Privacy Policy

Handling of Personal Information

1.Our Name, Location and Representative

Aoba-BBT, Inc.
1-7 Rokubancho, Chiyoda-ku, Tokyo, Japan
Iwao Shibata, President & CEO
Personal Information Protection Officer: Masaya Inui, General Manager, Corporate Development Division

*Contact information is provided for inquiries regarding this Policy, including complaints, consultations, and disclosure requests (see Section 11. Requests for Disclosure, etc. of Personal Information below).

2.Compliance with Relevant Laws, Regulations, and Guidelines, etc.

Aoba-BBT, Inc. ("we," "the Company") will handle personal data appropriately in compliance with the Act on the Protection of Personal Information, other applicable laws and regulations, and guidelines issued by the Personal Information Protection Commission and other relevant bodies.

3.Acquisition and Use of Personal Information

When acquiring personal information, the Company will disclose or notify the purpose of use (including disclosure pursuant to this Policy). Furthermore, when acquiring personal information directly from the customer via a contract or other document (including electronic records), the Company will specify the purpose of use in advance and acquire such information through fair and lawful means.
The Company uses personal information appropriately to the extent necessary to accomplish the purposes of use.

4.Purposes of Use of Personal Information for Services

For each service, personal information will be used within the scope of the purposes of use set forth below.

4-1.Personal Information about Customers

(1).School and seminar operation services
a.Verifying and authenticating the customer's identity
b.Managing contractual relationships and administrative tasks related to billing and fees
c.Managing and providing information relating to courses being taken
d.Notifications regarding courses
e.Shipping and provision of course-related materials and textbooks
f.Providing information regarding orientation and course enrollment, etc.
g.Disclosing the minimum necessary student information to responsible instructors and teaching assistants for the purpose of student instruction
h.School administrative operations, such as course enrollment, course attendance status, and grade management
i.Notifications and communications to customers (students)
j.Handling of inquiries and complaints, etc., from customers (students)
k.Providing relevant information useful for course participation, such as social gatherings and open lectures
l.Conducting student surveys to improve course services
m.Providing information to contractors in relation to the provision of e-content services

(2).Online sales services (physical goods and e-content)
a.Managing contractual relationships and administrative tasks related to billing and fees
b.Providing information relating to courses being taken
(a).Announcements regarding lectures
(b).Shipping and provision of lecture-related materials and textbooks
c.Notifications and communications to customers
d.Handling of inquiries and complaints, etc., from customers
e.Conducting student surveys to improve course services
f.Providing information to contractors related to the provision of e-content services

(3).Reception services (requests for materials, feedback, inquiries, etc.)
a.Sending materials
b.Communication regarding feedback, etc.
c.Providing information about services and other useful information
d.Requesting participation in surveys regarding improvement of services, etc.
e.Statistical processing
f.Sending of products and materials
g.Administrative tasks related to billing and fees
h.Confirming product purchases and arranging deliveries
i.Billing and confirming payment for products
j.Responding to inquiries
k.Sending various notifications, such as notifications of application completion and renewal information
l.Verifying the customer's identity
m.Notifications to the customer (e.g., renewal notices) and communication regarding feedback, etc.
n.Handling inquiries from customers, providing information regarding services (forum participation, benefits, changes to membership information, etc.), providing useful information, and addressing complaints
o.Requesting surveys regarding service improvements, etc. and various statistical processing
p.Displaying appropriate advertisements and measuring their effectiveness (including providing customers’ personal information, such as email addresses, in hashed form to third-party ad distribution services and delivering advertisements after matching it with user information on those services)
*Note: If there are changes to certain personal information that could hinder product delivery or billing, such as the name of a municipality, etc. or postal code, the name of a financial institution, or a credit card expiration date, the Company may update the customer's registered information.

