Privacy Policy

Sojitz Corporation (the “Company”) recognizes the importance of protecting personal information and regards the proper handling of personal information as a social responsibility. The Company hereby sets forth this Privacy Policy and will endeavor to protect personal information in accordance herewith. Unless otherwise defined in this Privacy Policy, capitalized terms used herein shall have the meanings given to them under the Act on the Protection of Personal Information (Act No. 57 of 2003) and other applicable laws and regulations (collectively, “Applicable Personal Information Protection Laws and Regulations”).

1. The Company and Sojitz Group Companies

For information regarding the Company’s address, representative and other details, please see the “Company Profile” page on the Company’s website:
https://www.sojitz.com/jp/corporate/profile/

In this Privacy Policy, “Sojitz Group Companies” means the Company and its affiliated companies as stated in the Company’s Annual Securities Report:
https://www.sojitz.com/jp/ir/reports/vsecurity/
as well as the companies listed on the Company’s website under “Domestic and Overseas Network” and “Major Group Companies”:
https://www.sojitz.com/jp/corporate/network/
https://www.sojitz.com/jp/corporate/group/

2. Compliance with Laws and Regulations

In handling personal information in the course of its business, the Company complies with Applicable Personal Information Protection Laws and Regulations, relevant guidelines, industry self-regulatory rules, and the Company’s internal rules, and will not use personal information for any unlawful purpose or in a manner that may facilitate unlawful acts.

3. Acquisition of Personal Information

The Company acquires personal information by lawful and fair means. The Company will not acquire sensitive personal information without obtaining the individual’s prior consent, except where permitted under Applicable Personal Information Protection Laws and Regulations.

4. Purposes of Use of Personal Information

The Company uses personal information only to the extent necessary to achieve the purposes set forth below and any other purposethat the Company separately notifies or publicly announces in advance.

  • Personal information of business partners of the Company or Sojitz Group Companies (including individual consumers and, where the business partner is a corporation, its officers and employees)
    • Consideration, negotiation, communication, consultation, ordering and receiving orders, settlement, and other procedures related to transactions
    • Delivery, provision, and receipt of goods, services, and other items related to transactions
    • Research, studies, and analyses relating to the businesses of the Company or Sojitz Group Companies
    • Provision of information relating to the businesses of the Company or Sojitz Group Companies (including information on promotions/campaigns and seminars/lectures)
    • Responding to inquiries, requests, and opinions addressed to the Company or Sojitz Group Companies
    • Other operations necessary for the appropriate and smooth conduct of the businesses of the Company or Sojitz Group Companies (including analyses for such purposes)
  • Personal information of shareholders of the Company or Sojitz Group Companies (and, where a shareholder is a corporation, its officers and employees)
    • Exercise of rights and performance of obligations as shareholders under the Companies Act and other applicable laws and regulations
    • Provision of benefits to shareholders and implementation of measures in relation to shareholder status
    • Shareholder administration, including preparation of shareholder data in accordance with prescribed standards under applicable laws and regulations
    • Other operations necessary for the appropriate and smooth conduct of the Company’s business
  • Personal information of applicants in recruitment activities of the Company or Sojitz Group Companies
    • Providing and communicating recruitment-related information, and screening and making hiring decisions
    • Providing and communicating documents and information necessary for onboarding after an offer is made
    • Other operations necessary for the appropriate and smooth conduct of the operations of the Company or Sojitz Group Companies (including analyses for such purposes)
  • Personal information of officers, employees, former employees (retirees), and their family members of the Company or Sojitz Group Companies
    • Business communications and information exchange; personnel measures (including transfers, evaluations, training, and career development)
    • Payment of compensation and benefits
    • Attendance and working-hours management
    • Responding to rights and obligations under labor-related laws and regulations, tax laws and regulations, and social security and welfare-related laws and regulations, including employee benefits administration
    • Procedures prescribed in internal rules
    • Communications with and provision of information to the Sojitz Labor Union, Sojitz Health Insurance Society, clinics/medical offices, employee shareholding association, alumni association, and Sojitz Group Companies
    • Filings and reports to governmental authorities, related organizations, and organizations of which the Company is a member
    • Provision of welfare services; introduction and administration of group insurance programs and related procedures
    • Distribution of internal newsletters and other materials
    • Emergency communications, including confirmation of whereabouts and safety in the event of disasters or other emergencies
    • Other labor management and operations necessary for the appropriate and smooth conduct of the businesses of the Company or Sojitz Group Companies (including analyses for such purposes)
  • Personal information of customers who contact the Company or Sojitz Group Companies via website inquiry forms, e-mail, social media, telephone, etc. (including individual consumers and, where the customer is a corporation, its officers and employees)
    • Responding to and addressing inquiries, requests, and other communications
  • Personal information of users of the Company’s or Sojitz Group Companies’ website or social media (including individual consumers and, where the user is a corporation, its officers and employees)
    • Providing digital services such as the Company’s or Sojitz Group Companies’ website and social media

5. Outsourcing

The Company may outsource all or part of the handling of personal data to third parties to the extent necessary to achieve the purposes of use described in Section 4. In such cases, the Company will select contractors appropriately and exercise necessary and appropriate supervision.

6. Provision of Personal Data to Third Parties

The Company will not provide personal data to any third party without obtaining the individual’s prior consent, except where permitted under Applicable Personal Information Protection Laws and Regulations.

