CARTAZERO

ABOUT
  • PHILOSOPHY
  • CEO MESSAGE
  • COMPANY
  • BOARD MEMBER
    • BUSINESS
  • STRENGTH
  • SERVICE
    • CAREER
  • CAREER TOP
  • CAREER STORY

    • Privacy Policy

    CARTA ZERO Inc. (hereinafter referred to as "the Company") recognizes that the proper handling of information, especially personal information, is crucial as we play a part in creating a richer information society.

    The Company strives to appropriately manage and protect all personal information we handle in accordance with applicable laws and regulations. This Privacy Policy also aims to clearly explain how the Company acquires and uses your information, ensuring you have the opportunity to know what personal information about you is being handled and how, and to be involved in that process.

    Please note that the Company may revise the contents of this Privacy Policy from time to time within the scope of applicable laws and regulations. The revised content will become effective at the time it is posted on this website.

    Chapter 1: Personal Information

    1. Handling of Personal Information

    • (1) Purpose of Use
      The Company acquires personal information (as defined in Article 2, Paragraph 1 of the Act on the Protection of Personal Information; hereinafter the same applies in this chapter) through fair and appropriate means and utilizes it within the scope indicated in [Table 1] "Purposes of Use." Personal information of types other than those listed in [Table 1] "Types of Personal Information" will be used after individually notifying or publicizing the purpose of use, or after obtaining the prior consent of the individual concerned.
      Additionally, the Company may acquire personal information for the purpose of carrying out tasks entrusted by customers, such as sweepstakes, campaigns, various events, provision of member services, handling requests for materials and inquiries, conducting surveys, consumer trend research, and personalization (provision of information based on individual attributes and behavioral history). The Company will use such personal information only to the extent necessary for the entrusted tasks.
    • (2) Management of Subcontractors
      The Company entrusts part of the operations related to personal information to external service providers. We consider the management of these entrusted service providers to be of utmost importance. When outsourcing operations, we select providers recognized for having a sufficient level of personal information protection and clearly define necessary obligations through contracts or other agreements. Furthermore, we require entrusted service providers to handle personal information appropriately and continuously supervise and audit them to ensure its secure management.
    • (3) Provision to Third Parties
      The Company will not disclose or provide personal information to third parties except as stipulated by law or with the consent of the individual concerned. When disclosure or provision occurs, it will be carried out appropriately in accordance with the law.
    • (4) Joint Use
      The Company will jointly use personal information within the scope indicated in [Table 2] "About Joint Use of Personal Information."
    • (5) Disclosure and Inquiries
      For personal information that the Company acquires directly, as shown in [Table 1], please contact the relevant point of contact where you provided your information or the inquiry desk below for: ① notification of purpose of use, ② requests for disclosure, correction, addition, or deletion of content, ③ requests for suspension of use or erasure, ④ complaints, or ⑤ other requests/inquiries. We will guide you through the application procedures and fees. When responding to your request, we will verify your identity or that of your authorized representative. Please note that there is currently no "authorized personal information protection organization" to which the Company belongs.
      [Inquiry Contact] CARTA ZERO Inc. Public Relations: Please contact us here.

    [Table 1] Personal Information Acquired Directly by the Company

    Type of Personal InformationPurpose of Use
    Personal Information of CustomersGuidance and communication regarding business operations, including proposals, services, seminars, and surveys.
    Guidance and communication regarding business operations such as proposals, services, and the conducting of seminars for subcontractors.
    Personal Information of Business PartnersGuidance and communication regarding business operations such as proposals, services, and the conducting of seminars for subcontractors.
    Sending publications, newspapers, seasonal greetings, etc.
    Personal Information of Visitors to the CompanyContacting relevant personnel and managing building entry/exit.
    Personal Information of Job Applicants to the CompanyOperations and various communications related to recruitment, hiring, and selection activities; conducting surveys for future recruitment reference; and human resources data after joining the company.
    Personal information of individuals who have submitted inquiries or other requests to the Company.Responding to inquiries, requests, and complaints.
    Personal Information Acquired Through Third-Party ProvisionConducting operations such as surveys, consumer trend research, and personalization (providing information based on individual attributes and behavioral history).

    The following personal information will be jointly used as described below.

    Type of Personal Information Jointly UsedPurpose of Joint UseScope of Joint UsersAdministrator
    Address, name, age, gender, phone number, email address, and content of inquiries or consultations for individuals making such requests.・Providing guidance and communication regarding the execution of business operations, including proposals, services, seminars, and surveys.
    ・Sending publications, newspapers, seasonal greetings, and similar communications.
    ・Appropriately responding to inquiries, consultations, and complaints.    		The Company, its parent company, and the consolidated subsidiaries of its parent company. (※1)(※2)
    Address, name, phone number, email address, and content of requests/complaints for individuals making disclosure requests or complaints regarding personal information.・Investigation to address requests and complaints.
    ・Verification of the identity of the individual or their representative.
    ・Sending responses and making necessary contact.    		The Company, its parent company, and the consolidated subsidiaries of its parent company. (※1)(※2)
    Company name (trade name), address, department, position, name, phone number, and email address of business partners, etc.・Providing guidance and communication related to the execution of business operations, including proposals, services, seminars, and surveys.
    ・Sending publications, newspapers, seasonal greetings, and similar communications.    		The Company, its parent company, and the consolidated subsidiaries of its parent company. (※1)(※2)
    Company name (trade name), address, name, phone number, and payment account information of business partners, etc.・Collection of receivables.
    ・Payment of debts.    		The Company, its parent company, and the consolidated subsidiaries of its parent company. (※1)(※2)
    (※1) The Company's parent company is CARTA HOLDINGS, Inc. Please refer to the following link for the scope of applicable consolidated subsidiaries:
    CARTA HOLDINGS Company Profile
    (※2) The administrator responsible for joint use is CARTA HOLDINGS, Inc. (Toranomon Hills Station Tower 36F, 2-6-1 Toranomon, Minato-ku, Tokyo; Representative Director, President & Executive Officer: Shinsuke Usami).

