Information protection operation management
We integrate and manage operational information such as communication protection, consent management, and access control.
Securing communications
Communications such as login, reservations, sending and receiving messages are protected by TLS.
Viewing is controlled according to the authority of the administrator, host, and user.
| item | situation | Final confirmation | memo | operation |
|---|---|---|---|---|
| Encrypted with TLS | ||||
| access control |
Protecting data at rest
Saved data is managed in an encrypted area and a reference history is kept.
We perform regular backups and generation management in preparation for recovery in the event of a failure.
| item | situation | Final confirmation | memo | operation |
|---|---|---|---|---|
| Encrypted storage | ||||
| backup |
Operation/audit
Administrative operations and permission changes are logged and traceable.
Regularly check permissions and usage and remove unnecessary access.
| item | situation | Final confirmation | memo | operation |
|---|---|---|---|---|
| Operation log | ||||
| access review |
Management of personal information and obtaining consent
The purpose of use, storage period, and contact method will be presented at the time of registration, and the information will only be used within the scope of consent.
We record the consent date and time, contents, and update history, and obtain re-consent when changes are made.
We only retain information necessary for identity verification and reservation adjustment, and delete information that is no longer needed.
In response to requests from users, the management desk will respond to disclosure, correction, and deletion of retained information.
| item | situation | Final confirmation | memo | operation |
|---|---|---|---|---|
| Clarification of purpose of acquisition | ||||
| Record of consent | ||||
| minimum holding | ||||
| Disclosure/Correction/Deletion |
Managing consent acquisition
We record the acquisition, renewal, and withdrawal of consent and manage it by purpose.
| User | the purpose | situation | Acquisition date | deadline | remarks | operation |
|---|
Access control/management
Manage access restrictions, monitoring rules, and blocking history to prevent unauthorized access.
| rule | subject | threshold | action | remarks | operation |
|---|
| subject | reason | Date and time of occurrence | correspondence |
|---|
Availability/backup operation
Manage backup plans and recovery drills as an operational foundation to ensure service continuity.
| subject | priority | RPO | RTO | backup | recovery training | operation |
|---|
Safety guide for users
- ・Important information will not be written directly in the message, but will be shared according to the instructions of the administrator.
- ・Do not reuse passwords or pin codes, and invalidate them after their expiry date.
- ・Please share any suspicious communications or reports immediately from the management function.