The Company recognises the importance of the protection of personalinformation and specific personal information in this society of sophisticatedinformation-communications, and strives to protect personal information andspecific personal information based on the Policy set out below.

Acquisition of personal information

The Company acquires personal information by legal and fair means.

Use of personal information

The Company uses personal information within the scope of the followingpurpose of use indicated at the time of acquisition or within the scope of thepurpose of use that is clear based on such acquisition conditions to the extentnecessary for the performance of business activities, and does not use it forother purposes except where it has the individual’s consent or where it ispermitted by legislation.

Personal information concerning customers

(1) Sending information on events

(2) Support for inquiries and consultation

(3) Performance of agreements

(4) Negotiations, meetings, etc. with customers

Personal information concerning shareholders

(1) Exercise of rights and performance of obligations pursuant to theCompanies Act

(2) Provision of various benefits

(3) Performance of various shareholder policies (questionnaires, etc.)

(4) Shareholder management pursuant to legislation

Personal information concerning the officers, employees, etc. ofother companies, including clients, government and public offices,etc.

(1) Various communications, reports, inquiries, negotiations, etc. necessaryfor business activities

(2) Payment, income, credit management, etc. operations

Personal information concerning job applicants

(1) Provision and communication of recruitment information, etc. to jobapplicants

(2) Recruitment operations in the Company

Provision of personal data to third parties

Except where otherwise specified by legislation, the Company will notprovide personal data to a third party (excluding contractors) withoutobtaining the individual's prior consent.

Shared use of personal data

The Company may conduct the shared use of the provided personal data at theCompany’s domestic affiliates and the Company’s overseas subsidiaries based onthe following conditions:

(1) Personal data items that are shared and used Name, date of birth, age,gender, address, telephone number, e-mail address, product purchase history

(2) Scope of the persons who share and use it The Company, the Company’sdomestic affiliates and the Company’s overseas subsidiaries

(3) Purpose of use of the persons who use it As described in 2. (Use ofpersonal information) above

(4) Name of the party responsible with respect to the management of suchpersonal data Yamabiko Corporation

Management of personal information

• The Company will maintain the accuracy of personal information and manageit securely.

• In order to prevent the loss, damage, alteration, divulgence, etc. ofpersonal information, the Company will enact appropriate information securitymeasures to guard against unauthorised access, computer viruses, etc.

• The Company will not allow personal information to be divulged throughactions, such as removal from the premises, external transmission, etc.

Monitoring of contractors

In the case where the Company outsources the processing of personal data toan external party, it will be contractually obligated not to divulge or provideit to third parties, and the proper management will be performed.

Disclosure, amendment, termination of use, and deletion of personal data

The Company recognises that the individual has the right to request thedisclosure, amendment, termination of use, deletion, etc. of their personaldata, and will respond to any such request without delay. In addition, shouldyou have any views or questions concerning the Company’s handling of personaldata, please contact our Personal Information Consultation Centre.

Organisation/structure

• The Company will appoint a Personal Information Protection Manager andimplement appropriate management of personal information.

• The Company will carry out training for its directors and employeesconcerning personal information protection and appropriate management methods,and will ensure proper handling of personal information in its day-to-daybusiness activities.

Enactment, implementation, maintenance and improvement of PersonalInformation Protection Program

In order to execute this Policy, the Company will enact a PersonalInformation Protection Program (including this Policy, personal informationprotection rules and related rules/regulations), and disseminate this to theCompany’s employees and other interested parties, implement, maintain andcontinuously improve it.

Handling of specific personal information

The Company observes the “Act on the Use of Numbers to Identify a SpecificIndividual in Administrative Procedures” and the “Guidelines Concerning ProperHandling of Specific Personal Information (Business Edition)” and handle thespecific personal information properly.

GDPR

Introduction

Yamabiko Corporation, having its principal office located at 7-2 Suehirocho1-Chome Ohme Tokyo Japan, is the data controller of your personal data.Yamabiko Corporation will be referred to hereunder as “Yamabiko” or “we”.

