(4) お客様の同意の範囲で、当社サービス上でプロフィールページ記載の情報の全部又は一部を、お客様の公開設 定に従い、お客様の閲覧に供すること、並びにお客様からのメッセージの送信等のコミュニケーションを可能とすることなど当社サービスの提供
(6) お客様皆様の氏名、会社名、役職を含む個人情報、当社サービス内でのアクセス履歴、商談予約履歴、商談予約時のメッセージ内容、イベント当日の行動履歴などの統計を用いたイベント運営支援の実施、マーケテイ ングやイベント運営の効率化
当社は、お客様から、個人情報が真実でないという理由によって、個人情報保護法の定めに基づきその内容の訂正、 追加又は削除（以下「訂正等」といいます。）を求められた場合には、お客様ご本人からのご請求であることを確認 の上で、利用目的の達成に必要な範囲内において、遅滞なく必要な調査を行い、その結果に基づき、個人情報の内容の訂正等を行い、その旨をお客様に通知します（訂正等を行わない旨の決定をしたときは、お客様に対しその旨を通 知いたします。）。但し、個人情報保護法その他の法令により、当社が訂正等の義務を負わない場合は、この限りではありません。
当社は、お客様から、お客様の個人情報が、あらかじめ公表された利用目的の範囲を超えて取り扱われているという 理由又は偽りその他不正の手段により取得されたものであるという理由により、個人情報保護法の定めに基づきその 利用の停止又は消去（以下「利用停止等」といいます。）を求められた場合、又は個人情報がご本人の同意なく第三 者に提供されているという理由により、個人情報保護法の定めに基づきその提供の停止（以下「提供停止」といいます。）を求められた場合において、そのご請求に理由があることが判明した場合には、お客様ご本人からのご請求で あることを確認の上で、遅滞なく個人情報の利用停止等又は提供停止を行い、その旨をお客様に通知します。但し、個人情報保護法その他の法令により、当社が利用停止等又は提供停止の義務を負わない場合は、この限りではありません。
株式会社EventHub (EventHub Co., Ltd.)
We (EventHub Co., Ltd.) acknowledge the importance of protecting “users’” (Customer using our services, “EventHub” and/or “CommunityHub”) personal information and will make all efforts necessary to abide by Japan’s personal information protection laws according to the following privacy policies.
We define “personal information” as information defined by Japan’s personal information protection law Article 2 Item 2, which defines personal information as any information about a person including his or her name, date of birth, or other information that is unique to his or her identity.
2. Purpose of Use
We will use your personal information for the following purposes and functions of our service:
(1) Our product’s user management operations, such as identification of users upon and after log-in, and automatic display of users’ personal information on application screens.
(2) User profile pages within our application, where users can display their information to other users or event organizers, as well as communicate with other users via our messenger platform. They are able to disclose all or part of their personal information (e.g., name, affiliation, title, etc.) to the extent that they choose in their account settings.
(3) Provision of event ticket selling platform
(4) Provision of messenger services within the application, where users can view each other’s personal information to
the extent that each user has disclosed under his or her account settings.
(5) Notification (through email) of important information regarding use of our service.
(6) Event consultation services based on information collected from data analysis using users’ personal
information, access and meeting reservation history, meeting reservation messages, and behavior during the event
period (while keeping each user account anonymous and undistinguishable).
(7) Targeted advertisements and notifications based on users’ behavior, access history and personal
information (while keeping each user account anonymous and undistinguishable).
(8) Use and creation of statistical analysis regarding our service (while keeping each user account anonymous and
(9) For marketing materials and information to share with partner companies (while keeping each user account
anonymous and undistinguishable).a
3. Changes in purposes of personal information use
We have the right to change purposes written above insofar as it is deemed appropriate, and will notify you in case of such changes.
We will not use your personal information without your approval beyond the level that we need to deliver our services, except for in the following circumstances.
(1) When it is legal to do so
(2) When the information is necessary for safety or security and it is difficult to obtain your approval beforehand
(3) When the information is necessary for public health and child development and it is difficult to obtain your approval
(4) When the government, municipal organizations or any organization working for them mandate disclosure of
personal information for them to carry out their governmental duties, and when it is not possible for them nor us to notify you as it will counter their duties.
