Privacy Policy(Holoeyes MD Service)

Holoeyes Inc.  (hereinafter referred to as “the Company”) , regarding Holoeyes MD Business which is the services operated and provided under the service name "Holoeyes MD", in recognition of the importance of protecting customers' personal information, strictly complies with the provisions of Taiwan’s Personal Data Protection Act (hereinafter referred to as the “Personal Data Protection Act”) and other related laws and regulations, and strives to properly handle and protect customers’ personal information (meaning personal information as defined in Article 2, Paragraph 1 of the Personal Data Protection Act, and the same hereinafter) and other information, in accordance with this Privacy Policy (hereinafter referred to as “Privacy Policy”).

The definitions of terms used in this Privacy Policy will be as per those stipulated in the Terms of Use established by the Company regarding Holoeyes MD Service (the “Service”) provided by Company (hereinafter referred to as “Terms of Use”), except where otherwise provided for in this Privacy Policy.

1. Collection of Information
In order for customers to use this Service, the Company will collect personal and other information (including, but not limited to, DICOM Data, Image Data, user-provided data, and MR Capture Data, these hereinafter being referred to as “Personal Information, etc.” along with personal information) from customers, within the scope required for business, and not to exceed the necessary scope of purposes of the collection and use, and by lawful and fair means (including, but not limited to, written documents, e-mails, website screens and oral reports), without recourse to any false or improper means.
(2) Where the Company collects customers’ personal information, the Company shall, at least, notify customers of the following matters or those if equivalent nature in writing or through alternative procedure.
① The name of the Company, and the Company’s Alliance Partners whom are shared with information.
② The purpose of the collection and the use of personal information.
③ The categories of personal information.
④ The time period, territory, recipients, and methods of which personal information is used.
⑤ The right to make an inquiry of personal information and the consequences of its disclosure, the right to request a copy of personal information, the right to supplement or correct personal information, the right to demand the cessation of the collection, processing or use of personal information, and the right to erase the personal information, including but not limited to the methods for exercising such rights.
⑥ Customers' rights and interests that will be affected if customers elect not to provide personal information.

2. Purpose of Use of Personal Information, etc.
The Company will use customers’ Personal Information, etc., for the following purposes.
(1) For the registration acceptance, customers’ authentication of the Service, and other aspects related to the start, provision, maintenance, protection, and improvement of the Service.
(2) For the creation of DICOM Data, Image Data, MR capture data, and other data necessary for the provision of the Service.
(3) For questionnaire surveys relating to the Service.
(4) For the provision of the Service as well as its maintenance and any support relating thereto.
(5) For the confirmation of the condition of the Service after use.
(6) For announcements by email or other methods concerning other services provided by the Company or other parties, as well as business activities and marketing activities related thereto.
(7) Marketing, research and analysis for the purpose of improving and enhancing the quality of the Service.
(8) Responses to queries, etc., to the Company.
(9) Responses to actions that are in breach of the Privacy Policy, the Terms of Use for the Service, and other regulations related to Service of the Company (hereinafter collectively referred to as “Terms”).
(10) Notification of changes to the Terms or other important information.
(11) Other uses reasonably considered necessary for the provision of other Services by the Company.

3. Change in the Purposes of Use of Personal Information, etc.
The Company may change the purposes of use of Personal Information, etc., described in the preceding Article, to the extent it may reasonably be recognized that there is considerable relevance to the original purposes of use, with said changes notified to the customer or announced publicly in a manner separately specified by the Company.

4. Restrictions on Use of Personal Information, etc.
Except where permitted by the Personal Data Protection Act and other related laws and regulations, the Company shall not handle any Personal Information, etc., in excess of the scope required to achieve the purposes of use described in Article 2, above, without the consent of customers. However, this shall not apply in the following cases.
(1) When acting in accordance with pertinent laws and regulations.
(2) When preventing harm on life, body, freedom, or property of the data subject.
(3) When necessary for furthering public interests.
(4) When preventing material harm on the rights and interests of others.
(5) When necessary for statistics gathering or academic research by a government agency or an academic institution for public interests; provided that such data, as provided by the data provider or disclosed by the data collector, may not lead to the identification of a specific data subject.
(6) When consent has been given by the data subject.
(7) When it is for the data subject's rights and interests.

5. Secure Management of Personal Information, etc.
The Company exercises the necessary and appropriate supervision of its employees in order to ensure that Personal Information, etc., is managed securely against the risk of being lost, damaged, falsified or leaked. Further, when the handling of all or part of Personal Information, etc., is to be entrusted to another party, the Company exercises the necessary and appropriate supervision of said party, in order to ensure that the Personal Information, etc. is managed securely.

6. Provision of Personal Information to Third Parties
Except where disclosure is permitted by the Personal Data Protection Act and other related laws and regulations (i.e., except for cases indicated in Article 4 hereunder), the Company will not provide personal information to any third party without the prior consent of customers.

