Skip to content

Privacy Policy

Personal Information Protection Policy

TWOSTONE&Sons Group Personal Information Protection Policy

TWOSTONE&Sons Co., Ltd. (hereinafter "the Company") and the separately defined group companies (each, a "Group Company," and together with the Company, the "Group") recognize that personal information (defined in Article 2, Paragraph 1 of the Act on the Protection of Personal Information (hereinafter the "Personal Information Protection Act"); the same applies hereinafter) constitutes important information that forms part of an individual's privacy. In handling personal information in our business operations — including IT-enabled services — we establish laws and regulations applicable to personal information as well as internal rules for personal information protection, maintain an organizational framework, and strive for the appropriate protection of personal information. Through this, we respect the individuals to whom the personal information pertains and meet the expectations and trust placed in the Group.

1. Acquisition, Use, and Provision of Personal Information

The Group specifies the purposes of use of personal information within the scope of its business activities, and acquires, uses, and provides personal information fairly and appropriately within the limits necessary to achieve those purposes. We also take measures to prevent acquired personal information from being used for purposes other than those specified.

2. Compliance with Laws and Standards

The Group complies with laws and regulations relating to personal information, government-issued guidelines, other applicable standards, and social order, and strives for the appropriate protection of personal information.

3. Appropriate Management of Personal Information

The Group fully recognizes the risks of unauthorized access, loss, destruction, falsification, and leakage with respect to the personal information it handles, and implements reasonable safety measures. In the event of an incident, we take appropriate corrective actions.

4. Response to Inquiries

With respect to the personal information handled by the Group, we respond appropriately to inquiries from individuals concerning disclosure, correction, suspension of use, and complaints and consultations.

5. Continuous Improvement

The Group establishes management rules and an organizational framework for personal information protection, ensures that all employees operate these rigorously, conducts periodic reviews, and strives for the continuous improvement of the Personal Information Protection Management System.

6. Voluntary Nature of Provision

Whether or not to provide personal information to the Group is at the discretion of each individual. However, where the personal information required for each Group service is not provided, or where the personal information provided is incomplete, certain services may not be available in an appropriate manner. Furthermore, the Company assumes no liability whatsoever, including compensation, for any damages suffered by the individual (including lost profits) or for any disadvantages arising therefrom.

7. About the Group

The following companies are subsidiaries or affiliates of the Company and, together with the Company, handle personal information in accordance with this Personal Information Protection Policy and related regulations.

  1. Branding Engineer Inc.
  2. Branding Career Inc.
  3. Jin Earth Inc.
  4. TSR Inc.
  5. MapleSystems Inc.
  6. Carecon Inc.
  7. Growth One Inc.
  8. Digital Arrow Partners Inc.
  9. 2Hundred Inc.
  10. M&A Succession Organization Inc.
  11. enableX Inc.

8. Name of the Accredited Personal Information Protection Organization and Contact for Complaint Resolution

Within the Group, Branding Engineer Inc. and Jin Earth Inc. are PrivacyMark-certified companies. In order to handle personal information rigorously, Branding Engineer Inc. and Jin Earth Inc. have established personal information regulations based on a privacy policy compliant with JIS Q 15001, and operate a Personal Information Protection Management System.

[PrivacyMark-Certified Companies]
- Branding Engineer Inc.
- Jin Earth Inc.

[Name of the Accredited Personal Information Protection Organization and Contact for Complaint Resolution]
Japan Institute for Promotion of Digital Economy and Community (JIPDEC)
Personal Information Protection Complaint Consultation Office
Address: 12F Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
TEL: 03-5860-7565

Established: March 14, 2018
Last revised: August 1, 2024

TWOSTONE&Sons Co., Ltd.
Representative Director and CEO: Yasushi Kawabata
Representative Director and COO: Katsuya Takahara

Branding Engineer Inc.
Representative Director and CEO: Takayuki Oshima

Branding Career Inc.
Representative Director and CEO: Ryota Sachi

Jin Earth Inc.
Representative Director and CEO: Masashi Kawasaki

TSR Inc.
Representative Director and CEO: Kozue Mochizuki

MapleSystems Inc.
Representative Director and CEO: Yusuke Mochizuki

Carecon Inc.
Representative Director and CEO: Takashi Oba

Growth One Inc.
Representative Director and CEO: Naohiro Takeishi

Digital Arrow Partners Inc.
Representative Director and CEO: Masaki Sato

2Hundred Inc.
Representative Director and CEO: Tatsuya Moriguchi

M&A Succession Organization Inc.
Representative Director and CEO: Masaaki Nishimura

enableX Inc.
Representative Director and CEO: Shun Kenmochi

<Contact for the TWOSTONE&Sons Group Personal Information Protection Policy>
Address: 6F Shibuya Higashiguchi Building, 2-22-3 Shibuya, Shibuya-ku, Tokyo
Personal Information Protection Manager: Makoto Kato
TEL: 03-6416-0678

Handling of Personal Information

The Company strives for the appropriate protection of personal information based on the "TWOSTONE&Sons Group Personal Information Protection Policy." The following is provided regarding the personal information that the Company acquires or holds for the purposes of its business.

