The Company will protect the personal information of customers and trade partners as well as shareholders and employees, and is deeply aware of its social responsibility and obligations to uphold that trust. To fulfill this responsibility, the Company and the Company Group shall endeavor to protect and manage personal information in accordance with the policy shown below.

1. Acquiring personal information

The Company will use legitimate and fair means to acquire personal information. When acquiring information, the Company shall notify the person in question (data subject) in advance of the use objective as well as the Company’s inquiry contact details.

2. Purpose of Use

The Company will only use personal information for the purpose of use. If the information is used beyond this scope, the prior agreement of the person in question (data subject) shall be obtained, excluding times when it is permitted by laws and regulations.

3. Security control measures

The Company shall take the appropriate information security control measures at its offices to prevent loss, destruction, falsification or leakage of personal information.

4. Handling third parties

The Company shall not disclose or provide personal information without the agreement of the person in question (data subject). Moreover, when sharing personal information with third parties or providing information to third parties for business consignment purposes, the Company shall enter into an appropriate agreement with the said third party and take the legally required measures.

5. Inquiries

The Company recognizes the person’s (data subject’s) right to disclose, revise, prohibit the use of, or delete their own personal information, and shall promptly respond within a reasonable scope to such requests.

6. Legal compliance and improvements

The Company shall comply with personal information protection-related laws, regulations and standards, and continuously review its activities relating to personal information protection while endeavoring to improve and enhance them as required.

7. Implementation and raising awareness

The Company shall establish “Personal Information Protection and Management Rules” to implement personal information protection, and raise awareness of those rules among directors and all employees (including part-time and dispatched workers) as well as other people concerned.