Privacy Policy

Prometric Japan Co., Ltd.

Prometric’s corporate mission is to utilize IT to quickly and accurately measure people’s capabilities, skills, and aptitude in order to present them with good learning and work opportunities. Based on this corporate mission, we have established our own corporate ethics and are vocal both internally and outside the company about legal compliance. We will comply with laws and regulations, our Code of Ethics and Code of Conduct, and other guidelines to contribute to society at large. In order to protect your important personal information, we will work to ensure that our data is securely managed and operated throughout the company.

1．Our Personal Information Protection

Personal information may include names, birthdates, and other descriptive details, including individually-assigned numbers which can be used to identify an individual (including cases where the information alone is not enough to identify an individual, but can easily be matched with other information to identify an individual). We will strive to properly handle, manage, and maintain the personal information we receive from our corporate clients and examinees in order to perform services contracted by the corporate client (test implementation), as well as the personal information of our employees, in accordance with this privacy policy.

2．Privacy Management System

We define our rules and internal systems for appropriately protecting the personal information required to perform our business activities as our Privacy Management System. Further, in order to make proper use of the Privacy Management System, we have codified these rules into our Basic Rules for Privacy and various operational manuals for circulation within the company. Revolving around our Privacy Administrator, we have the cooperation of all employees in attentively protecting the personal information used in the course of business.

3．Acquisition, Use, and Provision of Personal Information

Personal information will be acquired, used, and provided appropriately, and only to the extent required to perform our business activity. When acquiring a client’s personal information, we will notify the client and obtain their consent. The acquired personal information will not be used beyond the extent required to achieve the usage purposes without client consent. Note, however, that personal information may be disclosed without client consent if requested by the court, police, or other public agency as required by law.

To ensure thoroughness, our Privacy Administrator will regularly monitor personal information use, and auditors will perform internal audits of the Privacy Management System.

4．Privacy Safety Measures

To prevent any data leaks, damage, or loss of the personal information used in our business, and in response to risks of unauthorized access, we will take necessary and appropriate safety measures, as well as any needed corrective actions.

（1）Outsourcing of Tasks Using Personal Information.
In order to keep the work moving smoothly, certain limited tasks which use personal information may in part be outsourced to an outside subcontractor. In all such cases, personal information will only be disclosed to the subcontractor to the minimum extent required to perform the outsourced task, and the scope of use for said personal information will also be limited. Also, when selecting a subcontractor, we will take appropriate safety control measures, such as confirming that the subcontractor sufficiently meets our own defined privacy standards and having the subcontractor sign a non-disclosure agreement.

（2）Non-disclosure/Non-provision of Personal Information to Third Parties.
Excepting the cases given below, we will not disclose or otherwise provide the personal information in our possession to any third parties. Note that “third party” as defined here does not include test administrators for the tests taken by the examinee who provided the personal information, Prometric US, or subcontractors. Exceptions include:

1. With the client’s consent
2. When necessary to protect human life, body, or property of the client or a third party and client consent cannot be obtained
3. When compelled to disclose personal information by legal order, etc.
4. When disclosing or providing data that includes the client’s personal information, altered so that the client cannot be identified

(3) Employee Oversight.
rometric holds regular company-wide education, training, and other necessary measures for personal information usage, primarily conducted by the Privacy Administrator, who oversees the Privacy Management System. Sufficient care is taken to ensure that all employees understand the importance of privacy with personal information and are careful in personal information usage.

(4) Corrective Actions.
We take all possible measures to prevent leaks of client personal information. In the unlikely event of an accident involving personal information, we will take immediate actions to prevent the spread of damage, analyze the causes, and take measures to prevent any reoccurrences.

5．Cookies and Web Beacons

Prometric will not link client personal information to data collected through cookies, or share or provide such data to any third parties. We also use web beacons, alternately known as clear gifs or tags, to facilitate the transmission of cookies. Web beacons are used as a tool for tracking the number of users clicks on the Site and other statistics on Site usage. Web beacons are not used for any purposes other than tracking site statistics.

The web beacons described above may be used in HTML-formatted emails from Prometric. Other than the above described usage, web beacons may be used to check email open rates and to send emails to clients who open sent emails according to the usage purposes for personal information as listed in Prometric’s Privacy Policy. To unsubscribe from receiving HTML-formatted emails, follow the unsubscribing procedure given in the email.

