- Services
- Use Cases
Use Cases by Objective
New Approach List
Group Strategy
Digital
Marketing
Client Information Registration
Data Cleansing
Corporate Attribute Analysis
SFA/MA Activation
Business Card Data Integration
Credit & Client Screening
Use Cases by Department
Sales Department
Inside Sales
Department
Marketing &
Corporate Planning Department
Information Systems Department
Administrative Department
Use Cases by Tool
- Case Studies
- Seminars/Exhibitions/User Study Sessions
- News
- IR Information
- Company Information
- Site Search
-
Meeting Sonar
- Download Resources
- Contact Us
- For Urgent Inquiries, Please Call03-5388-7000Business Hours: 10:00 AM - 5:00 PM (Closed on Weekends and Holidays)
Security Policy
uSonar has established an advanced security framework to protect our vast database.
Organizational Security Management Measures
We have appointed a person responsible for the handling of personal information, clarified the scope of employees who handle personal information and the personal information they manage, and established a reporting and communication system to the responsible person in the event that any facts or signs of violations of the Personal Information Protection Act or internal personal information handling regulations are identified.
-
Establishment of Organizational Structure
To ensure the secure management of personal information, we have designated a Chief Privacy Officer (CPO), audit managers, and various operational managers, clearly defining their responsibilities and roles. -
Development and Implementation of Compliance Programs (Personal Information Protection Regulations)
We have established a compliance program as a code of conduct for personal information protection (including provisions based on the determination that Japan ensures an adequate level of protection for personal information in accordance with GDPR). We conduct regular education and training for all individuals engaged in uSonar business operations to ensure thorough awareness and promote a culture of compliance. -
Means to Monitor the Handling Status of Entrusted Data
We have built a system that centralizes the status of data handling by utilizing an entrusted media management ledger. When receiving data, we issue a "Customer Information Custody and Return Receipt," store the data on servers with restricted access, and manage physical media under lock and key. -
Evaluation, Review, and Improvement (Establishment and Operation of the Security Center)
We have assigned personnel responsible for personal information and, through our Security Center (Management Committee chaired by Representative Director Nami Fukutomi), we execute ongoing evaluations, reviews, and improvements. -
Response to Accidents or Violations
In the unlikely event that an accident or violation is discovered, we have established a workflow within the Security Center to conduct fact-finding investigations, determine root causes, identify the scope of impact, consider and implement recurrence prevention measures, and take appropriate corrective actions.
Human Security Management Measures
We conduct regular training for employees regarding important considerations for handling personal information and include provisions concerning the confidentiality of personal information in our employment regulations. We implement human security management measures by requiring employees to sign non-disclosure agreements regarding personal information designated as business secrets and by providing ongoing education and training.
- Execution of Pledges with Employees at the Time of Hiring
All employees, temporary staff, and part-time workers at uSonar are required to sign a confidentiality pledge. Furthermore, we require a family member to act as a joint guarantor. - Execution of Contracts with External Vendors During Outsourcing
When outsourcing the handling of personal information to companies such as direct mail distributors or data entry firms, we select providers that maintain a high level of information security and personal information protection systems. As part of our selection process, we have established internal criteria for selecting contractors, maintain investigation records, and clarify the responsibilities (and criteria for exemption) of the contractor through business outsourcing agreements, which include provisions for confidentiality, sub-contracting, division of responsibility in the event of an accident, and the return or deletion of personal information upon contract termination. - Implementation of Awareness, Education, and Training on Internal Regulations for Employees
uSonar conducts personal information protection training as part of its onboarding programs for new hires, mid-career recruits, part-time staff, and advisors. For all uSonar employees, we provide ongoing updates at least once a year regarding internal compliance programs, personal information protection training manuals, revisions, and legal updates to ensure full awareness. - Analysis of Employee Psychological Well-being
We utilize text mining to extract and analyze the psychological state of employees based on their daily reports, measuring levels of negativity and positivity. - Special Management of Temporary Staff
Since temporary staff have different employers, we set their security access levels lower than those of regular employees, ensuring they are physically and technically restricted from accessing personal information. - Fair Evaluation and Self-Reporting System
We strive to maintain employee motivation by ensuring fair evaluations and utilizing systems such as self-reporting. - Prevention of Unauthorized Customer Data Manipulation by Individuals
We have established a system that prevents any single operator from extracting highly confidential personal information, requiring at least two individuals to perform such tasks.
