Kuraray Co., Ltd. and its group companies listed in Exhibit 1 attached hereto (hereinafter collectively, the “Kuraray Group”) are highly conscious of the importance of personal information. The Kuraray Group has established the following policies to safeguard personal information.
1. Management of personal information
- The Kuraray Group has appointed personal information managers in each organization that treats personal information. These managers are responsible for the security of personal information collected by their organizations.
- The Kuraray Group strives to prevent unauthorized access, leaks, or loss of personal information to ensure the security of personal information.
2. Use of personal information.
When the Kuraray Group collects personal information, the Kuraray Group will clearly specify the purpose of use, and the personal information will be used only for such purpose as specified. A data subject may refuse to provide its personal information at its discretion. The purpose of use of personal information is as follows;
- Customers, suppliers or vendors: business communications, providing information on services and products offered by the Kuraray Group,
- Shareholders: to allow execution of shareholders’ rights under the corporation law, to provide information and/or services to shareholders, administration of the shareholder registry,
- Job applicants: communication necessary for recruitment,
- Response to inquiries from the data subject, or
- Other purposes specifically informed to the data subject.
The Kuraray Group may, to the extent necessary for the purpose (1) or (4) mentioned above, share personal data (address, name, company name, telephone number, e-mail address, etc.) within the Kuraray Group.
3. Disclosure to third parties.
Except as stipulated below, the Kuraray Group will not release personal information to third parties. Providing information to contractors or affiliate companies by legitimate means is not considered as disclosure to third parties;
- With the explicit permission from the data subject,
- As required by law,
- When the provision of personal information is necessary for the protection of the life, body, or property of an individual and it is difficult to obtain the consent of the person,
- When the personal information is necessary for a state or local government in executing the affairs prescribed by laws and regulations and obtaining the consent of the person are likely to impede the execution of the affairs,
- When personal information is appropriately edited as statistical data by which the data subject cannot be identified, or
- When personal information is transferred in consequence of a merger, amalgamation or other corporate reorganization,
4. Changes in personal information.
A data subject has right to request to disclose, correct, add, delete, discontinue using, or erase its personal information the Kuraray Group has. The Kuraray Group will comply with these requests only after verification of the identity of the requestor. Inquiries with regard to personal information will be directed to the department to which the data subject provided its personal information. In the case that a data subject is not sure where to contact, inquiries may be accepted at:
- E-mail: PersonalDataProtection.JP@kuraray.com
- Tel: +81-3-6701-1000
- Fax: +81-3-6701-1005
Handling of Personal Information of Residents of the EEA
Purpose of use and Legal basis under GDPR for processing the personal data which the Kuraray Group processes;
- Customers, suppliers or vendors: business communications, providing information on services and products offered by the Kuraray Group. Legal basis: Consent of the data subject (GDPR Art.6(1) a) or Legitimate interest (GDPR Art.6(1) f)
- Response to inquiries and requests from the data subject. Legal basis: Consent of the data subject (GDPR Art.6(1) a) or Legitimate interest (GDPR Art.6(1) f)
When the Kuraray Group transfers personal data to its group companies or contractors listed in Exhibit 1 attached hereto, the personal data may be transferred to the counties outside the EEA. The Kuraray Group will transfer personal data only to the extent;
- the transfer to a country may take place where the EU Commission has decided that the country ensures an adequate level of protection of personal information (GDPR Art. 45),
- the transfer to a third party with whom the Kuraray Group executed the standard data protection clauses approved by the EU Commission (GDPR Art. 46.2）, or
- the transfer takes place on one of the conditions listed in GDPR49.1.
The Kuraray Group will store personal data for the appropriate period determined based on the criteria of the respective statutory retention period. After expiration of the period, the corresponding data no longer necessary will be deleted in accordance with the respective retention policy.
A resident of the EEA has the following rights in connection with his/her own personal data handled by the Kuraray Group;
- access (disclosure),
- restriction of processing,
- data portability,
- object to processing, and
- withdrawal of data processing consent.
The Request Form is attached hereto as Exhibit 2.
Lodging a complaint with a competent authority
A resident of the EEA has right to lodge a complaint on the processing of their personal data with a competent supervisory authority. The following URL provides information of the authority:http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
Contact information of the Data Protection Officer of the Kuraray Group in EEA:Kuraray Europe GmbH
65795 Hattersheim / Germany
Attn: Data Protection Officer
Handling of Access Data obtained through this web site
Access Data we collect from Users
This web site may collect and use the following types of access data from visitors.
- Access logs
Information from users’ access logs, including IP addresses, access times and dates, referrers, accessed files and browser type.
We only use access logs data to improve the user experience on our websites and services
Lawful Basis for Processing
We only process access data where we have a lawful basis to do so, such as the following:
- We may process your access data when you have given us permission to process your access data for a given purpose.
- Legitimate Interests
We may process your access data based on our legitimate interest.
We believe many of our purposes will be helpful not only for us but also for you, as it allows us to improve our products and services to be better oriented to your needs.
Access Data Shared with Third Party Service Providers
The following third-party providers may have access to the access data collected by us.
- Google Analytics
Google Analytics sets and accesses cookies on your computer or other device to collect information such as the numbers of visitors to our websites, where visitors have come to the websites from, and the pages they have visited. This website uses Google Analytics to help collect and analyze certain information to engage in analysis, auditing, research and reporting. You may review Google Analytics’
security and privacy principles by clicking here