Privacy Policy

Mu Lab, LTD. (hereinafter referred to as “the Company”) recognizes the importance of protecting personal information and, in compliance with the Act on the Protection of Personal Information (hereinafter referred to as “the Personal Information Protection Act”), strives for appropriate handling and protection of personal information in accordance with the following Privacy Policy (hereinafter referred to as “this Privacy Policy”). Unless otherwise specified in this Privacy Policy, terms used herein shall have the definitions set forth in the Personal Information Protection Act.

1. Definition of Personal Information

In this Privacy Policy, “personal information” refers to personal information as defined in Article 2, Paragraph 1 of the Personal Information Protection Act.

2. Purposes of Using Personal Information

The Company will use personal information for the following purposes:

  1. To provide product information, such as new products.
  2. To provide information regarding events such as exhibitions and seminars, and to respond to inquiries.
  3. To provide information about the Company’s products and services.
  4. To improve the Company’s services and develop new services by analyzing information regarding the usage status of the Company’s services.
  5. For employment management and internal procedures (for personal information of officers and employees), and for selection and communication in recruitment activities (for personal information of applicants).
  6. For shareholder management and compliance with procedures under the Companies Act and other laws and regulations (for personal information of shareholders, holders of share options, etc.).
  7. To create statistical data processed into a format that cannot identify individuals in connection with the Company’s services.
  8. For other purposes incidental to the above uses.

3. Method of Collecting Personal Information

3.1 The Company collects the following information from customers using the Company’s services by the following methods when providing said services:

  1. Information collected:
    Pages visited on our website, time spent on our website, browser type, browser version, operating system and other system information, referrer (e.g., from which website you were referred to us), date and time of visit, and geographical location information (country or region).
  2. Methods of collection:
    1. Via input by the customer on the Company’s service.
    2. Via input by the customer on inquiry forms related to the Company’s service.
    3. Via collection when the customer uses the Company’s service.

3.2 The Company may retain the information specified in Article 3.1 (1) during the provision of and even after the termination of the Company’s services. However, the Company will endeavor to delete such information without delay when it is no longer necessary to use it.

4. Changes to the Purposes of Using Personal Information

The Company may change the purposes of using personal information to the extent that is reasonably recognized as having relevance, and in the event of such a change, the Company will notify or publicly announce the individual (hereinafter referred to as “the Principal”) who is the subject of the personal information.

5. Use of Personal Information

5.1 Except where permitted by the Personal Information Protection Act or other laws and regulations, the Company will not handle personal information beyond the scope necessary to achieve the purposes of use without the consent of the Principal. However, this shall not apply in the following cases:

  1. When required by law.
  2. When it is necessary for the protection of a person’s life, body, or property, and it is difficult to obtain the consent of the Principal.
  3. When it is particularly necessary for improving public health or promoting the sound upbringing of children, and it is difficult to obtain the consent of the Principal.
  4. When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by them in executing affairs prescribed by law, and obtaining the consent of the Principal may impede the execution of such affairs.
  5. When providing personal data to academic research institutions, etc., and it is necessary for said academic research institutions, etc. to handle said personal data for academic research purposes (including cases where a part of the purpose of handling said personal data is academic research purposes, and excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals).

5.2 The Company will not use personal information in a manner that may encourage or induce illegal or unjust acts.

6. Proper Acquisition of Personal Information

6.1 The Company will acquire personal information properly and will not acquire it by deception or other dishonest means.

6.2 The Company will not acquire sensitive personal information (meaning information defined in Article 2, Paragraph 3 of the Personal Information Protection Act) without obtaining the prior consent of the Principal, except in the following cases:

  1. When falling under any of items (1) to (4) of Article 5.1.
  2. When acquiring sensitive personal information from an academic research institution, etc., and it is necessary to acquire said sensitive personal information for academic research purposes (including cases where a part of the purpose of acquiring said sensitive personal information is academic research purposes, and excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals) (limited to cases where the Company and said academic research institution, etc. jointly conduct academic research).
  3. When said sensitive personal information has been made public by the Principal, a national agency, a local government, an academic research institution, etc., any person listed in each item of Article 57, Paragraph 1 of the Personal Information Protection Act, or any other person specified by the rules of the Personal Information Protection Commission.
  4. When acquiring sensitive personal information that is clearly apparent from its external appearance by visually observing or photographing the Principal.
  5. When receiving sensitive personal information from a third party, and the provision by said third party falls under any of the items of Article 9.1.

