Career-tasu, Inc. (hereinafter any of “Career-tasu”, “we”, or “us”) requires enterprises and organizations and the like (“Client”) that use CFN services planned and operated by us to consent to the following CFN terms of use (these “Terms”).
1. In the case where there is an application pertaining to the use of CFN from Client that desires to use CFN and we determine Client to be qualified as a result of an exanimation pursuant to our transaction standards, a usage agreement for CFN shall be formed between us and Client at the time when the manifestation of our intention to approve the application arrives at Client from us, and these Terms shall be applied as a part of the usage agreement terms and conditions for the CFN service.
2. Career-tasu shall provide the services pertaining to CFN to Client pursuant to these Terms, and Client shall use CFN in compliance with these Terms.
1. CFN is the general term for the services that include the job search and job change website for bilingual individuals [CareerForum.Net] https://careerforum.net (the website for job seekers) and https://manager.careerforum.net/ (the website used by Client for administrative purposes) provided by Career-tasu, as well as all types of events and contents provided by CFN and support and agency services and the like for recruitment activities which utilize CFN. The purpose of CFN is to support the job search and job change activities of job seekers and to support the recruitment activities of bilingual professionals in Client.
2. Services or contents that are provided by other businesses that are affiliated with Career-tasu (“Affiliated Services”) may be included within CFN. In order to use such Affiliated Services, Client consent to the application of the terms of use and other such conditions prescribed by the businesses who provide the Affiliated Services. Liability for the use of any Affiliated Services shall be borne by the businesses that provide the Affiliated Services, and we bear no liability therefor.
CFN members (“Members”) means persons who have applied to CFN for membership registration and received approval from us therefor.
1. Client shall enter the required items and submit the application for use after consenting to these Terms and confirming the prescribed proposal document for each service and the Cancellation Policies and Provisions of the Application and Service Agreement Form. The usage period shall last until the end of the period applied for with respect to each service or until the service ends.
2. Client shall give their prior consent with respect to the matters in each of the following items:
(1) Career-tasu shall contact Client using means such as e-mail, postal mail, telephone, and fax;
(2) Career-tasu may use the company name of Client as stated on the Application and Service Agreement Form and the company logo of Client that is publicly posted on CFN (logo data that is designated and provided by Client) on the Career-tasu service website and in marketing operations such as publishing the foregoing in pamphlets for promotional use (provided, however, that this shall not apply in the case where Career-tasu has received a request in writing from Client not to do so);
(3) there may be cases where Career-tasu uses information we determine to be from the use of CFN by Client, such as employment trends of such Client, in a way which does not identify Client for purposes such as improving the quality of CFN; and
(4) when providing CFN, there may be cases where Career-tasu subcontracts a part of the services therefor to a third party which has concluded a service agreement with Career-tasu.
1. Client may use the services they applied for. The content of each service shall be as stated in the relevant service proposal document and the Application and Service Agreement Form.
2. Client shall pay to DISCO the usage fee for each service upon using the services they applied for.
1. Promptly after the formation of a usage agreement, Career-tasu shall prepare an account with administrator authority on the website for use by Client, and setting instructions including a login ID and password shall be sent from Career-tasu to the person in charge stated on Client’s Application and Service Agreement Form.
2. The holder of the account with administrator rights may add or delete account users thereof. Due to the need to protect personal information and maintain security, the holder of the account with administrator rights shall bear strict administer obligations regarding the ID and password, and shall not transfer, grant, or disclose, etc. the ID or password to any third party. Administration of the account shall be conducted under the full liability of Client, and Career-tasu shall not bear any liability in connection with accidents or the like pertaining thereto.
Client shall not conduct any act prescribed in the following items:
(1) an act that is contrary to the purposes of CFN;
(2) registering inappropriate information on CFN such as for-profit information;
(3) using CFN anonymously, under a false name, or while impersonating a third party;
(4) infringing on the intellectual property rights of Career-tasu or a third party, such as copyrights, trademark rights, or patent rights;
(5) infringing on the rights of Career-tasu or a third party such as those of property, reputation, privacy, and likeness;
(6) providing Member information registered on CFN to a third party without obtaining the approval of such Member to do so;
(7) any act which defames or is likely to defame Career-tasu or a third party;
(8) any act which obstructs or is likely to obstruct the operations of CFN;
(9) using information obtained while using CFN to provide a service that competes with any service provided by Career-tasu;
(10) any act which hinders the servers or network systems of CFN;
(11) posting the job fair or employment page URL of another website on CFN;
(12) posting guidance which seems to promote job applications other than those through CFN;
(13) any act which supports or promotes the acts listed in any of the foregoing items;
(14) prohibited acts as stated in Article 9, Article 10, and Article 11 of these Terms; and
(15) in addition, any act that Career-tasu deems to be inappropriate in light of the operations of CFN.
1. Client shall bear all liability regarding the information registered on CFN.
2. When accepting job applications from Members, Client shall clearly state in the job posting the details of the business to be engaged in and the wage, working hours, and other such working conditions thereof.
3. Career-tasu may evaluate whether or not the content of the information registered on CFN by Client is content which conforms with the posting standards of CFN. If Career-tasu finds the information registered by Client to be inappropriate, Career-tasu may withhold or suspend the post containing the registered information or may request Client to amend such post. Career-tasu shall not bear any kind of liability if the processing of a post cannot be carried out by the date and time desired in advance by Client.
4. All intellectual property rights, including copyrights, regarding CFN shall belong to Career-tasu. However, this shall not apply in respect of documents, photos, and the like prepared by Client or third parties subcontracted by Client.
5. Client shall acknowledge in advance that it is possible that Career-tasu will repost company information and the like of Client that is on CFN on a website other than CFN or on a different type of media platform for purposes such as the multipolarization of the information provision of Career-tasu, and it is possible that a third party will post company information and the like of Client that is on CFN on the website of such third party.
1. Client may not announce through CFN any recruitment activities (*2) sponsored by or related to individuals or groups that Career-tasu determines to be its competitors.
2. Announcement activities that can be made through CFN are primarily information related to job postings posted on CFN for services (such as “Career Forum” or “CFN Online”) that Client has applied for. However, announcements via CFN Targeting Mail or CFN Special Landing Page purchased by Client that have not applied for Career Forum or CFN Online or the like shall be handled upon separate consultation.
For URL postings and links in announcements, while Client may post URLs for its own websites in its own company information pages or images within CFN platforms, such as the Company Information page, Job Posting page, Seminar page, and in banners of such Client, and on pages administered by such Client, Client may not drive visitors to its website with a link.
