(1)Personal information about the customer

• Identity confirmation and personal certification of customers
• Shipment of products, invoices, and prizes to winners for campaigns in which customers participated
• Customer inquiries, inquiries, complaints, repairs, support, confirmation, and records
• Improvement and development of product and other services
• Improvement of customer experience in our digital services (e.g., websites and mobile apps)
• Advertisements and information on products, services, campaigns, etc. through letters of information, e-mails, etc. (*1 and *2)
• Distribution of action-targeting ads using advertising distributors such as Google and Yahoo (*1/*2)
• Analysis of attribute information and activity history obtained by us to understand customers' tastes and preferences (*2)
• To provide our customers with our products and services safely. Includes the discovery of users who are in violation of the terms of use, notice to the users, and investigation, detection, prevention, and response to fraud and unauthorized access that abuse the services.

• *1： Information such as the browsing history and purchase history of websites obtained from customers may be analyzed, and services may be provided or advertisements may be distributed.
• *2： Information such as customer preferences and browsing histories obtained from third parties other than us may be used in conjunction with personal information of customers already in our possession. In this case, we will obtain prior consent from the customer and use it within the scope of the purpose of use listed above.
• *3： The technique of recording and managing customers' information using our website on computers and application software is called "Cookie." Our website uses some cookies to make them more convenient for our customers. This cookie does not provide anything that can be used to identify individuals.
• *4：Our site uses Google's Google Analytics service to keep track of visits to our customers' sites.
  When Google Analytics is used on our site, Google collects, records, and analyzes your visits to our site based on our cookies.
  We receive the result of analysis from Google and understand the visitation status of our customers' sites.
  Customer information collected, recorded, and analyzed by Google Analytics does not include any information that identifies a particular individual. These data are managed by Google in accordance with the company's privacy policy.
  You can also stop being collected your data using our Google Analytics by disabling Google Analytics in the add-on sets of your browser. You can disable Google Analytics by downloading and installing Google Analytics Opt Out Add-On on the Download page of the Opt Out Add-On from Google and changing the add-on sets of your browser. If you disable Google Analytics, Google Analytics is also disabled on websites other than this website you visit, but you can re-enable Google Analytics by reconfiguring the add-ons on the browsers. Please refer to Google Analytics website for explanations of the terms of use of Google Analytics and to the company website for explanations of Google's privacy policy.

< Google Analytics Terms of Service >
https://www.google.com/analytics/terms/
< Google Privacy Policy >
https://policies.google.com/privacy?hl=en
< Google Analytics Opt Out Add-On >
https://tools.google.com/dlpage/gaoptout?hl=en

(2)Personal information on business partners (in the case of corporate clients, their officers and employees)

• For business communication, contract performance, business negotiations, etc.
• For the management of supplier information

(3)Personal information about shareholders (directors and employees if shareholders are corporations)

• Exercise of rights and fulfillment of obligations under the Corporate Law
• Management of shareholders information, including the preparation of records in accordance with various laws and regulations
• For sending company information, etc.

(4)Personal Information on Applicants for Adoption and Recruitment Activities

• Planning and operation of internship and career education (including use in questionnaires, etc. for future reference)
• Recruitment selection work (including use in questionnaires, etc. for reference in future recruitment activities)
• Application information for those who have been hired as a result of the recruitment selection process shall be included in our personnel information after joining the Company.
• Communication and provision of information on our future recruitment (career recruitment, etc.)
• Information on medical examinations at the time of hiring and procedures for entering the company
• Reference for our future recruitment activities and other work related to and incidental to recruitment selection, employment, etc.

---

(1)Personal Information

Company name, department, position, address, name, zip code, telephone number, fax number, e-mail address, etc.

(2)Scope of joint users

We and the affiliated companies included in our financial statements

(3)Purpose of Use

Shared use shall be made within the scope of the purpose of use stated in 1 (1) (2) above.

