privacy policy

Our Philosophy on Personal Information Protection

Personal information, including that of customers, is information that is closely related to the privacy of the customer or other individuals, and depending on how it is handled, there is a risk of damage to the personal or property rights and interests of the customer or other individuals.
The Company is deeply aware of the nature and seriousness of such personal information, and with regard to any personal information that we have properly acquired, we handle it carefully under the principle of respect for the individual’s character and strive to protect personal information.
When handling the personal information of our customers and other stakeholders, we will handle it in accordance with this statement in order to meet the expectations and trust of our customers and other stakeholders.
In addition to conducting educational and awareness-raising activities for employees regarding the protection of personal information, the Company will comply with Japanese laws and other regulations, and will continuously review and improve the content of this statement.

Personal Information Protection Policy

  1. We will collect personal information appropriately and use the collected personal information only within the scope of the purpose of use set forth in the Privacy Policy.
  2. We will prevent and correct unauthorized access to personal information, as well as the loss, destruction, falsification and leakage of personal information.
  3. We will comply with laws and other regulations regarding personal information.
  4. We will continuously review and improve our compliance program, in relation to the protection of personal information.

Revised November 21, 2025.
Enacted on: October 2, 2020
LecoS, Inc.
Tsutomu Kishida, President and Representative Director

About the Handling of Personal Information

1. Scope of Personal Information

  1. Registration information will include the following personal information:
    • Name, address, date of birth, corporate name, department, email address;
    • Educational background, employment history;
    • Identifiers such as student ID number, employee ID number, membership number;
    • Facial photographs and other personally identifiable information necessary for using the Company’s services.
  2. Transaction and payment information, including
    • Details of the services used by the customer and related billing information,
    • Payment details including credit card number or debit card number, card expiration date, CVV code, and billing address.
  3. User IDs and passwords issued by the Company for accessing its services
  4. User-generated content and interaction history during the use of the Company’s services, such as
    • Statements, questions, answers, responses to surveys, and replies to questions and answers.
    • Note: Posts made on public forums or open discussion boards are considered publicly disclosed and are not treated as personal information.
  5. Access logs and usage records, including login and logout timestamps
  6. Communication records between the customer and the Company, including
    • Inquiries and applications made via email, telephone, facsimile, or post mail;
    • The Company’s responses and correspondence related to such communications.
  7. Information obtained through integration with third-party services, such as
    • When the customer uses the “Sign in with Google” feature to link with the Company’s services, the Company may receive configuration data (e.g., name, email address) from Google;
    • The use of such information by the Company shall comply with the Google API policy

2. Scope of Eligible Customers

The term “customer” as used in this statement refers to the following persons:

  1. Corporate and individual users who intend to use or have used the Company’s services;
  2. Corporations and individuals who make inquiries to the Company by telephone, e-mail or letter, etc., and where the identity of the inquirer can be determined.

3. Purpose of Use of Personal Information

We disclose the purpose of using personal information as follows, according to Articles 21 and 32 of the Laws for the Protection of Personal Information.

  1. To send necessary notifications for customers to use the Company’s services.

    When notifications are sent via email, cloud services located in the United States (e.g., Google, Microsoft, Twilio) may be used. These services may result in personal information being stored or processed outside Japan. However, the cloud service providers do not handle personal information directly, and appropriate access controls are in place.

  2. Personal information of customers who make inquiries (e.g., name, email address):
    • To provide the Company’s services,
    • To perform operations incidental to service provision such as billing,
    • To research and analyze service usage trends,
    • To research and develop new services.
  3. Personal Information of shareholders (Name, corporation, address, telephone number, email address, inquiry content):
    • For the exercise of privileges and fulfilment of responsibilities in accordance with corporate laws on shareholder management, etc.;
    • To implement measures for more efficient relations between the Company and its shareholders;
    • To prepare and manage IR data (including lists of investors and shareholders, shareholding amount, etc.) according to due standards in accordance with all applicable laws.
  4. Personal information of those who seek employment at our Company (Name, photographic likeness, birthdate, gender, address, telephone number, email address, personal history, career history):
    • To provide information to and facilitate communication with those who are interested in employment at our company, and those who have submitted job applications to us;
    • For use in the recruitment and employment screening process.
  5. Personal information of our executives and employees (Name, birthdate, gender, address, telephone number, and information about relatives, bank account, and other necessary items):
    • For personnel administration, including the appropriate placement of staff members, payment of salary, and other human resource management matters;
    • In connection with staff welfare and benefits, labor safety and health management;
    • For staff training and development;
    • For issuing notices and reports in accordance with all applicable laws, rules, and regulations.

