Privacy Policy

Plus Alpha Consulting Co., Ltd. (“we”) engages in a wide range of business activities with a focus on text mining technology––from ASP services for customer feedback analysis systems and knowledge management systems throughout to package sales and contracted system development, as well as consulting and analysis services related to the collection, analysis, sharing, and utilization of customer feedback.

 

In the course of these activities, we handle important client information (personal information) and fully recognize the importance of using and protecting this information in an appropriate manner.

 

We also recognize that the proper management of information is a social responsibility. Furthermore, we believe it is crucial for all employees to understand the importance of protecting personal information, and for us to prove worthy of our clients’ trust by engaging in training and awareness-raising efforts to ensure appropriate handling.

 

If an individual makes a request for the confirmation, correction, or any other action to be taken with respect to personal information that we have directly acquired, we will respond within a reasonable scope.

We have established the following Privacy Policy, with which all employees shall comply.

 

  • 1. We will incorporate a code of conduct and operational guidelines for the protection of personal information into our internal regulations (personal information protection management system) in compliance with the Japanese Industrial Standard “Personal information protection management system — Requirements” (JIS Q 15001:2023), and operate under strict management.

  • 2.Principles regarding the acquisition, use, provision, etc., of personal information

    • 1. Principles for when acquiring personal information
      We will clearly specify the purposes for which personal information is to be used within the scope of our business activities; and will acquire, use, and provide such information in a fair and appropriate manner, limited to the extent necessary to achieve those purposes. We will also take measures to prevent the personal information acquired from being used for purposes other than those specified.

    • 2. Principles for when entrusted with information processing, etc.
      Through contracts, we will enter into agreements in advance regarding the measures necessary to protect personal information, and will strictly manage personal information in accordance with those agreements.

    • 3. Principles for when outsourcing
      When outsourcing the processing of personal information, we will only select contractors that maintain an adequate level of personal information protection. Through contracts, we will also enter into agreements in advance regarding the measures necessary to protect personal information, and will ensure that such processing is carried out under our strict management.

    • 4. Principles for when using and providing personal information
      We will handle personal information acquired through lawful and fair means within the scope of its intended purpose. We will endeavor to strictly manage such information to prevent disclosure, provision, or leakage to third parties, except when the individual’s consent has been obtained or when such disclosure or provision is permitted in the course of business operations.

  • 3.We will take steps to prevent and remedy any leakage, loss, or damage to personal information, and will securely use and retain the personal information we have acquired under strict management.

  • 4.We will comply with all laws and regulations, government-established guidelines, other applicable standards, and social norms relating to the handling of personal information.

  • 5.Furthermore, if an individual makes a request for the confirmation, correction, or any other action to be taken with respect to personal information that we have directly acquired, or if an individual makes a complaint or requests consultation, we will respond within a reasonable scope.

  • 6.We will strive to continually improve our personal information protection management system in order to maintain and enhance our personal information protection framework.

Established: May 1, 2008
Revised: December 2, 2024
Katsuya Mimuro, CEO and Representative Director


[Point of contact for inquiries regarding our Privacy Policy]
Takashi Takeuchi, Personal Information Protection Manager
Customer Service Desk
Address: 25F Shiodome Sumitomo Bldg., 1-9-2 Higashi Shimbashi, Minato-ku, Tokyo
TEL: 03-6432-4016


We do not collect or use the personal information of individuals who access our website without obtaining their consent.



Handling of Personal Information




Business Operator Name or Title

Plus Alpha Consulting Co., Ltd.

Representative Name

Katsuya Mimuro, CEO and Representative Director

Personal Information Protection Manager

Takashi Takeuchi, Director
E-mail info-privacy@pa-consul.co.jp

Purposes of Use of Personal Information

When acquiring personal information directly from clients, we will clearly specify in advance the purposes for which personal information is to be used, and will use such information only within the scope of those purposes.

If it becomes necessary to use a client’s personal information beyond the scope of the purposes specified in advance, we will notify the client of the matter and use the information only after obtaining the client’s consent.


We will strive not to retain personal information we have acquired for longer than necessary for the purposes of use. We will comply with requests from clients for the deletion of specific personal information handled in connection with services that we provide; provided, however, that it does not interfere with the provision of services, billing, audits, or other business operations. We will handle requests made by the individual concerned in accordance with the procedures regarding requests for the disclosure of personal information.


