Handling of EU Resident Data
Dentsu Digital Inc.
The Company hereby sets forth, as follows, the handling policy for information relating to identified or identifiable individuals residing within the borders of the European Union (hereinafter referred to as the “EU”), including the member countries of the European Union, as well as Iceland, Liechtenstein, and Norway, based on the European Economic Area Agreement (hereinafter referred to as “EU Resident Data,” and any natural person who is the subject of EU Resident Data shall be referred to as the “EU Resident Data Subject”):
Regarding the handling of EU Resident Data, the provisions of Article 1 “Compliance with Laws and Regulations and Continuous Improvement”, Article 2 “Proper Management of Personal Information”, Article 3 “Handling of Personal Information”, Article 4 “Respect for Principal’s Rights”, and Article 5 “Handling of Complaints and Consultations” of the Personal Information Protection Policy shall be applied thereto.
- Where the Company is a Data Controller
(1) Obtaining Consent
When handling EU Resident Data as a Data Controller under the General Data Protection Regulation (hereinafter referred to as the “GDPR”), the Company shall obtain express consent from the EU Resident Data Subject regarding the handling thereof, clearly stating the matters that must be notified under the GDPR to the EU Resident Data Subject, such as the purpose of handling the EU Resident Data, except in cases where there exists a legal basis for such handling apart from the subject’s consent. When the Company provides an explanation regarding the handling of EU Resident Data upon obtaining consent, it shall use clear and plain language and clearly specify the details of the handling of such data in an understandable and easily accessible form and in a way that it is clearly distinguishable from other cases.
(2) Maintaining Records of Consent
The Company shall maintain records of consent regarding the handling of EU Resident Data obtained from the EU Resident Data Subjects in order to be able to present the same when the Company is required to present proof of such consent.
(3) Requests from the EU Resident Data Subjects
In the event that the EU Resident Data Subject exercises the rights, etc. granted to such subject under the GDPR against the Company in connection with the EU Resident Data handled by the Company, the Company shall respond thereto in accordance with the provisions of the GDPR.
- Where the Company is a Data Processor
In the event that the Company handles EU Resident Data as a Data Processor under the GDPR, the Company shall handle such EU Resident Data appropriately, in accordance with the instructions of the Data Controller of such EU Resident Data.
- Contact Information
For requests and inquiries concerning the exercise of rights, etc. provided to the subject persons of data under the GDPR in connection with the EU Resident Data handled by the Company as a Data Controller under the GDPR, please contact the Company via the contact information below. In responding to your communication, the Company will verify your identity or your agent’s identity.
- Contact Information of DPO
The Data Protection Officer (DPO) of Dentsu Digital, Inc.
Dentsu Headquarters Building
1-8-1 Higashi-Shinbashi, Minato-ku, Tokyo
Established on July 1, 2019