Website Privacy Policy

Introduction

Nakagawa Corporation (hereinafter referred to as “the Company”) recognizes the importance of protecting

personal  information in the advanced information and telecommunications society and considers the proper management

and operation of such information to be a social responsibility of the Company.

   

Based on the Company’s Personal Data Protection Policy, the Company hereby establishes the following Privacy Policy

for this website operated by the Company.

This Policy applies not only to customers in Japan but also to visitors worldwide, including residents of

the European Economic Area (EEA) who are subject to the EU General Data Protection Regulation (GDPR).

In accordance with this Privacy Policy, we will handle the personal information of customers and all other visitors

to this website and strive to manage and operate this website so that customers may use our services with confidence.

By providing personal information through this website, you are deemed to have agreed to this Policy.

However, if specific pages or contracts stipulate provisions that differ from this Policy, such provisions shall prevail.

　

1. Definitions

Personal Data:

Information relating to a living individual that can identify a specific individual by name, date of birth, or other descriptions.

This includes numbers, symbols, or other identifiers assigned to an individual, images, voice data, and online identifiers

such as IP addresses and cookies.

　

Controller:

The legal entity that determines the purposes and means of processing personal data.

The Controller of this website is Nakagawa Corporation.

   

Data Subject:

A specific individual whose personal data is processed by the Company (e.g., website visitors, customers, job applicants).

　

Processing:

Any operation performed on personal data, including collection, recording, storage, reference, use, disclosure, restriction,

and deletion.

　

　

2. Compliance with Laws and Regulations

The Company complies with the Act on the Protection of Personal Information of Japan (APPI),

the EU General Data Protection Regulation (GDPR), and other relevant laws, regulations, standards

(including JNSA guidelines), and applicable guidelines.

　

　

3. Legal Basis for Processing

The Company processes personal data only where one of the following legal bases applies:

  ・Consent: Where the data subject has given clear consent for specific purposes.

  ・Contract: Where processing is necessary for the conclusion or performance of a contract with the data subject.

  ・ Legal Obligation: Where processing is necessary to comply with legal obligations (such as tax or labor laws).

  ・ Legitimate Interests: Where processing is necessary for the Company’s legitimate business interests

    (such as maintaining website security or improving services),

     provided that such interests do not override the fundamental rights of the data subject.

　

　

4. Acquisition of Personal Data

The Company acquires personal information by lawful and fair means, without deception or other improper methods.

When collecting personal information, the Company clearly specifies the purpose of use and

acquires only the information necessary to achieve such purpose.

If information beyond the stated purpose is included, the Company will, in principle, refuse to accept it or

appropriately handle only the necessary portion

　

　

5. Use of Personal Data

The Company uses personal information only within the scope of the stated purposes.

If personal information is to be used beyond such scope, the Company will obtain prior consent from the data subject.

          

For the purpose of business operations, the Company may entrust the handling of personal data

to cooperating companies (data processors), such as IT service providers or logistics partners,

under appropriate supervision.

　

　

6. Internal Regulations Regarding Personal Information

The Company establishes internal regulations and necessary operational rules concerning the handling of personal

and corporate information and information systems.

The Company provides education and training to all employees regarding personal information protection and

ensures thorough awareness of such policies.

The Company appoints information management officers in each department and maintains an organizational structure

to ensure compliance with personal information protection and

the protection of corporate information necessary for business operations.

　

　

7. Provision of Personal Data to Third Parties

The Company does not provide or disclose personal information to third parties except in the following cases:

  ・With the consent of the Data Subjec

  ・When outsourcing within the scope necessary to achieve legitimate purposes

    (e.g., delivery companies, IT service providers)

  ・When processed into statistical data that does not identify individuals

  ・When disclosure is required by law

　

　

 8. International Transfer of Personal Data

The Company is based in Japan.

Personal data provided from outside Japan will be transferred to and stored on servers located in Japan.

                                     　  

Notice to EEA Residents:

The European Commission has adopted an adequacy decision recognizing that Japan provides a level of data protection

equivalent to that of the GDPR.

This means that your personal data will be protected to a high standard equivalent to that within the EEA.

　

　

9. Technical and organizational Security Measures

The Company implements reasonable and appropriate organizational and technical security measures

—such as firewalls, access restrictions, and internal access controls—

to prevent unauthorized access, destruction, loss, alteration, or leakage of personal data.

　

　

10. Rights of Data Subjects

Data subjects have the following rights regarding their personal data:

  ・Right of Access: The right to confirm the content of their personal data.

  ・Right to Rectification and Erasure: The right to request correction of inaccurate data or deletion of data

       (“right to be forgotten”).

  ・Right to Restriction and Objection: The right to request restriction of processing or to object to processing

       based on legitimate interests.

  ・Right to Data Portability: The right to receive personal data in a structured, commonly used, machine-readable format.

  ・Right to Lodge a Complaint: The right to lodge a complaint with a national data protection authority.

　

　

 11. Procedures for Disclosure, Correction, and Deletion

If you wish to inquire about, correct, or delete personal information processed and stored by the Company,

please contact the “Comprehensive Personal Information Desk” listed below.

Students who applied through the Company’s recruitment page will be handled according to the procedures specified

in the recruitment information.

Business partners who have provided personal information for business purposes will be given priority handling

through the designated procedures of the responsible department.

                           　     

Application Procedure:

Please contact the “Comprehensive Personal Information Desk,” complete the prescribed application form,

and submit it together with official identification

(such as a copy of a residence certificate or driver’s license). The Company will verify the identity of the applicant.

　

Disclosure to the Data Subject:

Upon receipt of the application form, the Company will, in principle, respond within three weeks in writing or

by electronic file.

The response will be sent to the address stated on the official identification and addressed to the data subject.

　

Disclaimer Regarding Authority:

If the personal information in question was entrusted to the Company by a client for business purposes and

the Company does not have authority over its handling,

the Company may be unable to accept the request.

　

　

12. Google Analytics and Cookies

This website uses Google Analytics to analyze website usage.

Cookies are used to collect access logs, but no personally identifiable information is obtained.

The collected logs are managed in accordance with Google’s Privacy Policy.

You may refuse the use of cookies through your browser settings or add-ons.

　

　

13. Use of SSL (Encrypted Communication)

To ensure secure communication, this website uses SSL (Secure Socket Layer) encryption

to prevent leakage or alteration due to unauthorized external access.

　

　

14. Disclaimer and Scope of Responsibility

 The Company is not responsible for the handling of personal information on third-party websites linked from this website.

　

　

15. Contact Information (General Personal Data Desk)

For inquiries regarding this Policy or to exercise your rights, please contact.

　

General Personal Data Desk

Address: 1-29-7 Yanagibashi, Taito-ku, Tokyo 111-0052, Japan,

                  Nakagawa Coporation, General Affairs Department

Telephone and fax contacts:

Tel: 03-3861-2111, Fax: 03-3861-9156

Email address: private-policy@nakagawa-tokyo.co.jp

　

　

The Company will endeavor to maintain and operate its personal information protection system

in accordance with this Privacy Policy.

This Privacy Policy will be reviewed and improved as necessary. Please check the latest version.

　

Date: 1st April, 2026

　

Nakagawa Coporation

President and CEO: Takeyuki Nakagawa