Privacy Policy

Rapidus Corporation (the “Company”) hereby establishes the following privacy policy (this “Privacy Policy”) in order to establish a strict and appropriate management system to protect personal information handled in the course of its business operations. All officers and employees of the Company shall strive to properly handle, manage, and maintain personal information in accordance with this Privacy Policy. In addition, the Company shall review its personal information protection operations in a timely and appropriate manner and continually work to improve them, taking into account changes in the environment surrounding the Company and the actual circumstances. Accordingly, this Privacy Policy is subject to change or amend from time to time, and the changes or amendments shall become effective from the time they are posted on the Company’s website.

Atsuyoshi Koike
CEO
Rapidus Corporation


  1. Business name, address, and name of representative
    Rapidus Corporation
    4-1 Kojimachi, Chiyoda-ku, Tokyo
    Representative Director: Atsuyoshi Koike
  2. Person in charge of personal information management
    Chief Privacy Officer of the Company
  3. Compliance with relevant laws, regulations, and guidelines
    The Company shall, in handling personal information, comply with the Act on the Protection of Personal Information (Act. No. 57 of 2003; the “Personal Information Protection Act”), cabinet orders and regulations regarding the Personal Information Protection Act (collectively with the Personal Information Protection Act, “Personal Information Protection Laws”), guidelines regarding the Personal Protection Information Act (general rules, pseudonymized personal information and anonymized personal information, confirmation and recording obligations when providing to third parties, provision to third parties in foreign countries, authorized personal information protection organizations, etc.), and other laws, regulations, and guidelines, etc. relating to the Company’s business, and shall handle personal information as follows.
    Unless otherwise defined, this Privacy Policy uses the terminology set forth in the Personal Information Protection Laws.
  4. Scope of applicability
    This Privacy Policy applies to all personal information handling of the Company and to all products and services of the Company; provided, however, that where the handling of personal information is separately stipulated in individual rules or agreements, such rules or agreements shall prevail over this Privacy Policy.
  5. Acquisition and use of personal information
    The Company shall acquire personal information by lawful and proper means upon publicly announcing (including public announcement of this Privacy Policy) or giving notice of the purpose of use of the personal information it is handling. In addition, when acquiring personal information directly from the identifiable person in writing or by electromagnetic means, the Company shall clearly state the purpose of use before acquiring the personal information.
    When handling sensitive personal information, the Company shall, except when otherwise permitted by laws and regulations, obtain the prior consent of the identifiable person.
    The Company shall utilize personal information in a proper manner within the scope necessary to achieve the purpose of use.
  6. Purpose of use of personal information
    • Personal information acquired for the provision, development, etc. of the Company’s products and services (use of personal information for the purposes of this section includes provision to third parties):
      • Implementation of transactions and provision of products and services related to semiconductors manufactured and sold by the Company;
      • Development of products and services;
      • Provision of products and services related to marketing;
      • Management of business partners, partner companies, and subcontractors (including potential partners);
      • Management of entry into and exit from the Company’s facilities (including the use of fingerprints and other biometric authentication information for entry and exit management);
      • Management of patents and other intellectual properties;
      • Response to inquiries, etc.;
      • Corporate governance, risk management, compliance management, trade management, and internal surveys related thereto;
      • Confirmation of health status to prevent infectious diseases;
      • Information entrusted by another company and managed; and
      • Other acts necessary for the Company’s business.
    • Personal information acquired in connection with recruitment and employment at the Company:
      • Sending of documents, interview schedule coordination, and other various communications with applicants or candidates for recruitment (collectively, “Applicants”);
      • Evaluation of Applicants’ skills, qualifications, and suitability for roles and implementation other aspects of the recruitment process;
      • Pre-employment screening (including background checks; also, including provision to third parties with respect to this item);
      • Management of Applicants and recipients of provisional job offers;
      • Other necessary actions regarding recruitment or hiring; and
      • Post-hiring personnel and labor management.
    • Personal information concerning employees and their family members acquired after hiring (use of personal information for the purposes of this section includes provision to third parties):
      • Personnel and labor management;
      • Payment of compensation, salary, bonuses, etc.;
      • Procedures for social insurances, tax, etc.;
      • Communication and provision to labor unions, health insurance associations, corporate pension funds, affiliated companies, secondment companies, etc.;
      • Procedures at the time of retirement or resignation;
      • Communication and provision in emergencies, etc.;
      • Notifications and reports to government offices, public institutions, etc.;
      • Notifications, reports, and communications to customers and business partners in the course of business;
      • Publication in printed materials, etc. distributed and provided inside and outside the Company;
      • Presentation of brief personal history outside the Company;
      • Management of entry into and exit from the Company’s facilities (including the use of fingerprints and other biometric authentication information for entry and exit management);
      • Communication after retirement or resignation, necessary procedures after retirement or resignation, and retiree management; and
      • Other procedures, communications, etc. necessary for business.