(4) Solicitation activities (for events, giveaways, campaigns, etc.)
a.Conducting lotteries for various entries and shipping prizes to winners
b.Providing information regarding Ohmae News
c.Contacting the customer as necessary for solicitation activities
d.Providing information regarding similar campaigns and events
e.Requesting participation in surveys regarding improvement of services, etc.
f.Providing information about services offered by the Company and other useful information
g.Statistical processing
Analyzing collected attribute information, browsing histories, usage histories, and other data to deliver advertisements based on customer interests and preferences, etc. (targeted advertising using advertising platforms such as Google and Meta, based on hashed email addresses, etc.)
*1 When collecting personal information during reception services, the department in charge of reception will explain the applicable purpose of use and obtain the customer's consent.
*2 When collecting personal information for various solicitation activities, we will clearly state the applicable purpose of use on media used to solicit applications—such as programs, websites, brochures, and postings—and obtain the customer's consent.
*3 Please refer to Paragraph 5 below regarding the provision of information to third parties.
*4 Matters concerning BBT University students are governed by the provisions of the "School and seminar operation services" section under (1) above.

4-2.Personal Information about Shareholders

(1)Exercise of rights and performance of obligations under the Companies Act
(2)Managing shareholders, such as creating records based on various laws and regulations
*"Shareholders" includes holders of stock options.

4-3.Personal Information about Applicants for Employment and Recruiting Activities

(1)Recruitment
(2)Contacting applicants for recruitment activities
(3)Providing information and other recruitment-related matters
(4)Other use necessary for recruitment activities

4-4.Personal Information about Employees

(1)Paying remuneration (wages, bonuses, and allowances, etc.) to employees, performing personnel and labor management, and providing benefits
(2)Business-related communication with employees
(3)Health management of employees
*"Employees" includes regular employees, part-time/temporary employees, and dispatched workers.

4-5.Personal Information about Self-Employed Individuals

Paying remuneration, business-related communications, management and supervision, and audits

4-6.Other Personal Information

When collecting personal information for new business ventures or other purposes not listed above, we will clearly state the purpose of use and obtain the customer's consent.

5.Provision of Personal Information to Third Parties

The Company will not provide personal information to third parties except in the following cases.

(1).When providing personal information to the relevant recipients for the purposes of providing the following services.

Service type	Purpose of provision	Recipient
BBT Online English Conversation Lessons	Providing one-on-one business English conversation lessons via the Internet	BBT ONLINE GLOBAL INC.
Regional Revitalization College	Reporting on course attendance records, creating materials, etc. related to the business operation of the Regional Revitalization College, providing services and information on projects organized and implemented by the Japan Productivity Center, and conducting customer analysis and market research	Japan Productivity Center (a public interest incorporated foundation)
Solicitation (for events, giveaways, campaigns, etc.)	Conducting lotteries for entry to various events, shipping prizes, and introducing the services of sponsor companies, etc.	When providing information to sponsor companies, we will state this in the application guidelines.

