Article 1 (Purpose)
These Regulations set forth the system ａｎｄ basic rules for handling personal information within Kowa Co., Ltd. (hereinafter referred to as "the Company") to prevent the loss, leakage, or falsification of information held by the Company ａｎｄ to fulfill our social responsibility for information management.
Article 2 (Definition of terms)
The terms used herein shall be as follows:
Information that can identify a specific individual by describing the name, date of birth, etc. including one that can easily be collated with other information ａｎｄ thereby identify a specific individual.
An individual identified by personal information held by the Company.
This refers to our executives, regular employees, contract employees, part-time employees, ａｎｄ temporary employees.
"Supervisor" means the superior of the department to which officersand employees belong.
Article 3 (Covered Information)
The information covered by theseregulations is all personal information stored by the Company, regardless of whether electronic or printed data.
Article 4 (Scope of these regulations)
These regulations shall apply to officers ａｎｄ employees of the Company. Staffs who do not belong to the Company, such as contractors, volunteers, ａｎｄ trainees, shall also be required to treat these regulations appropriately in accordance with the purpose of them. In addition, in the event the business of handling personal information is outsourced to an outside party, the Company shall exercise necessary ａｎｄ appropriate supervision ａｎｄ ensure the appropriate protection of personal information in accordance with theseregulations.
Article 5 (Purpose of Use of Information)
Purpose of use of personal information is as follows.
・To provide services to customers ａｎｄ fulfill contracts with them
・To engage in personnel management, labor management, salary, ａｎｄ social insurance of employees
・To provide benefits services to employees
・To enable our employees to use services of business partners of the Company
・For hiring applicants
Article 6 (Personal Information Manager)
The Personal Information Manager shall be the president of the Company.
2 Personal Information Manager shall be responsible for the promotion of measures related to the management of personal information.
3 The Personal Information Manager shall have the authority to make decisions on matters necessary to fulfill the above responsibilities.
Article 7 (Personal Information Management Departments)
Compliance Office of the Company shall be in charge of the management of formulating, changing, ａｎｄ educating regulations.
2 The manager of each department ａｎｄ the head of each branch shall be thesupervisor of the information, ａｎｄ the supervisor shall be responsible for the promotion of measures concerning personal information in each area in accordance with these Regulations.
Article 8 (Basic Policy on the Protection of Personal Information)
The Company formulate ａｎｄ publicize our basic policy.
Article 9 (Handling of Personal Information of Employees)
Officers ａｎｄ employees shall comply with the Working Regulations ａｎｄ these Regulations. Even after retirement, personal information obtained during employment shall not be leaked.
Article 10 (Collection of Personal Information)
Thoroughly inform employees of the purpose of use of personal information.
2 Personal information shall be collected to the minimum necessary to achieve the Purpose of Use. In addition, they shall not be collected by illegal means.
3 In the event of a change in the Purpose of Use of the collected personal information, the applicable articles of theseregulations shall be updated.
4 Notwithstanding the preceding paragraph, in the event personal information is directly acquired from theindividual, such as the results of the entry of a contract or other document or website, the purpose of use shall be clearly indicated to the individual.
Article 11 (Storage of Personal Information)
The Companyshall implement necessary ａｎｄ reasonable safety management measures for personal information, such as storage lock control, access control.
2 Officers ａｎｄ employees shall not take personal information out of the Company or provide it to a third party without the approval of supervisor.
3 When disclosing or providing personal information to a business partner, outsourcee, etc., the approval of the supervisor must be obtained in advance. Confidentiality agreements will be exchanged when necessary.
Article 12 (Use of Personal Information)
Personal information shall be used within the scope of the purpose of use disclosed in advance ａｎｄ shall not be used beyond such scope. However, excluding cases based on the provisions of laws ａｎｄ regulations.
2 In the event the handling of personal information is outsourced for the purpose of data entry etc., the Company will confirm whether the outsourcing contractor handles personal information appropriately. In addition, the contract shall include clauses such as prohibition of use for purposes other than the execution of commissioned work, return or destruction of information after the end of work, compensation for damages in the event of breach of confidentiality, etc.
When outsourcing work continues for a long period, the Company will confirm the handling of personal information by the outsourcing contractor, ａｎｄ provide guidance ａｎｄ review the contract as necessary.
Article 13 (Destruction of Personal Information)
Personal information that has exceeded the retention period ａｎｄ personal information that has become unnecessary after achieving the original purposeshall be promptly discarded. If there is a business need to retain it for a longer period, approval of the supervisor shall be needed.
