Asahi Net Personal Information Protection Policy
Asahi Net, Inc. (hereafter called "the Company") has established the following Personal Information Protection Policy to handle the personal information of our large number of customers both accurately and safely, recognizing that this is the single most important management task towards providing a customer-oriented service. In addition, when providing services including those offered with our telecommunications business, we believe that the adequate protection of personal information is a social responsibility, and so have we established the following Personal Information Protection Policy and we will continuously strive towards the proper handling of personal information.
- The Company will handle the personal information of our customers only within the scope of the purpose of use and not for other purposes, unless prior consent has been obtained from the customer or unless otherwise stipulated by laws and regulations. Necessary measures will be taken for this purpose.
- The Company vows to strictly comply with the obligations set forth in the Act on the Protection of Personal Information (hereinafter called "the Personal Information Protection Act"), and other relevant laws and regulations relating to personal information protection, in the same way as the Asahi Net Personal Information Protection Policy.
- The Company will endeavor to keep personal data accurate and up-to-date within the scope of the purpose of use, and take necessary and appropriate measures to securely control personal information and to supervise employees and subcontractors.
- The Company will endeavor to deal quickly and appropriately with inquiries or complaints received by the Company’s representatives from customers regarding our handling of personal information, and will disclosure, correct and delete acquired personal information in accordance with laws and regulations.
- The Company will take all necessary corrective and preventive measures to safely manage personal information, and will strive to prevent unauthorized access, loss, destruction, alteration and leakage to or of personal information.
- The Company appoints a person in charge of administering personal information for the purpose of properly handling the personal information acquired, and develops internal regulations, educates employees, implements internal auditing and has established, implemented and continuous strives to improve its Personal Information Protection Management System, including the review of this policy.
Asahi Net, Inc.
Date created: March 25th, 2005
Date revised: May 1st, 2015
Date revised: December 25th, 2015
Asahi Net, Inc.
President: Jiro Hijikata
Consultation desk for matters related to the handling of personal information:
Personal Information Protection Measures Department
Telephone:03-3541-3892 (10am to 6pm)
Asahi Net Inc., has received ISO/IEC 27001:2013 certification for Information Security Management System (ISMS), an award that signifies our concerted efforts in dealing with information security. We will continue to take steps to ensure that those using our Internet connection services and related services may do so securely and with peace of mind.
|Date obtained||13th December 2013|
ISO/IEC 27001：2013 Certification
Asahi Net Inc., has received ISO/IEC 27001:2013 certification for Information Security Management System (ISMS).
|Certification obtained||ISO/IEC 27001:2013
JIS Q 27001:2014
|Accreditation body||UKAS (United Kingdom Accreditation Service)
JIPDEC (Japan Information Processing Development Corporation)
|Registration date||6th August 2010|
|Revision date||1st August 2014|
|Certification body||JQA (Japan Quality Assurance Organization)|
Internet Connection Service Safety & Security
Asahi Net Inc., has passed the licensing examination of the Internet Connection Service Safety & Security Promotion Association and therefore can use the Safe Security ISP mark.
These seven items were tested for the licensing examination.
- The establishment of a security policy and introduction of an audit system.
- The security level of systems.
- The establishment of a system to manage times when problems occur.
- The maintenance and announcement of user-oriented contract articles, etc.
- The maintenance of a system to manage users.
- The dissemination of knowledge to users.
- The actions taken to protect personal information.