Privacy Preference Center

Your Privacy

Information may be obtained or stored in your browser by cookies when you access the Website. This information is related to the user, the user settings or device. It is primarily used to ensure the site functions as expected by the user. We respect your right to privacy. Therefore, you can select to not allow some types of cookie. Please click on the different category headings to check the details and then change our default settings.

More Information

Strictly Necessary Cookies

Strictly Necessary Cookies are cookies that are essential for this site to function properly. Strictly Necessary Cookies do not store information that can identify individuals. Strictly Necessary Cookies are used to view this site. Therefore, you cannot refuse the use of Strictly Necessary Cookies from these cookie settings. However, you can refuse the use of Strictly Necessary Cookies from the settings of your browser at any time. Please note that parts of the site may not function if you refuse the use of Strictly Necessary Cookies.

This site uses the following Strictly Necessary Cookies.

Cookie name: gdprCookieEn

  • Purpose:To control the display for the confirmation of cookies on this site
  • Term of validity:1 year

Cookie name: optGA

  • Purpose:To opt out/opt in of (disable/enable) Google Analytics
  • Term of validity:1 year

Cookie name: optPardot

  • Purpose:To opt out/opt in of (disable/enable) Pardot
  • Term of validity:1 year

Google Analytics

You can refuse cookies other than the Strictly Necessary Cookies from the following settings. If you refuse the use of these cookies, we will not know even if you visit this site.

Cookies used

_ga,_ga_{container-id},_gid,_gcl_au

  • Purpose:To statistically research and analyze the usage situation of this Website
  • Term of validity:1 year

Pardot

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Pardot Cookies used

pi_<accountid>,visitor_id<accountid>,visitor_id<accountid>-hash
Ipv<accountid>, pardot

  • Purpose:To provide useful information on products and services
  • Term of validity:1 year

Information Security

Policy and Basic Approach

We are promoting Digital Transformation (DX) in order to make working practices more efficient, improve productivity and diversify working styles. However, with cyberattacks and unauthorized access incidents increasing by the year and becoming ever more sophisticated, cyber risks are increasing. We view the business continuity risks associated with information leaks and computer system shutdown as management issues. Hence, to retain the trust placed in us by society at large- including our customers, suppliers, investors, employees and other stakeholders-we have fixed our Nippon Kayaku Group Information Security Countermeasure Policy and “The Information Security Responsibilities We Bear”Declaration based on our Group Charter of Conduct and Code of Conduct. In such ways are we taking continuous, daily steps to improve information security awareness and literacy, and protect business information.

私たちが担う情報セキュリティ
*The Information Security Responsibilities We Bear (Published in Japanese, English and Chinese)

System

In order to minimize information security risks (a key element of crisis management), we have set up an Information Risk Management Subcommittee with the aim of constantly maintaining risk-proof conditions, continually reviewing responses based on changing situations, and diffusing and integrating best practice throughout company operations. This subcommittee meets, in principle, twice a year, but on a further ad hoc basis if necessary. It is chaired by the Officer in-charge of Information Systems, and comprises representatives of every business unit’s planning department plus representatives from general administrative departments unattached to any particular business unit. It also coordinates with the Corporate Information Officer, Person in-charge of Corporate Information, and System Administrator assigned to every business site.
The most important matters discussed by this subcommittee are forwarded to the Sustainable Management Meeting and even the Board of Directors, who provide relevant feedback.
Furthermore, to deal with security incidents that could either heavily damage management and business operations or lose us the trust of our business partners and suppliers, such as cyberattacks and unauthorized access to confidential information, we have set up a Computer Security Incident Response Team (CSIRT) as our core policy unit under the leadership of the Information Risk Management Subcommittee Chair. Depending on the assumed extent of damage, the President may also step in to lead CSIRT. CSIRT works on limiting the spread of damage, and once containment activities are over, on restoration of operations and recurrence prevention measures.

情報セキュリティ体制図

International Certificates Gained

Business Sites Certified by the Trusted Information Security Assessment Exchange (TISAX), (concerned with the global automotive industry supply chain)

Targets and Results

Scroll horizontally to view more.