(2).Other cases where personal information is provided to third parties
a.When consent has been obtained from the customer in connection with the provision of various services, etc.
b.When provision is made subject to the condition that it may be suspended upon request, and the procedures prescribed by law have been followed
c.When provision is required by law
d.When disclosure is necessary to protect human life, health or property, and it is difficult to obtain the consent of the customer
e.Where it is especially necessary to improve public health or promote the sound growth of children and it is difficult to obtain the consent of the customer.
f.When disclosing or providing personal information is necessary for the national government, local public organizations or others to perform clerical or administrative duties prescribed by law, and obtaining consent from the customer may pose an obstacle to the fulfillment of those duties
g When a third party to which personal data is provided is an academic research institution, etc., and the third party needs to handle the personal information for academic research purposes (including cases in which part of the purpose of handling the personal information is for academic research, but excluding cases in which there is a risk of unjustified infringement of the rights and interests of individuals).
h.When verifying the legitimacy or validity of bank accounts and credit cards with financial institutions, etc., in connection with payment processing
i.When providing personal information to third parties in connection with school and seminar operations as follows:
When a company or other legal entity acting as the employer enters into a contract regarding training, courses, etc., on behalf of employees or officers who are participants, personal information regarding each participant may be provided to the contracting company or other legal entity to the extent necessary to achieve the objectives of the training or other course participation.
Instructors and teaching assistants may use information about all students as necessary, even if it pertains to students they do not directly instruct.
j.Upon the customer's consent to this policy on Handling of Personal Information, we may provide the customer's personal information—such as the customer's email address—to partner advertising providers (e.g., Google LLC, Meta Platforms, Inc., Microsoft Corporation) for the purpose of delivering advertisements tailored to the customer's interests, etc. and verifying the results of such delivery. This information will be processed (by hashing, etc.) such that the recipient cannot identify specific individuals based on the information alone. In such cases, the customer's personal information may be provided to third parties located overseas. Since the specific third parties to whom the customer's information is provided are determined at the time of ad delivery or access analysis, etc. and since the advertising providers with whom the Company partners may change from time to time, we cannot specify the foreign countries outside Japan to which the customer's information may be provided at the time of agreeing to this policy on Handling of Personal Information. Therefore, we are unable to provide specific information in advance regarding the personal information protection systems in those foreign countries, or the measures taken by those recipients to protect personal information. However, when providing the customer's personal information, we confirm that the third parties in the foreign countries to which it is provided have implemented appropriate safeguards that comply with the eight principles of the eight OECD Privacy Principles (part of the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data). Information regarding the main countries outside Japan to which personal information may be provided and their respective personal information protection systems are as follows.
[Country name] United States of America (USA)
[Information on the personal information protection systems in the relevant country] See here for details

6.Outsourcing of Personal Information

The Company may outsource the handling of the personal information it receives to external parties for purposes such as delivery and statistical processing.
When utilizing external contractors, we select businesses that meet our established standards, enter into contracts regarding confidentiality and security management, etc. and exercise appropriate supervision.

7.Contents of Personal Information

As a general rule, the Company collects only the minimum amount of customer's personal information necessary for its business operations (including administrative processing) in order to provide its services.
Similarly, we collect only the minimum amount of personal information necessary for our business operations regarding shareholders, applicants for recruitment and hiring activities, and prospective course/event participants.
When we collect certain optional information on application forms for our services, we will clearly indicate that such information is optional. For items marked as optional, leaving those items blank will have absolutely no impact on the scope or quality of the services provided.

8.Matters related to measures for security management

The Company implements necessary and appropriate security measures for the management of personal data, including preventing the leakage, loss and destruction of such data. The Company also exercises necessary and appropriate supervision over employees and contractors, including subcontractors, etc. who handle personal data. Security measures for personal data are stipulated under separate Basic Rules on the Management of Personal Information. The main content is as follows.

(1)Formulation of a basic policy
To ensure that personal data is appropriately handled, the Company has formulated a basic policy on matters such as compliance with relevant laws, regulations and guidelines and a contact desk for dealing with inquiries and complaints.
(2)Development of rules on the handling of personal data
The Company has formulated Detailed Rules on the Management of Personal Information, setting out matters such as handling methods and the persons responsible/in charge and their responsibilities, at every stage of the process, from collection, use, storage and provision to deletion and destruction.
(3)Systematic security control measures
a.The Company has established a person responsible for the handling of personal data and has also clarified the employees who handle personal data and the scope of personal data handled by these employees, and developed a system for reporting to and liaising with the person responsible in the event of discovery of an actual or suspected breach of the Personal Information Protection Act or Basic Rules on the Management of Personal Information.
b.The Company conducts self-inspections on a regular basis to assess the handling of personal data, and also undergoes internal audits and audits by external parties.
c.The Company has established a system to enable it to respond appropriately and promptly in the event of an information leak or other incident, or signs of such an incident.
(4)Human security control measures
a.The Company regularly provides training to employees on matters to be considered when handling personal data.
b.The Company's work rules include information about the confidentiality of personal data.
(5)Physical security control measures
a.In areas where personal data is handled, the Company restricts employee access and the equipment that can be brought in and also takes measures to prevent unauthorized persons from viewing personal data.
b.The Company takes steps to prevent the theft or loss, etc., of devices, electronic media, or documents, etc., that contain personal data. Moreover, we take measures to ensure that personal data cannot be easily accessed when carrying such devices or electronic media, etc., including internally within the Company.
(6)Technological security control measures
a.The Company uses access control to limit the scope of persons in charge of handling personal information and the scope of the personal information database they handle.
b.The Company has introduced mechanisms to protect information systems that handle personal data against unauthorized access from the outside or malware, and operates these mechanisms appropriately.
(7)Understanding of external environment
The Company may provide personal information to third parties located in foreign countries (countries or regions outside Japan), including through outsourcing and joint use.
In such cases, after understanding the relevant foreign country’s systems, etc. regarding the protection of personal information, we stipulate in our contracts with said third parties that personal information will be handled only within the scope of specified purposes of use; that improper use is prohibited; that necessary and appropriate security measures will be taken; that necessary and appropriate supervision of employees will be conducted; that subcontracting is prohibited; and that the provision of personal data to other third parties is prohibited.