    • Personal information concerning shareholders (use of personal information for the purposes of this section includes provision to third parties):
      • Exercise of rights and performance of obligations under the Companies Act;
      • Shareholder management such as record creation based on various laws and regulations;
      • Sending of releases and information regarding shareholders;
      • Management of shareholders; and
      • Response to inquiries, etc.
    • Personal information concerning joint researchers, research collaborators, etc. acquired in connection with joint research and commissioned research (including commissioned business from New Energy and Industrial Technology Development Organization (NEDO)) (use of personal information for the purposes of this section includes provision to third parties):
      • Conducting (joint) research;
      • Appropriate execution of commissioned business; and
      • Management of patents and other intellectual property.
  7. Personal data security control, etc.
    The Company takes necessary and appropriate measures for the prevention of leakage, loss, or damage of personal information, and for other security control of personal information. For details of the security control measures taken by the Company, please inquire with the contact point under “15. Contact point for inquiries” below in this Privacy Policy.
  8. Provision of personal data, etc. to third parties
    The Company shall not, in principle, provide personal data to third parties without the consent of the identifiable person; provided, however, that personal information may be provided to third parties without the consent of the identifiable person to the extent that it does not violate laws and regulations, including the following cases:
    • When required by laws or regulations;
    • When it is necessary to protect human life, wellbeing, or property of an individual, and it is difficult to obtain the consent of the identifiable person;
    • When it is especially necessary to improve public wellbeing or promote healthy child development, and it is difficult to obtain the consent of the identifiable person;
    • When it is necessary to cooperate with a national government organization, local government, or person entrusted thereby with performing the functions prescribed by laws and regulations, and obtaining the consent of the identifiable person is likely to interfere with the performance of those functions; and
    • Cases in which the third party is an academic research institution, etc., and it needs to handle the personal data for academic research purposes (including cases in which a part of the purpose of handling the personal data is for academic research purposes, but excluding cases in which there is a risk of unjustly infringing on individual rights and interests).
    9. However, the following cases do not constitute provision to a third party:
    • Cases of provision in connection with entrustment;
    • Cases of provision in connection with business succession, etc.; and
    • Cases of joint use.
  9. Provision of personal data to third parties in foreign countries
    When providing personal data to a third party in a foreign country, the Company shall take necessary measures such as obtaining consent in accordance with laws and regulations.
  10. Joint use
    Since the management resources of each company in the Company’s group are combined in a coordinated fashion to implement and develop the Company’s business, personal data held by the Company may be provided to the Company’s group companies located in the United States (including Rapidus US Holdings, LLC (New York, US), Rapidus US, LLC (New York), and Rapidus Design Solutions, LLC (California) based on joint use and Equivalent Measures, as follows:
      Disclosure regarding joint use
    • The fact that there is joint use
      The Company engages in joint use of personal data held by the Company as follows.
    • Items of personal data used jointly
      Name, address, email address, telephone number, sex, date of birth, nationality, country of citizenship or permanent residency, desired income and current income, self-promotion (including academic background, work history, etc.), qualifications and skills, assigned department, personnel evaluation, rewards and punishments (not including sensitive personal information), employment status, information related to taxes and social insurance (tax and other deduction amounts, dependent status, etc.), bank account information, health examination data, information concerning family members (name, sex, date of birth, relation, cohabitation status, employment status, emergency contact details, etc.), and any other information necessary to achieve the purpose of joint use.
    • Scope of joint users
      The Company, Rapidus US Holdings, LLC (New York, US), Rapidus US, LLC (New York, US), and Rapidus Design Solutions, LLC (California, US) (Rapidus US Holdings, LLC, Rapidus US, LLC, and Rapidus Design Solutions, LLC are collectively referred to as the “Rapidus US Entities”).
    • Purpose of use by joint users
      The purpose of use stated in “6. Purpose of use of personal information” above in this Privacy Policy (however, excluding the purpose of use stated in “(4) Personal information concerning shareholders.”
    • Name and address of the party responsible for the management of personal data and name of the representative of the corporation Rapidus Corporation
      4-1 Kojimachi, Chiyoda-ku, Tokyo
      Representative Director: Atsuyoshi Koike
      Equivalent measures
      As the aforementioned joint use is with third parties in a foreign country, the Company has taken the necessary measures to ensure that the Rapidus US Entities continuously take measures equivalent to those that a business operator handling personal information must take concerning the handling of personal data (“Equivalent Measures”). The identifiable person may, pursuant to Article 28(3) of the Personal Information Protection Act, request the Company to provide information regarding Equivalent Measures. Furthermore, in order to implement Equivalent Measures, based on the agreement with the Rapidus US Entities, the Company hereby announces the following on behalf of each company.
    • Purpose of use by the Rapidus US Entities
      As stated in (4) under “Disclosure regarding joint use” above.
    • Public announcement, etc.
      The items for disclosure for the Rapidus US entities regarding retained personal data transferred pursuant to Article 32 of the Personal Information Protection Act are as follows:
      • Name and address of the business, and if it is a corporation, the name of its representative Rapidus US Holdings, LLC
        257 Fuller Road, Albany, NY 12203
        President and Secretary: Akio Koyama

