SARA Inc. (hereinafter referred to as the “Company”) recognizes that the personal information belonging to its customers is an important asset. While observing all applicable laws and regulations, the Company implements the following policy to assure secure management of personal information.
Commitment to Protecting Personal Information
The Company believes that it is its social responsibility and a foundation of good business practice to use personal information entrusted to the Company by customers only as required to assure safety and security to its stakeholders including customers.
The Company implements appropriate security policies to ensure secure handling of personal information. In addition to taking measures to prevent data leakage, the Company implements appropriate safety measures to protect against hazards such as unauthorized. The Company may also outsource part of the management and administration of its operations to contracted entities in order to achieve improved services. Should that be the case, the Company ensures that appropriate management is always performed at the outsourced entities to prevent leakage of personal information and unauthorized access.
The Company never discloses the stakeholder's personal information to a third party other than the outsourced entities without obtaining the stakeholder’s consent. However, when disclosure is required by law or by authorities such as courts or police, the Company may disclose personal information without the consent of the stakeholder.
Personal Information Protection Policies
1. Establishment of compliance programs and their continuous improvement
The Company establishes personal information protection standards (compliance programs) and implements them consistently to ensure that the importance of personal information protection is recognized among its employees (including temporary workers) and that the personal information is used appropriately and protected securely. The Company makes certain that these policies are maintained at all times and improved continuously.
2. Allocation of personal information managers and enhancement of their functions
While the Company designates personal information managers, it clarifies their roles and establishes an environment where they can perform activities to appropriately protect personal information.
3. Establishment of internal rules regarding protection of personal information
While the Company establishes internal rules regarding protection of personal information to specify clear policies for handling personal information, it makes it known throughout its management and employees that it upholds the most rigorous attitude to deal with leakage of personal information.
4. Implementation of safety measures
To ensure the accuracy and safety of personal information, the Company implements safety measures including information security countermeasures in order to prevent unauthorized access to personal information as well as loss, destruction, tampering, and leakage of personal information.
5. Review and improvement of outsourcing activities
The Company continuously reviews and improves outsourcing activities to ensure that optimal consideration is given to protection of personal information. When concluding an outsourcing contract, the Company always makes certain that the details of the contract take into consideration protection of personal information while thoroughly examining the reliability of the outsourced company.
6. Observance of laws and standards
When handling personal information, the Company strictly observes laws and other standards applicable to the protection of concerned personal information. The Company also makes continuous efforts to conform its standards for protection of personal information (compliance programs) to these laws and standards.
7. Enhanced training of employees
The Company creates learning materials for protection of personal information and distributes them to its management and employees (including temporary workers). At the same time, the Company holds a training session for staff members who handle personal information at least once a year.
8. Establishment and improvement of an inspection structure
The Company establishes an in-house structure that is capable of inspecting whether or not the protection of personal information is performed appropriately. Also to make it possible to find an in-house leaker of personal information — if there is any — at an early stage and prevent leakage by a deterrent effect, the Company performs inspection by the use of access logs.
• If you entrust the Company with your personal information, the Company accepts inquiries about the information.
Depending on the question or request, the Company may be unable to answer or may require additional time. (When you make an inquiry, please tell us how you have entrusted the Company with your personal information.)
After comparing your contact address — which you gave the Company when you entrusted it with your personal information — with the contact address you have entered at this time, the Company will respond.
Also please understand that a fee — based on the actual cost of obtaining and disclosing the desired information — may be charged.