Privacy Policy(HoloeyesXR(Medical XR) Service)

Holoeyes Inc. (hereinafter referred to as “the Company”), in recognition of the importance of protecting customers’ personal information, strictly complies with the provisions of the Act on the Protection of Personal Information (2003, Act No. 57, and any subsequent revisions, and hereinafter referred to as “the Personal Information Protection Act”) and other related laws and regulations, and strives to properly handle and protect customers’ personal information (meaning personal information as defined in Article 2, Paragraph 1 of the Personal Information Protection Act, and the same hereinafter) and other information, in accordance with this Privacy Policy (hereinafter referred to as “Privacy Policy”).
The definitions of terms used in this Privacy Policy will be as per those stipulated in the Company’s Terms of Use (HoloeyesXR (Medical XR) Service) (hereinafter referred to as “Terms of Use”), except where otherwise provided for in this Privacy Policy.

1. Acquisition of Information
In order for the customer to use this Service, the Company will acquire personal and other information (including, but not limited to, DICOM data, polygon data, 3D polygon data and MR capture data, these hereinafter being referred to as “Personal Information, etc.” along with personal information) from the customer, within the scope required for business, and by lawful and fair means (including, but not limited to, written documents, email, website screens and oral reports), without recourse to any false or improper means.

2. Purposes of Use of Personal Information, etc.
The Company will use the customer’s Personal Information, etc., for the following purposes.
(1)	For announcements relating to the start, renewal and termination of the Service, and the provision of other information
(2)	For the creation of polygon data, MR capture data and any other data necessary for the provision of the Service
(3)	For questionnaire surveys relating to the Service
(4)	For the provision of the Service as well as its maintenance and any support relating thereto
(5)	For the confirmation of the condition of the Service after use
(6)	For announcements by email or other methods concerning other services provided by the Company or other parties, as well as business activities and marketing activities related thereto
(7)	Marketing, research and analysis for the purposes of improving and enhancing the quality of the Service
(8)	Responses to queries, etc., to the Company
(9)	Responses to actions that are in breach of the Company’s Terms of Use for the Service
(10)	Notifications such as changes to the Privacy Policy or other important information
(11)	Other uses reasonably considered necessary for the provision of other Services by the Company

3. Changes in the Purposes of Use of Personal Information, etc.
The Company may change the purposes of use of Personal Information, etc., described in the preceding Article, to the extent it may reasonably be recognized that there is considerable relevance to the original purposes of use, with said changes notified to the customer or announced publicly in a manner separately specified by the Company.

4. Restrictions on Use of Personal Information, etc.
Except where permitted by the Personal Information Protection Act and other related laws and regulations, the Company shall not handle any Personal Information, etc., in excess of the scope required to achieve the purposes of use described in Article 2, above, without the permission of the customer. However, this shall not apply in the following cases.
(1)	When acting in accordance with pertinent laws and regulations.
(2)	When necessary in order to protect life, limb or property, and where the consent of the customer cannot be easily obtained.
(3)	When especially necessary in order to improve public health or to promote the healthy upbringing of children, and where the consent of the customer cannot be easily obtained.
(4)	When it is necessary to cooperate with a state organ, local public entity or person entrusted by them in the performance of duties prescribed by laws or regulations, and where it is believed that the obtaining of the customer’s consent might hinder the performance of said duties.

5. Secure Management of Personal Information
The Company exercises the necessary and appropriate supervision of its employees in order to ensure that Personal Information, etc., is managed securely against the risk of being lost, damaged, falsified or leaked. Further, when the handling of all or part of Personal Information, etc., is to be entrusted to another party, the Company exercises the necessary and appropriate supervision of said party, in order to ensure that the personal information, etc., is managed securely.

6. Provision of Personal Information to Third Parties
Except where disclosure is permitted by the Personal Information Protection Act and other related laws and regulations, the Company will not provide personal information to any third party without the prior consent of the customer. Note, however, that the following are not considered provision to third parties as described above.
(1)	The Company entrusts the handling of all or part of personal information to another party within the extent required to achieve the purposes of use stipulated in Article 2.
(2)	The business, including the customers’ personal information, is taken over by another party due to merger, corporate split, business transfer or other reason.
(3)	Shared use according to the provisions of Article 7.
(4)	When necessary in order to protect life, limb or property, and where the consent of the customer cannot be easily obtained.
(5)	When especially necessary in order to improve public health or to promote the healthy upbringing of children, and where the consent of the customer cannot be easily obtained.
(6)	When it is necessary to cooperate with a state organ, local public entity or person entrusted by them in the performance of duties prescribed by laws or regulations, and where it is believed that the obtaining of the customer’s consent might hinder the performance of said duties.

7. Shared Use of Personal Information
In order to provide the Service to the customer, the Company may share the use of the customer’s personal information among alliance partners connected with the Service, within the scope required to achieve the purposes of use described in Article 2. In such cases, the Company will publicly announce in advance the names of the alliance partners, the purposes of shared use, the shared use information items and the names of persons responsible for the management of shared use information.

