In the course of doing business, Asahi Kasei Group receives personal information (the term “personal information” is used herein as defined in Article 2, Paragraph 1, of the Act on the Protection of Personal Information (Act No. 57 of 2003)) such as names, postal addresses, phone numbers, and e-mail addresses from consumers, clients, suppliers, and others, in addition to the personal information of our executives and employees which we hold. We are committed to maintaining the privacy and security of this personal information, and to ensuring that it is handled appropriately in accordance with this policy.
Because this policy may be revised, we recommend that you refer to this page again from time to time.
Specifics are described below.
Asahi Kasei Bioprocess may share personal data with Asahi Kasei Group as shown below.
|Information subject to shared use||Purpose of shared use||Responsible party|
|Names and contact information held by Corporate Legal & General Affairs||Appropriate response to inquiries and requests||General Manager of Corporate Legal & General Affairs|
|Names and contact information held by Corporate Procurement & Logistics||Execution of duties related to procurement||General Manager of Corporate Procurement & Logistics|
|Names and contact information held by Corporate Accounting & Finance||Management of credits and debts, handling payments||General Manager of Corporate Accounting & Finance|
In cases where it becomes necessary to disclose personal information to subcontractors in the course of outsourcing, we conclude agreements with the subcontracted firms requiring that such personal information is handled in accordance with our standards. The handling of personal information by subcontracted firms is monitored and supervised to ensure compliance.
The only other cases where personal information is disclosed to third parties are described below.
For your examination and confirmation, you may request that we disclose to you the retained personal data of yours which we hold. Upon verifying that the person making such a request is the person for whom disclosure is being requested or a duly authorized proxy thereof, we will respond in a reasonable time and to a reasonable extent.
You may request that we correct or revise the retained personal data of yours which we hold. Upon verifying that the identity of the person making such a request is the person for whom correction or revision is being requested or a duly authorized proxy thereof, we will respond in a reasonable time and to a reasonable extent if the data we hold is inaccurate.
You may request that we cease using or delete the retained personal data of yours which we hold. Upon verifying that the identity of the person making such a request is the person for whom cessation of use or deletion is being requested or a duly authorized proxy thereof, we will respond in a reasonable time and to a reasonable extent.
Please note that the cessation of use or deletion of part or all of your personal information may prevent us from providing you with certain services. Please also note that relevant regulations provide that we may decline to fulfill such a request in certain cases.
Requests for confirmation, correction, revision, cessation of use, or deletion of retained personal data may be made
via inquiry form or by fax to +81-(0)3-3259-5725, or by post to:
Asahi Kasei Medical Co., Ltd.,
1-105 Kanda Jinbocho
Chiyoda-ku, Tokyo 101-8101
Costs which we incur to fulfill a request for confirmation, correction, revision, cessation of use, or deletion of retained personal data may be charged to you or your proxy as a handling fee.
Reasonable and appropriate security measures are employed in the maintenance and management of personal information in order to ensure against risks such as unauthorized access, loss, damage, alteration, and disclosure. To ensure that personal information is managed appropriately, personnel responsible for managing personal information are designated at each business unit which receives personal information, and all relevant personnel are thoroughly familiarized with the company-wide information security regulations.
No personally identifiable information (e.g. name, address, phone no., e-mail address) is collected automatically when you access this website. We do collect anonymous information related to site usage for aggregate analysis to improve the site. This anonymous information includes a log of which pages you viewed, and the domain name of the website (e.g., a search site) from which you accessed this website.
We are not responsible for the privacy practices of other websites to which links may be included in this website. Please refer to the privacy policies of those websites separately.
Please see below for dealing with the information of European Economic Area (the “EEA”) personal data of customers, business partners, employees and other individuals which we possesses.
We will always process your personal data based on the GDPR. In addition, we will always process your sensitive personal data, for example, concerning your trade union membership, religious views, or health condition, in accordance with the GDPR.
We may collect and process your personal data for the purposes detailed below, which are required so that we can pursue our legitimate interests and provide you with adequate services and products:
In addition, subject to obtaining your express prior consent, we may also collect and process your personal data for the following purposes:
Please be aware that you are entitled to withdraw your consent at any time, and this without affecting the lawfulness of processing based on your consent before withdrawal thereof.
We will process your data for these specified, explicit and legitimate purposes, and will not further process the data in a way that is incompatible with these purposes. If we intend to process personal data originally collected for one purpose in order to attain other objectives or purposes, we will ensure that you are informed of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, to ensure that we provide an adequate service, and to support its business activities.
We can obtain such personal data either directly from you when you decide to communicate such data to us (i.e., when you fill in forms displayed on the Website) or indirectly where such personal data is provided to us by your electronic communication terminal equipment or your Internet browser. We ensure that the personal data processed is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
We may share your personal data with Company Group entities and with third parties in accordance with the GDPR. Where we share your personal data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing. Furthermore, where we share your data with any entity outside the EEA, we will put appropriate legal frameworks in place, notably controller-to-controller (2004/915/EC) and controller-to-processor (2010/87/EU) Standard Contract Clauses approved by the European Commission, in order to cover such transfers.
Subject to your prior consent, your personal data may be transferred to, stored, and further processed by strategic partners that work with us to provide our products and services or help us market to customers. We may currently share your personal data with the strategic partners. Your personal data will only be shared by us with these companies in order to provide or improve our products, services and advertising.
We share your personal data with companies which provide services on our behalf, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling your orders, processing payments, data analytics, providing customer service, and conducting customer research and satisfaction surveys. We may currently share your personal data with the service providers.
We may share your personal data with all Company’s affiliates. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal data to the relevant third party.
It may be necessary for us – by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence – to disclose your personal data. We may also disclose your personal data if we determine that, due to purposes of national security, law enforcement, or other issues of public importance, the disclosure is necessary or appropriate.
We may also disclose your personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.
Such disclosures may involve transferring your personal data out of the European Union to the following country: Japan, China, India, Korea, Singapore, and USA. Such transfer may take place for business operations, accounting, human resources managements, IT and general administration, marketing, market research and PR activities, and sales and after-sales management. For each of these transfers, we make sure that we provide an adequate level of protection to the data transferred.
We handle records of all processing of personal data in accordance with the obligations established by the GDPR, both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the GDPR and cooperate with the supervisory authorities as required.
We process your personal data in a manner that ensures their appropriate security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection.
In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you.
We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms. If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the GDPR or that appropriate technical and organizational safeguards are in place in order to proceed with it.
In case of doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations.
You have the following rights regarding personal data collected and processed by us:
If you intend to exercise such rights, please refer to the contact section below.
If you are not satisfied with the way in which we have proceeded with any request, or if you have any complaint regarding the way in which we process your personal data, you may lodge a complaint with a Data Protection Supervisory Authority.
We may propose hypertext links from the Website to third-party websites or Internet sources. We do not control and cannot be held liable for third parties’ privacy practices and content. Please read carefully their privacy policies to find out how they collect and process your personal data.
Revised May 25, 2018