1. Home
  2. Privacy Policy

Privacy Policy

01 Our privacy statement

The protection of your personal data is of great importance to      SB Telecom Europe Ltd. (“we” or “SB Telecom Europe”), a company of the SoftBank Corp. Group. This privacy policy (the “Privacy Policy”) therefore intends to inform you about how we, established in WeWork 184 Shepherds Bush Road, London W6 7NL, United Kingdom, acting as data controller, collects and processes your personal data that you submit or disclose to us. We process this personal data in accordance with the UK General Data Protection Regulation (the “UK GDPR”).

We encourage you to read this Privacy Policy carefully. If you do not wish your personal data to be used by us as set out in this Privacy Policy, please do not provide us with your personal data. Please note that in such a case, we may not be able to provide you with our services, you may not have access to and/or be able to use some features of the website, and your customer experience may be impacted.

If you have any queries or comments relating to this Privacy Policy, please contact sbtmgrp-gdpruk@g.softbank.co.jp.

02 Who is responsible for your personal data?

We, SB Telecom Europe Ltd., are the sole data controller in the meaning of the UK GDPR and are responsible for protecting your rights with personal data.

However, in providing you with digital marketing support services, we work closely with SB Telecom America Corp, ("SB Telecom America”), established in 12130 Millennium Drive 3F Los Angeles, CA 90094, United States. In this regard, SB Telecom America and we jointly determine the purposes and means of processing of your personal data. Therefore, SB Telecom America and we are acting as joint controllers responsible for the protection of your personal data.

Upon your requests, the respective roles and relationships of the joint controllers vis-à-vis the data subjects will be made available to you.

03 How do we use your personal data?

We will always process your personal data based on one of the legal bases stipulated for in the UK GDPR. In addition, we will always process your sensitive personal data, for example, concerning your trade union membership, religious views, or health condition, in accordance with the special rules in the UK GDPR.

03.1 Processing of personal data in transactions and business communications with you

In providing digital marketing support services and system integration/network integration services and solutions, we may collect and process your personal data of employees and/or other staff members of our customers and suppliers for the purposes detailed below, which are required for us to pursue our legitimate interests:

 

  • to have business communications with you such as business discussions and provision of our products and services;
  • to conduct administrative matters associated with transactions with customers properly;
  • to inform you about our policies and terms;
  • to maintain the proper functioning and to promote safety and security of the websites, such as by monitoring fraud and investigating suspicious or potentially illegal activity or violations of our terms or policies;
  • to provide, improve, and develop our products, services, and advertising;
  • to use personal information for purposes such as data analysis, research, and audits;
  • to ensure business continuity;
  • to ensure that content from our site is presented in the most effective manner for you;
  • to notify you about changes to our service(s);
  • to manage your customer account;
  • to claim, prove and defend our legal interests; and
  • to respond to legal obligations or demands to which we are subject.

In very specific circumstances such as the processing for the purposes below, we rely on your consent to process your personal data.

  • to carry out marketing activities such as sending newsletters; and
  • to conduct digital marketing for our website and to analyze website access.

03.2 Processing of personal data of employee candidates

As an employee candidate, your personal data will be processed in order to enable us to consider and assess your employment application. Such processing is necessary to take steps prior to entering into an employee contract.
We process your personal data in your interest, to ensure that all relevant information is taken into account in considering your application, as well as in ours, in order to enable us to make an informed decision regarding your application.
Where you provide us with additional data to assess your application, we process such data based on your consent that we process the data volunteered to us.

04 What types of personal data do we use?

We process the following categories of personal data for the respective categories of data subjects.

 

Categories of data subjects Sources Categories of personal data
  • employees and/or other staff of our customers and suppliers
  • You
  • SB Telecom America (Joint Controller only within the scope of digital marketing support service )
  • Name:
  • Company name:
  • E-mail address:
  • Address (including country): and
  • Phone number.
  • Business communications with you including business discussions and inquiries:
  • User identification information: and
  • Access logs, cookie information, browsing history.
  • employee candidate
  • You
  • Name and surnames:
  • Position:
  • Work experience:
  • Education etc.:
  • Address: and
  • Telephone number.

05 Who do we share your personal data with?

We may share your personal data with Company Group entities and with third parties in accordance with the UK GDPR. Where we share your data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing. Furthermore, where we share your data with any entity outside the UK, we will put appropriate legal frameworks in place, in order to cover such transfers.

