NBDC Human Database and NBDC Group Sharing Database

Privacy Policy

  1. Basic concept

    The Research Organization of Information and Systems (hereinafter referred to as "ROIS") will handle personal information obtained through the operations of the NBDC Human Database and the NBDC Group Sharing Database (hereinafter collectively referred to as "the Databases") by the Database Center for Life Science (hereinafter referred to as "DBCLS") within the Joint Support-Center for Data Science Research (hereinafter referred to as "DS"), an organization within ROIS, appropriately within the scope of the purposes of use in accordance with this policy.

    If you wish to use the Databases (including both the use of publicly available data on humans provided in the Databases (hereinafter referred to as "Human Data"), and the submission of Human Data to the Databases; the same shall apply hereinafter), please read this policy through to the end. If you do not wish DBCLS to use your personal information as described in this policy, please be aware that your applications to DBCLS may not be accepted, and that the use of the Databases will be restricted as described below in (i) to (ii). Please note that unrestricted-access data shared through the NBDC Human Database (public data available for use without any access restrictions) can be used without an application for data use, and you can use it without providing personal information.

    • (i) The use of controlled-access data from the NBDC Human Database and data shared through the NBDC Group Sharing Database requires an application for data use, along with approval from the Human Data Review Board, after specifying the user of the data and purpose of use, etc. Therefore, if you cannot provide personal information, you will not be able to use these data.
    • (ii) When providing Human Data to the Databases, an application for data submission and approval by the Human Data Review Board are required. Therefore, if personal information cannot be provided, Human Data cannot be accepted. As a result, an accession number cannot be issued.
    •  
  2. Definition of personal information

    In this policy, "personal information" means information about a living individual that falls under any of the following items (i) through (iii).

    • (i) Information that can identify a specific individual by name, address, date of birth, gender, occupation, telephone number, e-mail address, etc., contained therein
    • (ii) Information that, by itself, cannot identify a specific individual, but can be easily cross-checked with other information to identify a specific individual
    • (iii) Information that contains an "individual identification code" as defined by Japanese law concerning the protection of personal information (Act on the Protection of Personal Information).
    •  
  3. Scope and purpose of use of personal information collected

    The Databases collect the following personal information obtained upon receipt of applications from persons who wish to use the Databases, or upon receiving inquiries about the Databases by legal and appropriate means, and access and use the collected information by legal and appropriate means to the extent necessary to achieve the following purposes and purposes incidental to those purposes. Except where permitted by the law, personal information will not be used beyond this scope without the consent of the individual concerned.

 

Personal information collected

Purpose of use

Information submitted at the time of applications

The following information provided regarding the Principal Investigator, the head of his/her institution, the applicant, and the research contributor.

- Name

- Name of organization

- Name of department

- Position

- Address

- E-mail address

- Phone number

- (If there is an entrustee) Name of the entrusted organization, department, name, and position of the person in charge

(1) For operations related to the review of applications for the submission and use of Human Data.

(2) To confirm necessary matters and communicate request for responses from DBCLS regarding application details for the submission and use of Human Data.

(3) To respond to applications and inquiries regarding the use of the Databases and to notify of important matters.

(4) To improve the convenience of users of the Databases, and to provide a smooth service.

(5) To communicate about surveys and other matters related to the operations of the Databases.

Name of Principal Investigator, name of institution to which he/she belongs, and department

To disclose data submitter / data user information.

Personal information collected

Purpose of use

The following information provided through the inquiry form for the Databases:

- Name

- E-mail address

- Name of organization to which he/she belongs

To respond to inquiries, improve convenience and take necessary actions.

 

  1. Provision to third parties

    DBCLS will not provide personal information to third parties except in the following cases (i) through (v). Please note that statistical data and other information may be disclosed or provided after being processed into a format that does not allow individuals to be identified.

    • (i) When the prior consent of the person in question has been obtained.
    • (ii) When it is necessary for the protection of the life, body, or property of an individual, and it is difficult to obtain the consent of the person in question.
    • (iii) When it is particularly necessary for improving public health or promoting the sound development of children, and it is difficult to obtain the consent of the person in question.
    • (iv) When it is necessary to cooperate with a national agency, a local authority, or an individual or entity entrusted by either a national agency or a local authority to execute affairs prescribed by law, and obtaining the consent of the person is likely to impede the execution of such affairs.
    • (v) When there is a request for disclosure based on laws and regulations, or when there is a request for cooperation with investigations related to research misconduct or illegal activities such as unauthorized access or threats.
    •  
  2. Joint use

    Due to the special characteristics of the Databases and the necessity of its operation, information collected through the acceptance of applications will be recorded on servers in Japan managed by the National Institute of Genetics (hereinafter referred to as "NIG") within ROIS, and will be managed in accordance with the privacy policies of the NIG Bioinformation and DDBJ Center (hereinafter referred to as "DDBJ Center") (https://www.ddbj.nig.ac.jp/policies-e.html#privacy). For the purpose of improving the convenience of users of the Databases and providing smooth services, the DDBJ Center may contact you directly without going through the DBCLS only when it is required. In addition, information about users that have been processed so that individuals cannot be identified, and website access statistics may be jointly used with the DDBJ Center.