6．Compliance with Privacy Law, Government Guidelines, and Other Standards

In operating the Privacy Management System, we will comply with the Act on the Protection of Personal Information and its related guidelines, as well as privacy ordinances, industry guidelines, and JIS Q 15001 requirements.

7．Continuous Improvement of the Privacy Management System

In response to factors such as social change and IT advancements, we always strive to establish better systems for protecting personal information. Therefore, given our business environment, we will make improvements to the Privacy Management System by periodically reviewing its content and application and revising the system based on the results of said reviews.

8．Personal Information Requests, Changing Prometric ID Registration, and Other Inquiries

(1) In connection with your provided personal information, if you request notification of the usage purposes, disclosure, corrections, additions, deletion, stop of use, complete erasure, or stop of third party provision (collectively "Personal Information Requests"), the request will be fulfilled upon confirming your identity. For more detail, see Personal Information Request Procedure below.

(2) The personal information registered to a Prometric ID can be checked or changed from the Check/Change Registered Prometric ID Info page.

(3) All other claims and questions regarding our handling of personal information will be accepted by contacting us on the Employment, Publicity, and Personal Information Inquiries page.

Personal Information Protection

As part of our efforts to protect personal information, we list all company matters to be disclosed as follows.

1.Usage purposes for personal information not obtained directly in writing

(1) We use stored personal information in the course of our business for the following purposes:。

Personal Information Category	Usage Purposes
Prometric ID registrant information	To eliminate repetitive entry of basic information each time you take a test with Prometric So that Prometric or testing organizations can contact you by email, post, fax, or telephone with information on Prometric and testing organization services, sales information, and information on marketing activity such as seminars, events, campaigns, and newsletters For use in incidental business related to Prometric test distribution services
Test applicant information	To perform test registration and reservation procedures, administer tests, process test results, and collect test fees on behalf of the testing organization To entrust to Prometric in order to perform the purposes in 1. above
Testing organization applicant information	To perform test registration and reservation procedures, administer tests, process test results, and collect test fees on behalf of the testing organization
Test results	To inform the testing organization for scoring tests, issuing certificates, and other purposes
Visits at entrance	To ensure security
Video of people and video of examinees in the exam room	To ensure that tests are administered properly

（2）While providing your personal information is optional, not providing information will prevent the usage purposes listed in 1. above from being performed and could result in inconveniences, such as not being able to take a test.

（3）Within the scope of performing the above usage purposes for personal information, we may outsource some tasks involving personal information. In such cases, we take appropriate safety control measures with all our subcontractors.

（4）In order to take reservations, administer tests, process test results, and request test fees on behalf of testing organizations, we provide your stored personal information to Prometric US via SSL-encrypted transmission when acquiring Prometric IDs and when reserving tests. Other than this, we will not provide your provided personal information to a third party without your consent.

2.Usage Purposes for Personal Information to be Disclosed

Personal Information Categories	Usage Purposes
Prometric ID Registrant Information	To eliminate repetitive entry of basic information each time you take a test with Prometric So that Prometric or testing organizations can contact you by email, post, fax, or telephone with information on Prometric and testing organization services, sales information, and information on marketing activity such as seminars, events, campaigns, and newsletters For use in incidental business related to Prometric test distribution services
Test applicant information:	To perform test registration and reservation procedures, administer tests, process test results, and collect test fees on behalf of the testing organization To provide to Prometric US in order to perform the purposes in 1. above
Personal information acquired for inquiries	To answer your inquiries related to tests and other topics
Job applicant personal information	To recruit the applicants we need to hire
Personal information of current employees	For internal human resource management tasks and contacting employees
Personal information of retirees	To perform human resource management tasks for and, as necessary, to contact retirees as stipulated by law
Client personal information	To contact for sales related to dealings with Prometric and for general greetings

3.Personal Information Requests, Changing Prometric ID Registration, and Other Inquiries

（1）In connection with your provided personal information, if you request notification of the usage purposes, disclosure, corrections, additions, deletion, stop of use, complete erasure, or stop of third party provision (collectively "Personal Information Requests"), the request will be fulfilled upon confirming your identity. For more detail, see Disclosure Request Procedures below.

（2）The personal information registered to a Prometric ID can be checked or changed from the Check/Change Registered Prometric ID Info page.

