.jpeg)
Last updated: 25 November 2025
1.Introduction
Int’l BUSINESS TAILOR Co., Ltd. and Int’l BUSINESS TAILOR Certified Administrative Procedures Legal Specialist Office (collectively “IBTL”, “we”, “us” or “our”) are committed to protecting the privacy and personal information of our clients, prospective clients, website visitors and other individuals whose data we handle.
This Privacy Policy explains how we collect, use, disclose, transfer and protect personal information in connection with:
・our main website and any related microsites (the “Website”)
・our newsletters, publications and online content
・our consulting, visa, licensing and cross-border compliance services
・our business contacts, vendors and recruitment activities
We act as:
・a “business operator handling personal information” under the Act on the Protection of Personal Information of Japan (“APPI”)
・a “controller” under the EU General Data Protection Regulation (“GDPR”) and the UK GDPR, where these laws apply
・a “business” under the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), where these laws apply
This Privacy Policy is for information purposes only and is not intended to create any contractual rights or obligations.
2.Who we are
・Int’l BUSINESS TAILOR Co., Ltd. – a Japanese corporation providing international business, visa, licensing and cross-border compliance consulting.
・Certified Administrative Procedures Legal Specialist Office – a Japanese “gyoseishoshi” office providing preventive legal advice, preparation of applications and representation before administrative authorities within the limits of Japanese law.
Unless we explain otherwise, IBTL is responsible for the processing of your personal information for the purposes described in this Privacy Policy.
3.Contact details
If you have any questions about this Privacy Policy or about how we handle personal information, please contact us at:
・Email: info@intl-business-tailor.com
・Postal address: [Insert IBTL office address in Japan]
・Contact form: [Insert URL of Website contact form]
If you are located in the EEA/UK or in California, you may also use these contact details to exercise the rights described in sections 11 and 12 below.
4.Scope of this Privacy Policy
This Privacy Policy applies to personal information that we process in connection with:
・visits to and use of our Website
・subscriptions to our newsletters, publications, alerts and event invitations
・the provision of our services to clients and prospective clients
・our business relationships with suppliers, partners and professional contacts
・our recruitment and talent-management activities
This Privacy Policy does not apply to:
・third-party websites or services that may be linked from our Website
・personal information that we process solely on behalf of a client as a processor / service provider under a separate contract (in that case, the client’s privacy notice will apply)
5.Personal information we collect
Depending on your relationship with IBTL, we may collect the following categories of personal information:
(1) Identification and contact details
Name, title, position, organisation, postal address, email address, telephone number, nationality, and similar contact information.
(2) Client and matter information
Information necessary to provide our services, such as:
・passport details, visa/residence status, date of birth, family information
・employment history, education history, professional qualifications
・corporate registration information, shareholding information, investment plans
・records of communications, instructions and documents you provide to us
(3) Website and technical data
・IP address, device identifiers, browser type, operating system
・access logs, pages visited, time and duration of visits
・cookie identifiers and similar online identifiers (see section 8 below)
(4) Marketing and events data
・subscriptions and marketing preferences
・responding to surveys and feedback forms
・event registrations, participation records, dietary preferences (where relevant)
(5) Vendor and business-partner information
・contact details of vendors and partners
・billing, bank account and payment information
・records of contracts, invoices and correspondence
(6) Recruitment data
・CVs/resumes, academic and professional history
・references, interview notes and assessment results
・other information you choose to provide in connection with applications
We generally do not seek to collect “special category” or sensitive personal data (such as health information, religious beliefs, trade-union membership, etc.) except where necessary for specific legal or service-related purposes and permitted by applicable law.
6.How we collect personal information
We may collect personal information:
・directly from you (for example, when you contact us, request a consultation, subscribe to a newsletter, attend an event, or apply for a position)
・from our clients and their representatives, where your information is relevant to a matter on which we are engaged
・from publicly available sources (company registers, professional networking sites, official gazettes, etc.)
・from business partners, referral sources and professional advisers
・automatically, through cookies and similar technologies when you use the Website
When you provide personal information about another individual (for example, a family member, employee, director or guarantor), you are responsible for ensuring that you have the authority to do so and that the individual is informed of this Privacy Policy.
