As a company that handles personal information, Chubb Insurance Japan (hereinafter referred to as the Company) is deeply aware of the importance of protecting personal information, properly handles personal information as defined in the Act on the Protection of Personal Information (hereinafter referred to as Personal Information Protection Act) and individual numbers as defined in the Act on the Used of Numbers to Identify a Specific Individual in Administrative Procedures (hereinafter referred to as My Number Act) as well as specific personal information as defined in the same act (hereinafter, personal numbers and specific personal information are collectively referred to as Specific Personal Information Etc.) in compliance with Personal Information Protection Act, My Number Act, other related laws and regulations, Guidelines for Protection of Personal Information in the Finance Sector, and other guidelines, and continuously reviews and improves, as necessary, the measures for security control and the policies listed below.
* “Personal information” and “personal data” in the following items 1. through 13. mean those excluding Specific Personal Information Etc. For handling of Specific Personal Information Etc., please see 5., 6., 8., 9., and 13. below.
- Acquisition of Personal Information
The Company acquires personal information in a lawful and fair manner to the extent necessary for recruitment activities. Specifically, personal information is acquired through resumes, curriculum vitae, job applications, and other documents necessary for hiring procedures (including input on the internet). In addition, the Company may use and/or acquire Cookie to identify individuals who access the Company’s website through the internet.
When handling personal information on the internet, the Company uses SSL, an encrypted communication protocol, in order to send and/or receive personal information securely.
- Purpose of Use of Personal Information
The Company uses acquired personal information only to the extent necessary for the following purposes.
When changing purposes of use, the Company will notify individuals of details of the change or announce them on the Company’s website etc.
(1) To provide information on company information sessions, seminars, etc. and to take applications
(2) TTo provide information on recruitment of officers/employees, to take applications, to contact job applicants concerning selection etc., and to perform administrative tasks
(3) To determine whether a job applicant is suitable for the position they have applied for
(4) To provide information on hiring date, documents that a job applicant should submit before joining the Company, pre-employment medical examination, etc.
(5) To manage employment after a job applicant joins the Company
(6) For other businesses related to or incidental to employment selection etc.
When handling personal information beyond the scope necessary to achieve of the purposes of use, the Company shall obtain the consent of job applicants except in the cases listed in items of Personal Information Protection Act.
- Provision of Personal Data to Third Party and Acquisition of Personal Data from Third Party
The Company will not provide personal data (as defined in Personal Information Protection Act) to a third party without consent of the individual, except in the following cases:
(1)When required by applicable laws and/or regulations;
(2)When providing personal information to a third party vendor within the scope necessary for recruitment activities; and
(3)When sharing personal information with our group companies for joint use (for details, please see “7. Joint Use of Personal Information with Group Companies”).
Unless otherwise required by laws and/or regulations, when providing personal data to a third party, the Company will record matters relating to such provision (e.g. to whom the personal data is provided and what kind of personal data is provided), and when acquiring personal data from a third party, it will confirm and record matters relating to such acquisition (e.g. who provides the personal data and how they have acquired the data).
- Handling of Sensitive Information
The Company will not acquire, use or provide to a third party sensitive information (including “special care-required personal information”) out of personal information concerning job applicants, except where required to ensure proper business operation, such as acquiring, using or providing to a third party such information to the extent necessary to execute business based on the content of the person.
(*) Sensitive information means the following information:
- Race, creed, social status;
- Medical history, health, sex life;
- Criminal record, fact of having suffered damage by a crime;
- Membership of a labor union;
- Family origin, permanent address; and
- Other personal information handling of which requires special care so as not to cause unfair discrimination, prejudice or other disadvantages to the person.
- Handling of Specific Personal Information Etc.
Purpose of use of Specific Personal Information. Etc. is limited by My Number Act. The Company will not acquire and/or use such information beyond the scope necessary to achieve its purpose. In addition, we will not provide such information to a third party except where permitted by My Number Act.
- Outsourcing Handling of Personal Data and Specific Personal Information Etc.
The Company may outsource handling of personal data and Specific Personal Information Etc. within the scope necessary to achieve purposes of use. When outsourcing handling of personal data and Specific Personal Information Etc. to a vendor, the Company will establish vendor selection criteria and conduct necessary and appropriate supervision of the vendor, such as checking their information management scheme, in advance.
- Joint Use of Personal Information with Group Companies
(Specific Personal Information Etc. are not subject to joint use.)
The company and its group companies will share personal data for joint use under the following conditions for the purpose of unified management by officers and employees in the group companies.
(1) Items of personal data: address, name, telephone number, e-mail address, gender, date of birth, and other information acquired for recruitment
(2) Managed by: Chubb Insurance Japan
Please click here to see our address and representative.
