NPO ASTER Privacy Policy

Home Contents Menu Sub Menu Copyright
Japanese
  • Home
  • Business
  • Organization
  • Contact
  • Privacy Policy
‌
Home
Business
Organization
Contact
Privacy Policy
InSTA2024

HOME > Privacy Policy

Personal Information Protection Code

(Purpose)

Article 1.
This Code is intended to protect the rights of individuals and their particular interests by stipulating basic matters with respect to the handling of personal information in an effort to implement the Act on the Protection of Personal Information (Act No. 57 of 2003; hereinafter referred to as the "Act") properly in the Association of Software Test Engineering (hereinafter referred to as the "ASTER").

(Confidentiality)

Article 2.
The directors and members of the ASTER shall not notify any content of such personal information that they could obtain regarding the activities or the like of the ASTER to any third party without good reason or shall not use such information for any unjustified reason. This provision shall remain in effect even after such directors resign from the ASTER or withdrawal of such members from membership of the ASTER.

(Appointment of administrative management supervisor)

Article 3.
The chief director shall be appointed to be the administrative management supervisor of any personal information and appropriate handling and protection of such information shall be ensured under its supervision.

(Purpose of use)

Article 4.
The ASTER stipulates the purpose of use of any personal information in handling such information in each of the following items:
  • (1) Delivery of a formal notice of guidance on any lectures, workshops and symposiums to be hosted, sponsored or supported by and worked together with the ASTER;
  • (2) Survey on industry trends provided however, the distribution thereof to nonprofit organizations or groups shall be included after the results of such surveys are summarized in such a manner that any individuals cannot be identified in them.

(Notification of and change in purpose of use)

Article 5.
  1. Where the ASTER obtains any personal information, the ASTER shall inform the owner of such information in advance the purpose of use of such information and the case such information is provided to a third party, or obtain prior permission from such owner thereof.
  2. In the event that the specified purpose of use is changed later on in accordance with the procedure as set forth in the preceding paragraph, the ASTER shall inform such owner again of such changed content or announce such changed content on its website or other methods.

(Authority to be given as per purpose of use)

Article 6.
  1. Without prior approval by the owner of personal information, the ASTER shall not use such information that falls outside the scope of the stated purpose of use in order to accomplish the specified purpose in the provisions of the preceding article herein.
  2. The provision of the preceding paragraph hereof shall not apply to the following cases:
  • (1) To comply with legal requirements;
  • (2) When necessary to protect life, health, or property and it is impractical to obtain the consent of the owner of the personal information; or
  • (3) When cooperating with a government organization, local government entity, or their proxies with legally prescribed actions is required and obtaining the consent of the owner of such information would hinder or interfere with the execution of those actions.

(Proper acquisition)

Article 7.
The ASTER shall not acquire any personal information through fraud or in any other unlawful manner.

(Safety management measures)

Article 8.
The ASTER shall take necessary and appropriate measures against leakage, loss or damage of any personal information to be handled and for safety management measures of any other personal information.

(Supervision of subcontractor)

Article 9.
When management of any personal information is outsourced to any outsourcees, a person who is able to provide a sufficient protection level to such management shall be appointed; compliance with directions from its management representative, secrecy of such information, ban on the use of such information outside the agreed range of purpose of use as well as on reconsignment of such management and the sharing of responsibility in case of an accident shall be guaranteed through legal action including conclusion of a contract; and necessary and appropriate supervision and control over such outsourcees shall be exercised, in order to ensure security management of such information outsourced in the manner mentioned above.

(Limitation of provision of personal information to third party)

Article 10.
  1. The ASTER shall obtain, in principle, the approval from the owner of any personal information when such information is provided to a third party, except in the case where a prior notice is given to such owner or such approval is obtained in advance from such owner in accordance with Article 5 herein.
  2. Notwithstanding the foregoing, such information may be provided to a third party without prior consent of such owner pursuant to the provisions of Article 23 of the Act in the following cases:
    • (1) To comply with legal requirements;
    • (2) When necessary to protect life, health, or property and it is impractical to obtain the consent of the owner of the personal information; or
    • (3) When cooperating with a government organization, local government entity or their proxies with legally prescribed actions is required and obtaining the consent of the owner of such information would hinder or interfere with the execution of those actions.
  3. In the cases stated in the following items, those persons who receive the personal information shall not be any third party to which the provisions of the preceding paragraph hereof are applied:
    • (1) In the case where the ASTER outsources all or part of the treatment of such personal information to any outsourcees to the extent necessary to achieve the purpose of its use; or
    • (2) In cases where the ASTER uses such personal information jointly with a certain person, if the ASTER has obtained a prior consent from the owner of such personal information for such joint use, any items of such information to be used jointly, the purview of such certain person who uses such information jointly, the purpose of use of the users of such information, as well as full name or title of a responsible person for such information.

(Disclosure)

Article 11.
  1. In the event that an owner of personal information asks the ASTER to disclose the personal information retained by the ASTER that makes such owner identifiable (including notice of fact that the retained information which makes such owner identifiable does not exist; the same shall apply hereinafter), the ASTER shall disclose such retained information to such owner without delay through delivery of its notice in writing (or by another method if such owner requesting the aforesaid disclosure gives his/her consent to such method). However, in the event that such disclosure is not in compliance with laws and regulations, the ASTER may refuse to disclose all or part of the personal information to such owner.
  2. In the event that the ASTER makes such a decision not to disclose all or part of such retained personal information requested pursuant to the provision of the preceding paragraph, the ASTER shall inform such owner thereof without delay.
  3. In the case that other laws and regulations stipulate disclosure of all or part of such retained personal information which makes such owner identifiable by any method equivalent to either method stipulated in Paragraph 1 hereof, the provision of Paragraph 1 hereof shall not apply to the all or part of such retained information.

