This policy shall become effective on the date May 14, 2021

 

DIAS Privacy Policy

Japan Agency for Marine-Earth Science and Technology (hereinafter, the “DIAS Operator”) recognizes the importance of users’ personal information. This Privacy Policy is established as a basic policy for the DIAS Operator to acquire and use personal information of users in an appropriate and safe manner in relation to the provision of services (hereinafter, the “Services”) relating to the Data Integration and Analysis System (hereinafter, “DIAS”) operated by the DIAS Operator.
Please note that users located in the member states of the European Union, Iceland, Liechtenstein, Norway and the United Kingdom are also subject to the provisions of the “Handling of Data on Persons Located in the European Union, the European Economic Area and the United Kingdom” in addition to this Privacy Policy.

Article 1 Definitions

Unless otherwise defined, the terms used in this Privacy Policy shall be as defined in the following items as well as “DIAS Terms of Service”, the “Act on the Protection of Personal Information Held by Incorporated Administrative Agencies, etc. ” (Act No. 59 of 2003; hereinafter, the “Act”), various guidelines prescribed by relevant authorities and other related laws and regulations:

  • (1) “Data Provider”: A user of the Services who provides DIAS Datasets to other Users,
  • (2) “DIAS Account”: An account required for Users to use DIAS web-based Applications provided by DIAS, such as the DIAS download system and DIAS metadata management system, of the Services,
  • (3) “DIAS Analysis Environment Account”: User’s account required to log in to the DIAS analysis server or analysis cluster of the Services,
  • (4) “Personal Information”: Personal information prescribed in Article 2, Paragraph 2 of the Act,
  • (5) “Special Care-Required Personal Information”: Special Care-Required Personal Information prescribed in Article 2, Paragraph 4 of the Act; and
  • (6) “Personal Data”: Personal data prescribed in Article 2, Paragraph 2 of the Act.

Article 2 Compliance with Laws and Regulations

  1. When handling Personal Information, the DIAS Operator shall comply with the Act and other applicable laws and regulations as well as this Privacy Policy.
  2. The DIAS Operator shall not handle Personal Information beyond the extent necessary for the achievement of the purpose of use specified under Article 4 without the prior consent of the Users.

Article 3 Acquisition of Personal Information

  1. In providing the Services, the DIAS Operator shall acquire personal information of the Users by an appropriate method in order to use the information within the scope necessary to achieve the purpose of use under Article 4. The Personal Information to be obtained and the purpose of use thereof shall be as prescribed in the following Article.
  2. If obtaining Special Care-Required Personal Information, the DIAS Operator shall obtain the prior consent of the individual concerned except in cases permitted by laws and regulations to be treated as exceptions.

Article 4 Purpose of Use of Personal Information

The DIAS Operator shall handle the Personal Information of Users acquired within the scope necessary to achieve the following purposes. If any addition or change is made to the purpose of use to the extent reasonably deemed relevant to the purposes listed below, the DIAS Operator shall individually notify the Users or publish the purpose of use after such addition or change.

  1. The DIAS Operator will use the following information obtained, to create and manage accounts for the Users of the Services, to communicate maintenance and failures, to send notifications of events such as symposiums and workshops, to send out questionnaires and other information, and to understand and analyze the usage status in order to expand the Service to meet the needs of users:
    • (1) Information obtained when creating a DIAS Account
      •  E-mail address
      •  Password
      •  Name
      •  Country
      •  Organization name
      •  Phone number
      •  Field of interest
    • (2) Information obtained when creating a DIAS Analysis Environment Account
      •  E-mail address
      •  Name
      •  Organization name
      •  Department name
      •  Position
      •  Location
      •  Adviser
      •  Phone number
      •  Purpose of use (Details)
    • (3) Information obtained when using the Services
      •  Status of use of DIAS Datasets (type, number and size of datasets to be used)
      •  Status of use of DIAS analysis servers or analysis clusters
  2. For datasets that require applications to Data Providers when using them, the DIAS Operator will use the following information obtained, to determine whether the application is acceptable, to understand and analyze the usage status of the datasets after the approval of the application, and to communicate and provide guidance regarding the use of the datasets:
    • (1) Information obtained when applying for use of the datasets
      •  E-mail address
      •  Name
      •  Country
      •  Organization name/
      •  Department name
      •  Position
      •  Name, country, organization name, department name and position of the research collaborator
      •  Address
      •  Phone number
      •  Purpose of use (details)
      •  Research Plan (details)
    • (2) Information obtained when using the datasets
      •  Status of use of the datasets (type, number and size of datasets to be used)

Article 5 Provision of Personal Data to Third Parties

  1. In accordance with the provisions of the Act, the DIAS Operator shall not provide Personal Data of Users to third parties, except in the following cases:
    • (1) If the consent of the User is obtained,
    • (2) If Personal Data is provided under laws and regulations,
    • (3) If the provision of Personal Information is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the User,
    • (4) If the provision of Personal Information is particularly necessary for improving public health or promoting the sound growth of children and it is difficult to obtain the consent of the User, or
    • (5) If it is for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations and obtaining the consent of the person is likely to impede the execution of the affairs concerned.
  2. The DIAS Operator may provide Personal Data of the User to a third party in order to achieve the purposes of use stated in Article 4 with the consent of the User.
  3. If Personal Data is provided to or received from a third party, the DIAS Operator shall keep a record of necessary matters in accordance with the Act and keep the record for a period of time prescribed by the Rules of the Personal Information Protection Commission.

