HOME  >  ESG Information  >  Social  > Information Security

Information Security

POLA ORBIS Group Information Security Poliy

The POLA ORBIS Group complies with our Information Security Policy, our Privacy Policy, and information security regulations, offering information security measures to protect personal and corporate information from threats. We have structured our organization and formulated regulations and rules for these information security measures, and regularly educate all directors and employees in each POLA ORBIS Group company. We will continuously plan, implement, inspect, and review our information security measures for informational assets from four perspectives: human management measures, physical management measures, technological management measures, and organizational management measures.

POLA ORBIS Group Information Security Organization

The POLA ORBIS HOLDINGS Corporate IT Planning Office handles planning, reliability, and safety related to optimizing the POLA ORBIS Group's IT strategy and system infrastructure. The Group CSR Committee oversees information security measures and established the CSR Promotion Officer and CSR Secretariat as the organizations to integrate and promote information security measures in each POLA ORBIS Group company.
Each CSR Promotion Officer is appointed by the president of each POLA ORBIS Group company, and oversees information security measure activity as a general manager of information security. The CSR Promotion Officer also appoints the head of the CSR Secretariat and other members, overseeing the planning, implementation, and supervision of information security measures when they are carried out at each company.

Information Security Training and Awareness Raising

To thoroughly manage information, the POLA ORBIS Group included rules on information security in the Group Code of Conduct, which all directors and employees check when taking stock of personal information. We also established a Social Media Policy and Guidelines to ensure employees do not cause trouble through social media, and we work to educate our employees through internal e-learning courses and lectures. We offer education on social media use, expanding our target range specifically to store employees and new and prospective employees.

Information Security Initiatives

We take stock of personal information twice a year (May and November) across the entire Group. Since 2014, we have required that all Group companies make a full list of companies entrusted with personal information and also audit entrusted companies at least annually to be thorough with managing companies entrusted with personal information. We also changed our internal regulations for the My Number system which began in 2016 and the Act on the Protection of Personal Information that was revised in 2017, and offered thorough notification of these changes. We also require our business partners to manage companies entrusted with personal information, strengthening the POLA ORBIS Group's information management. POLA's EC website obtained PCIDSS, a framework for information security. ORBIS also obtained the PrivacyMark certification.

Protecting and Using Intellectual Property

POLA ORBIS Group Protecting and Using Intellectual Property Policy and Initiative

The aim of the POLA ORBIS Group's intellectual property is to contribute to the development of society, and it is being used as part of a market revitalization. Therefore, we will strictly manage the assets that should be protected and gain the trust of our stakeholders. Of those assets, we strictly manage confidential information. We do not leak our own or another company's business secrets to outside sources or use this information for purposes other than its business or those that are granted to us by other companies. Furthermore, in the event that it is necessary to disclose said information to an outside source including our business partners, we will enter into a nondisclosure agreement, and make preparations to prevent unforeseen information leakage. We properly and strictly manage all personal information gained through business, and do not disclose this information to third parties without proper procedures.

ESG Information
Corporate Report2020