SUMMARY OF PRIVACY NOTICE
This summary Privacy Notice ("Summary Notice") will provide you with a summary of the accompanied, detailed Privacy Notice (hereafter "Full Notice", together "Summary and Full Notice") on the data processing activities of Casio Computer Co. Ltd, located at 6-2, Hon-machi 1-chome, Shibuya-ku, Tokyo 151-8543, Japan ("Casio", "we", "us" or "our") with respect to individually identifiable information ("Personal Data") about users of our App, G-SHOCK MOVE, and its web version (collectively, "App").
Scope of applicability This Summary and Full Notice applies to you if you are a user of our App.
Processing of your Personal Data (categories of Personal Data) We process the following of your Personal Data collected during your use of our App: (i) your Casio ID and data registered therewith, and profile data registered by yourself with the App; (ii) device identifier, system or setting data, usage data and other device information of your mobile device and watch product used in combination with the App ("Watch" together with such mobile device, collectively, "Devices"); (iii) your heart rate, location and other activity data recorded in the App and Devices [*1]; and (iv) any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you. For more details see 1. of the Full Notice.
[*1] Depending on the model of Devices, certain activity data cannot be functionally recorded by the App and Devices. For example, if your Watch does not have a heart rate sensor, your heart rate data is not measured and recorded by the App and Devices and therefore is not collected and processed by us unless manually entered into the App by yourself.
Processing purposes We process your Personal Data for the following purposes: (i) providing the functions of the App and Devices; and (ii) conducting statistical analyses for development of our products and services. For more details see 2. of the Full Notice.
Legal justifications for the processing of your Personal Data One of the key privacy law requirements is that any processing of Personal Data has to have a legal justification. We generally use the following legal justifications: (1) You have given your consent to the processing (Art. 6(1)(a) GDPR; "Consent Justification"), and (2) the processing is necessary for (a) the performance of a contract to which the data subject is party (Art. 6(1)(b) GDPR; "Contract Justification"), (b) compliance with a legal obligation (Art. 6(1)(c) GDPR; "Legal Obligation Justification") and (c) realizing a legitimate interest (Art. 6(1)(f) GDPR; "Legitimate Interest Justification"). For more details and the matching of purposes and corresponding legal justifications see 3. of the Full Notice.
Data transfers and recipients and legal justification for such transfers We transfer your Personal Data to our service providers, in accordance with applicable law, other governmental authorities, courts, external advisors, and similar third parties, some of the aforementioned recipients located in jurisdictions outside the EU. For more details see 4. of the Full Notice.
Retention periods for and deletion of your Personal Data Your Personal Data will be deleted once they are not any longer needed for the purposes motivating their original collection or as required by applicable law. For more details see 5. of the Full Notice.
Your statutory rights You have a number of rights with regard to the processing of your Personal Data, each as per the conditions defined in applicable law, such as the right to have access to your Personal Data, to have them corrected, erased or handed over. Please refer any of your questions to app1+gshock-move@casio.co.jp. For more details see 6. of the Full Notice.
Adobe Analytics This App uses Adobe Analytics Cloud ("Adobe Analytics"), an analytics service provided by Adobe Systems Incorporated ("Adobe"). Adobe Analytics uses cookies, which are text files placed on your mobile device or other hardware device, or certain unique identifiers for your device to help us analyze how users use the App. By selecting the appropriate setting on the App following the App’s guidance, you may refuse or opt-out of the processing of information relating to your usage of the App by Adobe using the cookies or unique identifiers. For more details see 7. of Full Notice.
Firebase Services and Google Analytics for Firebase This App uses certain Firebase Services and Google Analytics for Firebase (collectively, "Firebase"), an analytics service provided by Google, Inc. ("Google"). Firebase uses cookies, which are text files placed on your computer, mobile device or other hardware device, or certain unique identifiers for your device to help us analyze how users use the App. You may refuse or opt-out of the collection of information generated by the cookies and relating to your usage of the App and the processing of such information by Google by selecting the appropriate settings on the App following the App’s guidance. For more details see 8. of Full Notice.
Connection with third party’s apps The App has a feature to connect the App with certain apps provided by a third party ("Third Party Apps") by linking your user account of the Third Party Apps in order to automatically send your Personal Data in whole or in part to such Third Party Apps. Such feature is enabled by setting your user account of the Third Party Apps on the App following the App’s guidance. In no event your Personal Data will be sent to any Third Party Apps without your permission and your setting to do so. Your Personal Data sent to the Third Party Apps by such feature will be processed by a provider of such Third Party Apps pursuant to applicable terms of use, privacy policy and other terms and conditions set forth by such provider. (In such case, this Summary and Full Notice will not apply to you.)
