Mitsubishi Corporation

Mitsubishi Corporation Group Privacy Policy

Legal Notice Website Privacy Policy

Mitsubishi Corporation Group Privacy Policy

Mitsubishi Corporation ("MC") and its group companies (collectively the "MC Group") respecting the autonomy of the individual, handle personal information appropriately by complying with applicable laws and regulations related to the protection of personal information. If there is a privacy policy established separately by a specific company belongs to MC Group (individually the "Group Company" and collectively the "Group Companies") or for any of its specific services, such privacy policy shall prevail. Please refer to the websites, etc. of the Group Companies providing respective services for the specific administrators of personal information in such service.

  1. MC Group will put into place a management system that makes clear the person(s) responsible and establishes internal regulations for the protection of personal information.
  2. MC Group will acquire and handle personal information properly and appropriately within the scope necessary for achieving the purposes of use which it has notified the relevant individuals of or disclosed to the public.
  3. MC Group will take appropriate security management measures in accordance with laws and regulations to prevent any loss, destruction, falsification, leak, etc. of personal information.
  4. MC Group will take necessary measures in accordance with laws and regulations when providing personal information to a third party.
  5. MC Group will respond to requests for disclosure, correction, etc. or suspension of use of personal information and inquiries concerning personal information as soon as possible in accordance with laws and regulations.
  6. MC Group will endeavor to make every employee fully informed of the rules for proper handling of personal information through internal education and enlightenment activities, and continuously review the management system for personal information.

Purposes of Use of Personal Information

Purposes of use of personal information

The Group Companies will, except as notified by other methods, handle the personal information provided by you within the scope necessary for achieving the following purposes on the grounds of the performance of agreements, compliance with legal obligations, or other legitimate interests of he Group Companies or a third party (such as appropriate business execution by the Group Companies).

[Your personal information]
(name, address, phone number, email address, workplace, office address of your workplace, department you belong to, title of your job, etc.)

When personal information needs to be handled for the performance of an agreement or otherwise needs to be handled for the pursuit of legitimate interests such as appropriate business execution by MC Group or a third party:

  1. Conclusion and performance of agreements, payments, and management of other transactions, as well as management of affiliates.

When personal information needs to be handled for the pursuit of legitimate interests such as appropriate business execution by MC Group or a third party:

  1. Communications, notifications of officer changes, and notifications and greetings based on social customs such as sending of notebooks, calendars or greeting cards.
  2. Provision of information on products or services related to transactions.
  3. Investigation, analysis, research and audits concerning businesses of MC Group.
  4. Preparation of statistical information, analysis of anonymized personal information, and pseudonymously processed personal information for other use by the Group Companies.
  5. Information exchanges and communications with people involved in the industries/groups related to businesses of MC Group.

[Personal information on shareholders or their officers and employees]
(name, address, phone number, email address, number of shares it held, date of acquisition of shares, etc.)

When personal information needs to be handled for the pursuit of legitimate interests such as appropriate business execution by MC Group or a third party:

  1. Exercise of rights and performance of obligations under the Companies Act or other related laws and regulations.
  2. Shareholder management under applicable laws and regulations including preparation of shareholder-related records.
  3. Implementation of measures to facilitate relationships with shareholders and provision of facilities to shareholders.

[Personal information on officers and employees of the Group Companies]
(name, date of birth, sex, address, phone number, face photo, family composition, income, property information such as account numbers or credit numbers, passport information, health insurance card information, driver’s license information, employee number, department/qualifications/title/duties of the employer, performance review, information and communication infrastructure use logs, etc.)

When personal information needs to be handled for the performance of an agreement or for the pursuit of legitimate interests such as appropriate business execution by MC Group or a third party:

  1. 1. Personnel management, wage management, and activities related to training and education, expatriate employees and temporarily seconded employees, health and safety management, and welfare benefits.

When personal information needs to be handled for the pursuit of legitimate interests such as appropriate business execution by MC Group or a third party:

  1. Management for the use and maintenance of information and communications infrastructure, understanding of the actual state of business based on use logs of information and communications infrastructure, and analysis activities for business improvement.
  2. Other related activities necessary to enforce rules or execute business.

For detailed information regarding the businesses of the Group Companies, please refer to the "Our Business" page on the MC website or the websites, etc. of the Group Companies.

To achieve the above purposes of use, MC Group may entrust the provided personal information to its contractors. In such cases, MC Group will exercise necessary and appropriate supervision over them to ensure the security management of the entrusted personal information, etc. MC Group may provide personal information to public agencies if requested thereby pursuant to laws and regulations.

In cases such as where the provision of certain personal information to MC Group is a statutory or contractual requirement or a requirement necessary to make an agreement, the provision of the relevant personal information may be made compulsory. If the relevant personal information is not provided, MC Group may not be able to provide the product or service requested by you.

