Congress Corporation (hereinafter referred to as “CONGRESS”) recognizes the importance of personal information and the importance of our responsibility to protect privacy. To ensure that we meet the demands and earn the trust of society, including our clients, our business partners and all persons engaged, we have established the following “Personal Information Protection Policy” and organization to handle personal information properly.
Personal Information Protection Policy
- To ensure a transparent framework and responsibility, CONGRESS appoints a chief privacy officer and a chief privacy auditing officer, establishes the rules for handling personal information, and familiarizes all persons engaged in handling personal information with these rules through comprehensive training.
- CONGRESS sets forth clearly in advance the purpose of acquisition and use of personal information. When CONGRESS acquires personal information directly from a person in a written document, with prior written notice of such purpose and written consent, CONGRESS acquires, uses and/or, provides to a third party (refer to Article 3) the personal information to the extent necessary for such purpose. In order to prevent unauthorized use of personal information outside the extent agreed and necessary, CONGRESS documents this policy and purpose of use in “The Handling of Personal Information” and ensures that all employees maintain common knowledge of the policy and that the policy is available to the general public.
- CONGRESS may entrust personal information to other enterprises (hereinafter referred to as “trustees”) to the extent of the purpose of use. In that case, CONGRESS selects the trustee who satisfies its personal information protection standards, makes a contract with the trustee, and continues to bear the responsibility for control and supervision of the information.
- CONGRESS takes reasonable security measures for the prevention of unauthorized access to personal information, leakage, loss or damage of personal information. In the unlikely event of an accident, CONGRESS promptly notifies the person to that effect or ensures that the person has ready access to the report on the situation, or takes other appropriate measures.
- CONGRESS adheres to the laws, regulations and guidelines of Japan pertaining to the handling of personal information, and defines procedures in accordance with these regulations.
- CONGRESS periodically carries out audits to ensure the personal information protection is properly maintained and continually improves its personal information protection management system.
- When a person submits a request, complaint or consultation, for example to correct, add or delete the contents, disclosure, notification of the purpose of use, or to suspend or discontinue use or to cease provision to a third party, etc., CONGRESS shall respond without delay after positive identification of the person by its customer service representative in charge of personal information.
CONGRESS may amend the above policy without notice and all amendments will be made public through its website.
July 20, 2007
Customer Service Representative in charge of Personal Information
Congress Corporation is a private enterprise certified for and granted the Privacy Mark (*).
* The Privacy Mark will be granted when an enterprise is certified as one which properly handles personal information in accordance with the Japan Industrial Standard, “Requirements for compliance program on personal information protection, JISQ15001:2006”, based on a privacy mark system operated by the Japan Institute for Promotion of Digital Economy and Community (JIPDEC).