5. Obtainment of personal information
We will obtain personal information through appropriate, and never fraudulent, means.
6. Proper management of personal information
We commit to making all measures possible and will supervise all employees and external parties (under contract) involved in the management of personal information as to prevent any loss, damage and leakage of information.
7. Disclosure to third parties
We will not share your personal information without prior notice and agreement at all cases, except for when we are legally mandated to disclose such information under personal information protection law. The following acts, however, are not regarded as “disclosure of information to third parties” and therefore do not follow the above clause:
(1) When we outsource part or all of our operations to another company under a legal contract
(2) Sharing of information upon mergers or acquisitions with another company
8. Disclosure of personal information
In cases where users request for disclosure of their personal information back to them, we will abide by the personal information protection laws and first confirm their identity and then disclose their information promptly (or let them know if such information doesn’t exit). However, we will not do so in cases where we are deemed not responsible by personal information protection laws.
9. Editing personal information
In cases where users assert that their information is false and therefore request an update or deletion, we will abide by personal information protection laws and first conduct research to ensure that the claim is correct. If the claim is correct, we will update or delete his or her information accordingly and notify upon completion. If the claim is not correct, we will inform them of that fact and that we therefore do not need to delete or edit their information. We will also not edit or delete information in cases where we are deemed not responsible by personal information protection laws.
10. Termination of use
In case of requests by users that we have used or obtained their personal information inappropriately and the information should thus be deleted or terminated, or that we have provided their personal information to third parties without their consent, we will abide by personal information laws and act promptly to such requests. We will namely agree to stop using or delete their personal information after confirming their identity, and will let the user know upon completion of the request. However, we will not respond to such requests in cases where we are not held responsible per personal information protection laws.
11. Cookie and other technologies
We use Cookie and other related technologies for continued tracking and improvement of our service. For those users who would like to disable the cookie on their browser, they may do so by changing their browser settings. However, please note that a part of our service will be unavailable for use once the cookie has been turned off.
EventHub will be sending the users emails regarding the use of service for the event that they are attending. We will not be sending them direct emails that are irrelevant to their use of this service for the event that they are attending.
13. Contact Us
(Offices are open on weekdays from 10AM to 6PM Tokyo time).
14. Continued improvement
The following terms as used herein shall have the meanings as set forth below. Definitions of the terms that are not defined herein shall be subject to the applicable definitions provided in GDPR.
(1) “EU” means the European Union that includes the member states of the European Union, as well as Iceland, Liechtenstein and Norway under Agreement on the European Economic Area (EEA).
(2) “GDPR” means REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC(General Data Protection Regulation).
(3) “Applicable Privacy Laws” means applicable privacy laws including GDPR and domestic laws related thereto of relevant countries.
(4) “personal data” means “personal data” as defined in GDPR.
(5) “processing” means “processing” as defined in GDPR.
(6) “Controller” means “controller” as defined in GDPR.
(7) “Representative” means “representative” as defined in GDPR.
3. Users under the age of 16
The Controller for the processing of the personal data shall be the Company, whose contact details are as follows. EventHub Co., Ltd.
Higashinihombashi EX Bld.7F , 3-4-18, Higashinihombashi, Chuo-Ku, Tokyo, 〒103-0004 firstname.lastname@example.org
5. Personal Data to be Collected
5.1 The Company may obtain the following personal data from the Users.
(2) Email address
(3) User name and password
(4) IP address, information of browser and OS, cookie information, history information of website access
(5) Company and/or affiliation
(6) Job title
(8) Relevant keywords and industry information
(9) Number of times to contact
(10) Search history
(11) Other information that event organizer deemed necessary for event registration
5.2 The Company may collect the personal data in the following cases.
(1) When the User subscribes for the Service, including, but not limited to, through the registration form of the Company, the registration form of other companies via API linkage or CSV uploading
(2) When the User otherwise uses the Service
(3) When the Company receives from affiliated parties information regarding transaction record or payment between the User and the Company or the affiliated parties
6. Purpose and legal basis of Data Processing
6.1 The Company shall process the personal data only for the purposes as set forth below.
(1) Productʼs user management operations
The Company may process the personal data of the User for the Company’s product’s user management operations such as identification of Users upon and after log-in, and automatic display of Usersʼ personal information on application screens for the purpose of performing the contract.
