Personal Information Protection/Efforts for Information Security

Asahi Net Personal Information Protection Policy

Asahi Net, Inc. (hereinafter referred to as the "Company") has established the following Personal Information Protection Policy to handle the personal information of our large number of customers both accurately and safely, recognizing that this is an important management task in providing a customer-oriented service. In addition, when providing telecommunications services, etc., we believe that the adequate protection of personal information is a social responsibility, thus have established the following Personal Information Protection Policy and shall continuously strive towards the proper handling of personal information.

  1. The Company shall handle the personal information of our customers only within the scope of the purpose of use and not for other purposes, unless prior consent has been obtained from the customer or unless otherwise stipulated by laws and regulations. Necessary measures will be taken for this purpose.
  2. The Company, upon handling of personal information (information with which a specific individual can be identified. The same shall apply hereinafter) vows to comply with the Act on the Protection of Personal Information and other relevant laws and regulations relating to personal information protection, and to strictly comply with this Policy.
  3. The Company shall endeavor to keep personal data accurate and up-to-date within the scope of the purpose of use, and take necessary and appropriate measures to securely control personal information, and supervise employees and subcontractors.
  4. The Company shall deal quickly and appropriately and in accordance with laws and regulations, with inquiries or complaints received by the Company's representatives from customers regarding our handling of personal information, and with the disclosure, correction and deletion of the acquired personal information.
  5. The Company shall take all necessary corrective and preventive measures to safely manage personal information, and will strive to prevent unauthorized access, loss, destruction, alteration and leakage to or of personal information.
  6. The Company, for the purpose of proper handling of the personal information acquired, shall strive to continuously improve and strengthen its Personal Information Protection Management System, which shall include the reviewing of this Policy, by enforcing the appointment of a person in charge of administering personal information, the development of internal regulations, the education and supervision of employees, and the implementation of internal auditing.

This Policy shall be effective as of March 25, 2005.
The revised policy shall be effective as of May 1, 2015.
The revised policy shall be effective as of December 25, 2015.

Asahi Net, Inc.
President, Jiro Hijikata

Consultation desk for matters related to the handling of personal information:
Personal Information Protection Office
Telephone: 03-3541-3892 (10am to 6pm)

* This is a translation of the original Asahi Net Personal Information Protection Policy in Japanese. If there is any conflict between the original and the translation, the original shall prevail.

Japanese-language version of the Asahi Net Personal Information Protection Policy.

Back to Top

Handling of Personal Information

1. Company's name and Personal Information Protection Administrator

The Company name: Asahi Net, Inc.
Personal Information Protection Administrator: Executive Director, Satoshi Mizokami

2. Purpose of use

  1. Asahi Net, Inc. (hereinafter referred to as "the Company") shall acquire personal information appropriately and fairly in any manner including oral, written and electromagnetic records, audio recordings, video recordings and other means. The acquired personal information shall be handled appropriately within the scope necessary for the following purpose of use. In addition to the following purpose of use, the Company may separately specify the purpose of use.
  Purpose of use
1. Personal information of customers
  • To conduct operations related to the provision of the Company's service.
  • To provide administrative procedures and notification to customers related to contract, billing of usage fee, etc.
  • To conduct sales promotion activities and to inform campaigns of services or products of the Company and other companies.
  • To conduct questionnaire, marketing survey and analysis, and to use such results.
  • To generate statistical data for business analysis and to use such analysis results.
  • To prevent any unauthorized use of the Company's service.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
2. Personal information of business partners
  • To conduct operations related to the provision of the Company's service.
  • To provide administrative procedures and notification to customers related to contract, billing of usage fee, etc.
  • To conduct sales promotion activities and to inform campaigns of services or products of the Company and other companies.
  • To conduct questionnaire, marketing survey and analysis, and to use such results.
  • To generate statistical data for business analysis and to use such analysis results.
  • To prevent any unauthorized use of the Company's service.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
3. Personal information provided by business partners
  • To conduct operations related to the provision of the Company's service.
  • To provide administrative procedures and notification to customers related to contract, billing of usage fee, etc.
  • To handle inquiries, requests or problems.
  • To generate statistical data for business analysis and to use such analysis results.
  • To prevent any unauthorized use of the Company's service.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
4. Personal information of questionnaire answerers or participant of events
  • To provide notification.
  • To conduct campaign and shipping of gift, etc. to the prize winner.
  • To conduct sales promotion activities and to inform campaigns of services or products of the Company and other companies.
  • To conduct questionnaire, marketing survey and analysis, and to use such results.
  • To post pictures, video images, etc. on the Company's website, etc. for the Company's publicity and advertisement.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
5. Personal information of individuals who made an inquiry or a visit to the Company
  • To manage visitors and control safety.
  • To reply to inquiries and to send related materials.
  • To provide notification.
  • To conduct sales promotion activities and to inform campaigns of services or products of the Company and other companies.
  • To conduct questionnaire, marketing survey and analysis, and to use such results.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
6. Personal information of shareholder
  • To exercise the rights and perform the obligations under the statute.
  • To provide various facilities to the Shareholder in accordance with his/her position as a shareholder.
  • To take various measures in order to smooth the relationship between the Shareholders and the Company.
  • To conduct shareholders management.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
7. Personal information of job applicants of the Company
  • To conduct recruitment screening and employment.
  • To conduct questionnaire, marketing survey and analysis and to use such results.
  • To generate statistical data for business analysis and to use such analysis results.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
8. Personal information of the Company's employee
  • To manage personnel and human resource, attendance and health of the Company's employees.
  • For personnel performance evaluation, salary payment and tax affairs.
  • For social insurance, for Company benefit and educational training.
  • For business management and to communicate at times of emergency.
  • To conduct questionnaire, marketing survey and analysis and to use such results
  • To generate statistical data for business analysis and to use such analysis results.
  • To use pictures, video images, etc. for internal and external operations.
  • To post pictures, video images, etc. on the Company's website, etc. for the Company's publicity and advertisement.
  • To monitor intended for preservation of information assets and other business property, and prevention of fraud.
  • To conduct any other operations relating to the purposes referred to in any of the foregoing items.
  1. The Company shall acquire credit card information (name of the credit card holder, credit card number, expiration date, etc.) of the customer, of which purpose of use, the acquirer, the recipient and the storage period of the information shall be as the following. The company complies with the non-retention of credit card data
    1. Purpose of use: To settle fees of the service, etc. which the Company provides.
    2. Acquirer: Asahi Net, Inc.
    3. Recipient: Credit card companies of which credit cards are used for settlement of fees, and settlement service support companies.
    4. Storage period: Period determined as appropriate by the Company.

