1. Home
  2. Privacy Notice
  3. Handling of Personal Information

Handling of Personal Information

Olympus* recognizes the importance of protecting personal information in the network society and believes that it is Olympus’s social responsibility to protect personal information thoroughly. Olympus will handle personal information properly in accordance with the below “Olympus group personal information protection policy”.

*”Olympus” in the context of ”handling of personal information” carries the meaning of Olympus and its group companies.

Issue date 1 April 2022
Latest revision: 22 June 2026

  • Olympus Group personal Information protection policy

    1.Implementation of internal measures

    Olympus has implemented internal measures to protect all personal information. All Olympus directors and employees receive training and communication accordingly. To ensure proper implementation of necessary measures to protect personal information, inspections are conducted on a regular basis.

    2.Proper Handling of Information

    Olympus will acquire personal information only within the scope necessary and informs the principal about the purpose of use at the time of collection. In addition, Olympus handles personal information only within the scope necessary and will respond to a principal’s request for disclosure, rectification, deletion or cease of use of his or her personal information swiftly to and to a reasonable extent. Furthermore, Olympus handles specific personal information only within the scope permitted by law.

    3.Limitation of Disclosure and Provision of Personal Information to Third Parties

    Unless consent of the principal is obtained, or otherwise permitted by law, Olympus will not disclose or otherwise provide retained personal information to third parties.
    Furthermore, unless permitted by law, Olympus will not disclose or provide specific personal information to any third party, regardless of whether the principal’s consent has been obtained or not.
    In cases in which Olympus is outsourcing a business activity, Olympus will enter into a contract with the outsourcing partner that includes obligations to properly handle personal information. In addition, Olympus will perform sufficient supervision and instructions towards the outsourcing partner.

    4.Ensuring Accuracy and Safety

    Olympus strives to maintain accurate and up-to-date retained personal information and takes appropriate security measures against risks such as unauthorized access to personal information, loss, destruction and falsification, and leakage of personal information.

    5.Compliance with Laws and Regulations, and Continuous Improvements

    Olympus obeys to laws, regulations, and standards applicable to the protection of personal information, and strives to review and make continuous improvements to the above-mentioned measures.

Declarations as stipulated in the Act on the Protection of Personal Information

Olympus hereby declares the following information as stipulated in the Act on the Protection of Personal Information.

  • 1. Personal information handling business operators
    Personal information handling business operators Address Representative
    Olympus Corporation 2951 Ishikawa-machi, Hachioji-shi, Tokyo 192-8507 Bob White
    Olympus Medical Systems Corp. 2951 Ishikawa-machi, Hachioji-shi, Tokyo 192-8507 Kota Ishibiki
    Olympus Marketing Corp. 2951 Ishikawa-machi, Hachioji-shi, Tokyo 192-8507 Hironobu Kawano
    Nagano Olympus Co., Ltd. 6666 Inatomi, Tatsuno-machi, Kamiina-gun, Nagano 399-0495 Akira Tanaka
    Aizu Olympus Co., Ltd. 3-1-1 Niiderakita, Aizuwakamatsu-shi, Fukushima 965-8520 Akira Tanaka
    Aomori Olympus Co., Ltd. 2-248-1 Okkonoki, Kuroishi-shi, Aomori 036-0357 Akira Tanaka
    Shirakawa Olympus Co., Ltd. 3-1 Oaza-Odakura-Aza-Okamiyama, Nishigo-mura, Nishishirakawa-gun, Fukushima 961-8061 Akira Tanaka
    TmediX Corporation Shinjuku Monolith, 2-3-1 Nishi-Shinjuku, Shinjuku-ku, Tokyo 163-0914 Osamu Koyata
    Olympus-Supportmate Corp. 2951 Ishikawa-machi, Hachioji-shi, Tokyo 192-8507 Kumi Tatsuta
  • 2. Utilization purpose of personal information

    Olympus will utilize acquired personal information for the purposes stated below.

    In cases where, by means of contract or other notifications, we have specified separate utilization purposes, said utilization purposes will take precedence over those stated below.

    Regardless of the utilization purposes stated below, there might be further utilization cases to the extent laws permits.

