日本コーンスターチ株式会社 とうもろこし澱粉

JAPAN CORN STARCH CO.,LTD

GDPR PRIVACY POLICY

We, JAPAN CORN STARCH CO., LTD. (the “Company”, “we”, “us”, or “our”), believe your privacy is important.
This GDPR privacy policy explains how and why we use data or information which relates to an identifiable individual in the European Economic Area (“Personal Data”), and what we do to ensure that the Personal Data is kept safe and secure in accordance with the General Data Protection Regulation and any other applicable data protection and privacy laws (“Data Protection Laws”).

Article 1. GENERAL INFORMATION ABOUT THE COMPANY
We are a Japanese corporation having its main place of business at Akasaka Inter City 3F, 1-11-44 Akasaka, Minato-ku, Tokyo 107-0052, Japan. You can contact us by writing to us at our office address, telephoning us on +81-3-5570-7000 or emailing to soumu@japan-cornstarch.com.

Article 2. HOW WE COLLECT AND PROCESS PERSONAL DATA

2.1 How we collect Personal Data
We collect and process Personal Data relating to individual business and professional contacts and other people we engage with in the course of our business, such as the employees of our corporate customers. Usually this information is:
1) provided by the individuals themselves; 
2) collected in the process of providing goods and services to our corporate customers (such as through correspondence and exchanging business cards);
3) provided to us by third parties (such as other businesses we work with); or
4) obtained from external sources.

2.2 Types of Personal Data we collect
The types of Personal Data we hold about these individuals typically consists of the contact information such as name, address, telephone number and email address. If we process other types of Personal Data in the course of providing goods and services to our corporate customers, receiving goods and services from our suppliers and promoting our business, then it will be protected to the same high standards explained in this policy.

2.3 Utilization Purpose
Depending on the circumstances, and the nature of our relationship with the people involved, we may use your Personal Data to:
1) exercise contractual rights or fulfil contractual obligation (such as paying our suppliers);
2) communicate with other organizations, advisers or intermediaries;
3) send business related communications (usually by email);
4) comply with our legal obligations; or
5) pursue our legitimate interests in operating and promoting the success of our business, or to pursue the interests of our corporate customers in providing our goods and services.

Article 3. WEBSITE
We do not normally collect Personal Data about visitors to our website unless they choose to provide such information when they contact us.
We collect anonymous information about visitors to our website in order to optimize and improve the website. This might include IP addresses, browser or device details and the connection type (for example, the Internet service provider used). However, none of this information will by itself directly identify any particular user.
Our website may include links to third-party websites or to other software applications or plug-ins. We are not responsible for the content or functionality of any of such external websites.

Article 4. RECIPIENTS OF PERSONAL DATA
Personal Data you provide to us will be kept private and confidential, and we will not disclose or share it with other data controllers without your permission. The only exception to this is where we are legally required to disclose Personal Data. For example, to comply with a court order. We may also be required to share personal information with regulatory authorities in the event of an audit or investigation.
We share Personal Data with some of the third parties who provide services to us. This includes software and cloud service providers and IT support services. However, these third parties will only process Personal Data (which may include your information) on our behalf for specified purposes and in accordance with our strict instructions.
We only use third party service providers who have provided sufficient guarantees, as required by Data Protection Laws, that your Personal Data will be kept safe. We always ensure there is a written contract in place which protects your Personal Data and prevents it from being used for any purpose other than providing services to our business, in accordance with Data Protection Laws.

Article 5. RETENTION PERIOD
We only retain Personal Data for as long as is necessary for the specific purpose(s) it was collected for (or for related compatible purposes such as complying with applicable legal, accounting, or record-keeping requirements).
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from its unauthorized use or disclosure, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Article 6. SECURITY MEASURES
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, damaged or destroyed, altered or disclosed. This includes both physical security measures and electronic security technology.
We limit access to your Personal Data to those employees, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to legal and contractual confidentiality obligations.
We have put in place reporting procedures to deal with any suspected Personal Data breach and will notify you and any applicable supervisory authority of a breach when we are legally required to do so.

Article 7. INTERNATIONAL TRANSFERS
We normally only store Personal Data within Japan. However, some of the technology and support services we use are provided by international organizations and/or companies which are based outside Japan. Before using such service providers, we take steps to make sure that any Personal Data they process is adequately protected and transferred in accordance with Data Protection Laws.

Article 8. YOUR RIGHTS

8.1 Rights under data protection laws
Data Protection Laws provide you with certain rights in relation to your Personal Data as follows:
1) The right to access your Personal Data
2) The right to request correction or completion of Personal Data
3) The right to request erasure of your Personal Data
4) The right to object to processing of your Personal Data
5) The right to restrict how your Personal Data is used
6) The right to have a portable copy or transfer your Personal Data
7) The right to withdraw consent

8.2 Responding
We try to respond to all Personal Data requests within one (1) month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. Please also bear in mind that there are exceptions to the rights above and some situations where they do not apply.
We may need to request additional information from you to help us confirm your identity. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you to clarify your request.

8.3 Fees for making a request
You will not normally have to pay a fee to access your Personal Data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

8.4 How to make a request
If you want to exercise any of the rights described above, please email to soumu@japan-cornstarch.com  or write to General Affairs Department, JAPAN CORN STARCH CO., LTD, Akasaka Inter City 3F, 1-11-44 Akasaka, Minato-ku, Tokyo 107-0052, Japan.

8.5 Your right to complain to a supervisory authority
You have the right to complain to a data protection supervisory authority if you are not satisfied with our response to a data protection request or if you think your Personal Data has been mishandled.

Article 9. CHANGES OR UPDATES TO THIS POLICY
We will change or update this policy from time to time for various reasons including to improve our privacy practices, to reflect changes to our Service, and to comply with relevant laws. The current version will always be posted on our website. This policy was last updated on 25 May 2018.

[END]