Privacy Policy for Customers in EEA
Yanmar Holdings Co., Ltd. and its group companies (“Yanmar”), in connection with the provision of the products and services to customers (the “Customers”) residing in the European Economic Area* (the “EEA”), for the purpose of complying with the EU General Data Protection Regulation (the “GDPR”), and to appropriately process the personal data of the Customers residing in the EEA, hereby establishes this “Privacy Policy” (this “Privacy Policy”).
1. Processing Personal Data
(1) Definitions
“Personal data” means any data relating to an identified or identifiable natural person, including, without limitation, name, address, date of birth, telephone number, e-mail address and user IDs of Customer residing in the EEA.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” means a legal person, etc. which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a legal person, etc. which processes personal data on behalf of the Controller.
(2) Types of Personal Data To Be Collected
Yanmar will collect the following types of personal data concerning Customers in connection with the products and services:
- Contact information that allows Yanmar to identify and communicate with the Customer, such as the Customer’s name, phone number, mailing address, email address, and location information.
- Transaction information about how the Customer interacts with Yanmar, Yanmar’s dealers and business partners, including inquiries, warranty claims and purchase, use or provision of the products and services.
- Relationship information that helps Yanmar understand Customer’s personal or professional interests, demographic backgrounds and Customer’s experiences with Yanmar’s products and services.
- Observed information that automatically acquired by Yanmar’s machines in connection with using the products and services, including operation and location.
(3) Purposes Of Use Of Personal Data
Yanmar will process the Customers’ personal data for the following purposes:
- to provide the Customers with the products and services of Yanmar;
- to contact the Customers regarding the products, services and business of Yanmar;
- to inform the Customers about the products, services and business of Yanmar;
- to inform the Customers about seminars, exhibitions, demonstrations, etc that Yanmar holds, organizes, co-sponsors, supports or sponsors;
- to provide the Customers with warranty service and repair service for its products;
- to provide guidance on periodic inspection and conducting after-sales activities;
- to ask for cooperation in questionnaire surveys on customer satisfaction with the use of the products and services;
- to develop new products and analyze their marketing; and
- to administer Yanmar’s site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
If Yanmar is to process the Customers’ personal data for purposes other than the above, Yanmar will notify Customers in advance such new purposes of use and other matters as required by applicable laws.
By manifesting their intention to consent to this Privacy Policy, Customers will be deemed to have consented to the processing of their personal data by Yanmar within the scope of the above purposes of use, and Yanmar will process the Customers’ personal data based on such Customers’ consent; provided, however, that Customers may withdraw such consent at any time, which such withdrawal shall not affect any legitimate processing performed pursuant to the consent prior to the withdrawal. Yanmar may also process the Customers’ personal data within the scope of the above purposes of use in this Privacy Policy under a legal basis permitted by GDPR.
Yanmar may require Customers to provide their personal data in connection with the provision of the products and services. In such case, if certain Customers do not provide its personal data, Yanmar may be unable to provide the products and services.
(4) Retention Period
Yanmar will retain the Customers’ personal data to the extent Yanmar requires such data for achieving the purposes of use specified in 1.(3) above, and will promptly delete the same when such data is no longer necessary.
(5) Third Party Transfer
Yanmar may provide the Customers’ personal data to third parties such as the subsidiaries and affiliates of Yanmar, dealers, retailers, cloud vendors and contractors of Yanmar, etc., under appropriate safeguards under GDPR to implement the purposes of use specified above. Such third parties which Yanmar may provide Customer’s personal data include those located in countries (including, without limitation, Japan) outside the EEA, and the Customers are deemed to have consented to the following matters by consenting to this Privacy Policy:
- Certain countries outside the EEA may not be furnished with the same level of data protection laws as the EEA, thus part of the rights granted to Customers within the EEA may not be available;
- Customers’ personal data may be provided and processed for the purposes specified in 1.(3) above; and
- Customers’ personal data may be provided to third parties located in a country outside the EEA.
In addition to the above, if Yanmar is to transfer the Customer’s personal data to a third party located in a country outside the EEA, the Company will ensure that adequate measures are taken concerning the protection of the Customers’ personal data such as by executing standard contract clauses based on the GDPR.
(6) Disclosure, Correction, And Other Procedures Concerning Personal Data
The Customers are entitled with the rights to access to, request for correction, request for deletion, request to limit the processing, object to the processing, and request for data portability, with regards to the personal data retained by Yanmar pursuant to the provisions of relevant laws and regulations. Such requests shall be attended to the contact point set forth in “5. Contact” as per below.
Yanmar may refuse the Customers’ request if Yanmar deems that there is no basis for such request or if the request is deemed excessive.
The Customers may file objections to the data protection authorities having jurisdiction over the location of the Customers’ domicile with regards to the processing of their personal data by Yanmar.
(7) Unsubscribing From Direct Marketing
If Customers wish to unsubscribe from Yanmar’s direct marketing, such Customers should contact the contact point set forth in “5. Contact” below.
(8) Usage of Access Log Information and Cookies
Our website uses cookies for the purpose of improving our website.
For further information, please refer to the Cookie Policy.
(9) Social Media Features
Yanmar’s site may also include social media or lead generation features, such as Facebook or Twitter buttons and widgets, such as the share this button. These features may collect the Customer’s IP address, which page the Customers are visiting on Yanmar’s site and may set a cookie to enable the feature to function properly. Social media and lead generation features and widgets may be hosted by a third party. The Customer’s interactions with these features and widgets are governed by the privacy policy of Yanmar providing it.
(10) Scope of Privacy Policy
This Privacy Policy applies to Yanmar, unless a different privacy statement in a specific service or company of Yanmar applies. Other websites that may be accessible through this website have their own privacy statements.
2. Safety Management Measures
In order to protect the personal data from unauthorized access and loss etc., taking into account the type of personal data, the degree of sensitivity and the degree of affect to the Customers including economic influence and mental harm in case the personal data is unlawfully infringed, Yanmar has comprehensively evaluated and judged the risks of personal data infringement, and has implemented necessary and appropriate personal, organizational and technical safety management measures in accordance with such the risk of personal data infringement, and further, will review such safety management measures as necessary, set up the process for taking corrective actions, and constantly make effort to improve its security.
Yanmar will make effort to appropriately manage personal data by restricting the entry of outsiders into the offices where the processing of personal data takes place, conducting educational awareness raising activities targeting all officers and employees involved in the protection of personal data, and appointing managers in charge for each division which processes personal data.
If Yanmar, in its role as a Controller, contracts a Processor, Yanmar shall select a Processor which is capable of implementing appropriate technical and organizational measures and shall manage such Processor in an appropriate manner.
Pursuant to the GDPR, Yanmar shall prepare records of the processing of personal data.
3. Continuous Improvement
Yanmar shall continuously review and revise its efforts regarding the processing of personal data in order to correspond with changes in the GDPR, processing methods and the environment.
4. Amendment to this Privacy Policy
Yanmar may amend this Privacy Policy at any time. The Customers who continue to use the service shall be deemed to have consented to the amended Privacy Policy.
5. Contact
Yanmar’s contact point regarding this Privacy Policy is as shown below. Any questions or concerns regarding this Privacy Policy or the processing of personal data by Yanmar, or any requests concerning access, correction, deletion, limitation of processing or data portability of the personal data may be directed to the Customers may contact Yanmar through the contact form of this website.
* The European Economic Area (the “EEA”) comprises the following countries:
Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the UK.