Personal Information Protection Policy
Komatsu Ltd. makes efforts below based on the belief that the proper protection of personal information is a corporate social responsibility.
- Komatsu Ltd. shall only process personal information provided by its customers within a scope to achieve the following purposes and legal basis:
(1) When we have obtained customers' prior unambiguous consent
(2) To execute contracts with customers
(3) To comply with its legal or regulatory obligations
(4) To protect its legitimate interests
Its legitimate interests referred to above include:
To develop and provide better products and services
To provide information to customers about the products and services handled by Komatsu Ltd.
- Komatsu Ltd. does not disclose or provide personal information about customers to third parties except in any of the following cases:
when the customer gives prior consent,
when designated to do so by laws or ordinances,
when the provision of personal information is necessary to protect life, physical injury, or the assets of a person, and when when consent from the customer is difficult to acquire, and
when prescribed to do so such as in a notification or directive from a government agency
- Komatsu Ltd. will continually improve its personal information management system, including this policy, through employee education, appointment of information management supervisors as well as the execution of audits, while complying with the Personal Information Protection Act and other relevant laws and regulations. Komatsu Ltd. has developed and disclosed "Komatsu’s Worldwide Code of Business Conduct" to ensure all employees of the Komatsu Group adhere to this Code. Therein, Komatsu Ltd. has clarified proper handling of information and rules all employees must follow in an effort to enhance compliance.
- Komatsu Ltd. stores personal information for the period necessary to achieve the purpose of obtaining the personal information. However, if the laws require differently, such a period will be set in accordance with the laws.
- Komatsu Ltd. will implement appropriate safety measures, as it strives to build a management system and implement reasonable technological and other initiatives to protect the personal information of customers from illegal access, revision, destruction, leaks, loss or any other misconduct.
Komatsu Ltd. handling customers' personal information in foreign countries, we will take appropriate measures for safety management based on the laws and regulations concerning the protection of personal information in each country and region.
- Komatsu Ltd. responds, in compliance with the laws and regulations, to customer's requests to confirm or revise his or her personal information or withdraw consent or to others. Please make any requests to the contact below.
[Processing personal information of European Union (EU) residents]
Personal data of EU residents may be transferred to countries not recognized by the EU Commission as a country having an adequate level of protection; however, in such a case, Komatsu Ltd. and companies to which personal information is transferred appropriately handle such personal data of EU residents in accordance with the appropriate safeguards set forth by the EU Commission. (e.g., upon conclusion of Standard Contractual Clauses, and sufficient safety control measures).
Furthermore, data subjects residing in the EU can lodge complaints to the supervisory authority with regard to the processing of personal data by Komatsu Ltd.
Hiroyuki Ogawa, President and Chief Executive Officer, Komatsu Ltd.
Created: March 2005
Revised: April 2022
*Please click here to see our basic policy about the proper handling of information such as personally identifiable information.