Established: March 1, 2005
Last revised: April 1, 2022
Century Medical, Inc. (hereinafter “the company”) deeply recognizes the importance of protection of personal information of customers, observes the Act on the Protection of Personal Information, related laws, regulations, guidelines, etc., and appropriately handles personal information in accordance with this policy.
1. Collection of personal information
The company will collect personal information to the extent necessary to conduct its business and by appropriate means in accordance with laws and regulations.
2. Use of personal information
The use of personal information collected by the company shall be limited to the scope necessary to achieve the following purposes, and sufficient care shall be taken to ensure that the rights of customers are not compromised.
(1) Information on medical doctors and other medical personnel
- Providing and collecting information on the proper use of products imported, exported, manufactured, or sold by the company (hereinafter, “the company’s products”)
- Providing and collecting information on the quality, safety, or efficacy of the company’s products
- Providing and collecting product-related information on the company’s products
- Requesting and conducting clinical trials and post-marketing studies of the company’s products
- Provision and collection of medical and academic information in the fields of medicine, bioengineering, and medical equipment
- Conducting surveys and research in the fields of medicine, bioengineering, and medical devices
- Application, notification, and reporting to government and municipal offices, etc.
- Responding to inquiries, requests for information materials, etc.
- Collection and management of information related to the receipt and processing of payments
- Other related and incidental actions to the above items
(2) Information on business partners
- Provision, collection, and communication of information and distribution materials in connection with sales activities
- Other related and incidental actions to the above items
(3) Information about patients for whom the company’s products were used (hereinafter, “patient information”)
- Maintenance, inspection, repair, replacement, and other actions related to the company’s products
- Ensuring the quality, safety, efficacy, and proper use of the company’s products, and collection, investigation, analysis, and provision of information related thereto (including those for the purpose of the specified medical devices registration system [specified medical device tracking system])
- Application, notification, and reporting to government and municipal offices, etc.
- Other related and incidental actions to the above items
(4) Information on applicants for employment
- Consideration, decision, and communication of acceptance or rejection
- Responding to inquiries, requests for information materials, etc.
- Other related and incidental actions to the above items
(5) Information on employees (including retirees and family members of employees)
- Management of work, payment of salaries, personnel matters, evaluations, benefits, health and safety, etc.
- Performing and managing various procedures stipulated in internal rules and regulations
- Application, notification, and reporting to government and municipal offices, etc.
- Other related and incidental actions to the above items
3. Management and protection of personal information
- When managing the personal information of our customers, the company will appoint a person responsible for the management of such information and will take appropriate measures to prevent the information from being leaked outside the company. In addition, we will take appropriate safety measures to protect personal information of our customers from unauthorized external access, loss, destruction, falsification, etc.
- The company will limit access to its database of personal information to those who have the right to access it, and will strictly control the use of such information within the company to prevent any unauthorized use.
- If you want to check the details of other measures for safety management, please send a request in accordance with “8. Requests related to the handling of personal information.”
4. Provision of personal information to third parties
The company will not disclose personal information provided by customers to third parties. However, this does not apply in any of the following cases.
- When required by law
- When disclosure is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the individual concerned
- When it is especially necessary to improve public health or to promote the sound growth of children, and it is difficult to obtain the consent of the individual concerned
- When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government in performing duties designated by laws and regulations and obtaining the consent of the individual concerned is likely to impede the performance of the relevant duties
- When the consent of the individual concerned has been obtained in advance
- In the case of opt-out procedures, we will disclose or provide personal information to a third party after notifying the Personal Information Protection Commission of the prescribed matters.
- When disclosing or providing personal information to a third party, the necessary information will be recorded and stored under the strict control of the company.
- In the event that the processing of personal information is outsourced, it will be done under the strict control and record-keeping of the company.
5. Provision of personal information to third parties in foreign countries
The company will not provide personal information to third parties in foreign countries, except in the following cases
- When required by law
- When disclosure is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the individual concerned
- When it is especially necessary to improve public health or to promote the sound growth of children, and it is difficult to obtain the consent of the individual concerned
- When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government in performing duties designated by laws and regulations and obtaining the consent of the individual concerned is likely to impede the performance of the relevant duties
- When third party is located in a country which is categorized by a law or regulation as a country that has the same level of personal information protection system as the Japanese one
- When third party has established a system that satisfies the standards set forth by a law or regulation for continuously taking measures that should be implemented by enterprises that handle personal information in Japan
- When there is the consent of the individual concerned in advance whose personal data is to be provided to a third party in a foreign country
6. Outsourcing of the handling of personal information
In order to provide better services to our customers, the company may outsource the handling of personal information within a range necessary to achieve the purpose of use. In such cases, we will select an outsourcee that is deemed to handle personal information properly, and will make necessary arrangements in the contract to prevent leakage of personal information of our customers, including management of personal information and maintenance of confidentiality, and will have the outsourcee implement appropriate management of personal information.
