This Privacy Policy sets out how Daimaru Matsuzakaya Department Stores Co. Ltd. ("we", "us" and "our") will process as a data controller the personal data of residents of the European Economic Area (the "EEA") [that we obtained through our establishments in Milan, Italy and Paris, France] to the extent the General Data Protection Regulation 2016/679 ("GDPR") applies to our processing of your personal data (such as where your personal data is processed in the context of any of our establishments in the EEA).
This Privacy Policy does not form any contractual relationship between you and us, and we may amend it from time to time.
1. LAWFUL PROCESSING
We will only process your personal data:
- (a) where you have given your consent (you may withdraw your consent at any time, by making a request using the contact details set out below);
- (b) where the processing is necessary for compliance with our legal and regulatory obligations; or
- (c) where the processing is necessary for our legitimate interests such as to respond to a request from you (or your employer); to trade with or maintain our relationship with you (or your employer); or to communicate with you (or your employer) for potential business opportunities.
2. WHAT PERSONAL DATA WE COLLECT ABOUT YOU
2.1 We may process the following types of personal data about you:
- (a) Name
- (b) Email address, telephone number and other contact details
- (c) The name of the company you are representing;
- (d) Details of your preferences for types of marketing events or materials; and
- (e) Your messages, feedback or contributions to surveys and questionnaires.
2.2 It is not mandatory for you to provide us with your personal data; however, if you don't, we will be unable to communicate with you to maintain our relationship with you (or your employer), to trade with you (or your employer) or discuss potential business opportunities with you (or your employer).
2.3 We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all of your personal data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware that we have inaccurate personal data relating to you. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
3. HOW WE COLLECT PERSONAL DATA.
We collect your personal data directly from you.
4. HOW WE USE PERSONAL DATA
We will process your personal data for the following purposes:
- (a) to contact you for potential business opportunities;
- (b) to contact you to order products or services from you/your employer;
- (c) to respond to your/your employer's messages or posts to us;
- (d) to manage transactions with you/your employer (such as invoicing);
- (e) to comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies; and
- (f) to comply with court orders and exercise and/or defend our legal rights.
5. INTERNATIONAL TRANSFERS OF PERSONAL DATA
Your personal data may be transferred to (including accessed in or stored in) Japan which is outside the EEA. The European Commission has not yet confirmed that Japanese law offers the same level of protection of personal data as are enjoyed within the EEA. In accordance with the GDPR, we will obtain your consent to such international transfers.
6. WHEN WE MAY DISCLOSE YOUR PERSONAL DATA
We do not and will not sell, rent out or trade your personal data. We will only disclose your personal data to the following recipients:
- (a) to J. Front Retailing Co., Ltd. which is our parent company based in Japan for the same purposes as described above;
- (b) to data processors who provide administrative services for us such as customs service providers, import/export agents and IT solution providers.
- (c) to any third party to whom we assign or novate any of our rights or obligations;
- (d) to any prospective buyer in the event we sell any part of our business or assets; and
- (e) to any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.
7. HOW WE PROTECT YOUR PERSONAL DATA
We are committed to safeguarding and protecting your personal data and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect your personal data from accidental or unauthorised destruction, loss, alteration, disclosure or access.
8. YOUR RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT
8.1 Under the GDPR, you may have the following rights in relation to our processing of your personal data. The rights available to you depend on the reason for processing your personal data and other circumstances and those rights may include:
- (a) The right of access to your personal data;
- (b) The right to have personal data rectified;
- (c) The right to have personal data erased;
- (d) The right to restrict processing;
- (e) The right to object to the processing of personal data;
- (f) The right to withdraw consent; and
- (g) The right to make a complaint to a competent supervisory authority.
8.2 When you exercise your rights, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.
9. HOW LONG WE WILL HOLD YOUR PERSONAL DATA FOR
We will delete your personal data promptly in the event that we no longer need to hold your personal data unless otherwise agreed with you or we are required to retain your personal data for legal or auditing purposes.
10. DIRECT MARKETING
If you tell us that you do not wish us to provide you with information about our products or services and other marketing materials, we will not contact you further for the purpose of direct marketing. You can contact us using the contact details set out below.
11. USE OF COOKIES
A "cookie" is a small text file that is stored on a user's hard drive or mobile device. Cookies are generated by web servers when the user enters an internet page, and are passed to the user's computer or mobile device and stored for subsequent future access. They perform a number of functions associated with browsing websites and are used for a variety of different purposes, such as tracing users from page to page on an internet site. This can enhance a user's experience on a website, enabling the site to be personalised according to e.g. a user's preferences and browsing activities.
For more information about how we use cookies, please read our privacy policy
https://www.j-front-retailing.com/english/privacy.html
12. HOW WE UPDATE OR CHANGE THIS PRIVACY POLICY
We may change or update parts of this Privacy Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Policy so you are fully aware of any changes or updates. The "Last Updated" legend below indicates when this Privacy Policy was last changed.
13. HOW YOU CAN CONTACT US
If you have any queries about the contents of this Privacy Policy or your personal data, or wish to make a request in relation to your personal data, please contact us using the details set out below:
Email: gdpr@jfr.co.jp
14. HOW TO LODGE A COMPLAINT TO THE SUPERVISORY AUTHORITY
If you have concerns, please contact us using the contact details set out above and we will respond. If you are dissatisfied with our response and you still consider that we have breached your data protection rights you can lodge a complaint with a competent supervisory authority in each EEA member state.
Last Updated: 15June 2018