|Date of establishment||April 1, 2005|
|Date of final revision||October 1, 2017|
Executive Vice President & CEO(Acting)
Marubeni Information Systems Co., Ltd.
1. Acquisition, use, and provision of personal information
Marubeni Information Systems shall handle the acquisition, use, and provision of personal information in accordance with company rules governing the appropriate management of such information, taking into consideration the content and scale of business activities, after making clear the purposes of use of such information. In addition, it shall take measures to ensure that personal information is not handled for purposes other than the intended, necessary, specific purposes of use.
2. Respect for the rights of the subject of personal information
Marubeni Information Systems shall respect the rights of the subject of personal information. It shall respond, as appropriate (within a reasonable period of time and pursuant to relevant laws, regulations, and company rules) in the event it has received a request to notify the subject of any personal information it holds of the purposes of use of such information and shall disclose such information to them; it shall similarly respond to a request for revision or cessation of use of the personal information due to the inaccuracy of such information, or to a complaint or request for consultation concerning the handling of personal information.
3. Ensuring the security of personal information
To ensure the accuracy and security of personal information, Marubeni Information Systems shall implement reasonable security measures in the areas of both information security and the related administrative structure and shall implement measures to prevent incidents such as unauthorized access to, loss of, damage to, unauthorized alteration of, and leakage of personal information, in addition to prompt corrective measures in the event such an incident occurs.
4. Compliance with laws, regulations, etc.
In its handling of personal information, Marubeni Information Systems shall comply with the Act on the Protection of Personal Information, the privacy guidelines of the information-services industry, applicable laws and regulations on the protection of personal information, and government guidelines and other standards on the subject.