Personal Data Privacy Policy

ENACTED 30th March 2023
REVISED 22nd September 2023

Guardian Inc. Representative Director,
Caitlin Erin Puzzar

 The Company has developed a bullying and abuse communication support system (hereinafter referred to as 'the Company's system'). The system supports communication from each child to caregivers and other teachers. The system shares dangerous signs of bullying and abuse seen in the daily lives of children via questionnaire responses or facilitates the transmission of requests for support from children. In the provision of the system (hereinafter referred to as the "System"), the Company shall provide the following information on the protection of personal information of children who use the System (hereinafter referred to as "Child User"). The following privacy policy (hereinafter referred to as the "Policy") has been established for the protection of personal information of children who use the Company's system (hereinafter referred to as "Child Users"). The personal information will be handled appropriately in accordance with this Policy.
The meaning of terms used in this Policy shall be governed by the Act on the Protection of Personal Data (hereinafter referred to as the 'Personal Data Protection Act').

1.Items of personal data to be acquired (personal data relating to children)

The Company will acquire the following personal information relating to Child Users.

(1) Information relating to identification.

  • →Name, school name, grade, class, e-mail address, account ID and password

(2) Information for use in determining the alert function (indication of risk of abuse, etc.) to be implemented in our systems.

  • →Child responses to questions automatically extracted by our system (including the date of response and the content of the free-text field), and past alert history.

(3) Information acquired when using the system

  • →Online identifiers, personal device information, location information, browsing history and other service usage (including access logs, IP addresses, browser information, browser language settings, etc.)

(4) Other information

  • → Information from child users (such as enquiries and communications) concerning our system and the services provided by the Company.
  • →In the event of a subsequent request for correction, addition, deletion etc. by the child user themselves, or by a caregiver interviewed by the child user etc., regarding the truthfulness of specific posted contents, accuracy, and appropriateness of descriptions etc. - the content of the request, date of request, requesting party, method of request, etc.

2.Purpose of use

The Company shall use the personal data of Child Users for the following purposes of use (Hereinafter referred to as the "Purpose of Use"). Carried out as part of the processing of the work outsourced by the Company, regarding the duties which are naturally occurring during the performance of school duties. The information will be acquired and used within the scope of the following purposes of use.

  • Registering users to our system and authenticating the identity of users when using our system.
  • Carrying out the storage of various data related to our system when outsourced by educational institutions that use our system.
    ※In carrying out this storage work, we will endeavor to take all technical measures that are beneficial for the extensive protection of personal information in our company, in sequence and to a reasonable extent.
  • Preventing and responding to unauthorized acts associated with the use of our system (including unauthorized access, system intrusion, unauthorized falsification of data and other acts that interfere with the normal operation of our system in general), etc.
  • Reviewing and improving the method of child users database construction.
  • Maintaining and managing our systems, including checking that the alert function implemented in our system is operating correctly.
  • Improving our system, and for planning and research and development of new products and services etc.
  • Responding to enquiries and contacting child users.
  • If the Company establishes an affiliated company in the future (information can be found on the Company's website at https://guardian-jp.com/en these affiliated companies carry out the above-mentioned tasks relating to each of the above-mentioned matters.

3.Third-party provision

(1)The Company shall not provide personal data handled by the Company to third parties without the prior consent of the child user, except in the following cases.

  • When required by law.
  • When it is necessary for the protection of a person's life, body or property and it is difficult to obtain the consent of the Child User.
    However, regardless of if the Company's system is used or not, it is schools etc. that bear the primary responsibility for detecting child abuse, bullying and other risks to children and ensuring their safety. In principle, the necessity of providing personal information to third parties and the actual provision of such information shall be carried out under the educational and professional judgment and responsibility of schools, etc. The main purpose of our service is to support and facilitate communication from child users, and even if this is a secondary aspect of supporting school administration for teachers and staff, we are not responsible for specific risk detection or the provision of information to external bodies necessary for subsequent safety assurance.
  • When it is necessary for the improvement of public health or the promotion of the sound development of children and it is difficult to obtain the consent of the child user.
  • When it is necessary to cooperate with a state body, a local authority or a person entrusted by such a body to execute affairs prescribed by law, and obtaining the consent of the child user may hinder the execution of such affairs.
  • When the third party is an academic research organization etc. and it is necessary for such third party to handle such personal data for academic research purposes ​​(including cases where part of the purpose for handling personal data is for research purposes) except where there is a risk of unjustified infringement of the rights and interests of individuals.
  • In other cases permitted by law.

(2)The Company relies on the general interpretation that contractors, etc. to whom personal data is provided (in accordance with Article 23(5)(i) of the Personal Data Protection Act "where such personal data is provided in connection with the entrustment of all or part of the handling of personal data within the scope necessary to achieve the purpose of use") do not constitute the aforementioned third parties. Nevertheless, when handling personal data provided in such situations, we will take sufficient care, for example by making efforts to improve the system, to use data that has been processed to avoid easy identification of the child to a reasonable extent.