    2. Compliance with Laws and Regulations

    We strictly comply with all relevant laws, regulations, contracts, and other norms regarding the protection of personal information.

    3. Security Management Measures

    We implement security management measures for personal information and strive to prevent its leakage, etc., through the development and improvement of our personal information protection system, educational and awareness activities for employees, management of office entry and exit, and information security measures. Additionally, when the purpose of retention no longer exists or when the retention period we've set expires, we will securely dispose of or erase personal information using appropriate methods.

    4. Continuous Improvement

    We will continuously review and strive to improve our personal information protection management system, including this policy, to maintain an appropriate level of personal information handling and protection in light of requests from our business partners and changes in social conditions.

    Chapter 2: Information Collected via Cookies, etc.

    The Company may collect information about individuals using technologies like cookies on services and websites we operate. When information about an individual collected by the Company is used in conjunction with information that can identify a specific individual, we handle such data in accordance with Chapter 1: Personal Information.

    1. Collection on Services Operated by the Company

    For information on how personal information is collected, its purpose of use, and how to stop its handling (opt-out (※)) on our ad network service "Zucks Ad Network" and ad platform for brand advertisers "PORTO," please refer to the following sites:
    Zucks Ad Network
    PORTO

    2. Collection on Websites Operated by the Company

    On websites operated by the Company, we utilize website analysis services provided by third parties (hereinafter referred to as "Third-Party Analytics Services"), as listed on the "Third-Party Analytics Services" page below. This is for the purpose of understanding user activity on the website and improving its convenience. For information on how personal information is collected, its purpose of use, and how to stop its handling (opt-out (※)) for each Third-Party Analytics Service, please check the "Third-Party Analytics Services" page below.

    [Third-Party Analytics Services]
    ① Google Analytics
    Privacy Policy:
    https://support.google.com/analytics/answer/6004245#zippy=
    Opt-out:
    https://tools.google.com/dlpage/gaoptout/?hl=ja&sjid=4127967002613979746-NC
    ②Hub Spot
    Privacy Policy:
    https://legal.hubspot.com/jp/privacy-policy
    Opt-out:
    https://www.hubspot.com/hubspot-privacy-preferences

    ※ Opting out must be done for each browser a user uses. Therefore, if you use a different computer from the one you opted out on, or if you install a new browser, you will need to opt out again.

    Chapter 3: Handling of Data for EU Residents

    The Company sets forth the following provisions regarding the handling of information that identifies or can identify residents within the European Union (hereinafter referred to as "EU"), including EU member states and Iceland, Liechtenstein, and Norway based on the European Economic Area Agreement (hereinafter referred to as "EU Resident Data," and the natural persons who are the subjects of such EU Resident Data are referred to as "EU Resident Data Subjects"). Please note that the provisions of Chapter 1, Section 2 (Compliance with Laws and Regulations), Section 3 (Security Management Measures), and Section 4 (Continuous Improvement) also apply to the handling of EU Resident Data.

    1. When the Company is the Data Controller

    • (1) Obtaining Consent
      When the Company handles EU Resident Data as a Data Controller under the General Data Protection Regulation (hereinafter referred to as "GDPR"), we will clearly state the purpose of processing EU Resident Data and other matters required to be disclosed under GDPR to the EU Resident Data Subject. We will obtain explicit consent from the EU Resident Data Subject for such processing, unless there is another legal basis for processing other than consent. When obtaining consent, the explanation will be provided in a clear, plain, easily understandable, and accessible manner, clearly distinguishable from other matters.
    • (2) Retention of Consent Records
      The Company will retain records of consent obtained from EU Resident Data Subjects regarding the processing of EU Resident Data so that they can be presented upon request for proof of consent.
    • (3) Requests from EU Resident Data Subjects
      When the Company receives requests regarding the exercise of rights by a data subject as recognized under the GDPR concerning EU Resident Data we handle, we will respond in accordance with the provisions of the GDPR.

    2. When the Company is the Data Processor

    When the Company handles EU Resident Data as a Data Processor under the GDPR, we will appropriately handle such EU Resident Data in accordance with the instructions of the Data Controller of that EU Resident Data.

    3. Contact Information

    For requests or inquiries regarding the exercise of rights recognized for data subjects under the GDPR concerning EU Resident Data handled by the Company as a Data Controller under the GDPR, please contact the respective points of contact below. When responding to your request, we will verify your identity or that of your authorized representative.

    Contact for DPO:

    Toranomon Hills Station Tower 36F, 2-6-1 Toranomon, Minato-ku, Tokyo, Japan
    CARTA ZERO Inc.

    Contact for EU Representative under GDPR Article 27:
    eurep@enobyte.com
    +49 89 215 4774 -30
    Enobyte GmbH
    Augustenstr. 49, D-80333 Munich, Germany

    *Please note that links from websites operated by the Company may lead to sites not operated by us. In such cases, this Privacy Policy does not apply.

    Last Updated: July 1, 2025

    LOADING
    000
    %