Personal Information Protection Policy
Congress Corporation (hereinafter referred to as “Congress”) recognizes the importance of personal information and the importance of our responsibility to protect privacy. To ensure that we meet the demands and earn the trust of society, including our clients, business partners and all persons involved, we have established the following “Personal Information Protection Policy” and organization to handle personal information properly.
- To ensure a transparent framework and responsibility, Congress shall appoint a chief privacy officer and a chief privacy auditing officer, establish the rules for handling personal information, and familiarize all persons engaged in handling personal information with these rules through comprehensive training.
- Congress shall set forth clearly in advance the purpose of acquisition and use of personal information. In case of acquiring personal information directly from a person in a written document, Congress shall clearly express the purpose of acquisition and obtain consent from the person concerned in writing in advance, and acquire, use and/or provide to a third party the information within the scope necessary. In order to prevent unauthorized use of personal information beyond the scope agreed and necessary, Congress shall document this policy and purpose of use in “The Handling of Personal Information” and ensure that all employees maintain common knowledge of the policy and that the policy is available to the general public.
- Congress may entrust information concerning clients and business partners to other enterprises (hereinafter referred to as “contractors”), within the scope of its purpose of use. In this case, Congress shall select contractors that meet the standards for the protection of personal information set by Congress, sign a contract on the protection of personal information, and take responsibility for its management and supervision.
- Congress shall take reasonable security measures for the prevention of unauthorized access to personal information, leakage, loss or damage of personal information. In the unlikely event of an accident, Congress shall promptly notify the person concerned to that effect or ensure that the person concerned has ready access to the report on the situation, or take other appropriate measures.
- Congress shall adhere to the laws, regulations and guidelines of Japan pertaining to the handling of personal information, and define procedures in accordance with these regulations.
- Congress shall periodically carry out audits to ensure that personal information protection is properly maintained and continually improve its personal information protection management system.
- Should the person concerned submit a request, complaint or inquiry with respect to personal information for disclosure, such as a request for notification of the purpose of use; disclosure; correction, addition, or deletion of content; suspension or discontinuation of use; or cessation of provision to a third party, Congress shall respond without delay after its customer service representative in charge of personal information has confirmed the identity of the person concerned.
Congress may amend the above policy without notice and all amendments will be made public through its website.
Formulated: June 1, 2005
Most recent revision: July 20, 2007
Handling of Personal Information
- Purpose of use of personal information obtained or held by Congress from users
- Administrative procedures, communication, etc, concerning use of the Congrès Convention Center
- Notification of information concerning use of the Congrès Convention Center or other business activities conducted by Congress (will not be sent to persons who request not to receive such information)
- Requests to complete questionnaire surveys
- Answers to inquiries addressed to the Congrès Convention Center
- Photography of events or other occasions and the use of such photographs for publicity purposes in publicity materials and on websites
Users shall never be compelled to provide personal information to Congress under any circumstances. Should they be unable to provide personal information, however, this may render them unable to receive all or part of the services offered by Congress.
- Provision to third parties of personal information obtained by Congress
Congress shall not provide personal information to third parties, with the exception of the following cases.
- With the consent of the person concerned
- If required by law
- When providing information to a contractor who has signed a confidentiality agreement, in order to fulfill the purpose of use
Should the person concerned request that the provision of information be discontinued, Congress shall comply without delay.
- Entrusting of personal information obtained by Congress
Congress may entrust the handling of personal information to contractors, within the scope of its purpose of use. In this case, Congress shall select contractors that meet the standards for the protection of personal information set by Congress, sign a contract on the protection of personal information, and take responsibility for its management and supervision.
- Safety measures for protection of personal information
Congress shall formulate rules for the protection of personal information, provide education and training with the aim of familiarizing all persons engaged in handling personal information with these rules, and regularly monitor the status of compliance. Congress shall also endeavor to maintain and improve the safety management measures required for the protection of personal information.
- Administrative procedures and fees for disclosure, correction, discontinuation of use, and other measures regarding information
Users may request the disclosure, correction, discontinuation of use, and other measures concerning the personal information held by Congress on the person concerned. Requests for disclosure must be made by completing the required information in the official Request for Disclosure form and sending it by post to the Customer Service Representative in Charge of Personal Information at Congress, together with a copy of proof of identity (an ID card including a photograph issued by a public agency, such as a driver’s license or passport.) The specified fee must be paid when requesting the disclosure of information. In principle, the response to a request for disclosure of information will be sent by post to the address of the person concerned. With respect to requests for correction, discontinuation of use, or other measures regarding information, the concerned information may be corrected, added or deleted or its use discontinued after the identity of the person concerned has been confirmed.
Note: Documentation confirming an individual’s identity may include the Japanese Record of Permanent Domicile, which contains sensitive information that Congress is prohibited from obtaining. In this case, please render such information illegible before sending it.
- Contact information for inquiries, complaints or other questions about the handling of personal information
nquiries, complaints or other questions about the handling of personal information should be addressed to the Customer Service Representative in Charge of Personal Information at Congress.
CUSTOMER SERVICE REPRESENTATIVE IN CHARGE OF PERSONAL INFORMATION
- Congress Bldg, 3-6-13 Awajimachi, Chuo-ku, Osaka 541-0047, Japan
- Authorized personal information protection organization
Congress is obliged to comply with the rules and regulations of the Japan Institute for Promotion of Digital Economy and Community, an authorized personal information protection organization under Article 37 of the Law on the Protection of Personal Information.
AUTHORIZED PERSONAL INFORMATION PROTECTION ORGANIZATION
- Japan Institute for Promotion of Digital Economy and Community (JIPDEC)
- Personal Information Protection Complaints Consultation Office, PrivacyMark Promotion Center
- Kikai Shinko Kaikan Bldg, 3-5-8 Shiba-koen, Minato-ku, Tokyo 105-0011, Japan
The Congress Corporation website is encrypted using the Secure Socket Layer (SSL) Protocol to protect the personal information provided by customers, business partners and contractors via the website, and to prevent inappropriate access by a third party to information or the loss, destruction, falsification and leak of information.
Formulated: June 1, 2005
Most recent revision: August 19, 2011
Congress Corporation is a private enterprise which has been certified for and granted the PrivacyMark.
This mark is granted when an enterprise is certified as one which properly handles personal information in accordance with JIS Q 15001:2006 “Personal information protection management systems – Requirements”, based on the PrivacyMark System operated by the Japan Institute for Promotion of Digital Economy and Community (JIPDEC).