Privacy Policy

PrivacyMark Promotion Center, Japan Institute for Promotion of Digital Economy and Community (JIPDEC) certified Mitsubishi Research Institute, Inc., to display the Privacy Mark in January 2003 and recertified in January 2023.

I. Declarations Mandated by Act on the Protection of Personal Information

Pursuant to Act on the Protection of Personal Information (“the Law”), Mitsubishi Research Institute, Inc. (“MRI” or “we”) makes the following declarations on its collection and use of personal information.

1. Purpose of collection and use

(1) MRI collects personal information (data) for use within the scope of the respective purposes defined below, except where otherwise stipulated by the Law. It separately and individually informs you of the purpose when it collects data purposes other than those defined below.
A. Trading-partner's data
Data necessary for administrative work pertaining to trade-relation interfacing, including advertising and marketing, invoicing and billing, marketing and sales of reports and other products; distribution of informational literature including customer satisfaction surveys; distribution of MRI product and service information, seminar information; performance of contracted services; and responding to inquiries

B. Membership data for MRI-run members-only services
Data necessary for the operation and administration of members-only services including membership recordkeeping; emailing of e-magazines; distribution of informational materials and seminar information, and other work pertaining to service administration

C. Survey questionnaire data
Data necessary for administrative work pertaining to the administration of survey questionnaires including sampling, survey participation requests (incl. for supplementary and follow-up surveys), distribution of honoraria, survey results, and the like; follow-up inquiries on responses; and registration and management of monitors

D. Data related to MRI-provided services, events (seminars, symposia, and like programs), and validation trials
Data necessary for the operation and administration of services, events, and trials including recording of events, drafting of validation-trial reports, notification of events and seminars, responding to inquiries, and other office tasks

E. Data in conjunction with operation and administration of committees, research groups, sub-committees, and the like
Data necessary for the operation and administration including drafting of meeting minutes, notification of meetings and events, and other office tasks

F. Interview data and information
Data necessary for conducting interviews including selection of interviewee candidates, interview requests (incl. supplementary and follow-up surveys), preparation of interview records, distribution of honoraria and survey results, inquiring about content of responses, and all other office work in conjunction with interviews

G. Site-access data
Data necessary for data analysis and data-security management

H. Records of inquiries and data on visitors to MRI
Data necessary for responding to inquiries and visitor reception

I. Recruiting data
Data necessary for recruiting and hiring employees

J. Employee data
Scope communicated to employees separately via the company intranet and other internal means

K. Information related to provision of data processing services
Data necessary for data processing and related work such as systems development, systems maintenance, simulation analyses, and data analysis

L. Shareholder data
Data necessary for records on shareholders and providing shareholder services

M."Specified" data in conjunction with MRI payments administration
Data necessary for preparing and submitting pay and dividend-payment statements
Note that MRI may outsource collection and use of personal information within a scope necessary to fulfill the purposes defined above. In such instances MRI will manage the data in a manner appropriate for ensuring its security by requiring the outsourcer to collect and use it in a secure manner.

2. Provision of personal information to third parties

MRI does not provide personal information to third parties without the person’s prior consent. Except when required to do otherwise by law, when MRI provides personal information to a third party it individually informs the affected persons of the purpose and ask for their consent.

3. Joint use of personal information

MRI and group companies may jointly use personal information as described below to enable them to continue to provide customers with higher value-added deliverables that build on bolstered cross-group collaborations that leverage the respective strengths of group companies.
(1) Scope of joint users, the personal data they use, and the purpose of its use
MRI may, under our management responsibility, jointly use information such as name, address, telephone number, fax number, e-mail address, gender, age, affiliation, department, position, etc. of personal information directly acquired by the Company with consolidated subsidiaries described in the Company's annual securities reports, etc. for the purpose of use described in Section 1 above.

(2) Designation of person responsible for managing personal data
Kenji Yabuta, President,
Mitsubishi Research Institute, Inc.
Address: 10-3, Nagatacho 2-Chome, Chiyoda-Ku, Tokyo 100-8141, Japan

(3) Acquisition
Personal data is acquired from documents (calling cards, work-procedure documents, questionnaire responses, etc.), electronic data (emails, input forms on MRI and related websites, etc.), and audio (in-person interactions, recordings of meetings, etc.).

