Handling of Personal Information of People Residing and staying in the European Economic Area
Our Group complies with the EU General Data Protection Regulation (the “GDPR”), and related laws and regulations, and are committed to protecting the privacy and security of personal information of those residing and staying in the European Economic Area consisting of EU member states, Norway, Iceland and Liechtenstein (collectively, the “EEA”).
With respect to the handling of personal information of those residing and staying in the EEA, the provisions of this Schedule apply in addition to this Policy. In the event any of the provisions of the body conflict with those stipulated in this Schedule, the provisions of this Schedule shall prevail.
Personal Information to be Acquired and Handled
The purpose of processing, legal basis and retention period of personal information that Group collects are, as follows:
| Items of personal information | Purpose of processing | Legal basis | Retention period |
|---|---|---|---|
| Name, Phone number, Address, Email address, Workplace information (company name, department, position, address, Phone number, Fax number), Business card |
|
|
During the transaction period and for a period reasonably considered likely to initiate (including resume) a transaction |
| Employees’ personal information | Employment management such as payroll, attendance management, labor management, personnel appraisal, education and guidance, and welfare benefits | Necessary for the performance of a contract to which the personal information subject is a party (including before the conclusion of the contract). | The duration of employment contracts and other agreements, the period required by law for record retention, and the period reasonably expected necessary for the efficient processing personal information. |
| Same as above | Regular audits, investigations of violations of internal and external regulations, and investigations of other misconduct or troubles | To confirm compliance with laws or internal regulations (including the detection, resolution, and future prevention of misconduct) | Same as above |
When the provision of personal information is required under law or contract or is a requirement necessary to enter into a contract, it is required to provide the relevant personal information. However, provision of personal information on Our Group’s website is not a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as the Owner is not required to provide the personal information. Please note that the failure to provide such personal information may cause difficulty in providing products/services the Owner may request.
Unless required by law or Owner’s consent is obtained, Our Group will not obtain or use any sensitive personal information (such as information on racial or ethnic origin, political belief, religion, thought or admission to a labor union, genetic information, biological information, or information on physical status, sex life or sexual orientation).
Our Group will not use personal information for any monitoring or profiling activity or process and will not adopt any automated decision-making process.
Disclosure of Personal Information to a Third Party
Our Group may disclose personal information to Group companies within the extent of the “Use of Personal Information”.
Owner’s Rights
Owner has the following rights with respect to personal information held by Our Group:
- Right to request access to Owner’s personal information;
- Right to request rectification of Owner’s personal information;
- Right to request erasure of Owner’s personal information;
- Right to request the restriction of processing of Owner’s personal information;
- Right to request data portability of Owner’s personal information;
- Right to object to processing Owner’s personal information (including for marketing purposes);
- Right to withdraw Owner’s consent at any time with respect to the personal information collected based on Owner’s consent; and
- Right to lodge a complaint to a competent data protection authority of a country in which Owner’s personal information is processed (Owner can find the list provided by the European Data Protection Board here
)
Transfer of Personal Information to a Third Party Outside the EEA
Our Group may transfer Owner’s personal information to third parties located in countries outside the EEA within the extent of the purpose of use. The European Commission recognized Japan as having an adequate level of data protection in 2019.
Some overseas group companies of Our Group are located in third countries that are not recognized by the European Commission as having the same level of personal information protection as the EEA; however, a sufficient level of personal information protection is secured by entering into privacy data transfer agreements between and among Group companies. In such case, Our Group take appropriate protection measures necessary for international privacy data transfer such as the EU Standard Contractual Clauses.
Update of This Policy
When this Policy is updated, the previous version of this Policy will be archived and become available for reference, if requested.
Inquiries
The data controllers of the personal information collected from individuals in the EEA are the following Group companies located in the EEA.
For inquiries or comments about this Policy, please contact:
- Company Name: Taikisha Deutschland GmbH
- Address: Humboldtstraße 35, 70771 Leinfelden-Echterdingen, Germany
- Contact: mailmast@taikisha.co.jp
- Company Name: Taikisha Hungary Kft.
- Address:1112 Budapest, Gulyás utca 24/1. Hungary
- Contact: mailmast@taikisha.co.jp
Last updated on: [February 1, 2026]