(1) Name and Address of the Personal Information Handling Business Operator, and Name of the Representative
Business name: TWOSTONE&Sons Co., Ltd.
Representative Director and CEO: Yasushi Kawabata
Representative Director and COO: Katsuya Takahara
Address: 6F Shibuya Higashiguchi Building, 2-22-3 Shibuya, Shibuya-ku, Tokyo

(2) Name or Title, Affiliation, and Contact Information of the Personal Information Protection Manager
Personal Information Protection Manager: Director and CFO, Makoto Kato
Email: privacy@twostone-s.com
TEL: 03-6416-0678

(3) Purposes of Use of Personal Information
The purposes of use of personal information handled by the Group in its business activities are as follows.

(i) Retained Personal Data

Category of Personal Information

Purpose of Use

Business partner information
(All Group companies)

For business management, communications, billing, and payment management

Employee information
(All Group companies)

For use in employee management operations
(operational, labor, and HR management; payroll-related operations; benefits administration; etc.)

Recruitment applicant information
(All Group companies)

For use in recruitment-related operations
(providing information regarding recruitment, recruitment decisions, and communications related to recruitment operations)

Former-employee information
(All Group companies)

For use in communications with former employees and responding to inquiries from former employees

Inquirer information
(All Group companies)

For responding to inquiries

Registered user information
(All Group companies)

- For providing the various services handled by the Group and for related communications
- For aggregating and analyzing member attributes and data so that the Group can carry out marketing activities or product development for new service development and service operations improvement
- For verifying fraud and duplicate registrations

Shareholder information
(TWOSTONE&Sons Co., Ltd.)

For conducting shareholder-related operations such as holding and managing the general meeting of shareholders and dispatching shareholder benefits

Information of the individual or agent (at the time of a disclosure request)
(All Group companies)

For responding to requests for disclosure and similar matters

The purposes of use of retained personal data acquired via inquiry and recruitment pages and other operational forms on the websites of PrivacyMark-certified companies are as follows.

[PrivacyMark-certified companies: Branding Engineer Inc. and Jin Earth Inc.]

Registered user information
(Branding Engineer Inc.
Midworks Division)

- For introducing projects to and supporting freelance engineers
- For introducing and managing engineers for client companies

Recruitment applicant information
(Branding Engineer Inc. and Jin Earth Inc.)

For use in recruitment-related operations
(providing information regarding recruitment, recruitment decisions, and communications related to recruitment operations)

Inquirer information
(Branding Engineer Inc. and Jin Earth Inc.)

For responding to inquiries

Other purposes shall be as separately specified in writing.

(ii) Other Acquired Personal Information

Category of Personal Information

Purpose of Use

Personal information acquired through outsourced operations

For use in contracts and related communications, performance of outsourced operations, after-sales support, and similar purposes

Information acquired from job-posting websites

For determining and notifying recruitment decisions to applicants

(4) Contact for Inquiries Regarding Personal Information
For complaints, consultations, and inquiries regarding the handling of personal information, including retained personal data, please contact the [Inquiry Contact] below.

(5) Provision of Personal Information to Third Parties
The Company may provide acquired personal information to third parties, within the scope necessary to achieve operational purposes, as outlined below.

Purpose of Provision to Third Parties

- For introducing employers in connection with service provision
- For providing information about products and services handled by Group companies
- For bulk registration to recruitment content websites
- For the delivery of behavioral targeting advertising and the measurement and analysis of its effectiveness

Items of Personal Information Provided

Name, date of birth, address, telephone number, email address, work history

Means or Method of Provision

Document, oral communication by telephone, FAX, exchange of electromagnetic recording media,
or electromagnetic communication means such as email

Type and Attributes of Organizations Receiving the Information

Companies within the Group, project-recruiting companies, and advertising delivery service providers

Contracts Regarding the Handling of Personal Information

- Execution of confidentiality agreements that cover personal information
- Agreement to service terms of use and contracts of adhesion