7.Purposes and legal bases for processing
We process personal information only to the extent permitted by applicable data protection laws. The main purposes and corresponding legal bases are:
(1) Providing services to clients
・to respond to enquiries and requests
・to perform conflict checks and client onboarding
・to provide visa, licensing, compliance and consulting services
・to manage client relationships, billing and payments
Legal bases:
・performance of a contract or taking steps at your request before entering into a contract (GDPR/UK GDPR Article 6(1)(b))
・our legitimate interests in providing and managing professional services and in operating our business (Article 6(1)(f))
・compliance with legal obligations under Japanese, EU, UK, US or other applicable law (Article 6(1)(c); APPI)
(2) Operating our Website, IT systems and security
・to operate, maintain and improve the Website and our IT infrastructure
・to prevent unauthorised access, fraud and abuse
・to generate aggregated statistics on Website use
Legal bases:
・our legitimate interests in operating, securing and improving our Website and services
・where required by law, your consent to the use of certain cookies or similar technologies
(3) Marketing, publications and events
・to send you newsletters, alerts, publications and invitations that may be of interest
・to manage subscriptions and preferences
・to organise seminars, webinars and other events
Legal bases:
・your consent (where required under applicable law, for example for certain types of electronic marketing)
・our legitimate interests in promoting our services and maintaining business relationships
You may opt out of marketing communications at any time by following the unsubscribe instructions in our emails or by contacting us.
(4) Managing business relationships and vendors
・to manage relationships with suppliers, translators, IT providers and other business partners
・to negotiate and perform contracts
・to process payments and maintain accounting records
Legal bases:
・performance of a contract and taking pre-contractual steps
・our legitimate interests in managing our business and ensuring efficient procurement
・compliance with legal obligations (for example, tax and accounting)
(5) Recruitment and HR-related activities
・to process job applications and assess suitability
・to conduct interviews and communicate with candidates
・to maintain a talent pool where permitted
Legal bases:
・your consent (for example, to keep your details on file for future opportunities)
・our legitimate interests in recruiting and managing personnel
・compliance with labour and employment laws
(6) Compliance and risk management
・to comply with obligations relating to anti-money laundering, sanctions, anti-bribery and other regulatory requirements
・to respond to lawful requests and legal process
・to establish, exercise or defend legal claims
Legal bases:
・compliance with legal obligations
・our legitimate interests in protecting our rights, property and clients
We do not use personal information for purposes that are materially different from those described in this Privacy Policy without informing you and, where required, obtaining your consent or relying on another valid legal basis.
8.Cookies and similar technologies
Our Website uses cookies and similar technologies to:
・enable basic functionality and security
・understand how visitors use the Website
・improve the user experience and our content
Details of the cookies we use, their purposes and how you can manage your preferences are set out in our separate Cookies Policy, which should be read together with this Privacy Policy. Where required by law, we will obtain your consent before placing non-essential cookies.
9.Sharing of personal information
We may share personal information with:
・IBTL entities – between Int’l BUSINESS TAILOR Co., Ltd. and Int’l BUSINESS TAILOR Certified Administrative Procedures Legal Specialist Office, to the extent necessary for the purposes described above and in accordance with professional and confidentiality obligations
・service providers – including IT and cloud service providers, translation and interpretation providers, accountants, auditors, banks and other professional advisers, who process personal information on our instructions and are bound by confidentiality and data-protection obligations
・clients and counterparties – where reasonably necessary for the performance of our services (for example, submissions to immigration authorities, licensing bodies or other public authorities, and communications with counterparties)
・public authorities, regulators and courts – where required to do so by law or in order to protect our rights, our clients or others
・business transferees – in connection with any restructuring, merger, transfer or other disposition of all or part of our business or assets, subject to appropriate safeguards
We do not sell personal information to third parties and we do not share personal information for cross-context behavioural advertising within the meaning of the CCPA/CPRA.
10.International transfers
Because we operate in Japan and may use service providers located in other jurisdictions, personal information may be transferred to and processed in countries that may not provide the same level of data protection as the country in which you are located.
