PRIVACY POLICY

1. About this Policy

This Policy applies to the processing of your personal data by Shimadzu Corporation (the “Company,” “we,” “our,” or “us”).

2. Definitions

In this Policy:

(a)   “Personal Data” means any information relating to an identified or identifiable natural person;
(b)   b) “Process/Processing” means any activity or operation that is carried out in respect of Personal Data, such as collecting, storing, using, transferring, or erasing it; and
(c)   c)“You” or “your” means an identified or identifiable natural person by Personal Data Processed by us, including our or our subsidiary’s customers, employees, cooperating companies or people in charge therein, shareholders, and investors. 

3. How We Collect Your Personal Data

We may collect information that you provide to us, whether by means of a form on our website, by email, in a letter, or otherwise, such as your name, address, email address, telephone number, fax number, workplace information, division and department, title, position, name of your contact group or organization, technical rank, password, details of your inquiry, information on whether we can send you direct mail, etc., products or fields in which you are interested, campaign codes, consent to acquisition or use of cookies, feedback to our website, etc.

We may also receive relevant information from our distributors, agents and other third parties, such as your name, address, email address, telephone number, workplace information, division and department, name of your contact group or organization, commercial negotiation or transaction status, commercial negotiation or transaction history, details of your inquiry, information on whether we can send you direct mail, etc., history of your participation in exhibitions, seminars, etc., information on a device that you use, history of your access to our and our subsidiaries’ websites, etc.

When you visit our website, we may automatically collect the materials that you access, your download history, traffic data, location information, log, language information, dates and frequency of access, other communication information (including IP address, operating system, host domain, and type of browser), information on your computer and internet connection, and URLs of reference sources (“Communication Information”).

If you are our or our subsidiary’s employee, we may collect your name, email address, user ID, photo, address, telephone number, fax number, workplace information, division and department, schedule, attendance status, passport information, signature, etc. (“Employee Information”), as well as your login history, history of sending and receiving emails, certification log, email archive, history of use of Office 365 (email, SharePoint, Teams, Forms, etc.), if you use Office 365 (“System Information”).

4. Purposes of Processing Personal Data

We use the Personal Data that we hold about you for the purposes set forth below. We will use your Personal Data only to the extent necessary to fulfill these purposes:

(a)   to address your request or perform an agreement with you;
(b)   to contact you (including to address your inquiry);
(c)   to confirm the location where a device is installed, etc.;
(d)   to announce our and our subsidiaries’ exhibitions, seminars, products, services, etc.;
(e)   to conduct market research and develop new products and/or new services;
(f)   to manage the device maintenance history;
(g)   to collect quality information and provide feedback for development and/or manufacturing, etc.;
(h)   to improve our website;
(i)   to analyze your behaviors;
(j)   to share transaction information within the Company and our subsidiaries;
(k)   to ensure the security of our website;
(l)   to issue a notice of a change in our services or website;
(m)   for our employees to use Office 365 (email, SharePoint, Teams, Forms, etc.);
(n)   to manage personnel and labor matters for our employees (provision of trainings, acquisition of visas, participation in meetings, etc.);
(o)   to engage in any public relations activities in and outside of the Company;
(p)   to hold and record meetings with shareholders and investors;
(q)   to comply with any laws and regulations applicable to us;
(r)   to cooperate with relevant governmental authorities and agencies, including competent data protection authorities and those that are engaged in administrative or criminal investigations; and
(s)   to establish, exercise or defend legal claims.

5. Disclosure of Personal Data to Recipients and Joint Use of Personal Data

We may share your Personal Data with the following categories of recipients:

(a)   Subsidiaries: We may disclose your Personal Data to our subsidiaries.
(b)   Employees: We may disclose your Persona Data to our employees who have the authority and necessity to access the Personal Data.
(c)   Service providers: We may disclose your Personal Data to service providers, such as IT service providers, consultants, etc.
(d)   Contractors, distributors, and agents: We may disclose your Personal Data to our contractors, distributors, and agents.
(e)   Business successors: We may disclose your Personal Data to persons that succeed to our business due to an organizational restructuring, business transfer, etc.

