Privacy Policy GDPR

Privacy Policy

The Japan Foundation (the “JF”) shall comply with the EU General Data Protection Regulation (the “GDPR”) and other applicable national laws (“applicable laws”) in connection with the provision of any of the services that the JF provides (the “Services”) to users (the “Users”) in the European Economic Area (the “EEA”, and the countries that are members of the EEA are individually or collectively referred to as “EEA member countries”), and therefore hereby establishes this Privacy Policy (this “Privacy Policy”) in order to appropriately process the personal data and other data of Users in the EEA.

  1. Processing Personal data, etc.

(1) Definitions

Personal data” means any data relating to an identified or identifiable natural person, including, without limitation, names, addresses, dates of birth, telephone numbers, e-mail addresses, and any other information collected in connection with providing the Services.

Processing” means any operation or set of operations which is performed on personal data, etc. or on sets of personal data, etc., whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

(2) Purpose of use of personal data, etc.

The JF will process the Users’ personal data to provide, improve and develop the Services.

In the case of processing the Users’ personal data for purposes other than the above, the JF will notify Users in advance of such new purposes of use and other matters as required by applicable laws.

By manifesting their intention to consent to this Privacy Policy, Users will be deemed to have consented to the processing of their personal data by the JF within the scope of the above purpose of use, and The JF will process the Users’ personal data based on such Users’ consent; provided, however, that Users may withdraw such consent at any time. Even in that case, this will not affect the lawfulness of processing performed pursuant to consent before the Users’ withdrawal thereof.

The personal data that Users are to provide is necessary in order for the JF to provide the Service to the Users, and there may be cases in which Users who have not provided such data will be unable to use the Service.

(4) Retention Period

The JF will retain the Users’ personal data as long as the JF requires such data for achieving the purpose of use specified above.

(5) Transfer

The JF may share the Users’ personal data obtained by its overseas offices including those in London, Paris, Madrid, Rome, Cologne and Budapest with other offices including the headquarter in Japan, and may provide such data to third parties such as cloud vendors and outside contractors of the JF, etc., to implement the purpose of use specified above. Countries located outside the EEA (including, without limitation, Japan, the same shall apply hereafter) are among the third parties to whom the JF will disclose the Users’ personal data, and the Users shall be deemed to have consented to the following matters by consenting to this Privacy Policy:

(a)    In the case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as EEA member countries, i.e., many of the rights provided to data subjects in the EEA may not be given;

(b)    The Users’ personal data will be provided and processed for the purpose specified above; and

(c)    The Users’ personal data will be provided to third parties located outside the EEA.

In addition to the above, in the case that the JF provides the Users’ personal data to a third party located in a country outside the EEA, the JF will ensure that adequate measures such as standard contract clauses based on the GDPR are taken concerning the protection of the Users’ personal data.

(6) Rights of Users

The Users may request from the JF access to, rectification or erasure of, and restriction of processing of their personal data, may object to the processing of the Users’ personal data, and may request data portability. The JF accepts such Users’ requests at the contact point set forth in “3. Contact” below.

The JF may refuse the Users’ requests if the JF deems that there is no basis for such Users’ requests or if they are deemed excessive.

The Users may raise objections with the data protection authorities having jurisdiction over the location of the Users’ domicile with regard to the processing of their personal data.

  1. Safety Management Measures

In order to protect from unauthorized access to personal data, loss, etc. of personal data, taking into account the type of personal data, the degree of sensitivity and the degree of economic influence and mental harm caused to Users in the case of a personal data breach, the JF comprehensively evaluates and judges the risks of personal data breaches, implements appropriate personal, organizational and technical safety management measures based on the risk of a personal data breach, if necessary, checks such safety management measures, sets up a process for correction, and constantly strives to improve security.

The JF shall strive to appropriately manage personal data by restricting the entry of outsiders into the offices which are processing personal data, conducting educational awareness activities for all officers and employees involved in the protection of personal data, and placing a manager in charge for each division processing personal data.

  1. Contact

In the event of Users having any questions or concerns regarding this Privacy Policy or the processing of personal data by The JF or having any requests concerning the access to, rectification of, erasure of, or restriction of processing of personal data, or regarding data portability, please contact the JF.

The contact information for The JF is as follows:

< The Japan Foundation>

Via Antonio Gramsci 74 00197 Roma

063224794

info@jfroma.it