In addition to complying with laws and ordinances such as the Act on the Protection of Personal Information, the MS&AD Insurance Group will continue to strive to build a stronger framework for information management, by establishing internal regulations and rules, improving system security, ensuring information management training is provided to employees and agencies, and reducing the risk of information leaks.

MS&AD Insurance Group
Basic Policy for Management of Customer Information

 

 

Given the importance of protecting customer information and to improve the public trust toward the business operations of the Group, the MS&AD Insurance Group shall handle customer information properly and institute measures that are appropriate for its secure management in compliance with the Act on the Protection of Personal Information (the "Personal Information Protection Act"), the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures ("My Number Act") as well as other laws, guidelines and the like.
As used herein, "customer" shall refer to "a customer having a relationship to the activities of the MS&AD Insurance Group" with respect to both individuals and companies.

 

  1. The MS&AD Insurance Group shall acquire customer information to the degree that it is necessary for business by means that are lawful and fair, and except were provided otherwise by applicable law, shall provide notice and public releases regarding the purpose for which personal information is to be used and shall use the same only within the scope of such purpose.
     
  2. Except were provided otherwise by applicable law, the MS&AD Insurance Group shall not provide any personal data pertaining to customers to third parties without prior consent from the concerned persons.
     
  3. The MS&&AD Insurance Group may share the use of personal data pertaining to customers within the Group for the purpose of providing better products and services to customers and conducting management of Group companies (See here Link to the policy pertaining to shared use of information).
     
  4. The MS&AD Insurance Group shall strive to prevent leaks, loss or degradation of customer information; shall prepare rules for its handling and a system to provide for its safe management; and shall implement adequate security measures. Necessary and appropriate supervision shall be conducted if the handling of customer information is delegated to outside parties.
     
  5. The MS&AD Insurance Group shall be thorough in providing education and guidance to those who are engaged in business operations, etc. so that customer information is handled properly. The procedures for handling and managing customer information at the Group shall be reviewed and improved on an ongoing basis to ensure they are appropriate.
     
  6. The MS&AD Insurance Group shall respond properly and in a timely manner to any complaints or inquiries pertaining to the handling of customer information. Responses to requests for the release or correction of personal data being held by the Group from concerned persons shall be addressed promptly based on applicable law.
     
  7. The MS&AD Insurance Group shall treat individual numbers and specific personal information as provided in the My Number Act in the following manner:
     

(1) We will neither acquire nor use individual numbers or specific personal information for purposes other than those restrictively specified in the My Number Act;
(2) Notwithstanding clause 2 above, we will not provide individual numbers or specific personal information pertaining to any customer to any third party, even with prior consent from the person concerned, for any purpose other than those restrictively specified in the My Number Act;
(3) Notwithstanding clause 3 above, we will not share the use of individual numbers or specific personal information pertaining to any customer within the Group; and
(4) We will adhere to the My Number Act, the Guidelines for Proper Handling of Specific Personal Information for Financial Institutions, etc. and will endeavor to manage specific personal information in a secure manner.