December 13, 2021
NEC Corporation and NEC Group companies (hereinafter, “the Company”) shall handle personal data within the Company as described in this document.
1. Controller of Personal Data
Company name: NEC Corporation
Means of contact: Controller firstname.lastname@example.org
2. Administrator of Personal Data Protection
Job title: Digital Workplace Manager, Business Process and IT Control Division, NEC Management Partner, Ltd.
3. Purposes of Use and Legal Basis for Processing
- - To internally share information, collaborate, authenticate users, manage access permissions, as well as record and examine availability and usage details, including the content of chats and other communications
- - To manage all matters concerning information security
- - To manage projects, communication, cooperation, contract fulfillment, facilities, equipment, and other aspects of the Company’s business
- - To identify and search for individuals in communications between users of this service
- - To respond to inquiries and requests
- - To provide better solutions through activities, including analysis of user needs and development of services
- - To gain insight into availability and analyze trends
The legal basis for processing your personal data is your freely granted consent to do so through your acceptance of this policy, and if necessary, the Company’s legitimate interest in responding to your requests or in entering a contractual relationship for commercial purposes in the future.
4. Categories of Personal Data
Personal data handled by the Company may include account information, name, e-mail address, profile image (facial photo, etc.)
5. Sharing of Personal Data
Within the scope of the purpose of use, the handling of your personal data may be outsourced to the Company, our partners, cloud service providers and other organizations who have entered into contract with the Company.
The Company implements security measures to ensure that your personal data is always protected in accordance with applicable regulations.
6. Overseas Transfer of Personal Data
(1) Third country transfers
Your registered personal data will be transferred to Japan or other third country. (See here for details)
(2) Adequacy decision
Japan has been given an adequacy decision by the European Commission and the United Kingdom that indicates an adequate level of data protection for personal data.
7. Rights of Data Subjects
Data subjects may contact the controller at the aforementioned e-mail address to exercise the following rights with regards to their personal data:
- - the right to access, rectify and erase personal data, and restrict processing
- - the right to lodge a complaint about the processing of personal data
- - the right to data portability, which allows the data subject to obtain their personal data in readable format and reuse it for their own purposes across different services
- - the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal
- - the right to lodge a complaint with a supervisory authority, if it exists, in the country or region where the data subject resides
8. Voluntary Provision
Provision of personal data is neither a legal or contractual requirement, nor is it a requirement for the conclusion of a contract. You are under no obligation to provide personal data. If you choose not to provide the data, however, the Company may be unable to respond to your inquiries.
9. No Automated Individual Decision-making or Profiling
The Company may analyze access logs related to the service, but it will not use personal data for automated decision-making or profiling to analyze personal preferences, behavior, or other aspects of an individual to make predictions or decisions that can have substantial impact on that individual.
10. Retention Period
Personal data will be stored for no longer than is necessary for the purposes for which it was intended.
11. Acquisition of Unidentifiable Personal Data
Depending on the browser or application, you can change the settings to turn off cookies, but by doing so, some features of the service may become unavailable.
12. Encrypted Communication
This service uses TLS-based encrypted communication to protect personal data.
13. Security for Data Protection
Personal data acquirers will implement appropriate technical and organizational measures to ensure that the level of protection is commensurate with the risk.