Policy for protection of personal information
I.S.Rating recognizes the importance of protecting the personal information of persons receiving our services such as information security rating, qualification of information security rating analyst, research, education and publication etc. relating to information security rating and others (hereinafter, the "relevant persons"). I.S.Rating observes laws concerning the protection of personal information, other applicable laws and ordinances, and responsibly handles and protects personal information in accordance with the privacy policy detailed below.
- 1. Acquisition of personal information
- I.S.Rating shall collect personal information of the relevant persons by appropriate and fair measures to the extent necessary for the achievement of the purpose of providing such persons with better services. If required by laws or ordinances, I.S.Rating shall obtain the agreement of the relevant persons before collecting such personal information.
- Application for information security rating and indication evaluation
- Application for seminars and informational meetings
- Application for membership organization
- Application for publishing and information media
- Answers to questionnaire
- Inquiries
- 2. Use of personal information
- < Extent of use >
I.S.Rating shall utilize the personal information provided by the relevant persons to the extent necessary for the achievement of the following purposes: - Information security rating and indication evaluation
- Invitations to seminars and informational meetings and management of such
- Guidance for membership list organization and management
- Guidance regarding our publications
- Other purposes, including tasks related to I.S.Rating services
- < Use for other purposes >
If the need arises to use personal data for purposes other than those specified above, consent of the relevant person for the use of their personal data for the specified purpose shall be obtained. If such consent is not obtained, the personal data shall never be used.
- 3. Management and protection of personal information
- < Management of personal information >
I.S.Rating assigns a manager to oversee the handling of personal information and strives for appropriate and rigorous management aimed at ensuring the accuracy of personal information and prevent information leaks. In addition, I.S.Rating endeavors to protect personal information against outside threats such as unauthorized access by using reasonable and appropriate safety controls. - < Outsourcing >
I.S.Rating occasionally outsources the handling of personal information in order to provide better services to the relevant persons. In this case, we select suppliers who have proven credentials with regard to the appropriate handling of personal information, (hereinafter, the "suppliers") and supervise and direct suppliers in the management and protection of personal information.
- 4. Access, correction and deletion of personal information
- At the request of a relevant person to access, correct, cease use of or delete, etc. personal information, I.S.Rating shall immediately comply with such request to the extent deemed reasonable. All requests of this nature should be submitted via the Planning Group at I.S.Rating Co., Ltd.
- 5. Improvement of privacy policy
- I.S.Rating defines an internal regulation titled, "Protection of personal information" to ensure the observation of the relevant laws, regulations and standards related to personal information and the implementation of this policy. All officers and employees of I.S.Rating (including part-time and temporary employees, etc.) and all other persons concerned are required to implement this internal regulation and make ongoing efforts to improve activities related to the protection of personal information.
- 6. Inquiries
- For inquiries about personal information management, please contact the Planning Group at I.S.Rating Co., Ltd. between the hours of 9:30 am and 5:30 pm.
Ph: 81-3-3273-8830