Mitsubishi Electric first created company rules on personal information protection in October 2001, and since then requires all employees and affiliated persons to obey those rules strictly. After issuing a personal information protection policy in 2004, Mitsubishi Electric satisfied the requirements of JIS Q 15001:2006 Personal Information Protection Management Systems in January 2008, and was permitted to use the "PrivacyMark," which certifies the establishment of management systems that ensure proper measures for personal information protection. We have maintained our "PrivacyMark" certification until the present through five biennial assessments.
We have also conducted a review of our internal regulations to ensure a proper response to the amended Act on the Protection of Personal Information that came into force in May 2017.
Mitsubishi Electric handles personal information appropriately; we acquire it by specifying purpose of use, use it only within the intended scope, and provide it to a third party only with prior consent from users.
The Mitsubishi Electric Group handles personal data from the EU in an appropriate manner with due consideration to the General Data Protection Regulation (GDPR) that was put into force in the EU in May 2018 as a framework to protect privacy.