TSUNEISHI GROUP CORPORATION
Policy on the Protection of Personal Information (Privacy Policy)
TSUNEISHI GROUP CORPORATION (hereinafter referred to as the “Company”) recognises that the protection of personal information is a fundamental right of individuals. The safeguarding of personal information is essential to the Company’s business operations and constitutes an important social responsibility.
The Company has established the following policy regarding the protection of personal information and ensures that it is communicated to, and observed by, all officers, employees and associated personnel within the Company and its group companies (hereinafter the Company and its group companies are referred to as the “Group”).
1.
Compliance with Applicable Laws, Regulations and Guidelines
The Company complies with Japan’s Act on the Protection of Personal Information and other relevant laws, regulations and guidelines concerning the handling of personal information.2.
Proper Collection of Personal Information
When collecting personal information, the Company clearly specifies the purpose of collection and use in advance and collects such information by lawful and fair means, and only to the extent necessary for the stated purpose.3.
Purposes of Use of Personal Information
The Company uses personal information solely for the following purposes and does not use it for any other purpose without obtaining consent in advance from the individual concerned through the appropriate procedures:(i)
To conduct the business administration of the Group
(ii)
To provide integrated services within the Group
(iii)
To provide information and engage in operational management relating to the Company’s business
(iv)
To communicate with shareholders, provide them with information, and manage shareholder information
(v)
To exercise rights and fulfil obligations under applicable laws and regulations
(vi)
To respond to enquiries from individuals regarding their personal information
(vii)
To manage personnel matters and employee welfare
(viii)
To conduct activities relating to Corporate Social Responsibility (CSR)
(ix)
To provide information on products and services handled by the Group, events, campaigns, and conduct surveys
(x)
To carry out activities incidental to the above
(xi)
To support the purposes outlined in Article 6 (Shared Use of Personal Information)
4.
Appropriate Handling of Personal Information
The Company handles personal information with due care and carries out appropriate measures to prevent risks such as loss, damage, falsification, disclosure or unauthorised access.Internal rules are established, and responsible personnel are appointed to ensure the proper management of personal information.
5.
Provision of Personal Information to Third Parties
1.
The Company does not provide personal information to third parties except in the following circumstances:
(i)
In cases where prior consent has been obtained
(ii)
In cases where required under laws and regulations
(iii)
In cases in which doing so is necessary to protect life, physical safety or property, and where consent cannot readily be obtained
(iv)
In cases in which doing so is required for public health or child welfare, and where consent cannot readily be obtained
(v)
In cases in which cooperation with local or national governmental authorities is necessary with regard to carrying out affairs prescribed by laws and regulations, or where cooperation with organisations to which such affairs is necessary, and where obtaining consent may hinder such cooperation
(vi)
In cases where otherwise permitted under Japan’s Act on the Protection of Personal Information or other applicable laws
2.
Notwithstanding the above, specified personal information shall not be provided to or shared with third parties except where permitted by law.
6.
Shared Use of Personal Information
Subject to the appropriate safeguards, the Company may share personal information with the Group, including:(i)
Categories of personal information subject to shared use
・
Name, address, telephone number, email address, date of birth, workplace, gender, transaction details, etc.
(ii)
Scope of parties sharing information
・
Group companies of the Company
(For details of Group companies, please refer here.)
(iii)
Purposes of use
・
To execute contracts with the individual concerned
・
To sell products and provide services offered by the Company or the Group companies
・
To provide information and conduct surveys relating to products and services offered by the Company or the Group companies
・
To notify the relevant Group companies when an individual makes an enquiry or applies to use products or services offered by the Company or the Group companies
・
To manage customer and business partner information of the Company and the Group companies
・
To carry out activities incidental or related to the above.
(iv)
Entity responsible for management of personal information
Company overview | TSUNEISHI GROUP CORPORATION
(i)
Categories of personal information subject to shared use
(a)
Name, address, telephone number, email address, date of birth, workplace, gender, photograph, employee number, department, job title, employment type, company email address, information relating to business-use mobile devices, annual salary, monthly salary, bonus, salary determination method, dependent status, retirement benefits, performance evaluation, educational background, qualifications and licences, position, work experience, disciplinary records and commendations, etc. (including personal information relating to family members provided by the employees, such as their name, address, relationship, gender and date of birth)
(b)
Leave records, health status, details of physical or mental conditions, and other information necessary for health management and employment considerations
(ii)
Scope of parties sharing the information
・
Group companies of the Company
(For details of Group companies, please refer here.)