Physical Security Management Measures
We implement physical security management measures, including access control for buildings and rooms, and safeguards against the theft of personal information, to prevent unauthorized access, loss, destruction, tampering, or leakage of data.
- Building and Room Access Control
We have implemented an access control system for all doors using employee ID cards, allowing us to manage entry and exit logs and restrict access accordingly. -
Prevention of Theft and Other Incidents
• Surveillance Cameras
Surveillance cameras monitor for unauthorized intruders and illicit activities 24 hours a day, 365 days a year. Recorded image data is retained for a minimum of three months to maintain a comprehensive security history.• Electronic Media Lock Management
In addition to physical locking, access to areas containing storage cabinets is restricted via an entry/exit management system.• After-Hours and Holiday Support
We implement 24/7/365 security through a combination of building security personnel, surveillance cameras, and entry/exit monitoring equipment.• Prohibition of Removing Equipment Such as PCs from the Office
Removing equipment such as PCs from the office is prohibited. As an exception, removal is permitted only after following the application and approval procedures designated by the CIO.• Implementation of Personal Belongings Inspections
By conducting random inspections of personal belongings, we regularly check that unauthorized personal PCs, storage media, smartphones not previously registered, or sharp objects and hazardous materials are not brought into the office.
Technical Security Management Measures
We have implemented mechanisms to protect information systems that handle personal information from unauthorized external access or malicious software.
- Identification and Authentication for Data Access
For all terminals, we maintain logs in real-time detailing who performed what operations, when, and how. -
Access Control
• Login Control
uSonar grants access to personal information only to specific employees with authorized privileges. Data is not duplicated, and access logs are stored and monitored. Furthermore, at uSonar, each individual sets their own password for logging into their personal terminal. Electronic documentation is managed on a shared server, with access control implemented at the folder level within the system.• ID Management and Deletion
We immediately execute changes or deletions of privileges, such as IDs and entry/exit cards, for employees who have transferred or resigned. -
Software Security Measures
Malware Protection
To address both known and unknown malware, we have deployed multiple security software solutions across all terminals.Blacklisting
Each user is granted only standard user privileges on their terminal and is restricted from installing applications. We maintain a blacklist of unauthorized software and implement controls to prevent such applications from launching, even if they are inadvertently installed. - Data Transfer and Transmission Security
Confidential information transmitted via the uSonar network or the internet is encrypted using TLS and requires approval from a designated administrator before transmission. When files are sent via email attachments, an automatic BCC function notifies supervisors. Furthermore, designated personnel conduct periodic reviews to ensure that all transmissions are appropriate. - Implementation of VDI (Virtual Desktop Infrastructure)
By utilizing VDI, we ensure that no data remains on individual client terminals, including laptops. Consequently, there is no need to implement specific measures for data extraction methods such as USB drives or Bluetooth. - Third-Party Security Audits
We conduct regular security inspections and information leakage checks. As a result, our security framework at uSonar has been evaluated as robust.
Other security measures are not disclosed for security reasons. For further details, please contact us, and we will provide an explanation as necessary.
Formulation of Personal Information Protection Policies and Establishment of Regulations for Handling Personal Information
- • To ensure the appropriate handling of personal information, we have established regulations regarding compliance with relevant laws, guidelines, and the establishment of contact points for inquiries and complaints, as well as procedures for acquisition, usage, and storage.
- • We have established regulations regarding handling methods, designated personnel, and their responsibilities for each stage of the process, including provision, deletion, and disposal.
ISO Certification
uSonar has obtained three ISO certifications.
-
Information Security Management System - ISO/IEC 27001:2013
Certification Registration Number: IS 696370 Certification Date: 2018/09/25 -
ISMS Cloud Security - ISO/IEC 27017:2015
Certification Registration Number: CLOUD 731975 Certification Date: 2020/11/04 -
Management System for Protection of PII in Public Clouds Action as PII Processors - ISO/IEC 27018:2019
Certification Registration Number: PII 731976 Certification Date: 2020/11/04
Partially Revised on 2021/12/15
2022/07/19 Changed company name from Landscape Co., Ltd. to uSonar Co., Ltd.
