Personal Information Protection Policy

Taiyo Nippon Sanso Corporation (the "Company") recognizes the importance of protecting personal information and our social responsibilities as a business operator handling personal information and handles personal information based on the following policy in order to properly protect personal information on our shareholders, business partners, officers and employees, etc.

1. We comply with the Act on the Protection of Personal Information and related laws and regulations in Japan and engage in the appropriate acquisition, use and provision of personal information in accordance with the below disclosed Handling of Personal Information and internal regulations, etc.
2. We strive to prevent personal information we handle from being leaked, lost, or damaged by taking necessary and proper security measures, and we take necessary corrective measures in the event that an incident occurs.
3. We clearly prescribe rules on the handling of personal information in internal regulations and thoroughly familiarize officers and employees with such rules. Moreover, when providing personal information to contractors we manage and supervise contractors to ensure they handle personal information properly.
4. A designated office accepts and appropriately responds to complaints, consultations and requests from individuals concerned for disclosure, amendment, suspension of use, etc. of personal information we retain.

END

Enacted: October 1, 2020
Taiyo Nippon Sanso Corporation
Representative Director, President: Kenji Nagata

Handling of Personal Information

1. Purpose of Use of Personal Information
   1. (1) Personal information provided to the Company will be used as follows in our industrial gases and other businesses.
      1. (i) Personal information provided by business partners will be used:
         • to build and maintain smooth business relationships and perform and manage transactions with partners;
         • to send surveys or catalogues to partners;
         • to keep records of and internally share details of meetings with partners; and
         • to secure and ensure safety and hygiene of our facilities and equipment.
      2. (ii) Surveys, browsing histories, purchase histories, training record, and other information acquired from business partners will be analyzed and used to introduce and propose products and services, such as to sell products, to provide after-sale services including product repairs and inspections, or to send product catalogues.
      3. (iii) Personal information provided by job applicants, internship applicants, and former employees will be used to provide corporate pension benefits to, provide information to, and contact them.
      4. (iv) Personal information provided by a family member of each officer or employee of the Company will be used for measures to be taken in response to a disaster or emergency affecting the officer or employee and for various procedures and management of welfare, safety, hygiene, social insurance, withholding, payment of allowances, and others for the officer or employee.
      5. (v) Personal information of each representative member provided by any of the members of the Company’s Major Club (including the members of the Partners’ Club of the Taiyo Nippon Sanso Major Club, the members of the Medical Club of the Taiyo Nippon Sanso Major Club, and the members of the Second Generation Club of the Taiyo Nippon Sanso Major Club; collectively, the “Major Club Members”) will be used to prepare a member list and distribute the list to the members for the purpose of promoting interaction among the members.
      6. (vi) Personal information provided to the Company will be used for the purpose of use stated in the “Purpose of use by the joint users.”
      7. (vii) Personal information provided to the Company will be used for the purposes of use permitted by the Personal Information Protection Act and other laws and regulations.
   2. (2) Personal information provided to the Company will be otherwise used if the Company informs the data subject or publicly announces that it will use the information for a special purpose.
2. Security Control Measures

   The Company has taken the following measures for the appropriate management of personal information, etc. including measures to prevent its leakage, loss, or damage.

   1. (1) Establishment of basic policy on handling personal information
      1. This document is prepared to ensure the proper handling of personal information, etc. and to inform about the point of contact for receiving questions and complaints.
   2. (2) Preparation of rules on handling personal information, etc.
      1. (i) A handling method is stated for each step of acquisition, use, storage, provision, deletion, and disposal of personal information, etc.
      2. (ii) Personal information handling rules are established to prescribe the persons responsible and their duties related to handling of persona information, etc.
   3. (3) Organizational security control measures
      1. (i) A responsible person is assigned for the handling of personal information, etc. (personal information protection manager).
      2. (ii) A reporting line to a personal information control manager is prepared in the case of becoming aware of an actual or potential breach of a law or internal rule.
      3. (iii) Status of handling of personal information, etc. in a business unit is regularly examined by the business unit itself and audited by other business units.
   4. (4) Personnel security control measures
      1. Regular training is provided to officers and employees on matters to be noted in handling personal information, etc.
   5. (5) Physical security control measures
      1. (i) Measures are taken to prevent theft or loss of devices, electronic media, documents, and the like that contain personal information, etc.
      2. (ii) Measures are taken so that personal information, etc. is not easily detected during a device, electronic medium, or the like containing personal information, etc. is carried inside or outside of a business place.
   6. (6) Technical security control measures
      1. (i) The scope of staff who may access personal information, etc. is limited by implementing access control.
      2. (ii) A mechanism is introduced to protect the information system processing personal information, etc. from unauthorized access or malware from outside.
3. Provisions to Third Parties, Etc.
   1. (1) Provision to third parties

      In addition to (2) and (3) below, personal information, etc. provided to the Company will not be provided to a third party except in the following cases.

