Global Privacy Policy

For those who are in Japan, please refer to this Japan Privacy Policy.
日本からアクセスされている方はこちらのJapan Privacy Policyをご覧ください。

Introduction
Gojo & Company, Inc. (“Gojo & Company, Inc.”, “we”, “us” and/or “our”) is responsible for ensuring that it uses personal data in compliance with data protection laws. 

This Global Privacy Policy explains how we collect, use, share, store and otherwise process personal data of those who are outside Japan including but not limited to persons who access our website ("Site"), and/or client/recipient of our group's services, vendors, prospective employees, employees, or those with general interest in our services, publications and events, regardless of the person's connection or relationship with Gojo & Company, Inc.; whereas our Japan Privacy Policy explains how we collect, use, share, store and otherwise process personal data of those who are in Japan.  The Global Privacy Policy also explains your rights under applicable data protection laws i.e., Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).

Where the GDPR applies to the processing of your personal data, and you are a visitor to the Site, the data controller for your personal data is Gojo & Company, Inc., unless we advise you otherwise. For other data subjects, including clients/recipients of our services, vendors and prospective employees, the data controller is also Gojo & Company, Inc. The data controller decides how personal data about you is processed.

Information We Collect; Purpose of Processing
We regularly collect personal data. The types of personal data relating to you that we may collect, and the purposes for which we process this data, depends on the nature of your interaction with us. Please read the table below for more information, including the legal basis under which we are allowed to process your personal data.

Untitleddocument-1

(Link to Privacy Policy for Job Applicants)

Automatically Collected Data
When you interact with us through the Site or other services, we automatically collect information about you through cookies (small text files placed on your device) or other similar technologies. 

  • When you visit our Site, we may send one or more cookies to your computer to uniquely identify your browser. A persistent cookie remains on your computer after you close your browser so that it can be used by your browser on subsequent visits to our Site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser.
  • We store information that we collect through cookies and log files to track the viewing preferences of our visitors, but we do not collect personal data through these means or share the information collected with third parties.
  • If you do not wish to receive cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your device. Although you are not required to accept cookies when you visit our Site, if you set your browser to reject cookies, you may not be able to use all of the features and functionality of our Site.

Our servers also record information (“log data”), including information that your browser automatically sends whenever you visit the Site. This log data includes your Internet Protocol (“IP”) address (from which we can discern the country you are connecting from at the time you visit the Site), browser type and settings, and the date and time of your request.

Where the information that we collect automatically on our Site or via other services (such as emails we send you) is personal data, our legal basis for the use of this information is that it is necessary for the purposes of our legitimate interests / evaluative purposes (as applicable) in maintaining the safe operation of our Site and learning how you interact with our Site and certain emails we send you to improve user experience.

Failure to Provide the Personal Data We Request
When we need your personal data to comply with business and/or legal obligations or to perform our contract, failure to provide this data may impact our ability to provide our services.

How We Share Your Personal Data
We share your information as follows:

  • Third party service providers. Third parties who provide services to us have access to your personal data. For the purposes described above, we engage providers of website analytics, hosting and cloud computing services and other IT services, payroll services, building management services, auditing services, consultancy services, regulatory services, legal services, CRM, marketing and sales software solutions, background checks, talent management and recruitment services, in addition to other administrative services. These parties may access, process or store personal data in the course of performing the services we have hired them to provide.
  • Administrative and legal reasons. We may disclose personal data as we deem necessary and appropriate under applicable laws; in response to lawful requests by public, governmental and regulatory authorities, including to meet national security or law enforcement requirements; or when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Gojo & Company, Inc., you or third parties, or the public at large.
  • Business transfers. We may disclose and transfer your information and data to a third party: (a) if we assign our rights regarding any of the information to a third party or (b) in connection with a corporate merger, consolidation, restructuring, sale of certain of our ownership interests, assets, or both, or other corporate change, including without limitation, during the course of any due diligence process.
  • Gojo & Company, Inc. affiliates. When using your personal data for the purposes described above, we may share your personal data with some of the Gojo & Company, Inc’s affiliates such as Gojo Consultancy India Private Limited in India and Gojo & Company Innovation Asia, PTE Ltd. in Singapore. Please read the International Data Transfers section below for more information on how we transfer your personal data

