Bluestone Link and Circle Co., Ltd. will promote its corporate activities by effectively utilizing information and communication networks, Internet technology, and new means of information and communication. Based on the participation of all employees in implementing our corporate philosophy, we will actively engage in information security in all areas of our corporate activities, and securely protect and implement measures for the information assets of our customers and client companies acquired through our business activities. Specifically, we will handle information as follows.

Personal Information and Specific Personal Information Protection Policy

Bluestone Link and Circle Co., Ltd. recognizes that protecting the personal information and specific personal information, etc., of our customers and employees is a significant social responsibility in conducting corporate activities utilizing information and communication networks, Internet technology, and new means of information and communication. We hereby declare that we have established the Personal Information and Specific Personal Information Protection Policy as follows and will strive as an entire company to ensure appropriate handling.
1. Personal Information and Specific Personal Information, etc., will be acquired and provided by appropriate means, limited to the scope necessary for entrusted operations and the employment and personnel management of employees. Furthermore, we will not handle such information beyond the scope necessary to achieve the specified purpose of use (unintended use) and will take measures to ensure this.
2. Regarding risks such as unauthorized access to Personal Information and Specific Personal Information, etc., or the loss, destruction, falsification, and leakage of personal information, we will take reasonable security measures through education, audits, and improvements, and continuously improve our personal information and specific personal information protection system.
3. We will comply with applicable laws, regulations, and other norms regarding Personal Information and Specific Personal Information, etc., held by our company.
4. Our company will respond appropriately and promptly to inquiries and complaints regarding Personal Information and Specific Personal Information, etc.
5. Based on social needs, individual requests, or the latest IT trends, we will review our personal information and specific personal information protection system in a timely and appropriate manner and continuously make improvements.
February 20, 2006 (Established)
April 28, 2025 (Revised)
Bluestone Link and Circle Co., Ltd.
Representative Director Munetaka Ishizawa

Handling of Personal Information and Specific Personal Information, etc.

Bluestone Link and Circle Co., Ltd., based on the “Personal Information and Specific Personal Information Protection Policy,” handles personal information and specific personal information, etc., used for its business as follows.
1. Purpose of Use of Personal Information and Specific Personal Information, etc.
   (1) Personal information handled by our company will be handled appropriately within the scope of the following purposes of use.
   
   

   Purpose of Use of Personal Information

   Type of Personal Information	Purpose of Use
   Customer’s Personal Information	For business execution Sending contracts, quotations, purchase orders, invoices, etc. Communication for the above Emergency contact Contact for after-sales follow-up and sales activities Information on new services Sending seasonal greetings
   Job Applicant’s Personal Information	Contact regarding interviews for recruitment selection Notification of success or failure in recruitment selection
   Employee’s Personal Information	Personnel and labor management (specified in a separate consent form)
   Personal Information Obtained Through Inquiries	Contact for responding to inquiries
   Personal Information Obtained Through Entrusted Operations	For contract fulfillment in entrusted operations
   Personal Information Obtained from Meeting Recordings	For meeting minutes

   
   (2) Specific personal information, etc., handled by our company will be handled appropriately within the scope of specific administrative work related to social security, taxation, and disaster countermeasures.
   
2. Provision of Personal Information and Specific Personal Information, etc., to Third Parties
   (1) Our company will not disclose or provide personal information to third parties except for business execution purposes and in the cases ① to ⑦ below.
   ① When based on laws and regulations
   ② When it is necessary for the protection of a person’s life, body, or property, and it is difficult to obtain the consent of the individual
   ③ When it is particularly necessary for the improvement of public health or the promotion of the sound upbringing of children, and it is difficult to obtain the consent of the individual
   ④ When it is necessary to cooperate with a national agency, local government, or a party entrusted by them in executing affairs prescribed by laws and regulations, and obtaining the consent of the individual is likely to hinder the execution of said affairs
   ⑤ When the business operator handling personal information is an academic research institution, etc., and the provision of said personal data is unavoidable for the publication of academic research results or for teaching purposes (excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals).
   ⑥ When the business operator handling personal information is an academic research institution, etc., and it is necessary to provide said personal data for academic research purposes (including cases where part of the purpose of providing said personal data is for academic research, and excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals) (limited to cases where the business operator handling personal information and said third party conduct joint academic research).
   ⑦ When said third party is an academic research institution, etc., and it is necessary for said third party to handle said personal data for academic research purposes (including cases where part of the purpose of handling said personal data is for academic research, and excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals).
   
   (2) Our company will provide specific personal information, etc., only in cases that fall under each item of Article 19 of the My Number Act, and will not provide specific personal information, etc., otherwise.
   
3. Management of Contractors, etc.
   To achieve the purposes of use indicated in Section 1, our company may entrust the personal information and specific personal information, etc., received to contracted companies with which we have concluded an agreement.
   We will require contractors to handle, manage, and protect such information appropriately, and prohibit them from disclosing or providing it to third parties or using it for purposes other than those stated in Section 1.
   
