The Company will endeavor to keep the Personal Information of Users accurate and up-to-date, and will formulate a basic policy and rules for handling Personal Information, and take the following necessary and appropriate safety management measures.
- Formulation of Basic Policy
In order to ensure the proper handling of Personal Information, establish a basic policy regarding compliance with relevant laws, regulations, guidelines and a contact point for handling questions and complaints. - Establishment of Rules regarding the Handling of Personal Information
Formulate rules for handling Personal Information at each of the stages of acquisition, use, storage, provision, deletion, and disposal regarding the handling method, the responsible person, the person in charge and their duties. - Organizational Security Control Measures
- In addition to appointing a person responsible for the handling of Personal Information, clarify the employees who handle Personal Information and the scope of Personal Information handled by such employees, and establish a system for reporting to the person in charge in the event that a fact or indication of a violation of the law or handling regulations is identified.
- Conduct periodic self-inspections of the status of the handling of Personal Information, and conduct audits by other departments and external parties.
- Establish a system to deal with leakage of information. - Human Security Management Measures
- Implementation of education and regular training thorough the dissemination of information to employees regarding the matters of attention on handling of Personal Information.
- Description of matters related to the confidentiality of Personal Information in the rules of employment and in the pledge signed by employees.
- Clarification of roles and responsibilities related to the protection of Personal Information of employees. - Physical Security Control Measures
- Entry and exit control of employees and restrictions on equipment brought in areas where Personal Information is handled.
- Introduce measures to prevent unauthorized persons from viewing Personal Information.
- Introduce measures such as locking and encryption to prevent theft or loss of equipment, electronic media, documents that handle Personal Information. - Technical Security Control Measures
- Setting management categories of Personal Information and access control.
- Management of access permissions to the Personal Information database.
- Measures to prevent leakage and damage of Personal Information.
- Introduce a mechanism to protect against unauthorized access from the outside or unauthorized software. - Understanding the External Environment
When handling personal data in a foreign country, we will implement safety management measures after understanding the system for protecting personal information in that country.
