Act on the Protection of Personal Information (Act No. 57 of 2003) (hereafter, referred to as "the Act") came into full scale enforcement on April 1, 2005(amended in 2017).

Business Operators to which the Act applies (Business Operators which handle personal information) must voluntarily work toward ensuring the proper handling of personal information. To facilitate this, the Act promotes voluntary working of Business Operators , and with the purpose of promoting the protection of personal information in the light of the purport of the Act, has established a system of Accredited Personal Information Protection Organizations (hereafter, referred to as "Organization(s)") which receive accreditation from the Competent Authority based on the provisions of Article 47 of the Act.

The duties of the Organizations are stipulated in Article 47 of the Act, and are as indicated below:

• Handling of Complaints of "bussiness operator handling of personal information" (hereafter, referred to as "Target Entity");
• Provision of information for Target Entities about the matters contributing to the proper handling of personal information;
• Others than any business necessary for ensuring Target Entities the proper handling of personal information.

Handling of Complaints by the Organizations includes the following matters (Article 52 of the Act):

When the Organization is requested by a person, etc. to process a complaint about the handling of personal information by a Target Entity, the Organization processes the complaints via the following actions:

• Corresponding to the request;
• Giving necessary advices;
• Investigating the circumstances pertaining to the complaint;
• Requesting the Target Entity to process the complaint promptly by notifying it of the content of the complaint.

When the Organization finds it necessary for settling a complaint, the Organization would take the following actions:

• Requesting the Target Entity to explain it in writing or orally; or
• Requesting the Target Entity to explain it in writing or orally; or
• Requesting Target Entity to submit relevant materials. (Clause 3, Article 52 of the Act states that the Target Entity shall not reject the request without justifiable ground.)

• Form 1 (Word)ファイルをダウンロード

Please note that name of Target Entity, Contact Information, telephone number, E-mail Address and URL are to be publicly announced in the "List of Target Entities" at JIPDEC's website.

When a PrivacyMark accredited Private Enterprise that is registered as Target Entity has to change in the items of the List(Contact point of its personal information consultation service), please file "Application for Changes in Reporting Matters regarding Personal Information Consultation Service for Target Entity of an Accredited Personal Information Protection Organization " to the address below.

• Form 2 (Word)ファイルをダウンロード

Necessary Items as Changes in Reporting Matters
Name of Target Entity, personal information consultation service (contact information), telephone number, E-mail Address and URL

In case a PrivacyMark accredited Private Enterprise would terminates its registration as a Target Entity, it must file "Application for Termination of Registration of Target Entity of Accredited Personal Information Protection Organization" to the address below.

• Form 3 (Word)ファイルをダウンロード

Target Entity must clearly show the name of Accredited Personal Information Protection Organization it belong to and the contact information for handling of complaints (including a case where a response is issued without delay to such individuals).

When Target Entity registers itself with JIPDEC, the name of the Accredited Personal Information Protection Organization and the contact information for handling of complaints are as follows: