DroneRoofer

Information Security Policy

CLUE, Inc. has established the “Information Security Policy” in order to gain the trust of customers and society at large by taking drastic and advanced measures against the risk of information leaks.
We will comply with this “Information Security Policy” and strive to maintain information security by protecting information assets from various threats and by handling them appropriately.
If you do not agree to this policy, please do not use our services.

Operation of Information Security Policy

Establishment of Information Security Management System

We will strive to protect all information assets held by the Company and maintain and improve information security.

Appropriate management of information assets

We classify and assess the risk of our information assets in terms of confidentiality, integrity, and availability, and manage them appropriately according to risk.

Compliance with Laws and Regulations

We comply with laws, regulations, and other guidelines related to information security.

Continuous improvement of information security management

We will conduct an audit of information security at least once a year and work for continuous improvement.

Security education for employees

We promote employee education on security by disseminating information and educating employees on security issues.

About Personal Information Protection

We promote the protection of personal information by establishing the following policies and mechanisms for the handling of personal information, and by ensuring that all employees recognize the importance of protecting personal information and take the necessary measures.

Definition of personal information

Personal information refers to “personal information” as defined in the Personal Information Protection Law, and includes information about living individuals obtained through services provided by the Company (hereinafter referred to as “the Services”). Personal information refers to information that can identify a specific individual by name, date of birth, address, telephone number, contact information, or any other description contained in the information, which is obtained through the services provided by the Company (hereinafter referred to as the “Services”).

Cookies, IP Addresses, Device Identification Numbers, etc.

Cookies, IP address information, terminal identification numbers, etc. are not considered personal information by the Company because such information alone cannot identify a specific individual. However, when such information is used in combination with personal information, it can also identify a specific individual and is therefore considered personal information.

Management of Personal Information

In order to keep personal information accurate and up-to-date and to prevent unauthorized access, loss, damage, falsification, leakage, etc. of personal information, the Company takes necessary measures such as maintaining a security system, developing a management system, and thoroughly educating employees, and implements safety measures and strict management of personal information.

Purpose of use of personal information

The Company may use personal information for the following purposes

  • To provide the Service and information related to the Service, or to communicate with you regarding the Service and information related to the Service
  • To confirm the identity of the user
  • To notify you of matters necessary for the operation of the Service (including by e-mail)
  • To advertise or promote the products of the Company or third parties (including by e-mail)
  • Transmission of mail magazines and other information
  • Creation and use of statistical information to the extent that individuals cannot be identified
  • Analysis and analysis of data necessary for improvement and new development of the Service, and acquisition of questionnaires, etc. related to such analysis and analysis
  • Distribution of targeted advertisements using information such as behavior, gender, and access history within the Service.
  • To exercise rights and fulfill obligations based on contracts and laws, etc.
  • To provide after-sales service and respond to various inquiries
  • To provide information, contact, and notification regarding employment opportunities at the Company
  • Purposes incidental to the above purposes of use

Use of Personal Information and Prohibition of Disclosure or Provision to Third Parties

The Company will not use or provide personal information beyond the scope necessary to achieve the purpose of use without the consent of the individual, except as provided below.

  • When the Company outsources all or part of the handling of personal information within the scope necessary to achieve the Purposes of Use
  • When personal information is provided as a result of the succession of business due to a merger, corporate separation, transfer of business or other reasons
  • When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and obtaining your consent is likely to impede the execution of those affairs.
  • Cases in which the person concerned has given his/her consent
  • When the handling of personal information is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the person in question.
  • When permitted by the Personal Information Protection Law or other laws and regulations.

Use of Google Services

In providing the Service, the Company will use the Firebase Crash Database service provided by Google Inc. (“Google”) to provide the Service. When using the Services, the following information will be collected by Firebase Crashlytics, disclosed to Google and processed by Google.
Information about your device: device type, OS version, app version, usage status (foreground or background, etc.), usage region, etc.
Information about crashes that occur: date and time of the crash, application logs at the time of the crash, memory and storage status at the time of the crash, etc.
The above information may be used by Google to provide, develop and maintain services, including Firebase Crashlytics, and for related customer or technical support purposes.

Outsourcing of business

The Company may outsource a part of its business and provide personal information to the outsourced companies to the extent necessary. In such cases, the Company will enter into a contract with the subcontractor regarding the handling of personal information and exercise other appropriate supervision over the subcontractor.

Security measures for personal information

The Company takes all possible security measures to ensure the accuracy and safety of personal information.

Disclosure, correction, deletion, etc. of personal information

The Company will respond to requests for disclosure, correction, addition, deletion, suspension of use, elimination, suspension of provision to a third party, and notification of the purpose of use of personal information in accordance with the Personal Information Protection Law and other laws and regulations. However, we may not be able to comply with your request if the request cannot be identified or does not meet the requirements set forth in the Personal Information Protection Law. In principle, the Company will not disclose any information other than personal information, such as access logs.
Compliance and Review of Laws and Regulations
The Company will comply with Japanese laws, regulations, and other norms applicable to personal information held by the Company, and will review and improve the content of this policy as appropriate.

International transfer of collected information

Our services are hosted in Japan. Please note that if you use our services from a region of the world where laws regarding data collection and use differ from Japanese law, your personal information will be transferred to, stored and processed in Japan outside of that region.
If we transfer your personal information to Japan, we will take steps to comply with applicable data protection laws, particularly legal requirements regarding the proper protection of data transfers. By providing any information, including personal information, on or to the Service, you consent to such transfer, storage and processing.

CLUE, Inc.
Representative Director and President Ryosuke Abe

Contact

Please contact the following for inquiries regarding our handling of personal and confidential information.
Keikyu Daiichi Building 13F, 4-10-18 Takanawa, Minato-ku, Tokyo 108-0074, Japan
CLUE, Inc.
E-mail address: personaldata@t-clue.com

Enacted: March 14, 2022