Privacy Policy - Digital Marketing for Asia

01 Our Privacy Statement

The protection of your personal data is of great importance to SB Telecom Europe Ltd. (“Company”), a subsidiary of the SoftBank Corp. Group. This privacy policy (the “Privacy Policy”) therefore intends to inform you about how the Company, established at WeWork 184 Shepherds Bush Road, London W6 7NL, United Kingdom, acting as data controller, collects and processes your personal data that you submit or disclose to us. We also act as a data controller when we process your personal data that is received or obtained through third-parties. We process this personal data in accordance with the UK General Data Protection Regulation (the “UK GDPR”).

We encourage you to read this Privacy Policy carefully. If you do not wish for your personal data to be used by us as set out in this Privacy Policy, please do not provide us with your personal data. Please note that in such a case, we may not be able to provide you with our services, as you may not have access to and/or be able to use some features of the Website, and your customer experience may be impacted.

If you have any queries or comments relating to this Privacy Policy, please contact sbtmgrp-gdpruk@g.softbank.co.jp.

02 How do we use your personal data?

We will always process your personal data on a legal basis as established in the UK GDPR. In addition, we will always process any sensitive personal data, for example, concerning your trade union membership, religious views, or health condition, in accordance with the special rules provided for in the UK GDPR.

We may collect and process your personal data for the purposes detailed below, which are required so that we can pursue our legitimate interests and provide you with the appropriate services and products:

to offer you products and services;
to inform you about our policies and terms;
to promote safety and security, such as by monitoring fraud and investigating suspicious or potentially illegal activities or violations of our terms or policies;
to provide, improve, and develop our products, services, and advertising;
to use personal information for purposes such as data analysis, research, and audits;
to ensure business continuity;
to ensure that content from our site is presented in the most effective manner for you;
to notify you about changes to our service(s);
to manage your customer account.

We may also collect and process your personal data for the following purposes, based on the execution of our contractual relationship between you and us:

to process payments, orders and other services requested from you or from us.

Finally, in very specific circumstances, we may require your consent to process your personal data.

A more detailed explanation of the purposes for which we may process your personal data is written below.

As an employee candidate, your personal data will be processed in order to enable us to consider and assess your employment application. The personal data that we may process for these purposes includes:

Name and surnames;
Position;
Address;
Telephone number.

We process your personal data in your interest, to ensure that all relevant information is taken into account in considering your application, as well as in ours, in order to enable us to make an informed decision regarding your application.

Where you provide us with additional data to assess your application, we process such data based on your consent that we process the data volunteered to us.

As an employee, we process your personal data for the following purposes:

To process your monthly salary, bonuses, allowances and to calculate income taxes.
To manage your files, such as emergency contact details, other human resources management fields and administrative tasks.
To process your performance assessment.
To arrange for reimbursement of medical check-up costs, health insurance costs, and group insurance costs.
To authorise your business expenses and contracts on behalf of SB Telecom Europe Ltd.
To apply for and renew documentation, such as visas, rental contracts, mobile phone contracts, online banking applications, credit card applications, insurance applications, working permits and commune registration and ID of you and your families. [Only for expatriates]

In general, we process your personal data in your interest, in order to arrange your necessary documentation with the public authorities, to proceed with the payment of your salary and other allowances, and to proceed with any reimbursements.

Where we are obliged by our employment contract to perform these processes, such as to pay your salary, we do so in accordance with your interest. Employment and immigration laws may also require us to process this data for you.

As a business partner, customer or vendor, your personal data may be processed for the following purposes:

To manage the contact details of our current and future business partners, vendors and customers.
To help us manage and perform our current and future contracts and projects with our business partners, vendors and customers.
To process orders made from customers.

In order to achieve these purposes, we process contact detail data such as your name and surname, department, e-mail address, telephone number, title, company and bank account information.

We process your personal data in our interest, in order to manage all contracts with our suppliers, and to execute renewals and other measures as necessary. We may also process the data to perform a contract with you.

We will process your data for these specified, explicit and legitimate purposes, and will not further process the data in a way that is incompatible with these purposes. If we intend to process personal data originally collected for one purpose in the name of other objectives or purposes, we will ensure that you are informed of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, to ensure that we provide an adequate service, and to support its business activities.

If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our workers).

03 What types of personal data do we use?

We process the personal data outlined above for the respective purposes that we have explained. We can collect such personal data either directly from you when you decide to communicate such data to us (i.e., when you fill in forms displayed on the Website) or indirectly where such personal data is provided to us by your electronic communication terminal equipment or your Internet browser. We ensure that the personal data processed be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in the following circumstances:

Where we have notified you of a decision and given you 21 days to request a reconsideration.
Where it is necessary to perform the contract with you and appropriate measures are in place to safeguard your rights.
In limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.

If we make an automated decision on the basis of any particularly sensitive personal information, we must have either your explicit written consent or it must be justified in the public interest, and we must also put in place appropriate measures to safeguard your rights.

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

04 How do we share your personal data?

We may share your personal data with Company Group entities and with third parties in accordance with the UK GDPR. Where we share your data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing. Furthermore, where we share your data with any entity outside the UK, we will put appropriate legal frameworks in place, in order to cover such transfers.

Strategic Partners

Subject to prior receiving your consent, your personal data may be transferred to, stored, and further processed by strategic partners that work with us to provide our products and services or help us market to customers.

Service Providers

We share your personal data with companies that provide services on our behalf, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling your orders, processing payments, data analytics, providing customer service, and conducting customer research and satisfaction surveys. These companies include Lead Forensics Platform, Hubspot CRM, MailChimp, OrangeScape (United States and other jurisdictions), Box (United States and other jurisdictions), and Google (United States and other jurisdictions).

