Privacy Policy

Personal Information Protection Policy

NS Solutions Corporation (“NSSOL” or “we”) recognizes and respects the importance of privacy and is committed to carefully handling personal information and to protecting privacy as part of the fundamental human rights under Article 13 of the Constitution of Japan. We set forth below our Personal Information Protection Policy and we will comply with this Policy in all of our business activities.

  1. NSSOL will appoint Data Management Officer who will be responsible for compliance with respect to protection of personal information (including Individual Numbers and Specific Personal Information). We will ensure that each officer and employee and other involved personnel of NSSOL understands and complies with this Policy, and that personal information will be duly protected.
  2. NSSOL will collect personal information in a legitimate and appropriate manner, based on consent of the data subject individual to the Processing and to the purpose of use, unless otherwise permitted by law. If we collect personal information through an intermediary, we will notify the purpose of use and provide other relevant information on our website.
    When we collect Individual Numbers, we will do so in accordance with the Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedure, and we will use them only for the purposes specified under the said Act.
  3. NSSOL will use personal information only within the purposes of use to which a consent is given or which is notified as described in the preceding section, with limited access given only to duly authorized personnel. NSSOL will not use personal information beyond such purposes of use, and we will take necessary measures to prevent improper use.
  4. NSSOL will take all necessary security measures with respect to collection, use, transfer, storage, deletion and disposal of personal information to prevent leakage, destruction, loss or tampering. If any incident occurs, NSSOL will promptly take remedial actions.
  5. NSSOL will not share personal information it collects with any third party without consent of the individual, other than with subcontractors or as otherwise permitted by law.
    NSSOL will provide Specific Personal Information to a third party, including a subcontractor, only for the purpose of conducting certain procedures stipulated under the relevant laws.
  6. When NSSOL outsources handling of personal information to a subcontractor, we will execute a necessary contract with each such subcontractor and will ensure that proper security supervision is exercised.
  7. NSSOL will respond to claims, inquiries, and requests regarding disclosure, correction, deletion, suspension of use, or other handling of personal information in accordance with the procedures separately set out by NSSOL.
  8. NSSOL will abide by all applicable laws, administrative rules, guidelines and ordinances with respect to the Processing of personal information, and we will continue to review, improve and enhance our personal information management system.

Adopted: July 23, 1999
Last amended: April 1, 2023

Kazuhiko Tamaoki, President & Representative Director
NS Solutions Corporation

If you have any inquiries, requests or comments with regard to handling of personal information, please contact us by email at te-ty-security@jp.nssol.nipponsteel.com , or write to us at:

NS Solutions Corporation
Tranomon Hills Business Tower, Numbers 17-1, Toranomon 1-chome Minato-ku, Tokyo
Attn.: Personal Information Manager, Information Security Dept.

GDPR Privacy Notice

This GDPR Privacy Notice (“Notice”) applies to our collection, use, sharing and other processing (“Process” or “Processing”) of personal data of individuals located in the European Economic Area (“Personal Data”).

1. Categories of Data We Process

NS Solutions Corporation Processes the following categories of data:
Personal Data regarding the following categories of natural persons:

  • Personnel of our business partners, such as existing or prospective customers, service providers, and vendors,
  • Investors,
    Website visitors, and

Personal Data transferred to us by Controllers for our Processing services on behalf of Controllers.

2. Purposes and Legal Basis of Processing

Data Subject Purpose and Legal Basis
Personnel of our business partners Marketing of our products and services: NSSOL has a legitimate interest in following up with its prospective customers who have conferred their contact information to NSSOL and in updating them on new developments and events.
Execution and performance of contracts: NSSOL has a legitimate interest in Processing Personal Data as necessary to negotiate terms of contracts with its business partners and to perform its obligations thereunder.
Investors Communicating IR information: NSSOL Processes Personal Data of existing or prospective investors based on its legitimate interest to reach out to them.
Website Visitors NSSOL uses cookies on its website for the purpose of web audience measurement and improvement, and for marketing of our services based on your consent. Information collected by cookies includes IP address, geolocation, browser type and language, pages visited and for how long, and other metrics. For more details, please see our Cookie Notice.
General Information security and compliance: it is NSSOL’s legitimate interest to keep records of your access to our systems and facilities in order to maintain and improve our information security, and to ensure our compliance with applicable laws.

3. Categories of Recipients

NSSOL will disclose Personal Data to the following categories of recipients:

  • Subcontractors, service providers, and product vendors of NSSOL,
  • Customers to which services of NSSOL’s other business partners, such as third party service providers, are provided,
  • External advisors such as attorneys, accountants and tax advisors (“Advisors”) of NSSOL,
  • Affiliate companies of NSSOL and their advisors and subcontractors with whom NSSOL needs to share Personal Data for the purpose of Processing such data, and
  • Other business partners with whom NSSOL needs to share Personal Data for the purpose of Processing such data.

