Unisis sometimes asks You* to provide Your personal information in various aspects of its business activities.
This Policy aims to set forth specific guidelines for processing personal data subject to the European Union’s General Data Protection Regulation (GDPR), in addition to Unisis’s general Privacy Policy.

*In this policy, the terms “You” and “Your” refer to you and Unisis’s business partners, visitors to the hospitals which are Unisis’s customers (e.g., patients), shareholders, job applicants, and its officers and employees (“Officers and Employees”).

Unisis sometimes acquires Your personal information directly from You, Unisis’s affiliates, or Unisis’s business partners.

The legal basis for Unisis to process Your personal information is as follows.

Personal Information of You and Unisis’s Business Partners
You have given consent to the processing of personal information by Unisis (GDPR point (a) of Article 6(1))
Processing is necessary for Unisis to perform contracts with You or take steps to enter into such contracts (GDPR point (b) of Article 6(1))
Processing is necessary for compliance with a legal obligation to which Unisis is subject (GDPR point (c) of Article 6(1))
Processing is necessary for the purposes of the legitimate interests pursued by Unisis (GDPR point (f) of Article 6(1))
The legitimate interests include business interests, including our products and services.

Personal Information of Visitors to the Hospitals which are Unisis’s Customers (e.g., Patients)
Patients, etc. have given explicit consent to the processing of personal information by Unisis (GDPR point (a) of Article 6(1) and point (a) of Article 9(2))
Processing is necessary for compliance with a legal obligation to which Unisis is subject (GDPR point (c), (e), and (f) of Article 6(1), as well as (i) and (j) of Article 9(2))
Processing is necessary for scientific research by Unisis (GDPR point (f) of Article 6(1) and point (j) of Article 9(2))

Personal Information of Job Applicants and Internship Applicants
Applicants have given consent to the processing of personal information by Unisis (GDPR point (a) of Article 6(1))
Processing is necessary for Unisis to perform contracts with applicants or take steps to enter into such contracts (GDPR point (b) of Article 6(1))
Processing is necessary for compliance with a legal obligation to which Unisis is subject (GDPR point (c) of Article 6(1), as well as (b) and (h) of Article 9(2))
Processing is necessary for the legitimate interests pursued by Unisis (GDPR point (f) of Article 6(1))
The legitimate interests include business interests, including evaluation of job applicants and internship applicants.

Personal Information of Officers and Employees (Including Ex-Officers and Ex-Employees) and Members of Their Families
Officers and Employees have given consent to the processing of personal information by Unisis in limited cases (GDPR point (a) of Article 6(1))
Processing is necessary for Unisis to perform contracts with Officers and Employees or take steps to enter into such contracts (GDPR point (b) of Article 6(1))
Processing is necessary for compliance with a legal obligation to which Unisis is subject (GDPR point (c) of Article 6(1), as well as (b) and (h) of Article 9(2))
Processing is necessary for the legitimate interests pursued by Unisis (GDPR point (f) of Article 6(1))
The legitimate interests include business interests, including evaluation of officers.

If the legal basis for Unisis to process personal information is consent, You may withdraw consent at any time. If You wish to withdraw consent, please contact us through Contact Point below. Unisis processes personal information for legitimate interests only if Your fundamental rights and interests do not override the said legitimate interests.

Unisis will use Your personal information in accordance with its Internal Rules within the scope necessary to achieve the purposes (“II. Purposes of Use of Personal Information”).
Unisis will make its best efforts to ensure that an appropriate level of personal information protection is maintained in handling personal information within Unisis and to ensure Unisis handles personal information at the same level of protection.

Business Partners
Unisis sometimes provides Your personal information to Business partners within the scope necessary to achieve the purposes (“II. Purposes of Use of Personal Information”) for which the information is used.

Contractors
Unisis sometimes provides Your personal information to contractors such as recruiting agencies, etc. within the scope necessary for conducting the services outsourced in various aspects of its business activities.
Unisis requires the said contractors to appropriately process personal information based on GDPR and supervises these contractors.

The aforementioned provision includes transferring Your personal information from the EU to third countries outside the EU. In such cases, Unisis will enter into an agreement containing the standard data protection clauses approved by the European Commission with the contractor and make its best efforts to ensure that the contractor processes the personal information in compliance with the clauses and maintains an appropriate level of personal information protection.

Personal information is archived for the period necessary to achieve the purpose for which the information is collected.

This Policy was established on April 1, 2023. Unisis will review this Policy as appropriate to improve the protection of personal information. If such review requires amendments to this Policy, Unisis will publish an amended version of this Policy on this website.