Processing of Personal Data of Persons within the EEA (Attachment)
If a user is a person in the EEA (European Economic Area) and is subject to the EU General Data Protection Regulation (the “GDPR”), then this Attachment will apply in addition to the section titled “Regarding the handling of personal information” (the “Rules”) above. If there is any discrepancy between the provisions of the Rules and those of this Attachment, the provisions of this Attachment shall prevail.
PERSONAL DATA
“Personal information” as used in the Rules shall be read as personal data as defined in the GDPR.
USE OF COOKIES
Details regarding the use of cookies as personal data shall be set out separately.
SOURCE OF PERSONAL DATA
We will obtain customers’ personal data directly from customers.
Use of the Service is limited to customers who are 16 years old or older. Anyone who is younger than 16 years old should refrain from using the Service.
PURPOSE OF USE AND LEGAL BASIS FOR PROCESSING
Notwithstanding the provisions of the Rules, we will obtain and process the following categories of users’ personal data only for the purposes stipulated below, as doing so is necessary for the performance of contracts.
We will not use any personal data of a user for the purpose of making the user subject to automated processing, including profiling, which produces legal effects concerning the user or similarly significantly affects the user without the consent of the user.
PERSONAL DATA REQUIRED TO BE PROVIDED
Users may not apply for job openings if they do not provide their personal data designated as required information.
In addition to the above information, if the provision of personal data is required under laws and regulations or is necessary for entering into a contract, we will separately notify customers individually regarding whether the data subject is obliged to provide the personal data or not and regarding the consequences that may arise if the data subject does not provide such data.
RETENTION PERIOD OF PERSONAL DATA
We may retain the personal data of users for the period necessary to achieve the purpose of use of personal data on Rules in connection with the provision of the Service. A specific retention period will be determined taking into account the purpose of obtaining and processing the personal data, the nature of the personal data, and the necessity to retain the personal data based on statutory or contractual requirements.
PROVISION AND TRANSFER OF PERSONAL DATA TO THIRD PARTY
Notwithstanding the provisions of the Rules, we will provide the personal data of users to service providers, to venders, and to contractors and cloud service providers that offer hosting, data storage, and other services to the extent necessary to achieve the purpose of use above.
In connection with the above sharing and disclosing of personal data, we may transfer the personal data of users to one of the following third countries outside the EEA, such as Hong Kong. In that case, we will establish appropriate safeguards by executing standard contractual clauses (Paragraphs 2(c) and 5 of Article 46 of the GDPR) approved by the recipient of personal data and the European Commission. Please contact us (mail.jp@rgf-executive.com) if you wish to see a copy of the document regarding the safeguards.
USERS’ RIGHTS
Users have following rights with respect to their personal data obtained and processed by us.
⚫ Obtain Information Regarding the Data Processing
Each user shall have the right to obtain all of the necessary information with respect to our data processing activities relating to users (Articles 13 and 14 of the GDPR).
⚫ Access to Personal Data
Each user shall have the right to obtain confirmation from us as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and certain related information (Article 15 of the GDPR).
⚫ Correction or Deletion of Personal Data
Each user shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her and the right to have incomplete personal data completed (Article 16 of the GDPR). Each user shall have the right to obtain from us the erasure of personal data concerning him or her without undue delay if certain requirements are met (Article 17 of the GDPR).
⚫ Restriction on Processing of Personal Data
Each user shall have the right to obtain from us restriction of processing if certain requirements are met (Article 18 of the GDPR).
⚫ Objection to Processing of Personal Data
Each user shall have the right to object to processing of personal data concerning him or her if certain requirements are met (Article 21 of the GDPR).
⚫ Data Portability of Personal Data
Each user shall have the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us if certain requirements are met (Article 20 of the GDPR).
⚫ No Automated Decision-Making
Each user shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her if certain requirements are met (Article 22 of the GDPR).
Please contact us (mail.jp@rgf-executive.com) if you wish to exercise any of the rights above. Users may file an objection regarding our processing of users’ personal data to the data protection supervisory authority of the member country where the user resides or works or where the violation of the GDPR occurred.
HOW YOU CAN CONTACT OUR EU REPRESENTATIVE
We have appointed Ashurst LLP (UK company number OC330252) as our representative in EU for data protection matters. You can contact them using the following email address. Your message will be forwarded to appropriate members of their data privacy team.
Email : Recruit.EURepresentative@ashurst.com
PERSONAL DATA
“Personal information” as used in the Rules shall be read as personal data as defined in the GDPR.
USE OF COOKIES
Details regarding the use of cookies as personal data shall be set out separately.