We may otherwise disclose your Personal Data to any third party other than those set forth above, including public agencies, if such disclosure is required to achieve the purposes for which you provided Personal Data to us or other purposes that we specify when obtaining consent or Personal Data from you, and to the extent necessary to comply with any laws and regulations applicable to us, to cooperate with relevant governmental authorities and agencies, or to establish, exercise or defend legal claims.

Under Japanese law, we may use the joint use framework under the Act on the Protection of Personal Information to share with our subsidiaries (including those subsidiaries located outside Japan) and your relevant agent, your name, address, email address, telephone number, signature, name of your contact group or organization, commercial negotiation or transaction history, details of your inquiry, information on whether we can send you direct mail, etc., history of your participation in exhibitions, seminars, etc., information on a device that you use, history of your access to our and our subsidiaries’ websites, for the purposes referred to in Section 4(a) to (l) above.

In addition, if you are a cooperating company (including a vendor, a contractor of manufacturing, a contractor of service, a receiver of our orders for services, etc.) or a person in charge therein, we may share your name, address, email address, telephone number, name of your contact group or organization, and transaction history with our subsidiaries (including those subsidiaries located outside Japan) for the purpose referred to in Section 4(j) above.

If you are our employee, we may share your Employee Information and System Information with our subsidiaries (including those subsidiaries located outside Japan) for the purposes referred to in Section 4(a), (b), (d), (e), (g), (j), (m), (n), (o), (p), (q), (r), and (s) above.

In these cases, we will be the party responsible for the management of your Personal Data. Please refer to Section 11 below for our address and the name of our representative, and other information.

6. Provision of Your Personal Data Outside Japan

Your Personal Data may be provided to third parties outside Japan, such as our subsidiaries located outside Japan, etc. The names of the countries other than Japan (excluding those countries provided by the Enforcement Rules for the Act on the Protection of Personal Information as foreign countries which have systems to protect personal information that are found to be on the same level as those of Japan in protecting personal rights and interests) where third parties to which we may provide your Personal Data are located (excluding those third parties which have established systems meeting the standards provided by the Enforcement Rules for the Act on the Protection of Personal Information), and information regarding the legislation to protect personal information in these countries are as set forth below. The third parties to which we may provide your Personal Data take all measures corresponding to the 8 Principles under the OECD Privacy Guidelines.

United States of America (federal legislation): https://www.ppc.go.jp/files/pdf/USA_report.pdf

United Arab Emirates (federal legislation): https://www.ppc.go.jp/files/pdf/arab_report.pdf

India: https://www.ppc.go.jp/files/pdf/india_report.pdf​

Commonwealth of Australia: https://www.ppc.go.jp/files/pdf/australia_report.pdf

Canada: https://www.ppc.go.jp/files/pdf/canada_report.pdf​

Republic of Singapore: https://www.ppc.go.jp/files/pdf/singapore_report.pdf​

Swiss Confederation: https://www.ppc.go.jp/files/pdf/switzerland_report.pdf​

Republic of Korea: https://www.ppc.go.jp/files/pdf/korea_report.pdf

Taiwan: https://www.ppc.go.jp/files/pdf/taiwan_report.pdf

People’s Republic of China: https://www.ppc.go.jp/files/pdf/china_report.pdf

Republic of Turkey: https://www.ppc.go.jp/files/pdf/turkey_report.pdf​

Republic of Philippines: https://www.ppc.go.jp/files/pdf/philippin_report.pdf

Federative Republic of Brazil: https://www.ppc.go.jp/files/pdf/brazil_report.pdf

Socialist Republic of Viet Nam: https://www.ppc.go.jp/files/pdf/vietnam_report.pdf

Hong Kong: https://www.ppc.go.jp/files/pdf/hongkong_report.pdf​

Malaysia: https://www.ppc.go.jp/files/pdf/malaysia_report.pdf​

Russian Federation: https://www.ppc.go.jp/files/pdf/russia_report.pdf

Republic of South Africa: https://www.ppc.go.jp/files/pdf/south_africa_report.pdf

Oriental Republic of Uruguay: https://www.shimadzu.co.jp/sites/shimadzu.co.jp/files/attention/uruguay_report.pdf