7. Shared Use of Personal Information
In order to provide the Service to customers, the Company may share the use of customers’ personal information, among alliance partners connected with the Service, within the scope required to achieve the purposes of use described in Article 2. In such cases, the Company will publicly announce in advance the names of the alliance partners, the purposes of shared use, the shared use information items and the names of persons responsible for the management of shared use information.

8. Creation and Use of Statistical Data
Based on Personal Information, etc., collected from customers, the Company may sometimes create statistical data relating to Personal Information, etc., in a manner that cannot identify specific individuals, and with necessary measures in place to prevent said Personal Information, etc from being restored to its original format. The Company shall properly use and provide said statistical data to third parties in accordance with the provisions of the Personal Data Protection Act.

9. The Entrusting of Personal Information, etc.
The Company may entrust all or part of the handling of Personal Information, etc., obtained from customers to third parties. In such cases, the company selects subcontractors recognized as being able to handle Personal Information, etc., properly, and concludes a confidentiality agreement with the subcontractor that in compliance with this Privacy Policy in advance, and also conducts necessary and appropriate supervision of the subcontractor, in order to ensure that Personal Information, etc., is managed properly.

10. Disclosure of Personal Information
When the Company is requested by customers to disclose personal information (including records on a third-party provision, hereinafter the same shall apply in this article) pursuant to the provisions of the Personal Data Protection Act, the Company shall disclose such personal information to customers without delay after confirming that the request has been made by customers themselves (in the event that such personal information does not exist, the Company shall notify to that effect). However, this provision shall not apply to cases where the Company is not obligated to disclose such information under the Personal Data Protection Act or other laws and regulations. In addition, customers may choose the methods of disclosure either sending a written document or sending an e-mail to the e-mail address designated by customers. (In cases where the contents to be disclosed are video or audio data, the method of disclosure may be determined separately by the Company. In cases where disclosure by providing an electromagnetic record would require a large amount of cost, or in other cases where disclosure by such method is difficult, the Company will notify customers to that effect without delay and disclose the information in writing.)

11. Correction of Personal Information, etc.
Upon receipt of a request from customers for correction, addition or deletion (hereinafter referred to generally as “Corrections, etc.”) of the content of personal information in accordance with the provisions of the Personal Data Protection Act, owing to said personal information being incorrect, and after having confirmed that the request is indeed from customers in question (including the confirmation of the identity and authority of the agent in the case of application by an agent), the Company shall, without delay, investigate to the extent necessary to achieve the purposes of use described in Article 2, above, and carry out any necessary Corrections, etc., based on the results of the investigation, and notify customers to that effect (or to the effect that it has been judged that Corrections, etc., will not be carried out, should that be the case). Note, however, that this shall not apply where the Company has no obligation to make Corrections, etc., in accordance with the provisions of the Personal Data Protection Act and other related laws and regulations, or where the same or similar requests have been made repeatedly without justifiable reason, or where said Corrections, etc., would entail excessive technical work.

12. Deletion and Suspension of Use of Personal Information
In the event that customers request the deletion or suspension of use of their personal information (hereinafter referred to as "Suspension of Use, etc.") under the provisions of the Protection of Personal Information Acts or requests the suspension of provision of their personal information to a third party (hereinafter referred to as "Suspension of Provision"), the Company shall confirm that the request is made by customers themselves (including the confirmation of the authorized representative if this request is made by a representative), delete/suspend the use of their personal information or suspend the provision of their personal information without delay, and notify customers accordingly. Provided, however, that this provision shall not apply in the event that the Company is not responsible for the Suspension of Use, etc. or Suspension of Provision under the Personal Data Protection Act or other laws and regulations or in the event that the requests for the Suspension of Use, etc. or Suspension of Provision of the same or similar content without justifiable grounds are repeated, or in the event that excessive technical work is required for the Suspension of Use, etc. or Suspension of Provision.

13. The Use of Cookies and Other Technologies
The Service may use Cookies or similar technologies from time to time. These technologies are helpful in allowing the Company to ascertain the usage status of the Service, and contribute to the improvement of the Service. If customers wish to disable Cookies, they may do this by changing the settings of their browser. Note, however, that some parts of the Service may not function if Cookies are disabled.

14. Inquiries
With respect to requests for disclosure, etc., comments, questions, complaints, and other inquiries regarding the handling of Personal Information, etc., please use the following contact method:

Holoeyes Inc.
#303 Mourin Bldg., 2-17-3 Minami Aoyama, Minato-ku, Tokyo 107-0062
Email: info[at]holoeyes.jp Attention: Personal Information Protection Desk
(When sending emails, please replace [at] with an @ mark)
(Reception hours: 10 a.m. to 6 p.m. on weekdays)

15. Procedures for Changing the Privacy Policy
The Company will update the Privacy Policy as necessary. However, in the event any changes of the Privacy Policy require the consent of users by law, the updated Privacy Policy will only apply to users who have consented to the update in the manner prescribed by the Company. Furthermore, if the Company updates the Privacy Policy, the Company will announce or notify users of the effective date and the content of the updated Privacy Policy by displaying it on the Company's website or by other appropriate means.

Establishment: April 1, 2020
Amendment: April 1, 2022
Amendment: March 6, 2023