PPIH group Information security policy
Pan Pacific International Holdings Inc. and its group companies (hereinafter referred to as the 'Group') recognise that in order to provide customers with pleasure and excitement through business activities centred on the retail industry, it is one of the important management issues to protect information assets as the Group's management resources, including customer information, from unauthorised access and cyber attacks. The Information Security Regulations have been established to ensure that employees and all parties involved in business operations handle information assets appropriately and protect them correctly. Based on these regulations, we have established an information security system, and through training and seminar for directors and employees, we are working to raise awareness of the importance of the proper handling and protection of information assets and to continuously improve this system.
- ❶Scope of Application:The scope of this policy applies to all directors, employees and all parties involved in the operations of the Group.
- ❷Information Security System:We have established an information security system headed by an executive officer to maintain and improve information security throughout the Group on an ongoing basis. In addition, appropriate risk assessments are carried out and reasonable and appropriate measures are implemented.
- ❸Legal Compliance and Response to Violations and Accidents:The Legal Division plays a central role in ensuring compliance with laws and regulations in cooperation with relevant parties within and outside the Group. If a director or employee violates this policy or regulations, penalties will be applied in accordance with employment regulations. In the event of an accident, such as a leakage of personal information, that seriously affects the Group's information security, the fact shall be promptly announced and prompt action shall be taken to prevent recurrence.
- ❹Personal Data Protection:Personal data will be handled appropriately and the necessary protection and security measures will be taken in accordance with this policy as well as the Privacy Policy.
- ❺Education and Training:Appropriate education and training on information security are provided to all employees to raise awareness.
- ❻Inspections and Audits:Inspections and audits of the above activities are carried out on a non-periodic and periodic basis to ensure continuous improvement.
Established in September 2023