Strategic Partners

Subject to your prior consent, your personal data may be transferred to, stored, and further processed by strategic partners that work with us to provide our products and services or help us market to customers.

Service Providers

We share your personal data with companies which provide services on our behalf, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling your orders, processing payments, data analytics, providing customer service, and conducting customer research and satisfaction surveys. These companies include Lead Forensics Platform, Hubspot CRM, MailChimp, OrangeScape (United States and other jurisdictions), Box (United States and other jurisdictions), and Google (United States and other jurisdictions).

SoftBank Corp. Affiliates and Corporate Business Transactions

We may share your personal data with all SoftBank Corp. affiliates. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal data to the relevant third party.

Legal Compliance and Security

It may be necessary for us – by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence – to disclose your personal data.  We may also disclose your personal data if we determine that, due to purposes of national security, law enforcement, or other issues of public importance, the disclosure is necessary or appropriate.

We may also disclose your personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.

Data Transfers

Such disclosures may involve transferring your personal data out of the European Union to the following country: Japan, and the United States. Such transfer may take place for internal reporting, management and business purposes.  For each of these transfers, we make sure that we provide an adequate level of protection to the data transferred, in particular by entering into standard contract.

06 Our records of data processes

We handle records of all processing of personal data in accordance with the obligations established by the UK GDPR, both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the UK GDPR and cooperate with the supervisory authorities as required.

07 Security measures

We process your personal data in a manner that ensures their appropriate security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection.

We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

08 Notification of data breaches to the competent supervisory authorities

In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you (Articles 33 and 34 of the UK GDPR).

09 Processing likely to result in high risk to your rights and freedoms

We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms. If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the UK GDPR or that appropriate technical and organisational safeguards are in place in order to proceed with it.

In case of doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations.

10 Your rights

Provided that certain conditions are met, you have the following rights regarding personal data collected and processed by us.

  • Access to personal data: You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain related information.
  • Rectification or erasure of personal data: You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay, and to complete any incomplete personal data. You may also have the right to obtain from us the erasure of personal data concerning you without undue delay, when certain legal conditions apply.
  • Restriction on processing of personal data: You may have the right to obtain from us the restriction of processing of personal data, when certain legal conditions apply.
  • Object to processing of personal data: You may have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, when certain legal conditions apply.
  • Data portability of personal data: You may have the right to receive your personal data in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without our hindrance, when certain conditions apply.
  • Withdraw consent: In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

If you intend to exercise such rights, please refer to the contact section below.

If you are not satisfied with the way in which we have proceeded with any request, or if you have any complaint regarding the way in which we process your personal data, you may lodge a complaint with a Data Protection Supervisory Authority.

11 Children

Our products and services are intended for adult customers. Thus, we do not knowingly collect and process information on children under sixteen (16). If we discover that we have collected and processed the personal data of a child under sixteen (16), or the equivalent minimum age depending on the concerned jurisdiction, we will take steps to delete the information as soon as possible. If you become aware that a child under sixteen (16) has provided us with personal data, please contact us immediately by using the contact address specified under this Privacy Policy.

12 Links to other sites

We may propose hypertext links from the Website to third-party websites or Internet sources. We do not control and cannot be held liable for third parties’ privacy practices and content. Please read carefully their privacy policies to find out how they collect and process your personal data.

13 Updates to privacy policy

We may revise or update this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy via the Services. If we make changes which we believe are significant, we will inform you through the website to the extent possible and seek your consent where applicable.

Contact

For any questions or requests relating to this Privacy Policy, you can contact us by email sbtmgrp-gdpruk@g.softbank.co.jp.

APPENDIX for the provision of digital marketing support services for California residents

This Appendix incorporates Notice at Collection issued by SB Telecom Europe and SB Telecom America (collectively referred to herein as “we”, “our” or “us”) pursuant to CCPA pursuant to §1798.100(a) of the California Consumer Privacy Act (“CCPA”) and Privacy Policy issued by SB Telecom Europe pursuant to§1798.130(a)(5) of the CCPA. You can find Privacy Policy issued by SB Telecom America here:

01 Categories of personal information we collect

We collect the following categories of your personal information from the following sources. The categories of personal information we have collected in the preceding 12 months and its sources are the same as below.

