TOHO HOLDINGS CO., LTD. (hereinafter referred to as the “Company”) develops a personal information management system while handling personal information properly in consideration of the importance of the protection of personal information, in compliance with the Act on the Protection of Personal Information (hereinafter referred to as the “Personal Information Protection Act”) and other rules, and in accordance with the Code of Ethical Practice of Kyoso Mirai Group and the Personal Information Handling Regulations stipulated by the Company.
Definition of Personal Information
Acquisition and Handling of Personal Information
The Company acquires personal information properly and fairly and specifies the purpose of use before the acquisition. The Company handles personal information to the extent necessary for the achievement of the purpose of use reported or announced in advance.
Provision of Personal Data
The Company does not provide or disclose any retained personal data to a third party, except for the following cases:
- When the approval of the person who has provided the data is granted;
- When the data is processed into statistical data that is not personally identifiable;
- When it is considered appropriate for the data to be dealt with by any of the Company’s group companies;
- When the data is provided or disclosed in accordance with the provisions of laws and regulations; and
- When information on the data is provided in compliance with the procedure set forth in paragraph 2 of Article 23 of the Personal Information Protection Act.
Provision to and Supervision of Contractor
When the Company entrusts services or places an order for systems related to the handling of personal information in order to advance work smoothly, it provides or discloses personal data to the contractors concerned to the extent necessary for the business on condition that the following measures are taken:
- Conclusion of a confidentiality agreement and others with the contractors to make the safety management of personal information compulsory; and
- Provision of necessary and proper supervision to the contractors.
Purpose of Use of Personal Information
Joint Use of Personal Information
- The Company may use acquired personal information jointly with each group company.
The items of personal information to be jointly used:
- Personal information concerning the business partners of the joint user •Personal information such as the names, addresses, workplaces, positions, telephone numbers, fax numbers, e-mail addresses, transaction information
- Personal information concerning the directors, auditors, corporate officers, regular employees, contracted employees, temporary employees, part-time workers, dispatched workers, etc. of the joint user •Personal information such as the names, addresses, workplaces, positions, telephone numbers, fax numbers, e-mail addresses and employment management
The scope of joint users
The joint users shall be the Company’s group companies.
The purpose of joint use
- The matters described in “Purpose of Use of Personal Information”
- The general operational management of the entire group by risk management and other means
- The consolidated accounting processing of the group
- Other performance necessary to perform transactions properly and smoothly
The person responsible for joint use
With respect to any person’s personal data to be jointly used, the company receives any requests and complaints regarding disclosure and others from the person, and is eligible for disclosure, revision, the suspension of use and the like, and is liable for the safety and other management of the personal data.
- The items of personal information to be jointly used:
- The Company uses the personal information stored in theMedical Data Base managed and operated by Nihon Ultmarc INC. (hereinafter referred to as the “MDB”) jointly with specific companies. For information on the items, scope of joint users, purpose of the use by joint users and person responsible for the management of personal data to be jointly used, please refer to the web site of Nihon Ultmarc INC. Each of the Company’s group companies jointly using the MDB is found in the List of MDB Members on the foregoing web site.
Management of Personal Data
The Company develops a personal data management system and maintains it in compliance with the following matters:
- To make efforts to maintain the accuracy and recency of the content of the personal data;
- To make efforts to take proper safety management measures for the personal data, such as the prevention of leakage, loss, destruction or alteration of, and unauthorized access to, the personal data, and to maintain such measures.
Education for Protection of Personal Information
The Company aims at thoroughly urging its officers and employees to enhance their recognition of the importance and need of protecting personal information.
Inquiry, Notice of Purpose of Use, Disclosure, Revision, and Suspension of Use Concerning Retained Personal Data
The Company reviews the policy of each provision above, aiming at improving it, from time to time in compliance with laws and regulations related to the protection of personal information.
Therefore, the policy of each provision above may be revised without prior notice. We ask for your prior understanding.
Enacted as of April 1, 2009
Revised as of October 1, 2012
Revised as of April 1, 2018