Central Tokyo MICE Network

1. Our Policy for the Protection of Personal Information

The Central Tokyo MICE Network (hereinafter referred to as ‘the Network’) obtains and retains personal information such as customer names, addresses, telephone numbers and e-mail addresses in order to ensure the smooth operation of our business. We recognize that proper safekeeping of personal information is an important obligation and have therefore established the following personal information handling policies.

• (1)In addition to complying with all laws, regulations, ordinances and guidelines related to the safekeeping of personal information, we adopt and implement practices for the appropriate handling of personal information that accord with generally accepted public standards, and will strive to improve the suitability and implementation of those practices.
• (2)We establish clear internal regulations regarding the handling of personal information and make these regulations known to all members. In addition, we require our trading partners and contractors to handle all personal information in an appropriate manner.
• (3)When obtaining personal information, we will publicly specify the purpose of collecting the information, how it will be used, and only use the personal information within the scope of the specified purpose.
• (4)In the event that we outsource all or part of the handling of personal information to a third party to achieve the specified purpose of use, and in the event that we provide your personal information to such third party, we will confirm that the third party has adequate protection of personal information before creating a contract with them and will take appropriate measures to protect your personal information.
• (5)We will establish the necessary measures and engage in the appropriate supervision to prevent any disclosure, loss of, or tampering with, any personal information.
• (6)If we receive a request from a customer to disclose, correct, delete, or discontinue the use of personal information held by our organization, we will respond to the request in good faith.

2. Purpose of Use of Personal Information

The Network obtains personal information as necessary in the course of undertaking our business. Personal information will be used for one or more of the following purposes.

• (1)To send emails and material in connection with information about the Network’s business or in response to questions from customers.
• (2)To send invitations to events organized, co-hosted, sponsored, or supported by the Network, and season's greetings.
• (3)If we are commissioned by another business to handle personal information in whole or in part, we will operate the commissioned tasks appropriately.
• (4)To distribute e-newsletters and emails relating to the Network's business.
• (5)To conduct market research relating to the Network's projects.
• (6)For other tasks relating to the Network’s projects.

3. Providing Personal Information to Third Parties

The Network will not provide personal information to third parties without prior consent from the individual.

4. Management and Custody of Personal Information

The Network will appoint a Personal Information Manager to ensure the proper and strict safekeeping of personal information received from customers and will strive to preserve the accuracy of all personal information. We will implement the necessary and appropriate level of safety measures to prevent the risk of personal information being disclosed outside of the Network and of improper external access to personal information, as according to the Regulations for the Custody of Personal Information and Rules for Dealing with Personal Information.
The measures taken by the Network for the safe management of personal information in its possession are as follows.

• (1)Organizational safety management measures
  • ① Organizational structure
    Organizational structures are in place to implement safety management measures.
  • ② Operation in accordance with the Disciplinary Rules for the Handling of Personal Information
    Personal information is handled in accordance with the rules for the handling of personal information as established in advance. When necessary, we will record system logs or usage records to verify the status of operation in accordance with the established rules for the handling of personal information.
  • ③ Developing a means of checking the status of the handling of personal information
    We have in place means to check the status of our handling of personal information.
  • ④ Establishment of a system to deal with an incident of data leakage
    We shall establish a system for responding appropriately and promptly when we become aware of the occurrence of a data leakage or other incident.
    In the event of a leakage or similar incident, the Personal Information Manager will notify the individual or the authorities in accordance with the legal system of the respective country and will promptly disclose the facts and measures to prevent recurrence, secondary damage or similar incidents depending on the incident.
  • ⑤ Monitoring of handling data and reviewing security control measures
    We will monitor the handling of personal information, and work to assess, review and improve our security management measures.
• (2)Personnel security management measures
  • ① Employee training
    We ensure that our employees are informed and appropriately trained in the proper handling of personal information.
• (3)Physical security management measures
  • ① Management of areas where personal information is handled
    Appropriate management is carried out in areas where important information systems such as servers and main computers that handle personal information databases are managed, as well as in areas where other administrative work handling personal information is carried out.
  • ② Prevention of theft or loss of equipment and electronic media.
    We shall exercise appropriate control to prevent the theft or loss of equipment, electronic media and documents that handle personal information.
  • ③ Prevention of leaks when carrying electronic media
    When we carry electronic media or documents on which personal information is recorded, we shall take security measures to ensure that the personal information is not readily apparent.
  • ④ Deletion of personal information and disposal of equipment, electronic media.
    When personal information is deleted, or equipment or electronic media on which personal information is recorded is disposed of, it will be done in a manner that makes it unrecoverable. In addition, when personal information is deleted or equipment, electronic media on which personal information is recorded is disposed of, a record of the deletion or disposal will be preserved as necessary. When such work is outsourced, we will, if necessary, verify by means of a certificate or other means that the outsourced party has securely deleted or disposed of the personal information.
• (4)Summary of technical security management measures.
  • ① Access control
    We shall implement appropriate access controls to limit the scope of the person in charge and the way databases of personal information are handled.
  • ② Identification and authentication of persons accessing the system.
    We shall ensure that employees who use information systems that handle personal information are those with legitimate access rights.
  • ③ Prevention of unauthorized external access
    We shall implement and properly operate mechanisms to protect information systems that handle personal information from unauthorized external access or unauthorized software.
  • ④ Prevention of leaks and other problems arising from the use of information systems.
    We shall take measures to prevent the leakage of personal information arising from the use of our information systems and shall operate information systems appropriately.
• (5)Understanding the external environment
  When handling personal information in countries other than Japan, we will take necessary and appropriate measures for the secure management of personal information, based on our understanding of the systems for the protection of personal information in those countries.

5. Disclosure, Correction, Deletion and Suspension of Use

The Network confirms that customers have the right to request disclosure, correction, deletion, or suspension of use of their personal information. In the event of such a request, the Network will comply with the request within a reasonable period without objection after confirming the identity of the customers.

6. Reception Desk

Requests as set out in Section 5 above regarding personal information held by the Network, as well as enquiries and complaints regarding the handling of personal information by the Network, should be accepted to the following the Reception Desk. The procedures for accepting such requests will be in accordance with the Network's separately prescribed procedures. Please note that we may not be able to comply with requests for disclosure that do not comply with these procedures.

Reception Desk

• (1)Address:
  Secretariat, The Central Tokyo MICE Network
  Institute for Urban Development, The Mori Memorial Foundation
  Toranomon 37 Mori Building, 13F
  3-5-1, Toranomon, Minato-ku, Tokyo, 105-0001, Japan
• (2)E-mail:
  mice@mori-m-foundation.or.jp
  The business hours are from 10:00am to 5:00pm on weekdays (excluding the Network holidays).

May 30, 2022
The Chairperson Yoshiaki Hompo
The Central Tokyo MICE Network