Original Company Page may drive visitors to the website of Client or a website administered thereby, but may not drive visitors to a registration or application page for job applications on the website of Client or a website administered thereby (a “My Page” site or the like).
CFN Special Landing Page may drive visitors to the website of Client or a website administered thereby.
Client may drive visitors to its own website or a website it administers by inserting the URL therefor in emails distributed by using CFN Targeting Mail, Web Mail System, or other such CFN tools.
3. Client may not make announcements through CFN if the website in the announcement is not a website within CFN, or the website of Client itself or a website it administers.
4. Client may not make announcements through CFN regarding recruitment activities in which in-person interviews with candidates are to take place within the same area as each live event venue (*3), from three (3) days prior to the first day of the event until the end of the event. Only Client that have applied to a Career Forum with an event at a live venue may send announcements through CFN (to applicants only) regarding recruitment activities taking place outside of event hours during the live event period.
(*1) Announcements through CFN include:
1. Company information and job postings
2. Banner advertisements
3. CFN Targeting Mail distribution
4. Web Mail distribution
5. Postings for seminars using the Online Seminar Planner
6. Announcements within reply emails using CFN tools
7. Other announcements that utilize CFN tools or related products
(*2) “Recruitment activities” means:
Activities related to employment events (including internships) such as job fairs, interviews, receptions, and other employment events.
(*3) Same areas of each live event venue are as follows:
1. Boston Career Forum (Boston Area, USA)
2. Los Angeles Career Forum: (Los Angeles Area, USA)
3. London Career Forum: (London Area, UK)
4. Shanghai Career Forum: (Hua Dong Area, China)
5. Singapore Career Forum: (Domestically in Singapore)
6. Tokyo (Summer/Winter) Career Forum, Career Forum for Candidates with Study Abroad Experience, and Career Forum for International Candidates: (Tokyo Metropolitan Area (Tokyo, Kanagawa, Saitama, and Chiba Prefectures))
7. Osaka Career Forum, and Kyoto Career Forum: (Kansai Area)
1. If a “Career Forum” is to be held at a live venue, we ask that management of all properties of each Client such as exhibits be managed at the liability of each Client. Career-tasu shall carry out administration and security at the venue, but please acknowledge that we shall not bear any liability for any damage, theft, loss, breakage, or the like of property that occurs at the venue or during transport thereto.
2. If the facilities or equipment of the venue or any items, etc. provided to Client during the course of the event operations are damaged due to the willful misconduct or negligence of Client, Client may be charged a repair fee or the like.
3. Career-tasu may ask Client to leave an event or refuse Client from hosting an exhibit in any future event that Career-tasu holds or operates if Client conducts any act that is deemed to be inappropriate from the reasonable perspective of Career-tasu. In this case, Career-tasu shall not return any fees received related to the exhibit, such as those for the basic planning, event tools, or web options.
Examples of acts deemed to be inappropriate are as follows:
(1) causing a misunderstanding or confusion to a job seeker or another Client by linking a Career-tasu event to an event held by another company;
(2) Client does not comply with a request to improve its language or behavior, etc. (such as approaching job seekers outside of the designated areas, forceful solicitation, or not adjusting the volume of AV equipment) despite being instructed several times (up to three (3) times) by event operations staff to do so; and
(3) in addition, if Client violates the Event Guide for exhibiting enterprises or the like pertaining to the Career Forum separately prescribed by Career-tasu.
4. If the number of Client applying to participate in an event exceeds the maximum number of available spots, we will place applicants on a waiting list, and if there is a cancellation by a prior applicant then applicants on such waiting list will be invited to participate in the event in the order of their position on the waiting list.
5. We will charge the fees for options (equipment used at the venue) and the like used on the day of the event at the live venue after the conclusion of the event.
6. In addition, please confirm the Application and Service Agreement Form for the Cancellation Policies and Provisions of each venue product.
Recruitment companies, temporary employment placement companies, and outsourcing (specified worker dispatching) companies and the like must consent to the matters stated below regarding applications for exhibits.
(1) Exhibits may not be held for the purpose of employment placement registration and general worker dispatch registration (including recruiting). However, this shall not apply if CFN has given prior approval otherwise.
(2) It is prohibited to conduct sales activities to other Client (including exhibiting companies and organizations) within the live event venue of our events.
(3) At the time when Career-tasu discovers the fact of any violation of the above matters, such fact will be announced to Client and Members using CFN, and the use of all CFN tools by the violator shall be suspended, the use of all CFN services including participation in Career Forum and posting on CFN Online and the like shall be refused, and a fine for breach of contract in the amount of twice the regular price of the contracted products will be charged to the violator. Further, if the damage incurred exceeds the amount of the applicable fine for breach of contract, the exceeding amount may also be charged to the violator. Applicants shall be deemed to have consented to the above matters at the time when the Application and Service Agreement Form is submitted.
1. “Personal Information” means information related to each individual Member which can identify such individual by their name, address, phone number, e-mail address, name of the school currently enrolled in or graduated from, or any other description that constitutes such information (including information that alone cannot identify such individual but can be easily compared with any other information to identify such individual).
2. Provision, Purpose of Use and Scope of Use of Personal Information
If a Member applies for employment at Client or to participate in a seminar held thereby by using Client tool for receiving applications for employment or the tool for receiving applications for participation in a seminar on CFN, Career-tasu shall transfer to and provide Client with the following Personal Information from the Member information registered on CFN as data of that applicant or participant (“Applicant, Etc.”).
Applicant, Etc. data shall be deleted from the administrator site of Client two (2) years after the closing of the job posting (i.e., the application deadline) for which such data is provided.
3. Items of Personal Information Provided to Client at the Time of Online Employment Application or Online Seminar Registration
(1) Items of Personal Information Provided to Client at the Time of Application
CFN ID, Name, E-mail address, Japanese E-mail Readable (depending on whether or not “I wish to receive e-mails from CFN in Japanese.” is checked)
[Current Address]
Country, State/Prefecture, City/Town, Street, Zip/Postal Code, Primary Phone Number, Secondary Phone Number (Optional), Tertiary Phone Number (Optional)
[Alternative Contact, etc.]
Country, State/Prefecture, City/Town, Street, Zip/Postal Code, Skype ID (Optional), Work Permit/Visa, Language Level, Skills/Qualifications (Optional), Self-promotion Statement (Optional)
[Educational Background]
Country, State/Prefecture, University, Major Category, Major, Official name of Major, Degree, Graduation Date, GPA (Optional), Details
[Work History]
Full-time Work Experience, Company Name, Type of Business, Company Profile, Position Title, Period at Position, Job Category, Career Level, Employment Type, Job Description, Latest Annual Income (Optional)
[Applicant Responses to Questions Asked by Client]
Applicants are asked to respond to such questions and the responses will be provided to Client only if such questions are asked by Client
* Personal Information marked “Optional” is provided only if the Member submits such information.