FY2024 Targets FY2024 Results
Prevent critical security incidents within the Nippon Kayaku Group No incidents
Explain how the company will extract information assets with a major influence on business survival, and carry out risk assessments and related measures Each department and business unit has extracted critical information assets、and has conducted physical and system risk assessments pertaining to storage conditions. An explanation on relevant measures is planned to be be given by FY2025.
FY2025 Targets
Create a BCP manual with detailed rules for information system management in the event of a cyber attack, and conduct a relevant drill

Initiatives

Information security measures

Scroll horizontally to view more.

Classification of measures Details
(1) Organizational measures
  • Information security system maintenance
  • Periodic reviews of information system-related regulations
(2) Personal & legal measures
  • Information system security and IT literacy education, incident response drills, setting up educational activities
  • Concluding confidentiality contracts with external service providers
  • Duty of confidentiality enforcement for hires and retirees
(3) Physical measures
  • Access management for facilities, buildings and areas etc.
  • Management of PCs and external storage devices taken outside of company premises
  • Taking key confidential information outside of company premises; locking management, access management
(4) Technical measures
  • Measures against information device malware; hard disk encryption
  • Unauthorized outside access; detection structure for data alteration attacks

Education and Training

At the Nippon Kayaku Group, all executives, employees (including contracted and part-time employees) and temp staff are made fully aware of information security rules, and receive regular information security training as well as drills on dealing with malicious emails.

Training Title Main Contents Chiefly aimed at FY Delivery style Times Take-up rate
Management class training
  • The importance of information security to management
  • Social responsibility
 Directors 2024 Seminar 3 Ave: 88%
Information Security: The Basics Understanding the 3 elements of information security (confidentiality, integrity and availability) Employees 2024 Video 1
Security when using IT tools
  • Information system security: basic knowledge, measures, attitudes
  • Incident response
  • Directors, employees (including contract and part-time employees), temp staff
  • Persons outside the company who are borrowing a PC connected to our company network
 2024 E-learning
Distribution of materials; group seminar		 1 84%

Number of Critical Security Incident Cases

The numbers of cases occurring within the Nippon Kayaku Group over the past two years can be seen in the table below.

Scroll horizontally to view more.

Indicators Covering Unit 2020 2021 2022 2023 2024
Number of Critical Security Incident cases* consolidated cases - - - 0 0
  • *Levels of security incident criticality are determined by our Information Risk Management Subcommittee.

Protecting Personal Information

The Nippon Kayaku group recognizes the importance of personal information and observes all laws related to personal information, and all concomitant laws, pertaining to the personal information it handles. We view it as a social responsibility to be thorough in our efforts to preserve personal information.
We have also fixed our Personal Information Protection Policy for persons outside the company, with use purposes, safety management measure and contact details for consultations and complaints all published on our homepage to be freely confirmed by members of the public.

Personal Information Protection Management System

We have fixed our Personal Information Management Regulations, under which a Personal Information Manager is dispatched to every division under the auspices of the Chief Personal Information Protection Manager. Personal information handled by each workplace is constantly subject to importance classifications, while database entries are thoroughly maintained. We also deliver periodical training to all employees (three times a year) on personal information inventories (once a year) and audits (once a year), so as to heighten internal awareness and effectiveness of personal information protection.

個人情報保護の管理体制

Education and Training on Protecting Personal Information

Training Title Main Contents Chiefly Aimed at FY Delivery style Times Take-up rate
Legal training
  • Defining personal information; near-miss case studies
  • Acquisition, use, storage and management of personal information
  • Presentation of personal information; responding to requests for disclosure of stored personal information
 Directors, employees (including contract and part-time employees), temp staff 2024 E-learning; Group seminar 3 Ave: 97.2%

Incidents and Emergency Responses concerning Personal Information Leaks

In the unlikely event that a leakage of personal information occurs, we will respond in line with our Information Leakage Incident Response Process Details.

Situation regarding Personal Information Leaks

As of March 31st 2025, we have registered zero cases of personal information being leaked.

PageTop
Our Business
R&D
Corporate Information
Global Netowork
Investor Relations
Integrated report
Sustainability