Personal information protection policy

PRONEXUS provides support for corporate disclosure and investor relations.In this context, we recognize that protecting personal information is fundamental to our business activities and an important social responsibility, and we have built a personal information protection management system to ensure the appropriate handling of personal information, which we will implement as follows.

• We will comply with laws, regulations, and standards regarding personal information, appoint a manager in charge of personal information in each department handling personal information, and strive to protect personal information by having the manager in charge manage it appropriately.
• We will take specific measures to ensure that personal information is obtained, used and provided in a fair and legal manner, and that it is not used for any way other than for its intended purpose.
• We will securely and accurately manage personal information, take measures to prevent unauthorized access to personal information, as well as loss, destruction, alteration, and leakage, etc., and promptly implement corrective measures in the event of any such occurrence.
• We will not provide personal information to any third party without the consent of the individual to whom it pertains.In addition, when we outsource the processing of personal information, we contractually require them to manage it appropriately in the same way that we do.
• Complaints and inquiries regarding personal information and our personal information protection management system will be promptly handled at the contact below.
• We will continuously review our personal information protection management system in an effort to improve it.

Established March 8, 2005
Revised September 1, 2009
Revised June 7, 2010

Takeshi Ueno
President and Representative Director
PRONEXUS INC.
For inquiries about protection of personal information, please use the contact for our President's Office.
Tel: 03-5777-3145
E-mail:asp@pronexus.co.jp

Masahiro Tsukamoto, head of Compliance and Quality Management Division, Manager of Personal Information Protection, PRONEXUS INC.

When personal information is directly obtained in writing, we will clearly state the purpose of use for this information in advance each time.
The purpose of use of personal information obtained by methods other than directly in writing (such as by telephone) or when personal information is obtained indirectly from publicly available information are as follows.

We maintain a corporate information database that includes personal information, for the purpose of providing it to third parties.

• Sale of a corporate information database
• Preparation and distribution of guidelines for preparation of statutory disclosure documents (manuals)

We may outsource a portion of our operations to help us achieve the purpose of use.We sign agreements with the subcontractors to whom we outsource this personal information, to guarantee that they manage it with the same level of care that we do.

We have set forth the following requirements to ensure the appropriate handling of personal numbers and specific personal information.

The following contact office will appropriately respond to the requests and complaints listed below.

Please understand that we cannot accept requests made in person at our office.Please see "Procedures for Disclosure of Personal Information” below for details of the procedure.
PRONEXUS uses the following accredited personal information protection organization.You may contact the organization if you have any complaints about our handling of personal information.

PRONEXUS uses personal information for the purposes listed in “2. Purpose of Use” above.The provision of personal information is discretionary; however, if you do not agree to provide personal information, we may not be able to fulfill some or all of the purposes of use listed above.

In order to ensure the proper handling of personal data held, we have formulated a basic policy (Privacy Policy) regarding matters such as “compliance with the relevant laws, regulations and guidelines, etc.” and “contacts for questions and complaints.”

We have established basic handling methods for the acquisition, use, storage, provision, deletion, disposal, etc. of personal data, along with the supervisors, personnel in charge, and operations involved.

• We have appointed a supervisor of handling of personal data, clarified the scope of personal data handled by employees, and established a reporting and communication system to be used in the event that any instance or indication of a violation of the Personal Information Protection Act or the rules for handling personal information is identified.
• We conduct regular internal audits of the handling of personal data.

• We conduct regular training of employees on the handling of personal data.
• Matters concerning the confidentiality of personal data are stated in the employment regulations, etc.

• We control access to offices and use of equipment by employees and also implement measures to prevent unauthorized persons from viewing personal data.
• We will take measures to prevent the theft or loss of devices, electronic media, documents, etc. used to handle personal data.
• When disposing of devices or electronic media used to handle personal data, we ensure that they are disposed of properly by a subcontractor with whom we have concluded an appropriate contract.

• We implement access control, identification and authentication of parties making access, and limit the personnel in charge and the scope of the personal information handled.
• We have introduced a system to protect information systems that handle personal data from unauthorized access or unauthorized software from outside.

• When handling personal information in foreign countries, we regularly collect and understand information about the personal information protection systems of the relevant countries, and take security control measures.

PRONEXUS will respond to any request regarding the personal data held, whether the request is from the individual to whom the information pertains or from an agent representing that individual.

To request disclosure, please contact our Personal Information Protection Contact Office (refer to the section on our handling of personal information) by telephone, etc., and ask for a “Disclosure of Personal Information Request Form.”We will send the form that you need to submit.

If the person requesting disclosure is a legal representative of a minor or adult ward, or an agent entrusted by the person to whom the information pertains to request disclosure of that information on their behalf, either of the following documents (1) and (2) must also be enclosed in the envelope together with the documents listed in the previous paragraph.

A fee of 2,000 yen shall be charged each time a request for disclosure of personal data held is made.Please enclose 2,000 yen's worth of postage stamps in the envelope along with your request documents.We will notify you if the fee payment is insufficient or is not sent, but we will assume that you have not made a request if you do not pay the fee within the required period.

• In instances where “personal data held” is not disclosed
  We will not make the requested disclosure in the event of any of the following.If we decide not to disclose the information, we will inform you of the reason.Even if we decide not to disclose the information, we will not refund your fee.
  • We are unable to verify the identity of the person to whom the information pertains (for example, there is inconsistency between the address listed in the request form, the address listed in the documents used to identify the person to whom the information pertains, and the address listed in the personal information of that individual that we have in our records)
  • We are unable to confirm the authority of legal representation for the request by the agent
  • The request form is incomplete and has not been properly corrected
  • The request for disclosure is not for “personal data held”
  • The disclosure may harm the life, physical wellbeing, assets or other rights or interests of the person to whom the information pertains or a third party
  • The disclosure may cause significant problems for the proper implementation of the Company’s business
  • The disclosure will violate laws and regulations

For changes, etc. to personal information (notification of purpose of use, corrections to details, addition or deletion, termination of use, erasure, termination of provision to a third party, or disclosure of a record of provision to a third party), please contact our Personal Information Protection Contact Office by telephone, etc. and request a Personal Information Changes and Usage Stoppage Request Form.Alternatively, you may make your request directly to our client manager.

After completing the request form that we have sent to you, enclose the following documents in an envelope and post it to our Personal Information Protection Contact Office (we will appropriately handle the documents you send to us, and will treat them as personal information.)

• A copy of your Japanese health insurance card or other official identification document that will verify your name and address (If you are going to send in a copy of a document that contains sensitive information, such as your permanent address, we ask that you black out the sensitive portions first).
  If you make your request to our client manager, and we are able to confirm that you are the person to whom the information pertains, the client manager will perform the necessary procedures.

The same as in 3. of the procedure for a disclosure request.

No fee will be charged for changes, etc.