Recipients of Personal Data may be located in countries and areas outside of the European Economic Area (“Third Countries”), where applicable laws may not offer the same level of data protection as the laws of the respective natural persons’ home country. In such case, NSSOL will transfer Personal Data only as permitted under the laws then applicable to it, such as, for example, upon obtaining your explicit consent, or upon its adoption of the Standard Data Protection Clauses/Standard Contractual Clauses approved by the EU Commission.

4. Retention Period

NSSOL will retain your Personal Data for as long as necessary for the purposes set out above, or for as long as it is so required by law. NSSOL will endeavor to erase Personal Data as soon as possible when such retention is no longer necessary for the purpose for which they were collected or otherwise Processed, provided that such retention is not required by applicable laws or regulations or for NSSOL’s exercise or defense of legal claims.

5. Rights of the Data Subject

Natural persons may:

request access to, correction and/or erasure of their Personal Data,
object to the Processing of their Personal Data,
restrict the Processing of their Personal Data, and
request a copy of their Personal Data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability.

Natural persons may object to the Processing of their Personal Data pursuant to NSSOL’s legitimate interest. In such case, NSSOL will stop Processing their Personal Data unless NSSOL is able to demonstrate appropriate overriding legitimate grounds for such Processing. Also, natural persons shall have the right to object at any time to the Processing of their Personal Data for direct marketing purposes, in which case their Personal Data shall not be used for those purposes.

Where the Processing of data is based on consent, natural persons shall have the right to withdraw their consent at any time, without affecting the lawfulness of the Processing of data based on consent, carried out before its withdrawal.

Natural persons shall have the right to lodge a complaint with a supervisory authority pursuant to Art. 57 (1) (f) GDPR.

6. Chief Privacy Officer and Contact :

NSSOL’s Chief Privacy Officer is Atsuki Matsumura.

If you have any enquiries or concerns regarding the Processing of your Personal Data or if you wish to exercise any of the above rights, please contact us by email at
te-ty-security@jp.nssol.nipponsteel.com , or write to us at:

NS Solutions Corporation
Tranomon Hills Business Tower, Numbers 17-1, Toranomon 1-chome Minato-ku, Tokyo
Attn.: Personal Information Manager, Information Security Dept.

CCPA/CPRA Privacy Policy

This CCPA/CPRA Privacy Policy (“Policy”) applies to the handling of personal information residing in the State of California, U.S.A. (for the purpose of this Policy, “Personal Information”) by NSSOL, NS Solutions USA Corporation and other NSSOL’s subsidiaries (for the purpose of this Policy, collectively, “NSSOL” or “we”). The handling of Personal Information residing in the State of California, U.S.A., shall be governed by the California Consumer Privacy Act of 2018 (“CCPA”) and California Privacy Rights Act of 2020 (“CPRA”), and this Policy provides information about our processing of Personal Information.

1. Collected Personal Information

The categories of Personal Information we have collected over the past twelve (12) months are set forth below.

Category Examples
Identifiers Name, company cell phone number, e-mail address
Employment-related information Name, company cell phone number, e-mail address, home address, social security number, bank account number, driving license, passport, nationality, religion, date of birth, age, gender, occupation, marital status, photograph, education background, work experience, emergency contact

The categories of sources from which Personal Information is collected are set forth below.

  • Obtaining information through the provision thereof from the California resident his/herself:
    We may obtain Personal Information by having the California resident his/herself provide the Company with such Personal Information.
  • Collection through e-mail, post, documents, telephone and other methods:
    the California resident provides us Personal Information through e-mails, post, documents, telephone and other methods.

We keep Personal Information to the extent permitted by applicable laws, after the termination of our relationship with you for as long as necessary to perform the purposes set out in this Policy, to protect us from legal claims and to administer our business.

We have not handled any Personal Information of California residents under the age of 16 in the past twelve (12) months.

2. Purpose of Handling Personal Information

We will use Personal Information for the purposes informed to the California residents at the time of collecting his/her Personal Information, and/or for the purposes listed below. Apart from these purposes of use, we will not use collected Personal Information for any other purpose, except in the cases where we have otherwise obtained consent to such use or we are permitted to use Personal Information without acquiring California residents’ prior consent under CCPA, CPRA or other applicable laws and regulations.

  • To make future communication and verify personal identification
  • To enter into a contract, to carry out a transaction, to outsource businesses between our group companies or to otherwise carry out our business, including but not limited to improving our business operation and services, etc.
  • To make salary payments, assist in obtaining visa, process accounting and tax payment, give training and educations, and perform other services or arrange welfare and other benefits related to NSSOL and our employees
  • To operate and process for the human resources or the expats seconded to NSSOL from our group companies, and vice versa
  • To establish, comply with, exercise and defense of the Company’s legal claims
  • To manage compliance programs including operating compliance helplines, conducting surveys and responding to the relevant reports, internally and/or through external vendors

3. Disclosure of Personal information

We have disclosed the Personal Information to the following third parties for the purpose described in this Policy within the past twelve (12) months.

