GDPR Privacy Policy

THIS PRIVACY POLICY ONLY APPLIES TO PROCESSING OF PERSONAL DATA SUBJECT TO EU GENERAL DATA PROTECTION REGULATION No 2016/679 (THE “GDPR”).

1. INTRODUCTION

This website is owned and operated by Mizkan Holdings Co., Ltd. ("Mizkan"), a stock company incorporated under the laws of Japan.

This Privacy Policy is to inform consumers (i.e. “you”) of how we at Mizkan and our group companies (excluding in the UK1 ) (“us”) process your personal data and explains the measures and processes we have put in place to protect your information and the privacy rights you have by law.

We provide you with this information as required by the GDPR. It is important that you read this privacy policy together with any other privacy notice we may provide you when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements the other notices and is not intended to override them.

2. LAWFUL PROCESSING

We will only process your personal data:

  1. where you have given your consent;
  2. where the processing is necessary to provide our products or services to you;
  3. where the processing is necessary to respond to a request from you;
  4. where the processing is necessary to maintain our relationship with you;
  5. where the processing is necessary for compliance with our legal and regulatory obligations;
  6. where the processing is necessary in order to protect your vital interest.

In case of a. above, you may withdraw your consent at any time, by making a request as set out in section 12 below.

3. WHAT PERSONAL DATA WE COLLECT ABOUT YOU

3.1 We process the following types of personal data about you:

  1. Your name, email address, twitter and/or Instagram handle and other contact details;
  2. Details of your preferences for types of marketing events or materials;
  3. Your messages, feedback or contributions to customer surveys and questionnaires;
  4. Other communications you send to us; and
  5. Details of your access to our websites (including IP address).

3.2 It may be necessary for you to provide us with your personal data, to enable us to manage our business and operations, to maintain our relationship with you, to provide our products or services to you or to comply with our legal and regulatory obligations. If you fail to provide your personal data when requested, we may not be able to maintain our relationship with you or to provide our products or services to you.

3.3 We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all your personal data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware that we have inaccurate personal data relating to you (see section 9 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

4. HOW WE COLLECT PERSONAL DATA

We usually collect your personal data from the information you submit during the course of your relationship with us. This will typically be through;

- You sending us emails and other correspondence
- The forms and documents used when you sign up to our marketing or market data news lists
- The sign-up information you use to access any of our products or services
- The information you as a customer provide to us as supplier so we can ship to you and bill you and can contact you on orders and/or issues

5. HOW WE USE PERSONAL DATA

We will process your personal data for the following purposes:

  1. to provide you with requested products or services;
  2. to respond to your messages or posts to us;
  3. to provide you with promotional and marketing materials about our products and services that we think you may be interested in;
  4. to manage, develop and improve our product range, services, stores, information technology systems and websites;
  5. for monitoring and assessing compliance with various laws and our policies and standards;
  6. to comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies;
  7. to carry out money laundering, financial and credit checks and for fraud and crime prevention and detection purposes;
  8. for administrative purposes in relation to the security and access of our websites and applications;
  9. to comply with court orders and exercise and/or defend our legal rights;
  10. to deal with your complaint or any concerns about your health and/or wellbeing;
  11. for any other legitimate business purpose; and
  12. as otherwise permitted or required by any applicable law or regulation

In some case, such as for instance a competition or prize draw, you may provide us with specific information, such as a photo, which could contain personal data. In those specific cases we will always tell you for what objective we gather the information and for how long we intend to keep it.

Where you wish to share personal data on specific matters like health, with us, to enable us to handle a question and/or complaint we may ask you for your consent before we process such data. If you submit your request online we may ask for your consent online before you can submit your question. If you submit your correspondence by postal mail we may first have to contact you and ask you for your written consent. If you call us we may ask you for your consent in the telephone call and will record you answer before we can process your personal data. In all three incidences we would maintain a record of your consent for us to process such specific data.

Please note; “PROPERTIES OF A COMPUTER FILE”; Each picture file that you submit to us may contain additional information in its “PROPERTIES”. Pictures taken with a mobile phone may indicate in its “PROPERTIES” the GPS coordinates of the location were the picture was taken. As a matter of caution, we recommend that you to remove all additional data in “PROPERTIES” before submitting a picture to us.

