Protection of Personal InformationThe Group shall develop internal rules concerning protection of personal information and stipulate clear policy on the handling of personal information. In addition, the Group shall implement the rules upon ensuring the understanding of them by relevant persons, and improve and maintain them.
Obtainment of Personal InformationIf the Group needs to confirm your contact information upon receiving inquiries, the Group might ask you to provide your company name, your name, address, phone number or other Personal Information. Personal Information the Group obtains is limited to those that are necessary for providing services of the Group or services provided through the Group.
Use of Personal InformationThe Group shall use Personal Information for the following purposes.
- Sending notifications on services handled by the Group
- Providing information and services of the Group
- Sending business notifications
Provision of Personal Information to Third PartiesThe Group prohibits the provision of Personal Information to any third party except for cases in which prior consent is obtained or the provision is in accordance with laws and regulations.
Correction and Deletion, etc. of Personal InformationThe Group shall confirm that the subject of Personal Information has such rights as disclosure, correction, and deletion of the Personal Information, and the Group shall comply with any such request.
Security MeasuresIn order to securely manage Personal Information, the Group shall take precautions to control access to Personal information, restrict taking out of Personal Information and prevent unauthorized external access.
Definition of Information SecurityInformation security is defined as maintaining confidentiality, security, and availability of information assets held by the Group for business purposes.
Purpose of Information SecurityThe purpose of information security is to reduce the risk of loss or damage of information assets to specified acceptable levels or lower by appropriately managing information assets and information security.
Scope of ApplicationInformation assets covered by this Policy are information obtained or learned in the course of the Group’s business activities and any information held by the Company for business purposes, and this Policy applies to all persons who use information assets.
Establishment of Information Security Management SystemThe Group shall establish the information security system by assigning an information security manager in each internal organization.
Establishment of Information Security PolicyIn order to ensure information security, the Group shall establish this Policy and other rules and review them on a regular basis to enhance and improve the management system.
Protection of Information AssetsThe Group shall manage and handle information assets in accordance with information security policy, including this Policy in addition to laws and regulations, and take proper and rational information security precautions.
Response upon Compromise of Information SecurityIn the event of any compromise in information security, the Group shall take the necessary precautions to minimize the impact, such as preventing the damage from spreading and recovery, and take measures to prevent recurrence.
Enhancing Awareness of Information SecurityThe Group shall regularly conduct necessary training programs concerning information security according to work duties to ensure appropriate security precautions and enhance information security awareness.