GDPR Privacy Policy

Please take the time to read and understand these GDPR Privacy Policy.

  M-cast, Inc.(hereinafter the “Company” or “we”) in connection with the provision of the our service (the “Service”) to customers (the “Customers”) in the European Economic Area (the “EEA”, and the countries that are members of the EEA are individually or collectively referred to as “EEA member countries”), the Company shall comply with the EU General Data Protection Regulation (the “GDPR”), the GDPR guidelines, the applicable national laws, guidelines, etc. (“applicable laws”), and therefore hereby establishes this GDPR Privacy Policy in order to appropriately process the personal data of Customers in the EEA.
1. Processing Personal data
(1) Definitions
“Personal data” means any data relating to an identified or identifiable natural person, including, without limitation, Customers’ names, addresses, dates of birth, telephone numbers, e-mail addresses.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(2) Types of personal data to be acquired
The types of personal data to be acquired will be specified prior to the provision of the Service by the Company.
(3) Purposes of use of personal data
The Company will collect personal data for the following purposes of use:
(i) to set up Customers’ accounts;
(ii) to provide Services to Customers;
(iii) to improve and develop Services; and,
(iv) to conduct other activities related to Services.
The Company will process the personal data only within the scope of the purposes of use.
In the case of processing the Customers’ personal data for purposes other than the above, the Company will notify Customers in advance of such new purposes of use and other matters as required by applicable laws.
By manifesting their intention to consent to GDPR Privacy Policy, Customers will be deemed to have consented to the processing of their personal data by the Company within the scope of the above purposes of use, and the Company will process the Customers’ personal data based on such Customers’ consent; provided, however, that Customers may withdraw such consent at any time. Even in that case, this will not affect any legitimate processing performed pursuant to consent before the Customers’ withdrawal thereof.
The personal data that Customers are to provide is necessary in order for the Company to provide the Service to the Customers, and there may be cases in which Customers who have not provided such data will be unable to use Service.
(4) Retention Period
The Company will retain the Customers’ personal data as long as the Company requires such data for achieving the purposes of use specified in 1(3) above, but will promptly delete the same in the case that such data is no longer necessary.
(5) Transfer
The Company may provide the Customers’ personal data to third parties such as the subsidiaries and affiliates of the Company, cloud vendors and outside contractors of the Company, etc., to implement the purposes of use specified above. Countries located outside the EEA (including, without limitation, Japan, the same shall apply hereafter) are among the third parties to whom the Company will disclose the Customers’ personal data and the Customers shall be deemed to have consented to the following matters by consenting to this GDPR Privacy Policy:
(a) In the case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as the EEA, i.e., many of the rights provided to data subjects in the EEA are not given;
(b) The Customers’ personal data will be provided and processed for the purposes specified in 1(3) above by third parties outside the EEA; and
(c) The Customers’ personal data will be provided to third parties located outside the EEA.
In addition to the above, in the case that the Company provides the Customers’ personal data to a third party located in a country outside the EEA, the Company will ensure that adequate measures are taken concerning the protection of the Customers’ personal data by executing standard contract clauses based on the GDPR, etc.
(6) Rights of Customers
The Customers may request from the Company access to, rectification or erasure of, and restriction of processing of their personal data, may object to the processing of the Customers’ personal data, and may request data portability. The Company accepts such Customers’ requests at the contact point set forth in “2. Contact” below.
The Company may refuse the Customers’ requests if the Company deems that there is no basis for such Customers’ requests or if they are deemed excessive.
The Customers may raise objections with the data protection authorities having jurisdiction over the location of the Customers’ domicile with regard to the processing of their personal data.
2. Contact
In the event of Customers having any questions or concerns regarding this GDPR Privacy Policy or the processing of personal data by the Company, or having any requests concerning the access to, rectification of, erasure of, or restriction of processing of personal data, or regarding data portability, they are requested to please contact the Company.
The contact information for the Company is as follows:

M-cast, Inc.
Overseas Sales
4F, 2-3-15 Shinsuna, Koto-ku, Tokyo 136-0075 Japan
Tel: +81-3-6675-9925