      1. (i) Cases in which prior consent is given
      2. (ii) Cases in which the Personal Information Protection Act or any other law or regulation permits
   2. (2) Provision to contractors

      Personal information, etc. may be disclosed or provided to our contractors to the extent necessary to achieve the purpose of use. For example, we may outsource the delivery of goods with delivery companies, we may outsource the organization of a campaign with information processing companies, and we may further subcontract part of contracted work with other companies. In those cases, we conclude a confidentiality agreement with the contractor and conduct rigorous management and supervision over each contractor so that personal information, etc. is appropriately managed.

   3. (3) Joint use

      Personal information, etc. may be jointly used in the Company within the scope of the following items of information, scope of joint users, and purpose of use by the joint users. Any other joint use will be separately informed or publicly announced. The Company (Address: 1-3-26, Koyama, Shinagawa-ku, Tokyo, 142-8558 Taiyo Nippon Sanso Corporation; Representative: Kenji Nagata) is responsible for the management of jointly-used personal information.

      A. Personal information related to partners

      1. (i) Items of personal information to be jointly used
         Name, contact information (address, telephone number, email address, and the like), affiliation, product delivery history, repair history, training record, details of inquiries, details of requests, and details of demands.
      2. (ii) Scope of joint users
         The Company and other companies of the Nippon Sanso Holdings Group
         (*) Companies of the Nippon Sanso Holdings Group mean domestic and foreign affiliated companies of the Nippon Sanso Holdings Corporation.
      3. (iii) Purpose of use by the joint users
         Those mentioned in (i) and (ii) of (1) of 1

      B. Personal information related to the family members of the officers and employees of the Company

      (A) Joint use by the Company and the Taiyo Nippon Sanso Health Insurance Society

      1. (i) Jointly-used items
         The name of each family member, status of dependents, contact information, etc.
      2. (ii) Scope of joint users
         The Company and the Taiyo Nippon Sanso Health Insurance Society
      3. (iii) Purpose of use by the joint users
         • Those mentioned in (iv) of (1) of 1
         • Management of and notification about the health insurance society

      (B) Joint use by the Company and other companies of the Nippon Sanso Holdings Group

      1. (i) Jointly-used items
         • The name of each family member, status of dependents, contact information, etc.
         • The status of use of welfare services and other welfare information
         • Other information obtained and retained for personnel and business management
      2. (ii) Scope of joint users
         The Company and other companies of the Nippon Sanso Holdings Group
      3. (iii) Purpose of use by the joint users
         Those mentioned in (iv) of (1) of 1

      C. Personal information of the Taiyo Nippon Sanso Major Club Members

      (A) Joint use by the Company and the Partners’ Club of the Taiyo Nippon Sanso Major Club

      1. (i) Jointly-used items
         Name, contact information (address, telephone number, email address, and the like), and affiliation
      2. (ii) Scope of joint users
         The Partners’ Club of the Taiyo Nippon Sanso Major Club and the companies of the Taiyo Nippon Sanso Group (*2)
         (*2) The companies of the Taiyo Nippon Sanso Group mean the domestic and foreign affiliated companies of the Taiyo Nippon Sanso Corporation.
      3. (iii) Purpose of use by the joint users
         • Those mentioned in (i), (ii), and (v) of (1) of 1
         • Management of and notification about the Partners’ Club of the Taiyo Nippon Sanso Major Club

      (B) Joint use by the Company and the Second Generation Club of the Taiyo Nippon Sanso Major Club

      1. (i) Jointly-used items
         Name, contact information (address, telephone number, email address, and the like), and affiliation
      2. (ii) Scope of joint users
         The Second Generation Club of the Taiyo Nippon Sanso Major Club and the companies of the Taiyo Nippon Sanso Group
      3. (iii) Purpose of use by the joint users
         • Those mentioned in (i), (ii), and (v) of (1) of 1
         • Management of and notification about the Second Generation Club of the Taiyo Nippon Sanso Major Club

      (C) Joint use by the Company and the Medical Club of the Taiyo Nippon Sanso Major Club

      1. (i) Jointly-used items
         • Name, contact information (address, telephone number, email address, and the like), and affiliation
         • The number of views of relevant websites and other tracking data
      2. (ii) Scope of joint users
         The Medical Club of the Taiyo Nippon Sanso Major Club and the companies of the Taiyo Nippon Sanso Group
      3. (iii) Purpose of use by the joint users
         • Those mentioned in (i), (ii), and (v) of (1) of 1
         • Management of and notification about the Medical Club of the Taiyo Nippon Sanso Major Club

