Privacy Policy for Residents of the European Economic Area

This Privacy Policy sets out how J. Front Retailing Co., Ltd. ("we", "us" and "our") will process as a data controller the personal data of residents of the European Economic Area (the "EEA") to the extent the General Data Protection Regulation 2016/679 ("GDPR") applies to our processing of your personal data (such as where your personal data is processed in the context of any of our establishments in the EEA).

This Privacy Policy does not form any contractual relationship between you and us, and we may amend it from time to time.

1. LAWFUL PROCESSING

We will only process your personal data:

2. WHAT PERSONAL DATA WE COLLECT ABOUT YOU

2.1 We may process the following types of personal data about you:

2.2 It is not mandatory for you to provide us with your personal data; however, if you don't, we will be unable to communicate with you to maintain our relationship with you (or your employer), to trade with you (or your employer) or discuss potential business opportunities with you (or your employer).

2.3 We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all of your personal data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware that we have inaccurate personal data relating to you. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

3. HOW WE COLLECT PERSONAL DATA.

We collect your personal data directly from you.

4. HOW WE USE PERSONAL DATA

We will process your personal data for the following purposes:

5. INTERNATIONAL TRANSFERS OF PERSONAL DATA

Your personal data may be transferred to (including accessed in or stored in) Japan which is outside the EEA. The European Commission has not yet confirmed that Japanese law offers the same level of protection of personal data as are enjoyed within the EEA. In accordance with the GDPR, we will obtain your consent to such international transfers.

6. WHEN WE MAY DISCLOSE YOUR PERSONAL DATA

We do not and will not sell, rent out or trade your personal data. We will only disclose your personal data to the following recipients:

7. HOW WE PROTECT YOUR PERSONAL DATA

We are committed to safeguarding and protecting your personal data and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect your personal data from accidental or unauthorised destruction, loss, alteration, disclosure or access.

8. YOUR RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT

8.1 Under the GDPR, you may have the following rights in relation to our processing of your personal data. The rights available to you depend on the reason for processing your personal data and other circumstances and those rights may include:

8.2 When you exercise your rights, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.

9. HOW LONG WE WILL HOLD YOUR PERSONAL DATA FOR

We will delete your personal data promptly in the event that we no longer need to hold your personal data unless otherwise agreed with you or we are required to retain your personal data for legal or auditing purposes.

10. DIRECT MARKETING

If you tell us that you do not wish us to provide you with information about our products or services and other marketing materials, we will not contact you further for the purpose of direct marketing. You can contact us using the contact details set out below.

11. USE OF COOKIES

A "cookie" is a small text file that is stored on a user's hard drive or mobile device. Cookies are generated by web servers when the user enters an internet page, and are passed to the user's computer or mobile device and stored for subsequent future access. They perform a number of functions associated with browsing websites and are used for a variety of different purposes, such as tracing users from page to page on an internet site. This can enhance a user's experience on a website, enabling the site to be personalised according to e.g. a user's preferences and browsing activities.

For more information about how we use cookies, please read our privacy policy
(http://www.j-front-retailing.com/english/privacy.php)

12. HOW WE UPDATE OR CHANGE THIS PRIVACY POLICY

We may change or update parts of this Privacy Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Policy so you are fully aware of any changes or updates. The “Last Updated” legend below indicates when this Privacy Policy was last changed.

13. HOW YOU CAN CONTACT US

If you have any queries about the contents of this Privacy Policy or your personal data, or wish to make a request in relation to your personal data, please contact us using the details set out below:

Email: gdpr@jfr.co.jp

14. HOW TO LODGE A COMPLAINT TO THE SUPERVISORY AUTHORITY

If you have concerns, please contact us using the contact details set out above and we will respond. If you are dissatisfied with our response and you still consider that we have breached your data protection rights you can lodge a complaint with a competent supervisory authority in each EEA member state.

Last Updated:15 June 2018