6.3 hen receiving personal information from a third party, the Company will confirm the following matters in accordance with the rules of the Personal Information Protection Commission. However, this shall not apply when the provision of said personal information by said third party falls under any of the items of Article 5.1 or any of the items of Article 9.1.

  1. The name or designation and address of the third party, and in the case of a corporation, the name of its representative (in the case of an organization that is not a corporation but has a representative or administrator, the name of that representative or administrator).
  2. The circumstances under which the third party acquired said personal information.

7. Security Management of Personal Information

The Company will exercise necessary and appropriate supervision over its employees to ensure the security management of personal information against risks such as loss, destruction, alteration, and leakage. Furthermore, when entrusting all or part of the handling of personal information, the Company will exercise necessary and appropriate supervision over the entrusted party to ensure the security management of personal information. For specific details regarding the security management measures for the personal data held by the Company, please contact us via the inquiry form specified in this Privacy Policy.

8. Reporting in Case of Leakage, etc.

In the event of a leakage, loss, damage, or other incident concerning personal information handled by the Company, and if reporting to the Personal Information Protection Commission and notification to the Principal are required based on the provisions of the Personal Information Protection Act, the Company will carry out such reporting and notification.

9. Provision to Third Parties

9.1 Except for cases falling under any of the items of Article 5.1, the Company will not provide personal information to a third party without obtaining the prior consent of the Principal. However, the following cases do not constitute provision to a third party as stipulated above:

  1. When personal information is provided in conjunction with entrusting all or part of the handling of personal information within the scope necessary to achieve the purpose of use.
  2. When personal information is provided due to the succession of business through merger or other reasons.
  3. When personal information is jointly used based on the provisions of the Personal Information Protection Act.

9.2 Notwithstanding the provisions of Article 9.1, except for cases falling under any of the items of Article 5.1, when providing personal information to a third party in a foreign country (excluding countries designated by the Personal Information Protection Commission rules based on Article 28 of the Personal Information Protection Act, and excluding those who have established systems conforming to standards designated by the Personal Information Protection Commission rules based on Article 28 of the Personal Information Protection Act), the Company shall obtain the prior consent of the Principal to allow the provision to a third party in a foreign country.

9.3 When obtaining the consent of the Principal for provision to a third party in a foreign country based on Article 9.2, the Company shall provide the Principal with the following information. However, if the matter in item (1) cannot be specified, in lieu of items (1) and (2), the Company shall provide information to the effect that the matter in item (1) cannot be specified and the reason therefor, and if there is any other information that may be helpful to the Principal in lieu of said matter.

  1. The name of the foreign country.
  2. Information regarding the system for personal information protection in that foreign country.
  3. Information regarding the measures taken by the third party for the protection of personal information (if such information cannot be provided, the fact and the reason).

9.4 When the Company receives personal information from a third party, the Company will perform necessary confirmations in accordance with Article 30 of the Personal Information Protection Act, and will create and retain records pertaining to said confirmations.

10. Notification of Purposes of Use

When the Principal requests notification of the purposes of use of personal information based on the provisions of the Personal Information Protection Act, the Company will confirm that the request is made by the Principal him/herself and will notify the Principal without delay. However, this shall not apply if the Company is not obligated to notify under the Personal Information Protection Act or other laws and regulations. Please note that a fee of JPY 1,000 per request will be charged for the above notification.

11. Disclosure of Personal Information

11.1 When the Principal requests the disclosure of personal information based on the provisions of the Personal Information Protection Act, the Company will confirm that the request is made by the Principal him/herself and will disclose the personal information without delay (if such personal information does not exist, the Company will notify the Principal to that effect). However, this shall not apply if the Company is not obligated to disclose under the Personal Information Protection Act or other laws and regulations. Please note that a fee of JPY 1,000 per request will be charged for the above disclosure.

11.2 The provisions of the preceding paragraph (including the provisions concerning fees) shall apply mutatis mutandis to records concerning the provision to third parties created based on Article 9.4 and records concerning the receipt from third parties created based on Article 9.5, which pertain to personal information by which the Principal is identified.

12. Correction, etc., of Personal Information

When the Principal requests the correction, addition, or deletion (hereinafter referred to as “Correction, etc.”) of the content of personal information based on the provisions of the Personal Information Protection Act, on the grounds that the personal information is not true, the Company will confirm that the request is made by the Principal him/herself, conduct the necessary investigation without delay within the scope necessary to achieve the purpose of use, and based on the results, perform the Correction, etc., of the content of the personal information and notify the Principal to that effect (if the Company decides not to perform the Correction, etc., it will notify the Principal to that effect). However, this shall not apply if the Company is not obligated to perform Correction, etc., under the Personal Information Protection Act or other laws and regulations.