(2) Items of Personal Information Provided to Client at the Time of Online Seminar Registration
CFN ID, Name, E-mail address
[Educational Background]
University, Major Category, Major, Degree, Graduation Date
Client shall carefully manage any provided Personal Information and use such Personal Information only for its recruitment activities; any other use of such Personal Information shall be prohibited. However, these provisions shall not apply if the consent of the individual in question is obtained, or if such information is used by an employment placement service company approved by CFN in advance for the purpose of providing its employment placement services.
Information regarding the handling of Personal Information by Client shall be confirmable on the website and the like of each Client.
4. Disclosure of Provided Personal Information to a Third Party
In principle, Career-tasu shall not disclose the Personal Information provided to Client through CFN Member information to a third party without the consent of Client or Member. Career-tasu may disclose such Personal Information to a third party only after obtaining the consent of Client or Member upon specifying the recipient and scope of disclosure thereof. However, any registered information may be disclosed without the consent of Client or Member to the extent that does not go against applicable laws or regulations if:
(1) such disclosure is required by laws or regulations;
(2) such disclosure is necessary to protect the life, body, or property of an individual, and it is difficult to obtain the consent of the person in question;
(3) such disclosure is specifically necessary to improve the public health or promote the sound growth of children, and it is difficult to obtain the consent of the person in question; or
(4) such disclosure is necessary to cooperate with any state organ or local public body, or a person that has been entrusted to perform administrative services stipulated in laws and regulations on behalf of such organ or body, and obtaining the consent of the person in question may impede the performance of such services.
5. Scope of Third Parties
Any person who receives Personal Information shall not be considered to be a third party under the provisions of this Article if:
(1) Career-tasu subcontracts all or part of the handling of such Personal Information to such person to the extent necessary to accomplish its purposes of use; or
(2) such Personal Information is transferred as a result of the transfer of the business due to the merger or consolidation of Career-tasu or any other such reason.
6. Disclaimers
In no event shall Career-tasu be responsible or liable for the acquisition of Personal Information by a third party if:
(1) the Member discloses the Personal Information to a specific Client using the tools of CFN or by any other means; or
(2) the person in question can be unexpectedly identified from any registered information other than Personal Information.
7. Statistics
Career-tasu may prepare statistical data in a form which cannot identify Client or Member based on any Personal Information registered with Client using the tools of CFN, and Career-tasu may use such data without any restrictions.
8. Transfer of Personal Data outside of the EEA and the UK
Career-tasu shall follow the regulations of EU and EU member states regarding data protection, especially the General Data Protection Regulation 2016/679 (the GDPR) and the GDPR as it is incorporated into UK law by the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (EU Exit) Regulations 2019 (the UK GDPR) (hereinafter the GDPR and the UK GDPR shall collectively be referred to as the “GDPR”) when transferring personal data of an Applicant, Etc. who uses the CFN platform and to whom such regulations apply to Client outside of the EEA and the UK. If an adequacy decision has been made for the country or the region of Client to which the data will be transferred to, the transfer will be made based on such decision, and in the absence of an adequacy decision, the transfer will be made based on the transfer being necessary for the performance of an agreement between the data subject and the controller (GDPR Article 49, Paragraph 1 (b)), and in such case, Client shall comply with the provisions of the “Attachment: Special Provisions for Transfers under GDPR.”
Client shall, without delay, correct, add, or delete the Personal Information in its possession in accordance with the instructions of Career-tasu if Career-tasu so requests. In addition, Client shall, without delay, suspend the use of the Personal Information in accordance with the instructions of Career-tasu if Career-tasu so requests.
Client shall destroy or delete confidential information materials and the like containing all or part of the Personal Information after completing its recruitment activities. However, this provision shall not apply if the consent of the person in question is obtained to retain such materials.
1. Career-tasu shall internally strictly maintain and manage the registered Personal Information (including the company name, department, name, contact address, phone number, and e-mail address) of person in charge at Client, and may not provide or subcontract the handling of such Personal Information to a third party without the prior consent of the person in question. Career-tasu shall use such Personal Information only for its purposes of use as specified below and may not use the Personal Information for any other purpose without the prior consent of the person in question. While registration is optional, if Client does not enter the items necessary for such registration, Client may not be able to receive CFN-related services.
(1) Provision of information on maintenance, etc. of CFN-related services;
(2) Provision of notice of the goods and services of Career-tasu;
(3) Requests for questionnaire surveys; and
(4) Confirmation of information on person in charge at Client in the course of system operation support services.
*Any registered information may be corrected, changed, added, or deleted through the “Change of Information on the Person in Charge” at any time. If Client requires Career-tasu to notify it of the purpose of use of the Personal Information, or to disclose, correct, add, or delete the Personal Information, or to reject the use or provision of the Personal Information, Client shall contact Career-tasu thereon using the following contact information:
[Contact]
Career-tasu Inc. Global Business Development Department, E-mail: global-service@career-tasu.co.jp
2. Personal Information Protection Manager
The following person shall be responsible for managing the registered Personal Information:
Iidabashi First Building 9F, 2-5-1 Koraku, Bunkyo-ku, Tokyo 112-0004
Career-tasu Inc. <Personal Information Protection Manager> Kazuyuki Shinozaki, E-mail: privacy-madoguchi@career-tasu.co.jp
Please refer to the following URL for the Privacy Policy of Career-tasu.
URL: https://www. career-tasu.co.jp/en/privacy/detail/
Please refer to the following link for Career-tasu’s policies on the handling of cookie information and the like.
Career-tasu Inc. Cookies Policy
1. Career-tasu shall not be liable for any damage (including, but not limited to any emotional distress, suspension of recruitment activities, or other financial loss) arising from the use of CFN unless Career-tasu has committed any willful misconduct or gross negligence; even if Career-tasu is held liable, such liability will not exceed the total usage fees which Career-tasu has received from such Client
2. Career-tasu does not guarantee the proper operation of any device which Client uses when using CFN. In addition, Career-tasu shall not bear any communication expenses arising when Client uses CFN. If any e-mail communications, etc. become illegible due to character corruption or the like, Career-tasu shall not bear any obligation to re-distribute such communications, etc.
3. Career-tasu does not guarantee the accuracy of the information on CFN registered by Members.
4. Any trouble arising between Client and a Member or other issue arising between Client and a third party shall be handled and resolved at the liability of such Client, and Career-tasu shall not be liable for such matter.