(iii)
Purposes of use
(1)
For personal information specified in (i) (a):
・
To implement human resources strategies, risk management, DX (digital transformation) initiatives, and other HR-related operations
・
To comply with applicable laws and regulations and provide required notifications
・
To carry out activities incidental or related to the above
(2)
For personal information specified in (i) (b)
・
To allocate human resources appropriately
・
To support employees returning to work following leave
・
To ensure occupational health and safety management and associated risk management
(iv)
Entity responsible for management of personal information
Company overview | TSUNEISHI GROUP CORPORATION
7.
Supervision of Subcontractors Handling Personal Information
On occasion, personal information that has been obtained is entrusted to third-party subcontractors for reasons such as facilitating business operations. In such cases, the Company ensures appropriate supervision by selecting contractors that meet adequate data protection standards and by stipulating the necessary measures in contractual agreements.8.
Security Control Measures
The Company implements appropriate organisational, technical, physical and human security measures to ensure the safe management of personal data, including:(i)
Establishment of basic policies
・
The Company establishes basic policies, including compliance with applicable laws, regulations and guidelines and designation of contact points for handling complaints, to ensure the proper handling of personal data.
(ii)
Establishment of rules for handling personal data
・
The Company establishes rules governing handling methods, responsible personnel, persons in charge, and their respective duties at each stage of the data lifecycle, including collection, use, storage, provision, deletion and disposal.
(iii)
Organisational security control measures
・
The handling of personal data is subject to periodic self-inspections and audits conducted by independent departments.
(iv)
Human security control measures
・
Employees receive regular training on the appropriate handling of personal data and related considerations.
(v)
Physical security control measures
・
Appropriate measures are implemented to prevent the theft or loss of equipment, electronic media and documents containing personal data.
・
Additional measures are taken to ensure that personal data cannot be easily identified when such items are transported, including within Company premises.
(vi)
Technical security control measures
・
Access to personal data is appropriately controlled, and both authorised personnel and the scope of accessible personal data are strictly limited.
9.
Procedures for Responding to Application for Disclosure, etc.
We implement the following measures to protect the personal data we hold.1.
When an individual wishes to enquire about the purpose of use of their personal data retained by the Company, to make a request for the disclosure of such personal data, to request the correction, addition, or deletion thereof, and/or to suspend its use or erase it, the individual may make such a request by submitting an application (hereinafter referred to as the “Application for Disclosure, etc.”). The individual shall send the following documents or similar materials to the Person in Charge of Personal Information Handling specified in Article 10.
(i)
A document stating the applicant’s address, name, occupation, telephone number, email address, and the purpose of the application
(ii)
A document verifying the identity of the applicant (such as a photocopy of a driving licence, passport, national health insurance card, or the like)
(iii)
Postage stamps to cover the handling fee (Please consult the Person in Charge of Personal Information Handling for details of the fee.)
2.
Once the applicant has been verified as the individual concerned, the Company shall review the retained personal data, take the necessary actions, and send a written response to the applicant.
3.
Personal information collected through the Application for Disclosure, etc. shall be used only to the extent necessary for processing the Application for Disclosure, etc. Documents submitted by the applicant shall be retained for an appropriate period and subsequently disposed of.
4.
If an applicant falls under any of the following cases, the personal information shall not be disclosed. Where the decision not to disclose personal information is made, the applicant shall be notified in writing of the reasons.
(i)
Where the identity of the applicant cannot be verified
(ii)
Where the applicant has not paid the required fee
(iii)
Where the application is deemed not to be an Application for Disclosure, etc.
(iv)
Where disclosure may harm the life, physical safety, property, or other rights or interests of the individual or a third party
(v)
Where the application is likely to significantly impede the proper conduct of the Company’s business
10.
Contact for Enquiries and Requests
Requests regarding personal information should be directed to the Personal Information Protection Consultation Desk as described below. The Company shall respond appropriately in accordance with the purport of Japan’s Act on the Protection of Personal Information.TSUNEISHI GROUP CORPORATION
Address: 1083 Tsuneishi, Numakuma-cho, Fukuyama City, Hiroshima Prefecture 720-0393 Japan
Telephone: +81-84-987-1111
Hours of operation: Monday to Friday
(excluding public holidays and Japan New Year holiday period)
9:30–12:00/13:00–16:30
11.
Continuous Improvement of this Privacy Policy and Internal Rules
Revised March 12, 2026
