monday.com & Japan’s APPI

Japan’s Act on the Protection of Personal Information (APPI) provides a privacy protection framework for handling the personal information of individuals in Japan.

How does monday.com comply with the APPI?

monday.com does the following to comply with the requirements of the APPI:

• Regularly reviewing and updating policies and procedures to ensure our privacy program remains appropriately targeted and fit for purpose, including in relation to new laws and regulations established in Japan.
• Ensuring transparency around our processing of personal data, the purposes of our processing activities and the legal bases upon which we rely for such processing, including via our Privacy Policy and Job Candidate Privacy Notice.
• Notifying customers when any substantive changes are made to public-facing policies to align with updated data handling practices.
• Having procedures for handling data subject requests and enabling individuals to access their privacy rights.
• Having procedures for dealing with actual or suspected data breaches, including in relation to investigations and notifications.
• Providing regular privacy training for all relevant members of our staff.
• Ensuring appropriate contractual terms are in place to perform our role in relation to personal data under Japanese law.
• Embedding a robust vendor onboarding process and requiring all vendors to comply with relevant data protection obligations, including those offshore.
• Implementing robust security practices in line with industry practices and internationally recognised security certifications. See the monday.com Trust Center for further information.

If you have any questions concerning monday.com’s privacy program and our compliance with the APPI, please feel free to contact our Data Protection Officer & Privacy Team at dpo@monday.com.