HOME > Policy on Protecting Personal Information

Policy on Protecting Personal Information

The Company's basic policy for protecting personal information

March 1, 2005

Well aware of the importance of protecting personal information in a highly developed information/communications society like ours, MOL Logistics (Japan) Co. (hereinafter referred to as the Company), will do its utmost to protect personal information and thoroughly familiarize the Company executives, employees and all those concerned with this resolve.

  • Obtaining of personal information
    The Company will obtain personal information through legitimate and fair means.
  • Use of personal information
    • The Company will use personal information only when it is absolutely necessary in executing its day-to-day business activities within the framework of the purported extent clarified when obtaining such information.
    • When the Company shares personal information with a third-party, or entrusts the handling of personal information to a third-party, the Company will conduct a fair and rigorous investigation into the third-party concerned, and supervise the party to have it (the personal information) kept strictly confidential.
  • Offer of personal information to a third-party
    The Company will not offer personal information to a third-party without the subject's prior consent except for cases where Japanese law permits it.
  • Safe administration of personal information
    The Company pledges to keep/store as accurate personal information as possible, and do all it can to prevent unlawful access to personal information, loss, destruction, falsification and leak thereof, thereby holding the Company responsible for safe administration of personal information.
  • Rights to personal information
    The Company confirms the right of the subject person to demand disclosure, correction, and suspension of use/deletion of his/her personal information. In the event the Company is requested to do so, the Company will take necessary measures promptly.
    The Company will accept and respond to questions, requests for consultation/advice, complaints, etc., in respect to the handling/processing of the personal information of those concerned.
  • Compliance with relevant laws
    The Company will comply with the laws and regulations concerning personal information, and handle personal information in a proper administrative manner.
  • Compliance program on protection of personal information
    The Company will maintain the Company-enforced compliance program for the protection of personal information, and continuously improve the program to implement this fundamental policy.

Regulations on Protection of Personal Information

Chapter 1 - General Rules

Article 1: (Purpose)

The following regulations stipulate matters in respect to handling/processing personal information MOL Logistics (Japan) Co. (hereinafter referred to as the Company) is in possession of, and are intended to ensure that the Company executives (board members) and employees will obtain, use, offer and administer/control personal information in an appropriate manner, thereby protecting individuals' rights/benefits and privacy.

Article 2 : (Scope of application)

This bylaw (inner regulations) applies to all personal information being handled/processed within the Company.

Article 3: (Definition)

The definitions of the terminology used in this bylaw are stipulated in the following clauses:

  • (1) Personal information concerns living individuals, and one that can identify a specific individual by the information such as his/her name, birthday and other descriptions contained in it (the personal information herein referred to includes other information that can be collated to it easily to identify a specific individual).
  • (2) The subject is the individual whose identity is known (recognized) by the personal information concerned.
  • (3) Employees are those engaged in the Company's work at its work sites such as regular employees, contract workers, part-time workers/workers on the side, and those dispatched from temporary staffing agencies.
  • (4) The administrator (manager) of personal information is appointed by the President, and has the responsibility for, and authority over, the execution/operation of the compliance program.
  • (5) The personal information protection secretariat comprises an organization of the personal information administrator-appointed working-level personnel to execute and operate the compliance program.
  • (6) The person responsible for inspection (the chief inspector) is appointed by the President, is placed in a fair and objective post, and is empowered to execute inspection and report on its results.
  • (7) Recipients are judicial persons, other organizations and individuals that receive personal information.
  • (8) The personal information protection compliance program means a total in-house structure encompassing policies, organizations, plans, execution, inspection and reviews geared to the protection of personal information the Company possesses.
  • (9) Use (of personal information) means the in-house processing of personal information by the Company.
  • (10)Offer (of personal information) means making the Company-held personal information available to people outside of the Company.

Article 4: (Policy on protecting personal information)

The President shall lay down a policy to protect personal information containing the following items, and enforce/maintain the policy. The President shall set out the policy in written form, make it thoroughly known to the board members and employees, and take measures for general public to have access to it.

  • (1) A policy concerning acquisition, use and offer of permissible personal information that takes into account the contents of business and its scale.
  • (2) A policy concerning prevention of illegal access to personal information, loss, destruction, falsification and leak thereof, and remedial measures.
  • (3) Compliance with Japanese laws and other norms concerning personal information.
  • (4) A policy concerning continuous betterment of the compliance program.
  • (5) A policy concerning measures/ways to adequately and promptly respond to complaints, requests for advice/consultation from the subjects.

Chapter 2 - Obtaining of Personal Information

Article 5: (Obtaining of personal information)

When the Company obtains/acquires personal information, it shall clarify for what purpose(s) the information will be used, and shall employ the legitimate and fair means to obtain personal information within the bounds necessary to achieve the said purpose(s).

Article 6: (Ban on obtaining specific delicate personal information)

The Company shall not obtain specific delicate personal information that may cause social discrimination such as thought & creed, race and religion.

Article 7: (Measures to be taken when the Company obtains personal information directly from the subject)

In case the Company obtains personal information directly from the subject, it shall inform the subject of the following items in writing or a corresponding similar way, and secure the subject's consent.

  • (1) The department and contact person(s) to make an inquiry of concerning personal information.
  • (2) The purpose of obtaining/using personal information.
  • (3) When the Company is scheduled to offer personal information, the purpose of offer, the recipient of the information concerned, and whether or not there exists a contract (between the Company and the recipient) concerning treatment of the personal information concerned.
  • (4) In the event the Company is scheduled to entrust treatment of the personal information to a third-party, the reason for what.
  • (5) Whether or not the subject is offering his/her personal information voluntarily, and what consequences will befall the subject when the subject refuses to offer his/her personal information concerned.
  • (6) The subject's right to request disclosure of his/her personal information, the right for the subject to seek correction(s) to, or deletion, of the personal information found erroneous/incorrect, and concrete procedures for the subject to exercise these rights.

