FUJITRANS CORPORATION

FUJITRANS CORPORATION (the Company) will appropriately manage personal information in accordance with the following personal information protection policy.

1. The Company name, address and names of representatives

The Company collects and processes your personal information for the following purposes and reasons.

2. Compliance with relevant laws and guidelines

When handling personal information, we will comply with the Act on the Protection of Personal Information (hereinafter referred to as the Personal Information Protection Act) and related governmental regulations, guidelines, etc.

3. Purpose

The Company uses the personal information provided for the following purposes: In cases where personal information is collected for other purposes, the specific purpose will be clearly identified on a case-by-case basis.

1. Provision of logistics service
2. Communications, reports, inquiries, etc. necessary for logistics service operations
3. Management of customer information, payment, and revenue processing
4. In-house surveys and research related to the Company’s logistics services
5. Sending information and greeting cards about our company and the services of affiliated companies (logistics, agriculture and fisheries, food and beverage, etc.)
6. Sending employment information to prospective employees and employment screening

4. Matters related to safety control measures

The Company will implement necessary and appropriate security control measures for the management of personal data, including measures to prevent leakage, loss or damage. In addition, the Company will carry out the necessary and appropriate supervision of the employees who handle personal data. The security control measures for personal data are expressly set forth in a separate document entitled Personal Information Handling Regulations, the main contents of which are as follows:

1. Establishment of Privacy Policy
   • The Company has established this policy (Privacy Policy) regarding "Compliance with Related Laws, Regulations, Policies, etc." and "Contact for Questions and Complaints" to ensure the proper handling of personal information.
2. Establishment of rules for the handling of personal data
   • The Company has established the procedures for handling personal information, and has designated the responsible persons and their respective duties in the Personal Information Handling Regulations.
3. Organizational security management measures
   • The Company designates a supervision manager for handling personal information and the scope of personal information under their authority, and designates a person responsible for managing personal information handling. A reporting system is established to inform the supervision manager of any evidence or indications of violations of the Personal Data Protection Act or the Personal Information Handling Regulations.
   • The supervision manager is responsible for regularly reviewing the status of the handling of personal data.
4. Human security management measures
   • The Company conducts regular training for employees regarding issues to consider when handling personal information.
5. Physical security management measures
   • The Company has taken steps to prevent personal information from being accessed by anyone other than the employee who is authorized to handle the information and the individual concerned.
   • The Company has taken steps to prevent the theft or loss of equipment, electronic media, and documents that handle personal information, and has taken measures to ensure that personal information is not readily identifiable when such equipment, electronic media, etc., are transported, including within the business premises.
6. Technical security management measures
   • The Company implements access control to limit the scope of persons in charge and the personal information database, etc. handled.
   • A system is in place to protect information systems that handle personal information from unauthorized external access or unauthorized software.

5. Restrictions on provision to third parties

The Company will manage personal information within the scope of the defined purposes and will not disclose personal data to third parties, except in the following circumstances:

1. When the individual has consented to the disclosure of information
2. When the Company receives an official request from a court, police, or other government agency in accordance with laws and regulations.
3. When necessary to protect the life, body, or property of an individual, and when obtaining the individual's consent is difficult
4. When it is particularly necessary to improve public health or promote the healthy development of children, and when obtaining the individual's consent is difficult
5. When delegating the handling of personal data to the extent necessary to achieve the purpose
6. When it is processed as statistical data that prevents individual identification

6. Supervision of contractors

If the Company delegates the handling of personal data to a third party, the Company will supervise the third party as necessary and appropriate in accordance with the Personal Data Protection Act.

7. Continuous improvement

The Company will periodically review its personal information management system and practices with the goal of continuous improvement.

8. Sharing of personal data

The Company may share personal data within a limited scope, subject to strict controls and the use of appropriate security measures.

• Personal data items that may be shared are: name, title, gender, company name, email address, address, telephone number, and fax number.
• Scope of information sharing: affiliated companies
• Purpose of sharing personal data:
  1. Provision of logistics service
  2. Communications, reports, inquiries, etc. necessary for logistics service operations
  3. Management of customer information, payment, and revenue processing
  4. In-house surveys and research related to the Company’s logistics services
  5. Sending information and greeting cards about our company and the services of affiliated companies (logistics, agriculture and fisheries, food and beverage, etc.)
• The name, address, representative, etc. of the company that is responsible for the management of the personal data to be shared:
  The Company is responsible for personal data it shares.
  See (1) above for the Company’s address and representative.
  To ask about shared use, please inquire to the contact window listed below (10):

9. Request for disclosure of retained personal information, etc.

If the Company receives a request from the individual or their agent for disclosure of retained personal information or records provided to a third party, the Company will respond without delay in accordance with the Personal Information Protection Act, except in the following cases. However, if the Company decides not to disclose the information in the following cases, it will provide a notice stating the reasons.

1. If there is a risk of damage to the life, body, property or other rights or interests of the individual concerned or of a third party.
2. If there is a risk that the proper conduct of the Company’s business will be materially impeded.
3. If it is in violation of any law or regulation

If there is a request for disclosure of retained personal information or records using electromagnetic records or other means provided to a third party as prescribed by the rules of the Personal Information Protection Commission, and the disclosure involves substantial costs, the disclosure will be made by providing written documents.

In addition, if the individual or their agent requests correction, addition or deletion, suspension of use or erasure of retained personal information, suspension of disclosure to third parties, or notification of the purpose of use of such information, the Company will respond without delay in accordance with the Personal Information Protection Act.

For inquiries regarding disclosure, correction, addition, deletion, suspension of use, erasure, suspension of provision to third parties, notification of purpose, etc. of personal information, please contact the Company at the contact window 10 below:

10. Contact window

If you have any questions or complaints regarding the Company’s handling of personal information, please contact us at the window below:

Date of establishment: May 30, 2017 Date of revision: April 1, 2022 FUJITRANS CORPORATION Tatsuo Keii President