3. Third party provision

The Company will not provide personal information which the Company handles to a third party unless prior consent is obtained from the person. However, in the following circumstances the Company may provide personal information to a third party without the customer's prior consent.

  1. The Company may provide personal information to telecommunication business operators such as NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION or NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION.
  2. The Company, within the scope required to perform the aforementioned purpose of use, may provide or disclose to a third party, statistics information, processed in formats with which a specific individual cannot be identified.
  3. The Company, in any of the following events, and while considering the rights of the person, may provide personal information to a third party.
    1. Cases in which the handling of personal information is based on laws and regulations.
    2. Cases in which the handling of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person.
    3. Cases in which the handling of personal information is specially necessary for improving public health or promoting the sound growth of children and in which it is difficult to obtain the consent of the person.
    4. Cases in which the handling of personal information is necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and in which obtaining the consent of the person is likely to impede the execution of the affairs concerned.

4. Subcontractor provision

The Company, within the scope required to perform the aforementioned purpose of use, may provide personal information which the Company handles to a subcontractor of the Company.

5. Procedures responding to request for the Disclosure, etc. and contact desk

Except when personal information is entrusted from business operators through consignment business, in the event the person or the agent of the person requests to notify the purpose of use, to disclose, to correct, add or delete, to discontinue the utilization, to erase, or to discontinue its provision to a third party of personal information (hereinafter collectively referred to as "the Disclosure, etc."), the Company shall handle reasonably, in response to such request and in accordance to the stipulations set forth in the Act on the Protection of Personal Information.
For more information, the details of the procedure for the Disclosure, etc. and contact desk.

  • Please note that request for the Disclosure, etc. is only accepted in Japanese.

6. Voluntary nature of provision of the customer's personal information and outcome of not providing the personal information

When using Company's services, it is required to provide personal information to the Company with consent of this Handling of Personal Information. If a user fails to provide the Company certain information, such user may not be able to use whole or part of Company's services and the Company may not be able to answer an inquiry.

7. Acquisition of personal information by methods that are not easily recognized by individuals

The Company, within the scope of providing Company's service, ensuring security, improving usability, distributing advertisement, etc., shall acquire information such as device information or location information by using cookies, etc. Information with which itself alone cannot identify a specific individual shall not be handled as personal information. However, in the event that such information is collated with other information and thereby can identify a specific individual, it shall be handled appropriately in accordance with this Handling of Personal Information.