（3）Your personal information may be erased if you do not use Prometric services for a given period.

（4）All other claims and questions regarding our handling of personal information will be accepted by contacting us on the Employment, Publicity, and Personal Information Inquiries page.

4.Prometric’s Accredited Personal Information Protection Organization Affiliation

JIPDEC
Inquiries: Office of Personal Information Protection Claims
Address: Roppongi First Building, 1-9-9 Roppongi, Minato-ku, Tokyo 106-0032
Phone No.: 03-5860-7565 or 0120-700-779

Personal Information Request Procedure

1．Applications for Personal Information Requests

Mail personal information requests enclosed together with the required documents for the request to the address below, writing "Personal Information Request" in red letters on the envelope. If requesting disclosure or notification of the usage purposes for personal information, also send the processing fee in a cash envelope (see 2.e below).

Legal and Management System Senior Manager / Privacy Administrator
Prometric Japan Co., Ltd.
5F Ochanomizu Sola City Academia,
Surugadai 4-6, Kanda, Chiyoda-ku, Tokyo 101-0062

2．Documents to Submit and Fees for Personal Information Requests

• Request form for disclosure or notification of personal information usage purposes (“Disclosure/Usage Notification Request”) … PDF format
• Request form for corrections, additions, or deletions of personal information details; stop of use; erasure; or stop of third party provision (“Correction/Stop Service Request”) … PDF format

a.Download and print out either of the Disclosure/Usage Notification Request or Correction/Stop Service Request forms above.

b.Fill out the required items in the request form.

c.Required accompanying documents

1）When requesting disclosure/usage notification for own personal information	2）When requesting correction/stop of service for own personal information
Please enclose either one of the following accompanied by a copy of your driver’s license or passport, or at least three of the following (one copy each):	Please enclose one copy of the following:
• Driver’s license / resident registry / passport / original seal certificate • Residence card / special permanent resident card / health insurance card (please black out any information on permanent domicile)

d.If requesting by proxy, please also submit a copy of the following documents proving your relation to the individual (please black out any information on permanent domicile):

• For custodians/parents of the individual: Family register
• For adult guardians of the individual: Certificate of guardianship
• For unspecified representatives of the individual: Power of attorney authorization

Documentation is also required to prove the proxy’s identity. Please also enclose either one of the following accompanied by a copy of your driver’s license or passport, or at two of the following (one copy each) (please black out any information on permanent domicile):

• Driver’s license
• Passport
• Original seal certificate
• Health insurance card
• Resident registry
• Residence card
• Special permanent resident card

e.Fees: For disclosure/usage notification requests only, a processing fee of 2,000 yen per personal information entry is charged. Please enclose payment with your request and send by registered mail or other secured mail. We will begin processing your request once fee payment is confirmed.

3．Response to Personal Information Requests

We will respond in writing, sent to the address provided on the request form. Also, note that personal information may be erased for clients who do not use Prometric services for a given period.

4．Usage purposes for personal information obtained from Personal Information Requests

Personal information obtained in the course of a Personal Information Request will only be used to the extent required for processing the request. Submitted documentation will not be returned. After responding to the Personal Information Request, the information will be managed or disposed of appropriately.

＊Grounds for non-disclosure of personal information In the following cases, we will be unable to accommodate your request for disclosure or other treatment of personal information. If we determine that disclosure or treatment is not feasible, we will notify you as such with the grounds for refusal.

• The individual’s identity cannot be confirmed due to the address given on the request form or documents for confirming identity not matching the address registered with Prometric, etc.
• For proxy requests, power of attorney cannot be confirmed
• Prescribed documents for submission are incomplete
• No personal information held by Prometric can be identified from the details provided in the request form
• Disclosure could endanger the life, body, property or other right benefits of the individual or third party
• Disclosure will or could greatly hinder Prometric from properly conducting business
• Disclosure violates other laws or regulations

5．Revisions

This personal information request procedure may be revised in part in order to protect client personal information or in response to legal changes. Please check the Site (Personal information procedures page) each time before making a Personal Information Request.

Prometric Japan Co., Ltd.
5F Ochanomizu Sola City Academia,
Surugadai 4-6, Kanda, Chiyoda-ku, Tokyo 101-0062
CEO
James Hagenbucher