DENSO WAVE INCORPRATED (the “Company”) shall comply with Personal Information Protection Law in Japan, the laws of EU concerning the protection of Personal Data including the General Data Protection Regulation (“the GDPR”) and other related laws, ordinances and guidelines and appropriately handle the Personal Data obtained from our customers as follows for the protection of the Personal Data.
The Company shall process (meaning any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, and such operation means acquisition, recording, compilation, structuring, storage, rectification, alteration, recovery, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction; hereinafter the same) the Personal Data of the customers, including but not limited to the following information.
Customer name, postal code, address, date of birth, telephone number, e-mail address, customer ID, location information, cookie information, IP address, company name, Department name, managerial position, industry sector, job category, purchase/operational status of our products and/or services, those to be interested, requests for direct mail, history of login to websites of the Company and/or its business allied companies, etc.
Since it is necessary for the Company to receive such information from the customers to provide the customers with the respective services (“QBdirect Service”, ”Denso Robot Member Service” and so on, hereinafter collectively referred to as “Services” ), the customers who cannot or do not provide such information may not use the Services.
The Company shall process the Personal Data to accomplish the following purposes.
・To verify the identity of customers at the time of or after login for using the Services
・To collect and analyze information for developing new Services and improving Services of the Company and send questionnaire for marketing activities
・To inform the Customers about the products, services and business of the Company
・To provide business allied companies of the Company with the information lawfully and appropriately anonymized so that individuals cannot be identified to share such information for the purpose of analysis and so on by the Company and said allied companies
・To provide advertisement delivery business operators with the information lawfully and appropriately anonymized so that specific individuals cannot be identified and to use such information for advertisement delivery service provided by such advertisement delivery business operators
・To respond to inquiries and complaints
・To perform other jobs incidental to the foregoings
If the Company processes the Personal Data of the customers for any other purposes than the abovementioned purposes, the Company shall notify the customers in advance of additional purposes of use and other matters necessary under the applicable laws.
The Company shall keep the Personal Data of the customers as long as it is necessary to provide the customers with the Services but promptly erase it, if it is no longer necessary.
The Company provides a third party including subsidiaries and affiliates of the Company, and company to which the Company entrusts jobs, such as cloud venders or service operators, with the Personal Data of the customers for the purpose of accomplishing the purposes of use specified above.
・In a country outside the EU where a third party is located, the data protection law that is the same as that in the EU may not be developed and many of the rights granted to the data subject in the EU may not be granted.
・The Personal Data of the customers is provided and processed for the purposes of use specified above.
・The Personal Data of the customers is provided to a third party located in a country outside the EU.
Further, the Company guarantees that adequate measures are ensured with respect to the protection of Personal Data of the customers, such as by entering into Standard Contractual Clauses (“SCC”) in accordance with the GDPR, when providing a third party located in a country outside the EU with the Personal Data of the customers.
The Company shall endeavor to keep the Personal Data up to date and if it is inaccurate or insufficient, rectify it.
To prevent unauthorized access to Personal Data or divulgence of Personal Data, the Company evaluates and determines the risk of breach of the Personal Data privacy in a comprehensive manner after taking into account the category of Personal Data, degree of sensitivity, influence including economic and mental damage to the customers concerned when their Personal Data privacy is illegally violated, and takes personnel, organizational and technical safety management measures that are necessary and appropriate according to the risk of breach of Personal Data privacy, set the process to inspect and correct such safety management measures as necessary and makes ceaseless efforts to improve security.
The customers may request the Company make them access to their Personal Data retained by the Company, rectify or restrict the processing of such information or take procedures for data portability. Further, the customers shall have the right to raise an objection to the Company or data protection authority governing the location where the customers resides with respect to the processing of the Personal Data related to the customers. The procedures for exercising various types of rights granted to the customers with respect to the Personal Data may be taken on the following website.