1. Acquisition of personal information
Acquisition of personal information shall be limited to the minimum extent necessary for the provision of products and services in the planning, development, maintenance and operation of systems, consulting and other information service operations, and for the processing of entrusted operations. increase.
2. Acquisition method of personal information
When acquiring personal information, we will clarify the purpose of use and do so in a lawful and appropriate manner.
3. Use of personal information
Acquired personal information will only be used for the following purposes as necessary for our business activities. We will not use personal information for any other purpose, and we will take necessary measures for that purpose.
Processing of information service operations entrusted to us by our customers
Operation and management of the information service business that the Company conducts itself
Information and provision of various products and services of our company (including affiliated companies and partner companies in some cases) to customers (including information on seminars, exhibitions, etc.)
Requests for questionnaires such as customer satisfaction surveys
Recruitment, recruitment, and consignment work related to our employees and cooperating companies
Work related to personnel affairs, labor affairs, general affairs, etc. of our employees (including retirees)
Business communication (including responding to inquiries or requests, etc.)
Other purposes for which the individual has been notified in advance and consent has been obtained
In addition, specific personal information will be limited to the scope of clerical work for which the use of individual numbers is permitted under the Number Act, and will be used only for clerical work determined in advance.
These purposes of use will be announced by posting the personal information protection policy on the website, etc., and if the information is obtained directly from the person in writing (including electronic and magnetic methods), the content of the information will be disclosed in advance. shall be clearly stated and the consent of the individual shall be obtained.
In addition, our company may jointly use personal information with other parties.
4. Provision of information
In principle, personal information will not be provided to third parties.
However, in the following cases, personal information may be provided to third parties to the extent necessary.
When the consent of the individual is obtained in advance
When entrusting all or part of personal information within the scope necessary to achieve the specified purpose of use
When required by law or when permitted by law
With regard to specific personal information, we will not provide it to third parties even with the consent of the individual, except in cases where the use of individual numbers is permitted under the Number Act.
5. Compliance with relevant laws and regulations
Regarding personal information, we will comply with laws and regulations regarding the handling of personal information, guidelines established by the government, and other norms.
6. Management of personal information
We will take appropriate measures to the extent necessary for business to keep personal information accurate and up to date.
In addition, in order to prevent and correct the leakage, loss or damage of personal information, we will take the following security control measures that are considered necessary and appropriate.
(1) Development of rules regarding the handling of personal information
・Establish rules for handling personal information for each stage of acquisition, use, storage, provision, deletion/disposal, etc., regarding handling method, responsible person/person in charge, and their duties, etc.
(2) Systematic security control measures
· Appoint a person responsible for the handling of personal information, and clarify the scope of personal information handled by employees who handle personal information
We have established a system for reporting and contacting the person in charge in the event of any fact or sign of violation of laws or handling regulations.
・Regular self-inspections are carried out regarding the handling of personal information, and audits are conducted by people from other departments.
(3) Personnel security control measures
・Regular training is provided to employees regarding points to note regarding the handling of personal information.
・Matters regarding the confidentiality of personal information are stated in the employment regulations.
(4) Physical security control measures
· In areas where important information systems such as servers that handle personal information are managed, employees who enter and leave the room and who do not have authority
We are implementing measures to prevent personal information from being viewed by.
· Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal information, and
When carrying such devices, electronic media, etc., we take measures to prevent personal information from being easily identified.
(5) Technical security control measures
・Access control is implemented to limit the scope of the person in charge and the personal information database, etc. handled.
・We have introduced a mechanism to protect the information system that handles personal information from unauthorized external access or unauthorized software.
(6) Understanding the external environment
・When handling personal information in a foreign country, we will implement security control measures after understanding the system regarding the protection of personal information in that country.
・When handling personal information in a foreign country, we will promptly respond to a customer's request for information on security control measures.
7. Continuous improvement of personal information protection management system
In order to ensure the proper handling of personal information, we will establish a personal information protection management system, thoroughly inform our officers, employees, contractors and other related parties, and conduct necessary and appropriate supervision.
In addition, we will continuously maintain and improve the contents of the personal information protection management system.
8. Requests and inquiries for disclosure, etc. of personal information
If there is a request for disclosure, correction, suspension of use, deletion, etc. of personal data held by the Company, we will promptly respond after confirming the identity of the person, unless there is a special reason. I will.
Regarding the above response, we will set up a contact point and respond according to the procedures specified by our company. Please note that we may charge a fee if necessary.
In addition, if we receive complaints, consultations, or inquiries regarding the handling of personal information from the person himself/herself, we will respond appropriately and promptly.