Our corporate philosophy is to "Create new value by bringing the people of the world together, and to contribute to the development of a rewarding and harmonious society by meeting the expectations of our customers". Based on this philosophy, by handling of customer information and confidential corporate information securely as well as consistently taking appropriate precautionary measures against information leak risks, our executives and all staff are all made aware of the importance of the protection of personal information, we shall take the following measures.
-
- 1. Compliance with Laws and Regulations
- We will endeavor to comply fully with all applicable laws and regulations, as well as rules and regulations defined by us, and will make every effort to appropriately manage information by severely punishing any violations.
-
- 2. Establishment of Management System
- In order to protect and appropriately manage all of our information assets, we will regularly hold meetings of our Information Security Committee, which is comprised of our officers and executives, and shall maintain a system that monitors the state of information security management at a company-wide level and allows prompt implementation of any security measures deemed necessary.
-
- 3. Compliance with Internal Policies, Rules and Guidelines
- When managing and handling information security rules we will ensure that it is kept accurate and up to date, within the scope necessary to accomplish the specified purpose of use, and take other necessary and appropriate measures for the correction and prevention of the leakage, loss or damage of the information and other measures to ensure its safe management.
-
- 4. Implementation of Safety Measures
- We will establish internal regulations based on this policy and the Privacy Policy (see separate page) and thoroughly familiarize our employees with our clearly defined policies and rules in order to appropriately manage our information assets.
-
- 5. Implementation of training and awareness programs
- We will make efforts to improve the information security literacy of all employees and related parties and continuously implement information security education and training to ensure the appropriate management of our information assets.
-
- 6. Coordination with Contractors
- When we outsource operations in full or in part, we will thoroughly screen contractors to ensure competence, and require, by contract and other means, that they maintain a level of security matching our own. In addition, to verify that this level of security is being maintained, we will regularly audit contractors and review the management system.
-
- 7. Efforts to improve operations
- We will conduct regular and irregular internal information security audits to confirm that business operations comply with information security laws and regulations, as well as rules and regulations defined by us, and to verify the effective functioning of the information security system.
-
- 8. Measures in the event of an accident
- In the event of an information security breach, we will work towards a quick recovery and solution to the issue and maintain high reliability and continuity.
-
- 9. Clarification of contact point for consultation
- The contact points for consultation are our "Customer Inquiries" for each area, and our Information Systems Division and General Affairs and Personnel Department will promptly respond.
-
- 10. Publication of security policy
- We publish this policy both internally and externally and comply with both it and our Privacy Policy (see separate page).
Enacted: April 1, 2008
Revised: May 1, 2016
Hankyu Travel International Co., Ltd.
President: Atsushi Sakai