Safous Privacy Policy

We take your privacy very seriously. As you use this website, as we respond to your inquiries about the SAFOUS Service (the “Service”), as we send relevant marketing or technical information to you, or as we otherwise engage in marketing and customer support activities regarding the Service and relating IIJ services, we collect and use your personal data. In doing so, we will ensure compliance with JIS Q 15001 standards, as well as applicable data protection and privacy laws, including the General Data Protection Regulation (the “GDPR”) and other data protection and privacy laws of countries and regions outside of Japan where they are extra-territorially applicable to our such processing of your personal data.

Below is the information we are obliged to provide you with pursuant to JIS Q 15001 standards and GDPR.

1. Joint controllers

 1-1. Categories of personal data to be jointly controlled

As described in Section 3.

1-2. Identity and the contact details of joint controllers

  • Internet Initiative Japan Inc.
    Iidabashi Grand Bloom 2-10-2 Fujimi, Chiyoda-ku, Tokyo, JAPAN
    President, Co-CEO & COO, Eijiro Katsu

  • IIJ Deutschland GmbH
    Schwannstraße 10b 40476 Düsseldorf, Germany
    Managing Director, Manabu Yamamoto

  • IIJ Europe Limited.
    1st Floor 80 Cheapside London EC2V 6EE, U.K.
    Managing Director, Manabu Yamamoto

  • IIJ Global Solutions Inc (Japan)
    Iidabashi Grand Bloom 2-10-2 Fujimi, Chiyoda-ku, Tokyo 102-0071, Japan
    Representative Director, President
    Yoshinobu Inoue


  • IIJ America Inc. (USA)
    55 East 59th street, Suite 18C, New York, NY 10022, USA
    COO, Makiko Akagi


  • IIJ Global Solutions Singapore Pte. Ltd. (Singapore)
    8 Burn Road Trivex #07-08 Singapore 369977
    Director, Akira Tsujikawa

  • IIJ Global Solutions Thailand Co., Ltd. (Thailand)
    55 Wave Place Building , Unit 18.02, 18th Floor, Wireless Road, Lumpini, Pathumwan, Bangkok 10330 Thailand
    Managing Director, Hiroyuki Matsunaga

  • IIJ Global Solutions Indonesia (Indonesia)
    MidPlaza 1, 19th Floor Jl. Jend. Sudirman Kav. 10-11 Jakarta Pusat 10220, Indonesia
    Tokuo Nobuhiro, President Director

  • IIJ Global Solutions Vietnam Company Limited (Vietnam)
    2nd floor, Udic Complex Building, Hoang Dao Thuy Street, Trung Hoa Ward, Cau Giay District, Ha Noi, Viet Nam
    Ryo Matsumoto, General Director

1-3. Purpose of the joint control

As described in Section 4.

1-4. Responsible party for the joint controllership

Internet Initiative Japan Inc. (contact details shown at Section 10)


2. Data Protection Officer

Takamichi Miyoshi
iijgroup-dpo-contact@iij.ad.jp


3. Categories of personal data we collect and how we collect them

We collect and use the following categories of your personal data:

  • Your name, email address, department name, title, phone number, company and other contact detail; and
  • Your interaction with us, including your inquiries and our responses, our business communication with you, your use of our website and/or other resources we provide you with.

These data may be either voluntarily submitted by you (e.g., as you fill in forms on this website, or you submit your inquiries to us), automatically collected (e.g., by logging your interaction with this website), or disclosed to us by our sales or technical partners.

You are free regarding whether you provide us with your personal data or not. If you do not provide us with your personal data, we may not be able to provide you with the information or response you would like to receive from us.

 

4. Purpose of processing and legal basis for processing

We collect and process your personal data for the following purposes:

  • To provide the Service;
  • To respond to your inquiries regarding the Service and relating IIJ services;
  • To provide you with the information regarding the Service and relating IIJ services;
  • To provide you with information regarding seminars and events related to the Service and relating IIJ services;
  • To facilitate presales, customer support, and other business communications by ourselves and our sales or technical partners regarding the Service and relating IIJ services; for this purpose, we may disclose your personal data to our sales or technical partners; and
  • To obtain insight that helps us improve our services by analyzing and statistically processing your interaction with us, including your use of our website and/or your responses to our questionnaires;

Where we are subject to the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), we rely on your consent or necessity for the purpose of our legitimate interest (Justified interest on our part in providing our services as long as it is compliant with related protection laws) as the lawful basis for our processing of your personal data for the purpose described above.

 

5. The period for which the personal data will be stored

Please refer to our IIJ Group Global Privacy Policy.