Measures for Managing the Security of Personal Data

MC Group takes the following security management measures for the provided personal data. The provided personal data is stored only for the period necessary to achieve the above purposes of use. The specific storage period is determined in consideration of the purposes of use, the nature of the personal data, and the legal or operational need to retain the personal data.

(1) Establishment of a basic policy
To ensure proper handling of personal data, MC Group has established a basic policy for compliance with related laws and regulations and the contact point.
(2) Organizational security management measures
MC Group appoints the person(s) responsible for the handling of personal data, establishes internal regulations for the secure handling of personal data, and develops a system for reporting to or communicating with the responsible person(s) in the event that any facts or signs of violation of laws or internal regulations are detected.
(3) Personnel security management measures
MC Group implements regular training for its employees on points to note regarding the handling of personal data.
(4) Physical security management measures
MC Group exercises access control over its employees in areas where personal data is handled, and has taken measures to prevent personal data from being read by unauthorized persons.
(5) Technical security management measures
MC Group exercises access control to limit the persons that handle personal information and the scope of the database, etc. to be handled by them, and has introduced a system to protect the information systems on which personal data is handled from unauthorized access from outside or by illegal software.
(6) Understanding of external environment
MC Group has taken security management measures based on the understanding of the systems for personal information protection of the respective countries where its personal data is stored.

Joint Use of Personal Data (in Japan)

MC will jointly use the personal information provided by you, as follows.

However, the statement of joint use is not shown here if the relevant individuals are notified in advance or it is made readily accessible to the relevant individuals. Numbers to Identify a Specific Individual will not be jointly used.

Joint Use (PDF:123KB) “Japanese only”

In case of joint use with the Group Companies outside Japan, we take necessary measures concerning overseas transfer in accordance with the provisions of the laws and regulations of the respective countries. Some the Group Companies outside Japan receiving personal information are located in third countries for which an adequacy decision by the Personal Information Protection Commission of Japan or the European Commission has not been given; however, MC Group has concluded data transfer agreements with the Group Companies to jointly use personal information to ensure an adequate level of personal data protection.

In Case of Preparation and Provision to Third Parties of Anonymized Personal Information (in Japan)

For the preparation and provision of anonymized personal information by MC, please refer to Attachment.

Attachment (PDF:101KB) “Japanese only”

Appeal to Supervising Body (Outside Japan)

You have the right to file an objection to the data protection authorities that have jurisdiction over your place of residence in accordance with applicable laws and regulations if you have an objection regarding processing of personal information. For the supervising bodies of EEA countries and that of the UK (ICO), please refer to the following URLs:

EEA countries: https://edpb.europa.eu/about-edpb/about-edpb/members_en

UK: http://www.ico.org.uk/

Automated Decision-Making (Outside Japan)

MC Group will not use any automated decision-making, including profiling, using the provided personal data.

Inquiries Related to Personal Information

You may have the right to make a request, under the applicable laws and regulations regarding the protection of personal information, for notification of the purposes of use, disclosure (including disclosure of records of third-party provision), correction, etc., suspension of use, etc., data portability or withdrawal of consent regarding your own personal information held by MC Group. If you would like to make a request, please contact the relevant the Group Companies. Such Group Company will respond to a reasonable extent in accordance with applicable laws and regulations after confirming certain matters including that the request has been made by the relevant individual. The Group Companies also accept inquiries and complaints regarding the handling of personal information and anonymized personal information, etc.

For inquiries related to products or services provided by the Group Companies and procedures for changing registered information or withdrawing from membership, please contact the point of contact for the relevant service.

If you would like to make a request, etc. against MC, please read the following matters and use the dedicated form to request. (For other inquiries and complaints regarding the handling of personal information and anonymized personal information, etc., please individually contact the Personal Information Inquiry Contact shown below.)

Notification of the purposes of use

If you would like to request notification of the purposes of use of the personal information you provided to MC, print out and fill in the Notification Request for Purposes of Use of Retained Personal Data, and send it to the address shown below.

Notification Request for Purposes of Use of Retained Personal Data (PDF:147KB)

Disclosure

If you would like to request the disclosure of the personal information you provided to MC, print out and fill in the Request for Retained Personal Data Disclosure, and send it to the address shown below with a copy of an identification document.

Request for Retained Personal Data Disclosure (PDF:169KB)
Request for Retained Personal Data Third-Party Provision Record (PDF:148KB)

Correction, etc.

If you would like to request correction or deletion of or addition to any item of the personal information you provided to MC, print out and fill in the Request for Retained Personal Data Correction, Etc., and send it to the address shown below with a copy of an identification document.

Request for Retained Personal Data Correction, Etc. (PDF:183KB)

Suspension of use, etc.

