April 1, 2018
Representative Director & Chief Executive Officer
Idemitsu Kosan Co.,Ltd.
To appropriately protect and manage information in its business activities, the Idemitsu Group established the General Principles for Information Management on July 6, 2004 and the Personal Information Protection Regulations on October 1, 2004.
1. Basic Principles
In handling personal information, we shall comply with the Act on the Protection of Personal Information, other relevant laws and regulations, and guidelines and other instructions provided by the competent authorities.
2. Principle of Obtainment
We shall limit the obtainment of personal information to within the scope of the business objectives of the Idemitsu Group, and we shall state clearly the purposes of use of such information on written documents and other materials received from customers and obtain such information with their consent.
3. Principle of Use
We shall limit use of personal information in our custody to within the scope of the purposes of use.
4. Principle of Provision and Disclosure
Except in the following cases, we will not provide or disclose personal information to third parties:
- When we have received the consent of the customer;
- When we have received an inquiry from a public organization pursuant to laws and regulations;
- When, solely within the scope necessary to achieve the purposes of use, we entrust the handling of all or part of a customer's personal data to a third party under appropriate management and oversight by the Idemitsu Group;
- In other cases as mandated by laws and regulations.
5. Principle of Ensuring Accuracy
Solely within the scope necessary to achieve the purposes of use, we shall maintain customers' personal data accurately as received and keep it up to date.
6. Principle of Prevention of Unauthorized Access
We shall strive to prevent unauthorized access to or loss, destruction, falsification, or leakage of personal information.
7. Principle of Disclosure etc. of Personal Data in Custody
We shall respond promptly and appropriately to requests for disclosure, correction, or deletion of personal data in our custody.
8. Continual Improvement
We shall strive to improve continually the protection of personal information and the structure of our management of personal information.
April 1, 2018