- When the consent of the individual has been obtained
- When a disclosure request has been received from public authorities such as national government agencies, local governments, courts, prosecutors' offices, bar associations, or other authorities officially recognized as having statutory powers, or when cooperation is necessary for such authorities to perform legally mandated duties
- When the Company outsources part of its operations to a third party
In such cases, the Company selects outsourcing partners that are recognized as handling personal information appropriately, and through contracts and similar means, agrees on matters necessary to prevent the leakage of personal information — including appropriate management and confidentiality of personal information — and ensures appropriate management is carried out.
- When necessary for the exercise of the Company's rights
- When provision is made to a successor in connection with business succession arising from a merger, business transfer, or other reasons
- In other cases permitted by law

(6) Outsourcing of the Handling of Personal Information
In the course of operating its business, the Company outsources part of its operations to external parties in order to provide better services to individuals. In doing so, personal information may be entrusted to outsourcing partners. In such cases, the Company carefully selects outsourcing partners on the condition that they have a management framework in place that can appropriately protect personal information and that they execute it accordingly, agrees through contracts and similar means on matters necessary to prevent the leakage of personal information — including its appropriate management and confidentiality — and ensures appropriate management is carried out.

(7) Joint Use of Personal Information
The Company may jointly use acquired personal information as follows.

Items of Personal Information Jointly Used
(Common to all Group companies)

Name, date of birth, address, telephone number, email address, work history, and details of services used at the Company

Means or Method of Acquisition

Document, oral communication by telephone, FAX, exchange of electromagnetic recording media, or electromagnetic communication means such as email

Scope of Joint Users

The Group

Purpose of Joint Use

- For introducing employers in connection with service provision
- For providing information about products and services handled by Group companies
- For bulk registration to recruitment content websites

Party Responsible for Managing the Jointly Used Personal Data

Business name: TWOSTONE&Sons Co., Ltd.
Representative Director and CEO: Katsuya Kawabata
Representative Director and COO: Katsuya Takahara
Address: 6F Shibuya Higashiguchi Building, 2-22-3 Shibuya, Shibuya-ku, Tokyo
Personal Information Protection Manager: Director and CFO, Makoto Kato
Email: privacy@twostone-s.com
TEL: 03-6416-0678

In addition, with respect to M&A Succession Organization Inc., personal information may be jointly used as follows.

Items of Personal Information Jointly Used

Name, address, date of birth, gender, telephone number, email address, employer, and other personal information of the parties to and persons related to M&A transactions; M&A transactions and their status; and other information that can identify a specific individual

Means or Method of Acquisition of the Jointly Used Personal Information

Document, oral communication by telephone, FAX, exchange of electromagnetic recording media, or electromagnetic communication means such as email

Scope of Joint Users

- The Japan M&A Support Organizations Association and users of the Specified Operator List operated by that association
(Note) Users of the Specified Operator List of the Japan M&A Support Organizations Association who become joint users are listed on the following website.
https://www.maa-a.or.jp/list/

Purpose of Joint Use

- Responses based on the regulations on information sharing among specified operators established by the Japan M&A Support Organizations Association
- Transactional judgments using the Specified Operator List defined in those regulations

Party Responsible for Managing the Jointly Used Personal Data

Name and address of the party responsible for managing personal information, and name of the representative
Japan M&A Support Organizations Association
(For the address and representative name, please refer to the following website.)
https://www.maa-a.or.jp/about/

(8) Disclosure of Personal Information Subject to Disclosure (Retained Personal Data) and Contact for Inquiries
With respect to personal information that the Company holds and that has been entrusted by an individual, when the Company receives a request from the individual for notification of purposes of use, disclosure, correction, addition, deletion on the grounds that the information is being handled in violation of laws, suspension of use, suspension of provision to third parties, or disclosure of records of provision to third parties (collectively, "Disclosure, etc."), the Company will, after verifying the identity of the individual, carry out Disclosure, etc. within a reasonable scope.

(i) Notification of Purpose of Use or Disclosure of Personal Information or Records of Provision to Third Parties
Clients may, in accordance with the procedures specified in (9), request notification of the purpose of use or disclosure of personal information or records of provision to third parties, within the scope permitted by the Personal Information Protection Act. However, the Company may decline disclosure in any of the following cases:
- When disclosure could harm the life, body, property, or other interests of the individual or a third party
- When disclosure could significantly impede the proper execution of the Company's business
- When the individual's identity cannot be verified
- When the agent's authority cannot be verified in the case of a request made by an agent
- When the prescribed submission documents are incomplete
- When the personal information held by the Company cannot be specified based on the content of the prescribed submission documents
- When the request for Disclosure, etc. concerns information that is not legally subject to Disclosure, etc.
- When disclosure would violate laws and regulations

(ii) Correction, Addition, or Deletion
Clients may, in accordance with the procedures specified in (9), request the correction, addition, or deletion of personal information. In such cases, the Company will conduct an investigation without delay within the scope necessary to achieve the purpose of use, and based on the results — within the scope permitted by the Personal Information Protection Act — will carry out the correction, addition, or deletion of the personal information in question.

