This standard specifies the principles and security requirements for personal information processing activities such as collection, storage, use, sharing, transfer, public disclosure, and deletion. This standard is applicable to regulating the personal information processing activities of various organizations, and is also applicable to the supervision, management and evaluation of personal information processing activities by competent regulatory authorities, third-party evaluation agencies and other organizations.