 

Categories of Personal Information as Stipulated in CCPA 1798.140.(v)(1) Sources

a. Identifiers such as names, e-mail address, address (including country) and user identification information

 You
b. Professional or employment-related information such as phone number You
c. Commercial information such as business communications with you including business discussions and inquiries You

d. Internet or other electronic network activity information such as access logs, cookie information, browsing history

 You

02 Purposes for which we collect personal information

We collect and use your personal information listed at 01 above for the following purposes.

 

Purposes Categories of Personal Information
  • to have business communications with you such as business discussions and provision of our products and services
 a, b, c
  • to conduct administrative matters associated with transactions with customers properly
 a, b, c
  • to inform you about our policies and terms
 a, b, c
  • to maintain the proper functioning and to promote safety and security of the websites including DMFA, such as by monitoring fraud and investigating suspicious or potentially illegal activity or violations of our terms or policies
 a, d
  • to provide, improve, and develop our products, services, and advertising
 a, b, c, d
  • to use personal information for purposes such as data analysis, research, and audits
 a, b, c, d
  • to ensure business continuity;
 a, b, c, d
  • to ensure that content from our site is presented in the most effective manner for you
 a, d
  • to notify you about changes to our service(s)
 a, b, c
  • to manage your customer account
 a, b, c
  • to claim, prove and defend our legal interests
 a, b, c, d
  • to respond to legal obligations or demands to which we are subject
 a, b, c, d
  • to carry out marketing activities such as sending newsletters
 a

 

03 Your right to opt out of sale of sharing of personal information

When a business “sells” or “shares,” as defined in the CCPA, personal information of a consumer to or with a third party, the consumer has a right to opt-out of the sale or sharing. We do not “sell” or “share” your personal information.

04 Sensitive information

We do not collect your personal information which is defined as sensitive information under the CCPA.

05 Children

We usually do not collect and store personal information about children who we know reside in California and are under 16 years of age. If we discover that we have unintentionally collected information from a child who reside in California in a way that does not meet the requirements under the CCPA and other applicable laws, we will delete the information immediately. As described in 03 above, we do not “sell” or “share” personal information including that of children under the age of 16.

06 How long we retain personal information

We will retain your personal information for the period necessary for us to fulfill the purposes described at 02 above and as required by law. We will delete or anonymize your personal information when we no longer need it in accordance with applicable laws and our established procedures.

07 Disclosure of personal information to third parties

We have disclosed in the preceding 12 months and will disclose the following categories of personal information to our service providers as below:

 

Categories of Personal Information Categories of Recipients Purposes

a. Identifiers
  • Cloud service provider
  • Mail delivery service provider
  • to store, maintain and analyze the data to make business communications with you more efficient
  • to send the newsletter
b. Professional or employment-related information
  • Cloud Service Provider
  • to store, maintain and analyze the data to make business communications with you more efficient
c. Commercial information
  • Cloud Service Provider
  • to store, maintain and analyze the data to make business communications with you more efficient

d. Internet or other electronic network activity information
  • Server monitoring provider
  • to keep the website running properly

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We have not sold or shared, as defined in the CCPA, personal information covered by this Privacy Policy in the preceding 12 months.

08 Your rights

You have the following legal rights set out in the CCPA with the processing of your personal information by us.

・  Right to know what personal information about you we collect, use, disclose, sell or share;

・  Right to request us to delete your personal information collected by us, with certain exceptions;

・  Right to request us to correct inaccurate personal information we hold about you; and

・  Right not to receive discriminatory treatment by us for the exercise of the privacy rights conferred by the CCPA.

 

If you would like to exercise any of these rights, or if you have any inquiries about your rights, please contact us by using the following methods. Please note that certain requests you submit to us are subject to an identity verification. We will not fulfill such requests unless you have provided sufficient information for us to reasonably verify you are the California resident about whom we collected personal information.

 

sbtmgrp-gdpruk@g.softbank.co.jp.

1-866-467-8688(toll free)

Inquiry Form

09 Authorized agent

When you use an authorized agent to submit a request to know, a request to delete, or a request to correct inaccurate personal information, we may require that you:

 

  • Provide the authorized agent with written permission to do so and verify your own identity directly with us.
  • Directly confirm with us that you provided the authorized agent with permission to submit the request.

 

We may deny a request from an agent that does not submit a proof that he/she has been authorized by you to act on your own behalf.

 

Last updated [2024 04 01]