Career-tasu shall not be held liable for any damage arising due to causes beyond its control including, but not limited to, damage from computer virus attacks which cannot be prevented by ordinary preventive measures and natural disasters. Career-tasu does not guarantee the data stored on CFN will not be deleted or modified by such an act of force majeure.
If any damage to a third party is caused by Client due to the use of CFN, Client shall resolve such damage at its own liability, and Career-tasu will not bear any liability therefor.
If Client breaches these Terms and causes any damage to Career-tasu, Client shall be obligated to indemnify Career-tasu for any and all damage, regardless of whether or not such damage was incurred directly or indirectly.
Career-tasu may assign its status under the usage agreement and any of its rights and obligations specified herein to a third party without the specific consent of Client by giving prior notice thereof on the pages of CFN.
1. Client agree that Career-tasu may change or temporarily halt its services for Client without prior notice to Client.
2. Career-tasu may halt for a long period of time or discontinue its entire service for Client by giving one(1)-month prior notice to Client.
1. Career-tasu is entitled to amend these Terms at its discretion if:
(1) Amendment of these Terms is generally beneficial to Client; or
(2) Amendment of these Terms is not contrary to the purpose of the usage agreement and is reasonable considering the necessity of such amendment, the reasonableness of the amended provisions, the details of the amendment, and any other circumstances related to the amendment.
2. In the event of any substantial amendment of these Terms, Career-tasu shall post a notification on CFN to the effect that these Terms will be amended, the amended provisions of these Terms, and the effective date of such amendment at least one (1) month prior to the date of application of the amended provisions and terms and conditions.
3. If Client uses CFN on or after the first day of application of these Terms as amended, Client shall be deemed to have consented to the amendment of these Terms.
1. Client and Career-tasu represent to the other party that they do not currently fall under any of the following, and covenant to the other party that they will not fall under any of the following in the future:
(1) the representing and covenanting party is an anti-social force;
(2) the representing and covenanting party has a relationship in which an anti-social force is deemed to be controlling its management;
(3) the representing and covenanting party has a relationship in which an anti-social force is deemed be substantially involved in its management;
(4) the representing and covenanting party has a relationship in which an anti-social force is deemed to be unjustly utilized for the purpose of acquiring illicit gain for that company or any third party or for doing harm to a third party;
(5) the representing and covenanting party has a relationship in which such party is deemed to be involved in an anti-social force such as by supplying funds or other supplies or giving special treatment; or
(6) an officer (director, executive officer (shikkoyaku), executive employee (shikkoyakuin), statutory auditor or persons in other similar positions regardless of the title) or any person substantially involved in the management of the representing and covenanting party has a socially reprehensible relationship with an Anti-social Force.
2. Client and Career-tasu covenant that they will not conduct, or cause a third party to conduct, any of the following:
(1) violent demands;
(2) unjust demands of a person that exceeds that person’s legal liability;
(3) the use of threatening language or behavior or violence in relation to transactions;
(4) damage to the reputation of the other party or obstruction of the business of the other party by spreading rumors or using fraudulent means or force;
(5) allowing an anti-social force to use its name to execute and perform the usage agreement; or
(6) any other act similar to those listed in (1) through (5) above.
1. Client or Career-tasu may immediately suspend the use of CFN and terminate the usage agreement by notifying the other party thereof if the other party falls under any of the following:
(1) the other party is in breach of any of the provisions of these Terms or in violation of any law or regulation of the country in which Client is located in or Japan;
(2) the other party damages the reputation of the terminating party;
(3) the other party is subject to an attachment, provisional attachment, provisional disposition, disposition for nonpayment of taxes, or if a petition for bankruptcy, civil rehabilitation, special liquidation, or corporate reorganization is filed by or against the other party;
(4) the other party is subject to a disposition for a dishonored check or note or otherwise becomes insolvent;
(5) the other party transfers all or a material part of its business to a third party;
(6) a material change occurs in the management environment of the other party due to a merger or the like;
(7) concern regarding the creditworthiness of the other party arises;
(8) the other party abolishes its business or enters into liquidation; or
(9) in any other cases where the prospect of the performance of the matters prescribed in these Terms by the other party is lost.
2. If Client or Career-tasu falls under any item set forth in the preceding paragraph, any obligations the applicable party owes to the other party shall automatically become due and payable. If the non-terminating party incurs any damage as a result of a termination due to the provisions of the preceding item, the terminating party shall not be held liable therefor.
3. Client may terminate the usage agreement for CFN upon sending prior written notice to Career-tasu no later than three (3) months prior to the termination.
4. For any debts incurred prior to the termination of the usage agreement, Client shall not be exempt from any obligations for such debts to Career-tasu even after the termination of the usage agreement.
5. Client shall cease to be able to use CFN due to the termination of the usage agreement, and Career-tasu shall not be held liable if such Client incurs any damage due to its inability to use CFN.
6. The provisions of Article 12, Article 13, Article 14, Article 15, Article 19, Article 20, this paragraph, Article 26, and Article 27 of these Terms shall remain in full force and effect even after the termination of the usage agreement.
These Terms shall be governed by and construed in accordance with the laws of Japan.
The Tokyo District Court or (if the jurisdictional amount does not exceed 1,400,000 yen) the Tokyo Summary Court shall have exclusive jurisdiction in the first instance over any dispute relating to these Terms. However, if the jurisdiction of such court is held to be contrary to laws and regulations, the jurisdiction shall be subject to the provisions of such laws and regulations.
These Terms may be translated into the English language for the sake of convenience; however, the original of these Terms will be the Japanese language version.
Please refer to the following link for the Global Privacy Policy of Career-tasu. Career-tasu Inc. Global Privacy Policy (GDPR/CCPA, etc.)
These Terms shall come into force on April 1, 2024.
The “Attachment: Special Provisions for Transfers under GDPR” shall apply to Client to which the personal data of an Applicant, Etc. will be transferred to a country or region for which an adequacy decision has not been made.
Attachment: Special Provisions for Transfers under GDPR
For countries and regions where adequacy decisions have been made, please refer to the following.
“Cross-border transfer: the countries and regions which the European Commission has decided that such countries and regions ensures an adequate level of protection of personal data” on the website of the Personal Information Protection Commission, Japan.
https://www.ppc.go.jp/enforcement/infoprovision/laws/GDPR/
The “Attachment: Special Provisions for Transfers under GDPR” shall apply to Client to which the personal data of an Applicant, Etc. will be transferred to a country or region for which an adequacy decision has not been made.
