YAMABIKO EUROPE SA DATA PRIVACY POLICY

Introduction

Yamabiko Europe SA, having its registered office located Avenue Lavoisier, 35 1300 Wavre Belgium, and registered under number 477.194.468, is the data controller of your personal data. Yamabiko Europe SA will be referred to hereunder as “Yamabiko Europe” or “we”. We hold personal data about our employees, customers, distributors, dealers, suppliers and other individuals for the purposes described in this policy. This policy sets out how we collect, use and share your personal data, and how to access and update and correct your personal data.

Collection and Processing of your personal data

The purposes for which personal data may be collected and processed by us include the following

  • For sales and marketing
  • To promote Yamabiko brands
  • For product development purpose
  • For practical confirmation before mass production
  • To provide before/after service
  • For future business development
  • For quality checking
  • For solving quality problem of products
  • For performance of indemnity agreement
  • For general human resource information treatment
  • For appraisal of employees

We will retain your personal data as needed to fulfill the purposes for which it was collected as well as to comply with our legal obligations and enforce our agreements.

Sharing your personal data

We may share your personal data with third parties for the purposes of operating our business, delivering, improving, and customizing our products and services, sending marketing and other communications related to our business, and for other legitimate purposes permitted by applicable law or otherwise with your consent. We may share your personal data in the following ways:

  • Within Yamabiko Europe and Yamabiko Corporation (Japan) for purposes of data processing or storage.
  • With our data processors (including our distributors) to provide requested products, services or other transactions. Examples include, but not limited to: processing of orders, providing customer support, etc.
  • If we otherwise notify you and you consent to the sharing

It is possible that we will need to disclose your personal data when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you, (3) investigate and defend ourselves against any third-party claims or allegations, (4) protect the security or integrity of our services and products; or (5) exercise or protect the rights of Yamabiko Europe.

Security

It is our intention to protect your personal data entrusted to us and treat it securely. In this respect we implement physical, administrative, and technical safeguards with the purpose of securing your personal data from unauthorized access, use, or disclosure. We also contractually require that our data processors (including our distributors) protect your personal data from unauthorized access, use, and disclosure.

Access to your personal data and correction

If at any point you believe the personal data we process on you is incorrect, you can request to access the personal data and even have it corrected or deleted free of charge. However in case of abusive requests, we may charge you a reasonable fee. You also have a right to revoke your consent to processing your personal data by us. Please note however that it may prevent us from providing you with our services. If you wish to raise a question or a complaint on how we have handled your personal data, you can contact [email protected]. If you are not satisfied with our response or believe we are processing your personal data not in accordance with applicable laws, you can complain to the Belgian Privacy Commission (https://www.privacycommission.be/fr).

International Data Transfer

Any transfer of your personal data which are undergoing processing or are intended for processing after transfer to recipients in countries outside of EEA (“International data transfer”) shall take place only if, subject to the provisions of this policy and applicable law are complied with by us and our processors, including for onward transfers of your personal data from one country outside of EEA to another country outside of EEA. International data transfer shall be legitimized on the legal basis including the followings.

  • Transfers on the basis of an adequacy (adequate level of protection) decision by the European Commission
  • Transfers subject to appropriate safeguards including standard data protection clauses adopted by the European Commission
  • You have explicitly consented to the proposed transfer, after having been informed by us of the possible risks of such transfers for you due to the absence of an adequacy decision and appropriate safeguards
  • the transfer is necessary for the performance of a contract between you and us or the implementation of pre-contractual measures taken at your request.

Changes to our Data Protection Policy

We keep our present data protection policy under regular review and we place any updates on this landing page. This document was last updated in December 2023

How to contact us

Please contact us at [email protected] if you have any question about our data protection policy or personal data we hold about you

Privacy Notice

Privacy Notice Information that must be provided to a data subject under GDPR Article 13 or 14

The identity and contact details of the controller and, where applicable, their representative (‘controller’ here means the company which, alone or jointly with others, determines the purposes and means of the processing of personal data) Alain Schellekens

CFO

TEL +32 10 48 00 48

[email protected]
Contact details for the data protection officer, where applicable N/A
The purposes and legal basis for the processing (In addition to setting out the purposes of the processing for which the personal data is intended, the legal basis relied upon must be specified) (Data to be collected) Personal identification information (Name, email address, phone number, etc) of customers and prospects. (Purposes)

・To respond inquiries/questions/complaints from customers and prospects

・For future sales/marketing development activity

・For product monitoring test

・For discussion between the users to reflect to the future product development. (Legal basis) Necessary for the purpose of the legitimate interests pursued by Yamabiko Europe
Where legitimate interests (GDPR Article 6.1(f)) is the legal basis for the processing, the legitimate interests pursued by the data controller or a third party   (The specific interest in question must be identified for the benefit of the data subject.) ・To answer questions about sales territories, name of distributor of our products, how to select the right products for their usage, spare parts information for repair.