In the course of our business activities, we will use personal information for the following purposes.


①Personal information held

Type of personal information Purpose of use
Client information relating to IT services and consulting services To provide information on products and services, as well as to make proposals for and deliver products and services
To contact and negotiate with clients
Personal information relating to the utilization of business-related social media accounts To make contact, obtain leads, and build relationships with clients via social media
Client information handled in the operation of seminars To provide information on seminars, exhibitions, and other events, as well as on products and services
To contact and negotiate with clients
Personal information relating to job applicants To conduct recruitment-related operations (e.g., to provide recruitment information, make hiring decisions, and communicate regarding recruitment activities)
Personal information relating to former employees To contact former employees and respond to inquiries from former employees
Personal information relating to employees To manage and administer employees, as well as to conduct various procedures related to appointments and resignations
Personal information relating to inquiries To respond to inquiries received regarding our business
Personal information relating to paid employment placement services To provide employers with information on job seekers in connection with the relevant employment placement services

Personal information may be used for other purposes as individually specified in writing.


②Personal information acquired for other purposes

Type of personal information Purpose of use
Personal information relating to business partners To conduct the administrative and billing procedures required in the course of delivering products and services
To conduct maintenance and provide support services
Personal information provided by business partners To carry out the following operations entrusted by business partners:
1. To perform system operation checks, investigate the causes of system failures, and update system data in IT support services (including development, maintenance, and operation)
2. To conduct data analyses, etc., for use in various consulting services

Personal Information Entrusted for Handling

We may outsource part or all of our operations to external parties within the scope necessary to achieve the purposes of use described above. In such cases, we will select contractors through a rigorous screening process based on our prescribed selection criteria, and following selection, will enter into confidentiality agreements and ensure appropriate management and supervision. We are unable to respond directly to requests for disclosure or other actions regarding any personal information entrusted to us for handling. However, we will securely store and manage such information in accordance with the instructions of our clients and business partners.

Provision of Personal Information to Third Parties

We may provide personal information collected from clients at our seminars to seminar sponsors as third parties, on the condition that consent regarding the purpose of use is obtained at the time of collection.

[Voluntary Provision of Personal Information]

Any provision of personal information to the Company is voluntary. Please note, however, that if personal information is not provided, it may impede the operations described in the “Purposes of Use of Personal Information” above and may result in disadvantages to the individual concerned.

Authentication Credentials for Integrating OAuth and Internal Systems

Our services are able to integrate with various external services in line with client requests. Integrating with external services requires authentication credentials. Without such credentials, we will be unable to provide clients with automated integration with the relevant external services. We will obtain authentication credentials for integrating OAuth and internal systems to enable full access to the relevant service’s additional features. This applies to integrating Google Sheets and Google Calendar, searching on Instagram, monitoring and posting on Facebook, and integrating Zoom cloud recording data and Zoom meetings, among other services. These additional features are optional, and not all clients using this service are required to provide us with such authentication credentials. Within the scope of service, clients may submit only the information that is necessary and delete it when it is no longer required, or revoke our service’s access permissions from within the account of the integrated service concerned. Furthermore, information obtained using such credentials will not be viewed by our employees without the client’s permission, and it will not be provided to third parties for any purpose other than log collection. The following external services may be integrated.

Google
We do not use user data obtained through Google Workspace APIs for the development, improvement, or training of general-purpose AI or machine learning models.

Google Sheets
When integrating Google Sheets, we request read-only access to clients’ Google Sheets. Sheets are read to retrieve input values for automation purposes.
Google Sheets API : 
https://developers.google.com/sheets/api

Google Calendar(scope:
https://www.googleapis.com/auth/calendar.readonly)
We request read-only access to clients’ Google Calendar. The calendar information obtained is used to assist with data entry when registering work logs.
Google Calendar(scope:
https://www.googleapis.com/auth/calendar.events)
We also request permission to add, edit, and delete events in clients’ Google Calendar. This permission is used to reflect event schedules related to recruitment activities in the Google Calendar.
Google Calendar API  : 
https://developers.google.com/calendar

