Last updated: October 24, 2023
Sanrio Co., Ltd. (hereinafter referred to as "the Company") conducts business activities by utilizing customer information, business partner information, information created by the Company itself, and other information. We recognize that it is our responsibility as a business enterprise to protect this information and the information systems that handle it from various threats so that our customers can use our products and services with peace of mind.
We regard information security as one of our key policies and implement the following initiatives.
- Systems
The Company has established a company-wide general manager and control department for information security and has designated a person in charge of each department within the Company as well as an administrator of information and information systems used in business operations. The company also implements measures to deal with such information security. In addition, the Company will make decisions on how to respond to company-wide risks and take corrective actions.
- Information Security Measures
We have defined company-wide information security management measures, established security rules to protect our information and information systems, and implement organizational, personnel, physical, and technical measures.
- Education
We conduct ongoing education within the company to ensure that information security measures are thoroughly implemented. In addition, we also implement measures in each department and internal notifications at the same time to ensure that all employees are fully aware of the importance of information security measures.
- Audits and Improvements
We conduct regular audits to check and improve the status of our information security measures. We continuously monitor, improve, and correct the internal status of the Company.
- Emergency Response
In the event of an actual information security issue or perceived issue, we have established an internal escalation route to assess the situation of the event, take action, investigate the cause, and address the root cause of the issue.
- Compliance with laws and regulations
We comply with laws, regulations, and norms related to information security.