Privacy Policy

Please refer to Company > Corporate Profile on Sojitz Corporation’s corporate website.

We will strictly comply with Personal Information Protection Laws, guidelines, industry self-regulation rules, and internal rules, etc. when carrying out operations in which personal information is handled.

We will acquire personal information by fair and legitimate means. In addition, unless permitted by Personal Information Protection Laws, we will not acquire any special care-required personal information without the prior consent of the individual to whom such personal information pertains.

• We will use personal information only for the purposes of use officially announced in advance or within the scope of use informed at the time of acquisition and to the extent necessary to carry out business.
• We will not use personal information in a manner that may encourage or induce illegal or unlawful activities.
• In the case where we share personal data with a third party, or entrust the handling of personal data to a third party, we will examine such third party rigorously, and perform proper supervision to ensure that such third party keeps the personal information confidential.

Except as provided by Personal Information Protection Laws, we will not provide personal data to any third party without the prior consent of the individual to whom such personal data pertains.

When we disclose or provide personal data to a third party located in a foreign country, we will comply with the rules of Personal Information Protection Laws, and in principle, we will obtain the consent of the individual in question after providing the information required by Personal Information Protection Laws in advance.

We will share personal data as follows:

• Personal Information Items
  The person's address, name, postal code, telephone number, fax number, email address, organization to which the person belongs, position in the organization, and other information included on the person's business card, as well as related information such as the date, time, and location of the business card exchange, etc.
• Scope of Shared Users Sojitz Corporation and Sojitz Group companies* * Refers to subsidiaries as defined in Article 8, Paragraph 3 of the Regulation on Terminology, Forms, and Preparation Methods of Financial Statements, and to affiliated companies as defined in Paragraph 5 of the same article. Please refer to Company > Operating Bases and Company > Major Group Companiess on Sojitz Corporation’s corporate website.
• Purpose of Use
  Personal information will be used for the purposes defined separately in the Purposes of Use of Personal Information .
• Name of Company Responsible for Managing the Personal Data
  We are responsible for the personal information that we share. For our address and representative, please refer to Company > Corporate Profile on Sojitz Corporation’s corporate website.

• We will work to store and manage personal information in an accurate and up-to-date manner, and will take the necessary safety control measures to prevent unauthorized access or leakage of personal information.
• We will take the following specific security management measures.

  I.Formulation of a Basic Policy and Maintenance of Discipline Regarding the Handling of Personal Data
  In order to ensure the proper handling of personal data, we will establish a basic policy that includes compliance with Personal Information Protection Laws and the creation of a point of contact for related questions and concerns.

  II.Organizational Safety Management Measures
  In addition to appointing a manager responsible for handling personal data, we will clarify the employees involved with handling personal data as well as the scope of the data, and we will establish a system for reporting and contacting the manager if evidence or indications of violations of Personal Information Protection Laws or internal rules is detected. In addition to regular self-inspections regarding the handling of personal data, we will undergo audits conducted by outside departments and third parties.

  III.Human Security Management Measures
  We will provide training to employees regarding precautions when handling of personal data. Articles concerning the confidentiality of personal data are included in the employee regulations.

  V.Physical Safety Management Measures
  In regions where personal data is handled, the Company places restrictions on employee access and on equipment that can be brought into the office. We will also implement measures to prevent unauthorized persons from viewing personal data. The Company will take measures to prevent the theft or loss of equipment, electronic media, and documents, etc., and takes measures to ensure that personal data is not easily revealed when such devices or electronic media are transported, including within company premises.

  V.Technical Safety Control Measures
  We will implement access restrictions in order to limit the scope of employee access to the personal information database, and of the database itself. We have implemented a system to protect information systems that handle personal data from unauthorized outside access or harmful software.

  VI.Understanding the External Environment
  We will implement safety management measures based on an understanding of the personal information protection system in place in the United States of America, where we store personal data.

We will promptly respond to requests from the owners of personal information for disclosure, correction, suspension of use, and deletion, etc. of their own personal data as well as to complaints and inquiries, in an appropriate manner and to a reasonable extent in accordance with Personal Information Protection Laws. Please contact the Personal Information Inquiry Desk listed separately.

To execute this Privacy Policy, we have formulated a compliance program for the protection of personal information (which includes this Privacy Policy, Personal Information Protection Regulations and other regulations and rules) and keep our employees and other interested parties fully informed of this program, and execute and maintain this program, as well as strive to properly manage personal information through ongoing review and improvement.