    Subject to acquisition Utilization purpose
    (1) Personal information of customers and medical personnel
    • Provision of information related to arrangement and shipment of products and services
    • Sales of products, their repair and maintenance and inspection as well as provision of after sales services, management of inquiries
    • Notification and performance of seminars, academic conferences, exhibitions, events, contests, campaigns, trainings, and other activities hosted, co-hosted or sponsored by an Olympus Group company or in which Olympus has a display or is giving a presentation
    • Planning, research, development and marketing of products
    • Access control and access history management of facilities managed by Olympus
    • Performance of negotiations, meetings and other communications with customers
    • Handling and documentation of all inquiries, requests for materials and other customer services
    • Handling of all payment procedures
    • Performance of investigations and documentation, as well as reports to government institutions as required by law and other legal ordinances.
    (2) Personal information of business partners’ and legal entities’ affiliated personnel
    • Performance of negotiations, meetings, communication and other interactions with business partners as well as provision of information thereto
    • Performance of business operations commissioned to Olympus by business partners
    • Invoicing and management of business affairs between Olympus and business partners
    • Access control and access history management of facilities managed by Olympus
    • History management of education provided by Olympus
    • Performance of investigations and documentation, as well as reports to government institutions as required by law and other legal ordinances.
    • Compliance with laws and regulations and risk management related to transactions with our company.
    (3) Personal information of shareholders
    • Exercise of rights and obligations under corporate law
    • Provision of benefits to the shareholder in accordance with his/her position as a shareholder
    • Performance of measures to maintain a smooth the relationship between the shareholders and Olympus, in terms of the members of the association and the association itself
    • Performance of shareholder management as stipulated by law, such as management of shareholders, preparation of shareholder data etc.
    (4) Personal information of job applicants (incl. interns)
    • Selection of candidates, provision of information and interview results
    • Performing operations related to the recruitment process
    • Management of recruitment operations
    (5) Personal information of directors and employees (incl. their families and relatives, and retirees)
    • Business-related communication and procedures
    • Communication with corporate health insurance associations, corporate pension funds and labor unions, as well as Among Olympus group companies
    • Performance of investigations and documentation, as well as reports to government institutions as required by law and other legal ordinances.
    • Operations related to human resources and labour management
    • Further utilization as stipulated in internal policies.
    (6) Personal information patients
    • Performance of investigations and documentation, as well as reports to government institutions as required by law and other legal ordinances.
  • 3. Provision of personal information to third parties

    Except for the instances stated below, Olympus will not share any personal information with third parties.

    • Consent has been provided by the individual
    • The information is provided to contractors or other parties to the extent necessary to achieve the utilization purposes
    • Mergers or other cases of business succession
    • Joint utilization as stipulated in chapter “4. Joint utilization of personal information”
    • In urgent cases that require the protection of the life, body, or property of an individual, as well as other cases permitted by the Act on the Protection of Personal Information (APPI)
    • To the extent permitted by other laws and regulations

    Supervision of entrusted parties (outsourcing)

    In cases where business activities are entrusted to other parties, Olympus ensures sufficient supervision and instructions, incl. conclusion of contracts that stipulate the appropriate handling of personal information.

    Provision of personal information to foreign countries

    Personal information acquired by Olympus might be processed by Olympus or entrusted parties in other countries or regions such as Europe, America, China, etc.
    In such cases, privacy regulations of the specific country or region will apply. For an evaluation of privacy regulations, kindly refer to the official website of the Personal Information Protection Commission website open in new window (Japanese only).
    In cases where Olympus provides personal information to Olympus or entrusted parties outside of Japan, Olympus will implement sufficient measures to protect personal information to the extent required by Japanese and foreign privacy law.

  • 4. Joint use of Personal Information

    (1) Olympus

    Olympus may jointly use, within the Olympus group, personal information acquired by Olympus group entities.

    (a) Purpose of utilization and items of personal information jointly used
    Purpose(s) of utilization Items of personal information
    To provide services to the principal and to achieve the purposes of use that have been notified or publicly announced Name and contact information (company name, department name, job title, address, telephone number, fax number, e-mail address, product purchase history, inquiry and request history), and other similar items

    If we jointly use items of personal information other than the above, the principal will be separately notified or such joint use will be publicly announced.

