Cybozu, Inc., Cybozu Labs, Inc., and Cybozu Connect.C, Inc. (“Cybozu”) appropriately handle personal information collected in the course of providing products and services, holding events, and conducting other business activities, in accordance with the policy described below. In this policy, "personal information," "personal data," and "retained personal data" are used in accordance with the terminology used in the Act on the Protection of Personal Information (Act No. 57 of 2003. Hereinafter, the "Personal Information Protection Act"). Please note that the handling of personal information in recruitment activities is specified separately here.
In the course of conducting our business activities, Cybozu collects personal information, including the following:
※ Cybozu may collect the My Number (national identification number) of individuals, such as sole proprietors, speakers, etc., for use in the preparation of payment statements and withholding tax certificates.
Cybozu uses the collected personal information to the extent necessary to achieve the purposes described below. If Cybozu uses personal information beyond the extent necessary to achieve the purposes described below, we will do so only after obtaining the consent of the individual concerned.
(1) Purposes personal information of people who have purchased or used our products and services, or who have an interest in our products and services ("Customers") is used for:
to provide a range of information on products and services (new products and services, new features, feature improvements, case studies, etc.)
to provide information on, and to run, seminars and events
to manage customer transaction information, such as subscription applications for our products and services, changes to Customer Information, subscription renewals and cancellations, etc.
to estimate and/or bill for products, services, and subscription fees
to send thank you letters for purchasing our products and services
to advise that we are conducting a survey on products and services, as well as to notify winners, and to send out prizes
to provide information on product and service maintenance, failures, etc.
to reply to inquiries received and to provide customer support
to manage certification programs, user communities, and developer communities
to utilize as basic data to enhance and improve our products and services; and
to measure the effectiveness of marketing and customer support initiatives.
(2) Purposes personal information of people in charge at Cybozu business partners is used for:
to manage business partner information
to engage in the necessary communications to enter into contracts and carry out transactions; and
to carry out billing and payment operations.
(3) Purposes personal information of people who have reported vulnerabilities in our products and services, or information security incidents at our company ("Reporter") is used for:
to contact the Reporter
to pay a bounty if the Reporter is participating in a Bug Bounty Program, and to administer said program; and
if the Reporter is participating in a Bug Bounty Testing Environment Program, to provide the vulnerability verification environment and to administer said program.
(4) Purposes personal information of shareholders and people who are interested in becoming a shareholder is used for:
to exercise Cybozu’s rights and fulfill our obligations under the Companies Act
to implement various IR (Investor Relations) measures; and
to manage shareholders, including the preparation of shareholder data as per the prescribed standards under the various laws and regulations.
(5) Purposes personal information of media representatives and other individuals not included in (1) through (4) above is used for:
to contact the person; and
to provide information on, and to run, seminars and events.
(6) Common purposes of using personal information in (1) through (5):
to comply with applicable laws and regulations
to exercise or defend Cybozu’s legal rights; and
in the event of a merger, acquisition, sale, or other transaction involving the business or its assets, to support or give effect to the transaction.
Cybozu will not provide personal data to third parties without the prior consent of the individual, except in the following cases:
Cybozu may outsource some of the handling of personal data. When Cybozu outsources, we will select a contractor on the condition that the company has secured a sufficient level of personal data protection, and will do so only after having entered into a contract pertaining to personal data. In addition, Cybozu will conduct the necessary and appropriate supervision in relation to the management of said contractors.
Cybozu will jointly use personal data between Cybozu and our subsidiaries (the "Cybozu Group") only when necessary within the scope described below.
Items of personal information to be jointly used Items stated in “1 Information that we Collect”
Scope of joint users The Cybozu Group
Purpose of use Items stated in “2 How we Use your Information”
Chief Administrator Cybozu, Inc.
Cybozu takes necessary and appropriate measures, including those described below, to prevent the leakage, loss of, or damage to personal data handled by the company and to otherwise securely manage personal data.
(1) Formulation of basic policy/Establishment of rules on handling of personal data
(2) Systematic security control measures
(3) Human security control measures
(4) Physical security control measures
(5) Technical security control measures
(6) Understanding the external environmentIn the case of storing personal data in a cloud service, if either, the country where the cloud service provider of the cloud service is located, or the country where the server where the personal data is stored is located, is a foreign country, Cybozu takes the necessary and appropriate measures for the safe management of personal data based on an understanding of said foreign country's legal systems, etc., for the protection of personal information.
Cybozu will respond to requests for disclosure of your retained personal data, correction, addition or deletion of the content of your retained personal data, cessation of use, or deletion of your retained personal data, or cessation of provision of your retained personal data to third parties ("Requests for Disclosure, etc.") to the extent permitted by the Personal Information Protection Act. If you wish to make Requests for Disclosure, etc., or to make a complaint regarding our handling of personal information, please contact us at the inquiries desk listed in "9 Contact Us.”
This policy is subject to revision without notice in response to changes in laws and regulations, changes in business activities, etc. Your understanding is appreciated.
For all inquiries regarding this policy, please contact us at: Personal Information Inquiries Desk, Cybozu, Inc. email@example.com
Revised on February 12, 2017
Revised on July 28, 2017
Revised on March 31, 2022
Revised on July 3, 2023
Last Updated: August 24, 2022
This Cookies Policy explains what cookies are and how we use them.
A cookie is a small amount of data consisting of character strings that is sent to your browser from a web server. This information acts like a user’s ID card that enables you to record your password and/or configuration information on it, thereby identifying you when you revisit the website and enabling to have setting status reappear.
If you do not wish to accept cookies, you can block or restrict cookies through your browser settings. Please note though, in that case you may not be able to use all or a part of our website.
You can modify the settings of cookies on our site through the ”Cookie Settings” page.
Cybozu may at our sole and absolute discretion, update its Cookies Policy from time to time. The update shall be effective as of the date it is posted on our website.
If you have any questions about this Cookies Policy, You can contact us: