Skip to main content
search icon white search icon

Data Privacy Policy - Japan

Last updated December 2024

Milliman, Inc. and its affiliates (“Milliman” or “we”) take data privacy very seriously. This Privacy Policy sets out the principles governing Milliman’s and its branch office in Japan (Milliman Japan) collection, use, disclosure, transfer (“Processing”) and protection of Personal Information (as defined below) that website visitors, prospective clients and clients residing within Japan (“you”) share with us. Milliman is committed to handling Personal Information in accordance with this Privacy Policy, The Act on the Protection of Personal Information (Act No. 57 of 2003 as amended in 2020), Japan (APPI) and other applicable data protection and privacy laws.

Milliman, Inc. having its office at 1301 Fifth Avenue, Suite 3800,Seattle WA 98101-2646,USA and Milliman Inc.(Branch office) at Kojimachi 1-chome Bldg., 8F,1-6-2 Kojimachi, Chiyoda-ku, Tokyo 102-0083,Japan are acting as Personal Information Controller (“PIC”) in accordance with APPI with respect to the processing of Personal Information described in this Privacy Policy. This means that Milliman, Inc. and Milliman Japan are both responsible for the compliance with applicable data protection laws.

Collection of Data

Aggregate Data

Like many companies, Milliman monitors the use of its websites by collecting aggregate data. No Personal Information is collected in this process. Typically, Milliman collects data about the number of visitors to the website, to each web page, and the originating domain name of the visitor's Internet Service Provider. This data is used to improve the usability, performance and effectiveness of Milliman’s website.

Cookies, Third-Party Embedded Content and Do Not Track

For more detailed information describing how Milliman uses cookies and your choices surrounding the use and opt out of such cookies, including information about third party embedded content on Milliman’s website and how Milliman responds to Do Not Track signals in browsers, please review our Cookie Policy which can be found here.

Processing of Personal Information

In this Privacy Policy, “Personal Information” means information about a living individual in Japan from which the identity of the individual can be ascertained (including information which enables identification by easy reference to, or in combination with other information).

The Personal Information we collect varies depending upon the nature of the services provided and our interactions with you. In the context of the collection of Personal Information through this website, Milliman’s marketing activities and contract administration, we may collect, use, disclose, store, and otherwise process Personal Information of:

- Visitors to our websites (first name, last name, title, company, phone number, location, email address, subject of the request and message given) who request information about products or services from Milliman, for the purpose of the management of the relationship with clients and the administration of the website. The link to this Privacy Policy is available on our website and “Contact us” section.

- clients’ representatives, officers, agents and employees, business partners, providers, parties to a contract (name, professional address, title, email and other professional contact details) for contract administration purposes. The professional contact details of clients’ representatives, their employees and business partners are also used to activate and maintain client accounts, to fulfill requests or respond to inquiries about Milliman products or services and to provide offers and information (as permitted by law) about products, services, or events offered by Milliman or that Milliman thinks may be of interest. Milliman will process your Personal Information to fulfil contractual obligations with you, or in absence of contractual obligation we will notify you about the purposes for Processing your Personal Information by means of this Privacy Policy to process your professional contact details. Furthermore, where permitted by applicable data protection and privacy laws, Milliman may also collect, use, disclose, store, or otherwise process (i) your Personal Information for sending marketing communications; and (ii) professional contact details of its clients’ employees for sending surveys, questionnaires, or organizing contests. We may also collect and process limited Personal Information about you from public resources (such as LinkedIn) including your name/surname, email address, telephone number, organization, title/position, profession, professional interests, to allow us to assess a potential interest in our services and to contact you for marketing purposes.

When we communicate with you regarding the products and services we offer or develop or any other marketing communications, you will be given the opportunity in each communication to unsubscribe and prevent future communications of that sort. If you do not want us to collect this information from our marketing emails, or if you wish to unsubscribe from direct marketing communications from us by filling out the data subject request form as available under the section “Rights”. We will cease using your Personal Information for direct marketing purposes once you have requested us to do so.

If you provide us with Personal Information of another individual, it is your duty to make sure that these individuals have consented to or are appropriately informed about the processing of their Personal Information by Milliman.

You should also ensure that all Personal Information submitted to us is complete, accurate, true, and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested.

No automated decision-making is undertaken based on the Personal Information collected from you.

Affiliates and Authorized Third-Party Agents

All Milliman websites, products, and services are provided in cooperation with Milliman, Inc., located in the U.S. Any Personal Information may be shared between Milliman Japan and Milliman, Inc. or other entities controlled by or under common control with Milliman, Inc., for purposes of centralization of Milliman’s administrative, contract management, Client Relationship Management (CRM), IT maintenance, marketing and IT security practices, for the purpose of the website’s management and security, and to provide information about Milliman products, services, or events.

We may also share Personal Information with affiliated entities using the MILLIMAN® mark, in which case we will require those affiliates to comply with this Privacy Policy. Please note that we may be transferring your Personal Information to a country that does not have the same data protection laws as your home country. However, Milliman ensures that itself and its affiliates will process Personal Information in compliance with this Privacy Policy.