    DBCLS and the Japan Agency for Medical Research and Development (hereinafter referred to as "AMED") will jointly use all personal information for the operation of the AMED Genome group sharing Database (hereinafter referred to as "AGD"), which is provided at the time of applications related to AGD.

     

  3. Matters concerning security control measures

    In order to prevent the loss, leakage, impairment, damage, misuse, falsification or destruction of personal information that DBCLS obtains and handles, the following necessary and appropriate measures will be taken.

    • (i) DBCLS will conduct educational activities for all officers and employees, appoint a person in charge of each department that handles personal information, and strive to manage personal information appropriately.
    • (ii) DBCLS will maintain the security of its website to prevent unauthorized access to personal information.
    • (iii) DBCLS will grant limited access to personal information only to employees and outsourcing contractors who need such access. DBCLS will enter into employment contracts and outsourcing agreements with its employees and contractors, respectively, that include confidentiality clauses, and will make every effort to ensure that the employees and the contractors handle and protect personal information appropriately, and to prevent leakage, unauthorized provision to third parties, and use outside the scope of the purposes of use described in Section 3. above.
    •  
  4. Disclosure, correction, addition, deletion, suspension of use, and suspension of provision to third parties of personal information

    When DBCLS receives a request from an individual regarding disclosure, correction, addition, deletion, suspension of use, removal, or suspension of provision to a third party of his/her personal information held by DBCLS, DBCLS will, from the perspective of preventing leakage of personal information and ensuring accuracy and security, conduct a necessary investigation without delay unless special procedures are required by law, and DBCLS will respond to the request in good faith in accordance with the law only when it is confirmed that the request is made by the person in question. DBCLS will not be able to respond to the request if the request does not meet the requirements stipulated by law, if the contents of the request are deemed unreasonable based on the results of the investigation, or if there are justifiable reasons to reject the request based on laws and regulations.

    Please be aware that costs associated with requests for disclosure, including communication fees, transportation expenses, and expenses incurred in preparing necessary identification documents, will be the responsibility of the requester. For details on the procedure, please refer to "Information disclosure and management" as specified by ROIS (https://www.rois.ac.jp/en/open/01.html).

     

  5. Acquisition of access logs and use of access analysis tools

    A technology that records and manages information about website users on computers and application software is called a "cookie." The websites of the Databases use cookies to make it more convenient for those who use the websites (hereinafter referred to as "users"). And the Databases' websites use Google Analytics, a service provided by Google, Inc. to understand the status of users’ visits to the websites.

    When Google Analytics is used on the websites of the Databases, Google collects, records, and analyzes the information about visits to the websites of the Databases based on cookies issued by DBCLS. DBCLS receives the results of this analysis from Google in order to understand how users use the websites. The information collected, recorded, and analyzed by Google Analytics will not include any personally identifiable information, and such information will be managed by Google Inc. in accordance with its privacy policy.

    Users may also opt out of having their information collected through DBCLS’s use of Google Analytics by disabling Google Analytics in their web browser's add-on settings. Google Analytics can be disabled by downloading and installing the "Google Analytics Opt-Out Add-on" from the Google Opt-Out Add-on Download page and changing the add-on settings on their web browser. If users disable Google Analytics, Google Analytics will also be disabled on websites other than this site that the users visit. Also, it is possible for the users to re-enable Google Analytics by reconfiguring the add-ons on their web browser. For an explanation of Google Analytics Terms of Use, please refer to the Google Analytics website, and for an explanation of Google's privacy policy, please refer to Google's website.

    Google Analytics Terms of Service:
    https://marketingplatform.google.com/about/analytics/terms/us/

    Google's use of information collected from sites and applications that use Google services:
    https://policies.google.com/technologies/partner-sites

    Google Analytics Opt-Out Add-On:
    https://tools.google.com/dlpage/gaoptout

     

  6. Scope of application

    This policy applies to personal information obtained through the services of the Databases operated and managed by ROIS. The ROIS's regulations and policies regarding the protection of personal information (https://www.rois.ac.jp/open/01.html*) and the policies disclosed by DBCLS (https://dbcls.rois.ac.jp/policy-en.html) will apply to any information that is not covered by this policy, and in the event of any inconsistency between this policy and the ROIS's regulations and policies regarding the protection of personal information or the DBCLS policy, the terms of this policy shall prevail.

     * This URL links to the Japanese website. The ROIS's regulations and policies regarding the protection of personal information are only available in Japanese on the Japanese website.

     

  7. Retention period of personal information

    DBCLS retains personal information in compliance with applicable laws and regulations for the duration of the operation of the Databases.

     

  8. Other

    DBCLS may revise this policy from time to time. Any revisions will be announced on the website of the Databases(https://humandbs.dbcls.jp/en/)in advance.

     

  9. Contact information

    Database Center for Life Science (DBCLS), Joint Support-Center for Data Science Research (DS), Research Organization of Information and Systems (ROIS)

    178-4-4 Wakashiba, Kashiwa, Chiba 277-0871, JAPAN

    https://humandbs.dbcls.jp/en/contact-us

     

  10. Information on business operators handling personal information

    The name, address and representative of ROIS (President) can be found on the following website:

    https://www.rois.ac.jp/en/about/staff.html

Date: March 19, 2025