    (b) Scope of joint use
    All Olympus group entities
    (c) Entity responsible for the management of the jointly used personal information
    Olympus Corporation (For the representative and address, kindly refer to chapter “1. Personal information handling business operators”)

    (2) Health Insurance Association, Corporate Pension Fund, and Labor union

    The Health Insurance Association, the Corporate Pension Fund, and the Labor Union jointly use employees’ personal information acquired by Olympus.

    Health Insurance Association

    (a) Purpose of utilization and items of personal information jointly used
    Purpose(s) of utilization Items of personal information
    The Health Insurance Association, pursuant to the Health Insurance Act and the Act on Assurance of Medical Care for Elderly People, and Olympus, pursuant to the Industrial Safety and Health Act, carry out the maintenance and promotion of the health of insured persons; health guidance (including specific health guidance) for the prevention of lifestyle-related diseases; measures to prevent aggravation and other disease-control measures; and the planning of effective health projects. Symbols and numbers, name, date of birth, sex, age, address, telephone number, e-mail address, business office name, employee number, date of medical checkup, checkup reservation date, name of medical institution, items of the checkup performed, numerical results of the checkup, questionnaire responses, records of specific health guidance, and other information relating to recipients of health examinations (periodic health examinations and specific health examinations)
    (b) Scope of joint use
    Olympus and Olympus Health Insurance Association
    (c) Entity responsible for the management of the jointly used personal information

    Olympus Corporation (For the representative and address, kindly refer to chapter “1. Personal information handling business operators”) and Olympus Health Insurance Association (Representative: Kenya Mori; Address: Shinjuku Monolith, 2-3-1 Nishi-Shinjuku, Shinjuku-ku, Tokyo)

    Corporate Pension Fund

    (a) Purpose of utilization and items of personal information jointly used
    Purpose(s) of utilization Items of personal information
    For calculating figures relating to retirement benefit accounting Name, sex, date of birth, identification number, date of qualification acquisition, date of loss of qualification, reason for retirement, base salary, notional principal account balance, pension and lump-sum payment status, and other items necessary for retirement benefit calculations
    For administration of pension and lump-sum benefit payments and tax calculation Name, date of birth, basic pension number, identification number, date of qualification acquisition, date of loss of qualification, reason for retirement, leave of absence history, base salary, notional principal account balance, matters related to withholding tax on retirement income, and other items forming the basis for benefit amount calculations
    For sending pension and lump-sum withdrawal payment claim form Name, address, telephone number, corporate e-mail address, personal e-mail address, identification number, and other items necessary for sending
    For handling matters relating to the death of former employees Name, date of death, address, telephone number, identification number, and other items necessary for such handling
    (b) Scope of joint use
    Olympus and Olympus Corporate Pension Fund
    (c) Entity responsible for the management of the jointly used personal information
    Olympus Corporation (For the representative and address, kindly refer to chapter “1. Personal information handling business operators”) and Olympus Corporate Pension Fund (Representative: Kenya Mori; Address: Shinjuku Monolith, 2-3-1 Nishi-Shinjuku, Shinjuku-ku, Tokyo)

    Labor Union

    (a) Purpose of utilization and items of personal information jointly used
    Purpose(s) of utilization Items of personal information
    For the collection of union dues and the performance of practical operations relating to welfare programs provided to union members and their families Name, affiliation information, workplace information, position, e-mail address, date of birth, date of joining the company, salary information, leave of absence information, and other items necessary for such operations
    For use as basic data in labor-management consultations concerning the wages and other labor conditions of union members Name, affiliation information, workplace information, position, working hours, and other items necessary for such consultations
    (b) Scope of joint use
    Olympus Corporation and Olympus Labor Union
    (c) Entity responsible for the management of the jointly used personal information
    Olympus Corporation (For the representative and address, kindly refer to chapter “1. Personal information handling business operators”) and Olympus Labor Union (For the representative and address, please refer to the official portal site of the Olympus Labor Union)

    (3) Nihon Ultmarc Inc.

    Olympus Corporation, Olympus Marketing Corporation and TmediX Corporation handle the "Medical Database (MDB)", a database of basic information on healthcare professionals and medical institutions nationwide provided by Nihon Ultmarc Inc., jointly with certain healthcare-related companies.

