1. About this notice
We will process your personal data in compliance with every applicable law and any laws that replace them in the future (including the European Union's General Data Protection Regulation, Regulation (EU) 2016/679 ("GDPR")).
In this notice, we provide information based on such laws related to processing your personal data. This notice sets out the basis on which any persona l data that you provide to us, or that we obtain about you from other sources, will be processed by us. Please take the time to read and understand this notice.
2. Information about us
For the purpose of data protection law, Sharp Corporation ("we", "us" and "our") is a data controller in respect of your personal data. And we are committed to respecting your privacy.
(a) Our main office address: 1 Takumi cho, Sakai ku, Sakai City, Osaka 590 8522, Japan
(b) Our phone number: +81-50-5433-4157
(c) Our inquiry form; SHARP Product Vulnerability Reception Desk
3. Definitions
In this notice:
(a) your "personal data" means any data which relates to you and from which you can be identified.;
(b) our "affiliates" means our subsidiaries; and
(c) "processing" means any activity or operation that i s carried out in respect of your personal data, such as collecting, storing, using, transferring or deleting it.
(d) "SHARP Product Vulnerability Reception Desk" means the website operated by us which is the contact form when you find vulnerability in SHARP products.
4. How we collect your personal data and what personal data we collect
We will collect and process the following personal data about you (collected through SHARP Product Vulnerability Reception Desk). Such information generally includes your name, company name, phone number and e-mail address.
There may be circumstances where the provision of business services to us results in us collecting other types of personal data from you, or us being provided other types of personal data about you from Business Partners. If so, then we will protect such personal data to the same high standards explained in this policy and take any additional steps necessary to ensure we process such personal data in accordance with applicable laws.
5. Legal basis and purpose of processing personal data
The legal basis for the processing of your personal data is:
Legitimate Interests. This is where the processing of your personal data is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
We use the personal data that we hold about you for the following purposes:
|
Your personal information |
The legal basis |
The purpose |
|
your name, company name, phone number and e-mail address |
Legitimate Interests |
To communicate with you with respect to the vulnerability in SHARP products including to deal with your inquiry, questions, messages or requests, and to manage your complaints |
We do not process your "sensitive data" (information about your race, ethnic origin, religion, physical or mental health, political opinions, sexual life, any actual or alleged criminal offences, and genetic and biometric data).
6. Disclosure of personal data to recipients
We may share your personal data with recipients in the situations described below:
(a) Internal Use for us: Employees of us or our affiliates who are authorised and need to access these data.
(b) Affiliates: We share your personal data with our affiliates for internal administrative purposes and uses that are consistent with this Notice.
(c) Business Partners: We may share your personal data with business partners, such as customers or suppliers to the extent this is required for conducting and/or acquiring business with these partners (e.g., exchange of contact details).
(d) Legal Process and Safety: We may disclose your personal data to legal or government regulatory authorities as required by applicable law. We may also disclose your personal data to third parties as required by applicable law in connection with claims, disputes or litigation, when otherwise required by applicable law, or if we determine its disclosure is necessary to protect the health and safety of you or others, or to enforce our legal rights or contractual commitments that you have made.
(e) Business Transfers: Your personal data may be disclosed as part of a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets, and could be transferred to a third party as one of the business assets in such a transaction. It may also be disclosed in the event of insolvency, bankruptcy or receivership.
(f) Publication: We may publish the names of people who have contributed to the discovery or resolution of vulnerabilities in our products with their consent.
7. Transfers of personal data outside the European Economic Area
The personal data that we collect from you or provided by Business Partners may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us, for our affiliates or for one of our suppliers.
Where we transfer your personal data outside the EEA, we will ensure that:
(a) the recipient destination has been subject to a finding from the European Commission that it ensures an adequate level of protection for the rights and freedoms that you possess in respect of your personal data; or
(b) the recipient enters into standard data protection clauses with us that have been approved by the European Commission.
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your personal data) by contacting us in accordance with the information about us in Section 2.
8. Storage limit of personal data
We will retain the personal data that we collect about you as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer period is demanded by applicable laws.
9. Your rights
(a) Access, rectification, erasure, restriction
Subject to the statutory requirements, the fulfilment of which must be assessed on a case-by-case basis, you have the following rights:
- Request from us access to your personal data pursuant to Art. 15 GDPR
You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain related information. - Request from us rectification of your personal data pursuant to Art. 16 GDPR
You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay, and to complete any incomplete personal data. - Request from us erasure of your personal data pursuant to Art. 17 GDPR
You have the right to obtain from us the erasure of personal data concerning you without undue delay, when certain legal conditions apply. - Request from us restriction of processing pursuant to Art. 18 GDPR
You have the right to obtain from us the restriction of processing of personal data, when certain legal conditions apply.
(b) Right to object
Subject to the statutory requirements, the fulfilment of which must be assessed on a case-by-case basis, you also have the right to object to the processing of your personal data.
Where personal data are processed for direct marketing purposes (see section 5 above), you have the right to object at any time to processing of personal data concerning you for such marketing pursuant to Art. 21 (2) GDPR.
(c) Right to lodge a complaint
If you have any complaints regarding our privacy practices in the EEA, you have the right to lodge a complaint with your national data protection authority (i.e., supervisory authority).
10. Contacts
Questions, comments and requests regarding this privacy notice are welcome. Please contact us using the information about us in Section 2.
 |
|---|