International Data Transfers
For the purposes described in this Global Privacy Policy, we may transfer your personal data from us to a Gojo & Company, Inc.’s affiliates or a third party outside of the EEA and in a jurisdiction not subject to an adequacy decision of the European Commission, as applicable. We have executed an intragroup data transfer agreement which incorporates the standard contractual clauses for the transfer of data to third countries approved by the European Commission to transfer your personal data to our affiliated entities located in India and Singapore, in order to ensure appropriate safeguards for such transfers. When we transfer your personal data to other third parties outside of the EEA, for example service providers, we will do this in accordance with applicable data protection laws and will take appropriate safeguards to ensure the integrity and protection of your personal data wherever processed. If you wish to see details of these safeguards, please contact us on info@gojo.co.

Retaining Your Personal Data
We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected and processed, in accordance with our retention policies, and in accordance with applicable laws or until you withdraw your consent (where applicable). To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we use your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

We do not collect more personal data than we need to fulfill our purposes stated in this Global Privacy Policy. We may retain your personal data for an additional period to the extent deletion would require us to overwrite our automated disaster recovery backup systems or to the extent we deem it necessary to assert or defend legal claims during any relevant retention period.

Your Rights in Relation to your personal data under GDPR
Subject to the applicable provision of the GDPR, you have the following rights with respect to your personal data:

  • Right of access (commonly known as a “data subject access request”): If you ask us, we will confirm whether we are processing your personal data and, if so, provide you with a copy of that personal data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your personal data is inaccurate or incomplete, you are entitled to ask that we correct or complete it.
  • Right to erasure: You may ask us to erase your personal data in some circumstances, such as where we no longer need it or you withdraw your consent (where applicable) and there is no other legal basis for processing.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your personal data in certain circumstances, such as if you contest its accuracy or object to us processing it.
  • Right to data portability: You have the right to obtain your personal data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and if the processing is carried out by automated means.
  • Right to object: You may ask us at any time to stop processing your personal data, and we will do so: (a) if we are relying on a legitimate interest (described above) to process your personal data, unless we demonstrate compelling legitimate grounds for the processing or your data is needed to establish, exercise, or defend legal claims; or (b) we are processing your personal data for direct marketing and, in such case, we may keep minimum information about you (for example, in a suppression list) as necessary for our and your legitimate interest to ensure your opt out choices are respected in the future and to comply with data protection laws.
  • Right to withdraw consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the data protection authority that is authorized to hear those concerns. 

To exercise your rights under the GDPR, please send us your request as described under the “How to Contact Us” section below.

Keeping Your Personal Data Secure
We take appropriate technical and organizational measures to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, your personal data, in accordance with our internal security procedures. Personal data may be stored on our own technology systems or those of our vendors or in paper files.

Personal Data of Children
Our Site is not directed to children who are under the age of 16 and is solely intended for adults. Gojo & Company, Inc. does not knowingly collect personal data from children under 16. If you have a reason to believe that a child under the age of 16 has provided personal data to Gojo & Company, Inc. through the Site please contact us and we will endeavor to delete that information from our databases.

Links To Other Websites
Our Site may contain links to other sites operated by third parties, including social media websites and services. We are not responsible for information on these sites, nor for services or products offered by them. By providing these links we do not imply that we endorse or have reviewed these sites. Use of these sites, including transmitting your personal data to them, is at your own risk. The information that you share with these sites will be governed by the specific privacy policies and terms of service of these third-party sites and not by this Global Privacy Policy. Please contact those sites directly for information on their privacy practices and policies.

Changes to this Global Privacy Policy
We reserve the right to amend this Global Privacy Policy from time to time to reflect changing legal requirements or our processing practices. Any such changes will be posted on this Site and will be effective upon posting. If we make a material change to this Global Privacy Policy, we will provide you with notice in accordance with the applicable law.

How to Contact Us
If you have any questions about our Global Privacy Policy, or if you would like to access personal data we hold about you or exercise your other rights under the applicable law, you can contact us at info@gojo.co, +81(0)3-6455-7656, or send mail to:

Gojo & Company, Inc.
3-14-5 Sendagaya, Shibuya-ku, Tokyo 151-0051 Japan

Last Updated: May 30, 2024

Newsletter

Sign up to receive news from Gojo here.