(2) User profile pages
The Company may process the personal data of the User for User profile pages within the Company’s application, where Users can display their information to other Users or event organizers, as well as communicate with other Users via the Company’s messenger platform for the purpose of performing the contract. The receiving parties are able to disclose all or part of their personal information (e.g., name, affiliation, title, etc.) to the extent that they choose in their account settings for the purpose of performing the contract.
(3) Provision of messenger services
The Company may process the personal data of the User for provision of messenger services within the application, where the Users can view each otherʼs personal information to the extent that each User has disclosed under his or her account settings for the purpose of performing the contract.
The Company may process the personal data of the User for notification of important information regarding use of the Service for the purpose of performing the contract.
(5) Event consultation services
The Company shall obtain the User’s prior consent if the Company processes the personal data of the User for event consultation services based on information collected from data analysis using Usersʼ personal information, access and meeting reservation history, meeting reservation messages, and behavior during the event period (while keeping each User account anonymous and undistinguishable).
(6) Targeted advertisements
The Company shall obtain the User’s prior explicit consent if the Company processes the personal data of the User for targeted advertisements and notifications based on Usersʼ behavior, access history and personal information (while keeping each User account anonymous and undistinguishable).
(7) Use and creation of statistical analysis regarding the Service
The Company shall obtain the User’s prior consent if the Company processes the personal data of the User for use and creation of statistical analysis regarding the Service (while keeping each User account anonymous and undistinguishable).
(8) For marketing materials and information to share with partner companies
The Company shall obtain the User’s prior consent if the Company processes the personal data of the User for marketing materials and information to share with partner companies (while keeping each User account anonymous and undistinguishable).
6.2 In cases where the Company intends to further process the personal data for a purpose other than that for which the personal
data were collected, the Company shall provide the User prior to that further processing with information on that other purpose.
7. Provision of Information to Third Party
The Company may provide the personal data of the Users to the following parties, to the extent necessary for pursuing the purpose of processing. As set forth in Section 8.2, such third parties may include parties residing or located in countries outside the EU.
(1) Group companies and partner companies of the Company
(2) Accountants, lawyers and other professional advisers
(3) Providers of the services related to the Service, including, without limitation, data storage, maintenance and payment service
(4) Parties to whom the Company entrusts a whole or part of the handling of the personal data within the necessary scope to achieve purposes of processing
(5) Successors of business succession of the Company caused by a merger or any other reason
8. Transfer of Personal Data to Third Countries
8.1 When the Company receives personal data from the User, the personal data are transferred from the EU region to Japan.
8.2 In addition to the foregoing, the Company may, to the extent necessary for pursuing the aforementioned purposes of processing, transfer personal data of the Users to countries outside the EU, including, without limitation, Japan, and further process the same. The User may not have the right as a data subject same as that under GDPR in countries outside the EU, and the Company shall take steps regarding the User’s personal data in accordance with the Applicable Privacy Laws, by means such as execution of standard contractual clauses under GDPR.
8.4 Japan, to which the transfer stipulated in this Section 8 is made, has obtained an adequacy decision by European Commission.
9. Storage Period
The Company shall store the personal data of the Users to the extent necessary for the purpose of processing thereof, and delete
the personal data when the storage becomes unnecessary for such purpose.
Cookies or similar technologies may be used in the Company’s service. Such technologies help the Company to recognize the status of use of the Company’s service, etc. and contribute to improvement of the service. When a User intends to disable cookies, the User may disable cookies by changing the web browser’s settings. Please note that when cookies are disabled, a part of the service may be unavailable.
11. Disclosure, Modification, Deletion, etc. of Personal Data
11.1 If a User that is the subject of the personal data requires any of the following, please notify the contact address of the Company of that effect. The Company will properly respond to that request pursuant to the User’s right under the Applicable Privacy Laws.
