January 2016
Japan Racing Association
The Japan Racing Association (the “JRA”, “we,” “us” or “our”) recognizes the importance of personal information and considers it our responsibility to thoroughly protect the same in operating our business. We will make efforts to protect personal information by establishing the following policy and keeping our officers and employees informed of the same in order to provide a sense of security and reliability to our customers. We will also properly handle the information concerning corporations and other organizations in the same manner as personal information.
1. Compliance with Laws and Regulations
We will comply with the Act on the Protection of Personal Information and other relevant laws and regulations in order to realize the protection of personal information.
2. Handling of Personal Information
We will establish a management system for the protection of personal information based on the actual state of operations and handle personal information in an appropriate and careful manner in accordance with our internal regulations and the like.
(1) Acquisition of Personal Information
In obtaining personal information, we will clarify the purposes of use thereof and obtain the same in a lawful and fair manner through methods such as in written format (e.g. via an application form), on the screen of a website, or orally.
(2) Use and Provision of Personal Information
We will strictly manage personal information and, except where required under laws and regulations, only use and/or provide the same within the scope of the purposes with respect to which we have obtained the consent of the person him/herself.
3. Security Control Measures
We will take necessary security control measures against risks such as unauthorized access to, divulgence of, or loss or damage of personal information, to ensure the accuracy and safety of personal information.
4. Supervision of Employees and Contractors
(1) We will provide necessary educational training to our officers and employees in order to ensure the implementation of the security control measures and other proper handling of personal information.
(2) We may entrust the handling of personal information in our operation, in whole or in part. In such case, we will: (i) select an individual or entity that is considered to handle the personal information in an appropriate manner; (ii) properly set forth in a service agreement the security control measures, confidentiality, terms and conditions for subcontracting and any other matters concerning the handling of personal information; and (iii) implement necessary and appropriate supervision.
5. Continuous Improvement of Personal Information Protection
We will continuously improve the management of personal information protection by evaluating and reviewing the activities concerning the personal information protection on a regular basis.