1. Compliance with laws and regulations and continuous improvement of management frameworks

2. Acquiring personal information

3. The Company will use the personal information obtained for the following purposes

- Personal information of Members who use the Company's Services

• (1) To contact them to authenticate and confirm their membership to the Services
• (2) To respond to inquiries and complaints
• (3) To provide information on medical care, pharmaceuticals, and related matters
• (4) To analyze information on usage of the Services, such as browsing history and activity history, and to provide information on the Company's Services or services provided by third parties that are suitable for Members
• (5) To contact Members or Clients
• (6) To send campaigns, prize plans, questionnaire surveys, ranking plans, products, etc.
• (7) To research and analyze marketing data and develop new services (in this situation, information will be used in a way that prevents specific individuals from being identified)
• (8) To commission work or request monitoring, etc., for the planning, development, production, promotion, sales, and provision of Services
• (9) To analyze information on the usage of Services, such as browsing and activity history, to improve the Services, enhance their quality, and develop new services
• (10) To analyze information such as browsing history and activity history to provide services and display content (including advertisements) customized for individual Clients, etc.
• (11) To analyze and score information on a Member's activity history within the Services (including the types of content viewed and the content posted by the Member) and public information, as well as information on the Member's medical specializations, paper co-authors, number of co-authored publications, etc. obtained from third parties such as database providers, and provide said scores to third parties.
• (12) For system maintenance, responding to malfunctions, and achieving other aims required for technical or operational purposes
• (13) To provide third parties, such as clients who use the Services, with information obtained publicly and from third parties, such as database providers, regarding the Member's medical specializations, paper co-authors, number of co-authored publications, etc., as reference information, by adding this information to personal information for which consent has been obtained in advance to provide to third parties
• (14) For other purposes as individually determined by the Company’s Services
• (15) For provision to third parties to the extent necessary to carry out the above purposes

- Personal information concerning the Company's clients

• (1) For making contact as required for business, executing contracts, conducting business negotiations, etc.
• (2) To manage client information

- Personal information about individuals making inquiries

• (1) To respond to inquiries

- Personal information of applicants for employment selection processes

• (1) To provide employment information to the applicant or contact/notify them
• (2) To determine whether to accept or reject applicants for employment

4. Provision of personal information to third parties

5. Managing subcontractors

6. Shared use

7. Notifications of revisions

8. Development of internal systems

9. About encrypted communications

10. Addressing requests from Clients

11. Cookies

(1) What are cookies?

This website uses cookies to provide better services to customers.
Cookies store information about your visit to this website on your computer (or other Internet-capable devices such as a smartphone or tablet). For example, cookies can be used to obtain information such as the number of times a website has been visited and the pages visited.
You can configure your browser to block cookies. However, please be aware that blocking cookies may interfere with normal access to all or parts of the Company's services and with the proper use of all or part of the functions provided by the Company's services.

(2) Intended use of cookies

The Company uses cookies and similar web tracking technologies (web beacons, pixels, etc.) for the following purposes:

1. 1 Remembering login status and using it to authenticate Members and maintain sessions
2. 2 To refer to the Member's stored registration information upon login to the Company’s Services and provide them with customized Services for each Member.
3. 3 To improve the Company's Services by assessing the use of Services by Members (number of visits, date and time of visits, etc.)
4. 4 To use behaviorally targeted advertising¹ provided by third-party companies

(3) Behaviorally targeted advertising

The Company uses behaviorally targeted advertising provided by the following third-party companies. The Company also uses the following services provided by third parties to display message information sent by Clients on some of its services to other Clients using the same services. The Company may provide the third party companies with personal information in a form that cannot be used to identify individual Clients. This information will be handled per the privacy policy and other rules set forth by the third-party companies. Those who do not wish to have behaviorally targeted ads displayed can disable this functionality by following the respective opt-out procedures². In addition, those who do not wish to use third-party services can also disable this functionality by following the opt-out procedures³. Please refer to each company's website, including those listed below, for explanations and opt-out procedures for each form of behaviorally targeted advertising and explanations and opt-out procedures for other services provided by third parties.

(1) Facebook Advertising: Custom Audiences

- Provider: Facebook, Inc.
- About Custom Audiences: https://www.facebook.com/business/help/744354708981227
- Cookie collection and use: See "Cookies and Other Storage Technologies" (https://www.facebook.com/policies/cookies/).
- Opt-out procedures: See "About Facebook Ads" (https://www.facebook.com/about/ads).