(3)The Company may provide personal data of child users to third parties in the following foreign countries. The country-specific information that should be referred to in such cases is currently as follows:

United States of America

(4)When we provide personal data to third parties in foreign countries that have taken measures equivalent to those required of business operators handling personal data under the Personal Data Protection Act, we take the necessary measures to ensure the continued implementation of such measures. If you require confirmation of the details of the measures in question, please contact us via the information listed below (6 Contact details).

4.Security control measures

The Company shall take all necessary and appropriate measures to prevent leakage, loss or damage of the personal information it handles and to otherwise ensure the safe management of personal information. For more information on the security control measures taken by the Company, please contact us via the information listed below (6 Contact details).

5.Requests for disclosure, etc.

The Company will respond to requests for disclosure (i.e. requests for notification of purpose of use, disclosure, correction, addition, deletion of personal information or records provided to third parties, suspension of use or suspension of provision to third parties) as set out below. The Company will respond to the following.

(1)Notification of the purpose of use or disclosure of personal information, or records provided to third parties

Child Users may request the Company to notify them of the purpose of use or to disclose their personal information or third-party records within the scope permitted by the Personal Data Protection Act, in accordance with the procedures set out in (4) below, and upon payment of the disclosure fee set out in that same section. However, the Company may not disclose the information if any of the following conditions apply:

  • If disclosure may harm the life, body, property or other rights or interests of the person concerned or a third party.
  • If disclosure may cause significant hindrance to the proper conduct of our business
  • If disclosure would violate the law
  • Where it cannot be confirmed that the request for disclosure is made by the person concerned.

(2)Corrections, additions and deletions

With respect to the information disclosed in (1) above, a Child User may, within 60 days of disclosure, request correction, addition, or deletion of personal information (hereinafter referred to as "Request for Correction, etc.") in accordance with the procedures set forth in (4) below. In such a case, the Company may request that the information be corrected, added, or deleted. In such cases, we will investigate without delay to the extent necessary to achieve the purpose of use, and based on the results, correct, add, or delete the relevant personal information to the extent permitted by the Personal Information Protection Law.
However, this system is not designed to determine the truthfulness of comments sent by child users, but rather to record and transmit them electronically without altering the received content. Requests for correction, etc. will be accepted only in very exceptional cases, for example, when incomplete or inaccurate data is generated due to a technical failure during data transmission, or when there is clear evidence of alteration due to unauthorized access after data storage, etc. Other than these cases, we do not plan to respond to requests for correction, etc. When a child user makes a request to correct or withdraw a past response by specifying the past response, the new request will be recorded by linking it to the past response, etc., and when the subjected previous response, comments, etc., are viewed, the system will display the contents of the request for correction or withdrawal, etc. on the system and prompt the user to refer to it for evaluation. In principle, the contents of the request for correction or withdrawal will be displayed on the system to encourage reference to them, to use them as evaluation data.

(3)Suspension of use or provision to a third party

Regarding the information disclosed in (1) above, a Child User may, within 60 days of the disclosure, request that the Company cease using the personal information, or cease providing the personal information to a third party in accordance with the procedures set forth in (4) below. In such cases, we will respond appropriately in accordance with the Personal Information Protection Law.

(4)Procedures

To make a request for disclosure, etc., a Child User shall fill in the prescribed items on the request form provided by the Company (shown below as A), enclose identification documents (shown below as B), and mail the form to the designated contact address designated by the company (6). A fee of 1,800 yen per request will be charged for notification of purpose of use, disclosure of personal information or records provided to a third party. Please transfer the fee to the bank account indicated on the request form (fee to be borne by the requesting party). Please note that the fee will not be refunded in cases of non-disclosure, non-disclosure of the purpose of use, failure to respond to a request for correction, etc., or failure to respond to a request for suspension of use.

(A)Disclosure request form

Please download the disclosure request form below.

  • Request form for Notification of Purpose of Use, Disclosure of Personal Information or Record of Provision to a Third Party
  • Request form for Correction, Addition, or Deletion of Personal Information
  • Request form for Suspension of Use or Suspension of Provision to a Third Party

(B)Identification documents

〇 In the case of a request by a legal representative (such as a person with parental authority over the child user)

  • Identification documents of the child user (One of the following: My Number card (front side), driver's license, health insurance card, or a copy of passport)
  • Document confirming the existence of legal representation (family register or adult guardianship registration certificate)
  • Identification documents of the legal representative (One of the following: My Number card (front side), driver's license, health insurance card, or a copy of passport)

〇 In the case of a request by a voluntary representative from a person with parental authority

In addition to the documents listed above under "In the case of a request by the child user himself/herself," the following documents

  • Power of Attorney
  • Identification documents of the voluntary representative (One of the following: My Number card (front side), driver's license, health insurance card, or a copy of passport)

6.Inquiries

Please direct any comments, questions, complaints, or other inquiries regarding the handling of personal information to the following address

Guardian Inc.
Yoshidatachibanacho 33-16, Sakyo Ward, Kyoto City, 606-8303 JAPAN
(E-mail) info@guardian-jp.com