Personal Information Protection Policy

Established on 11 18, 2021

Shared Research Inc. (hereinafter referred to as the “Company”) sets forth the following Personal information protection policy (hereinafter referred to as this “Policy”) with respect to the handling of Personal information of users in the services that the Company provides (hereinafter referred to as the “Services”) via the website which links to this Policy (the “Site”). This Policy governs the collection, storage and use of your personal data as users of the Services, by the Company, and provides you with details about the personal data we collect from you, how we use it and your rights to control personal data we hold about you.

  1. Data Controller

    For the purposes of this privacy policy, Shared Research Inc., having its registered office at Wakore Sendagi Bldg. 6F, 3-31-12, Sendagi Bunkyo-ku, Tokyo 113-0022 is responsible for the processing of your personal data, i.e., the data controller ("Company").

    As data controller, we respect your right to privacy and will only process personal data you provide to us in accordance with applicable data protection laws and as described in this Policy. Applicable data protection laws include (i) the "Act on the Protection of Personal Information" of Japan but also (ii) the General Data Protection Regulation (Regulation 2016/679) (“GDPR”); and (iii) all other existing or new applicable laws relating to or impacting on the processing of personal data of a living person and privacy.

    If you have any questions, you can contact our Data Protection Officer ("DPO") by writing to the above address or by sending an email to [info@sharedresearch.jp].

  2. Management and Security of Personal Information

    In order to maintain Personal information accurate and at the latest condition and to prevent unauthorized access, loss, damage, falsification and leakage of Personal information, the Company will take reasonably necessary technical, procedural, and administrative safeguards such as maintenance of the security of the system, development of a data management system, and provision of thorough employee education.

  3. Purpose of Use of Personal Information

    Below you will find an overview of:
    1. the categories of personal data that we (or third-party data processors acting on our behalf may collect - for further information on data processors acting on our behalf, see below under point 3), use and store about you;
    2. the purposes for which this data would be collected;
    3. the legal basis for processing;
    4. the source where we obtain such information.
    Categories of Personal dataPurpose(s) for processingLegal basis for processingSource
    1.Name, surname, contact details, details about your request and your agreement with usTo provide you with services that you may requestPerformance of a contract – article 6.1.(b) GDPR
    Failure to provide data for this purpose would prevent us from following up your requests
    You as a user of our service(s)
    2.Name, surname, contact details, details about your agreement with usTo contact you for reasons related to the service you have signed up for or to provide information you have requestedPerformance of a contract – article 6.1.(b) GDPR
    Failure to provide data for this purpose would prevent us from providing you with any assistance
    You as a user of our service(s)
    3.Information on how you as a user engage with our service (such as the web pages/functions viewed/used and the links clicked).To help us improve and further develop our products and servicesLegitimate interest – article 6.1.(f) GDPR – consisting in improvement of our services, development of new products or services, quality control.You as a user of our service(s)
    4.Name, surname, job title(s), the name you of your organization, the country in which you are based, and information how you as a user engage with our service (such as the web pages/functions you viewed/used and the links clicked).To provide value added services to our business usersLegitimate interest – article 6.1(f) GDPR – consisting in the provision of added value information related to validated user to our Business UsersYou as a validated user of our service(s)
    5.Name, surname, contact details, details about your agreement with usTo respond to your queriesPerformance of a contract – article 6.1.(b) GDPR
    Failure to provide data for this purpose would prevent us from following up your requests
    You as a user of our service(s)
  4. Disclosure and Provision of Personal Information to Third Parties

    The Company will properly manage the Personal information collected and will not disclose the personal information to any third party without obtaining the prior consent of the customer except in the following cases:

    (1)Where the Company entrusts the handling of Personal information to a service provider in whole or in part to the extent necessary for the achievement of the purpose of use,
    (2)Where Personal information is provided upon succession of business due to merger or other events,
    (3)Where a request has been made by public organization such as court or police pursuant to laws and regulations and where obtaining the consent of the user is likely to hinder the execution of such affairs,
    (4)Where there is a risk of harming the life, body, property or reputation of the user or a third party and where the consent of an individual cannot be obtained, and
    (5)Other cases permitted by the "Act on the Protection of Personal Information" of Japan or the laws and regulations of Japan or other countries or regions.

    We may entrust the handling of personal information of users to third parties such as outsourcing contractor (including those outside Japan). These parties are required to process such information based on our instructions and in accordance with this Policy. In the case where the Company entrusts the handling of Personal information to a third party, the Company shall comply with applicable laws and regulations and appropriately manage and supervise such third party.

    The third-party providers to whom we may disclose your personal data are:

    • The Company will, with regards to the sending of mail from the Company to the user and between users on the Company’s service, use Mailgun, a mail delivery service.
  5. Your rights (incl. Correction, Deletion, etc. of Personal Information)

    You have the following rights as a data subject:
    1. the right to access to personal data that we hold about you;
    2. the right to ask us to update or correct any out-of-date or incorrect personal data that we hold about you;
    3. where the processing is based on your consent, the right to withdraw consent at any given time, without affecting the lawfulness of processing based on consent before its withdrawal;
    4. the right to erasure where the conditions of article 17 of the GDPR have been met;
    5. the right to restriction of processing where the conditions of article 18 of the GDPR have been met;
    6. the right to data portability insofar the conditions of article 20 GDPR apply to you;
    7. the right to object to processing of personal data concerning you, insofar the conditions under article 21 GDPR have been met; and
    8. the right to opt out of any direct marketing communications that we (with your consent) may send you.

    You can exercise these rights at any given time by sending us an email at or by sending a written letter to the addresses below.

    When there are reasonable doubts concerning your identity when making the request, we may ask you to provide a copy of an identification document in order to verify your identity.

    You also have the right to lodge a complaint with the competent supervisory authority.

    In the case where a user requests correction, deletion, etc. of personal information concerning the user, if the Company determines that it is necessary to comply with the request, the Company will correct, delete, etc. the personal information upon confirming that the request is from the user himself/herself, and notify the user to that effect.

  6. How long do we keep your personal data?

    We will hold your personal data:
    • as long as you maintain an active registration for the Services.
    • as long as it is necessary to comply with our legal obligations (including bookkeeping, social and tax obligations) or to resolve disputes and/or enforce our agreements.
  7. International transfers

    In connection with the abovementioned purposes, we try to avoid as much as possible the transfer of personal data that we collect from you to third party data processors located outside the European Economic Area.

    When we transfer personal data that we collect from you to third party data processors located in countries that are outside of the European Economic Area and which do not offer an adequate level of protection, we ensure the use of appropriate data transfer tools such as the entering into of the standard contractual clauses issued by the European Commission.

  8. Contact

    For any opinion, question, complaint or any other inquiries regarding the handling of personal information, please contact the following:

    Shared Research Inc. Personal information inquiry contact
    Address: Wakore Sendagi Bldg. 6F, 3-31-12, Sendagi Bunkyo-ku, Tokyo 113-0022
    Contact: info@sharedresearch.jp
    Employees responsible for handling Personal information: Yasushi Sumikawa

  9. Procedures for Changing Personal Information Protection Policy

    This Policy is subject to change as necessary; provided, however, that in the event of any change in this Policy that requires the consent of a user in accordance with laws and regulations, the revised Policy shall apply only to the user who has agreed to the change in the Company’s prescribed manner. When the Company changes the policy, the Company will inform the implementation date and content of the revised Policy by indicating them on the Company’s website or by any other appropriate means, or notify a user.