- Privacy & Security
- Privacy
Privacy
LY Corporation aims to realize "User Privacy First" in the entire Group, and with regard to the data entrusted by users, operates its businesses by giving first priority to the privacy and other rights and interests of users, including their human rights.
Messages from the CPGO and CDO
As a prerequisite for utilizing data, we believe it is important to "protect" the personal data entrusted to us by our users.
As CPGO, I will strive to realize "User Privacy First" and pursue better governance to properly manage personal data while taking changes in the environment into account.
Hideyuki Sekihara, CPGO, LY Corporation
Registered as an attorney in 2010 and worked at a law firm; seconded to the Ministry of Internal Affairs and Communications in 2012. After working at a law firm again, joined LINE Corporation in 2019. As CPO (Chief Privacy Officer), promoted LINE's privacy protection activities. Currently as CPGO (Chief Privacy Governance Officer) of LY Corporation, pursues the establishment of privacy protection governance at LY Corporation.
LY Corporation has a significant amount of users and is entrusted with a large amount of data. We use this data to provide more convenient and enjoyable services while protecting the privacy of our customers. We will continue to balance the use of data with safety and security so that we can provide better services to our users.
Hiroki Taniguchi, CDO, LY Corporation
After joining Yahoo Japan Corporation in January 2013, as Head of General Business Planning Office, Corporate Development Division, Corporate Management Group, was involved in projects such as the merger of Ikyu Corporation. After serving as Head of D&S Business Development Division, Data & Science Solutions Group, and Vice President of Data Solution Business Division, was appointed CDO in April 2021.
Basic Policy on Data Protection
LY Corporation has announced its Basic Policy on Data Protection which provides the direction of data protection to protect the rights and interests of users, including their privacy, in the handling of data.
"User Privacy First" is the overarching guideline of the Basic Policy on Data Protection. As principles to demonstrate the guideline, the Basic Policy upholds five core principles: 1) Priority to user benefits, 2) Ensuring transparency, 3) Protection of rights and interests, 4) Respect for users' rights to control their data, and 5) Security.
Related links
Privacy governance structure
To realize "User Privacy First", LY Corporation assigns a Chief Data Officer (CDO) and a Chief Privacy Governance Officer (CPGO) .The CDO supervises the operations in the data areas throughout the Company, and the CPGO oversees the governance over personal information protection for the entire Company. To ensure that the five principles mentioned above are observed, they cooperate with the relevant divisions and carry out specific privacy protection initiatives, such as implementing PIA, as well as introducing and operating the NIST Privacy Framework. Through these initiatives, they are committed to the promotion of privacy protection activities for the data entrusted by users. In addition, a Data Protection Officer (DPO) is assigned to monitor and provide advice on these privacy protection activities from the users' perspective, ensuring that the use of data by LY Corporation does not violate the abovementioned principles.
Privacy protection initiatives
LY Corporation conducts PIA, introduces the privacy framework designated by NIST, and promotes the acquisition of CBPR System certification, to establish a privacy protection system that meets global standards, for the data entrusted by users. Also, with respect to the purposes of using the data collected from users, it works to provide easier-to-understand explanations for users in its Privacy Policy and Privacy Center.
PIA (Privacy Impact Assessment)
Privacy Impact Assessment is a prior procedure for assessing and confirming whether the system, services and functions provided by a company appropriately and adequately address impact on privacy and other rights and interests, including human rights. LY Corporation has a structure for implementing PIA for the systems, services, and functions that have impact on privacy and other rights and interests, including human rights, with regard to the data collected from users.
Promotion of initiatives to acquire CBPR System (APEC Cross-border Privacy Rule System) certification
LY Corporation promotes the acquisition of the CBPR System certification, an international certification which certifies compliance with the APEC Privacy Framework, a rule on the appropriate protection over cross-border data transfers.
NIST Privacy Framework maturity assessment
LY Corporation introduces and operates the maturity assessment of privacy protection management system based on the NIST Privacy Framework designated by the U.S. National Institute of Standards and Technology (NIST).
Privacy Center
LY Corporation discloses its Privacy Policy on matters such as the purpose of using the data entrusted by users, and will strictly manage personal information based on the Privacy Policy. In addition, LY Corporation aims to increase transparency and provide users with easier-to-understand explanations of how it handles data by summarizing its basic stance and policies in the Privacy Center and other means.