 

6. Your Rights with Personal Data

Please refer to our IIJ Group Global Privacy Policy.

 

7. Recipients or categories of recipients of the personal data

Subject to your consent, we may disclose certain categories of your personal data (including your contact details, your interest in our services, and your interaction with us) with our sales and technical partners in order to facilitate presales, customer support, and other business communications by such partners.


8. Cross-border Transfer of Personal Data

As we disclose your personal data to third parties as described in Section 7, or jointly control your personal data as described in Section 1, we transfer your personal data from Japan, where we are established, to other countries where such third parties or joint controllers are established.

Where we are subject to the GDPR regarding the processing of your personal data, we protect your personal data jointly controlled by other IIJ Group entities as described in Section 1 in accordance with the Binding Corporate Rules of IIJ Group (Controller, Processor) (the “IIJ BCR”) approved by the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (the data protection authority of the federal state of North Rhine-Westphalia of Germany) pursuant to Article 47 GDPR, which bind the relevant IIJ Group entities with a contractual obligation to ensure the protection of personal data entrusted to them at a level effectively equivalent to the level of protection awarded by the GDPR. If you have any inquiries about IIJ BCR, please contact us. A copy of the IIJ BCR is available at https://uk.iij.com/europe/jp/privacy-policy/iij-group-global-privacy-policy.
Otherwise, we rely on your consent to such cross-border transfer.

We may transfer your personal data to the following countries, where the recipient IIJ Group entities are located as described in Section 1. Below is the information we are obliged to disclose to you pursuant to JIS Q 15001 standards:

  • Germany
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: Adequacy Decision
  • United Kingdom
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: Adequacy Decision
  • United States of America (State of New York, State of California)
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: APEC CBPR member
  •  Singapore
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: APEC CBPR member
  •  Thailand
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: None
    • Conformity with the OECD Privacy Guidelines: Yes
  •  Indonesia
    • Does the country have any legislation regulating personal data protection: Indonesia has no comprehensive personal data protection legislation. Several sectoral regulations prescribe obligations to protect personal data.
    • Any benchmark of the level of personal data protection: None
    • Conformity with the OECD Privacy Guidelines: Partial
      1. Collection Limitation Principle: Partially stipulated in the above regulations
      2. Data Quality Principle: Partially stipulated in the above regulations
      3. Purpose Specification Principle: Partially stipulated in the above regulations
      4. Use Limitation Principle: No such provision is found
      5. Security Safeguards Principle: Partially stipulated in the above regulations
      6. Openness Principle: Partially stipulated in the above regulations
      7. Individual Participation Principle: Partially stipulated in the above regulations
      8. Accountability Principle: Partially stipulated in the above regulations
  •  Vietnam
      • Does the country have any legislation regulating personal data protection: Vietnam has no comprehensive personal data protection legislation. Civil Code, Criminal Code, and several sectoral regulations prescribe obligations to protect personal data.
      • Any benchmark of the level of personal data protection: None
      • Conformity with the OECD Privacy Guidelines: Partial
        1. Collection Limitation Principle: Partially stipulated in the above regulations
        2. Data Quality Principle: Partially stipulated in the above regulations
        3. Purpose Specification Principle: Partially stipulated in the above regulations
        4. Use Limitation Principle: Partially stipulated in the above regulations
        5. Security Safeguards Principle: Partially stipulated in the above regulations
        6. Openness Principle: Partially stipulated in the above regulations
        7. Individual Participation Principle: Partially stipulated in the above regulations
        8. Accountability Principle: No such provision is found
  •  Malaysia
    • Does the country have any legislation regulating personal data protection: Yes
    • Any benchmark of the level of personal data protection: None
    • Conformity with the OECD Privacy Guidelines: Partial
      1. Collection Limitation Principle: Partially stipulated in the above regulations
      2. Data Quality Principle: Partially stipulated in the above regulations
      3. Purpose Specification Principle: Partially stipulated in the above regulations
      4. Use Limitation Principle: Partially stipulated in the above regulations
      5. Security Safeguards Principle: Partially stipulated in the above regulations
      6. Openness Principle: Partially stipulated in the above regulations
      7. Individual Participation Principle: Partially stipulated in the above regulations
      8. Accountability Principle: No such provision is found

 

9. How we ensure security of your personal data

We collect and use your personal data in compliance with the IIJ Privacy Policy.

Where we engage third-party service providers in processing your personal data, we will ensure the security of your personal data by imposing certain obligations to have reasonably necessary data protection and security measures in place via an appropriate contractual arrangement with such service providers.


10. Our Contact Deatils

Safous Support
Email : info@safous.com