1. Compliance with Regulations
HeaHea complies with laws, regulations and guidelines stipulated by administrative bodies.
2. Establishment of management system
HeaHea has established an internal management system and clearly specifies division of responsibilities.
3. Compliance with internal policies, regulations and guidelines
Heahea has established and complies with internal policies, regulations and guidelines.
4. Implementation of safety measures
HeaHea carries out safety measures and takes steps to prevent inappropriate access to information or the loss, destruction, falsification and leak of information.
5. Implementation of education and awareness programs
HeaHea promotes education and awareness programs for employees and ensures that information is appropriately managed, while striving to improve knowledge and awareness of information management.
6. Affiliation with external vendors
When entrusting operations related to information management to other companies, HeaHea selects companies with strong experience and abilities. The contract mandates confidentiality and guarantees that the information will be properly managed.
7. Efforts to improve operations
HeaHea regularly checks to ensure that information is managed appropriately and works to improve operations on a continual basis.
8. Response in event of accident
In the unlikely event of an accident, HeaHea endeavors to minimize the damage, quickly releases necessary information and takes all necessary steps to prevent a reoccurrence.
9. Designation of contact
HeaHea will set up a contact point to which customers may direct their inquiries, complaints, and requests. HeaHea will respond quickly and with integrity.
10. Release of policies
HeaHea will disclose its policies on information security and the protection of personal information, including this policy, by posting them on its website.
1. Obtaining Personal Information and Purpose of Use
HeaHea shall acquire the customers' personal information through appropriate and fair means and use it for the purposes below.
(1) To provide other products and services
(2) To provide information and communications; to conduct questionnaires relating to products, services, various events, campaigns, and such
(3) To conduct sales analysis, investigations and research; to develop new services and products
(4) To conduct operations relating to 1-5 above; to respond to inquires, etc.
2. Management and Protection of Personal Information
HeaHea shall appropriately manage and protect the customers' personal information, in accordance with "HeaHea’s Basic Policies on Information Security and the Protection of Personal Information."
3. Provision of Personal Data to a Third Party
HeaHea shall not disclose or provide the customers' personal data to a third party, except in cases described below. The provision of personal information to service providers and the joint use of personal information shall be implemented in accordance with Articles 4. and 5. below.
(1) Cases in which the customer personally gives his/her consent
(2) Cases in which the provision of personal data is based on laws
(3) Cases in which the provision of personal data is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person
(4) Cases in which the provision of personal data is specially necessary for improving public hygiene or promoting the sound growth of children and in which it is difficult to obtain the consent of the person
(5) Cases in which the provision of personal data is necessary for cooperating with a state institution, a local public body, or an individual or entity entrusted by one in executing the operations prescribed by laws and in which obtaining the consent of the person might impede the execution of the operations concerned