(Correction, etc.)

Article 12.
  1. In the event that an owner of any personal information requests the ASTER to correct, delete or write additional data to such information (hereinafter referred to as the "Correction, etc." in this Article) on the ground that the content of such personal information retained by the ASTER which makes such owner identifiable is not true, the ASTER shall conduct an inspection on such matter without delay and make the Correction, etc. to the content of the retained personal information based on its results to the extent necessary to achieve the purpose of its use, except in the case where a special procedure is stipulated for the Correction, etc. of its content in accordance with provisions of other laws and regulations.
  2. In the event that the ASTER makes the Correction, etc. to the content of all or part of such retained personal information which is subject to the request pursuant to the provision of the preceding paragraph or makes such a decision that the Correction, etc. will not be made, the ASTER shall inform such owner thereof (including the content of the Correction, etc. if it is made) without delay.

(Cessation, etc. of use of personal information)

Article 13.
  1. In cases where an owner of any personal information retained by the ASTER that makes such owner identifiable requests the ASTER to stop using or delete such information (hereinafter referred to as "Cessation, etc. of Use of Personal Information" in this Article) on the grounds that the retained personal information is treated in violation of the provisions of Article 6 hereof or that such information is obtained in violation of the provisions of Article 7 hereof, if it is found that such request has a justifiable reason, the ASTER shall achieve Cessation, etc. of Use of Personal Information for such retained personal information without any delay to the extent required to correct such violation. However, this requirement shall not apply to the cases where a large amount of cost is required for Cessation, etc. of Use of Personal Information for such retained personal information, other Cessation, etc. of Use of Personal Information are difficult to be achieved, and any other necessary measures to protect the rights and interests of such owner are taken in lieu of achieving Cessation, etc. of Use of Personal Information.
  2. In cases where the owner of such personal information retained by the ASTER that makes such owner identifiable requests the ASTER to stop providing such information to a third party on the grounds that the retained personal information is provided to such third party in violation of the provisions of Article 10-1 hereof, if it is found that such request has a reasonable reason, the ASTER shall stop providing such retained personal information to such third party without any delay. However, this requirement shall not apply to the cases where a large amount of cost is required to stop providing such retained personal information to such third party, any other provision of such information to such third party is difficult to be discontinued, and any other necessary measures to protect the rights and interests of such owner are taken in lieu of stopping or discontinuing the provision of such information.
  3. In the event that the ASTER achieves Cessation, etc. of Use of Personal Information for all or part of such retained personal information which is subject to the request pursuant to the provision of Paragraph 1 herein, makes such a decision that Cessation, etc. of Use of Personal Information will not be achieved, stops providing all or part of such retained personal information to such third party which is subject to the request pursuant to the provision of preceding paragraph hereof or makes such a decision that the provision of such information to such third party will not be discontinued, the ASTER shall inform such owner thereof without delay.

(Procedure to meet a request for disclosure, etc.)

Article 14.
  1. The ASTER shall separately determine a method to accept the request pursuant to Article 11-1, Article 12-1 or Article 13-1 or Article 13-2 herein (hereinafter referred to as "Request for Disclosure, etc." in this Article). In this case, any owner of personal information shall make the Request for Disclosure, etc. in accordance with such method.
  2. With regard to the Request for Disclosure, etc., the ASTER may request such owner to submit some matters sufficient to specify the retained personal information to the ASTER for such Request.

(Handling charge)

Article 15.
  1. The ASTER may collect a handling charge from those who make a request for the notice of purpose of use as prescribed in Article 5-1 hereof or ask for the disclosure as prescribed in Article 11-1 in delivering such notice and making such disclosure.
  2. The handling charge in the preceding paragraph hereof shall be determined separately within the scope which is considered to be reasonably necessary with due regard to an actual amount of the handling charge.

(Evaluation, review and improvement of safety management measures for personal information)

Article 16.
The ASTER shall evaluate, review and improve the safety management measures for personal information in an appropriate way.

(Measures in the event of leakage or the like of personal information)

Article 17.
  1. In the event of leakage or anything of the like of personal information, the ASTER shall notify the veracity thereof to its owner promptly.
  2. In the event of leakage or anything of the like of personal information, the ASTER shall make the veracity thereof or the like public to the greatest extent possible in terms of prevention against secondary damage, avoidance of occurrence of similar case thereto, etc.

(Others)

Article 18.
In the event that there exist any necessary matters for the enforcement this Code in addition to what is provided for herein, such matters shall be stipulated separately.
Article 19.
A notice of the point of contact regarding inquiries about any personal information shall be given in an appropriate manner.
Article 20.
The revision and abolition of this Code shall be determined by a decision made by the board of directors.
Article 21.
This Code shall come into effect as from October 20, 2006.
‌

[PageTop↑]

|| Home | Business | Organization | Contact | Privacy Policy ||
Copyright 2006-2023 Association of Software Test Engineering All rights reserved.