|Applicable Privacy Laws||General Data Protection Regulations, the Data Protection Act (UK), and Act on the Protection of Personal Information (Japan)|
|GDPR||General Data Protection Regulations|
|EU||The European Union, including the Member States and Iceland, Liechtenstein and Norway, based on the European Economic Area (EEA) Agreement.|
|Controller||Natural or legal person, public authority, agency or other body which, alone or jointly with others, determine the purposes and means of the Processing of Personal Data.|
|Personal Data||Any information relating to an identified or identifiable natural person ("Data Subject"): an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.|
|Data Subject||A natural person whose Personal Data is processed, identified or identifiable by the Controller who processes it.|
|Processor||A natural or legal person, public authority, agency or other body that processes Personal Data on behalf of the Controller.|
|Recipient||Any natural or legal person, public authority, agency or other body, to which the Personal Data is disclosed, whether a Third Party or not. However, public authorities which may receive Personal Data within the scope of a particular inquiry in accordance with Union or Member State law shall not be regarded as a Recipient. The Processing of the Personal Data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the Processing.|
|Third Party||A natural or legal person, public authority, agency or body other than the Data Subject, Controller, processor and persons who, under the direct authority of the Controller or processor, are authorized to process Personal Data.|
|Restriction of Processing||The marking of stored Personal Data with the aim of limiting their Processing in the future.|
|Processing||Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.|
|Profiling||Any form of automated Processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.|
|Consent of the Data Subject||Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.|
2. The name and address of the Controller
|Address:||5-3, Creative-Hills, Imabari City, Ehime Pref.|
Moreover, the Data Subjects can, at any time, prevent cookies from being activated by changing the settings in the Internet browser and can permanently block the activation. In addition, cookies that are already set as “non-active” can be deleted at any time through the Internet browser or any other software program.
This is possible for all common Internet browsers. If the Data Subject disables the cookie settings of the Internet browser, not all of the functions of our websites will be fully available for the Data Subject.
※The type of cookies
- Classification by Duration
- Session cookies: Cookies that are temporary and expire once the user closes the browser.
- Persistent cookies: Cookies that remain on your computer/device for a fixed duration.
- Classification by attribution
- First-party cookies: Cookies which are set up by a web server and share the same domain.
- Third-party cookies: Cookies which are stored by a domain that is different from the domain of the page the user visited. Cookies occur when a webpage refers to a file, such as Java Script, that is outside of that domain.
4. Purposes of the Processing of Personal Data
(1) Purposes of the Processing
We Process the categorized Personal Data only for the following purposes:
- The personal information on customers and business partners
- Provision of the services related to the construction, maintenance, inspection, and repair of products in our business
- Planning, research, development, testing, and demonstration of products in our business, and marketing
- Control of access to our facilities
- Control of access to our online system
- Management of customer information, payment, and income calculation
- Necessary business communications, business negotiations, and conclusion of contracts
- Responses to inquiries
- Personal information of recruitment applicants
- Provision of employment information to the recruitment applicants
- Management of our recruitment operations
- Personal information concerning our employees (including the guarantees of our employees)
- Human resource management
- Payment of remuneration, salary, bonuses
- Procedure for national health insurance and taxes
- Provision of the information to health insurance unions, corporate pension funds, and affiliated companies
- Procedures upon retirement
- Emergency contacts
- Notification and report to the government and other public offices
- Notification, report, and contact to customers and business partners related to the assigned operations
- Other procedures and communications necessary for the business
(2) Sources of the Personal Data
For the purpose of Processing (1) above, we obtain Personal Data from the following sources:
- Directly from the Data Subject (e.g. Personal Data described in the application form)
- Indirectly from the Data Subject (e.g. IP Address obtained when viewing our site)
- Public information (e.g. Internet information)
- Social media (e.g. Twitter, LinkedIn, Facebook)
- Investigation reports provided by a Third Party
(3) Type of Personal Data
- Personal information
- Personal purchase history
- Provided products and services
- Financial Information
- Educational background
- Employee information
- Guarantee information
(4) Provision and sharing of Personal Data
We may need to share the Personal Data with the following Third Parties for the purpose of (1). If this is necessary, we will comply with Applicable Privacy Laws.