(iii) Suspension of Use or Suspension of Provision to Third Parties
Clients may, in accordance with the procedures specified in (9), request suspension of use of personal information or suspension of provision to third parties. In such cases, the Company will respond appropriately in accordance with the Personal Information Protection Act.

(iv) Other
Where otherwise provided by laws and regulations, the Company will respond appropriately in accordance with such laws and regulations.
For complaints, consultations, and inquiries regarding the handling of personal information — including information subject to Disclosure, etc. — please contact the [Inquiry Contact] below.

(9) Procedures for Disclosure, etc.
- Personal information subject to Disclosure, etc.
Personal information subject to Disclosure, etc. is limited to personal information held by the Company over which the Company has the authority to make Disclosure, etc. (hereinafter "Retained Personal Data").
- Purpose of use of Retained Personal Data
The Company uses Retained Personal Data within the scope of the purposes of use stated above.
- Where to submit requests for Disclosure, etc.
Please submit requests to the [Inquiry Contact] below.
- Documents (forms) to be submitted for requests for Disclosure, etc.
(i) When the individual makes the request directly
A. The Company's prescribed application form for Disclosure, etc.
B. Identity verification documents (a copy of a driver's license, passport, or pension book)
(ii) When the request is made by an agent
When an agent makes a request for Disclosure, etc., please enclose the following documents in addition to documents A and B above.
A. In the case of application by a voluntary agent
(i) Power of attorney
Please have it stamped by the individual subject to disclosure, and attach a seal registration certificate.
(ii) Identity verification documents for the agent (a copy of a driver's license, passport, or pension book)
B. In the case of application by a statutory agent
(i) Documents confirming statutory representation (such as a family register extract or a certificate of registered matters of adult guardianship)
(ii) Identity verification documents for the statutory agent (a copy of a driver's license, passport, or pension book)
- Fees for requests for Disclosure, etc. and method of collection
Notifications of the purpose of use of Retained Personal Data and disclosures of Retained Personal Data will be provided free of charge.
- Method of response to requests for Disclosure, etc.
Responses will be provided by the disclosure method requested by the applicant.

(10) Special Care-Required Personal Information
The Company does not acquire special care-required personal information (as defined in Article 2, Paragraph 3 of the Act on the Protection of Personal Information) except where the consent of the individual has been obtained in advance or where required by laws and regulations.

(11) Cookies and Links
We record usage information through Cookies, which are mechanisms for understanding usage of the Internet. This information is used solely to improve and enhance the services we provide.
- What are Cookies?
Cookies are a mechanism whereby browsing history, input information, and other data exchanged between the browser and the server when using a webpage is stored as a file on the computer of the user of our services. When users have enabled the sending and receiving of Cookies in their browser settings, websites can obtain Cookies from their browser. To protect privacy, browsers send only the Cookies sent and received by the server of that particular website.
- Cookie Settings
Users of our services can choose from settings such as "Allow all cookies," "Block all cookies," or "Notify the user when cookies are received" for the sending and receiving of Cookies. The configuration method varies by browser. For instructions on configuring Cookies, please refer to the "Help" menu of your browser. Please note that selecting a setting that blocks all cookies may restrict the use of various services on the Internet — for example, services that require authentication may no longer be available.
- Acquisition and Use of Cookies
The Company uses Cookies for the following purposes:
A. To improve the usability of the services we provide
B. To display the most relevant advertising on third-party websites based on the individual's interests and usage of this site

(12) Safety Management Measures for Personal Information
To ensure the appropriate handling of personal information, we have implemented safety management measures across four perspectives: organizational, human, physical, and technical. For specific safety management measures, please contact the [Inquiry Contact] below.

[Inquiry Contact]

Contact Name

Personal Information Inquiry Contact

Person in Charge

Personal Information Protection Manager: Makoto Kato

Address

6F Shibuya Higashiguchi Building, 2-22-3 Shibuya, Shibuya-ku, Tokyo

Telephone

03-6416-0678

Email

privacy@twostone-s.com