SHINDO Co., Ltd. ("SHINDO") understands that it is an important social responsibility of ours to ensure appropriate control over private information that is collected from our customers in necessary business transactions or from our employees.
Control, collection, usage and provision of private information
- 1. Control of private information
- SHINDO shall establish a system to provide appropriate protection and control over private information.
This includes the development of internal policies regarding the appropriate collection, usage, and provision of private information, and the strict adherence to such policies.
- 2. Collection and usage of private information
- When collecting or using private information, SHINDO shall clearly disclose the intended objective for using such information, and shall handle private information only within the necessity of achieving such intended objectives.
- 3. Provision of private information
- SHINDO will not provide or disclose private information to any third party
unless we have obtained express prior agreement to such provision and disclosure from the individual.
- 4. Outsourcing handling private information to a commissioned company
- Collected private information may be sent to external commissioned company for purposes such as direct mailings or data processing.
Under these circumstances, only commissioned companies that meet our own safety standard levels are selected to ensure privacy protection levels are maintained, and appropriate control and oversight is enforced.
We promise strict compliance with the law, government guidelines, and any other regulations concerning the handling of private information.
Control and safety measures for private information
We will ensure the safety and accuracy of private information by providing necessary precautions against risks to private information such as illegal access, loss, damage, alteration, and leak.
In the unlikely event of a security breach, we shall make every effort to minimize any damage and take immediate corrective actions.
- 1. Personal Data to Be Collected
- The Company Group may occasionally collect the following personal data:
- ・data about contact details provided to the Company Group, including names, occupations, age, user names, addresses, phone numbers, e-mail addresses or other addresses to which messages, company information, and registered data are sent by the Company Group;
- ・related data useful to the Company Group, such as interests in products, contact means, taste in products, languages, taste in marketing, and demographic data, including age and sex;
- ・data about transactions, such as purchase data, the details of inquiries, customer account data, order and agreement data, the details of delivery, invoice and financial data, the details of taxes, transaction and contact histories, and exchange of messages on the Company Group's websites; and
- ・data about security and compliance which are for securing the Company Group's interests, including data for fraud prevention and internal verification as well as image records necessary for the security of the Company Group's facilities.
- 2. Purposes and Method of Using Personal Data Collected
- The Company Group will use personal data for the following purposes:
- ・to carry out customer management, including contact with customers and dealing with orders and requests;
- ・to provide information and updated information about advertising materials for products, services, promotion and the like, as necessary, after the Company Group obtains consent from customers;
- ・to make on-line operation easier in the Company Group as well as to understand ease of use regarding and the performance of the Company Group's websites and to maintain and improve services provided on those websites; and
- ・to carry out business control in the Company Group, including payment transactions, account management, product development, agreement management, corporate governance, audits, and compliance.
- 3. Legal Bases for Handling Personal Data
- The Company Group will collect and use personal data on the following legal bases:
- ・the performance of agreements; and
- ・legitimate interests within the Company Group's business activities.
- 4. Sharing Personal Data with Outside Organizations
- The Company Group may occasionally share personal data with the following business partners and third parties.
- ・Service providers
The Company Group may occasionally carry out operations by using third parties, such as marketing firms and IT service providers. In that case, sharing personal data may be occasionally needed in order to provide the services mentioned in Section 2. Shared personal data will be used for initial purposes on the Company Group's instructions.
- ・Legal obligations
Pursuant to the provisions of laws and regulations, the Company Group may occasionally disclose personal data to public organizations connected with law enforcement in compliance with the requirements under laws and regulations, court orders, the requests of governmental organizations or law enforcement organizations (including those falling within requests for national security or law enforcement measures) (including the requests of the governmental organizations and courts of countries in which the Company Group conducts its business).
To the extent permitted by law, the Company Group may occasionally disclose personal data to third parties (including legal advisers) in order to support the functions of proof, lawsuits or defense to legal claims, exercise of rights, protection of the Company Group's property or other persons' rights, property or safety, external audits, compliance or corporate governance, as necessary.
The Company Group may occasionally transfer personal data to business entities (recipients) that exist in countries outside the EEA, in which personal data are not appropriately protected.
In such a case, the Company Group will take steps to ensure that personal data will be protected at an appropriate level (e.g. execution of an agreement containing Standard Contractual Clauses (SCCs)).
- 5. Security Measures to Protect Personal Data
- The Company Group will take technical, physical and organizational measures designed to protect personal data against accidental or illegal destruction, loss or alteration, unauthorized disclosure or access or other illegal use.
Persons who may access personal data will be limited to those who are permitted to do so, on the basis of the principle of necessary minimum. In addition, the Company Group will take approaches to data security in view of the risks involved in using personal data. The Company Group will continue to apply those approaches to protect personal data while it takes industry standards into account.
- 6．Exercise of Rights Connected with Personal Data
- To the extent of applicable laws, you may exercise the following rights in connection with personal data:
If you wish to exercise any of the rights mentioned above, please contact the inquiry desk shown at the bottom of the page.
- ・the right to voice an objection to the Company Group's collecting, processing or using personal data;
- ・the right to be provided with necessary information when the Company Group collects personal data;
- ・the right to access personal data;
- ・the right to request correction to personal data;
- ・the right to request deletion of personal data;
- ・the right to request restriction of processing personal data;
- ・the right to request data portability in connection with personal data; and
- ・the right to withdraw your consent.
- 8. Access
To the extent required by law, the Company Group will seek your express consent.
In addition, you may withdraw any prior consent given by you to a specific purpose of use by voicing an objection to the use of personal data.
If you wish to voice an objection or to withdraw your consent, please contact the inquiry desk shown at the bottom of the page.
- 9. Retention Period
- The Company Group will not retain personal data beyond the purpose of obtaining them or the requirements under applicable laws and regulations.
- 10. Cookies
- Cookies mean a function to refer to the contents of small file data sent from a Web server to a customer's browser and hard disk. Using cookies can make your use of websites more useful by storing data about your use of specific websites. Using cookies is an industry standard, and cookies are used in many websites for the purpose of providing useful functions to customers. In addition, cookies are not a function to identify the individual identity of a customer.
The Company Group may occasionally use a cookie in the following cases:
- ・where the Company Group revises or discontinues the contents of a website to create a more satisfactory one or provides a service customized for individual customers; and
- ・where the Company Group discloses data to affiliated companies, outsources or the like to a necessary extent in using cookies to analyze what services customers are interested in or to distribute effective advertisements on websites.
- 11. Last Update Date
February 1, 2019.
CEO, Tadashi Shindo