Privacy Statement for GDPR
NTT DATA Corporation’s Personal Information Protection Policy
NTT DATA Corporation (“NTT DATA”, “we”, “us” or “our”) recognizes the importance of personal information and ensures the protection and safeguarding of our customers’ personal information as a fundamental principle of its business and its responsibility to society. Accordingly, NTT DATA has established the Personal Information Protection Policy (“Privacy Statement”) described below and ensures that all its officers, employees, and business partners thoroughly understand and fully comply with the Policy. By reading and manifesting your intention to consent to this Privacy Statement, you consent to our use and disclosure of your information and agree that we may collect, use and transfer your Personal Information in accordance therewith. You are entitled to withdraw your consent given in this form at any time by sending us notice of withdrawal to the contact information stated under this Privacy Statement [7. Inquiries as to Personal Information]. If you have any questions regarding this consent, please contact us through information stated under this Privacy Statement.
This Privacy Statement is for natural persons who are entitled under the General Data Protection Regulation (GDPR). If you are a customer who is not subject to the GDPR, please refer to Privacy Statement
1. Collection, Use, Provision, and Entrustment of Personal Information
For the purpose of this Privacy Statement, the following terms have the meanings as defined below.
- (a) ‘Personal Information’ means any data relating to an identified or identifiable natural person, including but not limited to your names, addresses, birth dates, telephone numbers, e-mail addresses, user IDs, IP addresses, web beacons and other online identifiers.
- (b) ‘Processing’ means any operation or set of operations which is performed on Personal Information or on sets of Personal Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(1) Personal information shall be collected only after informing the customers of the purpose and obtaining consent for doing so, except when the rights or interests of customers or third parties may be injured. The scope of use of the personal information collected is limited, and the information shall be handled appropriately within this scope.
(2) NTT DATA will process your Personal Information in order to achieve the following goals:
- NTT DATA will process Data subjects’ Personal Information collected from the contact form on our Site in order to respond to your inquiries, questions, and/or other requests.
In case of processing your Personal Information for purposes other than the above, NTT DATA will notify you in advance of such new purposes of use and other matters as required by applicable law.
(3) Personal Information that you are to provide is necessary in order for NTT DATA to provide the Services to you, and there may be cases where you are unable to use the Services if you have not provided such data.
NTT DATA may provide your Personal Information to third parties such as the subsidiaries and affiliates of NTT DATA, cloud vendors and outside contractors of NTT DATA etc., to implement the purposes of use specified above. Since countries located outside the EEA (including, without limitation, Japan, the U.S., the same shall apply hereafter) are among the third parties to whom NTT DATA will disclose your Personal Information, you shall be deemed as having consented to the following matters by consenting to the Privacy Statement.
- In case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as the EEA, i.e., many of the rights provided in the EEA to you are not given.
- Your Personal Information will be provided to third parties located outside the EEA.
- Your Personal Information will be provided and processed for the purposes specified above by the third parties outside the EEA to whom NTT DATA will disclose your Personal Information as well as NTT DATA.
In addition to the above, in case that NTT DATA provides your Personal Information to a third party located in a country outside the EEA, NTT DATA will ensure that adequate measures are taken concerning the protection of your Personal Information by executing standard contract clauses based on the EU General Data Protection Regulation, etc.
(4) NTT DATA may entrust customers’ personal information with authorized third parties. In all such cases, NTT DATA shall select the recipient with great care from among those parties that have established a sufficient level of protection of the personal information, and make necessary supervision or otherwise ensure, through a contract, etc. stipulating the level of protection to be observed, that the recipient manages the information properly.
2.Disclosure, Correction, Discontinuance of Use, etc. of Personal Information
The Users may request from Company access to, rectification or erasure of, restriction of processing of personal data, and may request the data portability. You may object to the data protection authorities with jurisdiction over NTT DATA or the location of your domicile with regard to the processing of your Personal Information.
3. Implementation of Security Measures
- NTT DATA implements safeguard measures and diligently works toward preventing unauthorized access to personal information, and the loss, destruction, alteration, leakage, etc. of such information. Specific rules governing the appropriate handling and use of personal information are in place, and staff are assigned to take responsibility therefor.
4. Observance of Laws, Regulations and Other Norms Relating to Personal Information
With respect to the observance of laws, regulations, and other norms relating to personal information, NTT DATA’s officers, employees, and business partners who handle personal information comply with the laws, regulations, and guidelines relating to the protection of personal information and the privacy of communication.
5. Retention Period
NTT DATA will retain your Personal Information as long as we require such data to provide the Services to you , but will promptly delete the same in case that such data is no longer necessary.
6. Continuous improvements to this Personal Information Protection Policy and In-house Rules and Regulations
NTT DATA makes continuous improvements to this Personal Information Protection Policy and in-house rules and regulations to ensure that the protection of personal information as determined by socially accepted norms is conducted effectively.
7. Inquiries as to Personal Information
In the event of any questions or concerns regarding the Privacy Statement or the processing of Personal Information by NTT DATA, or any requests, etc., concerning the access to, rectification or erasure of, restriction of processing of Personal Information, and the data portability, please contact with NTT DATA. NTT DATA determines the purpose and means of the processing of your Personal Information. The contact information for NTT DATA is as follows:
Toyosu Center Building, 3-3, Toyosu 3-chome, Koto-ku,
NTT DATA CORPORATION Customer Desk
E-MAIL : privacyam.nttdata.co.jp
8. Data Protection Officer
NTT DATA has appointed the data protection officer for you to contact if you have any questions or concerns about the NTT DATA’s personal data policies or practices. The contact information are as follows:
E-MAIL : dpo-nttdataam.nttdata.co.jp
NTT DATA will make every effort to respond to inquiries promptly within a reasonable scope.
Established: May 21, 2018
Revised: June 19, 2018
President and Chief Executive Officer