Personal Information Protection Principles

Dentsu Inc. (hereinafter referred to as “the Company”) regards balancing the utilization and protection of personal information as a building block for realizing the Company's mission of “Good Innovation.” The evolution of communication technology is drastically changing the Company's field of business and there are increasingly more areas of business dealing with such personal information.

The Company declares its commitment to managing and protecting personal information through these “Personal Information Protection Principles” in compliance with Japan's “Act on the Protection of Personal Information” and “Guidelines Targeting Economic and Industrial Sectors Pertaining to the Act on the Protection of Personal Information.”

1. Handling of Personal Information

(1) Purpose of Use

The Company shall obtain personal information in a fair and appropriate manner for the purposes defined within the range described in Table 1. Should there be any kind of personal information outside the list of “Types of Personal Information” in Table 1, such information will be put to use after the purpose of each use is made known or publicized and upon consent of the relevant individual(s).

(2) Outsourcing Management

The Company will outsource part of its operations pertaining to personal information to its supplier companies as described in “Status of Outsourcing” and “Scope of Outsourcing” in Tables 1 and 2. The Company regards management of supplier companies as top priority, selecting only those supplier companies who meet or exceed the Company's standard of personal information protection and specifying their responsibilities in written contracts before awarding them projects. The Company also demands of its supplier companies appropriate handling of personal information and will continue to supervise and evaluate them to safeguard operations.

(3) Provision to Third Party

The Company shall not, in principle, disclose and/or provide personal information to any third parties. If any such disclosure and/or provision of personal information should be conducted, it would be done appropriately and in compliance with the relevant laws.

(4) Shared Usage

The Company will share personal information on occasions such as seminars conducted jointly with an affiliate company(s) of the Company and/or with other company(s) in a business relationship with the Company. On such an occasion, the Company shall inform and/or publicize the purpose of its use, the kind of personal information to be used, with whom the personal information would be shared, and the person in charge prior to the event. The Company shall also make sure that all participating companies take the strictest of security measures.

(5) Disclosure and Inquiries

Any request or inquiry as to where and how to retrieve or to be advised of personal information which the Company has directly obtained, such as that included in Table 1, can be addressed to the contact person to whom the relevant personal information was originally given or to the Corporate Communications Department of the Corporate Communications Division of the Company. Information will then be provided as to the specific procedure of the request form and the required fee. Upon a formal request, the requester will be asked to present personal identification or proof of representation of the relevant individual. The Company does not currently participate in an authorized personal information protection organization.

2. Compliance with the Law

The Company shall strictly abide by any and all applicable laws and regulations, contracts and other policies pertaining to protection of personal information.

3. Security Measures

The Company shall implement security measures to manage and prevent leakage and other mishandling of personal information by specific actions including maintaining and improving its internal information management system, educating and inspiring its employees, controlling access to office spaces, IT security measures and so forth. Also, personal information that is no longer to be retained shall be destroyed or deleted in a secure and appropriate manner.

4. Continuous Improvements

The Company shall continuously evaluate and improve its personal information management system, including this set of principles, to reflect any changes in the demands of its clients and other business partners as well as those of the social environment and thus maintain its standard of excellence in handling and protecting personal information.

Table 1: Personal Information to Be Obtained Directly by the Company

Type of Personal
Information
Purpose of Use Method of
Acquisition
Status of
Outsourcing
Scope of Outsourcing
Personal information of clients Invitation and/or communication of the services including proposals, special offers, seminars, questionnaires, etc. Obtain directly from individual (via business card, email, etc.) Yes Delivery of invitation letters, operation of events and seminars
Delivery of publications, newspapers, seasonal greetings, etc. Yes Delivery of publications, newspapers and goods
Personal information of business partners Invitation and/or communication of the services including proposals, special offers and seminars directed to outsourced companies, etc. Via delivery of publications, newspapers, seasonal greetings, etc. No  
Delivery of publications, newspapers, seasonal greetings, etc. Yes Delivery of publications, newspapers and goods
Visitors at the Company's offices Notification of arrival of the visitor to the person visited and gatekeeping at office entrances Obtain directly from individual Yes Reception and related services
Personal information of talent/celebrity obtained via third party or in other ways Negotiation, production and management re: talent/celebrity appearance in a broadcast program, TV commercial, event, seminar, etc. Obtain directly from individual, or from his/her agent No  
Personal information of job applicants for the Company Operation and communication of job posting, recruitment and screening. Survey for the purpose of future recruitment activities. Personnel database after enrollment. Obtain directly from individual Yes Operations of recruitment activities including screening, scheduling, communication and execution/tabulation of survey
Personal information of shareholders Execution of the Company's rights and responsibilities in accordance with the Japanese Companies Act, provision of various benefits by the Company, activities for betterment of relationship between shareholders and the Company, management of shareholders for creating shareholder statistics as regulated and standardized by the relevant laws and regulations Via Japan Securities Depository Center or obtained directly from individual Yes Preparation of list of shareholders, notification of dividends, shareholders meetings and other share-related administrative operations and procedures
Personal information of people who make inquiries to the Company Handling of inquiries, requests, complaints, etc. Obtain directly from individual (via telephone, email, fax, letter, etc.) No  
Personal information of employees of Dentsu Group companies Organization of business operations and business development activities (details announced separately internally) Obtain directly from individual or via each Group company Yes Application differs case by case (announced separately internally)
Personal information obtained via third party General survey, consumer awareness & behavior research, operation of personalized data management (information based on personal attributes and behaviors) Obtain via documentation and/or electronic data Yes Research, analysis, list management, database server management, opt-in mail delivery, etc.

Table 2: Personal Information to Be Obtained for Commissioned Work

Type of Personal
Information
Scope of Commissioned Work
(Purpose of Use)
Status of
Outsourcing
Scope of Outsourcing
Personal information entrusted by clients for execution of commissioned work Execution of commissioned work which includes sweepstakes, consumer promotions, events, membership offerings, delivery of brochures upon request and handling of inquiries, general surveys, consumer awareness and behavior research, personalized data management (information based on personal attributes and behaviors), etc. Yes Implementation of sweepstakes, delivery of prizes and goods, research, analysis, list management, promotion office management, delivery of direct mails, database server management, opt-in mail delivery, etc.