Handling of Personal Information by MURC

Mitsubishi UFJ Research and Consulting Co., Ltd. and its subsidiary companies (known hereafter as “MURC”, or “we”) hereby declare that we will handle our customers’ personal information properly, in accordance with our Personal Information Protection Policy.

1 Purpose and Scope of Use

We collect and use personal information such as names, addresses, places of work, and telephone numbers, e-mail addresses, and other contact information for the following purposes and within the stated scope:

  1. Personal information obtained from members will be used in accordance with membership terms and conditions.
  2. Personal information obtained from participants in seminars and other events will only be used to provide information about the seminar or event in question or to carry out other required administrative processing. Personal information may also be used to contact such participants with information on similar services and other services provided by us.
  3. Personal information obtained for the purpose of requesting the participation in a survey or questionnaire will be obtained using legal and appropriate methods, and the method(s) used to obtain the information will be explained in the message accompanying the survey or questionnaire. This information will also only be used for the purposes of conducting the survey or questionnaire.
  4. Personal information obtained from participants in surveys and questionnaires will only be used for the purpose of conducting the survey or questionnaire. Unless permission is explicitly denied, personal information obtained from surveys and questionnaires will also be used for statistical purposes, in such a way that it will not be possible to identify individuals.
  5. Personal information pertaining to interview surveys will be used for candidate selection, interview requests (including supplementary and additional surveys), preparation of interview records, delivery of rewards and survey results, inquiries regarding the content of responses, and other interview-related tasks.
  6. Personal information entrusted from customers in the course of consulting work will only be used within the required scope of this work, such as for analysis and statistical purposes.
  7. Personal information obtained from the employees of our customers and business partners will only be used for purposes such as contacting our customers and business partners on matters of business. Personal information may also be used to contact such employees with information on other services provided by us.
  8. Personal information pertaining to the operation and management of committees, study groups, subcommittees, etc. will be used to prepare meeting records (minutes, etc.), to provide information on related meetings, etc., and for other secretariat- related .work.
  9. Specific Personal Information in connection with our payment administration will be used for administrative work related to the preparation and submission of payment records for our remuneration payments.
  10. Personal information obtained from potential recruits will only be used for recruiting purposes.
  11. The handling of personal information of employees will be notified separately to employees through internal portals, etc.
  12. Records of various inquiries to MURC and personal information of visitors will be used for the purpose of responding to inquiries and reception of visitors.
  13. In the event that personal information is acquired and used for purposes other than those listed above, MURC will individually notifie the subject person of the purpose of use and the information will be used within the scope of that purpose of use.

Under certain circumstances, personal information may be provided to our business partners to whom we outsource work or for other business-related purposes. In these cases, we only choose business partners who conform to our internal rules regarding the protection of personal information and ensure that they sign a contract agreeing to comply with these rules and handle personal information correctly and appropriately.

2. Security Control Measures for Personal Information

We will take the following security control measures in the handling of personal information.

  • 1.Establishment of Basic Policy
  • ・To ensure the proper handling of personal data, we have formulated a basic policy regarding “compliance with relevant laws, regulations, guidelines, etc.” and ” contact point for handling inquiries and complaints.

  • 2.Establishment of Rules and Regulations for the Handling of Personal Data
  • ・For each stage of acquisition, use, storage, provision, deletion/disposal, etc., we have established rules for handling personal data, including handling methods, responsible persons/persons in charge, and their duties.

  • 3.Organizational Safety Control Measures
  • ・In addition to appointing a person responsible for the handling of personal data, MURC clarifies the employees who handle personal data and the scope of personal data handled by such employees, and establishes a system for reporting to the person responsible in the event that a violation of the law or handling rules or regulations is detected or any indication of such a violation is detected.

    ・MURC conducts periodic self-inspections of the status of personal data handling, and audits are conducted by a specialized department.

  • 4.Personnel Safety Control Measures
  • ・Regular training is provided to employees on points to keep in mind regarding the handling of personal data.

    ・Items concerning confidentiality of personal data are stipulated in the work regulations.

  • 5.Physical Security Control Measures
  • ・In areas where personal data is handled, access control is implemented for employees, and measures are taken to prevent unauthorized persons from viewing personal data.

    ・Measures are taken to prevent theft or loss of equipment, electronic media, and documents that handle personal data, and measures are taken to prevent personal data from being easily discovered when such equipment, electronic media, etc. are carried, including during transportation within our office.

  • 6.Technical Safety Control Measures
  • ・Access control is implemented to limit the scope of persons in charge and the personal information databases. handled.

    ・A mechanism is in place to protect information systems that handle personal data from unauthorized external access or unauthorized software.

  • 7.Understanding the External Environment
  • ・We implement safety control measures based on our understanding of the systems for the protection of personal information in other countries where personal data is stored.

3.Inquiries about Personal Information

We will comply with your requests for notification of purpose of use, disclosure, correction, addition, or deletion of content, suspension of use, elimination, and suspension of provision to third parties of your personal data in our possession. Please contact the following for such inquiries.

Inquiries
Corporate Communications Dept.
Mitsubishi UFJ Research and Consulting
E-mail: info@murc.jp

April 1, 2022
Mitsubishi UFJ Research and Consulting Co., Ltd.
Hiroshi Murakami, Deputy President (Chief Information Security Officer)