      D. Personal information related to the members of the Taiyo Nippon Sanso Retirees’ Club

      1. (i) Jointly-used items
         Name and contact information (address, telephone number, email address, and the like)
      2. (ii) Scope of joint users
         The Taiyo Nippon Sanso Retirees’ Club and the Company
      3. (iii) Purpose of use by the joint users
         • Those mentioned in (iii) of (1) of 1
         • Management of and notification about the Taiyo Nippon Sanso Retirees’ Club
4. Request for Disclosure, Etc. of Personal Data Retained by the Company

   Requests for notification of purpose of use, disclosure, correction, addition, deletion, cessation of use, erasure, cessation of third party provision, and other demands on personal information retained by the Company (“disclosure, etc.”) must be made in accordance with the procedures below. It must be noted in advance that personal information subject to a request is limited to the retained personal data that the Company has authorization to disclose, etc. and records of third party provision on transfer of personal data.

   1. (1) Method to request disclosure, etc.

      The necessary documents stated in (i) through (iv) below must be sent to the Company by post to make a request for disclosure, etc.

      1. (i) Request form for disclosure, etc.
         The “Request Form for Disclosure, Etc.” must be downloaded and filled out with the necessary particulars.
      2. (ii) Identity confirmation document
         One of the following documents (with name, address, and birthdate) must be submitted to confirm the data subject.
         • Copy of your driver's license
         • Copy of your passport
         • Copy of health insurance certificate
         • Copy of individual number card (front side only)
         • Copy of alien registration certificate
         • Copy of residence card
         • Copy of special permanent resident certificate
         • Copy of physically disabled certificate
         • Residence certificate (issued within the past three months)
         • Transcript or abridged transcript of family register (issued within the past three months)
      3. (iii) Identity confirmation document for an agent
         All of the following documents must be submitted in the case of a request by an agent.
         • One of the identity confirmation documents of the data subject stated in (ii)
         • One of the documents stated in (ii) as the agent’s identity confirmation document
         • Power of attorney by the data subject ( if the agent is a person with parental authority or any other legal representative, a transcript or abridged version of family register issued within the past three months or registration certificate of guardian of adult that shows the relationship to the data subject, in substitute for a power of attorney)
      4. (iv) Fees
         Postage stamps or a postal money order equivalent to 1,000 yen (including consumption tax) must be enclosed as the fee for each request for notification of the purpose of use or disclosure.
   2. (2) The Company may not take action to requests for disclosure, etc. in the following cases.
      1. (i) Cases in which there is a possibility of harming the life, body, or fortune of the data subject or a third party
      2. (ii) Cases in which there is a possibility of encouraging or inducing an illegal or unjust act
      3. (iii) Cases in which there is a possibility of undermining national security, destroying a trusted relationship with a foreign country or international organization, or causing disadvantage in negotiations with a foreign country or international organization
      4. (iv) Cases in which there is a possibility of interfering seriously with the proper business operation of the Company
      5. (v) Cases of violating a law or regulation
      6. (vi) Cases in which there is a possibility of hindering the maintenance of public safety and order such as the prevention, suppression, or investigation of a crime
   3. (3) Notification of outcome

      Disclosure, etc. will be provided to the extent that we can confirm the personal information of the data subject based on the request form for disclosure, etc. and identity confirmation documents. The results of the request for disclosure, etc. (if disclosure, etc. is not possible or disclosure by means requested by the data subject is not possible, to that effect) will be sent to the address of the data subject or his or her agent stated in the identity confirmation document. The period of time required for sending the notification of outcome is approximately 10 business days.

   4. (4) Others

      After receiving a request form for disclosure, etc., the Company collates the records on the data subject and may confirm the identity of the data subject via email, telephone, and the like. The Company will use the personal information stated in a request form for disclosure, etc. and the identity confirmation documents to the extent necessary to provide the relevant disclosure, etc.
      Be advised that submitted documents will not be returned.

   5. (5) Address to send documents

      Postal code: 142-8558
      Address: 1-3-26, Koyama, Shinagawa-ku, Tokyo
      Taiyo Nippon Sanso Corporation
      Personal Information Protection Consultation Desk

5. Inquiries

   Inquiries, complaints, and consultations on handling of the personal information, pseudonymously processed information, and anonymously processed information must be made to the following contact point:

   Contact point: Personal Information Protection Consultation Desk
   Address: Postal code 142-8558
   1-3-26, Koyama, Shinagawa-ku, Tokyo
   Taiyo Nippon Sanso Corporation
   Email address: privacy@tn-sanso.co.jp
   Telephone No.: 03-5788-8931
   (Telephone answered from 9:00 a.m. to 12:00 p.m. and from 1:00 p.m. to 5:00 p.m. excluding Saturdays, Sundays, national holidays, and company holidays)

Enacted: April 1, 2022
Revised: April 18, 2025
Taiyo Nippon Sanso Corporation
Representative Director, President: Kenji Nagata