For countries and regions where adequacy decisions have been made, please refer to the following.
“Cross-border transfer: the countries and regions which the European Commission has decided that such countries and regions ensures an adequate level of protection of personal data” on the website of the Personal Information Protection Commission, Japan.
https://www.ppc.go.jp/enforcement/infoprovision/laws/GDPR/
(a) The purpose of these standard contractual clauses is to ensure compliance with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) for the transfer of personal data to a third country.
(b) The Parties:
(i) the natural or legal person(s), public authority/ies, agency/ies or other body/ies (hereinafter ‘entity/ies’) transferring the personal data, as listed in Annex I.A (hereinafter each ‘data exporter’), and
(ii) the entity/ies in a third country receiving the personal data from the data exporter, directly or indirectly via another entity also Party to these Clauses, as listed in Annex I.A (hereinafter each ‘data importer’) have agreed to these standard contractual clauses (hereinafter: ‘Clauses’).
(c) These Clauses apply with respect to the transfer of personal data as specified in Annex I.B.
(d) The Appendix to these Clauses containing the Annexes referred to therein forms an integral part of these Clauses.
(a) These Clauses set out appropriate safeguards, including enforceable data subject rights and effective legal remedies, pursuant to Article 46(1) and Article 46(2)(c) of Regulation (EU) 2016/679 and, with respect to data transfers from controllers to processors and/or processors to processors, standard contractual clauses pursuant to Article 28(7) of Regulation (EU) 2016/679, provided they are not modified, except to select the appropriate Module(s) or to add or update information in the Appendix. This does not prevent the Parties from including the standard contractual clauses laid down in these Clauses in a wider contract and/or to add other clauses or additional safeguards, provided that they do not contradict, directly or indirectly, these Clauses or prejudice the fundamental rights or freedoms of data subjects.
(b) These Clauses are without prejudice to obligations to which the data exporter is subject by virtue of Regulation (EU) 2016/679.
(a) Data subjects may invoke and enforce these Clauses, as third-party beneficiaries, against the data exporter and/or data importer, with the following exceptions:
(i) Clause 1, Clause 2, Clause 3, Clause 6, Clause 7;
(ii) Clause 8.5 (e) and Clause 8.9(b);
(iii) N/A
(iv) Clause 12(a) and (d);
(v) Clause 13;
(vi) Clause 15.1(c), (d) and (e);
(vii) Clause 16(e);
(viii) Clause 18(a) and (b).
(b) Paragraph (a) is without prejudice to rights of data subjects under Regulation (EU) 2016/679.
(a) Where these Clauses use terms that are defined in Regulation (EU) 2016/679, those terms shall have the same meaning as in that Regulation.
(b) These Clauses shall be read and interpreted in the light of the provisions of Regulation (EU) 2016/679.
(c) These Clauses shall not be interpreted in a way that conflicts with rights and obligations provided for in Regulation (EU) 2016/679.
In the event of a contradiction between these Clauses and the provisions of related agreements between the Parties, existing at the time these Clauses are agreed or entered into thereafter, these Clauses shall prevail.
The details of the transfer(s), and in particular the categories of personal data that are transferred and the purpose(s) for which they are transferred, are specified in Annex I.B.
N/A
The data exporter warrants that it has used reasonable efforts to determine that the data importer is able, through the implementation of appropriate technical and organisational measures, to satisfy its obligations under these Clauses.
8.1 Purpose limitation
The data importer shall process the personal data only for the specific purpose(s) of the transfer, as set out in Annex I.B. It may only process the personal data for another purpose:
(i) where it has obtained the data subject’s prior consent;
(ii) where necessary for the establishment, exercise or defence of legal claims in the context of specific administrative, regulatory or judicial proceedings; or
(iii) where necessary in order to protect the vital interests of the data subject or of another natural person.
8.2 Transparency
(a) In order to enable data subjects to effectively exercise their rights pursuant to Clause 10, the data importer shall inform them, either directly or through the data exporter:
(i) of its identity and contact details;
(ii) of the categories of personal data processed;
(iii) of the right to obtain a copy of these Clauses;
(iv) where it intends to onward transfer the personal data to any third party/ies, of the recipient or categories of recipients (as appropriate with a view to providing meaningful information), the purpose of such onward transfer and the ground therefore pursuant to Clause 8.7.
(b) Paragraph (a) shall not apply where the data subject already has the information, including when such information has already been provided by the data exporter, or providing the information proves impossible or would involve a disproportionate effort for the data importer. In the latter case, the data importer shall, to the extent possible, make the information publicly available.
(c) On request, the Parties shall make a copy of these Clauses, including the Appendix as completed by them, available to the data subject free of charge. To the extent necessary to protect business secrets or other confidential information, including personal data, the Parties may redact part of the text of the Appendix prior to sharing a copy, but shall provide a meaningful summary where the data subject would otherwise not be able to understand its content or exercise his/her rights. On request, the Parties shall provide the data subject with the reasons for the redactions, to the extent possible without revealing the redacted information.
(d) Paragraphs (a) to (c) are without prejudice to the obligations of the data exporter under Articles 13 and 14 of Regulation (EU) 2016/679.
8.3 Accuracy and data minimisation
(a) Each Party shall ensure that the personal data is accurate and, where necessary, kept up to date. The data importer shall take every reasonable step to ensure that personal data that is inaccurate, having regard to the purpose(s) of processing, is erased or rectified without delay.
(b) If one of the Parties becomes aware that the personal data it has transferred or received is inaccurate, or has become outdated, it shall inform the other Party without undue delay.
(c) The data importer shall ensure that the personal data is adequate, relevant and limited to what is necessary in relation to the purpose(s) of processing.
8.4 Storage limitation
The data importer shall retain the personal data for no longer than necessary for the purpose(s) for which it is processed. It shall put in place appropriate technical or organisational measures to ensure compliance with this obligation, including erasure or anonymisation of the data and all back-ups at the end of the retention period.
8.5 Security of processing
(a) The data importer and, during transmission, also the data exporter shall implement appropriate technical and organisational measures to ensure the security of the personal data, including protection against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access (hereinafter ‘personal data breach’). In assessing the appropriate level of security, they shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purpose(s) of processing and the risks involved in the processing for the data subject. The Parties shall in particular consider having recourse to encryption or pseudonymisation, including during transmission, where the purpose of processing can be fulfilled in that manner.
(b) The Parties have agreed on the technical and organisational measures set out in Annex II. The data importer shall carry out regular checks to ensure that these measures continue to provide an appropriate level of security.