(1) Access to personal data
(2) Modification of personal data
(3) Deletion of personal data
(4) Restriction on processing of personal data
(5) Objection to processing
(6) Exercise of right to data portability
11.2 For the request under Section 11.1, please submit the following documents by mail or email.
(1) Request form specified by the Company
(2) Document for identification of the User as specified by the Company
(3) Document for identification of the representative of the User as specified by the Company
11.3 To avoid undue modification, divulge, etc. of the personal data of the User by a third party, the Company will respond to the request by mail or email, only if the identity confirmation is made by the submitted documents. Although the Company will make effort to promptly respond, please note that it may take time until response, for the confirmation of the applicable registered personal data and for assuring accuracy.
11.4 The Company will not return the request form or identification documents received from the User or its representative. Please understand that the Company will keep the request form properly, and delete the identification documents in an appropriate manner when the purpose of use thereof is achieved.
12. Withdrawal of Consent
For the processing of the personal data based on the User’s consent, the User shall have the right to withdraw the consent for the personal data at any time.
13. Lodgment of Complaint with Supervisory Authority
In addition to the aforementioned rights, the User may lodge a complaint with a supervisory authority at any time. However, the Company appreciates a notification to the Company prior to contacting the supervisory authority, so that the Company may have the opportunity to respond to the complaint of the User.
14. Necessity of Provision of Personal Data
Since the personal data to be provided by the User are necessary for the Company to provide the Service, the Service may be unavailable to the User that does not provide the data.
For questions or complaints, or for the exercise of the rights under Sections 11 and 12, please contact the following contact addresses.
Higashinihombashi EX Bld.7F , 3-4-18, Higashinihombashi, Chuo-Ku, Tokyo, 〒103-0004
(The hours for inquiries are from 10AM to 6PM on weekdays (excluding Saturday, Sunday and holidays) Japan time and calendar)
17. General Provisions
18 . Handling of Personal Data Provided on the Basis of an Adequacy Decision
18.1 In the event that personal data provided from the EU region on the basis of the Adequacy Decision contains information on sex life, sexual orientation, or trade union membership, as defined in the GDPR as “Special Categories of Personal Data”, such information shall be treated as special care-required personal information under the Act on the Protection of Personal Information, the law of Japan (the “the Personal Information Protection Law”).
18.2 Personal data that the Company has received from the EU region on the basis of the Adequacy Decision shall be treated as retained personal data as set forth in Article2, paragraph 7 of the Personal Information Protection Law, regardless of the period within which such information shall be deleted, unless such data falls under the category of “those prescribed by cabinet order as likely to harm the public or other interests if their presence or absence is made known” as set forth in the said paragraph.
18.3 When the Company receives personal data from the EU region on the basis of the Adequacy Decision, the Company shall confirm and keep a record of the circumstances under which the said personal data was acquired, including the purposes of processing specified at the time when personal data are obtained under the provisions of Article 26, paragraphs 1 and 3 of the Personal Information Protection Law.
18.4 In the event that the Company receives the personal data from another personal information handling business operator (as set forth in the Personal Information Protection Law) that has received the personal data provided from the EU region on the basis of the Adequacy Decision , the Company shall confirm and keep a record of the circumstances under which such
personal data was acquired, including the purposes of processing specified at the time when personal data are obtained based on the provisions of Article 26, paragraphs 1 and 3 of the Personal Information Protection Law.
18.5 With respect to personal data that has been confirmed and kept record of in accordance with 18.3 or 18.4, the Company shall specify the purposes of processing within the scope of the purposes of processing specified at the time of initial or when personal data are obtained and shall use such personal data within the scope of the purposes of processing.
18.6 In providing personal data provided from the EU region on the basis of the Adequacy Decision to a third party in a foreign country, the Company shall obtain the User’s prior consent to the effect that he or she approves the provision to the third party in a foreign country on the condition that the company provides information on the status of the receiving party necessary for the User to make a decision concerning the consent under Article 24 of the Personal Information Protection Law.
18.7 Personal data provided from the EU region on the basis of the Adequacy Decision shall be deemed to be the anonymously processed information provided in the Personal Information Protection Law provided that such personal data are processed not to be able to restore the personal information by deleting processing method information (individual identification codes deleted from personal information used to produce the anonymously processed information, individual identification code, and information on the processing method carried out pursuant to the provisions of Article 36, Paragraph 1 of the Personal Information Protection Law (limited to information that can be used to restore the personal information) ).