Republic of North Macedonia: https://www.shimadzu.co.jp/sites/shimadzu.co.jp/files/attention/north_macedonia_report.pdf

Republic of Serbia: https://www.shimadzu.co.jp/sites/shimadzu.co.jp/files/attention/serbia_report.pdf

Bosnia and Herzegovina: https://www.shimadzu.co.jp/sites/shimadzu.co.jp/files/attention/bosnia_report.pdf

7. Storage Period for Personal Data

We will retain your Personal Data that we collect for the period necessary to Process such Personal Data. For example, your membership information regarding services on a members-only website will be retained until you cancel your membership, and your access log will be retained for 18 months. However, this does not apply if we are required by laws or regulations to retain your Personal Data for a longer period of time, in which case, we will retain it for the period required by laws or regulations.

8. Your Rights

You have a number of legal rights in relation to the Personal Data that we hold about you. These rights may vary depending on where you are located and which data protection laws apply to the relationship between you and us, but they typically include the following:

(a)   right to obtain information regarding Processing of your Personal Data and to access the Personal Data that we hold about you;
(b)   right to request that we correct your Personal Data if it is inaccurate or incomplete;
(c)   right to request that we erase your Personal Data in certain circumstances;
(d)   right to request that we restrict our Processing of your Personal Data in certain circumstances;
(e)   right to object to our Processing of your Personal Data;
(f)   right to request that you receive your Personal Data in a structured, commonly used, and machine-readable format and/or that we directly transmit such Personal Data to a recipient where this is technically feasible; and
(g)   right to withdraw your consent to our Processing of your Personal Data at any time.

You may exercise any of your rights by contacting us at our contact pointset forth in Section 11 below. You also may lodge a complaint with the data protection authority if you believe that any of your rights has been infringed by us.

9. Security Control Measures

We take necessary and appropriate measures to prevent any leakage, loss of, or damage to, your Personal Data to be Processed and to otherwise control the security of personal information, such as clarification of the person responsible for or the person in charge of Processing of Personal Data, regular self-inspection of the Processing status of Personal Data, establishment of a system to report leakage, etc., formulation of rules on Processing, regular training of employees regarding Processing of Personal Data, management of entries into and exits from facilities, prevention of theft or loss of equipment for Processing Personal Data, appropriate discarding of Personal Data, ensuring the security of the systems and devices used, and implementation of access controls, etc. We also exercise appropriate supervision over our contractors and employees who Process Personal Data, and if we handle personal information outside Japan, we grasp the country’s legislation to protect personal information and take appropriate security control measures.

10.Use of Cookies

Please refer to the Cookie Policy regarding the use of cookies, etc., on our website.

11.Contact Point

If you have any questions about this Policy, your rights, or any other matter relating to the protection of personal information, please contact us at the following contact point:

(a)   Address of head office: 1, Nishinokyo Kuwabara-cho, Nakagyo-ku, Kyoto-shi 604-8511
(b)   Name of representative: Yasunori Yamamoto
(c)   Responsible department: IT Strategy Unit, DX·IT Strategy Management Department, Shimadzu Corporation
(d)   Email address: mail
(e)   Telephone number: 075-823-1278
(f)   FAX: 075-823-2091

For Those in the EEA and the UK

This section applies to those in the European Economic Area (the “EEA”) and the UK. This section supplements our “Privacy Policy” (the “Policy”), and if there is any conflict between any provision in this section and the provisions of the Policy, the provision of this section shall prevail.

1. Legal Basis

We Process your Personal Data on the legal basis set forth below.