- Group companies
- Professionals such as attorneys, tax accountants, certified public accountants and licensed social security consultants
- Financial institutions
- Current, past and future employees
- Service providers and suppliers
5. Legal basis for the Processing of Personal Data
Legal basis for the Processing
- In the event that the Data Subject consents to the Processing of its own Personal Data for one or more specific purposes
※If the Processing is based on the consent of the Data Subject set forth in ① above, such Data Subject has the right to withdraw this consent.
- In the event that the Processing is necessary for the performance of a contract to which the Data Subject is a party, or In the event that the Processing is necessary to implement procedures at the request of the Data Subject prior to the conclusion of the contract.
- In the event that the Processing is required for the Controller to comply with the legal obligations.
- In the event that the Processing is necessary to protect the substantial interests of the Data Subject or other natural persons.
- In the event that the Processing is necessary in the performance of business for the public interest or for the exercise of public authority granted to the Controller.
- In the event that the Processing is required for the legitimate interests sought by the Controller or the Third Party. Provided, however, this shall not apply when the basic rights and freedoms of the Data Subject, in particular those of children, supersedes those interests.
- Marketing to customers (direct marketing)
- Providing services to customers
- Application for our recruitment
6. Rights of the Data Subjects
Under the Applicable Privacy Laws, including GDPR, the Data Subject has the following rights. To assert these rights, the Data Subject may contact us at any time.
Right of access
The Controller shall provide a copy of the Personal Data to the Data Subject, when the Data Subject makes any request to access the Personal Data.
Right to rectification
The Data Subject shall have the right to ask the Controller to have incomplete Personal Data completed.
Right to erasure (forgotten right)
The Data Subject shall have the right to obtain from the Controller the erasure of Personal Data concerning him or her without undue delay in certain cases.
Right to Restriction of Processing
The Data Subject has the right to obtain from the Controller Restriction of Processing in certain cases.
Right to obtain notification concerning restrictions, deletion, and Processing of Personal Data
In the case of 2 to 4 above, the Controller shall inform the recipients of the Personal Data about this Process and shall inform the Data Subject about those recipients if the Data Subject requests it.
Data portability rights
The Data Subject has the right to receive his or her Personal Data in a structured, commonly used, machine-readable form. The Data Subject is also entitled to transfer such data to another Controller without obstructing the Controller to whom the Personal Data is provided.
Right to object
The Data Subject has the right to object to the Processing of his or her Personal Data on the basis of the need for the Processing for the purpose of legitimate interests sought by the Controller or a Third Party.
Automated individual decision-making, including Profiling
The Data Subject shall have the right not to be subject to a decision based solely on automated Processing, including Profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. We do not perform automated Processing, including Profiling, on the Personal Data of the Data Subject.
Right to file a complaint
The Data Subject has the right, at any time, to file a complaint with the supervisory authority (especially, the supervisory authority in EU member states where the address or the workplace of our users is located or where the breach of GDPR occured). Nevertheless, before the Data Subject contacts supervisory authority, we would like the Data Subject to provide us with an opportunity to respond to the complaints.
7. Security Control Measures
We, as a Controller, take sufficient technical and organizational safety management measures to protect Personal Data. In the event that the Data Subject is concerned about a particular method of data transfer, we will take sufficient alternative measures.
8. Cross-border data transfer
We sometimes relocate data-driven Personal Data from the offices (branches, representative offices, subsidiaries, distributors, agents, contractors) in the EU countries to the offices in Japan or overseas locations of our group. The Personal Data of the Data Subject to be transferred includes the Personal Data of our customers and our employees of the business offices in the EU.
The transfer of Personal Data to Japan is based on a sufficient decision for the cross-border data transfer.
The transfer of Personal Data to a third country other than Japan/EU (excluding countries/regions that have obtained adequacy decision) shall be transferred by concluding the Standard Contract Clause.
You can check the requirement of adequacy decision in Japan on the European Commission's website (https://ec.europa.eu/info/law/law-topic/data-protection_en).
9. Storage period of Personal Data
The storage period of Personal Data is the statutory storage period of each EU member country and Japan, and Personal Data will be promptly and securely deleted after the statutory storage period, unless the use of Personal Data is necessary for the purpose of the contract Processing or any other Processing.
10． General Provisions
Please contact us at the following for enquiries regarding our handling of personal information.
Ushio Reinetsu Co., Ltd.
5-3, Creative Hills, Imabari, Ehime, Japan
Tel: +81-898-34-1230 Fax: +81-898-34-1231