Hitachi Asia Privacy Terms and Conditions

Hitachi, Ltd. (hereinafter referred to as “Hitachi”) handles various information, including our technical information and information provided by customers, as a global supplier who can provide total solution. With this in mind, Hitachi has strived to establish and fully enforce an information management system in order to respect the value of the said information.

Considering such background, Hitachi will attempt to create rules and establish a management system for the personal information protection in Hitachi, as well as to set a privacy policy and spread it among board members and employees. Moreover, Hitachi will take measures to make the privacy policy easily accessible to general public.

Hitachi will strive to protect personal information appropriately based on this policy.

1. Establish rules for managing personal information protection and make continual improvements
   Hitachi will make sure that executive staff and workers recognize the importance of personal information protection, and will establish rules for personal information management to appropriately use and protect personal information and ensure that the management system is put in execution. These rules will be maintained and improved continually.
2. Collect, use and provide personal information and forbid the use of such information for purposes other than the original intent
   While carefully considering the personal information is entrusted to us in our company activities, Hitachi will handle such information appropriately by establishing a management system for personal information protection for each type of business, and also by following our rules for collecting, using or providing personal information. In addition, Hitachi will not use such information for purposes other than the original intent and will implement appropriate measures for it.
3. Implement safety measures and correct problems
   To ensure the correctness and safety of personal information, in accordance with the rules for information security, Hitachi will implement various measures such as managing access to personal information, restricting the means for transporting personal information outside the company and preventing incorrect access from outside the company, and strive to prevent the leakage, loss or destruction of personal information. In addition, when any problems regarding safety measures are found, Hitachi will identify the cause to take corrective measures.
4. Follow laws and norms
   Hitachi will follow the Japanese laws, guidelines and other norms for the handling of personal information. Also, Hitachi will conform our rules with personal information management to such laws, guidelines and other norms.
5. Respect a person’s rights regarding his or her personal information
   When a person makes a request to disclose, correct or delete his or her own personal information, seeks to prevent the use or provision of such information, or gives any complaints or requires consultation, Hitachi will respond with sincerity, respecting the person’s rights related to that personal information.

This document, “About Personal Information Protection”, establishes the handling of all personal information by Hitachi in the company activities.

Scope >

Hitachi protects and manages the personal information with the greatest care and the best effort based on the “Hitachi Privacy Policy”. In this document, “Personal information” is the information below that can be used to identify specific persons.

Information provided by person to Hitachi by entering in “Inquiry form” or other forms.

Information provided by person to Hitachi through any method other than the above.

Personal information >

1. In relation to Hitachi’s main business activities for electrical machinery parts, information communication machinery parts, electronic parts manufacturing and the information service, Hitachi will collect and use personal information only to achieve each purpose. When Hitachi requires a person to provide his/her personal information, we will clearly state the purpose of the use beforehand to obtain the consent of the person.
2. Hitachi will not provide personal information to a third party without first obtaining the prior consent from the person, except the circumstances under certain conditions.
3. When required to do so for business activities in which Hitachi is co-operating with Hitachi group companies, Hitachi may provide such group companies with personal information such as names, workplace or home addresses, telephone numbers, fax numbers, e-mail addresses, etc.

Details >

When a person wants to request to disclose, correct, add, delete, stop usage, stop provision to a third party, or notify the purpose of usage of his/her personal information (hereinafter referred to as “disclose and so on”) held by Hitachi, or wants to raise complaints, the person is requested to submit his/her request via the form here.

1. Request to person about provision of personal information, acquisition of prior consent, and personal information protection
2. Notification on handling of “About Personal Information Protection”
3. Notes about usage of cookies and Web beacons on website
4. When a person contacts Hitachi by telephone, the conversation may be recorded to aid accurate replies.

Request to person >

Notification on handling of “About Personal Information Protection” >

About usage of cookies and Web beacons >

For inquiries about this document except the request to disclose and so on of personal information and the raising complaints, please contact us in the following way.