Article 8: (Measures to be taken when the Company obtains the subject's personal information from indirect source)

When the Company obtains personal information directly from other person(s) than the subject, the Company shall notify the subject of Items 4 trough 6 in Article 7 in a written form, or a corresponding method, and obtain the subject's consent except for cases stipulated in the following:

  • (1) When the Company obtains personal information from a person or persons who has (have) obtained the subject's consent in accordance with Item (3) in Article 7.
  • (2) When the Company is entrusted to treat personal information.
  • (3) When there is no risk of the subject's benefits, worthy of being protected, being infringed upon.

Chapter 3 - Use of Personal Information/Offer to Third-party

Article 9: (Use of personal information)

Personal information can be used only by the Company's board members and employees authorized to use it to the extent that it is absolutely necessary in the execution of their business within the scope of the purpose of using it.

Article 10: (Use of personal information for other purposes than permitted)

When the Company uses personal information beyond the authorized purpose(s), the Company shall notify the subject of Items 1 through 4, and Item 6 in Article 7 in writing or in a corresponding way, and obtain the subject's prior consent.

Article 11: (Joint use of personal information)

When the Company uses personal information jointly with a third-party, the Company shall pay heed to safe control/administration thereof and take necessary measures to ensure it.

Article 12: (Entrusting a third-party with treatment of personal information)

When the Company entrusts treatment of personal information to a third-party, the Company shall pay heed to its safe control, and take necessary measures to ensure it.

Article 13: (Offer of personal information to a third-party)

  • (1) The Company shall not offer personal information to a third-party without the subject's prior consent.
  • (2) When the Company offers personal information to a third-party, the Company shall notify the subject of Items 1 through 4 and Item 6 in Article 7 in writing or a corresponding way, and obtain the subject's prior consent.

Chapter 4 - Adequate control of Personal Information

Article 14: (Securing of accuracy of personal information)

The Company shall keep and administer personal information in an accurate and up-to-date condition within the scope necessary for achieving the objective of use.

Article 15: (Ensuring of personal information's safety)

The Company will implement necessary and appropriate measures against unfair access to personal information, loss, destruction, falsification and leak thereof.


Chapter 5 - Rights to Personal Information

Article 16: (Subject's own personal information)

  • (1) When the Company is requested to disclose his/her own personal information by the subject, the Company shall comply within a reasonable period of time.
  • (2) In case erroneous/incorrect personal information was found held by the Company as a result of the disclosure, and when the Company is requested to correct or delete such information, the Company shall in principle meet the request within a reasonable period of time. When the correction or deletion has been made, the Company shall inform the recipient of the personal information concerned of its action to the possible extent.

Article 17: (The subject's refusal to have his/her personal information used or offered to a third-party)

In case the subject denies the Company the right to use or offer his/her personal information to a third-party, the Company shall comply with the subject's request except for cases sanctioned by law.


Chapter 6 - Organization and System

Article 18: (Administrator in charge of protecting personal information)

The President appoints an administrator responsible for protection of personal information, and sets him or her the task to adequately control personal information in-house.
The administrator in charge of protecting personal information shall prepare/enforce in-house regulations concerning the protection of personal information, execute relevant safety measures and formulate/execute a compliance program for protecting personal information, thereby making the importance/significance of protecting personal information thoroughly known to the board members and employees of the Company.

Article 19: (Chief inspector)

The President appoints the chief inspector for conducting inspections to ensure an appropriate implementation of the compliance program concerning the protection of personal information.

Article 20: (Inspection)

  • (1) The chief inspector shall periodically inspect to ensure that administration of personal information will be carried out in an appropriate manner, in accordance with the compliance program for the protection of personal information.
  • (2) The chief inspector shall map out an inspection plan and execute it, and report the results of inspection to the President.
  • (3) When acts in violation of the compliance program for the protection of personal information were found in the process of administering personal information, the President shall order the administrator of personal information and those concerned to rectify the breaches/violations.
  • (4)Those ordered to correct the acts of violation shall take appropriate remedial measures without loss of time and report to the chief inspector on the contents of the measures taken.
  • (5) The chief inspector shall evaluate the corrective measures taken, and report to the President and the administrator responsible for the protection of personal information on his/her evaluation.

Article 21: (Duty to report)

  • (1) When employees discover/become aware of facts in contravention of the compliance program for the protection of personal information, or the probability thereof, they shall report the details of their discovery to the administrator in charge of protection of personal information.
  • (2) The administrator shall examine such report, and when a violation is confirmed, he/she shall report to the President on the fact without loss of time, and order those concerned to take appropriate corrective measures.

Article 22: (Penal rules)

The Company shall take disciplinary action against employees who have violated the company bylaw in accordance with the company rules.

Article 23: (Education)

The Company shall provide educational and training courses to employees continuously and regularly in conformity with the Company's educational/training program, to ensure the employees' understanding of the importance of the compliance program for the protection of personal information, and its execution to the letter.

Article 24: (Complaints and consultation)

The Company shall initiate a consultative office, accept and respond to the complaints and requests for advice filed by the subject in respect to personal information and the compliance program for the protection of personal information.

Article 25: (Review)

The President shall regularly review the compliance program for the protection of personal information to ensure the maintenance of appropriate protection of personal information in light of the inspection reports and conditions of the business environment.

Article 26: (Detailed regulations)

The Company will lay down the detailed regulations necessary for operating this bylaw.


Supplementary provision* This bylaw will come into force as from April 1, 2005.

Policy on Protecting Personal Information

Services
注目のソリューション

Global Office Network
Corporate Information

PAGE TOP