Last updated: (21 Nov, 2019 )
Our company operates http://www.ozuspastry.com. This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the site. We use your Personal Information only for providing and improving the Site. By using the site, you agree to the collection and use of information in accordance with this policy. Information Collection And Use While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”).
“The California Consumer Privacy Act (CCPA) is a new data privacy law that applies to certain businesses which collect personal information from California residents. The new law goes into effect on January 1, 2020.
Google already offers data protection terms pursuant to the General Data Protection Regulation (GDPR) in Europe. We are now also offering service provider terms under the CCPA, which will supplement those existing data protection terms (revised to reflect the CCPA), effective January 1, 2020. No additional action is required to accept the service provider terms if you’ve already agreed to the online data protection terms.
Please see privacy.google.com/businesses for more information about Google’s data privacy policies.
The Google Team “
We also treat carefully and protect customer’s data.
1. What is GDPR？
After several years of discussion and coordination, the EU Council entered into General Data Protection Regulation (GDPR), approved by 28 member countries, on May 24, 2016. Applications involving huge penalties (fine of 2.6 billion yen) and administrative penalties began on May 25, 2018.
Since GDPR broadly defines targeted “personal data”, it includes not only US IT giants but also all of the personal information concerning European citizens, including the domestic privacy law of the EU and EEA (European economic area) as a whole Companies (including companies in other continents).
The European Union (EU) is strictly managing the personal information of EU citizens and seeking guarantee that personal data is safe throughout Europe.In particular,Extensive information on individuals, ranging from name, photo, email address, bank details, SNS posting and website update information, location details, medical information, computer IP address, biogenetic information, philosophy, tattoo is.
Since we are web operators (operating companies / organizations)
As a data administrator (Controller), we will take the following actions.
1. Define usage and processing process of data necessary for business
3. Choose tools and contractors with systems, rules, functions that can correspond to GDPR
4. Obtain explicit prior consent from visitors about data acquisition and use
5. We will respond when we receive data confirmation or deletion request from visitors
6. Delete data that passed the storage period necessary to achieve the purpose
- As an administrator, the company shall notify the data entity in a clear and easy-to-understand expression about his / her identity, contact address, purpose of processing, presence / absence of third party provision, storage period, right held by the data entity,
- An enterprise must obtain consent in a clear manner with respect to the above, as well as enable the data entity to properly exercise the right to withdraw consent freely.
- If the personal data is not acquired directly from the data entity, the company must notify the person to obtain the information.