7. Special care-required personal information
The company will not acquire any special care-required personal information, except in certain cases, such as when the individual concerned has given consent or when required by law.
8. Requests related to the handling of personal information
The company will respond to requests from customers on information provision related to disclosure, change, or suspension of the use of their personal information, and safety management measures, (hereinafter, “disclosure, etc.”) as follows.
(1) Method of receiving and responding to requests for disclosure, etc.
When making a “Request for disclosure, etc.,” please send us your request by mail, enclosing documents for identification. The company will respond to your request in writing or by other methods.
Planning & Administration Department
Century Medical, Inc.
1-11-2 Osaki, Shinagawa-ku, Tokyo 141-8588, Japan
Identification documents
- A copy of your driver’s license, your passport, your alien registration certificate or special permanent resident certificate
Or
- A copy of either a health insurance card or pension book, and a copy of certificate of residence showing the current address and a receipt of utility bills
(2) In the case of a proxy
If the person making the “Request for disclosure, etc.,” is the legal representative of a principal, a minor or an adult ward, or a proxy authorized by a principal to make the “Request for disclosure, etc.,” please enclose the following documents in addition to the documents for identification as described in the preceding paragraph.
(a) In the case of a legal representative
- Documents confirming the authority of legal representation (a copy of the family register or, in the case of a person with parental authority over a minor who is the principal, a copy of the insurance card with his/her dependents’ names entered)
- Identification documents prescribed in the preceding paragraph for the proxy (the same documents as those for the legal representation are also acceptable)
(b) In the case of a proxy by the power of attorney
- A letter of attorney, certificate of a seal impression of the principal and identification documents prescribed in the preceding paragraph for the proxy
(3) Purpose of use of personal information obtained in connection with a “Request for disclosure, etc.”
Personal information obtained in connection with a “Request for disclosure, etc.” will be handled only within the scope necessary for disclosure, etc. The submitted documents will be retained for one year after the company’s response, after which they will be discarded.
(4) Cases in which personal information cannot be disclosed
In the following cases, we will not respond to the “Request for disclosure, etc.” of personal information.
- When we are unable to confirm the identity of the individual concerned
- When there is a risk of harm to the life, body, property, or other rights or interests of the individual concerned or a third party
- If there is a risk of a significant hindrance to the proper conduct of the company’s business
- If it would violate other laws or regulations
- If there is a clear violation of public order and standards of decency and the “Request for disclosure, etc.” is extremely unacceptable in consideration of social validity
(5) Restrictions
We are unable to respond to the “Request for disclosure, etc.” regarding patient information in this manner. Please contact your medical institution.
9. Use of the company’s website
The company’s website records the information on customers in the form of access logs. The access logs include the IP addresses of users, types of browsers used, and the number of accesses, but do not include any information from which we can identify individuals. Said access logs are used for statistics and analysis for the situation of use of the company’s website, but not for any other purposes.
The company’s website may send cookies to the user’s computer for the following purposes. A cookie is a piece of information, such as a record of usage, that is sent to the user from the server and stored as a file on the user’s computer. Although no personal information is directly stored in the cookie itself, some cookies are tied to personal information to obtain website browsing history data of the company for the following purposes.
- To study the number of visitors and traffic to the company’s website
- To provide information on the company’s products, services, events, seminars, campaigns, surveys, etc., to respond to inquiries, and to improve our service and develop new products
If you do not wish the company to collect cookies and to obtain related web browsing history data, please delete or reject cookies. Please refer to the “Help” menu of your browser for information on how to set cookies. Please note that if you reject cookies, some functions of the contents and services provided by the company may be restricted.
10. Warranty and limitation of liability
The company’s website contains links to external websites. Please be aware that the company is not responsible for the protection of personal information or the content of the linked sites.
11. Revision of the privacy policy
This privacy policy may be revised in order to protect your personal information. After revision, the new policy will be applied. We will not individually notify you of any revisions, so please check this page from time to time.
12. Personal information acquired in the past
Personal information of our customers acquired by the company prior to the posting of this privacy policy will also be handled in accordance with this privacy policy.
13. Contact for inquiries regarding the handling of personal information
Planning & Administration Century Medical, Inc.1-11-2 Osaki, Shinagawa-ku, Tokyo 141-8588, Japan
Email : privacy@cmi.co.jp