(2) Google Analytics (including functionality for display advertisers), Google Ads

- Provider: Google, LLC
- Cookie collection and use: See "Google Analytics Terms of Use" (https://www.google.com/analytics/terms/jp.html) and Google's Privacy Policy (https://policies.google.com/privacy)
- Opt-out procedures: See "Google Analytics Opt-out Add-on" (https://tools.google.com/dlpage/gaoptout) and Google Ads Settings (https://adssettings.google.com/).

(3) Twitter Ads: Tailored Audiences

- Provider: Twitter, Inc.
- About Tailored Audiences Based on Lists: https://business.twitter.com/ja/help/campaign-setup/campaign-targeting/tailored-audiences/TA-from-lists.html
- Cookie collection and use: See "Twitter's Use of Cookies and Similar Technologies" (https://help.twitter.com/ja/rules-and-policies/twitter-cookies).
- Opt-out procedures: See "Customized Ad Display Settings" (https://help.twitter.com/ja/safety-and-security/privacy-controls-for-tailored-ads).

(4) YDN (Yahoo! Display Ad Network)

- Provider: Yahoo Japan Corporation
- Handling user information: https://marketing.yahoo.co.jp/service/ad_privacy.html
- Opt-out procedures: See the above page.

(5) Twilio

- Provider: Twilio Japan LLC
- The Company uses Twilio to display message information sent by Clients through the MedPeer Talk service to other Clients who use this service.
- Twilio Terms of Service: https://jp.twilio.com/ja/legal/tos-japan
- Twilio Privacy Policy: https://www.twilio.com/ja/legal/privacy
- Opt-out procedures: Please contact the inquiries team using the information in "12. Procedures for disclosure of personal information" or use the inquiry form (https://medpeer.co.jp/contact/).

Note:

1. Behaviorally targeted advertising uses cookies to deliver advertisements tailored to your interests based on information such as your accumulated activity history.

2. If you follow the opt-out procedures, certain Service functions may become unavailable. Please agree to this in advance before performing these procedures. Please note that if you change your browser or device or delete cookies after completing the opt-out procedures, you will need to complete the opt-out procedures again.

3. If you follow the opt-out procedures, certain Service functions may become unavailable. Please agree to this in advance before performing these procedures.

12. Procedures for disclosure of personal information

- Inquiries:

MedPeer, Inc. Corporate Headquarters
Address Ginza Shochiku Square 9F, 1-13-1 Tsukiji, Chuo-ku, Tokyo, Japan
E-mail：info@medpeer.co.jp

- Requesting Disclosure

Please send requests for Disclosure to the e-mail address above.
Please note that requests cannot be accepted by telephone or fax.

- How to request Disclosure

1. 1）After receiving your request for Disclosure, the Company will send you a form by mail.
2. 2）Please complete all necessary information and return the form to the inquiries team. When returning the form, please write "Request for Disclosure of Personal Information Enclosed" on the envelope.

a. When the request for Disclosure is made by the individual in question

Please enclose a copy of one of the following to confirm your identity:

• - Driver's license
• - Health insurance card
• - Pension book
• - Certificate of residence
• - Passport
• - Foreign resident registration card

b. When a representative requests Disclosure

Alongside the document in a. above for the individual in question, please enclose documents to verify the proxy's identity and a letter of attorney.
Please note that the Company will not be able to respond to your request if the requested documents are incomplete or it cannot contact you.

- Responding to requests for Disclosure

The Company will confirm the content of any request for Disclosure received and endeavor to send the results to you within one month of receipt of the request form. Please note, however, that there may be delays due to unforeseen circumstances. In principle, the Company will reply to you using the method you specified when applying. However, if it is difficult to do so, the Company will respond to you by the method specified by the Company after notifying you to that effect. If the Company cannot accept your application for reasons such as the following, it will notify you to that effect and provide the reason.

• a. If your identity cannot be verified
• b. If the request is made by a proxy and their power of representation cannot be confirmed
• c. If the submitted documents are incomplete
• d. When the request for Disclosure is not related to personal information eligible for disclosure
• e. If there is a risk of harm to the life, body, fortune, or other rights and interests of the person concerned or a third party
• f. If there is a risk of significant hindrance to the Company's business operations
• g. In case of other violations of laws and regulations

- Costs for Disclosure

The Company will bear the actual costs required for the procedure and the cost of correspondence that it sends. However, in some cases, it may ask the applicant to bear costs within a reasonable scope. Please note that the applicant must bear all costs for sending documents to the Company.

13. Inquiries