We hold personal data about our employees, customers, distributors, dealers,suppliers and other individuals for the purposes described in this policy.

This policy sets out how we collect, use and share your personal data, andhow to access and update and correct your personal data.

Scope

This policy applies only to processing of the following personal data to betransferred from the European Economic Area (EEA) to Japan based on the Datatransfer agreement between Yamabiko Corporation and Yamabiko Europe SA or othercompanies, or the following personal data to be acquired by YamabikoCorporation directly from you

・Personal data of data subjects who are in the European Economic Area(EEA)

Collection and Processing of your personal data

The purposes for which personal data may be collected and processed by usinclude the following:

・For sales and marketing

・To promote Yamabiko brands

・For product development purpose

・For practical confirmation before mass production

・To provide before/after service

・For future business development

・For quality checking

・For solving quality problem of products

・For performance of indemnity agreement

・For general human resource information treatment

・For appraisal of employees

We will retain your personal data as needed to fulfill the purposes forwhich it was collected as well as to comply with our legal obligations andenforce our agreements.

Sharing your personal data

We may share your personal data with third parties for the purposes ofoperating our business, delivering, improving, and customizing our products andservices, sending marketing and other communications related to our business,and for other legitimate purposes permitted by applicable law or otherwise withyour consent.

We may share personal data in the following ways:

・Within Yamabiko and any other companies of the Yamabiko group for purposesof data processing or storage.

・With our data processors (including our distributors) to provide requestedproducts, services or other transactions. Examples include, but not limited to:processing of orders, providing customer support, etc.

・If we otherwise notify you and you consent to the sharing.

It is possible that we will need to disclose your personal data whenrequired by law, subpoena, or other legal process or if we have a good faithbelief that disclosure is reasonably necessary to (1) investigate, prevent, ortake action regarding suspected or actual illegal activities or to assistgovernment enforcement agencies; (2) enforce our agreements with you, (3)investigate and defend ourselves against any third-party claims or allegations,(4) protect the security or integrity of our services and products; or (5)exercise or protect the rights of Yamabiko.

Security

It is our intention to protect your personal data entrusted to us and treatit securely. In this respect we implement physical, administrative, andtechnical safeguards with the purpose of securing your personal data fromunauthorized access, use, or disclosure.

We also contractually require that our data processors (including ourdistributors) protect your personal data from unauthorized access, use, anddisclosure.

Access to your personal data and correction

If at any point you believe the personal data we process on you isincorrect, you can request to access the personal data and even have itcorrected or deleted free of charge. However in case of abusive requests, wemay charge you a reasonable fee. You also have a right to revoke your consentto processing your personal data by us. Please note however that it may preventus from providing you with our services.

If you wish to raise a question or a complaint on how we have handled yourpersonal data, you can contact gdpr@yamabiko-corp.co.jp.

If you are not satisfied with our response or believe we are processing yourpersonal data not in accordance with applicable laws, you can complain to theBelgian Privacy Commission https://www.privacycommission.be/fr.

International Data Transfer

Any transfer of your personal data which are undergoing processing or areintended for processing after transfer to recipients in countries outside ofEEA (“International data transfer”) shall take place only if, subject to theprovisions of this policy and applicable law are complied with by us and ourprocessors, including for onward transfers of your personal data from onecountry outside of EEA to another country outside of EEA.

International data transfer shall be legitimized on the legal basisincluding the followings.

- Transfers on the basis of an adequacy (adequate level of protection)decision by the European Commission

- Transfers subject to appropriate safeguards including standard dataprotection clauses adopted by the European Commission

- You have explicitly consented to the proposed transfer, after having beeninformed by us of the possible risks of such transfers for you due to theabsence of an adequacy decision and appropriate safeguards

- the transfer is necessary for the performance of a contract between youand us or the implementation of pre-contractual measures taken at yourrequest.

Changes to our Data Protection Policy

We keep our present data protection policy under regular review and we placeany updates on this webpage. This document was last updated on May 25,2018.

How to contact us

Please contact us at gdpr@yamabiko-corp.co.jp if you have any question about our dataprotection policy or personal data we hold about you.