7. Joint Use with Sojitz Group Companies

The Company jointly uses personal data as follows:

  • Items of personal data to be jointly used
    Name, address, postal code, telephone number, fax number, e-mail address, date of birth, age, the name and contact details of the individual’s company/organization (including its address, postal code, telephone number, and e-mail address), information regarding the circumstances under which the personal data was acquired, location information, passport number, and emergency contact information.
  • Scope of joint users
    The Company and Sojitz Group Companies.
  • Purposes of use by joint users
    The purposes of use set forth in Section 4.
  • Party responsible for the management of personal data under joint use
    With respect to personal data acquired by the Company and jointly used, the Company is responsible for the management of such jointly used personal data. For the Company’s address and representative, please refer to Section 1.

    For inquiries regarding joint use for which the Company is responsible, please contact us in accordance with Section 9.

8. Security Control Measures

The Company endeavors to keep personal information accurate and up to date and implements necessary and appropriate security control measures to prevent unauthorized access to, leakage of, loss of, or damage to personal data.

The Company’s security control measures include, without limitation, the following:

  • Establishment of a basic policy and internal rules
    The Company establishes a basic policy to ensure proper handling of personal data, including compliance with Applicable Personal Information Protection Laws and Regulations, and maintains a point of contact for inquiries and complaints.
  • Organizational security control measures
    The Company appoints a person responsible for handling personal data,identifies the employees who handle personal data and the scope of personal data handled, and establishes reporting and communication procedures in the event of any actual or potential violation of Applicable Personal Information Protection Laws and Regulations.
    The Company periodically conducts self-inspections regarding the handling of personal data and also conducts audits into other departments and/or external parties.
  • Personnel security control measures
    The Company provides education and training to employees regarding matters to be noted in handling personal data.
    The Company sets forth confidentiality obligations regarding personal data in its work rules and other internal regulations.
  • Physical security control measures
    In areas where personal data is handled, the Company manages employees’ entry and exit, restricts devices and other items brought in, and implements measures to prevent unauthorized persons from viewing personal data.
    The Company implements measures to prevent theft or loss of equipment, electronic media, documents, and other items that contain personal data, and, when transporting such items (including within the Company’s premises), implements measures so that personal data cannot be readily identified.
  • Technical security control measures
    The Company implements access controls to limit personnel authorized to access personal information databases, etc., and limits the scope of personal data handled.
    The Company implements measures to protect information systems handling personal data from unauthorized external access and malware.
  • Understanding the external environment
    When storing personal data in a foreign country, the Company implements appropriate security control measures after confirming the personal information protection framework of the relevant country or region.

    The Company outsources the storage of certain information, including personal data, to a cloud service provider located in the United States, and such personal data is stored in the United States under the management of such provider. The Company implements appropriate security control measures after confirming the personal information protection framework in the United States based on information made available by the Personal Information Protection Commission of Japan and other sources.

9. Requests for Disclosure, etc. and Other Inquiries

Individuals may make the following requests regarding the Company’s retained personal data: (i) notification of the purposes of use; (ii) disclosure of retained personal data or records of provision to third parties; (iii) correction, addition, or deletion; (iv) cessation of use or cessation of provision to third parties; and (v) deletion (collectively, “requests for disclosure, etc.”). Individuals may also submit complaints or inquiries regarding the handling of personal information (including inquiries regarding joint use).

To make such requests or inquiries, please send the documents listed in “(2) Request Documents” by postal mail to the contact point set forth in “(1) Contact Point” below (postage to be borne by the requester). The Company will verify the identity of the requester and respond appropriately in accordance with Applicable Personal Information Protection Laws and Regulations.

Please note that the Company may be unable to respond where requests are not made in accordance with this section, where identification documents are not provided, or where required fees are not paid.

  • Contact point
    2-1-1 Uchisaiwaicho, Chiyoda-ku, Tokyo 100-8691, Japan
    Sojitz Corporation, Legal Department
    Attn: Personal Information Inquiries (Privacy Desk)
  • Request Documents
    • Request form
      Please print out and complete the Company’s designated “Request Form Regarding Personal Information” available at:
      https://www.sojitz.com/jp/privacy/policy/privacy.zip [ZIP: 21KB]
    • Identification documents
      To verify identity, please enclose a copy of one of the following documents. If any changes are shown on the reverse side, please also include a copy of the reverse side. The Company may request additional documents as necessary.
      Driver’s license; front side of Individual Number Card (My Number Card); residence card; special permanent resident certificate; or passport.
    • If the request is made by a representative or other person acting on behalf of the individual
      If a representative or other person acts on behalf of the individual, please enclose the following documents in addition to the individual’s identification document(s) above.

      Documents required in all cases: identification document(s) of the representative (documents listed in b above).
      Request by a voluntary agent: a power of attorney handwritten by the individual and affixed with the individual’s registered seal, and the individual’s certificate of seal registration.
      Request by a statutory agent: a copy of the family register and/or extract or a copy of the resident record showing the relationship between the individual and the representative.
      Request by an adult guardian: certificate of registered matters regarding adult guardianship.
  • Fee
    For requests for notification of the purposes of use, or disclosure of retained personal data or records of provision to third parties, the Company charges a fee of JPY 1,650 (including consumption tax) per request. Payment must be made by bank transfer (bank transfer fees to be borne by the requester). After receiving the request form, the Company will provide bank account details as necessary.

[Revised: July 1, 2026]