In efforts to protect personal information, Mitsubishi Electric first created company rules on personal information protection in October 2001, and since then it has required all employees and affiliated persons to obey those rules strictly. Mitsubishi Electric issued a personal information protection policy in 2004, complying with the requirements of JIS Q 15001:2006 Personal Information Protection Management Systems. In January 2008, we were granted the right to use the "PrivacyMark," which certifies the establishment of management systems that ensure proper measures for personal information protection. We have maintained our "PrivacyMark" certification until the present.
We have also conducted a review of our internal regulations to ensure a proper response to Japan’s amended Act on the Protection of Personal Information, which went into force in May 2017.
Management system of personal information protection rules
Mitsubishi Electric handles personal information appropriately; we acquire it by specifying purpose of use, use it only within the intended scope, and provide it to a third party only with prior consent from users.
The Mitsubishi Electric Group handles personal data from the EU in an appropriate manner with due consideration to the General Data Protection Regulation (GDPR) that was put into force in the EU in May 2018 as a framework to protect privacy.