a) We will acquire and use personal information appropriately within the scope of the specified purposes of use of personal information
handled in large volumes in our business related to system development and personal information handled in employment, etc.,
and will not handle personal information beyond the scope necessary to achieve the purposes of use (use for purposes other than those specified).
We will take measures to ensure this.
b) We will comply with laws, national guidelines, and other standards regarding the handling of personal information.
c) We will protect personal information by establishing internal rules to prevent unauthorized access to personal information,
leakage, loss, or damage of personal information, and to correct inappropriate matters.
d) We will establish internal rules for handling complaints and consultations regarding the handling of personal information,
and will respond to complaints and consultations.
e) We will continuously improve its personal information protection management system.
Data archiving and removal policy
When we are requested by an individual to correct, add to, or delete his/her personal data
in its possession on the grounds that the content of the personal data in its possession that identifies the individual is not true,
we will conduct the necessary investigation quickly to the extent necessary to achieve the purpose of use based on the results of the investigation,
except in cases where special procedures are prescribed by law.
When we have made a correction, etc., we will notify the person of that fact and the details thereof quickly,
and when it has decided not to make a correction, etc., we will notify the person of that fact and the reasons thereof without delay.
Data storage policy
In accordance with the risks of the personal information, we have established necessary and appropriate measures
in the "Information System Regulations" for the prevention of leakage, loss or damage and other safe management of personal information,
and the personal information protection manager will manage and operate the system.
App/service has sub-processors
Certifications & compliance
Data deletion request procedure
To make a request for data deletion, please fill in the necessary items on the prescribed request form,
enclose the documents necessary to confirm the identity of the person making the request and the fee,
and send the request to R&AC Co., Ltd. by registered mail, simplified registered mail,
recorded delivery mail, or any other method that leaves a record of delivery.
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack App Directory, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Date of latest pen test
Executive summary is available to potential customers upon request
Supports Security Assertion Markup Language (SAML)