Google Privacy Policy : 
https://policies.google.com/privacy

・Instagram
We obtain information that is publicly available on Instagram via hashtagged media searches using clients’ Instagram business account IDs and Facebook page access tokens. We obtain Instagram business account IDs via the Facebook Page. In addition, we obtain Facebook page access tokens through Facebook account authentication.
Instagram Graph API : 
https://developers.facebook.com/docs/instagram-api

・Facebook
Posts may be collected from Facebook pages. In addition, integrating a client’s Facebook account will enable postings to Facebook pages for which the client is registered as an administrator. Registered Facebook pages will be indirectly accessed via clients’ Facebook account. User authentication is handled via access tokens.
Facebook Graph API : 
https://developers.facebook.com/docs/graph-api

・Zoom
①Integrating a client’s Zoom account will enable cloud recording data to be imported. User authentication is handled via access tokens.
②Integrating a client’s Zoom account will enable control of Zoom meetings through the application provided by PAC. User authentication is handled via access tokens.
https://developers.zoom.us/docs/api

Procedures Relating to Requests for Disclosure of Personal Information

With respect to personal information held by the Company, we will respond to requests from the individual concerned or their authorized representative for notification of the purposes of use; correction, addition, or deletion of the content; suspension of use, deletion, or cessation of provision to third parties; as well as for disclosure of records of provision to third parties (hereinafter collectively referred to as “disclosure, etc.”). To submit a request, please complete and submit the designated Personal Information Disclosure, etc., Request and Response Form by mail to the Customer Service Desk indicated below, and enclose either one copy of a government-issued photo identification document (such as a driver’s license, passport, or residence card), or copies of two government-issued identification documents that do not feature photographs (such as a health insurance card, pension booklet, or certificate of residence).

※ If the identification documents contain sensitive personal information, such as the individual’s registered domicile, please redact those portions by blacking them out.
※ No handling fees are required. However, the sender is responsible for postage costs to the Company.

[Personal Information Disclosure, etc., Request and Response Form]

To submit a request for disclosure, etc., please download the request form below and enter the required information in the section labeled “Details of Request.”


Download PDF : Personal Information Disclosure, etc., Request and Response Form (PDF: 88KB)

Point of Contact for Complaints and Consultations Regarding Personal Information

If you have any complaints or inquiries, or if you wish to consult with us regarding your personal information or the Company’s protection of personal information, please contact the Customer Service Desk indicated below.


[Plus Alpha Consulting Co., Ltd.]
Customer Service Desk
 
Address: 25F Shiodome Sumitomo Bldg., 1-9-2 Higashi Shimbashi, Minato-ku, Tokyo
105-0021
TEL: 03-6432-4016
E-mail : info-privacy@pa-consul.co.jp

[Japan Institute for Promotion of Digital Economy and Community]
(Abbreviation: JIPDEC)
・Complaint Consultation Desk
・Privacy Mark Promotion Center
 
Address: Roppongi First Bldg., 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
TEL: 03-5860-7563
    0120-116-213 (toll-free)
JIPDEC website : https://www.jipdec.or.jp/

Collection of Information via the Company Website

The Company website may automatically collect access information from users based on IP addresses and other data. (However, we do not use IP addresses to identify individual users.)

The access information collected includes page viewing logs, as well as browser and operating system types and versions. The information collected is used to monitor access and to investigate the causes of server issues.

In addition, to protect the personal information of users of the Company website, we use Secure Sockets Layer (SSL) encrypted communication on pages where personal information is entered.

Measures for the Secure Management of Personal Information

We have established rules and procedures to ensure the strict handling of personal information based on a Privacy Policy compliant with JIS Q 15001, and we operate a personal information protection management system accordingly.
To ensure the proper handling of personal information, we implement security management measures under four core themes: organizational, personnel, physical, and technical.
[Organizational measures]
We provide all employees with training on personal information protection once a year.
[Personnel measures]
We have employees enter into confidentiality agreements covering personal information at the time of recruitment and upon resignation.
[Physical measures]
We monitor employee entry to and exit from office spaces using card keys. In addition, we verify the identity of visitors and the purpose of their visit at the entrance, and record the date, company name, visitor name, and time of entry in the visitor log.
[Technical measures]
The personal information protection manager issues, updates, and disposes of IDs with access privileges, and promptly revokes the access rights of any user who no longer requires access to the information.