POLICY AND PURPOSE OF USE FOR THE PROTECTION OF PERSONAL INFORMATION

1. Policy for the Protection of Personal Information

Nippon Kaiji Kyokai (hereafter referred to as the “Society”) expands business activities, handling the personal information of our customers (including clients hereafter referred to as the “Customers”) and each person who engages in work for the Society (including persons employed based on an employment contract such as “regular employees”, “fixed-term employees”, “part-time employees”, as well as the executives, business contractors and dispatched workers. hereafter referred to as the “Employees”.)
The Society has established the POLICY FOR THE PROTECTION OF PERSONAL INFORMATION recognizing that proper handling of personal information of the Customers/Employees is an important social responsibility to attain the purpose of the Society.
The Society shall ensure this policy is widely disseminated to all employees, promote compliance with it and endeavor to handle personal information appropriately.

1)The Society shall engage in the following activities:

    (1) Classification and registration of ships and ship installations;
    (2) Survey of ship, machinery for marine use, equipment, other fittings, structures and materials, etc.;
    (3) Audit and registration of safety management systems, ship security systems and maritime labour systems;
    (4) Audit and registration of various management systems;
    (5) Verification and certification concerning safety and environmental conservation;
    (6) Inspection and certification concerning renewable energy;
    (7) Technical services;
    (8) Development of human resources;
    (9) Dispatching of temporary workers;
    (10) Research and development;
    (11) Conventions matters
    (12) IT services
    (13) International activities
    (14) Such other operations or activities necessary to achieve the purposes of the Society.
    (15) Recruitment, employment, labor and personnel management
    (16) General affairs, finance operations, business planning and business activities to support the each activity of the Society
    (17) Such other incidental activities necessary to carry out operations in every sector of the Society

2) The Society will handle personal information appropriately in compliance with the “Act on the Protection of Personal Information” (hereinafter referred to as "Personal Information Protection Act") and other related laws, as well as the “Guidelines Regarding the Act on the Protection of Personal Information” and other guidelines.

3) The Society shall properly acquire, use and provide personal information of the Customers/Employees within the scope necessary to achieve the intended purpose specified in the business activities. The Society shall take measures for the establishment of, notification of and compliance with the rules and regulations, so that it can enhance the inner management of the Society and prevent the Employees from using personal information for other purposes.

4) The Society shall implement necessary and appropriate Safety Control Measures and endeavor to prevent accidents, such as unauthorized access, loss, destruction, alteration, leakage, and damages of personal information by theft or unauthorized taking or transfer, as well as legal violation, disrepute and negative impact on individuals, and shall promptly take corrective measures in case any accident occurs.

5) The Society shall comply with and uphold up-to-date laws and regulations on personal information.

6) The Society shall respond promptly and appropriately to the consultations and complaints concerning personal information.

7) The Society shall establish, operate, check and rectify a system necessary to protect personal information and make ongoing efforts to improve its service.

2. Purpose of Use for the Protection of Personal Information

Personal information obtained by the Society will be used for the following purposes:

    1) To execute contracts with customers (including billing and payment)
    2) To conduct business negotiations, meetings, communications, and contracts with customers
    3) To provide information on the implementation of classification services and related after-sales services
    4) To respond to opinions and requests made to the Society
    5) To notify clients about the Society's publications
    6) To notify clients about research meetings and seminars hosted by the Society
    7) To plan, develop and introduce new services (technologies) and events
    8) To manage matters related to employee employment, labor, welfare, personnel management, and official procedures

      • Social insurance procedures, lending within the Society, preparation of list of employees, etc.
      • Determination and payment of remuneration and allowances, calculation and payment of commuting expenses, withholding tax and social insurance procedures, and other procedures required by law.
      • Salary and bonus assessments, promotion and advancement examinations, assignment decisions, information at the time of hiring, and other employment management
      • Ensuring healthy working conditions, proper health care, health welfare and health promotion, and other health management
      • Welfare and procedures related to welfare
      • Security, creation of staff identification documents (ID cards), and other security management
    9) To manage matters related to the recruitment and hiring of employees
    10) To perform other operations incidental and related to the business and operations of the Society

About the handling of personal information

1. Acquisition of personal information

We will clarify the purpose of use, etc. to customers and employees, and acquire information by legal and fair means within the scope necessary to achieve the purpose of use to which customers and employees have consented.