* For information on the Company’s group companies to share information with, please see Scope of Group Companies at the end of this document.
- Security Control of Personal Data and Specific Personal Information Etc.
In order to secure proper handling of personal data and Specific Personal Information Etc., the Company will take sufficient security measures, including developing manuals and a security control implementation mechanism, and comply with and continuously improve these measures. The following (1) through (6) are the overview of the measures.
(1) Establish rules for the handling of personal data
The Company has established the rules for handling (e.g. acquisition, use, storage, etc.) of personal data.
(2) Organizational security control
The Company has defined the responsibilities and authority of employees and regularly verify that personal data is handled in accordance with the handling rules.
(3) Human security control
The Company enters into personal data non-disclosure agreements with its employees and provides education and training to them.
(4) Physical security control
The Company controls access to areas where personal data is handled, prevents theft of personal data, and physically protects equipment and devices.
(5) Technical security control
The Company controls and monitors access to personal data and its information systems that handle personal data.
(6) Understand the external environment
The Company implements security control measures based on its understanding of the personal information protection programs in the countries where it handles personal data.
The personal information of those who are decided to be hired will be managed as officer/employee information for employment management purposes. The personal information of other individuals will be kept for a certain period of time after recruitment activities and then disposed of or deleted in an appropriate manner.
Please note that the Company will not return any documents submitted concerning application.
- Notification, Disclosure, Correction, Utilization Cease, Etc. of Matters Concerning Retained Personal Data Under Personal Information Protection Act
To request notification, disclosure, correction, utilization cease, etc. of matters concerning retained personal data under Personal Information Protection Act, please contact the Company at the contact point provided in the following “13. Inquiries about Recruitment Activities” via email.
The Company will verify the identity of the person making the request and ask them to fill out the form prescribed by the Company. We will then carry out the procedures and respond at a later date.
- Handling of Anonymously Processed Information
(1) Production of Anonymously Processed Information
When producing anonymously processed information (information relating to an individual that can be produced from processing personal information so as neither to be able to identify a specific individual by taking action prescribed by laws and regulations nor to be able to restore the personal information), the Company will:
・process the information appropriately in accordance with the standards prescribed by laws and regulations;
・ take action for the security control to prevent the leakage of deleted information and/or information related to processing methods in accordance with standards prescribed by laws and regulations;
・not attempt to identify a principal concerned with the personal information used to produce the anonymously processed information.
(2) Provision of Anonymously Processed Information
When the Company provides anonymously processed information to a third party, it will disclose to the public the categories of personal information contained in anonymously processed information to be provided to a third party and state to the third party explicitly to the effect that the provided information is anonymously processed information.
- Handling of Pseudonymously Processed Information
(1) Production of Pseudonymously Processed Information
When producing pseudonymously processed information (information relating to an individual that can be produced from processing personal information so as not to be able to identify a specific individual unless collated with other information by taking action prescribed laws and/or regulations), the Company will:
・process the information appropriately in accordance with the standards prescribed by laws and regulations;
・take action for the security control to prevent the leakage of deleted information and/or information related to processing methods in accordance with standards prescribed by laws and regulations; and
・not attempt to identify a principal concerned with the personal information used to produce the pseudonymously processed information.
(2) Provision of Pseudonymously Processed Information
The Company will not provide to a third party pseudonymously processed information, except:
・when required by applicable laws and/or regulations; and
・when personal data that is pseudonymously processed information is provided as part of an outsourcing arrangement within the scope necessary for the achievement of a utilization purpose.
- Handling of Personally Referable Information
When providing personally referable information as personal data to a third party, the Company will confirm with the third party that:
・the job applicant has agreed to provide personally referable information; and
・if the third party is in a foreign country, information about the personal information protection program of the foreign country, measures for protecting personal information taken by the third party, and other information that should be referred to by the job applicant have been provided to the job applicant.
- Inquiries about Recruitment Activities
The Company will appropriately and quickly respond to complaints and consultations regarding handling of personal information and Specific Personal Information Etc. For inquiries and consultations regarding handling of personal information and Specific Personal Information Etc. concerning recruitment activities and regarding retained personal data, please contact the following:
Chubb Insurance Japan Human Resources Dept.
Address: Garden City Shinagawa Gotenyama, 6-7-29 Kita-shinagawa, Shinagawa-ku, Tokyo 141-8679
E-mail: human-r@chubb.com
Please click here to see our representative.
(Scope of Group Companies)
TThe Company’s group companies in “7. Joint Use of Personal Information with Group Companies” refer to Chubb Limited, our parent company, and its subsidiaries as well as the Company’s subsidiary (*) and affiliated companies.
(*) Subsidiary of the Company:
Chubb SSI Japan