About personal information protection
Our company recognizes the importance of personal information and has adopted the following privacy policy.
1. Framework
- Establishment of the Chief Privacy Officer and the responsible official for audit of personal information protection
- Department manager is responsible for personal information protection of his/her department and nominates the person in charge for each operation to practice the personal information protection.
- By nominating a supervisor to educate the privacy policy to the employees and a complaints officer, they are in charge of in-company training and handling of complaints respectively.
- All employees, including dispatched workers and transferring employees, shall comply with the office regulations, the Basic Policy on the Protection of Personal Information and the basic regulations on the protection of personal information. They shall report without delay, if they face any defects and/or accidents.
2. About the consent from the person providing us with his/her own personal information
The person who are asked to provide his/her own personal information shall be notified of the following items.
- The purpose of collecting information
- Whether or not to outsource or deposit the information. If so, the intent of the company.
- Whether or not to provide the information to a third party. If so, the intent of the company and the destination.
- Contact details for inquiries about the treatment of personal information.
- The details about disclosure, correction, deletion and refusal. Method of identity verification and rough indication of the management.
3. About acquisition (collection) of personal information
- When the company receives the personal information from its owner, it shall notify the person of the purpose of use as well as the management of such information. Only if the person's consent is given, the company shall be permitted to acquire or collect such information.
- When personal information is commissioned to the company, it shall be utilized or treated within the consignment contract.
- When receiving someone's personal information from a third party, the company shall confirm the fact that such information's owner has known the purpose for using such information and has given the consent for the use. In the case where the owner of such information has not given the consent, the company shall request the person to give the consent.
- When acquiring personal information available to the public, the company shall specify the purposes to use such information, and utilize them within the range of such purposes.
4. About the retention and utilization of personal information
- The company shall treat the personal information within the purposes approved by the owners. When changing the purposes of use, the company shall receive the consent from the owner of such information.
- Concerning the information security from the outside risks, the company shall endeavor to protect the personal information and prevent third parties from acquiring such information in compliance with the personal information protection guidelines.
- Concerning the information security inside of the company, the company shall limit the number of persons who could treat the personal information based on their responsibilities, and shall establish the system that restricts access to unnecessary personal information.
- The company shall take measures necessary to protect the personal information depending on the purposes of use and the risks involved in each occasion, including the transport of the information and the destruction.
5. About outsourcing of personal information
The company shall not confide anybody to collect the personal information unless designated as a particular case or without any prior notice. In outsourcing the collection of the personal information, the company shall make notice to and have prior approval of the owner of such information. Providing that the name of the outsourcees should not be disclosed, the company shall have full responsibility for managing its outsourcees.
6. About provision of information to third parties.
The company shall not provide anybody with the personal information unless designated as a particular case or without any prior notice. In providing the information to a third party, the company shall receive the consent from the owner of such information at the time of acquisition or prior to the provision of such information.
7. About disclosure of personal information and the correction and deletion of the disclosed information
The company shall accommodate a request of disclosure, correction, and deletion of the personal information from the owner of such information unless designated as a particular case or without any prior notice. The company shall indicate the measures to accommodate such requests and the estimate of time required for the accommodation based on the individual basis or providing the prior notice.
8. About continuous improvement
The company shall endeavor to drive continuous improvement, by internal and external auditing and reviewing once or more a year. In addition to the periodical audits, the company shall cope with the defectiveness immediately upon detecting it.
In principle, the company shall deal with personal information in compliance with the provisions 1 to 8 mentioned above, except by the law and/or regulations, in an emergency that might threat the lives and properties, or under other unavoidable circumstances. The said exceptions shall be treated under the authority of the responsible person for protecting personal information.
Questions about the company's personal information protection policy and its implementation should be addressed to the person in charge of protecting personal information in the administration department.
※From time to time the company may revise its privacy policy in order to comply with introductions of or changes in the applicable laws and regulations, or to conform to changes in the company's regulations.