The PrivacyMark is granted to private enterprises that adopt sufficient measures to properly protect personal data. The PrivacyMark System was established by the Japan Information Processing Development Corporation (JIPDEC) in April 1998, and the PrivacyMark is certified and granted by JIPDEC as well as three other designated organizations.
Mitsubishi Research Institute, Inc., was certified and granted the PrivacyMark on January 8, 2003, after document-based examinations and on-site inspections conducted by the Japan Information Technology Services Industry Association (JISA).
We consider it our social responsibility to properly manage and protect personal data because we often handle personal data in our work which includes the conduct of surveys, personal interviews, and seminars, as well as data processing.
We have always taken utmost care to protect personal data. Now that we have been certified and granted the PrivacyMark, however, we shall further fortify our measures to protect personal data. We shall continue to implement reliable management that earns the trust of society by using thorough security measures to manage the personal data with which we have been entrusted.
The following are our approaches to handling personal data. Your cooperation and understanding will be greatly appreciated.
Basic principles for the protection of personal data
- Personal data shall be properly collected and used. We shall collect personal data only after notifying the data subject or obtaining the data subject's consent.
- We shall use such personal data only within the scope consented. If personal data is to be used for purposes outside the scope consented, we shall notify the data subject and obtain new consent.
- All personal data collected shall be safely stored under strict control.
- Personal data shall never be disclosed or entrusted to a third party, except when the data subject has given consent for such disclosure or entrustment.
- The processing of personal data shall be entrusted to an outside party only under the condition that the outside party performs strict control equivalent to that performed by MRI.
- The transfer of personal data shall only be conducted by secure method, and a record of the transfer shall be kept in all cases. The destruction or return of such personal data after use shall be performed in a secure manner, and a record shall be kept in all cases.
- The data subject has a right to confirm the content of his/her own personal data in the possession of MRI and/or to request deletion and/or revision to his/her own personal data. We shall follow strict procedures in responding to all such requests.
- We shall fully communicate our personal data protection policy to all employees and abide by the policy.
Please click here for our personal data protection policy.
- Please address complaints and consultations regarding the handling of personal data to:
- Corporate Communications Division