4. Safety Management Measures

The following measures have been implemented for managing the safety of personal information entrusted to us by our customers, to prevent the leaking, loss and/or damage of personal information.

  • Fundamental Policy

    The following personal information protection policies have been established to ensure the secure and appropriate handling of personal information.

  • Regarding the maintenance of due diligence pertaining to the rules and regulations about handling personal information

    Rules and regulations have been set for the handling, stewardship, and proper usage of data, at each stage, including acquisition, usage, storage, provision, deletion, and erasure of the information.

  • Organizational safety management measures

    In addition to appointing a supervisor in charge of overseeing all handling of personal information, clear, precise data is maintained on the number of employees who have access to personal information in the course of their duties, as well as the scope of their clearance.
    Furthermore, additional rules and regulations which become necessary for safety management are prepared as necessary, with regular checks on the implementation process.
    In the case of discovery of any violation of laws, rules, or regulations pertaining to the handling of such information, or the suggestion or suspicion of such, due procedures for reporting and communicating to the supervisor have been implemented.

  • Human safety management measures

    Internal learning and training, as well as other necessary measures regarding the handling of personal information are regularly implemented.

  • Physical safety management measures

    Measures to prevent any improper internal access to personal information by staff without authority to handle such information have been implemented. Concurrently, strict entry management of those areas storing personal information, as well as insurance of due protective measures for machinery and devices where personal information is stored, have been implemented with the aim of preventing the loss of personal information.

  • Technical safety management measures

    Data which includes personal information is stored on servers equipped with security access restriction functions, including a system that protects the data from malicious access from external sources.

5. Handling of Personal Information

We will use your personal information only for the following purposes.

  1. When we receive personal information from customers

    When we are required to provide a customer’s personal information, we will inform that customer of the purpose for which the information will be used and obtain the customer’s consent to such use. If you are an individual, other than the personal information stipulated by the Company, you will never be asked to provide any information such as ideology, beliefs, religion, race, ethnicity, family origin, legal domicile (excluding information related to the prefecture where you live), physical or mental disability, or criminal record.

  2. Acquisition of personal information

    Other than receiving personal information provided by our customers, the Company will not acquire personal information by any unauthorized method, nor will we use illegally the customer information that has been acquired.

  3. Use of personal information

    The Company will not use personal information for any purpose other than that to which the customer has given consent.
    In addition, the personal information provided by customers will be disclosed to NetLearning Holdings, Inc. and NetLearning, Inc. to whom we outsource part of our business.

  4. Provision of personal information to third parties

    Without prejudice to the application of the provisions of the preceding article, the Company shall not provide personal information in its possession to any third party, except in the following cases:

    1. When prior consent has been obtained from the individual.
    2. When personal information is entrusted to a third party for processing in order to achieve the stated purposes of use.
    3. When personal information is mutually used with a specific third party, and the purpose of use and the identity of the third party have been notified to the individual in advance or publicly disclosed.
  5. Management of personal information

    In addition to ensuring that personal information received from customers is not illegally accessed, lost, destroyed, illegally leaked outside the company, or tampered with, the Company will ensure that employees manage personal information, encrypt during communication the personal information provided by customers, take measures against unauthorized computer access and computer viruses, as well as maintain data backup systems.

6. Disclosure of Personal Information

Regarding inquiries and other requests about personal information
When we receive the following requests from customers regarding their own information that we manage, we will respect the customer’s wishes and take the necessary action to a reasonable extent after confirming the customer’s identity.

  1. Confirmation of the details of personal information
  2. Correction, updating, and deletion of personal information.
  3. Withdrawal of all or part of the consent to the use of personal information that you have given the Company
  4. Notification of purpose of use, disclosure, correction, addition or deletion of contents, suspension of use, elimination, suspension of provision to third parties, and disclosure of third-party provision records

Please contact below for inquiries.

