Privacy Policy

Xspear Consulting, Inc. (the “Company”) has established and adheres to the following Privacy Policy to ensure the proper protection and management of personal information.

1.Appropriate handling

Except where required by law, the Company will not handle personal information beyond the scope necessary to achieve the stated Purpose of Use without obtaining prior consent from the individual. Furthermore, when personal information is obtained directly in writing, the Purpose of Use will be clearly disclosed on each such occasion.

2.Implementation of security measures

The Company shall take necessary and appropriate measures—including organizational, personnel, physical, and technical security measures—to prevent the leakage, loss, or damage of the personal data it handles and to ensure its proper security management. The Company shall also exercise necessary and appropriate supervision over its employees and service providers.

3.Supervision of officers and employees

When officers or employees handle personal information, the Company undertakes necessary and appropriate supervision to ensure its security and proper management.

4.Supervision of subcontractors

The Company may entrust all or part of the handling of personal information to subcontractors, and when doing so, will supervise such subcontractors as necessary and appropriate to ensure the secure management of personal information.

5.Compliance with relevant laws, regulations, and guidelines

The Company complies with all relevant laws, regulations, and guidelines related to the protection of personal information.

6.Continuous improvement

The Company continuously strives to improve its handling of personal information.

Enacted on April 1, 2014
Last revised on April 1, 2024

Masataka Soda
Representative Director and President
Xspear Consulting, Inc.

Public Disclosure under the Act on the Protection of Personal Information

1.Name of the business operator handling personal information

Xspear Consulting, Inc., led by Masataka Soda,
Representative Director and President

2.Purpose of use

Unless otherwise required by laws and regulations, we will use the personal information we acquire only within the scope necessary to achieve the purposes of use specified in the table below.

Category of personal information	Purpose of use
(1)Information concerning company shareholders	To exercise rights and fulfill obligations in accordance with laws and regulations To provide services and conveniences related to shareholders’ status To implement various measures to maintain a smooth relationship between shareholders and the Company To manage shareholder information in accordance with laws and regulations
(2)Information obtained through the Company’s public relations and IR activities	To provide information regarding the business and financial conditions of Simplex Group companies To provide information regarding the products, services, events, and other offerings of Simplex Group companies
(3)Information obtained through the sale or provision of the Company’s products or services	To exercise contractual rights and fulfill contractual obligations To manage order operations To provide information regarding the products, services, events, and other offerings of Simplex Group companies
(4)Information obtained through the purchase or use of the Company’s products or services	To exercise contractual rights and fulfill contractual obligations To manage procurement operations To provide information regarding the products, services, events, and other offerings of Simplex Group companies
(5)Information on individuals who apply for, attend, or participate in events hosted or joined by the Company	To provide information regarding the products, services, events, and other offerings of Simplex Group companies
(6)Information regarding the officers and employees (including former officers and employees) of the Company	To manage personnel and labor affairs To conduct and manage business operations and work-related duties To ensure security
(7)Information regarding individuals who apply for employment or request information related to the recruitment process	To carry out procedures related to recruitment and selection To conduct personnel management after an offer of employment is made To analyze recruitment activities
(8)Information regarding individuals who visit the Company	To ensure the security of Simplex Group companies
(9)Information regarding individuals who make inquiries to the Company	To confirm inquiry details and to provide answers, responses, and other related support
(10)Information entrusted to the Company for handling	To carry out the entrusted work
(11)Information obtained upon consenting to the Purpose of Use disclosed by the Company	To achieve the consented Purpose of Use

3.Security management measures

The Company implements the following security measures for the personal data it retains.

Classification	Description
(1)Organizational security measures	Based on the Company’s Personal Information Protection Regulations, we designate a person responsible for handling personal data, establish escalation procedures in the event that any violations or potential violations of laws or regulations are identified, and conduct regular audits by the system audit department.
(2)Personnel security measures	We provide regular training for employees and contractors, and explicitly specify the handling of confidential information, including personal information, in the Company’s employment regulations and other relevant documents.
(3)Physical security measures	We implement appropriate area segregation and strict access controls.
(4)Technical security measures	We implement appropriate access controls based on the Company’s Information System Operation Regulations and Information System Usage Regulations.

4.Provision of personal data to third parties

The Company will not provide personal data to any third party without the individual’s consent, except as required by laws or regulations.

5.Joint use

The Company may jointly use personal information, as necessary. The items subject to joint use and the scope of such use are as follows.

Classification	Description
(1)Items of personal information subject to joint use	The minimum necessary portions of the personal information acquired and retained by Simplex Group companies to carry out the purposes of use.
(2)Parties with whom personal information is jointly used	Simplex Group companies: Simplex Holdings, Inc. Simplex Inc. Xspear Consulting, Inc. Deep Percept Inc.
(3)Purposes of use by parties jointly using the information	As described in “2. Purpose of use”
(4)Party responsible for the management of jointly used personal information	Simplex Holdings, Inc. Person in charge of personal information management
(5)Methods of acquisition	In writing, orally, or by other means. [Examples] Online input forms, contract documents, application forms, email, fax, letters, and questionnaires.

6.Disclosure, correction, deletion, etc.

With respect to the personal data retained by the Company, individuals may request notification of the purpose of use, disclosure, correction, addition or deletion of content, suspension of use, erasure, suspension of provision to third parties, and disclosure of records of provision to third parties (hereinafter collectively “Disclosure etc.”).

7.Inquiries regarding personal information

For any requests for Disclosure etc., questions, or complaints concerning personal information, or for any other related inquiries, please contact the following. After verifying that the inquiry is made by the individual, we will provide a response within a reasonable period and within the scope permitted by laws and regulations.

Inquiries by email

privacy@xspear.co.jp
Xspear Consulting, Inc.
Attention: Personal Information Inquiry Desk

Inquiries via postal mail

19F Toranomon Hills Mori Tower,
1-23-1 Toranomon, Minato-ku, Tokyo 105-6319, Japan
Xspear Consulting, Inc.
Attention: Personal Information Inquiry Desk