Article 1: The purpose of this policy is to ensure one’s private information is protected accordingly and at the same time to ensure that the use of the information is appropriate and accurate.
Article 2: The private information within this policy is utilized for identifying individuals using the name and birth date given by a certain individual. Soka University has gathered this information which will be used by university personnel, students who have already taken, and who are currently taking examinations.
All data in the university database is considered private information.
The private data under this policy are protected by Soka University against the access, manipulation, correction, addition, deletion, cancellation, and transfer to third parties or persons. However, there are several exceptions which include:
- Use of relevant data to protect from one’s life or properties to be affected.
- Use of relevant data to prevent illegal or improper conduct.
- Information regarding national security, including information that may be related to affecting relations with other countries or international organizations, and any information related to the loss in profit with other countries or international organization.
- Information related to criminal activity, or anything that may endanger public safety.
- Personal information which will be deleted within 6 months.
5 The school personnel in this policy are the university students, graduates, college full-time, part-time professors, technicians, office staff members, and part-time workers.
Responsibility of the university and the school personnel
Article 3: It is necessary for the university to protect and take proper measures to accomplish the purpose of this policy.
Current and past university personnel cannot give personal information obtained through their work at the university to a third person or utilize such information for unreasonable or unrelated purposes.
Article 4: Soka University assumes total responsibility for protecting private information through proper management and safe protection.
This total responsibility is designated to one person who is selected amongst the directors from a director’s meeting.
The manager of personal information protection
Article 5: Soka University will designate a person who will hold the position of manager of personal information protection to assist the person in charge of total responsibility for private information protection within this policy.
The manager’s duty depends on this policy and article 19.
Article 6: Soka University will establish a management committee to protect and discuss important matters of personal information.
The committee will demand reports, process investigations, advise, order, and suggest measures concerning any illegal actions toward personal information to the designated person with full responsibility of private information protection and the manager of personal information protection.
Other policies concerning the committee will be decided as needed.
The purposeful utilization of personal information
Article 7: Any university personnel utilizing personal information must have a clear purpose for doing so.
University personnel are able to utilize personal information in a given area even after the information has changed.
University personnel must not utilize any individual’s personal information without individual consent.
There is no restriction to the preceding clause in the case of the following.
- Matters based on local, regional, and national laws.
- Situations where individual information may be needed to that may protect another individual’s life, and for the protection of one’s property.
- Where personal information may be needed to protect public safety and sanitation, as well as for the protection of the health and growth of minor/under aged individuals.
- In the case needing an individual’s consent to prevent difficulty of public business of local/regional/national organizations, or to aid in executing the given responsibility necessary for executing public business by law
Acquisition of personal information
Article 8: When Soka University acquires personal information, the purpose of utilization must be somewhat necessary, appropriate, and fair.
Personal information must be officially acquired directly from the individual. However, there is no restriction to the preceding clause in the case of the following.
- In the case where there is consent from the individual
- In the case based on law
- In the case of the protection an individual’s life, the protection of the person’s property.
- In the case of a private information management committee member or director having an appropriate reason for acquiring personal information.
When the personal information is released, one must immediately give the individual a notice or an official announcement. This can be disregarded when an individual has already been notified beforehand. However, it is not restricted to the preceding clause in the case of endangering an individual due to giving notification or an official announcement, and if the utilization purpose is clear in the acquired circumstance.
Individuals whose personal information has been acquired must receive notification or an official announcement if the utilization purpose of the information is changed.
Personal information cannot be acquired if the reason is due to any type of unjust discrimination.
Management of personal data
Article 9: The designated person with full responsibility and the manager must keep all personal information up to date and correct for any and all purposes of utilization by the university.
The designated person with full responsibility and the manager must take appropriate action in order to prevent loss or leakage of the personal data.
All personal data must be quickly discarded or deleted after the given safekeeping period.
Supervision of the university staff
Article 10: The designated person with full responsibility and the manager will provide appropriate instruction and supervision towards the university staff in order to safely manage all personal data.