Milliman also may share Personal Information with authorized third-party agents or contractors that perform services for Milliman. If Milliman shares Personal Information with a third party, Milliman requires that those third parties agree to process Personal Information based on Milliman’s instructions and in compliance with this Privacy Policy.

Any transfers of Personal Information are subject to appropriate safeguards using contractual or other means to provide a similarly adequate level of protection in compliance with PIPA.

Other Disclosures

Milliman may also disclose Personal Information and other related information in response to subpoenas, court orders, or other lawful requests by public authorities, and to meet national security or law enforcement requirements. Milliman may collect and share Personal Information in order to investigate or take action regarding illegal activities, suspected fraud, violations of Milliman's Terms of Use, or as otherwise required by law or regulation.

Security

Milliman stores Personal Information on a secure server that is password protected and shielded from unauthorized access by a firewall. Milliman has in place security policies that are intended to ensure the security and integrity of all Personal Information. Milliman has appropriate technical and organisational measures in place to protect against unauthorised or unlawful processing of Personal Information and against accidental loss or destruction of, or damage to, Personal Information held or processed by Milliman. If Milliman forwards Personal Information to any third party, Milliman requires that those third parties have appropriate technical and organisational measures in place to comply with this Privacy Policy and applicable laws.

Data Retention

Milliman retains Personal Information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or not prohibited by law. Milliman will delete your Personal Information once the purpose of the collection and processing of such Personal Information has been fulfilled and the adequate duration for documentation and backup storage of such Personal Information has lapsed. If you have unsubscribed from receiving marketing information from us, we will continue to maintain your Personal Information for any other purpose for which we still have legal grounds for processing such Personal Information (such as for the purposes of complying with a legal obligation or when the processing is necessary for the purpose of our legitimate interest). In certain cases, if no other legal grounds exist, we will maintain limited Personal Information (such as your email address) about you on record, so as to be able to ensure for the future that such marketing communications are no longer sent to you.

Children

Milliman’s websites, products, and services are not directed to children, and Milliman does not knowingly collect Personal Information from children. If a parent or legal guardian becomes aware that his or her child has provided Milliman with Personal Information without their consent, the parent or legal guardian should contact us by filling out the data subject request form as available under the section “Rights”, and we will take steps to delete any such Personal Information.

Third-party Links

Milliman’ website may contain links to websites hosted and operated by companies other than us (“Third-Party Websites”) to which you can export (part of) your Personal Information.

We do not disclose your Personal Information to these Third-Party Websites without your explicit consent. Note that any information you disclose to Third-Party Websites is no longer under our control and no longer subject to this Data Privacy Policy.

You should review the privacy policy practices of any such Third-Party Website to understand how that Third-Party Website collects and uses your Personal Information should you have decided to disclose your Personal Information to them. We are not responsible for the content or performance of these Third-Party Websites. We are in no way responsible or liable for the manner in which a Third-Party Website treats any Personal Information that you choose to provide to such a Third-Party Website and use of Third-Party Websites is strictly at your own risk.

Policy Updates

Milliman may change its Privacy Policy from time to time. Milliman therefore asks all persons concerned to check it occasionally to ensure that they are aware of the most recent version.

Rights

Depending on the applicable law, you have a number of rights under the PIPA or such other applicable data protection and privacy laws in relation to your Personal Information, including:

  1. the right of access (Article 33 of APPI): you have the right to obtain from us confirmation as to whether or not Personal Information concerning you is being processed, and, where that is the case, access to (including by obtaining a copy of) such Personal Information and the manner in which, and the purposes for which we process your Personal Information, so that you can verify its accuracy and the lawfulness of the processing.
  2. the right to rectification (Article 34 of APPI): you have the right to obtain from us the rectification of inaccurate Personal Information concerning you, and the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
  3. the right to cease to use or deletion (Article 35 of APPI): the right to obtain from us the right to cease deletion of your Personal Information without delay where (a) your Personal Information is no longer necessary for the purpose for which it was collected/processed; (b) you wish to withdraw your consent to processing (except where we have another legal ground for the processing that we may rely on); (c) where your Personal Information has been unlawfully processed or handled in violation of APPI; or (d) to is being provided to the third party. We may not be able to cease third party transfers where ceasing third-party transfers requires a large amount of expenses, or in other cases where it is difficult to cease third-party transfers, and alternative action is taken to protect your rights and interests (Article 35(4) of the APPI).

You can exercise any of your rights as stated above, by filling out the data subject request form available here. For such requests, Milliman uses the Data Subject Access Request platform of the service provider One Trust. One Trust acts as Milliman’s data processor. We will endeavour to respond to any such request without undue delay and as prescribed under the applicable laws. We will endeavour to respond to any such request as soon as possible, and in any event within the legal deadline.

How to Contact Us

If you have any questions, complaints, or feedback relating to your Personal Information or about this Privacy Policy, please contact at [email protected].

Please note that if your Personal Information has been provided to us by a third party (e.g., your employer), you should contact that organization or individual to make such queries, complaints, and access and correction requests to Milliman on your behalf.

This Privacy Policy shall be governed in all respects by the laws of Japan.

popup image