<Name of business and of representative>

Nippon Kaiji Kyokai, known as ClassNK
4-7, Kioi-cho, Chiyoda-ku, Tokyo, 102-8567
Hiroaki Sakashita, President & CEO

2. Use of personal information

The Society will use personal information only within the scope necessary to achieve the specified purpose of use. If personal information is to be used beyond the scope necessary to achieve the specified purpose of use, the Society will notify the individual of the necessary matters and use the information within the scope necessary to achieve the agreed-upon purpose of use. However, the following cases are excluded.

a) cases based on laws and regulations

b) cases in which there is a need to protect a human life, body, or fortune, and it is difficult to obtain the individual’s consent

c) cases in which there is a special need to enhance public hygiene or promote fostering healthy children, and it is difficult to obtain the individual’s consent

d) cases in which there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and there is a possibility that obtaining the individual’s consent would interfere with the performance of the said affairs

3. Access to an individual’s personal information

We will legally and appropriately access an individual’s personal information within the scope necessary to achieve the purpose of use to which customers and employees have consented.
However, the following cases are excluded.

a) cases based on laws and regulations

b) cases in which there is a need to protect a human life, body, or fortune, and it is difficult to obtain the individual’s consent

c) cases in which there is a special need to enhance public hygiene or promote fostering healthy children, and it is difficult to obtain the individual’s consent

d) cases in which there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and there is a possibility that obtaining the individual’s consent would interfere with the performance of the said affairs

e) cases in which all or part of the handling of personal information is entrusted to a third party and such personal information is handled within the scope necessary to achieve the purpose of use

f) cases in which the purpose of use is recognized to be clear in light of the circumstances of acquisition and the personal information acquired is used without indicating, notifying, or publicly announcing the purpose of use, etc. to the individual

4. Provision of personal information to a third party

When providing personal information to a third party, we will notify the individual of the necessary matters and obtain their consent in advance. We will do so within the scope necessary to achieve the specified purpose of use.
However, the following cases are excluded.

a) cases based on laws and regulations

b) cases in which there is a need to protect a human life, body, or fortune, and it is difficult to obtain the individual’s consent

c) cases in which there is a special need to enhance public hygiene or promote fostering healthy children, and it is difficult to obtain the individual’s consent

d) cases in which there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and there is a possibility that obtaining the individual’s consent would interfere with the performance of the said affairs

e) When entrusting all or part of the handling of personal information within the scope necessary to achieve the specified purpose of use

f) When providing information to the parties listed below in 5b) Scope of shared users

5. Sharing of personal information

Personal information may be shared with certain parties.

a) Shared personal information

 Personal information necessary for ClassNK Consulting Service Co., Ltd., and/or Ship Data Center Co., Ltd. to carry out its business and operations, and personal information necessary for recruiting, hiring, employment, labor, benefits, and personnel management.

1) Personal information such as name, address, date of birth, telephone number (including e-mail address), and employment history

2) Household-related information

3) Contract-related information

4) Information on contract history and contract needs

5) Information on risk management

6) Information on business management

7) Sales-related information

b) Scope of shared users

 ClassNK Consulting Service Co., Ltd., and/or Ship Data Center Co., Ltd.

c) Purpose of use for shared users

1) To execute contracts signed with customers (including billing and payment)

2) To conduct business negotiations, meetings, communications, and contracts with customers

3) To promote sales

4) To execute business and operations being carried out

5) To manage matters related to employee employment, labor, benefits, personnel management, and official procedures

6) To manage matters related to the recruitment and hiring of employees

7) To perform other operations incidental and related to the business and operations of the Society

d) Names, etc. of the parties responsible for the management of personal information to be shared

 The Society will be responsible for the management of personal information to be shared. For the address and name of the representative of the Society, please refer to 1 above.

