Personal information protection policy

Our company fully recognizes the social responsibility involved in the protection of all personal information we handle, and complies with laws and regulations related to personal information while respecting the rights of individuals. In order to embody the following policy, we have established a Personal Information Protection Management System, and hereby declare that we will strive for its continual improvement company-wide, while remaining constantly aware of the latest developments in IT technology, changes in social demands, and shifts in the business environment.

1 We will acquire, use, and provide personal information only to the extent necessary for legitimate business operations, such as brand production for various companies, planning, production, and design of printed materials including advertisements, magazines, and catalogs, as well as websites, and planning, production, organization, and management of various events. In addition, personal information will be used for purposes related to employment and personnel management of our employees. We will not handle personal information beyond the scope necessary to achieve specified purposes (i.e., no use for other purposes), and will implement measures to prevent such unauthorized use.

2 We will comply with all laws, national guidelines, and other relevant norms concerning the protection of personal information.

3 To prevent risks such as leakage, loss, or damage of personal information, we will implement reasonable safety measures and allocate management resources appropriate to our business realities to continuously enhance our personal information security framework. Should a problem related to personal information protection arise, we will take prompt corrective action.

4 We will respond quickly, sincerely, and appropriately to complaints and inquiries concerning the handling of personal information.

5 We will review and update our Personal Information Protection Management System in a timely and appropriate manner in light of changes in the environment surrounding our company and will work continuously to improve it.

---

Contact Information
For inquiries regarding this Privacy Policy, please contact the following office:

SivanS Inc. – Personal Information Inquiry Desk
Tokyo Tatemono Higashi-Shibuya Building, 4F
1-26-20 Higashi, Shibuya-ku, Tokyo 150-0011, Japan
Email: pm@sivans.jp
TEL: 03-6812-9491 (Weekdays 10:00–19:00)

---

Handling of Personal Information

Purpose of Use of Personal Information Handled by the Company

1. For personal information obtained directly from the individual in writing (including via website or email):
   The purpose of use will be clearly stated in writing prior to acquisition.
2. For personal information obtained by other means:

Classification	Purpose of Use
Personal Customer Information	To manage usage history / To respond to inquiries
Business Partner Contact Information	To confirm order details (including communication records)
Personal Information Entrusted by Clients	To properly perform the entrusted services
Recruitment Applicant Information (from job sites or staffing agencies)	For recruitment activities (e.g., document screening, interviews, evaluations, communication with applicants)

---

Notification Regarding Retained Personal Data

Regarding requests from individuals or their representatives for notification of purpose of use, disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of provision to third parties (hereinafter referred to as “Request for Disclosure, etc.”), we will respond as follows:

1. Name of Business Operator
SivanS, Inc.

2. Personal Information Protection Manager
Name: Samomi Uchimura
Department: Back Office Team
Contact: TEL 03-6812-9491 / Email: pm@sivans.jp

3. Purpose of Use of All Retained Personal Data

Classification	Purpose of Use
Personal Customer Information	User support / Usage history management / Service notifications / Inquiries
Business Partner Contact Information	Order details confirmation (communication records, etc.)
Company Employee Information	Personnel and labor management / Work management / Health and security management
Recruitment Applicant Information	Communication with applicants / Management of recruitment operations
Specified Personal Information	As stipulated under the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures”

4. Contact for Complaints Regarding Retained Data Handling
SivanS Inc. – Personal Information Inquiry Desk
Tokyo Tatemono Higashi-Shibuya Building, 4F
1-26-20 Higashi, Shibuya-ku, Tokyo 150-0011, Japan
Email: pm@sivans.jp
TEL: 03-6812-9491 (Weekdays 10:00–19:00)

5. Accredited Personal Information Protection Organization
Japan Institute for Promotion of Digital Economy and Community (JIPDEC)
Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
TEL: 03-5860-7565 / 0120-700-779
Please note: This contact is only for complaints concerning the handling of personal information.

---

Procedure for Requests for Disclosure, etc. of Retained Personal Data or Records of Third-Party Provision

A. Where to Submit Requests
Please contact the Personal Information Inquiry Desk above.
If you prefer to submit your request electronically, please inform us; we will, in principle, process your request accordingly.

B. Procedures for Requests

1. After receiving your request, we will send you our designated form, “Request Form for Disclosure, etc. of Retained Personal Data.”
2. Please return the completed form along with identity verification documents and, if applicable, a postal money order for the handling fee (only for notification or disclosure requests) to the above address.
3. Upon receipt, we will confirm your identity by asking for two pieces of registered personal information (e.g., phone number and date of birth).
4. Our response will be mailed in writing (sealed envelope) to the individual in question.

C. Requests via an Authorized Representative

If the request is made by an agent, please enclose the following:

• Documents verifying the agent’s authority (e.g., original letter of proxy, copy of family register, certificate of residence showing relationship).
• Documents verifying the agent’s identity (e.g., driver’s license, passport, health insurance card with ID number redacted, residence certificate).
  Note: Please limit legal domicile information to the prefecture and redact the rest. Personal identification numbers must be blacked out.

D. Fees
For requests for notification of purpose of use or disclosure: ¥1,000 per request.
(Please include a postal money order with the mailed request. If submitting by other methods, we will consult at the time of request.)

---

Structure and Measures for Handling Personal Information

A. Establishment of Basic Policy
We have established a “Privacy Policy” to ensure proper handling of personal data, including compliance with relevant laws, guidelines, and procedures for handling inquiries and complaints.

B. Rules for Handling Personal Data
For each stage—acquisition, use, storage, provision, deletion/disposal—we have developed internal regulations specifying handling methods, responsible persons, and their duties.

C. Organizational Security Measures

1. A personal data manager is assigned. The scope of data and personnel handling it is clearly defined, and a reporting system is in place for legal or policy violations.
2. We conduct regular self-inspections and internal/external audits on personal data handling.

D. Personnel Security Measures

1. Employees receive regular training on proper handling of personal data.
2. All employees are required to sign a confidentiality agreement regarding personal data.

E. Physical Security Measures

1. Access to areas handling personal data is controlled; restrictions are placed on equipment and devices brought in.
2. Measures are in place to prevent theft or loss of equipment, electronic media, or documents containing personal data. When transporting such items (including within the premises), safeguards are taken to prevent data from being easily identifiable.

F. Technical Security Measures

1. Access controls are implemented to limit personnel and database access.
2. Systems are in place to protect personal data from unauthorized access or malicious software.