9.Handling of personal information by contractors in foreign countries

The Company may outsource part of its business operations to partner companies located in foreign countries.
We provide personal information to such parties only after obtaining consent and ensure that appropriate security measures are taken.
[Contractor companies located in foreign countries]
- BBT ONLINE GLOBAL INC.

Please review the personal information protection systems and other relevant regulations of the foreign countries where personal information is handled below.
Personal Information Protection Systems and Other Relevant Regulations of Foreign Countries Where Personal Information is Handled

10.Use of cookies

The Company uses cookies to collect information regarding the customer's access history and usage of its website (hereinafter, such information collected by us using cookies is referred to as "cookie data"). Cookie data does not contain any information that identifies specific customers (such as names, addresses, phone numbers, email addresses, or credit card numbers), and we do not link cookie data to any information that can be used to identify specific customers. Customers can refuse to accept cookies or delete them by changing their browser settings.
In addition, our website contains cookies (hereinafter referred to as "third-party cookies") set by third parties to whom we have outsourced advertising and marketing (hereinafter referred to as "cookie providers"). These cookie providers use third-party cookies to collect information regarding the customer's access history and usage of the Company's website. However, the Company itself does not collect information about customers through third-party cookies. Cookie providers may link the information they collect using third-party cookies to other information they hold that identifies customers and may obtain and use such information as personal information. Information regarding the third-party cookies used by cookie providers to obtain information, such as customer's access history to the Company's website, is provided in the table below.

(Third-party cookies that collect information such as customer's access history to our website)

Name of third-party cookie and cookie provider	Page where privacy policy is posted	Page explaining how to opt out of targeted advertising using customer's browsing history
Cookie name:Google Analytics Cookie provider:Google LLC	https://policies.google.com/privacy	https://policies.google.com/technologies/ads
Cookie name:Meta Pixel Cookie provider:Meta Platforms Inc.	https://www.facebook.com/privacy/policy/	https://www.facebook.com/help/769828729705201/

11.Requests for Disclosure, etc. of Personal Information

If you request notification of the purpose of use, disclosure, correction, addition, or deletion of retained personal data; suspension of use, erasure, or suspension of provision to third parties; or disclosure of records regarding the provision of retained personal data to third parties, the Company will promptly respond after verifying your identity through the prescribed procedures.
To make an inquiry, exercise your rights, or make a complaint regarding disclosure, please contact the inquiry point listed in Section 12.

12.Contact Information for Inquiries Regarding this Privacy Policy

1-7 Rokubancho, Chiyoda-ku, Tokyo, Japan
Aoba-BBT, Inc.
Personal Information Management Office Consultation Desk

TEL: +81-3-6271-0757
Reception hours: 10:00–17:00, Monday–Friday (excluding national holidays and end-of-year / New Year holidays)

EU/UK and Switzerland representative: Data Protection Representative Limited（Registered in Ireland, No.616588）
Appointment of representative and contact information for the representative: representative_contact_summary

*Please contact us via the email form.