If you would like to request the suspension of use or third-party provision or deletion of the personal information you provided to MC, print out and fill in the Request for Retained Personal Data Suspension of Use, Etc., and send it to the address shown below with a copy of an identification document.

Request for Retained Personal Data Suspension of Use, Etc. (PDF:171KB)

Note: When sending above documents to MC, please use a reasonable means such as registered mail so that they will not be lost (You are responsible for the postage).
If you cannot print out the formats from this site, we will send them to you. Please send a request in writing to the address shown below.
For requests to unspecified departments in MC, you may be asked to fill in separate forms as specified by MC.

Personal identification document

For some requests, MC may request the documents or other items necessary for identification to be presented to confirm that the requests have been made by the individuals subject to the requested personal information or their due agent or representative.

Please attach a copy of any of the following documents for identification of the individual to the above-mentioned forms:

Driver’s license
Must be before the expiration date, and a copy of the side where the present address is shown must be included. International driver’s licenses cannot be used for this purpose.
Japanese passport
Must be before the expiration date, and a copy of the page where the present address is entered must be included.
Health insurance card or pension book and any of the following: resident record, utility receipt or utility bill
The resident record, utility receipt or utility bill must be dated within three months from the date of issue, and contain the present address.
Special Permanent Resident Certificate / Residence Card and any of the following: passport, utility receipt or utility bill
The utility receipt or utility bill must be dated within three months from the date of issue, and contain the present address.

We may separately request identification for the relevant individual in addition to the above in some cases.

In case of a request by an agent or representative, please send all the following documents in addition to the above-mentioned documents:

< When applying as an agent >
  1. Power of attorney by the relevant individual (must contain the relationship with the agent, the reason for requiring the agent, and the name, address and phone number of the agent).
  2. Registered seal certificate of the relevant individual (the power of attorney must have the registered seal impression affixed).
  3. Identification of the agent (a copy of a public document such as a driver’s license).
< When applying as a legal representative* >
  1. Document to confirm the right of legal representation (a copy of health insurance card, etc.).
  2. Document for identification of the legal representative (a copy of a public document, such as a driver’s license, of the legal representative).

* Legal representative means a person having parental authority or adult guardian.

Note: If you use a driver’s license or resident record for identification, send it after making the registered domicile unreadable by blacking out or otherwise obscuring it.

The documents to be submitted for identification will be used only for the identification of the person who made the relevant request and communications related to the contents of the request. The documents will not be returned but very carefully disposed of using adequate security measures.

Method of communication

Notifications and disclosure related to your requests will be sent and made by the methods shown in the respective forms.

If it has been determined that your request will not be met, you will be notified of this along with the reason.

Period for response

We will reasonably endeavor to complete our response within the following period after receiving your request:

Notification of the purposes of use: Request to a specific department: 5 business days from the day of receipt
Request to a non-specified department or more than one department: 2 weeks from the day of receipt
Disclosure, correction, suspension of use, etc.: Request to a specific department: 5 business days from the time when your identification is confirmed
Request to a non-specified department or more than one department: 2 weeks from the time when your identification is confirmed
Other inquiries and complaints: Request to a specific department: 5 business days from the time when your identification is confirmed
Request to a non-specified department or more than one department: 2 weeks from the time when your identification is confirmed

We will reasonably endeavor to reply to you within the above periods.

Fee

For requests for the following, please send stamps of the amount equivalent to the general registered mail postage with the application documents for each request:

  1. Notification of the purposes of use.
  2. Disclosure of information.

If the fee is insufficient or not enclosed, we will inform you thereof. Please note that if it is not paid within the prescribed period, the request will be treated as not having been made.

Grounds for not meeting requests

Your request may not be met in the following cases. In such cases, we will give you a notice to such effect along with the reason.

The fee will be charged as prescribed even if your request is not met.

  1. If the relevant individual cannot be identified in cases such as there is a difference between the address stated in the request or application form and/or the address stated in the identification document and/or the address registered at MC.
  2. If the authority of the agent or representative cannot be confirmed in case of a request by an agent or representative.
  3. If the prescribed request or application form is not completed.
  4. If the data subject to your request, etc. does not fall under the definition of "personal data the business holds".
  5. If there is no record of third-party provision.
  6. If your or a third party’s life, body, property or any other right or interests may be harmed.
  7. If it may significantly hinder the proper execution of MC’s business.
  8. If it may violate any other laws or regulations.
  9. In other cases where it is permitted under laws and regulation related to protection of personal information.

Send to:

3-1, Marunouchi 2-Chome, Chiyoda-ku, Tokyo, 100-8086, Japan
Personal Information Inquiry Contact, IT Service Dept., Mitsubishi Corporation

Note: We do not accept requests submitted in person by visiting the address above.

PAGE TOP