Palace Hotel Group Policy for the Protection of Privacy

Palace Hotel Group’s Personal Information Protection Policy
Establishing and Maintaining Compliance Program
  Palace Hotel Group ("PHG") is committed to establishing a compliance program that obligates its directors and employees including staff members borrowed from outsourcing personnel agents, etc. ("the employed").
Appointment and Authorization of Personal Information Administrator
  "PHG" appoints Personal Information Administration Officer who is top responsible for the PHG's personal information protection. The authority of such Officer is to be clearly defined in the corporate organization and the Officer is to receive organizational support so that he or she may be able to properly manage personal information protection responsibility.
Establishing In-house Rules & Regulations
  "PHG" establishes in-house rules and regulations to protect privacy of personal information and establishes clear policy for handling personal information. "PHG" notifies all "the employed" that their leakage of information and similar acts shall be subject to severe penalties.
Information Security Measures
  "PHG" is determined to take necessary measures both for maintaining accurate and secure personal information and for preventing illegal access to, or loss, destruction, falsification and leakage of personal information.
Reviewing and Improving Outsourcing System
  "PHG" is determined to review and improve its outsourcing procedures, in order to have the privacy of personal information more secured. In concluding contracts with outsourcing agents, "PHG" rigidly reviews its outsourcing agents from the viewpoint of their qualification and capability to protect personal information.
Compliance with Laws and Regulations
  "PHG" declares its strict compliance with the governmental laws, guidelines and standards concerning protection of personal information.
Intensified Training of the Related Staff
  "PHG" plans to train all staff members who are handling personal information so that they are fully equipped with the knowledge about information security.
Intensified Internal Auditing Function
  "PHG" plans to intensify its internal auditing function by introducing an organizational mechanism to review whether the systems and procedures for protecting personal information are properly operated or not.