6. Outsourcing of the handling of personal information

In order to ensure the smooth operation of business and to provide our business and operations in an appropriate manner, we may outsource all or part of our business and operations. In such cases, we select contractors that are recognized as handling personal information in a legal and appropriate manner within the scope necessary to achieve the specified purpose of use and conclude a contract, etc. with the contractor by stipulating the management necessary for the appropriate handling and confidentiality of personal information in the contract.

7. Safety Control Measures

The Society shall take necessary and appropriate safety control measures for the management of personal information, which includes preventing the leakage, loss, or damage of such information. A summary of the safety control measures is as follows.

(Formulation of a basic policy)
To ensure the proper handling of personal information, we have established a basic policy ("Policy for Protection of Personal Information ") regarding compliance with relevant laws, regulations, guidelines, etc. and a point of contact for handling questions and complaints.

(Establishment of rules and regulations concerning the handling of personal information)
We have established rules on the handling of personal information regarding handling methods and responsible staff as well as their duties, for each stage including acquisition, use, storage, provision, deletion, disposal, etc.

(Organization safety control measures)

  • In addition to appointing a person responsible for the handling of personal information, the Society clarifies the employees who handle personal information and the scope of personal information handled by such employees, and has established a system for reporting to the person responsible in the event that a violation or concerns of a violation of the Personal Information Protection Act or the Society's regulations on the handling of personal information is detected.
  • In addition to conducting regular self-inspections on the handling status of personal information, we also carry out audits by other departments and external parties.

(Personal safety control measures)

  • We provide regular training to employees on points to keep in mind regarding the handling of personal information.
  • Matters concerning the confidentiality of personal information are described in the work regulations.

(Physical safety control measures)

  • In areas where personal information is handled, we control the entry and exit of employees and restrict the equipment they bring in, while taking measures to prevent unauthorized persons from viewing personal data.
  • We take measures to prevent theft or loss of equipment, electronic media, and documents that contain personal information, and implement measures to ensure that personal information is not easily accessible when such equipment, electronic media, etc. is being carried within the workplace.

(Technical safety control measures)

  • Access control is implemented to limit the scope of persons in charge and the personal information database, etc.
  • We have introduced a framework to protect information systems that handle personal data from unauthorized external access or software.

(Monitoring of the external environment)
The Society handles personal information not only in Japan but also at its overseas offices, and safety control is carried out upon having ensured an understanding of the system regarding the protection of personal information in each country where the overseas offices that store personal information are located. Please see our "Service Network" page for information on the countries where the Society’s overseas offices are located.

8. Voluntary provision of personal information

If the personal information required to achieve the purpose of use is not provided, we may not be able to provide various services and operations, etc. under appropriate conditions, and the purpose of use may not be achieved.

9. Dissemination of matters concerning personal information and requests for disclosure, etc.

With respect to personal information for which the Society is authorized to respond to all requests for disclosure, correction, addition, or deletion of content, suspension of use, elimination, and suspension of provision to a third party, we will promptly comply with any requests from the individual for notification of the purpose of use, disclosure, correction, addition, or deletion of content, suspension of use, elimination, or suspension of provision to a third party (hereafter referred to as "disclosure, etc."). If you wish to request disclosure, etc. of personal information held by the Society, please contact the Personal Information Help Desk listed below.

10. Inquiries about personal information

For complaints about the Society's handling of personal information (including complaints about the measures taken by the Society regarding requests for disclosure, etc. based on 9 above, and complaints regarding the creation and handling of pseudonymously processed information and anonymously processed information) or for any other inquiries, please contact the help desk listed below.

<Personal Information Help Desk>

General Affairs Department, ClassNK
Address: 4-7, Kioi-cho, Chiyoda-ku, Tokyo, 102-8567
Phone number: +81-3-5226-2011 Email address: gad@classnk.or.jp
Hours of operation: Weekdays 10:00 – 17:00 Excludes weekends, holidays, and New Year’s Holiday