Privacy Policy

Concerning Personal Information Protection Objectives

Personal Information Protection Objectives are established by top management. These objectives are compatible with this Privacy Policy and the strategic direction of the company.
Each division of the company establishes business goals compatible with Personal Information Protection Objectives.

Concerning Acquisition of Personal Information

• Under no circumstance shall the company acquire personal information by illegal methods.
• In principle, purposes of use shall be clearly indicated and obtained the consent of the person upon the acquisition of the personal information. In cases for which personal information is acquired without disclosure of the purposes of use, the purposes of use shall be promptly indicated to customers and obtained the consent form customers.
  Also, when personal information is used jointly, items of the personal information to be jointly used, joint users, purposes of use and management representative of personal information shall be clearly indicated.
  In the following cases, indication of purposes of use may be omitted:
  • When personal information is provided at a meeting with personnel of the company, or through exchange of business cards
  • When business cards are provided to personnel of the company at events or seminars

  In the above cases, unless refused by the individual, personal information may be used for introduction of the company's products and/or services, or for sales or marketing activities.

If a customer does not wish to provide personal information, he or she may make such rejection upon the individual's sole judgment. However, please keep in mind that in this case services for which the provision of personal information is essential may not be provided.

Concerning Use of Personal Information

• The company shall not use personal information in such a manner as to exceed the scope required to achieve the purposes of use without prior consent from users. The company, therefore, recognizes sufficiently and handles the purpose of use of personal information.
• The company will not use personal information inappropriately.
  Examples of improper use are violations of law, public trust, or social norms.
• The company shall not revise the purposes of use of personal information in such a manner as to exceed the scope that maintains appropriate correlation with the purposes of use before revision. Provided any revision is in effect, such changes shall promptly be informed to users and obtained the consent of users.

* For details on the Purposes of Use, please see this link

Concerning Management of Personal Information

• The company shall appoint Information Security Officer as Personal Information Protection Officer. The company gives the Personal Information Protection Officer the responsibility and authority concerning the implementation and operation of the Personal Information Protection Management System.
• The company shall take appropriate management measures to prevent leakage, loss, or damage to personal information.
• The company shall not provide personal information to any third parties without prior consent of customers, except when:
  • Within the scope required for achieving the purposes of use, the business requiring handling of the personal information is consigned to a third party (in such a case, a secrecy agreement will be signed with that third party),
  • Imminent danger or risk occurs to the life, body or property of a customer, requiring emergency action,
  • A part or whole of the company's business requiring handling of the personal information is inherited by a third party by merger, company restructuring or transfer of sales rights,
  • Provision of personal information is requested by law,
  • Personal information is disclosed in a manner such that customers cannot be identified individually (statistical process),
  • Disclosure of the personal information is necessary to financial parties for credit settlement concerning the purchase of the company's products or services, and
  • Disclosure to third parties as approved by laws, regulations, or guidelines related to the Protection of Personal Information.
• For system failure response, after obtaining customer's consent, we (the Allied Telesis Group Company in each country) access network configuration information and customer's personal information.
• The company shall make the best effort to maintain the most current and accurate personal information within the scope required for achieving the purposes of use.
• When outsourcing business handling personal information, we select trustworthy trustees and conclude confidentiality agreement with outsourcer.
• The company shall disclose, correct, add or erase personal information upon the request of customers whenever possible.
• Based on our ordinary work content, we will properly discard if the acquired personal information is judged unnecessary.
• The company shall establish management systems for personal information protection based on JIS Q 15001 to observe other legislation concerning the handling of personal information and governmental guidelines and standard. All Executive Directors and Employees will strictly observe the requirements and make the best efforts to regularly review, maintain and improve the contents.
• In the event that we suspect there is inappropriate management of personal information, we will redress this immediately. We always endeavor to prevent a recurrence of the inappropriate management of personal information.

Concerning Security Control Measures of Retained Personal Data

The company has implemented the following security control measures for retained personal data.

• Created a privacy policy to protect personal data properly.
• Created and implemented a life cycle management system for personal data.
  In addition, the company has created the handling rules.
• The company has established the Personal Information Officer.
  Implemented an information feedback system for use in the case of the detection of discrepancies regarding laws, regulations, this policy or in the event of any unforeseen incident.
• Conduct regular internal audits assuring the effectiveness of this Privacy Policy.
• Regularly train the Company’s employees in the performance this Privacy Policy.
• Our rules of employment include matters concerning the confidentiality of personal data.
  All employees of the Company are bound by oath to the Company’s non-disclosure agreement.
• The company has controlled the entry and exit of employees in areas where personal data is handled.
• Created system of access-control for all personal data.
• The above system includes capability to protect personal data from unauthorized access, malicious software, and other forms of outside attack.
• The company may outsource data storage to the United States.
  In this case, we are implementing security control measures after understanding the laws and regulations regarding the protection of personal information in the United States.

Concerning Acquisition and Handling of Specific Personal Information

• We do not collect any of the customer’s Identification Number except the people related to the company and part of our customers who are paid a fee from the company because this is against Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure.
• We observe related acts and guidelines and handle Specific Personal Information properly.
• We specify handling regulations separately relating to security control measures of Specific Personal Information.

Concerning Cookies

We use a technology called a cookie in our website (hereinafter “the site”) to make it more conveniently to use for customers and to collect information on site access history. A cookie is a technology that identifies customer’s computers from the web server. Customers can set their browsers to refuse cookies or to warn customers when cookies have been received. But, in the first case, please note that customers may not be able to use functions of the site fully.
For more details about this functions, please see the help of a web browser you are using.

About Revision of Privacy Policy

When we revise the privacy policy, contents after revision shall be promptly announced on the company's Web sites or by other appropriate methods.

Handling of Personal Information Acquired Before Indication of Purposes of Use

The personal information the company has acquired from customers through our Web sites and other means in the past without indicating the purposes of use will continue to be used within the scope required for achieving the Purposes of Use stipulated herein.

Privacy Questions and Access

If you have a question about this Privacy Policy, you can send an email to the Allied Telesis information-security team.

You can also contact us at: privacy@allied-telesis.co.jp