    Please refer to Nihon Ultmarc's website for the utilization purpose of personal information and other details.

    個人情報の共同利用について | 株式会社日本アルトマーク / Nihon Ultmarc INC. opens in new window

  • 5. Technical and organizational security measures

    Establishment of basic policy

    • For handling personal information appropriately, Olympus established a basic policy including topics such as “implementation of an internal system”, “proper handling information”, “limitation of disclosure and provision of personal information to third parties”, “ensuring accuracy and safety”, “compliance with laws and regulations, and continuous improvements”.

    Establishment of rules for handling personal information

    • Olympus has established a policy covering stages and performance of activities such as acquisition, use, storage, provision, deletion/disposure of personal information. Relevant managers in charge are stipulated as well.

    Organizational security control measures

    • Olympus appointed a responsible staff/managers in charge of supervising the handling personal information Roles and responsibilities are clearly defined.
    • Olympus has implemented appropriate processes to promptly respond to (potential) incidents.
    • Olympus has established measures to ensure transparency over data processing activities.
    • Olympus periodically checks the status of handling personal information.

    Personnel-related security measures

    • Olympus regularly educates the directors and the employees on security control measures related to protection of personal information.
    • Regular communication as well as events and campaigns to promote awareness.
    • Items related to the confidentiality of personal information are stipulated in internal rules etc.

    Physical security control measures

    • Appropriate access control is implemented for employees in areas where personal information is handled.
    • When carrying personal information, encryption and password protection are used to prevent leakage etc.
    • When documents or electronic media containing personal information are disposed of, they are done so in a manner that makes them unrecoverable.
    • Deployment of security personnel to protect premises

    Technical security control measures

    • Access controls are in place to limit the access to personal information only persons necessary.
    • Olympus has established measures to protect personal information handling systems from unauthorized access and malicious software.

    Security control measures for entrusted parties

    • Rules in place for selection of adequate parties that handle personal information.
    • Contracts etc. in place between Olympus and entrusted parties that stipulate handling of personal information based on Olympus standards.
  • 6. Disclosure of personal information

    Olympus is ready to respond to individuals’ requests (incl. such, filed by the principal’s agent) for disclosure※1 of the individuals retained personal information.
    For individuals who have registered through any websites, there might already be an inquiry function that can be used to make the request directly via that website.

    ※1 Disclosure etc. includes: disclosure, rectification, addition, deletion, cease of use, erasure, cease of third-party provision of the principal’s personal information, disclosure of records of third party provision, and notification of purpose of use.

    Request form

    Kindly download the form below and fill in the necessary information.
    Documents to submit
    • 1. Disclosure request form
    • 2. Identification for verification that the Personal Information in question does indeed pertain to the individual who is making said request (Either (1) or (2) must be provided)
      • Copy of a valid drivers' license or a valid passport: One copy
      • Copy of pension card or health insurance card together with certificate of residence: One set
    • 3. Fee (Only requests regarding utilization purpose and disclosure) 1,600 Yen / company (in fix-amount postal money order)
    Requests via agent

    If the demand is filed by an agent, the following must be submitted, in addition to the documents specified in (1) through (3) above:

    • 1. For agents with Power of Attorney:
      Documents providing evidence that the party making the request has Power of Attorney from the person to whom the personal information relates (Both (1) and (2) below must be submitted).
      • Power of Attorney (with the seal of the grantor): 1x
      • Certificate of a Grantor incl. seal: 1x
    • 2. For statutory agent:
      • Document providing evidence that the said agent is legally entitled to represent the individual in question: 1x
    Address