Where we transfer personal information from:
・the European Economic Area (“EEA”) or the UK to Japan, we rely on the European Commission’s and UK adequacy decisions for Japan, where applicable; and
・the EEA/UK to countries without an adequacy decision (for example, where we use cloud providers based in other jurisdictions), we use appropriate safeguards such as the standard contractual clauses or their UK equivalents, or rely on another lawful transfer mechanism.
In all cases, we take steps to ensure that any international transfers comply with applicable data protection laws and that your personal information remains protected.
11.Your rights under EU/UK data protection law
Where the GDPR or the UK GDPR applies to our processing of your personal information, you have the following rights, subject to the conditions and exceptions set out in those laws:
・Right of access – to obtain confirmation of whether we process your personal data and to receive a copy of that data and related information.
・Right to rectification – to have inaccurate personal data corrected and incomplete data completed.
・Right to erasure – to request deletion of your personal data in certain circumstances (“right to be forgotten”).
・Right to restriction – to request that we restrict processing of your personal data in certain circumstances.
・Right to data portability – to receive certain personal data in a structured, commonly used and machine-readable format and to have that data transmitted to another controller, where technically feasible.
・Right to object – to object to processing based on our legitimate interests or for direct marketing.
・Right to withdraw consent – where we rely on your consent, you may withdraw it at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
If you wish to exercise any of these rights, please contact us using the details in section 3. We may need to verify your identity before responding. You also have the right to lodge a complaint with your local data protection authority.
12.Your rights under Japanese law (APPI)
Where the APPI applies, you may have the following rights in relation to “retained personal data”:
・Right to request disclosure of retained personal data and records of third-party provision
・Right to request correction, addition or deletion where the data is inaccurate
・Right to request cessation of use or deletion where the data is handled in violation of the APPI or is no longer necessary
・Right to request cessation of provision to third parties in certain circumstances
Requests will be handled in accordance with the APPI and related regulations. We may ask you to provide information necessary to confirm your identity and to locate the relevant records.
13.Additional information for California residents
If you are a resident of California and the CCPA/CPRA applies to IBTL’s processing of your personal information, you have the following rights regarding “personal information” as defined in those laws:
・Right to know – to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes of collection, and the categories of third parties to whom we disclose it.
・Right to delete – to request that we delete personal information we have collected from you, subject to certain exceptions.
・Right to correct – to request that we correct inaccurate personal information about you.
・Right to opt-out of sale or sharing – to direct us not to sell or share your personal information (we currently do not sell or share personal information as those terms are defined in the CCPA/CPRA).
・Right to limit use and disclosure of sensitive personal information – where we process “sensitive personal information” as defined by law.
・Right to non-discrimination – we will not discriminate against you for exercising your CCPA/CPRA rights.
To exercise these rights, or to authorise an agent to act on your behalf, please contact us using the details in section 3. We will verify your request in accordance with applicable law.
14.Data retention
We retain personal information only for as long as necessary for the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.
Retention periods are determined by factors such as:
・the nature and sensitivity of the information
・the potential risk of harm from unauthorised use or disclosure
・the purposes for which we process the information
・applicable legal or regulatory retention requirements (for example, professional record-keeping obligations, tax and commercial laws, or limitation periods for legal claims)
When personal information is no longer required, we will securely delete or anonymise it, unless we are required by law to retain it for a longer period.
15.Security
We take appropriate technical and organisational measures to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include:
・access controls and authentication procedures
・use of secure networks and encryption where appropriate
・regular monitoring and testing of our systems
・internal policies, training and confidentiality obligations for personnel
However, no method of transmission over the internet or method of electronic storage is completely secure, and therefore we cannot guarantee absolute security.
16.Children’s privacy
Our Website and services are not directed to children under the age of 16, and we do not knowingly collect personal information from children below this age without appropriate consent. If we become aware that we have collected personal information from a child in violation of applicable law, we will take steps to delete that information.
17.Changes to this Privacy Policy
We may update this Privacy Policy from time to time, for example to reflect changes in our practices, in applicable laws or in our services.
When we make material changes, we will indicate the date of the latest revision at the top of this page and, where appropriate, provide additional notice (such as a banner on the Website or direct notification).
We encourage you to review this Privacy Policy periodically to stay informed about how we handle personal information.