(c) The data importer shall ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
(d) In the event of a personal data breach concerning personal data processed by the data importer under these Clauses, the data importer shall take appropriate measures to address the personal data breach, including measures to mitigate its possible adverse effects.
(e) In case of a personal data breach that is likely to result in a risk to the rights and freedoms of natural persons, the data importer shall without undue delay notify both the data exporter and the competent supervisory authority pursuant to Clause 13. Such notification shall contain i) a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and personal data records concerned), ii) its likely consequences, iii) the measures taken or proposed to address the breach, and iv) the details of a contact point from whom more information can be obtained. To the extent it is not possible for the data importer to provide all the information at the same time, it may do so in phases without undue further delay.
(f) In case of a personal data breach that is likely to result in a high risk to the rights and freedoms of natural persons, the data importer shall also notify without undue delay the data subjects concerned of the personal data breach and its nature, if necessary in cooperation with the data exporter, together with the information referred to in paragraph (e), points ii) to iv), unless the data importer has implemented measures to significantly reduce the risk to the rights or freedoms of natural persons, or notification would involve disproportionate efforts. In the latter case, the data importer shall instead issue a public communication or take a similar measure to inform the public of the personal data breach.
(g) The data importer shall document all relevant facts relating to the personal data breach, including its effects and any remedial action taken, and keep a record thereof.
8.6 Sensitive data
Where the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions or offences (hereinafter ‘sensitive data’), the data importer shall apply specific restrictions and/or additional safeguards adapted to the specific nature of the data and the risks involved. This may include restricting the personnel permitted to access the personal data, additional security measures (such as pseudonymisation) and/or additional restrictions with respect to further disclosure.
8.7 Onward transfers
The data importer shall not disclose the personal data to a third party located outside the European Union (in the same country as the data importer or in another third country, hereinafter ‘onward transfer’) unless the third party is or agrees to be bound by these Clauses, under the appropriate Module. Otherwise, an onward transfer by the data importer may only take place if:
(i) it is to a country benefitting from an adequacy decision pursuant to Article 45 of Regulation (EU) 2016/679 that covers the onward transfer;
(ii) the third party otherwise ensures appropriate safeguards pursuant to Articles 46 or 47 of Regulation (EU) 2016/679 with respect to the processing in question;
(iii) the third party enters into a binding instrument with the data importer ensuring the same level of data protection as under these Clauses, and the data importer provides a copy of these safeguards to the data exporter;
(iv) it is necessary for the establishment, exercise or defence of legal claims in the context of specific administrative, regulatory or judicial proceedings;
(v) it is necessary in order to protect the vital interests of the data subject or of another natural person; or
(vi) where none of the other conditions apply, the data importer has obtained the explicit consent of the data subject for an onward transfer in a specific situation, after having informed him/her of its purpose(s), the identity of the recipient and the possible risks of such transfer to him/her due to the lack of appropriate data protection safeguards. In this case, the data importer shall inform the data exporter and, at the request of the latter, shall transmit to it a copy of the information provided to the data subject.
Any onward transfer is subject to compliance by the data importer with all the other safeguards under these Clauses, in particular purpose limitation.
8.8 Processing under the authority of the data importer
The data importer shall ensure that any person acting under its authority, including a processor, processes the data only on its instructions.
8.9 Documentation and compliance
(a) Each Party shall be able to demonstrate compliance with its obligations under these Clauses. In particular, the data importer shall keep appropriate documentation of the processing activities carried out under its responsibility.
(b) The data importer shall make such documentation available to the competent supervisory authority on request.
N/A
(a) The data importer, where relevant with the assistance of the data exporter, shall deal with any enquiries and requests it receives from a data subject relating to the processing of his/her personal data and the exercise of his/her rights under these Clauses without undue delay and at the latest within one month of the receipt of the enquiry or request. The data importer shall take appropriate measures to facilitate such enquiries, requests and the exercise of data subject rights. Any information provided to the data subject shall be in an intelligible and easily accessible form, using clear and plain language.
(b) In particular, upon request by the data subject the data importer shall, free of charge:
(i) provide confirmation to the data subject as to whether personal data concerning him/her is being processed and, where this is the case, a copy of the data relating to him/her and the information in Annex I; if personal data has been or will be onward transferred, provide information on recipients or categories of recipients (as appropriate with a view to providing meaningful information) to which the personal data has been or will be onward transferred, the purpose of such onward transfers and their ground pursuant to Clause 8.7; and provide information on the right to lodge a complaint with a supervisory authority in accordance with Clause 12(c)(i);
(ii) rectify inaccurate or incomplete data concerning the data subject;
(iii) erase personal data concerning the data subject if such data is being or has been processed in violation of any of these Clauses ensuring third-party beneficiary rights, or if the data subject withdraws the consent on which the processing is based.
(c) Where the data importer processes the personal data for direct marketing purposes, it shall cease processing for such purposes if the data subject objects to it.
(d) The data importer shall not make a decision based solely on the automated processing of the personal data transferred (hereinafter ‘automated decision’), which would produce legal effects concerning the data subject or similarly significantly affect him/her, unless with the explicit consent of the data subject or if authorised to do so under the laws of the country of destination, provided that such laws lays down suitable measures to safeguard the data subject’s rights and legitimate interests. In this case, the data importer shall, where necessary in cooperation with the data exporter:
(i) inform the data subject about the envisaged automated decision, the envisaged consequences and the logic involved; and
(ii) implement suitable safeguards, at least by enabling the data subject to contest the decision, express his/her point of view and obtain review by a human being.
(e) Where requests from a data subject are excessive, in particular because of their repetitive character, the data importer may either charge a reasonable fee taking into account the administrative costs of granting the request or refuse to act on the request.
(f) The data importer may refuse a data subject’s request if such refusal is allowed under the laws of the country of destination and is necessary and proportionate in a democratic society to protect one of the objectives listed in Article 23(1) of Regulation (EU) 2016/679.
(g) If the data importer intends to refuse a data subject’s request, it shall inform the data subject of the reasons for the refusal and the possibility of lodging a complaint with the competent supervisory authority and/or seeking judicial redress.
(a) The data importer shall inform data subjects in a transparent and easily accessible format, through individual notice or on its website, of a contact point authorised to handle complaints. It shall deal promptly with any complaints it receives from a data subject.
(b) In case of a dispute between a data subject and one of the Parties as regards compliance with these Clauses, that Party shall use its best efforts to resolve the issue amicably in a timely fashion. The Parties shall keep each other informed about such disputes and, where appropriate, cooperate in resolving them.