SoftBank Corp. Affiliates and Corporate Business Transactions

We may share your personal data with all SoftBank Corp. affiliates. In the event of a merger, reorganisation, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal data to the relevant third party.

Legal Compliance and Security

It may be necessary for us – by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence – to disclose your personal data. We may also disclose your personal data if we determine that, due to purposes of national security, law enforcement, or other issues of public importance, the disclosure is necessary or appropriate.

We may also disclose your personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.

Data Transfers

Such disclosures may involve transferring your personal data out of the European Union to the following countries: Japan, and the United States. Such transfers may take place for internal reporting, management and business purposes. For each of these transfers, we make sure that we provide an adequate level of protection to the data transferred, in particular by entering into standard contracts.

We will not use your personal data for online marketing purposes unless you have expressly consented to such use of your personal data. You can change your marketing preferences at any time by contacting us here.

05 Our records of data processes

We handle records of all processing of personal data in accordance with the obligations established by the UK GDPR, both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the UK GDPR and cooperate with the supervisory authorities as required.

06 Security Measures

We process your personal data in a manner that ensures their proper security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection.

We will retain your personal information for as long as it is necessary to fulfil the purposes outlined in this Privacy Statement, unless a longer retention period is required or permitted by law.

07 Notification of data breaches to the competent supervisory authorities

In the case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you.

08 Processing likely to result in high risk to your rights and freedoms

We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms. If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the UK GDPR, or that appropriate technical and organisational safeguards are in place in order to proceed with it.

In the case of any doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations.

09 Your rights

You have the following rights regarding personal data collected and processed by us.

Information regarding your data processing: You have the right to obtain from us all the requisite information regarding our data processing activities that concern you.
Access to personal data: You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain related information.
Rectification or erasure of personal data: You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay, and to complete any incomplete personal data. You may also have the right to obtain from us the erasure of personal data concerning you without undue delay, when certain legal conditions apply.
Restriction on processing of personal data: You may have the right to obtain from us the restriction of processing of personal data, when certain legal conditions apply.
Objections to the processing of personal data: You may have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, when certain legal conditions apply.
Portability of personal data: You may have the right to receive your personal data in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without our hindrance, when certain conditions apply.
Not to be subject to automated decision-making: You may have the right not to be subject to automated decision-making (including profiling) based on the processing of your personal data, insofar as this produces legal or similar effects on you, when certain conditions apply.
Withdraw consent: In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact [Data Protection Officer]. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

If you intend to exercise such rights, please refer to the contact section below.

If you are not satisfied with the way in which we have proceeded with any request, or if you have any complaint regarding the way in which we process your personal data, you may lodge a complaint with a Data Protection Supervisory Authority.

10 Children

Our products and services are intended for adult customers. Thus, we do not knowingly collect and process information on children under sixteen (16). If we discover that we have collected and processed the personal data of a child under sixteen (16), or the equivalent minimum age depending on the concerned jurisdiction, we will take steps to delete the information as soon as possible. If you become aware that a child under sixteen (16) has provided us with personal data, please contact us immediately by using the contact address specified under this Privacy Policy.

11 Links to other sites

We may propose hypertext links from the Website to third-party websites or Internet sources. We do not control and cannot be held liable for third parties’ privacy practices and content. Please read their privacy policies carefully to find out how they collect and process your personal data.

12 Updates to Privacy Policy

We may revise or update this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy via the Services. If we make changes which we believe are significant, we will inform you through the Website to the extent possible and seek your consent where applicable.

Contact

For any questions or requests relating to this Privacy Policy, you can contact us by email sbtmgrp-gdpruk@g.softbank.co.jp.

Cookie Policy

What are cookies?

Cookies are small text files that are placed on your computer or mobile phone when you visit a website. They are widely used in order to make websites work or to work more efficiently. The cookies help our Website to recognise your device and remember information about your visit (e.g., your preferred language, font size and other preferences).

How do we use cookies?

We do not use cookies to track you individually or to identify you, but to allow us to operate the Website as you have requested and facilitate your navigation on our Website and use of its features, so as to provide you with a seamless experience.

We use Google Analytics, analytics tools that help us measure traffic and track usage statistics in order to understand how visitors access and use our Website. We use the information collected through cookies to help improve our Website and to compile aggregate statistics about how our Website is used by visitors. Please note that in this context, Google Analytics collects your personal data through the use of cookies on our Website. Learn more about how Google Analytics uses cookies, and how it collects and processes data at Google Analytics.

How to manage your cookies preferences

Most browsers allow you to manage your cookies preferences by changing your browser settings. You may thus set your browser to: (i) automatically accept or refuse all cookies; (ii) automatically accept or refuse first party cookies and/or third party cookies; or (iii) notify you before any cookies are set on your terminal equipment so that you have the opportunity to accept or refuse such cookies.

Consequently, if you consent to our use of cookies but later wish to opt out, you may do so at any time through your browser settings, delete the cookies which have been set and change your browser settings to block all or part of any future cookies. The “Help” function on your browser should tell you how. Alternatively, the following links provide instructions for managing cookie settings on commonly used browsers:

Chrome;
Internet Explorer;
Mozilla Firefox; and
Safari (for Mac, for iPhone, iPad, or iPod touch).

In addition, if you do not want Google Analytics to be used in your browser, you can:

install the Google Analytics browser add-on and/or
opt-out through the Network Advertising initiative consumer opt-out system.

In addition, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers.

Moreover, you can use another online service that enables you to manage advertisement cookies placed on your devices: http://www.youronlinechoices.com/.

Please note yet that if you block cookies, your experience on our Website may be impacted as we may then not be able to provide you with full access to all functionalities and content on our Website.

How long do we retain cookies?

We consider that your consent to cookies is valid for a maximum period of 30 days. After such a time frame, we will ask for your consent again.