LecoS, Inc. (Personal Information Inquiry Desk)
Phone: 03-5989-1211 (Representative)
Contact us: https://www.lecos.co.jp/contact_recipient/
Operating hours: Monday through Friday, 10:00 to 17:00
Shinjuku Kifu Building 3F, 7-2-4 Nishi-Shinjuku, Shinjuku-ku, Tokyo 160-0023, Japan

  • Please contact the following office to obtain the necessary forms.
  • We will confirm your identity. The confirmation method differs depending on whether it is done in person or by mail.

For in-person interviews

  1. If you are a staff member, we will ask you to present your employee ID.
  2. In the case of customers and applicants for employment, we will confirm your identity by asking multiple questions to confirm the attributes of the individual (date of birth, etc.) as shown on one of the following: various health insurance cards, pension booklets, passports, or copies of certificates of residence.
  3. In the case of a proxy, as proof of the proxy’s identity, we will check that the proxy has a letter of attorney from the relevant person and a copy of the relevant person’s certificate of residence. In addition, we will confirm the identity of the proxy by asking several questions about the attributes (date of birth, etc.) of the proxy himself/herself as shown on one of the following documents: health insurance card, pension book, passport, or a copy of their certificate of residence.

By post mail

  1. We will receive a copy of your health insurance card, pension book, passport, or copy of your resident card, and we will call you and ask several questions about your attributes (date of birth, etc.) in order to confirm your identity.

  2. In the case of a proxy, as proof of the proxy’s identity, we will check that the proxy has a letter of attorney from the relevant person and a copy of the relevant person’s certificate of residence. In addition, we will confirm the identity of the proxy by calling them and asking several questions about the attributes (date of birth, etc.) of the proxy himself/herself as shown on one of the following documents: health insurance card, pension book, passport, or a copy of their certificate of residence, and we will call the proxy and ask several questions about his/her attributes (date of birth, etc.) in order to confirm the proxy’s identity.

    • In the case of notification and disclosure of the purpose of use, a fee will be charged. The handling fee is 500 yen per item (the person is responsible for the money order issuance fee, etc.).
    • When your submitted papers contain any insufficiency, we will contact you from the help desk. However, if we do not receive a response from you within one month, such as a correction or additional documents, we will assume that your request has not been made.

7. Other precautions and notes

  1. Statement regarding customer information on linked websites

    The Company’s website may contain links to third party websites, but the Company does not manage these sites.
    Therefore, we recommend that you check the statement regarding your personal information (or privacy policy, etc.) of each linked site by yourself.

  2. Use of cookies

    We use cookies on our website.
    Cookies are a feature that allows us to know which pages on our website have been accessed from your computer and when they were accessed.
    This helps to support the learning process by bringing up the next page when the student next accesses the site.
    Cookies also enable us to learn about the state of your learning and help us build a better e-learning system.

  3. Revision of this statement

    If there are any revisions to this statement, they will be posted on this page.

Personal Information Protection Manager
LecoS, Inc.
Ryusuke Yamada, Executive Vice President
Tel: 03-5989-1211

Contact for inquiries, disclosure, etc.

For inquiries regarding the handling of customer information, please contact the following.

LecoS, Inc. (Personal Information Inquiry Desk)
Phone: 03-5989-1211 (Representative)
Contact us: https://www.lecos.co.jp/contact_recipient/
Operating hours: Monday – Friday 10:00 – 17:00
Shinjuku Kifu Building 3F, 7-2-4 Nishi-Shinjuku, Shinjuku-ku, Tokyo 160-0023, Japan
LecoS, Inc.

Privacy Policy with consideration to GDPR

1. Basic principles

Lecos, Inc. (hereinafter referred to as "LecoS") has established this Privacy Policy in accordance with GDPR with respect to the handling of personal data in compliance with the EU General Data Protection Regulation (hereinafter referred to as "GDPR"). LecoS will take all possible measures to handle personal data by establishing an internal system, protecting personal data, managing it appropriately, and using it appropriately.