(c) Where the data subject invokes a third-party beneficiary right pursuant to Clause 3, the data importer shall accept the decision of the data subject to:
(i) lodge a complaint with the supervisory authority in the Member State of his/her habitual residence or place of work, or the competent supervisory authority pursuant to Clause 13;
(ii) refer the dispute to the competent courts within the meaning of Clause 18.
(d) The Parties accept that the data subject may be represented by a not-for-profit body, organisation or association under the conditions set out in Article 80(1) of Regulation (EU) 2016/679.
(e) The data importer shall abide by a decision that is binding under the applicable EU or Member State law.
(f) The data importer agrees that the choice made by the data subject will not prejudice his/her substantive and procedural rights to seek remedies in accordance with applicable laws.
(a)Each Party shall be liable to the other Party/ies for any damages it causes the other Party/ies by any breach of these Clauses.
(b) Each Party shall be liable to the data subject, and the data subject shall be entitled to receive compensation, for any material or non-material damages that the Party causes the data subject by breaching the third-party beneficiary rights under these Clauses. This is without prejudice to the liability of the data exporter under Regulation (EU) 2016/679.
(c) Where more than one Party is responsible for any damage caused to the data subject as a result of a breach of these Clauses, all responsible Parties shall be jointly and severally liable and the data subject is entitled to bring an action in court against any of these Parties.
(d) The Parties agree that if one Party is held liable under paragraph (c), it shall be entitled to claim back from the other Party/ies that part of the compensation corresponding to its/their responsibility for the damage.
(e) The data importer may not invoke the conduct of a processor or sub-processor to avoid its own liability.
(a) The supervisory authority of the Member State in which the representative within the meaning of Article 27(1) of Regulation (EU) 2016/679 is established, as indicated in Annex I.C, shall act as competent supervisory authority.
(b) The data importer agrees to submit itself to the jurisdiction of and cooperate with the competent supervisory authority in any procedures aimed at ensuring compliance with these Clauses. In particular, the data importer agrees to respond to enquiries, submit to audits and comply with the measures adopted by the supervisory authority, including remedial and compensatory measures. It shall provide the supervisory authority with written confirmation that the necessary actions have been taken.
(a)The Parties warrant that they have no reason to believe that the laws and practices in the third country of destination applicable to the processing of the personal data by the data importer, including any requirements to disclose personal data or measures authorising access by public authorities, prevent the data importer from fulfilling its obligations under these Clauses. This is based on the understanding that laws and practices that respect the essence of the fundamental rights and freedoms and do not exceed what is necessary and proportionate in a democratic society to safeguard one of the objectives listed in Article 23(1) of Regulation (EU) 2016/679, are not in contradiction with these Clauses.
(b) The Parties declare that in providing the warranty in paragraph (a), they have taken due account in particular of the following elements:
(i) the specific circumstances of the transfer, including the length of the processing chain, the number of actors involved and the transmission channels used; intended onward transfers; the type of recipient; the purpose of processing; the categories and format of the transferred personal data; the economic sector in which the transfer occurs; the storage location of the data transferred;
(ii) the laws and practices of the third country of destination– including those requiring the disclosure of data to public authorities or authorising access by such authorities – relevant in light of the specific circumstances of the transfer, and the applicable limitations and safeguards;
(iii) any relevant contractual, technical or organisational safeguards put in place to supplement the safeguards under these Clauses, including measures applied during transmission and to the processing of the personal data in the country of destination.
(c) The data importer warrants that, in carrying out the assessment under paragraph (b), it has made its best efforts to provide the data exporter with relevant information and agrees that it will continue to cooperate with the data exporter in ensuring compliance with these Clauses.
(d) The Parties agree to document the assessment under paragraph (b) and make it available to the competent supervisory authority on request.
(e) The data importer agrees to notify the data exporter promptly if, after having agreed to these Clauses and for the duration of the contract, it has reason to believe that it is or has become subject to laws or practices not in line with the requirements under paragraph (a), including following a change in the laws of the third country or a measure (such as a disclosure request) indicating an application of such laws in practice that is not in line with the requirements in paragraph (a).
(f) Following a notification pursuant to paragraph (e), or if the data exporter otherwise has reason to believe that the data importer can no longer fulfil its obligations under these Clauses, the data exporter shall promptly identify appropriate measures (e.g. technical or organisational measures to ensure security and confidentiality) to be adopted by the data exporter and/or data importer to address the situation. The data exporter shall suspend the data transfer if it considers that no appropriate safeguards for such transfer can be ensured, or if instructed by the competent supervisory authority to do so. In this case, the data exporter shall be entitled to terminate the contract, insofar as it concerns the processing of personal data under these Clauses. If the contract involves more than two Parties, the data exporter may exercise this right to termination only with respect to the relevant Party, unless the Parties have agreed otherwise. Where the contract is terminated pursuant to this Clause, Clause 16(d) and (e) shall apply.
15.1 Notification
(a) The data importer agrees to notify the data exporter and, where possible, the data subject promptly (if necessary with the help of the data exporter) if it:
(i) receives a legally binding request from a public authority, including judicial authorities, under the laws of the country of destination for the disclosure of personal data transferred pursuant to these Clauses; such notification shall include information about the personal data requested, the requesting authority, the legal basis for the request and the response provided; or
(ii) becomes aware of any direct access by public authorities to personal data transferred pursuant to these Clauses in accordance with the laws of the country of destination; such notification shall include all information available to the importer.
(b) If the data importer is prohibited from notifying the data exporter and/or the data subject under the laws of the country of destination, the data importer agrees to use its best efforts to obtain a waiver of the prohibition, with a view to communicating as much information as possible, as soon as possible. The data importer agrees to document its best efforts in order to be able to demonstrate them on request of the data exporter.
(c) Where permissible under the laws of the country of destination, the data importer agrees to provide the data exporter, at regular intervals for the duration of the contract, with as much relevant information as possible on the requests received (in particular, number of requests, type of data requested, requesting authority/ies, whether requests have been challenged and the outcome of such challenges, etc.).
(d) The data importer agrees to preserve the information pursuant to paragraphs (a) to (c) for the duration of the contract and make it available to the competent supervisory authority on request.
(e) Paragraphs (a) to (c) are without prejudice to the obligation of the data importer pursuant to Clause 14(e) and Clause 16 to inform the data exporter promptly where it is unable to comply with these Clauses.
15.2 Review of legality and data minimisation
(a) The data importer agrees to review the legality of the request for disclosure, in particular whether it remains within the powers granted to the requesting public authority, and to challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful under the laws of the country of destination, applicable obligations under international law and principles of international comity. The data importer shall, under the same conditions, pursue possibilities of appeal. When challenging a request, the data importer shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the personal data requested until required to do so under the applicable procedural rules. These requirements are without prejudice to the obligations of the data importer under Clause 14(e).