13. Suspension of Use of Personal Information, etc.

When the Principal requests the suspension of use or deletion (hereinafter referred to as “Suspension of Use, etc.”) of personal information based on the provisions of the Personal Information Protection Act for the following reasons: (1) the Principal’s personal information is handled beyond the scope of the pre-published purposes of use, or is used in a manner that may encourage or induce illegal or unjust acts, or the Principal’s personal information was acquired by deception or other dishonest means; (2) the Principal requests the suspension of provision (hereinafter referred to as “Suspension of Provision”) based on the provisions of the Personal Information Protection Act on the grounds that personal information is provided to a third party without the Principal’s consent; or (3) the Company no longer needs to use the Principal’s personal information, or a situation specified in the main text of Article 26, Paragraph 1 of the Personal Information Protection Act has occurred concerning the Principal’s personal information, or there is a risk that the Principal’s rights or legitimate interests will be harmed due to the handling of the Principal’s personal information, and if it is found that the request has a valid reason, the Company will confirm that the request is made by the Principal him/herself, and without delay perform the Suspension of Use, etc. or Suspension of Provision of the personal information, and notify the Principal to that effect. However, this shall not apply if the Company is not obligated to perform Suspension of Use, etc. or Suspension of Provision under the Personal Information Protection Act or other laws and regulations.

14. Provision of Personal Related Information to Third Parties

14.1 When it is expected that a third party will acquire personal related information (meaning information specified in Article 2, Paragraph 7 of the Personal Information Protection Act, limited to that which constitutes a personal related information database, etc. as specified in Article 16, Paragraph 7 of the same Act; hereinafter the same) as personal data, the Company will not provide such personal related information to said third party without prior confirmation of the following matters in accordance with the rules of the Personal Information Protection Commission, except for cases listed in each item of Article 5.1.

  1. That the Principal’s consent has been obtained for the third party to acquire personal related information provided by the Company as personal data that identifies the Principal.
  2. In the case of provision to a third party in a foreign country, when attempting to obtain the Principal’s consent as in the preceding item, that information about the personal information protection system in that foreign country, the measures taken by said third party for the protection of personal information, and other information that may be helpful to the Principal have been provided to the Principal in advance, in accordance with the rules of the Personal Information Protection Commission.

14.2 When the Company has provided personal related information to a third party pursuant to the preceding paragraph, the Company will create and retain records in accordance with Article 31 of the Personal Information Protection Act.

14.3 When the Company acquires personal related information as personal data from a third party, the Company will perform necessary confirmations in accordance with the Personal Information Protection Act, and will create and retain records pertaining to said confirmations.

15. Use of Cookies and Other Technologies

15.1 The Company’s services may use Cookies and similar technologies. These technologies help the Company understand the usage status of its services and contribute to service improvement. Users who wish to disable Cookies can do so by changing their web browser settings. However, disabling Cookies may prevent you from using some functions of the Company’s services.

15.2 The Company may use Google Analytics. Google Analytics may use Cookies and similar technologies for data collection. This data collection does not involve information that can be used or recognized as personal information. For information on how data is collected and processed by Google Analytics, please refer to [link to Google Analytics data privacy information]. Please note that the Company cannot be held responsible for the security of your personal information on other websites linked from the Company’s website.

16. Disclosures Regarding Information Transmission Command Communication (External Transmission)

The Company’s services that may be subject to external transmission regulations regarding information transmission command communication based on Article 27-12 of the Telecommunications Business Act, and the disclosure matters based on said regulations for those services, are as follows:

ServiceFunction or Service Using Information Transmission Command CommunicationUser Information TransmittedName of Transmission DestinationPurpose of Use (Company)Purpose of Use (Transmission Destination)
Google AnalyticsInternet communication standard system, device, network, communication-related information; Location information; Data on behavior on sites/apps; Data on viewed pages; User identifiers (cookies, device identifiers, etc.)Google LLC and its affiliated companiesFor analyzing user Browse trends and historyFor analyzing user Browse trends and history

17. Inquiries

For requests for disclosure, opinions, questions, complaints, and other inquiries regarding the handling of personal information, please contact the following:

Name and Address of Personal Information Handling Business Operator:
1 Kanayagawa, Fukushima City, Fukushima Prefecture 960-1296, Japan
Mu Lab, LTD.
Inquiry Contact: info@mu-lab.com

18. Continuous Improvement

The Company will periodically review the operational status regarding the handling of personal information and strive for continuous improvement, and may change this Privacy Policy as necessary.

[ Established on June 25, 2025 ]