Seven & i Group Personal Information Protection Policy
Seven & i Holdings Co., Ltd. and its domestic subsidiaries (hereinafter referred to as “the Group", “we”, “us”, “our”) have a corporate creed to be a sincere company trusted by customers, business partners, shareholders, local communities, and employees.
In light of this, we consider that the proper handling of personal information we acquire during our business activities is one of the most significant social responsibilities not only in terms of complying with the law but also earning the trust of all concerned parties.
In order to fulfill this responsibility, we have established the "Seven & i Group Personal Information Protection Policy" for the entire group as follows and shall endeavor to enforce this policy to the entire Group through education and training for all managements and employees to ensure the appropriate handling of all personal information we acquire.
8-8 Nibancho, Chiyoda-ku, Tokyo
Seven & i Holdings Co., Ltd.
President and Representative Director
The Group shall comply with all domestic and foreign laws and regulations applicable to the Group regarding the protection of personal information, as well as guidelines established by the Personal Information Protection Commission and other domestic and foreign administrative agencies.
- 2Acquisition and utilization of personal information
The Group shall acquire personal information by legal and fair means. The Group shall appropriately notify or disclose to the public the utilization purpose of personal information and shall handle personal information appropriately to the extent necessary to achieve the utilization purpose.
- 3Security Control Measures
The Group shall, in order to properly manage the personal information, take appropriate organizational, personnel, physical and technical security control measures and shall work to prevent and correct the leakage, loss or damage of personal information.
In addition, when outsourcing the handling of personal information to an external supplier, the Group shall select a supplier who meets the standards for the appropriate protection of personal information, stipulate in contracts and other agreements that the protection standards required by the Group shall be adhered by the supplier etc., monitor the status of personal information handling by the supplier in a timely manner and supervise the supplier appropriately. Furthermore, in the event that the Group or a supplier handles personal information outside of Japan, we shall take necessary and appropriate measures for security control after understanding the regulations concerning the protection of personal information in the country.
- 4Provision to or joint use with third parties
The Group shall not, except as stipulated by laws and regulations, provide the acquired personal information to a third party without obtaining the consent of the principal. In addition, except as stipulated in laws and regulations, when the Group provides personal information to a third party, the Group shall prepare and maintain a record of the matters as specified by laws and regulations regarding the provision. Similarly, when the Group obtains personal information from a third party, the Group shall confirm that the legal requirements for personal information acquisition is satisfied and shall prepare and maintain the record.
In the event that we share our customer's personal information with our group companies, etc., we shall notify the principal in advance or disclose to the public the purpose of sharing the principal’s information and other matters stipulated by laws and regulations.
- 5Disclosure, correction and Utilization Cease etc.
The Group shall, in cases where a principal or its agent requests disclosure, correction, addition, deletion, cessation of the utilization or cessation of third-party provision with regard to the retained personal information, respond to any requests appropriately in accordance with laws and regulations.
- 6Handling of Individual Numbers and Specific Personal Information
The Group shall, in compliance with the "Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedure" and other related laws, regulations and guidelines, handle Individual Numbers (so-called “My Number”) and Specific Personal Information (personal information including Individual Numbers).
- 7Continuous improvement
The Group shall review its management structure for the handling of personal information protection and make continuous efforts to improve the security control measures to meet the requirements for future changes in social conditions and the environment.
Released December 2, 2014
Revised October 1, 2020
Revised March 10, 2022