(a)   Contract. Where the Processing of your Personal Data is necessary to perform a contract we enter into with you or take any measures before entering into a contract according to your requests. The Processing of your Personal Data conducted by us based on the contract includes that conducted for the purpose of providing you with information, products, and services that you request from us based on a contract that we enter into with you.
(b)   Legitimate interests. Where the Processing of your Personal Data is necessary for legitimate interests pursued by us or a third party, and your interests or fundamental rights and freedoms do not override those interests. The Processing of your Personal Data conducted by us based on the legitimate interests includes that conducted for the following purposes:
 
  • to show the contents of the website in the most effective manner for you or your computer;
  • to allow you to use the interactive functions of our services when you wish to do so;
  • to ensure the security of the website;
  • to provide you with technical support and to improve the relevant websites and services;
  • to provide you with information that you request to address your inquiry;
  • to announce a change in our services or website;
  • if you are an existing customer, to contact you to provide you with information regarding products and services that are similar to those products and services that were previously subject to sale or negotiations for sale (including contact by email and SMS); or
  • to disclose your Personal Data to a person that succeeds to our business due to a business transfer, merger, consolidation, change of control, transfer of material assets, restructuring, liquidation, or any other organizational restructuring.
The legitimate interests which we rely on include conducting our business, increasing our sales, and ensuring our security. You may obtain further details about legitimate interests by contacting us at our contact pointset forth in Section 11 of the Policy.
(c)   Consent. Where we obtain your consent. The Processing of your Personal Data conducted by us based on your consent includes the Processing for the purpose of providing you with information regarding products or services in which you seem to be interested. If you do not wish to allow us to use your Personal Data in such manner, you are requested to refuse to give us consent when we request your consent in a form used by us to collect your Personal Data, or to withdraw your consent by sending an email containing your request to mail. The withdrawal of your consent will not affect the lawfulness of Processing performed based on the consent before your withdrawal.
(d)   Legal obligation. Where the Processing of your Personal Data becomes necessary in order to comply with a legal obligation to which we are subject. The Processing of your Personal Data conducted by us based on our legal obligations includes the Processing for the purpose of complying with tax law and other laws applicable to us.

2. Transfer of Personal Data Outside the EEA or the UK

Your Personal Data may be transferred to, and stored by, a third party outside the EEA or the UK. The countries in which such third party is located include not only Japan but also the countries listed in Section 6 of the Policy.

Where we transfer your Personal Data to a third party outside the EEA or the UK, we will ensure that:

(a)   the recipient’s country/region has been found by the European Commission or has been designated by the government of the UK as ensuring an adequate level of protection for the rights and freedoms that you possess in respect of your Personal Data; or
(b)   the recipient enters into standard data protection clauses that have been approved by the European Commission, or other contracts for the transfer of Personal Data as required by data protection laws, with us.

You can obtain further details of the protection given to your Personal Data when it is transferred outside the EEA or the UK by contacting us, using the information about us set forth in Section 11 of the Policy.

3. EU/UK Representative

You may contact our EU/UK representative by postal mail addressed to the contact point below:

EU representative
Name: Shimadzu Europa GmbH
Address: Albert-Hahn Str. 6-10, 47269 Duisburg, Germany

UK representative
Name: SHIMADZU UK Limited
Address: Unit 1A, Mill Court, Featherstone Road
Wolverton Mill South, Milton Keynes MK12 5RD, U.K.

For Those in California (Addendum for California Consumer Privacy Act)

Last Update:[3/21/2024]

If you are a California resident, this Addendum for California Consumer Privacy Act (this “CCPA Addendum”) applies to you. This CCPA Addendum supplements our “Privacy Policy” (the “Policy”), and if there is any conflict between a provision of this CCPA Addendum and the provisions of the Policy, the provision of this CCPA Addendum shall prevail.

This CCPA Addendum uses certain terms that have the meanings given to them in the California Consumer Privacy Act (the “CCPA”), including:

  • “Personal Information,” which means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
  • “Sell,” “selling,” “sale,” or “sold,” which means, whether orally, in writing, or by electronic or other means, selling, renting, releasing, disclosing, disseminating, making available, transferring, or communicating your Personal Information by a business to a third party for monetary or other valuable consideration.
  • “Share,” “sharing,” or “shared,” which means, whether orally, in writing, or by electronic or other means, sharing, renting, releasing, disclosing, disseminating, making available, transferring or communicating your Personal Information by a business to any third party, for the purpose of cross-context behavioral advertising.

1. Our Collection, Use, and Disclosure of Your Personal Information

A. Categories, Sources, and Purposes of Your Personal Information Collected or to Be Collected

The table below describes the categories of your Personal Information that we collect or have collected during the last 12-month period.