8. Creation and Use of Statistical Data
Based on Personal Information, etc., obtained from the customer, the Company may sometimes create statistical data relating to Personal Information, etc., in a manner that cannot identify specific individuals, and with necessary measures in place to prevent said personal information from being restored to its original format. The Company shall properly use and provide said statistical data to third parties in accordance with the provisions of the Personal Information Protection Act.

9. The Entrusting of Personal Information, etc.
The Company may entrust all or part of the handling of Personal Information, etc., obtained from customers to third parties. In such cases, the company selects subcontractors recognized as being able to handle Personal Information, etc., properly, and concludes a confidentiality agreement with the subcontractor that is in compliance with this Privacy Policy in advance, and also conducts necessary and appropriate supervision of the subcontractor, in order to ensure that Personal Information, etc., is managed properly.

10. Disclosure of Personal Information
When the Company is requested by a user to disclose personal information (including records on a third-party provision, hereinafter the same shall apply in this article)pursuant to the provisions of the Personal Information Protection Act, the Company shall disclose such personal information to the user without delay after confirming that the request has been made by the user themselves (in the event that such personal information does not exist, the Company shall notify to that effect). However, this provision shall not apply to cases where the Company is not obligated to disclose such information under the Personal Information Protection Act or other laws and regulations.
Users may choose the method of disclosure from the following methods:
- Sending a written document
- Sending an e-mail to the e-mail address designated by the user
*In cases where the contents to be disclosed are video or audio data, the method of disclosure may be determined separately by the Company.
*In cases where disclosure by providing an electromagnetic record would require a large amount of cost, or in other cases where disclosure by such method is difficult, the Company will notify the user to that effect without delay and disclose the information in writing.
In addition, it should be noted that the handling fee (1,000 yen per case [excluding tax]) will be charged for the disclosure of personal information.

11. Correction of Personal Information
Upon receipt of a request from a customer for correction, addition or deletion (hereinafter referred to generally as “Corrections, etc.”) of the content of personal information in accordance with the provisions of the Personal Information Protection Act, owing to said personal information being incorrect, and after having confirmed that the request is indeed from the customer in question (including the confirmation of the identity and authority of the agent in the case of application by an agent), the Company shall, without delay, investigate to the extent necessary to achieve the purposes of use described in Article 2, above, and carry out any necessary Corrections, etc., based on the results of the investigation, and notify the customer to that effect (or to the effect that it has been judged that Corrections, etc., will not be carried out, should that be the case). Note, however, that this shall not apply where the Company has no obligation to make Corrections, etc., in accordance with the provisions of the Personal Information Protection Act and other related laws and regulations, or where the same or similar requests have been made repeatedly without justifiable reason, or where said Corrections, etc., would entail excessive technical work.

12. Discontinuation of Use, etc. of Personal Information
Where the Company is requested by a user to discontinue the use of or to erase their personal information (hereinafter referred to as “Discontinuation of Use, etc.”) pursuant to the provisions of the Personal Information Protection Act on the grounds that the personal information of the user is being handled beyond the scope of the purpose of use that has been publicly announced in advance or was obtained through deception or other wrongful means, or other grounds that are legally mandated, or where it is requested by the user to discontinue providing such personal information (hereinafter referred to as “Discontinuation of Provision”) pursuant to the provisions of the Personal Information Protection Act on the ground that personal information is being provided to a third party without the consent of the user, or other grounds that are legally mandated, and where it is found that there is reason for such request, the Company shall confirm that the request has been made by the user themselves (including the confirmation of the identity and authority of an agent in cases where an application is being made by an agent). The Company shall then discontinue using or providing the personal information without delay and notify the user to that effect. However, this provision shall not apply where the Company is not obligated to discontinue use or provision under the Personal Information Protection Act or other laws or regulations, or where the same or similar requests for Discontinuation of Use, etc. or Discontinuation of Provision have been made repeatedly without justifiable reason, or where excessive technical work is required to discontinue use or provision of personal information.

13. The Use of Cookies and Other Technologies
The Service may use Cookies or similar technologies from time to time. These technologies are helpful in allowing the Company to ascertain the usage status of the Service, and contribute to the improvement of the Service. If a customer wishes to disable Cookies, they may do this by changing the settings of their browser. Note, however, that some parts of the Service may not function if Cookies are disabled.

14. Inquiries
With respect to requests for disclosure, etc., comments, questions, complaints, and other inquiries regarding the handling of User Information, please use the following contact method:
Holoeyes Inc.
#303 Mourin Bldg., 2-17-3 Minami Aoyama, Minato-ku, Tokyo 107-0062
Email: info[at]holoeyes.jp Attention: Personal Information Protection Desk
(When sending emails, please replace [at] with an @ mark)
(Reception hours: 10 a.m. to 6 p.m. on weekdays)

15. Continuous Improvement
The Company conducts appropriate reviews of the operating status of the handling of Personal Information, etc., and strives to implement continuous improvement. As such, the Privacy Policy may be updated, as needs require. In the event of any changes, the updated Privacy Policy will be notified to the customer, or publicly announced. In the event that any changes require the consent of the customer by law, the customer’s consent will be obtained in the manner prescribed by the Company.

Established: July 1, 2017
Last updated: April 13, 2022