8. Consultation desk for handling of personal information

  1. Asahi Net, Inc.
    Please contact by postal mail or by phone. Personal Information Protection Office
    Asahi Net, Inc.
    KABUKIZA TOWER 21F, Ginza 4-12-15 Chuo-ku,
    Tokyo 104-0061
    Tel: 03-3541-3892 (Weekdays, 10:00 a.m.- 6:00p.m.)
  2. Authorized personal information protection organization to which the Company belongs. (Certified by Ministry of Internal Affairs and Communications.) Telecommunications Personal Information Protection Promotion Center
    Japan Data Communications Association
    Tel: 03-5907-3803 (Weekdays, 10:00 a.m.-12:00 p.m., 1:00 p.m.-3:00 p.m.)
    http://www.dekyo.or.jp/kojinjyoho/
  3. Supplementary Provision

    This policy shall be effective of August 15, 2013
    The revised policy shall be effective of December 25, 2015
    The revised policy shall be effective of January 27, 2016
    The revised policy shall be effective of May 27, 2016
    The revised policy shall be effective of December 4, 2017
    The revised policy shall be effective of March 31, 2020

    • This is a translation of the original Handling of Personal Information in Japanese. If there is any conflict between the original and the translation, the original shall prevail.
    • Please note that the Company is not targeting people or consumers within the European Union, California State or Virginia State, United States, nor any other applicable countries.

    Back to Top

Information Security

Asahi Net Inc. has obtained ISO/IEC 27001:2013 certification for Information Security Management System (ISMS), which signifies our concerted efforts in managing information security. We will continue to take steps to ensure that those using our Internet connection services and related services may do so securely and with peace of mind.

Privacy Mark

Asahi Net Inc. has obtained the Privacy Mark issued by the Japan Information Processing Development Center (JIPDEC). Important personal information of our customers is acquired in a responsible manner and is handled, stored and managed appropriately.

P Mark

Certification number 21000821(02)
Date obtained December 13, 2013

Click to visit the PrivacyMark System's English Web page.

ISO/IEC 27001:2013 Certification

Asahi Net Inc. has obtained ISO/IEC 27001:2013 certification for Information Security Management System (ISMS).

JQA ISMS

Certification obtained ISO/IEC 27001:2013
JIS Q 27001:2014
Accreditation body UKAS (United Kingdom Accreditation Service)
JIPDEC (Japan Information Processing Development Corporation)
Certificate registration number JQA-IM0890
Registration date August 6, 2010
Revision date June 29, 2018
Certification body JQA (Japan Quality Assurance Organization)

Internet Connection Service Safety & Security

Asahi Net Inc., has passed the licensing examination of the Internet Connection Service Safety & Security Promotion Association and therefore can use the Safe Security ISP mark.

Safe Security ISP
(License number : T0009)

These seven items were tested for the licensing examination.

[ Items ]
  1. The establishment of a security policy and introduction of an audit system.
  2. The security level of systems.
  3. The establishment of a system to manage times when problems occur.
  4. The maintenance and announcement of user-oriented contract articles, etc.
  5. The maintenance of a system to manage users.
  6. The dissemination of knowledge to users.
  7. The actions taken to protect personal information.

Click to visit the Internet Connection Service Safety & Security Promotion Association's Japanese Web page.