Changes of this Summary and Full Notice as well as further notices This Summary and Full Notice are subject to change. You will be notified adequately of any such changes. Further, you will be notified adequately through further relevant privacy notices (e.g. for specific purposes) in case such is not covered by this Summary and Full Notice.
How to contact Us If you wish to exercise your data subject rights or if you have any other questions concerning this Summary and Full Notice, please address your request to us and/or our representative in European Economic Area (“EEA“), who can be contacted at the following addresses:
Our contact information:
| Company name: | Casio Computer Co. Ltd. |
|---|---|
| Address: | 6-2, Hon-machi 1-chome, Shibuya-ku, Tokyo 151-8543, Japan |
| E-mail address: | app1+gshock-move@casio.co.jp |
Our representative in EEA (only applies if you are in the EEA):
| Company name: | Casio Europe GmbH |
|---|---|
| Address: | Casio-Platz 1 D-22848 Norderstedt, Germany |
| E-mail address: | dataprotection@casio.de |
Full Notice
We are delighted about your interest in our App. Your privacy is important to us. Hereafter we provide you with detailed information on dealing with your personal data on this App.
This Full Notice applies to information you provide to us or that we collect automatically when you access, use, or register with our App. This Full Notice does not apply to information we collect when you visit or use our websites or otherwise, such as when you communicate with us through email, text, or other electronic means. For information regarding how we collect and use information when you visit or use our websites, including web-based pages accessible through our App, please refer to our respective website privacy notice.
1. Categories of Personal Data
We process the following Personal Data about you (hereinafter jointly "Your Data"):
| (i) | your Casio ID and information registered therewith (including your name, email address and other information registered therewith) and profile data registered by yourself with the App, including your birth date, height, weight, sex and any other profile data (hereinafter jointly "Profile Data"); |
|---|---|
| (ii) | device identifier, model name, OS version, system or setting data, usage data and other device information of your Devices (hereinafter jointly "Device Data"); |
| (iii) | your heart rate, location, activity date and time, and other activity data recorded in the App and Devices (including numerical data calculated from measurement of your activity log data) (hereinafter jointly "Activity Data"); and |
| (iv) | any other information related to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you (hereinafter jointly "Form Data") . |
2. Processing purposes
We process Your Data to the extent permitted or required under applicable law, for the following purposes:
- to (i) operate the App by providing you with the respective functionalities of the App, (ii) monitor, analyse and maintain the performance of the App and Watch, and (iii) review and improve the App and Watch (hereinafter jointly "Technical Purposes");
- to conduct user analyses for statistical purposes to develop, review and improve our products and services other than the App and Watch (hereinafter "Development Purposes"); and
- to get in contact with you concerning your queries, security and fraud prevention (hereinafter "Contact Purposes").
3. Legal justification for the processing of Your Data
Generally, the processing of Your Data is voluntary. However, if you do not provide Your Data, your user experience of the App may be different or the use may be impossible.
Furthermore, we rely on the following legal justifications for the processing of Your Data:
[Processing purposes: (i) Categories of Your Data involved: (ii) Legal basis]
- Technical Purposes: (i) Profile Data and Device Data: (ii) Contract Justification - Technical Purposes: (i) Activity Data: (ii) Consent Justification - Development Purposes: (i) Profile Data, Device Data and Activity Data: (ii) Consent Justification - Contact Purposes: (i) Form Data: (ii) Legitimate Interest Justification (Our legitimate interest is to address any query you submit as well as to detect and prevent any possible fraud.)