        Rapidus US, LLC
        257 Fuller Road, Albany, NY 12203
        President and Secretary: Akio Koyama

        Rapidus Design Solutions, LLC
        3945 Freedom Circle, Tower 1, Suite 920, Santa Clara, CA 95054
        President and General Manager: Henri Richard

      • The purpose of use of all retained personal data (related to joint use) As stated in (4) under “Disclosure regarding joint use” above.
      • Procedures for responding to a request or demand from an identifiable person
        The Company responds on behalf of the Rapidus US Entities, so the procedures are the same as for the Company. Please refer to “12. Personal information disclosure, etc.”
      • Measures taken for security control of retained personal data
        The Rapidus US Entities take necessary and appropriate measures for the prevention of leakage, loss, or damage of personal information, and for other security control of personal information. For details on the security control measures taken by the Rapidus US Entities, the Company responds on behalf of the Rapidus US Entities, so please inquire with the contact point under “15. Contact point for inquiries” below in this Privacy Policy.
      • Where to lodge a complaint about the handling of retained personal data
        The Company responds on behalf of the Rapidus US Entities. Please refer to “15. Contact point for inquiries.”
    • Disclosure, correction, etc., suspension of use, etc., explanation of reasons, procedures for responding to requests for disclosure, etc., measures related to fees, etc.
      The Company responds on behalf of the Rapidus US Entities. Please refer to “12. Personal information disclosure, etc.”
    • Handling of complaints
      The Company responds on behalf of the Rapidus US Entities. Please refer to “15. Contact point for inquiries.”
  11. Entrustment of personal data handling
    When entrusting the work of handling an identifiable person’s personal data within the scope of the purpose of use stated in “6. Purpose of use of personal information” to a subcontractor such as a partner company, in addition to selecting an appropriate subcontractor, the Company will implement appropriate supervision, including entering into agreements regarding the entrusted work and understanding the status of personal data handling by the subcontractor.
  12. Personal information disclosure, etc.
    With regard to personal information over which the Company has the authority to respond to requests for notification of purpose of use, disclosure, correction, addition or deletion of content, discontinuation of use, erasure, discontinuation of provision to third parties, and disclosure of records of provision to third parties (“Requests for Disclosure, etc.”), if an identifiable person makes a Request for Disclosure, etc., the Company shall respond as follows:
    • To prevent leakage of personal information, upon receiving Requests for Disclosure, etc., the identity of the person making the request will be verified. If the identity cannot be verified, the Company may not be able to meet the request.
    • Requests for Disclosure, etc. must be made in accordance with the prescribed procedures.
    • If unable to meet the Request for Disclosure, etc., the Company will respond by clarifying the reason therefor in accordance with laws and regulations.
    • In the case of Requests for Disclosure, etc. requesting notification of purpose of use or disclosure of personal information, a fee of 1,000 yen (excluding tax) will be charged for each request.
  13. Use of cookies and Google Analytics
    By using cookie technology, it is possible to obtain a record of a site user’s visits and change what is displayed for each site user by exchanging information between the website and the site user’s computer. The Company’s website uses cookies to identify the usage status (number of visits, etc.) of the website, but the Company does not collect personal information using cookies (including cookie information collected using Google Analytics as described below).
    The Company uses Google Analytics to identify the website usage status described above. Google Analytics uses cookies to collect user information. Please refer to the Google website for an explanation of the Google Analytics Terms of Service (https://www.google.com/analytics/terms/jp.html) and Privacy Policy (https://www.google.com/intl/ja/policies/privacy/). Please note that the Company is not responsible for any damage caused by the use of the Google Analytics service.
    In addition, the Company may have advertisements such as banner advertisements posted on websites other than the Company’s website, and such cases will be in accordance with the cookie rules of the website on which the advertisement is posted. It is possible to change browser settings to not allow cookies or delete stored cookies.
  14. Personal information provided
    Whether to provide personal information to the Company is at the discretion of the identifiable person. However, if the necessary information is not provided, the Company may not be able to provide the intended products and services. Furthermore, if browser settings do not allow cookies, depending on the content of the service, some functionality may be limited, or use of the service may be impossible.
  15. Contact point for inquiries
    If you have any questions, opinions, complaints, etc. regarding the Company’s handling of personal information, please contact us at the contact point below.
    • Address
      4-1 Kojimachi, Chiyoda-ku, Tokyo 102-0083
      Rapidus Corporation Chief Privacy Officer
    • Email: privacy@rapidus.co.jp
      • Personal information received when an inquiry is made will be used only to respond to the inquiry.
      • If you do not receive a reply within 5 days after sending the email, it is possible that the email did not reach us due to a server error, etc. In that case, we apologize for the inconvenience, but please contact us again.


(Supplementary Provisions)
Enacted     November 11, 2022
Latest revision November 12, 2024