Formulation of Basic Policy LY Corporation formulates a Basic Policy based on the laws and regulations to ensure the proper management of personal data.
Establishment of rules for the handling of personal data The methods, persons responsible/in charge and their duties, etc., at each stage of the handling of personal data, such as its acquisition, use, storage, provision, and deletion/disposal, are stipulated in the abovementioned Basic Policy.
Organizational safety management measures LY Corporation protects and manages personal data by clarifying the employees who handle personal data, as well as the scope of personal data handled by such employees, and establishing a system for reporting violations of the law or handling regulations to the responsible persons if any fact or indication of such violations are detected. Periodic inspections are conducted to ensure that personal data is properly handled and managed in accordance with laws, internal regulations, etc., and ongoing efforts are made to improve business operations. The status of compliance with rules and regulations are checked as appropriate through internal audits, audits by third-party organizations, etc., and remedial action will be taken when corrective measures are found to be necessary.
Human safety management measures In order to raise awareness of the importance of personal data protection among employees and others in the organization, training programs on personal data protection are conducted. In addition, necessary training programs are provided to divisions involved in the handling of personal data, and their attendance confirmed. LY Corporation sets out matters related to the confidentiality of personal data to its employees, and makes it a requirement for the employees to submit a written pledge.
Physical safety management measures In areas where personal data is handled, access control for employees are in place, and measures are implemented to prevent unauthorized persons from viewing personal data. Measures are taken to prevent theft or loss of equipment, electronic media, and documents which involve personal data.
Technical safety management measures As access control, LY Corporation limits the scope of persons in charge and the personal information data bases, etc., handled. A mechanism is also in place to protect information systems which handle personal data from unauthorized external access or unauthorized software.
Understanding the international rules At LY Corporation, personal data concerning users in Japan are entrusted the following countries, and safety management measures are implemented based on an understanding of the systems for the protection of personal information. In addition, when personal data is handled in a country outside of Japan in connection with the use of certain functions of individual services, we may provide separate notification within the relevant service. Entrustment of personal data: Japan, USA, South Korea, Ireland, Canada, Philippines, Australia, Vietnam, Thailand, Taiwan, Indonesia, Singapore, the Netherlands, Germany More information on data linkage with overseas group companies and partners is available below. "Data Provision with Overseas Group Companies and Partners" *The personal data of representatives and persons in charge of the partners (includes individual business operators) may be entrusted or stored in countries other than those noted above.