1. Handling of Personal Information

(1) Purpose of Collection of Personal Information

The Company handles personal information as defined in (2) below within the scope necessary to achieve the following purposes of use. Personal information will not be used for any purpose other than those listed below.

1. Provision of information regarding the Company’s products and services
2. Announcement of seminars regarding the Company’s products and services
3. Requests for surveys regarding the Company’s products and services
4. Distribution of newsletters, and provision of the latest information, announcements, campaign information, etc. regarding products and services
5. Recruitment activities for officers and employees
6. Personnel management, employment management, and employee benefits for officers, employees (including full-time, contract, commissioned, temporary, seconded, and dispatched employees), and former employees
7. Provision of information regarding products and services and marketing activities directed at customers who have cancelled the Service
8. Creation and use of anonymized information for the development and improvement of features using AI technology in the Service (by the method set forth in Article 16-2 of the Terms of Service)

(2) Use of Personal Information

The Company may collect the following personal information: full name, occupation (including company name, department, and position), address, telephone number, and email address.

(3) Provision of Personal Information to Third Parties

The Company will not provide personal information as defined in (2) to external parties (third parties) except in the following cases:

1. When the individual has given prior consent
2. When outsourcing operations to external parties within the scope necessary to achieve the purposes of use
3. When required by law
4. When it is necessary to protect a person’s life or property
5. When cooperation with public authorities such as the police or courts is required

(4) Procedures for Disclosure of Personal Information

When the Company receives a request from an individual for disclosure, correction, or other handling (correction, addition, deletion) of personal information, or for suspension of use (suspension of use, erasure), the Company will confirm the identity of the individual before responding. However, this does not apply in cases where it would significantly impede the Company’s operations or where there is a risk of harm to the life, physical safety, property, or other rights of an individual. In cases where the Company is unable to comply with a request, the Company will explain the reason to the individual.

Regarding the opt-out from newsletter distribution, individuals may opt out at any time by following the procedures described in the newsletter.

2. Safety Management Measures for Personal Information

To ensure the accuracy and security of personal information, the Company implements organizational, technical, and human safety management measures as required by applicable laws and regulations, and endeavors to prevent unauthorized access to personal information and the loss, destruction, alteration, or leakage of personal information. When outsourcing operations to external parties, the Company selects contractors that handle personal information appropriately, establishes necessary provisions to ensure proper management by the contractors, and requires them to implement equally rigorous management. In the event of an incident related to personal information, the Company will respond promptly and appropriately through corrective and preventive measures.

3. Compliance with Laws and Regulations Regarding Personal Information

In handling personal information, the Company complies with laws and regulations concerning the handling of personal information, guidelines established by the national government, and other applicable norms.

4. Personal Information Protection Framework and Continuous Improvement

The Company establishes internal regulations regarding personal information and builds a management structure, and continuously reviews and improves the same for further personal information protection. For opinions, complaints, or inquiries regarding the Company’s handling of personal information, please contact the Personal Information Inquiry Desk listed below. In the event of any changes to the content of this Privacy Policy, the Company will promptly disclose and publicize such changes through the Company’s website and other channels.

5. Creation and Handling of Anonymized Information

Pursuant to Article 16-2 of the Terms of Service, the Company may create anonymized information from patient information collected through the Service.

(1) Items Included in Anonymized Information

Cephalometric measurements, age group, gender, diagnostic classification, information on treatment policy, facial simulation images (after anonymization processing), 3D facial scan data (after anonymization processing), treatment progress data, and pediatric patient growth prediction-related data.

(2) Purposes of Use of Anonymized Information

Development, training, and improvement of AI and machine learning models; improvement of prediction accuracy for facial morphological changes; improvement of accuracy in pediatric skeletal growth prediction; academic research and paper publication; and improvement of service functions.

(3) Provision of Anonymized Information to Third Parties

When providing anonymized information to third parties, the Company will publicize the items of information to be provided and the method of provision, and will clearly indicate to such third parties that the information is anonymized information.

(4) Safety Management Measures

To ensure appropriate handling of anonymized information, the Company implements the establishment of handling regulations, limitation of persons responsible for handling, access control, and other necessary measures.

(5) Use of External Services

The Company uses external AI services (APIs) for some features of the Service. In using such external services, the Company selects a contract form in which patient data is not used for the training of the AI model of the external service provider, and endeavors to protect patient privacy. Details of the external services used will be publicized on the Company’s website.

Personal Information Inquiry Desk:

For inquiries regarding personal information, please contact the following desk:

DentalBrain Co., Ltd. Personal Information Inquiry Desk

Otemachi Building 1F, 2F, 3F, 1-6-1 Otemachi, Chiyoda-ku, Tokyo 100-0004, Japan

E-mail: contact@dentalbrain.co.jp

DentalBrain Co., Ltd.

President and Representative Director: Junichi Watahiki