INSURANCE BUSINESS
PRIVACY POLICY

Insurance Business Privacy Policy

Our Handling of Personal Information (Our Basic Policy on the Protection of Personal Information)

In view of the importance of protecting personal information, and in recognition of the responsibility of all persons engaged in the Company's business, the Company shall comply with the Act on the Protection of Personal Information (the "Personal Information Protection Act") and other relevant laws and guidelines, handle personal information properly, and take appropriate measures for safety management. We are committed to ensuring that personal information is handled appropriately by thoroughly educating and instructing our employees to ensure proper handling of personal information. In addition, we will promptly respond to complaints and consultations regarding the handling of personal information, and will review and improve our handling of personal information and appropriate measures for its secure management as appropriate.

Acquisition of Personal Information

We will acquire personal information to the extent necessary for our business in a lawful and fair manner, after taking sufficient security control measures.

Purpose of use of personal information

We will use the personal information obtained for the provision of products and services related to all businesses operated by us, as well as for the provision of non-life insurance, life insurance, and related services provided by the insurance companies listed below on behalf of each company. It will not be used for any other purposes.

ANY CHANGES TO THE ABOVE PURPOSES OF USE WILL BE MADE ONLY TO THE EXTENT THAT THEY ARE REASONABLY DEEMED TO BE RELEVANT, AND IN THE EVENT OF SUCH CHANGES, THE COMPANY WILL, IN PRINCIPLE, NOTIFY THE INDIVIDUAL IN WRITING OR OTHERWISE, OR PUBLICLY ANNOUNCE THE DETAILS ON ITS WEBSITE (URL) OR OTHERWISE.

Purposes of use by insurance companies that outsource their insurance solicitation services to the Company are listed on their respective websites (see below).
Tokio Marine & Nichido Fire Insurance Co.
Tokio Marine & Nichido Anshin Life Insurance Co.

Personal Data Security Control Measures

We will take the following measures to prevent leakage, loss, or damage of personal data that we handle and to otherwise safely manage personal data.

(Formulation of Basic Policy)
In accordance with the Company's Personal Information Handling Regulations, the basic policy is formulated in this document regarding the Company's name, contact point for handling questions and complaints regarding security control measures, declaration regarding security control of personal data, declaration of continuous improvement of the basic policy, declaration of compliance with related laws and regulations, etc.

(Establishment of rules for the handling of personal data)
The Company's personal information handling rules establish basic handling methods for the acquisition, use, storage, etc., of personal data.

(Organizational safety control measures)
Establish a person in charge of personal information management, develop and implement a system for checking and auditing the handling of personal information, and develop a system to deal with leakage incidents, etc.

(Personnel safety control measures)
Sign non-disclosure agreements with employees, maintain work rules, etc., ensure that employees are informed and receive training, etc.

(Physical safety control measures)
Locked storage of documents, external media, etc. to prevent loss or theft; cutting, incineration, dissolution, or erasure of personal information at the time of disposal; prohibition of carrying personal information without the consent of the data controller; limitation of the number of cases in which personal information is carried; and other measures

(Technical security control measures)
Use of strong passwords to prevent unauthorized access, prohibition of ID sharing, use of devices that can be set to encrypt, and other measures

Provision of Personal Data to and Acquisition of Personal Data from Third Parties

We will not provide personal data to third parties without the consent of the individual, except in the following cases

• When required by law
• When it is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the individual
• When it is especially necessary to improve public health or to promote the sound growth of children and it is difficult to obtain the consent of the individual concerned
• When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs prescribed by law, and obtaining the consent of the individual is likely to impede the execution of such affairs.
• (iii) Where said third party is an academic research institution, etc., and it is necessary for said third party to handle said personal data for academic research purposes (including cases where part of the purpose of handling said personal data is for academic research purposes, but excluding cases where there is a risk of unjustified infringement on the rights and interests of individuals).

When personal data is provided to a third party or acquired from a third party, we will confirm the circumstances of the provision or acquisition, and record and store the name of the recipient/provider and other items required by law.

Handling of Sensitive Information

We will not acquire, use, or provide to third parties any personal information requiring special consideration (including information on race, creed, social status, medical history, criminal record, criminal record, etc.) or information on labor union membership, family origin and legal domicile, health care, or sexual life ("Sensitive Information"), except as provided in the Personal Information Protection Law, other laws, regulations, or guidelines. Except for the cases stipulated in the Personal Information Protection Law, other laws, regulations, and guidelines, the Company shall not acquire, use, or provide to a third party Sensitive Information.

Inquiries to the Company

Please contact the following contact point for inquiries. For inquiries regarding insurance accidents, please contact the Accident Consultation Desk indicated on the insurance policy in addition to the contact below.
Please note that we will respond to inquiries only after confirming the identity of the person making the inquiry.