1. Name, Address, and Name of the Representative of the Company

　GRCS Inc .
　Palace Building 5F, 1-1-1 Marunouchi, Chiyoda-ku, Tokyo
　Representative Director and President
　Yoshikazu Sasaki

2. Basic Policy

The Company recognizes the importance of protecting personal information handled in the course of its business, complies with relevant laws and regulations, and appropriately acquires, uses, and manages personal information, while continuously striving to improve the management system.

3. Scope of Application

This Privacy Policy sets forth the policies that the Company adheres to when handling personal information acquired during the course of its business execution.

4. Acquisition and Purpose of Use of Personal Information

Purposes of Use of Personal Information concerning Customers (or officers and employees in the case of corporate customers):

• Acceptance of applications for the Company's various services, and communication to customers regarding service provision
• Verification of the customer's identity or verification of eligibility for inquiries when receiving inquiries or requests
• Exercise of rights and fulfillment of obligations based on contracts with customers, laws, etc.
• Sending of e-mails and direct mails, various announcements, and proposals regarding the Company's products and services
• Market research, proposals to customers in survey activities such as questionnaires regarding the improvement of the quality of the Company's products and services, and research and development of services
• Cancellation of the Company's various services and post-cancellation management
• Improvement and enhancement of the Company's services
• Other operations necessary for the proper and smooth execution of service provision to customers

Purposes of Use of Personal Information concerning Shareholders:

• Exercise of rights and fulfillment of obligations based on the Companies Act
• Shareholder management, such as the creation of records based on various laws and regulations

Purposes of Use of Personal Information concerning Applicants for Employment with the Company:

• Communication and provision of information to employment applicants, and other uses necessary for recruitment activities

Purposes of Use of Personal Information concerning Employees:

• Business communication
• Remuneration payment procedures (payment of wages, bonuses, allowances, expense reimbursement, withholding tax procedures, social insurance related procedures)
• Personnel and labor management
• Welfare administration
• Health management
• Publication and utilization of personal information in public relations, advertising, and recruitment activities

Purposes of Use of Personal Information concerning GRCS Alumni Group Members:

• Provision of information (invitations to social gatherings hosted by the Company or third parties, invitations to events/seminars hosted by the Company or third parties, the Company's management initiatives, and job postings) to users of the GRCS Alumni Group email distribution service, and administrative communication for the provision of the same service
• Utilization necessary for providing the GRCS Alumni Group information exchange service (verification of user eligibility, offering employment or collaboration to users), and administrative communication for the provision of the same service

5. Measures Taken for the Secure Management of Personal Information

The Company takes the following measures for the secure management of the personal information it holds.

(Establishment of Guidelines for Personal Information Protection)

This Privacy Policy is established to ensure the proper handling of personal information.

(Development of Rules concerning the Handling of Personal Information)

The Company establishes Personal Information Management Regulations regarding the handling methods, responsible persons/personnel, and their duties for each stage of acquisition, utilization, storage, provision, deletion/disposal, etc.

(Organizational Security Control Measures)

• A supervisor responsible for the handling of personal information is appointed and the reporting and communication system to the supervisor is established in the event of grasping facts or signs of violations of the Personal Information Handling Regulations.
• The status of personal data handling is regularly evaluated, and improvement measures are implemented as necessary.

(Personnel Security Control Measures)

• Employees receive training on matters requiring attention regarding the handling of personal information.
• Compliance matters regarding the handling of personal information are specified in the work rules.

(Physical Security Control Measures)

• Controls are implemented for employee bringing in of equipment, etc.
• Measures are taken to prevent the theft or loss of equipment, electronic media, and documents handling personal information.

(Technical Security Control Measures)

• Mechanisms are introduced for access control.
• Mechanisms are introduced for the protection of information systems from unauthorized external access or malicious software.

(Other)

When outsourcing the handling of personal information, necessary and appropriate supervision of the subcontractor's security management is carried out.

6. Presence of ThirdParty Provision

The Company does not provide personal information to third parties without obtaining the prior consent of the individual, except as stipulated by relevant laws and regulations.

7. Disclosure, Correction, Suspension of Use, etc., of Personal Information

The Company will appropriately respond to requests for the disclosure, correction, suspension of use, etc., of personal information. Please contact the inquiry desk for specific procedures.

8. Inquiry Desk

Please contact the following desk with any opinions or requests regarding the Company's handling of personal information.
　GRCS Inc.
　Management Department
　03-6272-9191

Date of Establishment: September 14, 2018

Date of Establishment: September 14, 2018