4. Data transfers and recipients and legal justification for such transfers
4.1 Recipients
| (i) | Third parties: We may transfer Your Data to governmental agencies and regulators, courts, and government authorities, all in accordance with applicable law based on Legal Obligation Justification and to external advisors acting as controllers (e.g., lawyers, accountants, auditors etc.) based on Legitimate Interest Justification. |
|---|---|
| (ii) | Service providers: We contract with third party service providers as part of our normal business operations in connection with operating the App and with other technical and organizational services. |
| (iii) | A list of data recipients can be found in the Annex containing the identity, short description of the processing activity and location of the relevant data recipients. |
4.2 Cross-Border Data Transfers
| (i) | We may transfer Your Data outside of the country you are located. The countries in which some recipients of Your Data are located are Japan and other countries listed in the Annex which countries may include country for which the European Commission has not issued a decision that this country ensures an adequate level of data protection. |
|---|---|
| (ii) | By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in Art. 46(5) GDPR or other adequate means, which are accessible via the contact details above, we have established that all recipients located outside the EEA will provide an adequate level of data protection for Your Data and that appropriate technical and organizational security measures are in place to protect Your Data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law. |
5. Retention periods for and deletion of Your Data
| 5.1 | Your Data processed for the purposes hereunder will be stored only to the extent necessary. If a judicial action is initiated, Your Data may be stored until the end of such action, including any potential periods for appeal, and will then be deleted or archived as permitted by applicable law. |
|---|---|
| 5.2 | In principle, we will retain Your Data as long as required or permitted by applicable law. Afterwards, we will remove Your Data from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it. |
6. Your statutory rights Under the conditions set out under applicable law (i.e., the GDPR), you have the following rights:
| 6.1 | Right of access: You have the right to obtain from us confirmation as to whether or not Personal Data concerning you is being processed, and, where that is the case, to request access to the Personal Data. The access information includes – inter alia – the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data have been or will be disclosed. You have the right to obtain a copy of the Personal Data undergoing processing. For additional copies requested by you, we may charge a reasonable fee based on administrative costs. |
|---|---|
| 6.2 | Right to rectification: You have the right to obtain from us the rectification of inaccurate Personal Data concerning you. Depending on the purposes of the processing, you have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement. |
| 6.3 | Right to erasure (right to be forgotten): You have the right to ask us to erase your Personal Data. |
| 6.4 | Right to restriction of processing: You have the right to request the restriction of processing your Personal Data. In this case, the respective data will be marked and may only be processed by us for certain purposes. |
| 6.5 | Right to data portability: You have the right to receive the Personal Data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those Personal Data to another entity without hindrance from us. |
| 6.6 | Right to withdraw your consent: If you have given your consent regarding certain types of processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. |
| 6.7 | Right to object: YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA BY US AND WE CAN BE REQUIRED TO NO LONGER PROCESS YOUR PERSONAL DATA. IF YOU HAVE A RIGHT TO OBJECT AND YOU EXERCISE THIS RIGHT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR SUCH PURPOSES BY US. EXERCISING THIS RIGHT WILL NOT INCUR ANY COSTS. SUCH A RIGHT TO OBJECT MAY NOT EXIST, IN PARTICULAR, IF THE PROCESSING OF YOUR PERSONAL DATA IS NECESSARY TO TAKE STEPS PRIOR TO ENTERING INTO A CONTRACT OR TO PERFORM A CONTRACT ALREADY CONCLUDED. |
7. Adobe Analytics Privacy Policy of Adobe: For more details about Adobe Analytics and the privacy policy of Adobe, see the following site: - Official website of Adobe Analytics : https://www.adobe.com/analytics/adobe-analytics.html - Privacy Policy of Adobe Analytics : https://www.adobe.com/privacy/policy.html
8. Firebase Privacy Policy of Google: For more details about Firebase and the privacy policy of Google, see the following site: - Official website of Firebase : https://firebase.google.com/ - Privacy Policy of Google : https://policies.google.com/privacy
Please note that the aforementioned rights might be limited under the applicable national data protection law. We remain the universal point of contact for your execution of these rights.
Please refer any of your questions to app1+gshock-move@casio.co.jp.
In case of complaints you also have the right to lodge a complaint with the competent supervisory authority, in particular in the member state of your habitual residence or alleged infringement of the GDPR.
Summary and Full Notice last updated: May 25, 2020
ANNEX
Data Recipients
[# Name of Data Recipient: (i) Location: (ii) Receiving Data as Controller or Processor: (iii) Short description of processing activities: (iv) Safeguards]
#1:Amazon Web Services, Inc:
(i) Japan: (ii) Processor: (iii) Support us with provisions of the App: (iv) Data Processing Agreement pursuant to GDPR
#2:Adobe Systems Incorporated:
(i) Singapore: (ii) Processor: (iii) Support us with Adobe Analytics for analyzing your personal data of the App and Watch: (iv) Standard Contractual Clauses