4. Measures Taken for the Secure Management of Our Company’s Personal Information Protection
   (1) Establishment of a Basic Policy
   Establishment of a basic policy regarding “compliance with relevant laws, regulations, guidelines, etc.,” “contact point for questions and complaints,” etc., to ensure the proper handling of personal data.
   (2) Development of Regulations Regarding the Handling of Personal Data
   Development of regulations for handling personal data, stipulating handling methods, responsible persons/staff and their duties, etc., for each stage, including acquisition, use, storage, provision, deletion, and disposal.
   (3) Organizational Security Management Measures
   Establishment of a person responsible for handling personal data, clarification of the employees handling personal data and the scope of personal data they handle, and establishment of a reporting and communication system to the responsible person in case of discovering or suspecting a violation of laws or handling regulations. Regular internal audits on the status of personal data handling, and undergoing external audits for JAPHIC Mark certification using the guidelines on the Act on the Protection of Personal Information (Personal Information Protection Commission) as examination criteria.
   (4) Human Security Management Measures
   Regular training for employees on important points regarding the handling of personal data.
   Inclusion of matters concerning confidentiality of personal data in the work rules.
   (5) Physical Security Management Measures
   Implementation of access control for employees in areas where personal data is handled, and measures to prevent unauthorized persons from viewing personal data.
   Implementation of measures to prevent theft or loss of equipment, electronic media, and documents handling personal data, and measures to ensure that personal data is not easily identifiable when carrying such equipment, electronic media, etc., including movement within the office.
   (6) Technical Security Management Measures
   Implementation of access control to limit the scope of 담당자 (persons in charge) and the personal information databases, etc., they handle.
   Introduction of a system to protect information systems handling personal data from unauthorized external access or malicious software.
   
5. Procedures for Inquiries, Disclosure, etc., of Personal Information and Specific Personal Information, etc.
   (1) If you or your representative request notification of the purpose of use, disclosure, records of provision to third parties, correction, addition or deletion of content, suspension of use, erasure, or suspension of provision to third parties (hereinafter referred to as “Disclosure, etc.”) regarding personal information and specific personal information, etc., we will respond in good faith.
   (2) When making an inquiry, we will verify whether you are the individual or their representative.
   (3) If we cannot confirm your identity as the individual or their representative, we may not be able to respond to your inquiries or requests for Disclosure, etc.
   (4) Requests for Disclosure, etc., from the individual or their representative will be answered within a reasonable period.
   

【Procedure for Disclosure, etc.】
(1) Please contact us by email at the contact point below.
(2) We will send you our designated “Application Form for Disclosure, etc., of Personal Information,” so please fill in the necessary items.
(3) We will verify your identity based on the personal information held by our company.
(4) In the case of inquiries from a representative, we will confirm their status as a representative with a power of attorney and a seal registration certificate.
(5) Please mail the “Application Form for Disclosure, etc., of Personal Information.”
(6) Personal information received through the “Application Form for Disclosure, etc., of Personal Information” will be used for communication with the inquiring customer and for identity verification. It will not be used for any other purpose. The submitted documents will be stored for one year after the response to the request for Disclosure, etc., is completed, and then discarded.

*Procedures for the disclosure, etc., of specific personal information are the same as above; however, from the perspective of compliance with the My Number Act, disclosure will be made after the specific personal information manager determines whether disclosure is possible.

【Burden of Shipping Costs and Collection Method for “Requests for Disclosure, etc.”】
When making a “Request for Disclosure, etc.,” a fee of 1,100 yen will be charged for each application. Please enclose postage stamps worth 1,100 yen with your application documents.


6. Contact for Disclosure, etc., Complaints, and Consultation Regarding Personal Information and Specific Personal Information, etc.
   Bluestone Link and Circle Co., Ltd. Personal Information Consultation Desk
   E-Mail：info@bluestone-lac.com
   Phone：03-6809-6808
   Mail：Sakai Building 4F, 2-14-18 Shibaura, Minato-ku, Tokyo 108-0023
   
7. About Accredited Personal Information Protection Organizations
   Our company is a target business operator of the JAPHIC Mark Certification Organization, an accredited personal information protection organization based on the Act on the Protection of Personal Information.
   For complaints and consultations regarding our company’s handling of personal information, please contact the JAPHIC Mark Certification Organization via the URL below.
   https://japhic.or.jp/contact/
   *This is not a contact for inquiries about our company’s products or services.
   Our company’s accredited certification body is PICC Co., Ltd. (https://www.picc.co.jp/), and support for creating this page was provided by Mark Acquisition Support Co., Ltd. (https://japhic-i.com/).
   
Bluestone Link and Circle Co., Ltd.
Representative Director Munetaka Ishizawa
Sakai Building 4F, 2-14-18 Shibaura, Minato-ku, Tokyo

Information Security Protection Policy

1. For personal information provided by customers, a management supervisor will be appointed for each department handling said personal information, and said management supervisor will ensure appropriate management.
2. For personal information provided by customers, a management supervisor will be appointed for each department handling said personal information, and said management supervisor will ensure appropriate management.
3. When acquiring or collecting personal information from customers, we will specify the purpose of use as much as possible and clarify our company’s contact points, etc.
4. Acquired personal information will not be provided or disclosed to third parties other than companies, etc., for which we have obtained the consent of the customer who provided it. Furthermore, for third parties to whom we provide or disclose personal information with the customer’s consent, we will implement appropriate management by contractually obligating them not to leak or re-disclose the customer’s personal information.
5. On this website, when customers provide personal information, we use industry-standard SSL encryption to protect data transmission.
6. If customers wish to inquire about or correct their own personal information, please contact our company’s contact point, and we will respond promptly within a reasonable scope of our authority.

Environmental Activities

Coexisting with the global environment is a social responsibility for companies, and it is important to build an environmentally friendly, sustainable society. Bluestone Link and Circle Co., Ltd. conducts business activities centered on the information and communication business, and even in our business activities, we emphasize harmony with the environment and actively promote the reduction of environmental burden.

Quality Management

Bluestone Link and Circle Co., Ltd. will sincerely provide products that meet customer needs based on its management policy. Aiming for the continuous improvement of customer trust, we will mutually cooperate with other management systems and conduct improvement activities with partner companies. Furthermore, the quality policy will be disseminated to all employees, and we will strive to improve excellent knowledge and skills according to their job duties.