NIRAKU GC HOLDINGS, INC. recognizes the importance of rights and interests of individuals, and in order to handle personal information appropriately, has established the following Basic Policy on Protection of Personal Information and strives to appropriately protect personal information.

• 1.　Specification, Notification and Public Announcement of Purposes of Utilization
  To the extent possible, we specifically identify the purposes of utilization of personal information. When acquiring personal information, we declare the purposes of utilization in advance or, after obtaining personal information, promptly notify the individuals concerned or declare the purposes of utilization.
• 2.　Acquisition and Handling
  We acquire personal information by appropriate methods, and handle it within the scope of the identified purposes of utilization.
• 3.　Provision to Third Parties
  We comply with applicable laws and regulations and other norms in the handling of personal information.
• 4.　Security Management
  We do not provide your personal information to third parties, unless we have obtained previous consent or are permitted to do so by laws and regulations.
  In the event of providing personal information of customers to third parties, we make mandatory, through a written agreement or the like, that the person or entity receiving the personal information must manage that information, and we also exercise appropriate supervision.
• 5.　Responding to Requests for Notification and Disclosure, etc.
  If we receive a request from an individual for notification of the purposes of utilization, disclosure, correction, addition, deletion, discontinuance of utilization or erasure of information, or to discontinue the provision of information to third parties, as a general rule, we will respond to the request without delay.

• 1.　Responsible Person
  We appoint a personal information protection manager as the person responsible for the handling of personal information, and carry out the necessary matters for the appropriate management of personal information.
• 2.　Implementation of Audits
  We appoint the personal information protection auditor as the person responsible for auditing the handling of personal information, who regularly conducts audits to determine whether the protection of personal information is being carried out appropriately, and endeavours at all times to make continual improvements.
• 3.　Compliance with Laws and Regulations
  We comply with applicable laws and regulations and other norms in the handling of personal information.
• 4.　Security Management
  We take necessary and appropriate security management measures to prevent leakage, loss or damaging of personal information.
• 5.　Education and Instruction
  We work to educate and instruct all our officers, regular employees, and part-time, casual and temporary staff to understand the importance of protecting personal information, and on the proper handling of personal information.
• 6.　Response to Incidents
  If the leakage of personal information or other serious incident occurs in relation to personal information, we take initiatives in resolving the problem, investigate the cause, and take immediate corrective action to prevent recurrence. We also make prompt and accurate disclosure of information with a view to preventing the expansion of any damage and the recurrence of similar cases.