Privacy Policy

Privacy Policy

In order to comply with the Act on the Protection of Personal Information and other laws and regulations, Cenxus Group (the “Group”) sets forth its privacy policy as follows. “Personal Information” as used in this Policy refers to Personal Information as defined in the Act on the Protection of Personal Information and refers to information that can identify a specific individual

 

  1. Protection of Personal Information
    The Group shall develop internal rules concerning protection of personal information and stipulate clear policy on the handling of personal information. In addition, the Group shall implement the rules upon ensuring the understanding of them by relevant persons, and improve and maintain them.
  2. Obtainment of Personal Information
    If the Group needs to confirm your contact information upon receiving inquiries, the Group might ask you to provide your company name, your name, address, phone number or other Personal Information. Personal Information the Group obtains is limited to those that are necessary for providing services of the Group or services provided through the Group.
  3. Use of Personal Information
    The Group shall use Personal Information for the following purposes.
    ・Sending notifications on services handled by the Group
    ・Providing information and services of the Group
    ・Sending business notifications
  4. Provision of Personal Information to Third Parties
    The Group prohibits the provision of Personal Information to any third party except for cases in which prior consent is obtained or the provision is in accordance with laws and regulations.
  5. Correction and Deletion, etc. of Personal Information
    The Group shall confirm that the subject of Personal Information has such rights as disclosure, correction, and deletion of the Personal Information, and the Group shall comply with any such request.
  6. Security Measures
    In order to securely manage Personal Information, the Group shall take precautions to control access to Personal information, restrict taking out of Personal Information and prevent unauthorized external access.
Security Policy

In order to manage information assets appropriately, the Group hereby sets forth the Basic Policy on Information Security Policy. Its policy concerning privacy is stipulated in the Privacy Policy.

 

  1. Definition of Information Security
    Information security is defined as maintaining confidentiality, security, and availability of information assets held by the Group for business purposes.
  2. Purpose of Information Security
    The purpose of information security is to reduce the risk of loss or damage of information assets to specified acceptable levels or lower by appropriately managing information assets and information security.
  3. Scope of Application
    Information assets covered by this Policy are information obtained or learned in the course of the Group’s business activities and any information held by the Company for business purposes, and this Policy applies to all persons who use information assets.
  4. Establishment of Information Security Management System
    The Group shall establish the information security system by assigning an information security manager in each internal organization.
  5. Establishment of Information Security Policy
    In order to ensure information security, the Group shall establish this Policy and other rules and review them on a regular basis to enhance and improve the management system.
  6. Protection of Information Assets
    The Group shall manage and handle information assets in accordance with information security policy, including this Policy in addition to laws and regulations, and take proper and rational information security precautions.
  7. Response upon Compromise of Information Security
    In the event of any compromise in information security, the Group shall take the necessary precautions to minimize the impact, such as preventing the damage from spreading and recovery, and take measures to prevent recurrence.
  8. Enhancing Awareness of Information Security
    The Group shall regularly conduct necessary training programs concerning information security according to work duties to ensure appropriate security precautions and enhance information security awareness.