IIJ DPO/CPO Support Service

Dealing with privacy protection laws for each country

In recent years, the use and application of personal data by large-scale service providers and other such companies has become a global topic of interest. In response to this, each country has recognized the need for personal data protections and has enacted privacy protection laws. However, due to country-specific legislative systems and political circumstances, these laws are enacted on a per-country basis rather than mutually.
Among the countries having different privacy protection laws, an increasing number of countries (including the EU, South Korea, Singapore, Thailand, Brazil, Vietnam, Mexico, Turkey, Russia, and India) are requiring companies to have DPOs and CPOs. Furthermore, more and more laws levy fines against businesses that violate the laws, such as GDPRs and the California Consumer Privacy Act of America’s California state, corporate compliance risk management has become essential.

Having experts who can support DPOs/CPOs

As stated above each country has enacted different privacy protection laws. This situation places a huge burden on companies deploying global businesses or planning to do so in the future in terms of time and cost.
Companies that have already deployed their business in other countries must continuously observe the requirements of each country’s privacy protection laws such as by appointing DPOs and CPOs, and maintain the compliance structure of the group.
Meanwhile, companies that plan to deploy their business in other countries in the future must investigate the privacy protection laws of those countries. And, after weighing the merits of business deployment over the risks and costs of compliance with such laws, we need to consider whether the business deployment is still necessary.

IIJ has been taking on the role of an Internet service provider that has taken good care of our customers’ personal information, and we have continued to adhere to each country’s privacy protection laws including EU laws since before GDPR was enforced. Utilizing that knowledge, IIJ supports companies deploying global businesses or planning to do so in the future, as well as their DPOs and CPOs, in investigating the privacy protection laws of each country and complying with those laws.

Supporting various global governances

How your group has the DPOs and CPOs required by each country’s privacy protection laws is determined based on your company’s global governance policy.
In order to manage compliance with the privacy protection laws of each country location, this service can provide support in having a centralized DPO/CPO at the Japan headquarters alone or having DPOs/CPOs at the Japan headquarters and at each country location.