6. INTERNATIONAL TRANSFERS OF PERSONAL DATA

This website is controlled and operated from Japan and the files containing your personal data will be maintained on our servers or those of our IT service providers located in Japan. As the European Commission has confirmed that the laws in Japan offer an adequate level of protection of personal data as are enjoyed within the European Economic Area (“EEA”), we will process your personal data with the same level of protection as in the EEA and recognise your rights on your personal data you would hold under the GDPR.

Where we share your personal data with our group companies in Japan, we will rely on the decision by the European Commission in accordance with Article 45 of GDPR that the laws in Japan offer an adequate level of data protection as are enjoyed within the EEA.

We may also transfer your personal data to our other group companies or other third parties (set out in section 7 below) located in countries in which laws do not offer the same level of protection of personal data as are enjoyed within the EEA. In such cases, we will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the GDPR. You can obtain copies of the relevant safeguard documents by making a request as set out in section 12 below.

7. WHEN WE MAY DISCLOSE YOUR PERSONAL DATA

We do not and will not sell, rent out or trade your personal data. We will only disclose your personal data to the following recipients:

  1. to our group companies for the purposes set out in this Policy;
  2. to third parties who process your personal data on our behalf such as:
    (i) Providers of consumer and customer communications in areas such as; (A) Digital and social media communications
    (B) Customer care
    (C) Advertising
    (D) Market Research
    (ii) Providers of logistical services -
    (iii) Providers of legal services -
    (iv) Providers of IT support services in areas such as; (A) Website development and website management
    (B) Web site hosting
    (C) Providers of generic IT services
    (D) Application development
    (v) Providers of assurance in areas such; (A) External- and Internal Audit
    (B) Health, safety, hygiene and technical matters
  3. to any third party to whom we assign or novate any of our rights or obligations;
  4. to any prospective buyer in the event we sell any part of our business or assets; and/or
  5. to any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.

8. HOW WE PROTECT YOUR PERSONAL DATA

We are committed to safeguarding and protecting your personal data and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect your personal data from accidental or unauthorised destruction, loss, alteration, disclosure or access.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as is required by the law.

9. YOUR RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT

9.1 If you wish us to stop sending you marketing emails, please make use of the option at the end of our marketing emails to you in which you can request that we remove you from our mailing list.

9.2 If you wish to:

  1. update, modify, delete your personal data or obtain a copy of your personal data that we hold; or
  2. restrict or stop us from using any of your personal data which we hold,

you can request this by contacting us as set out in section 12 below.

9.3 In any of the situations listed above, we may request that you prove your identity in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.

10. HOW LONG WE WILL HOLD YOUR PERSONAL DATA FOR

We will only retain your personal data as long as necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.

11. HOW WE UPDATE OR CHANGE THIS PRIVACY POLICY

This Policy does not form any contractual relationship between you and us, and we may change or update parts of this Policy to maintain our compliance with applicable law and regulation or following an update to our internal practices. We will do this by updating this Policy on this website from time to time.

You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Policy so you are fully aware of any changes or updates.

12. HOW YOU CAN CONTACT US

If you have any queries about the contents of this Policy or your personal data, or wish to make a request in relation to your personal data, please contact us through the form "Contact Us".

When you make your request please indicate the following;

13. HOW TO LODGE A COMPLAINT TO THE DATA PROTECTION AUTHORITY

The protection of your personal data and of our relationship with you is important to us. Therefore if you have any questions or you think we have breached your data protection rights please contact our inquiry desk above through the form "Contact Us"

However, if you are unable to come to a solution with our inquiry desk, you may lodge a complaint with a supervisory authority, in particular in the EEA member state of your habitual residence, place of work or place of the alleged infringement of the GDPR.

  1. You can find the privacy notice of our group companies in UK by visiting following link: https://www.mizkan.co.uk/fair-processing-notice/
  2. A specific situation could be a specific campaign, an event during which we handed out samples, a competition etc.