Privacy Statement of the HEISHIN Group
HEISHIN Ltd. and its group companies (hereinafter referred to as the "HEISHIN") take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations, in particular and including the EU General Data Protection Regulation (GDPR).
The following gives an overview of what happens to your personal information when you use our website. Personal data is any data with which you could be personally identified (such as name, email address, phone number, etc.).
Who is responsible (Controller) for the data processing for this website?
The Controller for the data processing on this website is:
1-1-54, Misakihommachi, Hyogo-ku,
Kobe-shi, Hyogo 652-0852 Japan (HEISHIN Head Office)
Controller is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data as set out in Art.4 lit.7 GDPR.
How your data is collected, stored, and how it is used and for what purposes.
a) When visiting our website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is automatically collected and stored until it is deleted automatically:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- Website from which access is made (so-called "Referrer URL"),
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The data as described above will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- Ensuring comfortable use of our website,
- Evaluation of system security and stability as well
- For further administrative purposes.
The legal basis for data processing is Art.6 par.1 lit. f GDPR. Our legitimate interest derives from the data collection purposes listed above. We will not use the collected data for the purpose of drawing conclusions about your identity.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
c) Google Analytics
For the purpose of customizing and continually optimizing our pages, we use Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (hereinafter referred to as "Google").
Google Analytics uses so-called "cookies", text files that are stored on your computer and that allow an analysis of the use of the website by you. In this context, pseudonymised usage profiles are created and cookies are used. The information generated by the cookie about your use of this website such as
- browser type / version
- used operating system,
- Referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- Time of the server request
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install:
d) By using our contact form or inquiries by E-Mail
If you have any questions, we offer you to contact us via a form provided on the website or via our E-Mail address. In addition to your name, it is necessary to enter a valid E-Mail Address so that we know who the request came from and to answer it. Further information can be provided voluntarily. We use the information you provide to respond to your inquiries or to provide the products or services you have requested from us.
e) By exchanging and receiving your business cards
Based on business conversations, visits, exhibitions and exchanges of business cards, we may store your contact details consisting of your name, E-Mail address, company information, position and phone number in our system in order to serve you in the best possible way in the future.
In these cases, data processing takes place in accordance with Art.6 par.1 lit.a GDPR on the basis of your voluntarily granted consent or according to Art.6 par.1 lit.b GDPR (execution of contract or pre-contractual measures) or Art.6 par.1 lit.f GDPR (for the protection of our legitimate interest or the legitimate interest of a third party unless your interest predominates).
Disclosure of your data to third parties
a) Transmission of data to other controllers
Your personal data will only be transmitted by us to other third parties such as distributors and similar contractors if this is necessary for the fulfillment of the contract, if we or the third party have a legitimate interest in passing on your data or if you have given consent to it. Details of the legal grounds can be found in the subsection "Legal grounds for Transmission".
HEISHIN does not collect any personal data that has been made available to us through our website in order to disclose or sell it to third parties for their marketing purposes or to use it for host mailings made on behalf of third parties.
b) Transmission to service providers
We engage external service providers with tasks such as programming or data hosting. We have carefully selected these service providers and monitor them regularly, in particular their careful handling and safeguarding of the data stored with them. All service providers are obliged by us to confidentiality and compliance with legal requirements.
Legal grounds for Transmission
We will not transmit your personal data to third parties for purposes other than those listed below.
We only share your personal information with third parties if:
- you have given express consent according to Art.6 par.1 lit.a GDPR
- it is legally permissible according to Art.6 par.1 lit.b GDPR and it is required for the settlement of contractual relationships with you,
- disclosure pursuant to Art.6 par.1 lit.f GDPR is necessary for asserting, exercising or defending legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
- In the event that disclosure pursuant to Art.6 par.1 lit.c GDPR is a legal obligation.
Transfer to recipients outside the EEA
HEISHIN may also transfer personal information to recipients located outside the EEA in so-called Third countries. In this case, we ensure that the recipient has either an adequate level of data protection prior to distribution, e.g. due to a decision on adequacy of the EU Commission for the respective country under Art.45 par.3 GDPR or based on the agreement of so-called EU Standard contractual clauses of the European Union (SCC) with the recipient according to Art.46 par.2 lit. c GDPR or your consent to the disclosure or other exceptions according to Art.49 GDPR.
What rights do you have regarding your data?
You have the right:
- in accordance with Art.15 GDPR, to request information about your personal data processed by us. In particular, you will be provided with information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of the right to complain, the source of their data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, significant information about their details;
- in accordance with Art.16 GDPR, to immediately demand the correction of incorrect or to complete personal data stored with us;
- in accordance with Art.17 GDPR, to demand the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of speech and information, for the fulfillment of a legal obligation, for reasons of public interest or for the assertion, exercise or defense of Legal claims is required;
- in accordance with Art.18 GDPR, to demand the restriction of the processing of your personal data, as far as
- the accuracy of the data is disputed by you;
- the processing is unlawful, but you reject its deletion;
- we no longer need the data, but you need it for asserting, exercising or defending legal claims or;
- you filed an objection against the processing in accordance with Art.21 GDPR;
- in accordance with Art.20 GDPR, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another person responsible;
- in accordance with Art.7 par.3 GDPR, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
- to complain to a supervisory authority pursuant to Art.77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
As a matter of principle, we store your data as long as necessary for the provision of our online service and associated services or we have a legitimate interest in the further storage. In all other cases, we will delete your personal information except for those we must retain in order to comply with legal obligations (for example, we may be required to maintain records for a certain period due to tax and commercial retention requirements, e.g. contracts and invoices).
Technical and organizational security measures
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Please note that data transmission over the Internet (for example, when communicating via e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
Last Update 18.09.2020