NAGASE Group Basic Policy for Personal Data Processing
To ensure that the processing of personal data by the NAGASE Group is lawful, transparent, fair and secure, officers and employees of the NAGASE Group should comply with this Policy and each NAGASE Group's internal rules.
1. Purpose Specification Principle
The purpose of collecting personal data should be specified and clear and its use should be consistent with the purpose of collection.
2. Use Limitation Principle
Collected personal data should not be used for any purpose other than those explained at the time of collection, except with the consent of the data subject, in accordance with the provisions of law, or for any other legitimate grounds.
3. Collection Limitation Principle
Personal data should be collected by appropriate means and collected and used to a minimum extent in light of the purposes described at the time of collection.
4. Data Quality Principle
Personal data should be accurate, complete, and kept up-to-date, and should be to the extent necessary for the purposes.
5. Security Safeguards Principle
The risk of personal data processing operations should be assessed, reasonable security measures commensurate with the risk should be taken, and personal data should be protected from loss or destruction and from unauthorized or illegal use, correction, disclosure, etc.
6. Openness Principle
The purpose of use, the content of the data, the controller, the disclosure destination, etc. related to the processing of personal data should be clearly indicated to the data subject.
7. Individual Participation Principle
The data subject should be made aware of the location and content of the data relating to such data subject, and in principle should be guaranteed the right to request disclosure, correction, deletion or suspension of use.
8. Accountability Principle
The controller of personal data should be responsible for demonstrating compliance with the law.