We, Sojitz G Auto Philippines Corporation (“SGAP”), thoroughly recognize the importance of protecting personally identifiable information (“Personal Information”). We believe that properly handling Personal Information is part of our social responsibility, and declare that we strive to protect Personal Information in accordance with the following policies:
Compliance with Laws and Other Rules
We will strictly comply with the Republic Act 10173 or “Data Privacy Act of 2012” and other related laws and regulations, guidelines, industry self-regulation, and internal rules, etc. when carrying out operations in which Personal Information is handled.
Collection of Personal Information
We will not collect any Personal Information without the prior consent of the individual identified by the Personal Information (“Data Subject”), unless exempted under related data privacy laws and regulations, but at all times compliant with said laws and regulations.
Use of Personal Information
We will use Personal Information only for the purposes of use officially announced in advance or informed at the time of collection and to the extent necessary to carry out business. In the case where we share Personal Information Personal Information with a third-party, or entrust the processing of Personal Information Personal Information to a third-party, we will examine such third-party rigorously, and perform proper supervision to ensure that such third party keeps the Personal Information confidential.
Provision of Personal Information to Third-Parties
Except as provided by laws and regulations, we will not provide Personal Information Personal Information to any third-party without the prior consent of the Data Subject.
Security Measures for Personal Information
- We will work to keep Personal Information accurate and up-to-date, and delete any Personal Information that is no longer needed without delay, while ensuring the thorough safety management of Personal Information on a daily basis.
- We will take appropriate measures to prevent the loss, destruction, alteration, and leakage of Personal Information, unauthorized access to Personal Information and infiltration by computer viruses and the like. In the unlikely event that any of these matters occur, we will promptly take corrective actions.
- We will not allow Personal Information to be leaked by taking it off premises or transmitting it externally.
Disclosure, Correction, Suspension of Use, and Deletion of Personal Information
We confirm that the Data Subject has the right to request the disclosure, correction, suspension of use, and deletion, etc. of their own Personal Information, and we will strive to appropriately and immediately respond to any such request.
Organization and Structure
- We recognize that the appropriate management of Personal Information is our social mission. We shall assign a manager in every department to process Personal Information and implement the appropriate management of Personal Information.
- We will provide all those involved in operations, including officers, full-time employees, part-time employees, and contract employees with training on the protection of, and methods for appropriately managing, Personal Information, and thoroughly ensure that Personal Information is processed appropriately in day-to-day operations.
Compliance Program regarding Protection of Personal Information