Category of Personal Information Collected Example
Identifiers Name, address, email address, telephone number, fax number, user ID, passport number, workplace/division and department information, title, position, online identifiers, including IP address, Cookie ID, and advertising identifier.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Name, signature, address, phone number, passport number, social security number, health checkup results
Commercial information Commercial negotiation or transaction status, commercial negotiation or transaction history, details of your inquiry, information on whether we can send you direct mail, etc., history of your participation in exhibitions, seminars, etc., information on our products that you use, products or fields in which you are interested, campaign codes
Internet or other electronic network activity information Communication Information, System Information
Audio, electronic, visual, thermal, olfactory, or similar information Facial image
Occupation or employment information Division and department, title, position, technical rank, schedule, attendance status
Sensitive Information Passport number, social security number, health checkup results, user ID and password

Business or commercial purposes. The business or commercial purposes for which your Personal Information will be collected or used are as described in Section 4, “Purposes of Processing Personal Data” of the Policy.

Categories of sources. The categories of sources from which we collect your Personal Information are as follows:

  • collected directly from you;
  • collected from our distributors and agents; or
  • collected automatically through our website from your devices.

B. Sale and Sharing of Your Personal Information

(A) Sale and Sharing of Your Personal Information

The table below describes (i) the categories of the Personal Information which we have sold/shared; and (ii) that categories of third parties to which we have sold/shared the Personal Information, during the last 12-month period. 

Category of Personal Information Sold/Shared Example Third Parties to Which Personal Information was Sold/Shared During the Last 12-Month Period
Identifier Online identifiers, such as user ID, IP address, Cookie ID, and advertising identifier Advertising businesses
Internet or other electronic network activity information Communication Information, System Information Advertising businesses

Please note that we do not sell/share your Personal Information to obtain any monetary compensation or while knowing you are under 16 years old.

(B) Disclosure of Your Personal Information for a Business Purpose

The table below describes: (i) the categories of your Personal Information that we have disclosed for our business purposes; and (ii) the categories of third parties to which we have disclosed such Personal Information for our business purposes, during the last 12-month period.

                                                                 
Category of Personal Information Disclosed Example Third Parties to Which Personal Information Was Disclosed During the Last 12-Month Period
Identifiers Name, address, email address, telephone number, fax number, password, user ID, passport number, workplace information, division/department information, title, position Our subsidiaries, distributors, and service providers
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Name, signature, address,  phone number, passport number, social security number, health checkup results Our subsidiaries
Commercial information Commercial negotiation or transaction status, products or fields in which you are interested, details of your inquiry Our subsidiaries and service providers
Audio, electronic, visual, thermal, olfactory, or similar information Facial image Our subsidiaries
Internet or other electronic network activity information Communication Information, System Information Our subsidiaries, distributors, and service providers
Occupation or employment information Division and department, title, position, technical rank, schedule, attendance status Our subsidiaries, distributors, and service providers

2. Your Rights and Requests

If you are a California resident, you have certain rights regarding your own Personal Information, as described below. We may refuse your request in the event that any of the exemptions permitted by the CCPA apply:

I.   Right to Request Disclosure: You have the right to request that we disclose the following information to you:
(I)   The categories of Personal Information we collected about you;
(II)   The categories of sources from which we collected such Personal Information;
(III)   The business or commercial purposes for collecting or selling your Personal Information;
(IV)   The categories of third parties with whom we shared such Personal Information;
(V)   The categories of your Personal Information that we sold, and for each category identified, the categories of parties to whom we sold such Personal Information;
(VI)   The categories of your Personal Information that we disclosed for business purposes, and for each category identified, the categories of parties to whom we disclosed such Personal Information; and
(VII)   The specific pieces of the Personal Information we have collected about you.
II.   Right to Request Deletion: You have the right to request that we delete specific pieces of Personal Information that we have collected from you.
III.   Right to Request Correction: You have the right to request that we correct inaccurate information if the specific pieces of Personal Information that we have collected from you are inaccurate.
IV.   Right to Opt-Out of Sale and Sharing of Personal Information: You have the right to request that we cease the sale/sharing to third parties of the Personal Information that we have collected from you.
V.   Right to Limit Use of Sensitive Information: You have the right to request that we limit the use of your sensitive information that we have collected from you.

