Chapter 1 Handling of Personal Information at GRADUS inc.
1. Definition of Personal Information
The term ‘personal information’ shall mean information about a living individual which can identify the specific individual by name, date of birth or other description contained in such information (including such information as will allow easy reference to other information and will thereby enable the identification of the specific individual).
2. Collecting Personal Information
We may collect information of customers in the event that they purchase our products or that they contact us for inquiries.
For collecting such information we will clearly state in writing the purpose of use, and will engage in such action in a legal and honest manner.
We collect the following personal information from you:
e)Shipping destination information
f)Shopping record with us and details
g)Other information which users enter into the form designated by the Company; or
i)Information that, when combined with above-mentioned items, will enable us to identify the specific individual.
3.Using Personal Information
We collect personal information from our customers for the following purposes:
a)Order confirmation and reference
b)Shipping confirmation and reference
d)Managing buying history
e)Offering the service according with custemers interest or buying history
f)Announcing items and services by E-mail and postal mail
g)Accepting applications for gifts and shipping them
We never disclose personal information to any third party without your consent except the following cases:
a)Cases in which the handling of personal information is based on laws and regulations, and which the handling of personal information is necessary for cooperating with a state organ, a local government, or an individual or a business operator entrusted by either of the former two in executing the affairs prescribed by laws and regulations
b)Cases in which the handling of personal information is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person
c)Cases in which the personal information is exchanged and shared among affiliates of the company which runs the Shop.(These companies are not allowed to use the personal information provided by the Company beyond the extent necessary for such purposes.）
4.Security Control Measures for Personal Information
We will take appropriate actions to keep personal information accurate and up-to-date.
We endeavours to take reasonable measures to protect personal information from unauthorized access, loss, destruction, alteration, or leakage, etc.
It should be noted, that also entrusted subcontractors that handle personal information perform the same strict management. In the event personal information is compromised in any way, we will respond quickly and appropriately.
5.Correction and Deletion of Personal Information
Users may request the Company to disclose, correct, discontinue using, or delete their own personal information.
Users residing in some countries including the European Economic Area have the right to submit an inquiry or file a complaint to our lead supervisory authority under the applicable laws and regulations.
If you need to correct or delete your personal information, please contact us from the Contact Us page.
6.Use of cookie files
We may use cookie files to enhance the use of our Web site.Cookie files do not contain information that can be used to identify you, and therefore your privacy will not be invaded.
If you choose so, you can modify the settings of your Web browser to determine if and how a cookie will be accepted.
*A ‘cookie’ is a small text file placed on your computer’s har’ drive by our Web page server.
7.Use of SSL
For entering information, we use SSL (Secure Sockets Layeri) technology to secure personal information and to prevent the data from being intercepted or falsified.
*SSL is a protocol that encripts data and protects it from wiretapping and falsification. Using SSL you can send information much safer.
Chapter 2 Handling of Personal Information of EEA Residents
With respect to the handling of personal information of users residing in the European Economic Area consisting of the European Union (EU), Norway, Iceland and Liechtenstein (hereinafter referred to as “EEA”) (hereinafter referred to in this Chapter as the “Users”), the REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive “95/46/EC (hereinafter referred to as “GDPR”) shall apply after May 25, 2018. Besides Chapter 1, Chapter 2 also shall be applied to the handling of personal information of users residing in the EEA. In the event any provisions of this Chapter contradict those of Chapter 1, the provisions of this Chapter shall prevail.
2. Purpose of Processing Personal Information
The Company shall collect and process personal information of the Users necessary to provide, maintain and upgrade the Services and to operate other Services only for the following purposes.
a)Sending merchandise through the Services
b)Provision of information through the Services
c)Internal operations required to provide the Services (including the maintenance and management of the system, and troubleshooting for operational problems)
d)Operation of other Services and provision of services incidental or related thereto
3. Grounds for Processing Personal Information
We shall process personal information of the Users in accordance with the following grounds.
- Provision of the Services to Users
We must collect and use the following information to provide the Services to the Users.Information necessary to enable the Users to purchase and receive, etc. merchandise through the Services (including the name, address and telephone number of the Users and delivery information).
- Consent from Users
We may collect or use personal information of the Users, such as IP addresses and Cookies, with the consent of such Users.
- Provision of the Services to Users
4. User’s Rights
The Users of the Services may request us to do the following:
- Revocation of consent
As long as the processing of personal information is based on the User’s consent, such Users have the right to revoke their consent in relation to their personal information at any time.
- Access to personal information
The Users have the right to seek explanation relating to their personal information. The Users also have the right to receive a copy of their personal information held by us.
- Correction and deletion of personal information
The Users have the right to seek correction and deletion of their personal information held by us.
- Restriction on processing
The Users have the right to request us to restrict the processing of their personal information.
- Right of data portability
The Users have the right to receive their personal information in a structured, commonly-used, and machine-readable format. The Users also has the right to transfer their own personal information in a structured, commonly-used, and machine-readable format to any third party designated by the User.
The Users have the right to file a complaint to a supervisory authority at any time. The Users may be able to check for supervisory authorities with respect to data protection in respective countries. http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
- Revocation of consent
5. Collection of Personal Information while Browsing through the Company’s Website
For the purpose of providing, maintaining, and upgrading the Services or for the purpose of operating other Services, we shall collect IP addresses, Cookies, individual identification information of terminals of the Users who came to the Company’s website for the use of the Services. This function of collecting data may be blocked by disabling Cookies; therefore, please check your browser settings. Please note that if Cookies are disabled, it may have some effect on the performance of the Company’s website, and we may not be able to provide services or functions expected by the Users.
6. Retention Period
The Company shall establish a retention period for the Users’ personal information to the extent necessary in accordance with the purpose of use, and promptly delete and dispose the Users’ personal information after the elapse of the retention period or after the purpose of use has been achieved.
7. Transfer to Outside of the EEA
The Company may provide the Users’ personal information to cloud vendors located outside the EEA (in the U.S.) within the purposes set forth in Chapter 1, Article 3 and Chapter 2, Article 2 hereof. In such case, the Company shall take appropriate protective measures such as executing data processing contracts with such cloud vendors and provide an appropriate level of protection of the Users’ personal information.
8.Changes to Privacy Policies
When it is deemed necessary, we may make changes to the Personal Information, Purpose of its Use or Privacy Policies sections of this webpage without prior notice and consider it to be an official announcement to you.