2 Personal information shall be destroyed by shredder processing for printing data ａｎｄ data deletion for electronic data in order to avoid external leakage. In addition, when the disposal is outsourced to an outside contractor, it shall be confirmed that the outside contractor has completely disposed of the waste.
Article 14 (Provision to a Third Party)
When it is necessary to provide personal information to a third party, obtain the consent of the individual, report to the supervisor in advance, ａｎｄ take the necessary measures according to the instructions.
Article 15 (Response to Inquiries from the individual, etc.)
Establish a contact point for receiving complaints ａｎｄ inquiries regarding personal information from the individual, such as inquiries from the person, disclosure of information, ａｎｄ requests for correction, suspension of use, etc.
2 The person in charge of the contact point explained in the preceding paragraph shall promptly take the necessary measures in accordance with the procedures for response.
Article 16 (Education)
Provide education on personal information management to officers ａｎｄ employees at the time of employment ａｎｄ once a year thereafter. Supervisors shall provide on-site education on the management of personal information at the site as appropriate.
Supervisors shall also instruct ａｎｄ supervise volunteers ａｎｄ trainees to warn them of the need to manage personal information ａｎｄ to handle it appropriately.
Article 17 (Response to Consultations ａｎｄ Complaints)
In addition to responding to inquiries from the individualexplained in Article 15, establish a contact point for consultation ａｎｄ complaints regarding the handling of general personal information, ａｎｄ shall make effort to respond appropriately ａｎｄ promptly.
Article 18 (Response to Accidents)
In the event of an accident involving personal information, such as a leak of personal information, the supervisor shall promptly take measures to prevent secondary damage and, while taking into account the protection of personal information, shall make public the facts as much as possible ａｎｄ report to the Compliance Office.
Article 19 (Audit)
The Compliance Office shall conduct internal audits of the appropriateness of the management of personal information within the Company as appropriate.
2 If any improvement is deemed necessary as a result of the audit, report it to the president.
3 Based on the audit results, the supervisor shall promptly implement improvement measures ａｎｄ report the results to the Compliance Office.
Article 20 (Violation of this provision)
In the event that a violation of these Regulations has become evident, the Company shall impose punishment on the officers ａｎｄ employees who have committed the violation in accordance with the provisions of the Working Regulations.
The Compliance Office shall, where necessary, establish detailed regulations for the handling of these Regulations.
Article 22 (Enforcement)
These regulations shall be effective as of September 1, 2020.
November 16, 2022
Clarification of the purpose of use (in collaboration with Banco do Brasil)
1. Basic Policy
We, Kowa Co.,Ltd., recognize the importance of personal information ａｎｄ believe that it is our social responsibility to protect personal information.We will comply with laws, regulations, ａｎｄ internal regulations concerning personal information, ａｎｄ properly acquire, use, ａｎｄ manage personal information we handle.
2. Control of personal information
We will thoroughly implement the following measures with regard to the management of information provided.
1). We will strive to ensure that the information provided to us is accurate ａｎｄ up-to-date at all times.
2). We stipulate strict handling methods for the management of personal information ａｎｄ thoroughly handle it based on them.
3. Supply to third party or not
We will use the provided personal information only within the company andpartnercompanies, ａｎｄ will not provide it to any third party without the consent of the provider.
These detailed regulations stipulate the specific handling of personal information in accordance with the Personal Information Management Regulations.
1.Documents, storage locations, ａｎｄ handling personnel related to personal information of the Company are explained separately.
2.Documents related to personal information shall be basically stored in a locked storage place.
The items to be stored in the safe shall be explained separately.
3.In case a person other than the staff in charge of handling the information needs to access to the information, it is necessary to obtain the consent of the staff in charge.
4.Information shall be handled so as not to be seen by third parties other than staffs of the Company. The location of such items shall also be considered.
5.Personal information has to be disposed based on the document storage regulations.
Items not defined in the storage regulations shall be disposed of promptly after the purpose thereof has been achieved. Disposal shall be done after shredding.
6.The scope of the exchange of information related to personal information within the Company shall be within the scope necessary for business operations.
7.Regarding inquiries from the outside about staff, residents, users, etc., basically do not answer unless it has been approved in advance. In the event of an emergency, the supervisor will makea decision on a case-by-case basis.
En 14 ubicaciones en todo el país, ofrecemos consultas de cambio de trabajo, presentaciones de trabajo y eventos.