How to Submit a Request. To make each of these requests, please contact us using the information about us indicated in Section 11 of the Policy or the following toll-free number:

[ 1-877-225-1192 ]
*This is the telephone number for those in California only.

If we receive any opt-out preference signal from your device requesting us to cease the sale/sharing of Personal Information, we will promptly cease the sale/sharing of your Personal Information linked to such signal.

Verifying Requests. To help protect your privacy and maintain security, we will take steps to verify your identity before responding to your request for disclosing, deleting and correcting your Personal Information.

Upon receiving a disclosure, deletion or correction request from you, we first will verify your identity by requiring you to submit Personal Information you have provided us already (such as your name or e-mail address), and by matching the information you submitted with what we already have. If we are unable to verify your identity because you have not submitted this information, we may refuse your request.

If you use an authorized agent to make a disclosure, deletion or correction request on your behalf, we may require the agent to provide documents proving that you have given the agent signed permission to make the request. We also may require you to (i) verify your own identity directly with us; or (ii) directly confirm with us that you provided the authorized agent with permission to submit the request.

Additional Information. If you exercise any of your rights under the CCPA, you have the right not to receive discriminatory treatment from us.

Do Not Sell or Share My Personal Information
We are selling/sharing your Personal Information as set forth in “B. Sale and Sharing of Your Personal Information” in Section 1. of the CCPA Addendum.

If you wish to cease the sale/sharing of your Personal Information, please click here.  

You may also request us to cease the sale/sharing of your Personal Information via an application through the following web form:

[Inquiry Form link [SHIMADZU] Inquiry]

If we receive any opt-out preference signal from your device requesting us to cease the sale/sharing of your Personal Information, we will promptly cease the sale/sharing of your Personal Information linked to such signal.

3. Changes to this CCPA Addendum

We may change this CCPA Addendum from time to time. The date “Last Updated” at the top of this CCPA Addendum states when this CCPA Addendum was last updated. Any changes will become effective upon us posting the revised CCPA Addendum.

We will post a prominent notice on the site to notify you of any significant changes to this CCPA Addendum and indicate the date it was most recently updated.

4.Contact Point

If you have any questions or concerns regarding this CCPA Addendum or our privacy practices, please contact us using the information about us indicated in Section 11 of the Policy.

For Those in the Peoples’ Republic of China

This section applies to those in the Peoples’ Republic of China. This section supplements our “Privacy Policy” (the “Policy”), and if there is any conflict between any provision in this section and the provisions of the Policy, the provision of this section shall prevail.

We shall engage in personal information handling measures such as collection, retention, use, processing, transmission, provision, disclosure, and deletion in accordance with the Personal Information Protection Law of the Peoples’ Republic of China (hereinafter in this Section, the “Law”).

1. How We Handle Your Personal Information and Legal Requirements

We shall engage in personal information handling measures such as collection, retention, use, processing, transmission, provision, disclosure, and deletion in accordance with the Law. We shall only handle the personal information upon obtaining your consent, except for in the following events:

(1)   Where it is necessary for entering into a contract with you or performing a contract entered into with you;
(2)   Where it is necessary for performing any statutory duties or statutory obligations;
(3)   Where it is necessary for addressing any public health outbreak incidents or protecting the safety of any life, health, or property of any natural person in the case of an emergency;
(4)   Where the personal information is handled within a reasonable scope for engaging in acts in the public interest, such as reporting, or conducting supervision by public opinion;
(5)   Where it is the handling of personal information that was disclosed by the subject individual or otherwise lawfully disclosed within a reasonable scope in accordance with the provisions of the Law; or
(6)   Otherwise, where it is stipulated in laws or administrative regulations.

2. Processing of Sensitive Personal Information

In the case of handling sensitive personal information, we shall implement measures required under the Law such as notifying you of the necessity of handling sensitive personal information, and effects on individuals’ rights and interests.

