Toshiba Energy Systems & Solutions Corporation (hereinafter, "the Company") has been engaged in energy-related business such as power generation, transmission, and distribution since the Meiji Era. In the field of energy and infrastructure, there is a growing demand for the spread of renewable energy and addressing aging infrastructure. In response to these challenges, the Company leverages the "power of data" to provide society with valuable products and services.
The Company recognizes that data, including personal information obtained from stakeholders in the course of these activities, is an important asset of each stakeholder and also an important asset to the Company, leading to creation of new value. The Company shall appropriately protect personal information in accordance with the following basic policy.
- 1-1. The Company shall comply with the Act on the Protection of Personal Information, related laws and regulations, guidelines established by the government, and other standards. Additionally, the Company shall establish a personal information protection management system in accordance with the Japanese Industrial Standard "Personal information protection management systems - requirements" (JIS Q 15001), develop internal regulations based on it (hereinafter, "Company regulations"), and ensure the proper implementation and maintenance of the personal information protection management system while continuously striving for improvement.
- 1-2. The Company shall designate managing responsible persons for each department that handles personal information, establish a system to appropriately manage personal information, and ensure that officers and employees are familiar with and strictly adhere to the Company regulations.
- 1-3. The Company shall handle personal information within the scope of purposes explicitly stated to customers and shall take measures to prevent unauthorized use beyond the intended purposes. Further, the Company shall not disclose or provide to third parties personal information provided by customers without the consent of the customer or a justifiable reason.
- 1-4. The Company shall strive to maintain personal information in an accurate and up-to-date condition and shall take measures to prevent unauthorized access, leakage, loss, destruction, and damage to personal information. The Company shall continuously implement improvements and corrections to enhance information security.
- 1-5. In cases in which the Company consigns all or part of the handling of personal information to a third party, the Company shall provide necessary and appropriate supervision to ensure the secure management of entrusted personal information by the subcontractor.
- 1-6. The Company shall strive to provide appropriate and prompt responses to complaints and inquiries regarding the handling of personal information. In addition, the Company shall appropriately and promptly respond to requests for disclosure, etc., of disclosed personal information possessed by the Company (notification of the purpose of use, disclosure, correction, addition, or deletion of content, suspension, correction, or deletion of use of personal information, suspension of provision to third-parties, disclosure of third-party provision records).