2. Collected personal data

  1. We may collect the following personal data from users of our services:
    • Name
    • Email address
    • Password
    • IP address
    • Residential address
    • Date of birth
    • Identifiers such as student ID number, employee ID number, or membership number
    • Facial photograph
    • Credit card number
    • Debit card number
    • Payment information including billing address
    • Credit/debit card expiration date
    • CVV code
  2. We do not collect sensitive personal data such as passport information or health data through our services, except where required by applicable privacy laws.
  3. We collect personal data when users of our services perform the following actions:
    • Register for our services
    • Use our services

3. Purpose of personal data processing

We will handle the personal information of our users in accordance with Article 6.1.(b) of the GDPR in order to fulfill the following purposes of use in the performance of the contract with our users.

  1. Purpose of processing
    We collect and process personal data only for the following purposes:
    • To ensure that our services are presented to you in the most effective manner;
    • To inform you about changes to our services;
    • To manage our users' accounts;
    • To provide our services to users;
    • To inform users of our policies and terms and conditions;
    • To improve safety and security by monitoring fraudulent activity, investigating suspicious or potentially illegal activity, or violations of our policies or terms and conditions;
    • To provide, improve, and create services and advertising;
    • To use personal information for purposes such as data analysis, research, and auditing;
    • To ensure business continuity;
    • To respond to various types of inquiries;
    • To perform tasks incidental and related to the above items.
  2. We process personal data on the legal basis of consent of the data subject, legitimate interests pursued by us or by a third party, performance of a contract between the data subject and us or preparation for entering into a contract, or compliance with a legal obligation to which we are subject.
  3. If the processing of personal data by our company is based on the consent of the data subject, the data subject may withdraw the consent at any time. However, the legality of the processing of personal data based on the consent before the withdrawal is not affected by the withdrawal of consent.
  4. In the event that the personal data acquired is to be handled for purposes other than those described above, this Privacy Policy will be revised to inform the data subject.

4. Providing and sharing personal data

We may need to share personal data with the following third parties for the purposes of the processing described above. Where this is necessary, we will comply with applicable privacy laws.

  • Our group companies
  • Lawyers, tax accountants, certified public accountants, and other professional experts
  • Financial institutions
  • Current, past, and future employees
  • Service providers and suppliers

5. Personal data security administration

When handling personal data, we will manage it appropriately and take appropriate and reasonable security measures to prevent unauthorized external access, loss, destruction, falsification, leakage, and other risks. In the unlikely event of an accident, we will promptly take corrective measures.

6. Storing personal data

We store personal data in a manner that establishes appropriate security. LecoS will store personal data only for as long as is necessary to achieve the purposes of use described in this Privacy Policy and will promptly delete any unnecessary personal data. The specific period of time will be determined by taking into consideration the purpose for which the personal data is acquired and handled, the nature of the personal data, and the legal or business necessity for storing the personal data.

7. About the Cookie

When you visit our website, we often use Cookies to store and retrieve information on your browser. This information may include information about you, your preferences, and your device. In many cases, this information is used to ensure that the website behaves as you expect it to. The information collected is generally not personally identifiable but helps us personalize your website experience. We respect your privacy and allow you to choose not to use some Cookies. Please note that blocking some types of Cookies may affect the usability of our site and the services we provide.

8. Expressing disagreement

You have the right to appeal to a supervisory authority, such as a national, regional, or international organization, regarding our processing of your personal information in accordance with the GDPR and other applicable laws. We would appreciate it if you gave us the opportunity to respond before you file a complaint with a supervisory authority. If possible, please contact us in advance using this contact form.

9. Contact information

If you have any questions or complaints, or if you wish to exercise any of your rights described in Section 8 of this Privacy Policy, please contact us at the following:

Contact person:Staff in charge, LecoS, Inc.
Mailing address:9th Floor, Nishi Shinjuku Prime Square, 7-5-25 Nishi Shinjuku, Shinjuku-ku, Tokyo, 160-0023, Japan
Telephone number:03-5338-9411(International calls, 81-3-5338-9411)
Facsimile number:03-5989-1901(International calls, 81-3-5989-1901)

10. General conditions

We may revise this Privacy Policy from time to time in accordance with applicable laws or based on our internal policies. However, we will not use the personal data of data subjects in any new way without obtaining their prior consent.

Supplementary Provisions

This revised Privacy Policy shall take effect on November 21, 2025.