Sensitive personal information means any personal information which, once leaked or used illegally, could easily cause the violation of the individuality and dignity of a natural person, or cause any physical harm or property damage to a person. We shall handle Communication Information and System Information as sensitive personal information. The necessity for handling Communication Information and System Information, and effects on individual rights and interests, are as follows:

Communication Information

Necessity for handling
It is necessary for us to handle your Communication Information to announce products and services, etc. in line with your needs.

Effects on individuals’ rights and interests
Your Communication Information is managed under appropriate security control measures, and the possibility of it having effects on individuals’ rights and interests due to leakage, etc. is limited.

System Information

Necessity for handling
It is necessary for us to handle your System Information in order to enable the use of Office 365 (email, SharePoint, Teams, Forms, etc.) by employees.

Effects on individuals’ rights and interests
Your System Information is managed under appropriate security control measures, and the possibility of incidence of effects on individuals’ rights and interests due to leakage, etc. is limited.

3. Provision of Personal Information

In the case we provide your personal information to third parties other than the outsourcees to which the handling of personal information is outsourced by us, we shall implement measures required under the Law, such as notifying you of such third parties’ names, contact methods, handling purposes, handling methods, and categories of personal information.

In the case we provide your personal information to third parties outside China, we will implement measures required under the Law, such as notifying you of such third parties’ names, contact methods, handling methods, categories of personal information and the methods and procedures in which the rights set forth under the Law will be exercised against such third parties, and we will also take any appropriate measures to protect the personal information so that the handling of your personal information by such third party satisfies the personal information protection standards as stipulated in applicable Chinese laws and regulations.

We shall provide your personal information to the following third parties outside China.

A.

Third parties’ names
SAP Japan Co.,Ltd., Amazon Web Services Japan G.K.

How to contact third parties
Please contact us using our contact details stated in Section 11 of the Policy.

Purposes of third-party handling
To announce our and our subsidiaries’ exhibitions, seminars, products, and services, etc., and to analyze your behavior.

Third-party handling methods
In the manner stated in 1. above

Categories of Personal Information
Name, email address, workplace information, inquiry details, Communication Information, etc.

Manner and procedures, etc. to exercise the rights set forth by the Law against third parties
Please contact us using our contact details stated in Section 11 of the Policy.

B.

Third party name
Shimadzu Business Systems Corporation

How to contact third parties
Please contact us using our contact details stated in Section 11 of the Policy.

Purposes of third-party handling
Log-in setting, operation and troubleshooting responses for systems used in transactions

Third-party handling methods
In the manner stated in 1. above

Categories of Personal Information
Name, email address, telephone number, workplace information, division and department

Manner and procedures, etc. to exercise the rights set forth by the Law against a third party
Please contact us using our contact details stated in Section 11 of the Policy.

C.

Third party name
OneTrust, LLC

How to contact third parties
Please contact us using our contact details stated in Section 11 of the Policy.

Purposes of third-party handling
Use of cookie consent management tool

Third-party handling methods
In the manner stated in 1. above

Categories of Personal Information
Consent to acquisition or use of cookies, IP address and language information

Manner and procedures, etc. to exercise the rights set forth by the Law against a third party
Please contact us using our contact details stated in Section 11 of the Policy.

4. Your Rights and Requests

You may exercise the rights with respect to your Personal Information as set forth in Section 8 of the Policy; provided, however, that we may refuse your request in any of the following events:

(1)   Where you make a request repeatedly without any reasonable grounds;
(2)   Where it is related to the performance of our obligations stipulated in applicable laws;
(3)   Where it is directly related to the security of the country or national defense;
(4)   Where it is directly related to the safety of the public, public health, material public interests;
(5)   Where it is directly related to criminal investigations, prosecutions, trials, and the execution of sentences, etc.;
(6)   Where we hold sufficient evidence showing that you have subjective bad faith or are abusing your rights;
(7)   Where it is for the maintenance of your and/or another individual’s life, property, and other material and lawful rights and interests, but it is difficult to obtain the subject’s consent;
(8)   Where responding to your request may cause material harm to your, or another individual’s or organization’s lawful interests; or
(9)   Where it is related to our trade secrets.