4. Steps for managing security of retained personal information

4.1 Basic policies

MRI has set and published a set of data management policies, the MRI Group Security Policies that includes our policy covering retained personal data.

4.2 Rules governing the collection and use of personal data

MRI has defined specific internal conventions for collecting and using data to ensure the integrity of personal information. We review and update these rules periodically.

4.3 Organizational security management measures

To ensure the integrity of personal data, MRI has emplaced a data-security management organizational framework to monitor personal data management and deal with and report on faults when detected. It includes naming a personal information protection officer and assigning personnel charged with ensuring personal data security at the organizational-unit level.

4.4 Human security management measures

MRI conducts periodic employee training sessions and other similar. human-involved security management measures to ensure that employees are aware of and handle personal data appropriately.

4.5 Physical security management measures

MRI houses computer systems that process personal data in limited-access server rooms and uses cloud servers with enforced access management. Stored personal is encrypted to ensure against compromise if the equipment or media containing it is stolen, frameworks are in place to allow appropriate response if equipment or media are lost, and data is expunged so that it cannot be reconstituted when equipment or media are discarded. Printed documents bearing personal data are kept in lockable containers, documents are checked periodically to ensure against their loss, and specialist vendors are employed to ensure that physical security management protocols are followed for document disposal.

4.6 Technical security management measures

MRI has in place technical security management measures for systems that process personal data. These include controls to restrict access to data to only managers and users of personal data, user authorization to identify persons accessing it, antimalware and anti-unauthorized access software, and encrypted personal-data transfers.

4.7 Comprehending external environments

MRI researches the personal data protection schemes of other countries and take steps as appropriate for ensuring data security [during interactions with systems located overseas].

5. Inquiries about disclosure, correction, termination of use of, and other issues regarding retained personal data

For changes or other similar matters pertaining to personal information retained by MRI-run members-only services, contact the service’s operating secretariat.
For all other requests relating to disclosure, correction, termination of use of, and other issues regarding personal data, please reach out via the following contact.

Risk Management Division
Mitsubishi Research Institute
Please contact the recruiting office to request disclosure of your personal information used in recruiting and hiring or to correct it, terminate its use, or ask questions about it.

Recruiting office
Mitsubishi Research Institute

6. Complaints and inquiries contact

(1) Complaints and inquiries about personal data
Please contact the Risk Management Division if you have complaints or inquiries about our collection and use of personal data.

Risk Management Division
Mitsubishi Research Institute
(2) Accredited personal information protection organization and complaint and incident resolution contact

A. Accredited personal information protection organization
PrivacyMark Promotion Center, Japan Institute for Promotion of Digital Economy and Community (JIPDEC)

B. Complaint and incident resolution contact
Personal information complaints and consultation office
Address: Roppongi First Building, 9-9 Roppongi 1-chome, Minato-ku Tokyo, 106-0032 Japan

7. Personal information protection officer

(1) MRI personal information protection officer
Yasuteru Hirai, Executive Vice President and Representative Director, Mitsubishi Research Institute, Inc.
Address: 10-3, Nagatacho 2-Chome, Chiyoda-Ku, Tokyo 100-8141, Japan

(2) Contact point

II. About the Collection and Use of Personal Data on the MRI Website

1. Access logs

(1) MRI retains accesses logs to track access to the MRI website (the “site”). The logs record each visitor’s IP address (global IP address on connection to the site), browser type, referring URL, and other similar data.

(2) MRI outsources to an external domestic vendor the matching of access-source IP addresses to the names of their registered owners. The purpose is to identify corporate and organizational entities; individual visitors are not identified.

2. Cookies

(1) Cookies consist of text files generated and stored by the browser and the scheme for managing them. The files contain data for managing and identifying visitors accessing a website.

(2) MRI uses site cookies for the following purposes.
  1. For improving the site’s content and tailoring the site for individual visitors
  2. For statistical analysis: information acquired from cookies is anonymized so visitors cannot be identified.
  3. For providing notices and information on MRI services fine-tuned for browsing activity (applies only to visitors who have provided their contact addresses when attending events).

(3) The MRI site uses the access analysis services described below. These services collaboratively share cookies.
  • Google Analytics (all pages)
  • Shanon Marketing Platform (all pages)

(4) Users can enable or disable functionally inessential site and third-party (e.g., access analysis partners and ad distributors) cookies or withdraw consent to cookies, via setting controls on a cookie-permissions banner displayed by the site. Users can also disable JavaScript and cookies via their browser settings or change current cookie permissions (enable or disable) via the Cookie Settings link below.