Categories of Personal Information Categories of Third Parties to Whom Personal Information is Disclosed
Identifiers
  • Our clients, business contacts, service vendors
Employment-related information
  • Our group companies
  • Employee-leasing companies
  • Service providers, such as banking service, insurance service, etc.
  • Public organizations

In addition, we will share and disclose Personal Information to third parties to whom we have outsourced business only to the extent necessary to perform the outsourced business. In such case, we select the entrusted party carefully and execute the necessary data processing agreement between us and the entrusted party so that we can regularly monitor the handling of Personal Information.

4. Selling or Sharing Personal Information

We have not sold or shared any Personal Information in the past twelve (12) months.

5. Rights under CCPA/CPRA

Under the CCPA/CPRA, California residents have the following rights.

(1) Right to Know What Personal Information We Have Collected

California residents have the right to request disclosure of the following information concerning Personal Information that we have collected, sold, shared, disclosed, or used during the preceding twelve (12) months calculated from the time their request to us was made. If we confirm that we have received a verifiable request, we will disclose the following information.

  • Categories of Personal Information collected
  • Categories of sources of collection
  • The business or commercial purpose for which we collect, sell, or share Personal Information.
  • Categories of the third parties sharing the Personal Information
  • Specific portion of the Personal Information collected
  • Categories of the Personal Information sold or disclosed by us and the category of the third party to whom the Personal Information was sold or disclosed

(2) Right to Delete Personal Information

California residents have the right to request that we delete the Personal Information collected and retained by us, unless it is necessary to retain such Personal Information for compliance with legal obligations, or for certain other purposes prescribed by laws and regulations. Please note that such right is subject to certain exceptions under the CCPA/CPRA. Upon confirmation that we have received a verifiable request, we will delete the Personal Information from our records and instruct the subcontractor to do so. If we determine to maintain the Personal Information after the request, we will inform the applicant of the applicable exception.

(3) Right to Correct Inaccurate Personal Information

California residents have the right to request the correction of inaccurate Personal Information that we collect and maintain. If we confirm that we have received a verifiable request, we will use commercially reasonable efforts to correct it, taking into account the content and nature of the Personal Information and the purpose for which it is processed.

(4) Right to Opt-Out of the Sale or Sharing of Personal Information

California residents have the right, at any time, to instruct us not to sell or share their Personal Information to third parties (the right to opt-out).

(5) Right to Limit Use or Disclosure of Sensitive Personal Information

California residents have the right to direct us to limit our use and disclosure of sensitive Personal Information:

  • To the performance of the services or provide the goods reasonably expected by an average consumer who requests those goods or services;
  • To the prevention, detection, and investigation of security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information;
  • To resisting malicious, deceptive, fraudulent, or illegal actions directed at the business, and to prosecuting those responsible for those actions;
  • To ensuring the physical safety of natural persons;
  • For short-term, transient use;
  • To performing services on our own behalf;
  • To verifying or maintaining the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by the business, and to improving, upgrading, or enhancing the service or device that is owned, manufactured by, manufactured for, or controlled by the business; and/or
  • To collecting or processing sensitive Personal Information where the collection or processing is not for the purpose of inferring characteristics about a consumer.

(6) Right Not to Receive Discriminatory Treatment for the Exercise of Your Rights

We will not discriminate against the exercise any of the resident’s rights under the CCPA/CPRA.

(7) Right to Disclosure and Opt-Out of Use of Personal Information for Profiling

California residents have the right to request disclosure and opt-out of the use of automated decision-making technology, including profiling.

6. How to Exercise Rights under CCPA/CPRA

If California residents would like to exercise their rights described above, please contact us via the contact information provided further below in this Policy.

California residents may make a claim related to their Personal Information through a person registered with the Secretary of State, California, by authorizing such person to act on their behalf and providing us with written proof thereof.

The following requirements must be met in order for the California resident to be able to verify their identity:

  • Provision of sufficient information to reasonably confirm the identity of the requesting person or the authorized representative from whom we have collected Personal Information;
  • Provision of the necessary details to enable us to properly understand, assess and respond to the claim.

7. Contact Information

Our contact details are as follows: if you have any question or would like to uphold your rights, please contact us at:
E-mail:te-ty-security@jp.nssol.nipponsteel.com, or write to us at:

NS Solutions Corporation
Toranomon Hills Business Tower, Numbers 17-1, Toranomon 1-chome Minato-ku, Tokyo
Attn.: Personal Information Manager, Information Security Dept.

Release and Change History;
Released: June 27th, 2023
Last Amended: June 29th, 2023