This Privacy Notice (this “Privacy Notice”) describes how Nisshin Seifun Welna Inc. (“we,” “us,” or “our”) processes personal data of our customers (“you” or “your”) subject to the EU General Data Protection Regulation (the “GDPR”) and the UK General Data Protection Regulation (the “UK GDPR”).

1. What Personal Data Do We Collect?

We collect the following personal data about you directly from you or from related documents (including business cards, or otherwise): your name, company name, department name, job title, country name where your company is located, postal address, email address, phone number, and information contained in questionnaire form. In addition, we may also automatically collect, store, and use technical information about your device and your interaction with our websites, including your location data, cookies, and your IP address.

2. How Do We Use Your Personal Data?

We may use your personal data for communication, marketing, and business development purposes. We may also use your personal data for purposes necessary for us to perform the contract with you or your company. Finally, we may also use your personal data to monitor compliance with applicable laws, to gather evidence for the establishment, exercise or defense of legal claims, and to prevent fraud, any criminal conduct or any conduct that may result in criminal offence or convictions, and unlawful use of our workplace and our office equipment. For more information on how we use cookies, please refer to our Cookie Policy.

3. Lawful Basis for Processing

We may process your personal data where we need to comply with a legal obligation. We may also process your personal data where this is necessary to meet our contractual obligations with you or the company you represent. We may also process your personal data where processing your personal data is necessary for a legitimate interest pursued by us or a third party, except where your interests and fundamental rights override our legitimate interest. We may also process your personal data based on your effective consent and/or where processing your personal data is necessary in order to take steps at the request of the data subject prior to entering into a contract.

4. Disclosure of Your Personal Data

We may disclose your personal data to our group companies (“Group Companies”). We may also disclose your personal data to a third-party cloud service provider which we partner with for management purposes. Our Group Companies and the said service provider will be subject to appropriate data protection obligations, and they will only process your personal data mentioned in this Privacy Notice for the purposes it describes above.

5. Cross Border Transfer of Your Personal Data

In disclosing your personal data to a third party, we may transfer your personal data to countries outside your country of residence. These countries may not have personal data protection laws as comprehensive as those that exist in your country of residence, and the same level of protection as that set forth in the personal data protection laws in your country may not necessarily be guaranteed. When we transfer your personal data to third parties outside the European Economic Area or the UK, we will process your personal data in accordance with applicable laws and regulations, and we will ensure that:

• (a) we will transfer your personal data to the third party based on the adequacy decision granted by the European Commission or the Information Commissioner’s Office;
• (b) if GDPR requires appropriate safeguards to be put in place, we will transfer your personal data to the third party that has executed the EU standard contractual clauses approved by the European Commission in Commission Decision 2021/914 dated 4 June 2021, as may be amended, superseded or replaced; and
• (c) if UK GDPR requires appropriate safeguards to be put in place, we will transfer your personal data to the third party that has executed the international data transfer agreement or the UK addendum to the EU standard contractual clauses approved by the UK Parliament and came into force on 21 March 2022, as may be amended, superseded or replaced.

6. How Long Do We Keep Your Personal Data?

We will store your personal data for the period necessary to achieve the purpose described in this Privacy Notice as well as necessary to comply with the applicable laws and regulations. The period is determined in consideration of the purposes of the processing of your personal data and the legal or business necessity of storage of personal data and the applicable legal requirements.

7. Security of Your Personal Data

We use appropriate, commercially reasonable physical, electronic, and procedural safeguards to protect your personal data from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction.

8. Your Rights

You have the right to access, review, correct, delete, or inquire about personal data that we hold about you. You also have a right to oppose or limit the collection and processing of your personal data as described in this Privacy Notice, and the right to data portability. When the processing is based on your consent, you also have the right to withdraw your consent. However, please note that we may still be entitled to process your personal data if we can rely on another legal ground for doing so. If you are unhappy with the way we process your personal data, you can lodge a complaint with the competent data protection authority of the EU Member State or the Information Commissioner’s Office. You also have the right to an effective judicial remedy.

9. Contact Us

If you would like to exercise your rights, or have any questions about our Privacy Notice, your rights under our Privacy Notice, or any other issue regarding the protection of your personal data, you can email us at welna_global_inquiry@nisshin.com

• Contact details of our Representative in the European Economic Area.
  TMI Avocats & Associés
  40 avenue Niel, 75017, Paris, France
  E-mail: NisshinSeifunWelna_EUrep@tmi.gr.jp
• Contact details of our Representative in the UK.
  TMI Associates London LLP
  CityPoint One Ropemaker Street, London EC2Y 9SS, United Kingdom
  E-mail: NisshinSeifunWelna_UKrep@tmi.gr.jp

10. Changes to this Privacy Notice

We may modify this Privacy Notice from time to time. If we modify this Privacy Notice, we will inform you through our website.