eSolia symbol logo on IT Tips Blog
JP

Data Protection

Our commitment to protecting your personal data

Updated: 1 November 2025

eSolia Inc. is committed to protecting your personal data and respecting your privacy rights. This page outlines our data protection practices and your rights under applicable privacy laws.

Our Data Protection Principles

We follow these core principles in all our data handling:

Lawfulness, Fairness, and Transparency

  • We process personal data lawfully and fairly
  • We are transparent about how we collect and use your data
  • We provide clear information about our data practices

Purpose Limitation

  • We collect data for specific, explicit, and legitimate purposes
  • We do not use data for purposes incompatible with the original purpose
  • We clearly communicate why we need your information

Data Minimization

  • We only collect data that is necessary for our stated purposes
  • We avoid collecting excessive or irrelevant information
  • We regularly review what data we hold and delete what’s no longer needed

Accuracy

  • We take reasonable steps to ensure personal data is accurate
  • We provide ways for you to update or correct your information
  • We promptly correct any inaccuracies we become aware of

Storage Limitation

  • We only keep personal data as long as necessary
  • We have clear retention policies and deletion schedules
  • We securely delete data when it’s no longer needed

Integrity and Confidentiality

  • We implement appropriate technical and organizational security measures
  • We protect data against unauthorized access, loss, or damage
  • We train our staff on data protection requirements

Your Rights

Under applicable data protection laws, you have several rights regarding your personal data:

Right to Information

  • You have the right to know what personal data we hold about you
  • You can request details about how we use your data
  • We provide this information free of charge

Right to Access

  • You can request a copy of the personal data we hold about you
  • We will provide this in a commonly used electronic format
  • We respond to requests within one month

Right to Rectification

  • You can ask us to correct inaccurate personal data
  • You can request that incomplete data be completed
  • We will make corrections promptly

Right to Erasure (“Right to be Forgotten”)

  • You can request deletion of your personal data in certain circumstances
  • This includes when data is no longer necessary for its original purpose
  • We will assess each request according to legal requirements

Right to Restrict Processing

  • You can ask us to limit how we use your personal data
  • This may apply while we investigate a complaint or accuracy concern
  • We will inform you before lifting any restrictions

Right to Data Portability

  • You can request your data in a structured, machine-readable format
  • You can ask us to transfer data directly to another organization
  • This applies to data you provided with your consent

Right to Object

  • You can object to processing based on legitimate interests
  • You can object to direct marketing at any time
  • We will stop processing unless we have compelling legitimate grounds

We process personal data based on the following legal grounds:

Consent

  • When you explicitly agree to data processing
  • You can withdraw consent at any time
  • Withdrawal doesn’t affect the lawfulness of previous processing

Contract Performance

  • When processing is necessary to fulfill our service obligations
  • This includes providing requested IT services or support
  • Processing necessary for pre-contractual steps

Legal Obligations

  • When we must process data to comply with legal requirements
  • This includes tax, accounting, and regulatory obligations
  • We only process what’s necessary for compliance

Legitimate Interests

  • When processing serves our legitimate business interests
  • We balance our interests against your rights and freedoms
  • You have the right to object to this type of processing

International Data Transfers

If we transfer your personal data outside your country, we ensure appropriate safeguards:

Adequacy Decisions

  • We may transfer to countries with adequate data protection laws
  • These are recognized by relevant data protection authorities
  • No additional safeguards are required

Standard Contractual Clauses

  • We use approved standard contractual clauses for other transfers
  • These provide equivalent protection to your home country’s laws
  • They include binding obligations on data recipients

Other Safeguards

  • We may use binding corporate rules or approved codes of conduct
  • We assess the security of the destination country
  • We implement additional technical and organizational measures as needed

Data Breaches

In the unlikely event of a data breach:

Internal Response

  • We have procedures to detect, investigate, and respond to breaches
  • We assess the risk to individuals and take appropriate measures
  • We document all breaches and our response actions

Regulatory Notification

  • We notify relevant supervisory authorities within 72 hours when required
  • We provide details about the breach and our response measures
  • We cooperate fully with any regulatory investigations

Individual Notification

  • We notify affected individuals when there’s a high risk to their rights
  • We provide clear information about the breach and protective measures
  • We offer support and guidance to affected individuals

Exercising Your Rights

To exercise any of your data protection rights:

Contact Methods

  • See contact information below

What to Include

  • Clear description of your request
  • Proof of identity (to protect your data)
  • Specific information about the data involved (if applicable)

Our Response

  • We respond to requests within one month
  • We may extend this by two months for complex requests
  • We explain any delays and provide regular updates

Complaints

If you’re not satisfied with our response to your data protection concerns:

Supervisory Authority

  • You have the right to lodge a complaint with your local data protection authority
  • In Japan, this is the Personal Information Protection Commission
  • In the EU, contact your national data protection authority

Changes in this Policy

We reserve the right to update this data protection policy at any time. Changes will be announced in the “updates” section on the top page of this website, and the latest update date will be shown at the top of this page.

Cookie Policy Disclaimer

Get in Touch

If you have any questions or inquiries about this page, don't hesitate to contact us.

Headquarters

Shiodome City Center 5F (Work Styling)

1-5-2 Higashi-Shimbashi, Minato-ku, Tokyo, Japan, 105-7105

Email
hello@esolia.co.jp
Telephone
+81-3-4577-3380
Fax
Fax +81-3-4577-3309