Under the belief that it is an important societal responsibility of us to appropriately protect and handle personal information of our customers, clients, stockholders and all other persons concerned who are involved in our business activities, the Citizen Group (hereinafter referred to as “We” or “we”), a group consisting of Citizen Watch Co., Ltd. and its subsidiaries, hereby establish this Citizen Group Privacy Policy, as follows:
1. Compliance with Laws and Regulations
We shall comply with laws and regulations, etc. on protection and handling of personal information and make efforts
to thoroughly protect and manage all of personal information we acquire and use.
2. Handling of Personal Information
We shall, identifying the purpose of use in advance, acquire personal information in a lawful and fair manner and
shall refrain from using it for other purpose. In providing any received personal data to a third party, we shall
follow the provisions of laws and regulations or of the relevant group company.
3. Management of Personal Data and Security Measures
We shall appoint a manager at every section which handles personal data for protection of, manage appropriately and
carefully, take necessary and reasonable security measures to prevent unauthorized access to, and loss, destruction,
falsification and leakage of, and thereby protect, any personal data under our possession.
4. Respect of Principal’s Rights
We shall respect Principal’s Rights on personal information, and if a Principal requests us to disclose, correct,
discontinue to use, or delete any personal data under our possession, then we shall respond to it in good faith in
accordance with the provisions of laws and regulations or of the relevant group company.
5. International Transfer of Personal Data
If we have to internationally transfer any acquired personal data to a third country, we shall take appropriate
protection measures necessary for international data transfer.
6. Inquiries
With respect to inquiries concerning your personal data, please contact a personal information inquiry counter of
the relevant group company.
Citizen Group EU Personal Data Protection Policy
Under the belief that it is an important societal responsibility of us to appropriately protect and handle personal data of individuals living in the European Union (hereinafter referred to as “EU”) region, the Citizen Group (hereinafter referred to as “We” or “we”), a group consisting of Citizen Watch Co., Ltd. and its subsidiaries, hereby establish this EU Personal Data Protection Policy (hereinafter referred to as “this Privacy Policy”), and shall comply with the “Regulation of the European Parliament and of the Council on the Protection of Natural Persons with regard to the Processing of Personal Data and on the Free Movement of Such Data” (hereinafter referred to as “GDPR”) and other laws, regulations and guidelines on protection of personal information in EU as well as our regulations on protection and handling of personal information and this Privacy Policy and make efforts to thoroughly protect, manage and use all of the personal data we acquire and use.
Unless otherwise provided for herein, the terms as used herein shall have the meanings assigned to them in the GDPR and other laws and regulations on protection and handling of personal information in EU.
1. Acquisition of Personal Data
In acquiring any personal data, we shall use a proper and fair means and, except the case where any exceptional
handling is permitted by laws and regulations, ask a person identified by the relevant personal data as their owner
(hereinafter referred to as “Principal”) to voluntarily provide us with said personal data.
We shall, in receiving any personal data from a Principal, expressly notify him/her of the purpose of use in advance and obtain his/her consent to said purpose of use after explaining that he/she can withdraw said consent at any time, and we shall use said personal data within the scope of the purpose of use he/she has agreed to.
Except the case where we obtain a prior consent of a Principal or where it is permitted by laws and regulations, we shall not acquire any “special categories of personal data.”
2. Purpose of Use of Personal Data
We shall use personal data for the purpose of use of personal data determined by a company which has received said
personal data (hereinafter referred to as “Company”).
3. Management of Personal Data
We shall appoint a manager at every section which handles personal data for protection of, manage appropriately and
carefully, take necessary and appropriate measures to prevent unauthorized access to, and loss, destruction,
falsification and leakage of, and thereby protect, any personal data under our possession.
If we recognize an infringement of any personal data, we shall promptly take necessary measures and properly address it. Additionally, when a Principal having provided any personal data is expected to suffer any damage, we shall notify him/her of necessary information as needed.
4. No Disclosure to a Third Party of Personal Data
Except the case where any exceptional handling is permitted by laws and regulations or by provisions of the relevant
Company, we shall not disclose or provide to a third party any personal data we have acquired from a Principal,
without his/her consent.
5. Disclosure, Correction, Deletion, etc. of Personal Data under Possession
(1) When a Principal having provided any personal data desires any of the following treatments, please contact a
personal information inquiry counter of the relevant Company. According to your rights prescribed in laws and
regulations on protection of personal information in EU, we shall appropriately respond to it.
(i) When the Principal desires to gain access to any personal data.
(ii) When the Principal desires to correct any personal data.
(iii) When the Principal desires to delete any personal data.
(iv) When the Principal desires to impose restrictions on handling of any personal data.
(v) When the Principal desires data portability.
(vi) When the Principal desires to raise an objection.
(v) When the Principal desires not to be covered by the automatic decision-making.
In taking the steps, please submit the following documents by mail or by email.
– An application form for request for disclosure of personal data, etc. as prescribed by the relevant Company
– A document verifying the identity of the Principal as prescribed by the relevant Company
– A document verifying the identity of the proxy as prescribed by the relevant Company
(2) To prevent Principal’s any personal data from being falsified or leaked, etc. by a third party, we shall respond to you by mail or by email only when the Principal’s identification has been confirmed through submitted documents.
While we make efforts to provide prompt response to meet your request, please note that it may take time as we work on confirmation of the registered personal data and on ensuring accuracy of response.
(3) We do not return any request form or verification documents received from a Principal or his/her proxy. Please note that the request form shall be maintained in a proper manner by each Company and the verification documents shall be disposed of by each Company by appropriate means when the purpose of use is completed.
6. Handling of Personal Data of a Person Under 16 Years Old
We protect and treat personal data of a person under 16 years old in equal measures as we protect major individuals’
personal data. We shall obtain parental guardian’s consent as needed when we receive any personal data from a person
under 16 years old.
7. Management of Website
(1) In operating our website, we are taking appropriate systemic and operational security measures, including, but
not limited to, the establishment of the server management system and the access restriction, in order to securely
manage any personal data.
(2) When individuals contact us via our website, all the data are encrypted and protected by transmission using SSL (Secure Sockets Layer) protocol for safety purpose.
(3) We may use cookies in part of our service on our website. They are used for the purpose of improving the quality of our service with statistical processing of website access information, and will not violate any individuals’ privacy.
8. International Transfer of EU Personal Data to Outside EU
If we have to internationally transfer any acquired personal data to a third country outside EU, we shall take
appropriate protection measures necessary for international data transfer.
9. Change in EU Personal Data Protection Policy
Please note that contents of this EU Personal Data Protection Policy may be changed as necessary, for the purpose of
the protection of personal data or of the response to change in laws and regulations, etc.
10. Inquiries
With respect to inquiries concerning your personal data, please contact a personal information inquiry counter of
the relevant Company.
*’European Union (EU) region’ means the member state of the European Economic Area (EEA) including EU member states in this privacy policy.