Back to Top

The details of the procedure for the Disclosure, etc. and contact desk

  1. Where to file a request for the Disclosure, etc.
    To request for the Disclosure, etc., please send a written form prescribed by the Company with required documents attached to the following address by post. On the envelope, please write Request form for the Disclosure, etc. in red letters. Personal Information Protection Office
    Asahi Net, Inc.
    KABUKIZA TOWER 21F, Ginza 4-12-15 Chuo-ku,
    Tokyo 104-0061
    • Please note that request for the Disclosure, etc. is only accepted in Japanese.
  2. Documents to be submitted when requesting for the Disclosure, etc.
    To request for the Disclosure, etc., download the following forms prescribed by the Company, fill in the forms as required, attach any one of the following documents for identification, and send it to the aforementioned address indicated in Where to file a request for the Disclosure, etc. by post.
    If the current address of the person is different from the address of the person registered with the Company, the Company may call the telephone number indicated on the request form to verify identification of the person.
    • Request Form for Disclosure, Correction, and Discontinuance of Utilization of Personal Information (Japanese), prescribed by the Company.
    • Any one of the following: a photocopy of driver's license, a photocopy of passport, a photocopy of Residence card (front and back) or family register certificate (issued within the last three months. Same applies hereafter.)
      • Residence certificate which has your individual number (My Number) indicated cannot be accepted.
      • If domicile of origin is indicated, please black out the relevant section using a ballpoint pen, etc. before sending.
  3. Request for the Disclosure, etc. by agents
    If the person requesting for the Disclosure, etc. is a statutory agent of a minor or an adult ward, or an agent to whom the person has delegated to request for the Disclosure, etc., please attach the documents listed in either the following I or II, in addition to the documents listed in the previous section.
    1. When the requestor is a statutory agent
      • Declaration form (Japanese) prescribed by the Company.
      • Documents to confirm the authority of statutory representation (family register certificate, or if the statutory agent has parental authority, a photocopy of health insurance certificate of the statutory agent, in which the dependent family member is indicated, is also accepted.)
      • Documents to verify identification of the person who is the statutory agent of the minor. (Photocopy of driver's license or passport of the statutory agent.)
      • Documents to verify identification of the person who is a statutory agent of the adult ward. (Certificate of registered information of adult guardianship.)
    2. When the requestor is delegated agent
      • Letter of attorney (Japanese) as prescribed by the Company (affixed with a registered seal.)
      • Seal registration certificate of the person (issued within the last three months; the certificate must be for the seal which is sealed in the Letter of attorney.)
  4. Fee required to request for disclosure, and method of payment
    To request for disclosure of personal information subject to disclosure or for notification of purpose of use of personal information, a fee of 1,500 yen (tax included) per request shall be charged. Please enclose a postal money order* equivalent to 1,500 yen with the request form.
    In the event that additional costs incur from requests for special disclosure or special method of notification, etc., an additional fee considering such costs may be charged.
    If the enclosed fee is not sufficient or if the fee is not enclosed, we shall notify the requestor accordingly. However, if the requestor fails to pay within a prescribed period, request for disclosure shall be regarded as not having been made. A fee that has been paid shall not be refunded.
    • Postal money order for fixed small amount
      • Please purchase a postal money order at savings account window of Japan Post Bank or Japan Post. A handling fee shall be charged for purchasing.
      • Please leave the name and address of the designated payee blank on the postal money order.
  5. Method of reply to requests for the Disclosure, etc.
    Reply shall be sent in a written form to the address indicated in the request form of the applicant.
  6. Purpose of use of personal information acquired in relation to the request for the Disclosure, etc.
    Personal information acquired in association with the request for the Disclosure, etc. shall be handled within the scope necessary to respond to request for the Disclosure, etc. Submitted documents shall be stored for two years after the request for the Disclosure, etc. has been replied, and shall be destroyed by the Company in a responsible manner.
  7. Reason for non-disclosure
    Information shall not be disclosed in any of the following circumstances. In the event the Company decides for non-disclosure, it shall notify the applicant of the decision with the reason for non-disclosure. Prescribed fee shall not be refunded even in the event the Company decides for non-disclosure.
    1. When identification cannot be verified, such as when there is a discrepancy among the address indicated on the request form, the address indicated on the document for identification verification, and the address registered with the Company.
    2. When authority of representation cannot be confirmed for request made by an agent.
    3. When there is an insufficiency in the submitted request form and documents as prescribed by the Company.
    4. When the information for which disclosure is requested does not constitute personal information subject for disclosure (such as personal information entrusted from business operators through consignment business.)
    5. When there is a possibility of harming the person or third party's life, body, fortune or other rights and interests.
    6. When there is a possibility of seriously impeding the proper execution of the Company's businesses.
    7. When it violates other laws and regulations.
    8. When there is a possibility to solicit or induce unlawful act.
    9. When special procedures are stipulated by laws and regulations.

Back to Top

About cookies

  1. What are cookies?
    "Cookie" is a small file of recognition tag (a text file) that is sent to your browser. Cookie is stored on your device through your browser when you access Company's website for the first time. When you access again, Company's website distinguish your cookie and recognize that you are accessing from the same device as before.
  2. Purpose of use
    The Company, by using cookies, may use the information acquired when you browse Company's websites, e-mails and information you entered on our websites collated with your device information, within the scope of the purpose of use stated as the following.
    1. To improve usability and to support input when using the service of the Company.
    2. To conduct operations related to the provision of the Company's service or maintenance and support.
    3. To conduct questionnaire, marketing survey and analysis intended for the maintenance and improvement of the Company's service or for the planning and development of the Company's new service.
    4. To generate statistical data for business analysis and to use such analysis results.
    5. To distribute advertisement.
  3. Information acquired
    By using cookies, the Company acquire access information and information you have entered as follows.
    1. Information of web pages that you have accessed.
    2. Information relating to opening of e-mails.
    3. Information regarding websites' URL that you have accessed.
    4. Device information and location when you accessed Company's website.
    5. Registration information that you have entered when using Company's website.
    6. Keywords that you have entered to search information.
  4. Protection of Information
    Information with which itself alone cannot identify a specific individual shall not be handled as personal information. However, in the event that such information is collated with other information and thereby can identify a specific individual, it shall be handled appropriately in accordance with Handling of Personal Information.
  5. Refuse the use of cookies
    You may refuse the use of cookies by selecting the appropriate settings on your browser. Please note, however, that you may not be able to use the full functionality of certain services based on Company's websites.