2.1 About Google Analytics

The MRI website uses Google Analytics, a service of Google LLC, to track browsing activity. When a visitor arrives on one of the site’s pages, their browser reads a JavaScript from a Google-provided library and generates a cookie [on the visitor’s device].
The name of the cookie is _ga and it expires in two years.
Based on the content of the generated cookie, the following data is sent to Google for collection and analysis: titles and URLs of pages visited on the MRI site, clicked links, browser and operating system, user-agent string, and other pertinent information.
MRI website visitor data sent to Google contains no information that can be used to identify visitors.
Collected and analyzed data is managed by Google in line with its privacy policy.

How to opt out (disable) visitor data collection
You can stop (disable) Google Analytics’ collection of MRI site viewing data with the Google Analytics Opt-out Browser Add-on. You can download it from Google’s download page (link below) and install it on your browser. It is available for Chrome, Safari, Firefox, and Microsoft Edge.
Note that when you disable Google Analytics, it will also be disabled for all other websites as well as the MRI site. You can reenable Google Analytics via the browser add-on.
Visit the Google Analytics website for further information and details on the service’s terms of use; visit Google’s website for further information and details on that company’s privacy policy (links below).

Information on Google Analytics

2.2 About the Shanon Marketing Platform

The MRI website uses Shanon Marketing Platform, a service of Shanon Inc., to analyze browsing activity on web pages involved in providing MRI services and how visitors use them.
When a visitor arrives on a relevant page on the MRI site, their browser reads a JavaScript from a Shanon-provided library and generates a cookie [on the visitor’s device].
The name of the cookie is _CAMVID. It expires in one year.
The generated cookie and page-viewing data are sent to Shanon by accessing a file on the Shanon website for collection and analysis.
When a cookie including personally identifiable data has already been issued (referencing, e.g., an application to attend a seminar) and is among those collected, analysis will proceed with the personally identifiable data intact; if no such cookie is present, the analysis will proceed with anonymized data. The thus collected and analyzed data is managed in according to Shanon’s privacy policy.
MRI uses Shanon Marketing Platform jointly with subsidiary Mitsubishi Research Institute DCS (“DCS”), and MRI and DCS jointly use the data collected by the service.

How to opt out of (turn off) data collection
If you have provided personal information to MRI but want to stop Shanon Marketing Platform data collection (or have data already collected deleted), send an opt-out or deletion request to Note, however, that opting out will also end all emailed content to you from MRI, including e-magazines and event notifications.

Further information on the Shanon Marketing Platform

2.3 Cross-domain tracking within the MRI website

MRI uses access analysis services to track activity on web pages following domains.

Google Analytics and Shanon Marketing Platform:

The platforms are set to conduct cross-domain tracking by exchanging between the domains the client IDs each one issues. This enables analysis of ongoing browsing activity when visitors move between the domains.

How to opt out of (turn off) data collection
To disable cross-domain tracking, you must opt out of information collection by both Google Analytics and Shanon Marketing Platform. Opting out of only one will not disable cross-domain tracking.

3. Social media use

The MRI site provides share buttons to facilitate posting links to site content on social media.
Clicking on one of the share buttons (social media icons) available on some pages displays a dialog box that, via specific actions, lets you post a link to the page you’re viewing on a social media site. (You’ll be prompted to do so if your browser isn’t already logged in to the site.)
When a visitor views a linked page via a social media site, it will collect data on their browsing activity on the MRI site. The data may be anonymized or associated with the viewer’s social media account. Check the social media site’s policies for details about what data it collects, how it collects the data, and what it does with it.

Share on Facebook

Share on Twitter

4. Links to non-MRI websites

The MRI website contains links to the websites of external entities, corporate and otherwise. MRI is not responsible in any way for personal data collected or retained by those websites or how they manage it.

III. About MRI’s Personal Information Protection Policy and How We Collect and Use Personal Data

MRI reviews and improves its personal information protection policy and how its collects and uses personal information so that visitors can feel safe entrusting their personal information to us. Changes are publicized on this website.
Initially published: 28 March 2005
Last updated: 19 December 2023