    Personal Information Inquiry Desk HR HRIS operations site operation & planning
    Olympus Corporation
    Shinjuku Monolith, 2-3-1 Nishi-Shinjuku
    Shinjuku-ku, Tokyo
    163-0914
    Disclaimer
    • Kindly send the request/documents via a method that is traceable.
    • After all necessary processes at Olympus have been performed, a reply will be made via registered mail or e-mail. Olympus will reply within three weeks upon receival of the request. In cases that take more time, Olympus will inform the individual.
    • For requests regarding the utilization purpose and disclosure of personal information, kindly enclose 1,600 Yen in the envelope (fix-amount postal money order).
      (1,600 Yen per request)
    • Only fix-amount/postal money order is accepted
    • In cases where Olympus may legally not be able to handle your request or where no retained personal information exist, the individual will be informed via e-mail or post. (Kindly understand that the fee will not be refunded).
    • In cases of lack of information on part of the requestee, Olympus will contact said individual. If no further reply was received within 1 month thereof, the request will be dismissed.
    • The personal information received in relation to the request will only be used to fulfill said request and not returned.
  • 7. Provision of anonymously processed information

    Olympus will continuously make use of anonymously processed information, in compliance with its obligations under the Act on the Protection of Personal Information, other applicable laws and regulations, and relevant guidelines, for the purposes of promoting the health of people in society and extending healthy life expectancy.

    Provision of anonymously processed information

    Items of relating to individuals to be provided Method of provision to recipients Anonymously processed information handling business operator
    • Patient-related information(age, sex or gender, medical history, treatment history, etc.; however, any medical history or treatment history that could identify a specific individual is not included)
    • Information regarding the surgery (disease name, surgical method, duration of surgery, and the amount of intraoperative blood loss. However, disease name and surgical procedures that can identify a specific individual is not included)
    • Information regarding the physician performing the surgery (Years of experience, number of cases handled, whether the physician is certified as an endoscopy specialist, the scale of the affiliated medical institution, etc.; however, the physician’s name and the facility name are not included)
    • Video footage of endoscopic surgery recorded for surgical purposes, and information related to such footage
    • Information such as surgical steps, surgical area, and lesion extent added by physicians to video footage of endoscopic surgery recorded for surgical purposes
    • Delivery by hand or shipment using external storage media protected by advanced security
    • via cloud services protected by advanced security
    • via secure storage protected by advanced security
    • Olympus Corporation
    • Olympus Medical Systems Corporation
    • Endoscopic video footage relating to patients, names of organs, lesion information, whether organ cleansing was performed, whether there is a history of prior treatment, and pathology test results
    • Results of physicians’ visual assessment of lesion extent
    • Password-protected electronic files delivered by hand using external storage media
    • via cloud services protected by advanced security
    • via secure storage protected by advanced security
    • Olympus Corporation
    • Olympus Medical Systems Corporation
  • 8. Inquires on handling of personal information

    Any inquiries regarding Olympus’ handling of personal information or anonymously processed information can be sent to the e-mail address below:

    privacy@olympus.com

    Any personal information provided by the individual in relation to the inquiry will only be used by Olympus to the extent needed to fulfill the request.

  • 9. Other information

    Olympus may have additional stipulations within a specific business activity or services.
    Olympus may change or amend the policy for “Handling of Personal Information” in accordance with any changes of the Act on the Protection of Personal Information, including any of the above publications or processes, without prior notice.

  • 10. Change history
    Date Content changed
    22 June 2026
    • Addition of a new purpose of use regarding the acquisition of personal information of individuals affiliated with corporate business partners.
    • Addition of the method of providing anonymously processed information.
    1 April 2026
    • Adjustment of representatives due to corporate changes.
    • Revision of the description and layout regarding joint use of personal information for improved clarity.
    • Revision of the description regarding anonymously processed information for improved clarity.
    12 July 2024 Deletion of Olympus Terumo Biomaterials Corp. due to business transfer.
    1 April 2024 Adjustment of representatives due to corporate changes.
    1 April 2023
    • Adjustment of representatives due to corporate changes.
    • Adjustments regarding the provision of personal information to third parties without consent. Also, information on cross-border transfers and security measures for entrusted parties have been added.
    • Additions to technical and organizational measures.
    • Addition of current provision of anonymously processed information.
    • Change to one single e-mail address for inquiries.
    • General overhaul for easier readability.
    • Merged contents from prior recruiting page with this page.
    • Change log created and published as of 1st April 2023.
    1 April 2022 Addition of addresses of the personal information handling business operators as well as names of their representatives as stipulated in the latest revision of the APPI.
    Addition of technical and organizational security measures as stipulated in the latest revision of the APPI.