SOURCE OF PERSONAL DATA
We will obtain customers’ personal data directly from customers.
Use of the Service is limited to customers who are 16 years old or older. Anyone who is younger than 16 years old should refrain from using the Service.
PURPOSE OF USE AND LEGAL BASIS FOR PROCESSING
Notwithstanding the provisions of the Rules, we will obtain and process the following categories of users’ personal data only for the purposes stipulated below, as doing so is necessary for the performance of contracts.
Purpose of Processing | Categories of Personal Data |
---|---|
To provide information regarding introduction of jobs, finding or changing jobs, and temporary staffing, and to provide services related thereto (including, with the approval or at the request of Candidates, provision of personal data to client companies, etc. using the Service, confirmation with employers regarding facts such as a Candidate submitting an application or joining the company during the provision of service or after the completion of service, and receiving notices from employers) | Name, address, date of birth, age, gender, phone number, email address, work/school information (company name, section, title, name of school, etc.), ID number (driver’s license, passport, insurance card number, etc.), financial condition (income, amount of loans, etc.), medical condition (medical history, surgical history, results of checkups, etc.), criminal history (criminal records, arrest records, history with the police), certificate of status of residence |
To respond to inquiries, consultations, and complaints and to resolve disputes | |
To confirm the status after the job placement, job change, or temporary staffing and to obtain opinions or requests to improve services |
PERSONAL DATA REQUIRED TO BE PROVIDED
Users may not apply for job openings if they do not provide their personal data designated as required information.
In addition to the above information, if the provision of personal data is required under laws and regulations or is necessary for entering into a contract, we will separately notify customers individually regarding whether the data subject is obliged to provide the personal data or not and regarding the consequences that may arise if the data subject does not provide such data.
RETENTION PERIOD OF PERSONAL DATA
We may retain the personal data of users for the period necessary to achieve the purpose of use of personal data on Rules in connection with the provision of the Service. A specific retention period will be determined taking into account the purpose of obtaining and processing the personal data, the nature of the personal data, and the necessity to retain the personal data based on statutory or contractual requirements.
PROVISION AND TRANSFER OF PERSONAL DATA TO THIRD PARTY
Notwithstanding the provisions of the Rules, we will provide the personal data of users to service providers, to venders, and to contractors and cloud service providers that offer hosting, data storage, and other services to the extent necessary to achieve the purpose of use above.
In connection with the above sharing and disclosing of personal data, we may transfer the personal data of users to one of the following third countries outside the EEA, such as Hong Kong. In that case, we will establish appropriate safeguards by executing standard contractual clauses (Paragraphs 2(c) and 5 of Article 46 of the GDPR) approved by the recipient of personal data and the European Commission. Please contact us (mail.jp@rgf-executive.com) if you wish to see a copy of the document regarding the safeguards.
USERS’ RIGHTS
Users have following rights with respect to their personal data obtained and processed by us.
⚫ Obtain Information Regarding the Data Processing
Each user shall have the right to obtain all of the necessary information with respect to our data processing activities relating to users (Articles 13 and 14 of the GDPR).
⚫ Access to Personal Data
Each user shall have the right to obtain confirmation from us as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and certain related information (Article 15 of the GDPR).
⚫ Correction or Deletion of Personal Data
Each user shall have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning him or her and the right to have incomplete personal data completed (Article 16 of the GDPR). Each user shall have the right to obtain from us the erasure of personal data concerning him or her without undue delay if certain requirements are met (Article 17 of the GDPR).
⚫ Restriction on Processing of Personal Data
Each user shall have the right to obtain from us restriction of processing if certain requirements are met (Article 18 of the GDPR).
⚫ Objection to Processing of Personal Data
Each user shall have the right to object to processing of personal data concerning him or her if certain requirements are met (Article 21 of the GDPR).
⚫ Data Portability of Personal Data
Each user shall have the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us if certain requirements are met (Article 20 of the GDPR).
⚫ No Automated Decision-Making
Each user shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her if certain requirements are met (Article 22 of the GDPR).
Please contact us (mail.jp@rgf-executive.com) if you wish to exercise any of the rights above. Users may file an objection regarding our processing of users’ personal data to the data protection supervisory authority of the member country where the user resides or works or where the violation of the GDPR occurred.
HOW YOU CAN CONTACT OUR EU REPRESENTATIVE
We have appointed Ashurst LLP (UK company number OC330252) as our representative in EU for data protection matters. You can contact them using the following email address. Your message will be forwarded to appropriate members of their data privacy team.
Email : Recruit.EURepresentative@ashurst.com