Personal Information Protection Policy
Personal Information Protection Policy
Kaopiz (including Kaopiz Holdings JSC., and its subsidiaries hereinafter referred to as "the Company") deeply recognizes that the proper management and protection of your personal information is a significant responsibility. To fulfill this responsibility, the Company has established the following privacy policy as a code of conduct that all employees must adhere to, and ensures strict compliance with it.
- The Company complies with laws, guidelines established by the government, ordinances, and other regulations related to personal information.
- The Company handles personal information only within the scope of the pre-defined purposes of use, and does not use personal information beyond the scope of the intended purposes.
- When outsourcing all or part of the handling of personal information, the Company obligates the outsourcing party in writing to manage personal information appropriately and conducts proper supervision.
- Except with the consent of the individual concerned or based on the law, the Company does not provide personal information to third parties.
- Measures are taken to prevent and rectify leakage, loss, destruction, alteration, etc., of personal information.
- The Company responds sincerely and promptly to opinions, complaints, and inquiries regarding the handling of personal information from individuals.
- Continuous improvement of the management system for personal information protection is carried out.
Handling of Personal Information at the Company
1. Purpose of Use of Personal Information
- For proposing and providing Company services
- For informing about events and other activities in which the Company participates
- For managing contracts and transactions in Company business
- For communication related to Company business and support for customers
- For advertising and improving Company services as marketing and statistical information
- For responding to inquiries and opinions from customers
2. Personal Information Protection Manager
Information Security Quality Management Chairman
3. Joint Use of Personal Information
The Company conducts business processes, management organizations, and technical systems that go beyond national borders. The Company combines the management resources of each corporation organically to enhance the overall corporate value. Therefore, within the scope of the intended purposes of use of personal information mentioned above, the Company may jointly use the personal data of customers within each corporation of the Company. In implementing joint use, each corporation has a similar management system, and we make efforts to strictly manage and supervise it. We appreciate your understanding.
4. Provision of Personal Information to Third Parties
Except in the following cases, the Company does not provide customer's personal information to third parties.
- When there is the prior explicit consent of the customer
- When it is necessary to outsource the handling of all or part of personal information to related companies or partners within the scope necessary for achieving the purpose of use※ In this case, the Company obligates the outsourcing party in writing to manage personal information appropriately and conducts proper supervision.
- When there is a need to protect human life, body, or property, and obtaining the consent of the individual is difficult
- When it is necessary to cooperate with a national agency, local government, or a person entrusted to perform duties specified by law, and obtaining the consent of the individual is difficult
- Based on legal requirements
5. Safety Measures for Personal Information Protection
To ensure the safe and appropriate handling of personal information, the Company has established a management system in compliance with the "Information Security Management System Requirements" (ISO27001) and, through employee education, strives to prevent leakage, loss, destruction, alteration, etc., of personal information. In addition, regular confirmation of security measures necessary to protect personal information is conducted, and internal audits are carried out to promptly detect and investigate any deficiencies and take corrective actions to prevent recurrence.
6. Questions Regarding the Handling of Personal Information
For questions or complaints regarding the handling of specific personal information at the Company, please contact the "Personal Information Inquiry Desk" below. We will respond promptly and sincerely.
Contact Information for Inquiries Regarding Personal Information
Company Personal Information Inquiry Desk
Personal Information Protection Manager (Information Security Quality Management Chairman)
E-mail: [email protected]