1) Conduct regular self-audit
- We conduct our own audits on a regular basis (quarterly) to ensure the safety of handling personal information.
2) Minimization and training of personnel handling personal information
- We are implementing measures to manage personal information by designating employees who handle personal information and minimizing them by limiting them to the person in charge.
3) Establishment and implementation of an internal management plan
- We have established and implemented an internal management plan for the safe processing of personal information.
4) Technical measures against hacking, etc.
- CENTERFIELD installs a security program to prevent leakage and damage of personal information due to hacking or computer viruses, periodically updates and checks, installs the system in an area where access is controlled from outside technically/physically Monitoring and blocking.
5) Encryption of personal information
- The user's personal information is stored and managed being encrypted, so only the user can know it, and for important data, separate security functions such as encrypting files and transmission data or using a file lock function are used.
6) Storage of access records and prevention of forgery
- We store and manage records of access to the personal information processing system for at least 6 months, and use security functions to prevent forgery, alteration, theft and loss of access records.
7) Restriction of access to personal information
- Necessary measures are taken to control access to personal information by granting, changing, and canceling access rights to the database system that processes personal information, and unauthorized access from outside is controlled using an intrusion prevention system.
8) Use of locking device for document security
- Documents containing personal information, auxiliary storage media, etc. are stored in a safe place with a locking device.
9) Access control for unauthorized persons
- A separate physical storage place where personal information is stored is set up and access control procedures are established and operated.