Handling of Personal Information
1. Personal information protection policy
The JFE Group conducts its business in accordance with the JFE Group Personal Information Protection Policy. For more about the policy:
2. Purposes of using personal information
1) To manage the business of each Group company
2) To execute general-affairs activities pertaining to the rights and obligations of shareholders based on the Companies Act and other laws and ordinances, or to implement initiatives for smooth relations with shareholders
3) To provide investors with business overviews, financial reports or notifications of information sessions.
4) To contact or respond to business partners, including potential business partners, with regard to business- or transaction-related matters.
5) To respond to other inquiries or requests.
6) To execute activities pertaining to personnel management, pensions, labor insurance, benefits, etc. for employees
7) To executive other activities incidental to the above purposes.
3. Purposes for using specific personal information
The JFE Group acquires and uses specific personal information for the following purposes.
|Activities related to personal identification numbers of current and former employees, including their dependents and other immediate family
|Withholding tax based on Income Tax Act, etc.
|Payment records based on Inheritance Tax Act, etc.
|Local taxes based on Local Tax Act, etc.
|Insurance based on Employment Insurance Act, etc.
|Insurance based on Health Insurance Act, etc.
|Employee pension insurance based on Employees’ Pension Insurance Act, etc.
|Third notification regarding national pension, etc.
|Creating/providing legal documents regarding financial commodity transactions pertaining to employee hareholding association
|Creating/providing legal documents regarding Workers’ Asset-Formation Savings
|Creating/providing legal documents regarding company pensions
|Tasks concerning the personal identity number of individuals other than employees, including in relation to items on the right
|Creating payment records of compensation, fees, etc. based on Income Tax Act
|Creating payment records of real estate fees, etc. based on Income Tax Act
|Creating payment records of equivalent value of transfers of real estate, etc. based on Income Tax Act
4. Personal-information management
The JFE Group takes necessary and appropriate measures to prevent illicit access to or loss or damage of personal information as well as to ensure appropriate management of other personal data.
- The JFE Group Personal Information Protection Policy ensures that such information is handled appropriately.
- In-house rules stipulate the handling methods, persons responsible or in charge and duties thereof in each stage of handling personal data, including acquisition, use, storage, provision, deletion and disposal.
- The handling of personal data is ultimately the responsibility of the personal-information general manager (director overseeing General Administration Department), the personal-information supervisory section (General Administration Office of General Administration Department) and personal-information management supervisors (manager of each department). Furthermore, the JFE Group maintains a system to manage and handle personal data as well as to respond if such data is ever leaked or signs thereof are detected.
- Legers are maintained to manage personal information, describing the type and range of data, purpose of usage, storage location, person responsible, storage period, etc. In addition, means are established to confirm personal-data handling conditions through periodic company-wide inspections of these ledgers.
- Internal audits are conducted periodically to ensure adherence to internal procedures and rules as well as external laws, ordinances, etc. pertaining to handling personal information.
- Employees are supervised and trained in the appropriate handling of personal data.
- In physical areas where personal data is handled, measures to protect confidentiality include the planning of seating arrangements designed to prevent the viewing of personal data by unauthorized persons.
- Measures are implemented to prevent the theft or loss of devices (terminals), external recording media, documents, etc. containing personal data.
- Measures also are implemented to ensure that personal information cannot be easily identified when devices (terminals), external recording media, documents, etc. containing such data are transported within offices.
- When deleting or discarding devices (servers and terminals), external recording media, documents, etc. containing personal data, methods are implemented to ensure that the data cannot possibly, or easily, be restored.
- Access to systems containing personal information databases, etc. is restricted to employees authorized to view/use such data, and usage of such data is limited to the scope necessary for business.
- Access to systems containing personal data requires identification, typically a user ID and password, to identify and authenticate the accessing person.
- Measures are deployed to protect systems containing personal information from illicit external access and malware.
- Additional measures are deployed to prevent personal information from being leaked, etc.
- When handling personal information in a foreign country, local laws, procedures, etc. are periodically confirmed and reviewed and information-management measures are modified or newly introduced as required.
Requests and complaints regarding the disclosure of personal information held by the JFE Group, as well as inquiries regarding the company’s handling of personal information, should be communicated to the General Administration Department (Tel: 03-3597-4321) or to the responsible departments listed on the websites, etc. of individual JFE Group companies.
Koji Kakigi, President and CEO
JFE Holdings, Inc.
2-2-3 Uchisaiwai-cho, Chiyoda-ku, Tokyo, Japan