Information Security

The AEON delight Group has positioned "Responding to the Risks of the Information Society" as one of our Materiality issues, and we are committed to continuously maintaining and improving our level of information security.
To ensure information security and the protection of personal information, we are strengthening information security for personal information and information assets entrusted to us by our stakeholders in accordance with the AEON delight Group Information Security Management Regulations and the Regulations on Protection of Personal Information.

• Privacy Policy

In accordance with the IT Governance Guidelines, the AEON Group has established a hierarchical governance system with Aeon Co., Ltd. at the top. Based on the AEON Delight Group Information Security Management Regulations, we set an information security system for the entire AEON Delight Group, including all domestic and overseas Group companies, and established the following management system.

With the Executive Officer Chief Manager of IT as the AEON Delight Group's Chief Information Security Officer,we hold Information Security Committee meetings to decide on measures to strengthen information security and　promote company-wide implementation of these measures.

In addition to identifying and assessing risks related to information security and implementing countermeasures, we monitor information security through internal audits. Furthermore, the AEON-CSIRT*, a specialized team established by the AEON Group to respond to security incidents,is working to build a system to enhance responses to the increasingly sophisticated cyber-attacks that may affect business continuity.

*Cyber Security Incident Response Team

Education for employees

We provide information security and personal information protection training for all AEON delight employees via e-learning once a year to educate them about our policies, information breach incidents, and safety management measures to be taken by each and every employee. In addition, the AEON Group has prepared an Information Security Handbook, which sets forth rules for initial response and reporting in the event of a virus attack, as well as basic security rules for normal times, and we distribute this handbook to our employees. Furthermore, we strive to improve employee security literacy through rank-specific training for new employees and newly appointed managers, and by regularly disseminating news, including measures against targeted e-mail attacks, support fraud, and raising awareness of standards for handling external storage media.

From FY2022, we began offering a DX training program aimed at acquiring the IT Passport to approximately 500 full-time employees in their 20s, which has helped them acquire basic knowledge of information security, among other things.

Protection of personal information

We have established the Personal Information Protection Policy, Privacy Policy, and AEON delight Group Regulations on Protection of Personal Information, and have implemented appropriate safety management measures to protect the personal information that we possess.
We announce any changes to the Personal Information Protection Policy/Privacy Policy on our website and properly obtain the consent of the individual to whom the information pertains when required by law. In addition, each department conducts an annual inventory of the personal information management ledger to list the status of personal information, conducts risk analysis, confirms and corrects safety management measures, and deletes personal information that no longer needs to be retained.