We take necessary measures to prevent the leakage, loss, and damage of personal information and to appropriately manage other personal information, and the main contents are as follows.
Formulation of basic policies: In order to ensure the proper handling of users' personal information, we will formulate basic policies regarding "compliance with related laws and guidelines, etc.", "desktop for questions and complaints," etc.
Establishment of regulations regarding the handling of users' personal information: Establishment of regulations regarding the handling of personal information regarding handling methods, persons in charge and their duties, etc. for each stage of acquisition, use, storage, provision, deletion/disposal, etc. I will do it.
Organizational safety management measures: In addition to establishing a person responsible for handling users' personal information, clarifying the employees who handle users' personal information and the scope of users' personal information handled by those employees, and ensuring compliance with laws and regulations. We will establish a system for reporting to the responsible person in the event that we become aware of any facts or signs of violation of regulations.In addition, we conduct regular self-inspections regarding the handling of personal data, and conduct audits by other departments and external parties.
Personnel safety management measures: We will provide regular training to employees regarding important points to note regarding the handling of users' personal information.
Physical security control measures: In areas where users' personal information is handled, we control the entry and exit of employees, restrict the devices they bring in, and take measures to prevent users' personal information from being viewed by unauthorized persons. We will implement it.
Technical safety management measures: We will implement access control to limit the scope of the personal information database, etc. of the person in charge and the users handled.In addition, we will introduce a mechanism to protect information systems that handle users' personal information from unauthorized access from outside or unauthorized software.
Understanding the external environment: When storing personal data in a country or region outside Japan, we will implement safety management measures after understanding the system for protecting personal information in that country or region.