Supervision of the designated person with full responsibility
Article 11: the designated person with full responsibility and the manager must take necessary actions and give appropriate instructions and supervision to protect all personal data when giving charge of the business of personal data or when giving the whole business of personal data outside of the university.
Restrictions on offering personal data to third parties
Article 12: Personal data must not be offered to a third party without the consent of the given individual. However, it is not restricted to this in the case of fitting the content of Article 7 Clause 4.
Without concerning the preceding clause, the relevant personal data can be offered to a third party in the case of informing the individual beforehand or when in the state of having the information easily acquirable from the individual himself/herself. In any case the individual involved can request to stop the offering of personal information to a third party.
- In the case the purpose of utilization is to offer personal information to a third person
- In the case of providing personal information to a third party.
- A means or method to offer personal information to a third party.
- In the case of having the given individual request to stop offering personal information to a third party
In the case of the clauses below, the person receiving the offer of the related personal data is a third party not relevant to this policy.
- In the case of giving charge of all or part of the personal data that is necessary for the accomplishment of a utilization purpose
- In the case of notifying the name of the user responsible for the information to the person himself/herself beforehand or having it in the state where the person himself/herself is able to know about the information user easily.
The designated person with full responsibility and the manager are able to demand necessary action and necessary restriction in utilizing the information towards the third party in the case of offering personal data to a third party based on the preceding Clause 1 and Clause 2.
Release of information
Article 13: Soka University staff members and students are able to request a release of their personal data by inquiring with the designated person with full responsibility.
The designated person with full responsibility must immediately release the information when being requested of the preceding clause.
Exceptions for release
Article 14: The designated person with full responsibility can decide not to release personal data in the case of the following clauses disregarding the preceding article.
- In the case of endangerment to the individual or for the protection of the individual’s property.
- In the case of hindering the business of organizations.
- In the case of including information of a third party combined within the personal data
- In the case of violating the law.
- In the case of having considerable reason regarding the clauses above.
The designated person with full responsibility must swiftly inform the individual with clear reason(s) if there is a decline in release of information.
Methods for release
Article 15: the preceding article’s release will be done through one of the methods stated by the following articles.
- Personal data recorded on paper will be provided through a facsimile of the relevant information.
- Personal data recorded on an electronic medium will be provided with a printed copy of the relevant information.
- Personal data recoded on other media will be provided through other considerable methods.
The cost for release will be the responsibility of the requesting individual.
Correction of information
Article 16: University staff members and students are able to request correction, addition, or deletion of personal data when such change is needed..
The designated person with full responsibility must immediately investigate and make corrections when the above clause is requested.
The designated person with full responsibility must immediately notify the given individual after the correction of the personal data has been made due to the above clause.
The designated person with full responsibility must immediately notify the individual with a considerable reason when a correction has not been made.
Request to stop the utilization of personal information
Article 17: Soka University staff members and students are able to request to stop the utilization of personal information or discarding of personal information in the case of violations of Articles 7, 8, 9 or 12.
The designated person with full responsibility must immediately investigate and stop the utilization of personal information when a preceding request has been received.
The designated person with full responsibility must immediately inform the individual in the case of deciding to approve or decline the stoppage of information utilization.
Declaration of discontent
Article 18: Soka University staff members and students are able to file a declaration of discontent concerning the utilization of personal data to the Personal privacy management committee.
The committee must immediately have a discussion after receiving such declaration of discontent and inform the given individual of the result.
Detailed rules on implementation
Article 19: Detailed rules on implementation on this policy will be provided upon request.
Reformation of the policy
Article 20: Reformation of this policy will be decided by the committee and its director once it has been processed in a committee meeting.
Article 21: Soka University staff members must report to the designated person with full responsibility and to the committee in the case of any illegal actions taken towards the policy.
This policy will be executed on April 1, 2005
This policy will be executed on April 25, 2005