When the personal data of an individual (hereafter, the “Data Subject”) protected by the "European General Data Protection Regulation (2016/679)” (hereafter, the “GDPR”) is directly or indirectly acquired by Furukawa Electric Industrial Cable Co., Ltd. (hereafter, the “Company”), the data controller shall process the relevant data appropriately in accordance with the GDPR (and any other applicable regulations regarding data protection provided for by EU member states).

1. Business operator name and contact information

Furukawa Electric Industrial Cable Co., Ltd.

For contact information, please refer to “9. Contact for Inquiries or Complaints” in the Privacy Policy.

2. Purposes of use for personal data

The Company shall process the personal data of the Data Subject protected by the GDPR based on the legal basis stipulated in GDPR Articles 6 and 7. In addition, special categories of personal data, etc., that require care when handling as stipulated in GDPR Articles 9 and 10 shall also be handled appropriately in accordance with the GDPR.

The Company uses personal data provided to the Company for the following purposes.

Categories of personal data

Purposes of use

Undertaking any other actions that will help the smooth flow of business and improve the products and services of the Company

The purposes of use listed above shall be revised as necessary in the future.

In order to comply with the legal obligations of the Company, reliably provide appropriate services, and carry out the business activities of the Company, the Company shall preserve the personal data of the Data Subject for the required duration.

3. Sharing personal data

The Company may share personal data with Furukawa Electric Group companies and third parties in some cases. When sharing personal data with such entities, the Company shall handle the data appropriately in accordance with GDPR Articles 26, 27, and 28. When sharing personal data with companies located outside the EEA, the Company shall implement safeguards to legally transfer the personal data outside of the region (e.g. concluding a "Standard Contract Clause") in accordance with GDPR Article 46.

4. Records of personal data processing activities

When the Company processes personal data, records related to the processing of the personal data shall be kept in accordance with the obligations stipulated in GDPR Article 30. Based on GDPR Article 31, information required for cooperation with supervisory authorities shall also be recorded.

5. Data security measures

In accordance with GDPR Article 32, the Company has formulated the "Basic Rules for Information Security" and " Information Security Measure Standards" separate from this Policy. In addition, the Company shall implement organizational safety control measures, including the development of an information security system, and shall implement technical safety control measures, including access control, identification and authentication, and prevention of unauthorized access.

6. Notification of data breaches to supervisory authorities

In preparation for the occurrence of data breaches that lead to unintentional or unlawful destruction, loss, alteration, or unpermitted disclosure or access of personal data, the Company shall institute systems and measures to promptly detect and evaluate the details of such data breaches. Based on the results of the evaluation, the Company shall make the necessary notification to the supervisory authorities and contact the affected Data Subjects.

7. Rights of the Data Subject

The Data Subject holds the following rights in regard to personal data that are collected and processed by the Company.

At any time, the Data Subject can withdraw consent for the personal data that they have provided.

When the Data Subject exercises such rights against the Company, please contact the Company as listed in "9. Contact for inquiries or complaints” in the Privacy Policy. If the Data Subject is dissatisfied with the response made to their request by the Company, or has a complaint regarding the personal data processing methods used by the Company, the Data Subject can file a complaint with the data protection supervisory authorities of the individual EU member states.

8. Automated decision-making, including profiling

The Company does not employ automated decision-making, including profiling, using personal data provided by Data Subjects.

9. Handling the personal data of children

When processing personal data for children under 16 years of age or who do not meet the age restrictions stipulated by Member State law, the Company shall appropriately process the information in accordance with GDPR Article 8 and Member State law.

10. Updates to this policy

The Company may make timely revisions or updates to this Policy. Updates to this Policy shall come into effect as soon as they are posted on this website.