Mitsui-Soko respects the personal information of visitors to its website and endeavors to safeguard their privacy.
- When handling personal information belonging to our visitors, we assign a control officer and implement appropriate controls.In addition to preventing information leaks, we also work to safeguard our visitors’ personal information by implementing appropriate and reasonable safety measures aimed at shielding personal information from such threats as unauthorized access from outside the company.
- Visitors to our website do not normally need to provide personal information such as their addresses or names in order to view the site.However, the site includes pages from which visitors can make inquiries, etc., and visitors accessing such pages may be asked to supply personal information. Even if this is the case, only essential information need be supplied.
- Personal infomation supplied by visitors will not be revealed to a third party.However, we may disclose personal information without the visitor’s consent if required to do so by law or if asked to do so by a public agency such as a court or the police.
- Regarding our handling of personal information, we will review this policy from time to time and continue to improve it.
Mitsui-Soko is extremely conscious of its social responsibility to handle and manage personal information appropriately and has therefore drawn up the following policy concerning the safeguard of personal information. Mitsui-Soko has also established internal control systems, which it continues to maintain and improve.
- Collection, Use and Supply of Personal Information: We only collect personal information when necessary from an operational or administrative perspective, and we will not use such information for purposes other than that for which it was initially collected. In addition, we will not supply or disclose such information to third parties unless it is necessary to do so to provide services we have been contracted to provide, to comply with legal requirements, or to protect the public interest.
- Management of Personal Information: In addition to taking preventative measures to protect personal information from unauthorized access as well as from being lost, destroyed, tampered with, or leaked, we also stand ready to take prompt corrective action should any problem occur.
- Compliance: We will comply with laws and regulations concerning both the safeguard of personal information and other matters.
- Establishment of Control Systems: We will establish and continually review control systems and appoint a personal information protection officer in order to maintain appropriate systems for safeguarding personal information.
- Employee Education: We will educate our employees, etc. on matters concerning the safeguard of personal information in order to spread and raise awareness of this Personal Information Protection Policy and the separate Personal Information Protection Rules.
Mitsui-Soko is extremely conscious of its responsibility to protect the information assets in its possession: confidential information held by the company, confidential information received from visitors, and personal information visitors. We have therefore established an information security management system that we will maintain through the implementation and ongoing improvement of the following measures.
- Establishment and Maintenance of the Information Security Management System: To ensure that the employees, directors, etc. (including temporary and part-time staff) who use our information assets understand and comply with the Basic Policy on Information Security, we have established an information security management system that we will maintain through the establishment of a strong organizational environment and the adoption of thorough risk management measures.
- Formulation of Standards for Security Measures: We will draw up a document, entitled Basic Guidelines for the Information Security System, defining the basic conditions and judgment criteria that must be followed to achieve compliance with this Basic Policy on Information Security.
- Compliance with Other Applicable Laws, etc.: We will comply with our duty of confidentiality as stipulated by applicable laws or contractual obligations, establish voluntary management standards as needed, and maintain security. We will also have companies to which we outsource work sign contracts compelling them to comply with this Basic Policy on Information Security and the Basic Guidelines for the Information Security System. In addition, we will take necessary measures to ensure the protection of personal information via separate Personal Information Protection Rules.
- Establishment of an Organizational Framework for Promoting Security: We will appoint a Chief Information Security Officer (CISO), establish an organizational framework for monitoring and managing information security, and clearly define roles and responsibilities.
- Employee Education: We will design and implement educational programs concerning information security in order to ensure that our employees are familiar with this Basic Policy on Information Security and the Basic Guidelines for the Information Security System, and to raise their level of awareness concerning information security.