the time it takes for a page to load and gauge user behavior within a website, such as which pages the user browses, what page order the user views the website, and what part of the page the user clicks.

②Tag management
Websites that use tools imbed programs called tags to ensure that the tools work properly. To comprehensively manage multiple tags, we use tools.

③Ad delivery
We deliver ads related to Company products and services to users who visit websites managed by the Company.

④Ad effect measurement and improvement
We measure the effect of the ads we deliver and implement improvements and other to maximize ad effect.

(2)Affected websites
A. The Company’s corporate website(https://www.dac.co.jp/
B. DAC Solution Service(https://solutions.dac.co.jp/
C. Crossborder Marketing(https://crossborder.dac.co.jp/
D. RECRUIT-SITE(https://recruit.dac.co.jp/
E. HAKUHODO digital initiative(https://hdi.dac.co.jp/
F. CAREER-SITE(https://career.dac.co.jp/)


(3)List of External Tools

 AudienceOne® 

Tool provider:DAC
Purpose of Use:①②③
Website:B

Privacy Policy:
https://www.dac.co.jp/english/utility/audienceone-data

Opt-out :
https://a.one.impact-ad.jp/opt-out

 Facebook Pixel 

Tool provider:Facebook, Inc.
Purpose of Use:③④
Website:B

Privacy Policy:
https://www.facebook.com/privacy/explanation

Opt-out :
(Ad Choice)
https://optout.aboutads.info/?c=2&lang=EN

 Google Ads 

Tool provider:Google LLC or affiliated companies
Purpose of Use:③④
Website:B

Privacy Policy:
https://policies.google.com/privacy?hl=en

Opt-out :
(Google ad settings)*Japanese
https://adssettings.google.com/authenticated?hl=ja
(Ad Choice)
https://optout.aboutads.info/?c=2&lang=EN

 Google Analytics 

Tool provider:Google LLC
Purpose of Use:①④
Website:A, B, C, D, E, F

Privacy Policy:
https://policies.google.com/privacy?hl=en

Opt-out :
https://tools.google.com/dlpage/gaoptout/?hl=en

 Google Analytics 4 

Tool provider:Google LLC
Purpose of Use:①③④
Website:A, B, C, D, E, F

Privacy Policy:
https://policies.google.com/privacy?hl=en

Opt-out :
(Google ad settings)*Japanese
https://adssettings.google.com/authenticated?hl=ja
(Ad Choice)
https://optout.aboutads.info/?c=2&lang=EN
(Opt out for data gathering by Google)
https://tools.google.com/dlpage/gaoptout/?hl=en

 Google Tag Manager 

Tool provider:Google LLC or affiliated companies
Purpose of Use:
Website:B, C, D, F

Privacy Policy:
https://policies.google.com/privacy?hl=en

Opt-out :
https://tools.google.com/dlpage/gaoptout/?hl=en

 Hot jar 

Tool provider:Hotjar Ltd.
Purpose of Use:
Website:B

Privacy Policy:
https://www.hotjar.com/legal/policies/privacy/

Opt-out :
https://www.hotjar.com/legal/policies/do-not-track/

 HubSpot 

Tool provider:HubSpot, Inc.
Purpose of Use:
Website:B

Privacy Policy: *Japanese
https://legal.hubspot.com/jp/privacy-policy

Opt-out :
http://optout.networkadvertising.org/
(Ad Choice)
https://optout.aboutads.info/?c=2&lang=EN

 MediaMath 

Tool provider:MediaMath, Inc. or affiliated companies
Purpose of Use:③④
Website:B

Privacy Policy:
https://www.mediamath.com/privacy-policy/

Opt-out :
https://www.mediamath.com/ad-choices-opt-out/
(Ad Choice)
https://optout.aboutads.info/?c=2&lang=EN

 SmartNews 

Tool provider:SmartNews, Inc.
Purpose of Use:③④
Website:B

Privacy Policy:
https://www.smartnews.com/privacy/#us

Opt-out : *Japanese
https://www.smartnews-ads.com/optout/

 Yahoo! Display Network 

Tool provider:Yahoo Japan Corporation
Purpose of Use:③④
Website:B

Privacy Policy: *Japanese
https://about.yahoo.co.jp/common/terms/chapter1/#cf2nd

Opt-out : *Japanese
https://btoptout.yahoo.co.jp/optout/index.html

 Criteo 

Tool provider:Criteo K.K.
Purpose of Use:③④
Website:B

Privacy Policy:
https://www.criteo.com/jp/privacy/

Opt-out :
https://www.criteo.com/jp/privacy/disable-criteo-services-on-internet-browsers/

 LiveRamp 

Tool provider:LiveRamp Japan K.K.
Purpose of Use:③④
Website:B

Privacy Policy:
https://liveramp.com/privacy/

Opt-out :
https://liveramp.com/opt_out/

2. Revisions to this section

The Company reevaluates and improves its information management system on an ongoing basis. With this process, revisions to the content of this section may be made. Notifications of such revisions will be made in a timely manner through this website, through a website the Company manages or in a manner deemed appropriate by the Company. Revisions to the content of this page will take effect on a date that the Company will specify separately.

3. Comments, questions, complaints and other

Please direct any comments, questions, complaints or other about the handling of information the Company owns and that is stipulated on this section to the following.

D.A.Consortium

Copyright D.A.Consortium
All rights reserved.

IS 87953/ISO 287001

IAB Member

jicdaq