Article 6 Outsourcing of Handling of Personal Data

In addition to entrusting the acquisition and the management of the Personal Information described in Article 4 to the University of Tokyo and Kyoto University, the DIAS Operator may entrust all or part of the handling of the Personal Data of the Users to third parties to the extent necessary to achieve the purpose of use described in Article 4.

Article 7 Management of Personal Data

The DIAS Operator shall take necessary and appropriate measures for the prevention of leakage, loss, or damage and for other security control of Personal Information. The DIAS Operator shall strive to keep Personal Data it holds accurate and up to date within the scope necessary to achieve the purpose of use, and delete Personal Data without delay when the use becomes unnecessary.

Article 8 Disclosure, correction, and suspension of use of the Personal Information

If you wish to disclose, correct, or suspend the use of your personal information, please contact us at the address listed below:

The DIAS Secretariat
Yokohama Institute for Earth Sciences,
Japan Agency for Marine-Earth Science and Technology
Address: 3173-25, Showa-machi, Kanazawa-ku, Yokohama-city, Kanagawa, 236-0001, Japan
Email: dias-office@diasjp.net

* Any suggestions regarding the handling of Personal Data may also be addressed to the above contact information.

Article 9 Use in a Way that Cannot Identify the Individual

The DIAS Operator may use Personal Information in the form of statistical information or other information that cannot be used to identify individuals for the purpose of security control of Personal Information and improvement of the quality of the Services.

Article 10 Cookies

A cookie is an information file sent from the server to the User’s browser and stored on the User’s computer in order for the server to identify the User. The DIAS Operator uses cookies to statistically investigate and analyze the browsing status to improve the convenience of the Users of the DIAS website (hereinafter, the “Site”) and the Services. The Site and the Services collect information such as internet domain name, IP address, site browsing history, but excluding identifiable Personal Information.

The Services use Google Analytics to track usage of the Services. For more information, see “How Google Uses Information From Sites and Apps That Use Our Services.” You can also disable cookies by setting your browser. Disabling cookies does not affect the use of the Site or the Services.

Article 11 Review of Privacy Policy

The DIAS Operator may review and amend this Privacy Policy from time to time; provided, however, that changes in the purpose of use shall not exceed the extent that is reasonably considered to be related to the original purpose of use.

Article 12 With Respect to the Original

This Privacy Policy is prepared in Japanese, the Japanese version of which is the original. Translation of this Privacy Policy into any language other than Japanese is for reference purposes only, and if there is any inconsistency or conflict with the Japanese version, the Japanese version prevails.


Handling of Data on Persons Located in the European Union, the European Economic Area, and the United Kingdom

The handling of the information identifying or enabling the identification of persons located in the member states of the European Union, Iceland, Liechtenstein, Norway and the United Kingdom (hereinafter, collectively the “EU”) (hereinafter, “Data on Persons Located in the EU”) shall be subject to the General Data Protection Regulation (hereinafter, the “GDPR”) as well as the following provisions:

1. Controller

The DIAS Operator shall process the Data of Persons Located in the EU as a controller.

2. Acquisition of Data on Persons Located in the EU

In addition to the Personal Data listed in Article 4, the DIAS Operator shall use cookies listed in Article 10 to acquire Users’ information such as the browsing history of websites that provide the Services.

3. Purpose and legal basis for processing Data on Persons Located in the EU

The DIAS Operator shall process the Data on Persons Located in the EU for the purposes stated in Article 4 “Purpose of Use” respectively, in accordance with legitimate interests (Article 6(1)(f) of the GDPR), except the case the consent of the user will be obtained.

Japan has been certified as adequate for personal data protection by the European Commission as of January 23, 2019, but government agencies and independent administrative agencies, including the Japan Agency for Marine-Earth Science and Technology, are not covered. The DIAS Operator is subject to the Act and shall handle the personal data provided appropriately in accordance with the Act, various guidelines established by the competent authorities, and other related laws and regulations.

A User may withdraw this consent at any time, but the legality of the processing before the withdrawal shall not be affected.

4. Recipients of the Data on Persons Located in the EU

The DIAS Operator shall provide the Data on Persons Located in the EU with the third parties set out in Article 6. Although those parties are also not subject to the adequacy of personal data protection certification by the European Commission, the DIAS Operator shall take the measures described in Article 6 against the parties.

5. Retention period for the Data on Persons Located in the EU

The DIAS Operator shall maintain the Data on Persons Located in the EU to the extent necessary for the achievement of the purpose of processing such data. The specific retention period shall be determined considering the purpose, nature and legal or business needs of the acquisition and processing of the Data on Persons Located in the EU.

6. Exercise of Rights relating to the Data of Persons Located in the EU

Users have the right to obtain information about, access, correct or delete, restrict processing of, dispute, data portability, and not to be subject to automated decision making regarding the Data on Persons Located in the EU. The DIAS Operator shall not perform any automated processing, including profiling, of the Data on Persons Located in the EU. To exercise these rights, please contact us at the address specified in Article 8. Users may also file an objection with any competent data protection entity.