(b) The data importer agrees to document its legal assessment and any challenge to the request for disclosure and, to the extent permissible under the laws of the country of destination, make the documentation available to the data exporter. It shall also make it available to the competent supervisory authority on request.
(c) The data importer agrees to provide the minimum amount of information permissible when responding to a request for disclosure, based on a reasonable interpretation of the request.
(a) The data importer shall promptly inform the data exporter if it is unable to comply with these Clauses, for whatever reason.
(b) In the event that the data importer is in breach of these Clauses or unable to comply with these Clauses, the data exporter shall suspend the transfer of personal data to the data importer until compliance is again ensured or the contract is terminated. This is without prejudice to Clause 14(f).
(c) The data exporter shall be entitled to terminate the contract, insofar as it concerns the processing of personal data under these Clauses, where:
(i) the data exporter has suspended the transfer of personal data to the data importer pursuant to paragraph (b) and compliance with these Clauses is not restored within a reasonable time and in any event within one month of suspension;
(ii) the data importer is in substantial or persistent breach of these Clauses; or
(iii) the data importer fails to comply with a binding decision of a competent court or supervisory authority regarding its obligations under these Clauses.
In these cases, it shall inform the competent supervisory authority of such non-compliance. Where the contract involves more than two Parties, the data exporter may exercise this right to termination only with respect to the relevant Party, unless the Parties have agreed otherwise.
(d) Personal data that has been transferred prior to the termination of the contract pursuant to paragraph (c) shall at the choice of the data exporter immediately be returned to the data exporter or deleted in its entirety. The same shall apply to any copies of the data. The data importer shall certify the deletion of the data to the data exporter. Until the data is deleted or returned, the data importer shall continue to ensure compliance with these Clauses. In case of local laws applicable to the data importer that prohibit the return or deletion of the transferred personal data, the data importer warrants that it will continue to ensure compliance with these Clauses and will only process the data to the extent and for as long as required under that local law.
(e) Either Party may revoke its agreement to be bound by these Clauses where (i) the European Commission adopts a decision pursuant to Article 45(3) of Regulation (EU) 2016/679 that covers the transfer of personal data to which these Clauses apply; or (ii) Regulation (EU) 2016/679 becomes part of the legal framework of the country to which the personal data is transferred. This is without prejudice to other obligations applying to the processing in question under Regulation (EU) 2016/679.
These Clauses shall be governed by the law of one of the EU Member States, provided such law allows for third-party beneficiary rights. The Parties agree that this shall be the law of France.
(a) Any dispute arising from these Clauses shall be resolved by the courts of an EU Member State.
(b) The Parties agree that those shall be the courts of France.
(c) A data subject may also bring legal proceedings against the data exporter and/or data importer before the courts of the Member State in which he/she has his/her habitual residence.
(d) The Parties agree to submit themselves to the jurisdiction of such courts.
A. List of Parties
Data Exporter:
Name: Career-tasu Inc.
Address: Iidabashi First Building 9F, 2-5-1 Koraku, Bunkyo-ku, Tokyo
Name of the person in charge, title and contact: The relevant name, title, and contact information shall be as prescribed in Article 12 of the Privacy Policy.
Activities regarding the data transferred based on this Attachment: Data processing activities regarding CFN
Date of execution and approval: Date of formation of agreement according to the Application and Service Agreement Form
Role (controller or processor): Controller
Data Importer:
Name: As prescribed on the Application and Service Agreement Form
Address: As prescribed on the Application and Service Agreement Form
Name of the person in charge, title and contact: As prescribed on the Application and Service Agreement Form
Activity regarding the data transferred based on this Attachment: Data processing activities regarding CFN
Date of execution and approval: Date of formation of agreement according to the Application and Service Agreement Form
Role (controller or processor): Processor
B. Description of the transfer(s)
The categories of data subjects whose personal data is transferred: Applicants for jobs at the importer who is a user of CFN
The categories of personal data that are transferred: As prescribed in Article 13, Paragraph 3 of CareerForum.Net Terms of Use
Sensitive data that is transferred (if any): None
The frequency of the transfer (e.g. whether the data is transferred on a one-time or continuous basis): Continuous
Nature of processing: Processing (storage and use) of personal data regarding recruitment activities at the importer
Purpose(s) of the data transfer and further processing: Usage for recruitment activities at the importer
The period for which the personal data will be retained, or if such period may not be given, the criteria used to determine that period: The earlier of (i) without delay after the Data Exporter requests the Data Importer to delete the personal data, or (ii) the completion of the recruitment activities of the Data Importer towards such data subjects.
C. Competent Supervisory Authority
CNIL (France)
(1) Formulation of basic policies
Career-tasu formulates the basic policy in order to ensure the appropriate handling of personal data.
(2) Development of rules related to the handling of personal data
Career-tasu formulates internal rules which set forth the methods of handling, persons responsible, persons in charge, and their duties in respect of the personal data.
(3) Organizational safety management measures
(i) Career-tasu appoints and establishes individuals responsible for the handling of Personal Information.
(ii) Career-tasu develops a Personal Information protection management system and implements internal controls regarding Personal Information protection.
(iii) Career-tasu causes its employees (including contract employees and temporary employees) to comply with the internal rules regarding the safety management measures and maintains a reporting and communication system to the individuals responsible for the handling of Personal Information if any instance or indication of a violation of laws or internal rules by an employee is discovered.
(iv) If Career-tasu subcontracts any work involving the handling of Personal Information, Career-tasu shall implement rigorous supervisory measures towards the subcontractor, and shall monitor that the safety management measures regarding Personal Information is strictly maintained at the subcontractor.
(4) Human safety management measures
Career-tasu conducts regular education and training for employees regarding the appropriate handling of personal data.
(5) Physical and technical safety management measures
(i) In locations where personal data is handled, Career-tasu manages the entrance and exit of the employees and third parties thereto and limits devices and the like brought into such locations.
(ii) Career-tasu takes measures to prevent the theft of documents, media, devices, and the like that contain Personal Information, such as the storage of such materials in locked locations.
(iii) Career-tasu implements measures such as access controls for personal data and information systems in which personal data is handled, preventative measures against computer viruses, preventative measures against unauthorized software, and the monitoring of information systems.
(6) Ascertainment of the external environment
When handling personal data in a foreign country, Career-tasu takes safety management measures upon ascertaining the systems for protection of Personal Information in such country.