・To get precise information for product and quality complaint.

・To organize sales activities/events in order to give opportunities to provide new and worthful information.

・Monitoring test to find negative/positive points for future product development.

・Meeting with users to discuss for future product development. Above-mentioned are the specific legitimate interests pursued by Yamabiko Europe.

Those are the benefit for users/prospects as well as Yamabiko Europe.
Categories of personal data concerned (This information is required ONLY when the personal data has not been obtained from the data subject who therefore lacks an awareness of which categories of their personal data you have obtained.) General personal identification information (Name, email address, phone number, etc) of customers and prospects.
Recipients (or categories of recipients) of the personal data (‘recipient’ here means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. Therefore, data controllers, joint controllers and processors to whom data is transferred or disclosed are covered by the term ‘recipient’ and information on such recipients should be provided in addition to information on third party recipients.) Yamabiko Corporation (Headquarter in Japan)
Details of transfers to third countries, the fact of same and the details of the relevant safeguards (including the existence or absence of a Commission adequacy decision) and the means to obtain a copy of them or where they have been made available (The relevant GDPR article permitting the transfer and the corresponding mechanism (e.g. adequacy decision under Article 45 / binding corporate rules under Article 47/ standard data protection clauses under Article 46.2/ derogations and safeguards under Article 49 etc.) should be specified. Where possible, a link to the mechanism used or information on where and how the relevant document may be accessed or obtained should also be provided. The information should explicitly mention all third countries to which the data will be transferred.) -Your personal data are and will be transferred to third country outside of EEA.

-The relevant safeguard for data transfer is data transfer agreement (standard data protection clauses) adopted by a supervisory authority and approved by the European Commission under GDPR Article 46.

-Your personal data are and will be transferred to Japan.
The storage period (or if not possible, criteria used to determine that period) (The storage period (or criteria to determine it) may be dictated by factors such as statutory requirements or industry guidelines but should be phrased in a way that allows the data subject to assess, on the basis of his or her own situation, what the retention period will be for specific data/purposes. It is NOT sufficient for you to generically state that personal data will be kept as long as necessary for the legitimate purposes of the processing. Where relevant, the different storage periods should be stipulated for different categories of personal data and/or different processing purposes.) ・The data to be erased at the end of the next year after the year of obtaining.

・However, data used for solving problem related to quality and/or usage of products shall be kept until the problem being solved.
The rights of the data subject to:

· access;
· rectification;
· erasure;
· restriction on processing;
· objection to processing and
· portability.(This information should include a summary of what the right involves and how the data subject can take steps to exercise it. In particular, the right to object to processing must be explicitly brought to the data subject’s attention at the time of first communication with the data subject and must be presented clearly and separately from any other information.)

 If at any point you believe the personal data we process on you is incorrect, you can request to access the personal data and even have it corrected or deleted free of charge. However in case of abusive requests, we may charge you a reasonable fee. You also have a right to revoke your consent to processing your personal data by us. Please note however that it may prevent us from providing you with our services. If you wish to raise a question or a complaint or an objection on how we have handled your personal data, you can contact [email protected]    
Where processing is based on consent (or explicit consent), the right to withdraw consent at any time (This information should include how consent may be withdrawn, taking into account that it should be as easy for a data subject to withdraw consent as to give it.) N/A
The right to lodge a complaint with a supervisory authority (This information should explain that a data subject has the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of his or her habitual residence, place of work or of an alleged infringement of the GDPR.) You have the right to lodge a complaint on our processing of your personal data with the Belgian Privacy Commission which is a supervisory authority. https://www.privacycommission.be/fr
Whether there is a statutory or contractual requirement to provide the information or whether it is necessary to enter into a contract or whether there is an obligation to provide the information and the possible consequences of failure. (For example in an employment context, it may be a contractual requirement to provide certain information to a current or prospective employer. Online forms should clearly identify which fields are “required”, which are not, and what will be the consequences of not filling in the required fields.) Personal identification information (Name, email address, phone number, etc) of customers and prospects.

・It is necessary to provide information to us so that we can contact you to respond.to questions, inquiries, complaints and so on.

・The failure of providing such information to us could disturb the development of the cases like answering questions, inquiries, complaints and so on.
The source from which the personal data originate, and if applicable, whether it came from a publicly accessible source (This information is required ONLY when the personal data has NOT been obtained from the data subject. Information should include: the nature of the sources (i.e. publicly/privately held sources; the types of organization/industry/sector; and where the information was held (EU or non-EU) etc.). – the nature of the sources : privately held sources – the types of organization/industry/sector: company/retailing/wholesale – where the information was held: EU and non-EU   –                    
The existence of automated decision-making including profiling and, if applicable, meaningful information about the logic used and the significance and envisaged consequences of such processing for the data subject N/A