(4)Name, address, representative, of the company responsible for the management of personal data

Kenichi Hori
President and Chief Executive Officer
Mitsui & Co., Ltd
2-1, Otemachi 1-chome, Chiyoda-ku, Tokyo 100-8631, Japan

Further, please contact following office regarding the shared usage of personal information.

2-1, Otemachi 1-chome, Chiyoda-ku, Tokyo 100-8631, Japan
Mitsui & Co., Ltd. Representative Office for Personal Information Protection

---

(1)when the Company obtains the prior consent of you.

(2)when the Company is required by laws and regulations to provide personal information.

---

(Establishment of Personal Information Protection Guidelines)

• In order to ensure the proper handling of personal data, we have established a Personal Information Protection Guidelines with respect to "compliance with relevant laws and guidelines" and "contact points for questioning and complaint processing."

(Development of Disciplines on the Handling of Personal Data)

• The Rules on Personal Information Protection have been established for each stage, including acquisition, use, storage, provision, deletion, and disposal, with respect to the handling methods, responsible persons in charge, handling persons in charge, and their duties.

(Organizational Safety Management Measures)

• We have appointed a responsible person in charge of the handling of personal data, clarified the scope of personal data handled by employees handling personal data, and established a system to report to the person in charge of any violation of the Personal Information Protection Law or the Rules on Personal Information Protection.
• Each organization conducts periodic self-inspections of the status of the handling of personal data, and the Internal Audit Department conducts audits.

(Human Security Management Measures)

• We regularly alert employees and provide them with training on matters to be noted regarding the handling of personal data.
• Matters concerning the confidentiality of personal data are described in the Employment Regulations and written pledges are submitted by employees.

(Physical Safety Management Measures)

• In areas where personal data is handled, we control the entry and exit of employees and restrict devices, etc. brought in, and take measures to prevent unauthorized persons from viewing personal data.
• In addition to taking measures to prevent theft or loss of equipment, electronic media, and documents that handle personal data, measures are taken to prevent personal data from being easily identified when transporting such equipment, electronic media, etc., including transportation within business sites.

(Technical Safety Management Measures)

• Access control is implemented to limit the scope of person in charge and personal information databases handled.
• We have introduced a mechanism to protect information systems that handle personal data from unauthorized access from outside sources or from unauthorized software.

(Understanding of External Environments)

• When handling personal data at a server located in a foreign country, we constantly obtain the latest information on the personal information protection system in the foreign country concerned and take security control measures in accordance with the condition of the system.

---

---

Consultation desk / procedure method

2-1, Otemachi 1-chome, Chiyoda-ku, Tokyo 100-8631, Japan
Mitsui & Co., Ltd. Representative Office for Personal Information Protection

---

2-1, Otemachi 1-chome, Chiyoda-ku, Tokyo
Mitsui & Co., Ltd., Representative Office for Personal Information Protection

Procedure

1. If you would like to disclose, change or delete your personal information, or to disclose the provision record to a third party of your personal information, please let us know below by mail first.

Items to be written on postcards and sealed letters

• Address and name of the recipient of the "Request for Disclosure etc. Request "
• Please simply indicate that you wish to send a "Request for Disclosure etc. Request"

Postcard and postal address

• Please mail to the above consultation desk
• In order to send the "Request for Disclosure etc. Request" correctly, we ask that you send us a postcard or letter. Please note.
2. Based on the above communication, we will send you a "Request for Disclosure etc. Request Form" and "Instructions".
3. Please fills in the "Request for Disclosure etc. Request" with the necessary information, enclose the "Document for your identification" based on the "Instructions", and sends them by mail to our consultation desk.
4. After confirming the contents of the request, we will reply by mail.

• *Depending on the content of the disclosure etc., a fee may be charged.
• *In the case of a request for disclosure etc. by an agent, please attach a power of attorney from the principal and enclose it in accordance with the "Instructions".