We will collect Personal Information in an appropriate way by expressly informing the subject of the relevant Personal Information of the purpose of use of the information in advance. In addition, we will use, provide, store or have a third party manage any Personal Information collected by us only within the scope of the purpose of use as publicized or notified in advance.
We will comply with laws and regulations, governmental policies and guidelines and other rules applicable to the processing of Personal Information.
We will strictly manage any Personal Information which we process and take appropriate preventive or rectification measures against the leakage, loss or destruction of such information.
We will create a permanent contact to ensure appropriate responses to complaints and inquiries from persons whose Personal Information is handled by us.
*1 “Personal information” means information concerning a living individual person, (i) that can identify a specific individual person by reference to an identifier such as a name, date of birth or address (including information that can be easily combined with other information and therefore can identify a specific individual person), or (ii) that contains an individual identification code as specified by Cabinet Order, such as facial recognition data, fingerprint recognition data, a passport number or license number.
*2 “Specific personal information” means personal information containing an individual number (My-number) as defined in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures (the “Act on Use of Numbers”).
I. Purpose of use of personal information
We will use personal information for the following purposes:
- Responding to inquiries or feedback received through our company website, sending documents and materials upon request;
- Conducting transactions required for our day-to-day operation, including purchases of goods, contracting of services, receiving contracts for services, and conducting financial transactions;
- Dispatching invitations and other communications to our shareholders, handling business affairs relating to shareholders;
- Dispatching invitations for seminars and briefing meetings and other communications to the press and stakeholders;
- Verifying and monitoring the identities of visitors to our facilities and the purposes of their visits in light of the assurance of security.
II. Security measures for personal information
For processing personal information, we will take appropriate measures that are required for the security management of personal data (hereinafter “Security Measures”) and strive to prevent the loss, destruction, alteration, unauthorized access and leak of data.
– We will not disclose any collected personal information without the consent of the data subject.
We will utilize the framework under the applicable laws and regulations, guidelines as well as our internal systems for information security management to appropriately implement the following Security Measures concerning personal data retained by us:
(1) Formulation of basic policy
– Formulating a basic policy for our organization-wide effort for the appropriate processing of personal data.
(2) Technical and physical security measures
– Limiting persons authorized to access personal data
– Monitoring status of access (obtaining and storing access logs)
– Restricting means to bring personal data outside (physical restriction for recording data on an external storage medium)
– Building a firewall to prevent unauthorized access from outside
– For inquiries received through the company website, encrypting data using SSL (Secure Socket Layer) communication
(3) Organizational security measures
– Formulating internal rules for the processing of personal information
– Appointing a chief information security officer who is responsible for the management of personal information
(4) Personnel security measures
– Education and training for staff members in relation to security management for personal information
III. Provision of personal data to third parties
We will use any collected personal information only for our internal purposes and will not provide it to third parties, excluding the following cases:
– if consent from the subject of the personal information (excluding specified personal information) is obtained;
– if we are required to disclose the information pursuant to laws and regulations;
– if personal information is to be provided in connection with a business transfer including merger of the relevant businesses; or
– if personal information is de-identified as statistical data.
V. Contact for disclosure and inquiries concerning personal information
In connection with personal information which is retained by us, any request for disclosure, a notice of purpose of use of information, correction, or the suspension of use or provision to third parties should be sent to the following contact address in writing or by email. We will respond to the request in accordance with the applicable laws and regulations after verifying the identity of the person submitting the request. For inquiries about the processing of personal information, consult the following contact in writing or by email. Note that fees are charged for responding to a request relating to disclosure of information and a notice of purpose of use of information. For specific procedures, please consult us. We do not accept in-person visits to our office.
1-8-19, Fujimi, Chiyoda-ku, Tokyo
5F, Sumitomo Fudosan Chiyoda Fujimi Building
Established on September 28, 2021
Revised on July 26, 2022
KDDI xG Networks Corporation