Contact through Inquiry form >

Diperbuat pada April 1, 2005
Dikemaskini pada April 1, 2010

Hitachi, Ltd. (selepas ini dirujuk sebagai “Hitachi”) menangani pelbagai maklumat, termasuk maklumat teknikal kami serta maklumat yang diberi oleh pelanggan-pelanggan, sebagai pembekal global yang boleh memberikan penyelesaian yang menyeluruh. Dengan pertimbangan ini, Hitachi telah berusaha untuk menubuhkan dan melaksanakan sepenuhnya suatu sistem pengurusan maklumat supaya dapat menghormati nilai maklumat tersebut.

Dengan mempertimbangkan latar belakang sebegini, Hitachi akan cuba mewujudkan kaedah-kaedah dan menubuhkan suatu sistem pengurusan untuk perlindungan maklumat peribadi di Hitachi, serta untuk menetapkan suatu polisi privasi dan menyebarkannya antara ahli-ahli lembaga dan pekerja-pekerjanya. Selanjutnya, Hitachi akan mengambil tindakan-tindakan untuk memudahkan akses orang ramai ke polisi privasi ini.

Hitachi akan berusaha untuk melindungi maklumat peribadi secara sesuai berdasarkan polisi ini.

1. Menubuhkan kaedah-kaedah untuk menguruskan perlindungan maklumat peribadi dan melaksanakan penambahbaikan yang berterusan
   Hitachi akan memastikan bahawa kakitangan-kakitangan dan pekerja-pekerja eksekutif mengiktiraf kepentingan perlindungan maklumat peribadi, dan akan menubuhkan kaedah-kaedah untuk digunakan oleh pengurusan maklumat peribadi secara sesuai dan melindungi maklumat peribadi dan memastikan bahawa sistem pengurusan ini dilaksanakan. Kaedah-kaedah tersebut akan dikekalkan dan ditambahbaikan secara berterusan.
2. Mengumpulkan, menggunakan dan memberikan maklumat peribadi dan melarangkan penggunaan maklumat tersebut untuk tujuan-tujuan selain daripada tujuan asal
   Hitachi akan, sambil berhati-hati mempertimbangkan maklumat peribadi yang diamanahkan kepada kami dalam aktiviti-aktiviti syarikat kami, menggunakan maklumat tersebut secara bersesuaian dengan menubuhkan suatu sistem pengurusan untuk perlindungan maklumat peribadi untuk setiap jenis perniagaan, dan juga dengan mengikuti kaedah-kaedah kami untuk pengumpulan, penggunaan atau pemberian maklumat peribadi. Tambahan pula, Hitachi tidak akan menggunakan maklumat tersebut untuk tujuan-tujuan selain daripada tujuan asal dan akan melaksanakan langkah-langkah yang sesuai untuknya.
3. Pelaksanaan langkah-langkah keselamatan dan membetulkan masalah
   Demi memastikan ketepatan dan keselamatan maklumat peribadi, berdasarkan kaedah-kaedah untuk keselamatan maklumat, Hitachi akan melaksanakan pelbagai tindakan seperti mengurus akses kepada maklumat peribadi, menyekat cara-cara untuk mengangkut maklumat peribadi ke luar syarikat dan menghalang akses yang salah dari luar syarikat, dan berusaha untuk mengelakkan kebocoran, kehilangan atau kemusnahan maklumat peribadi. Tambahan pula, apabila apa-apa masalah mengenai langkah-langkah keselamatan ditemui, Hitachi akan mengenal pastikan puncanya untuk melaksakan tindakan pembetulan.
4. Mengikuti undang-undang dan norma-norma
   Hitachi akan mengikuti undang-undang, garis-garis panduan dan norma-norma yang lain Jepun untuk menangani maklumat peribadi. Selanjutnya, Hitachi akan membuatkan supaya kaedah-kaedah kami mengenai pengurusan maklumat peribadi akan mengikuti undang-undang, garis-garis panduan dan norma-norma lain tersebut.
5. Menghormati hak seseorang mengenai maklumat peribadinya
   Apabila seseorang membuat permintaan untuk mendedahkan, membetulkan atau memadamkan maklumat peribadinya, bertujuan untuk menghalangkan penggunaan atau pemberian informasi tersebut, atau membuat apa-apa aduan atau memerlukan perundingan, Hitachi akan menjawab secara ikhlas, serta menghormati hak pihak tersebut mengenai maklumat peribadi tersebut.

Dokumen ini, “Mengenai Perlindungan Maklumat Peribadi”, menubuhkan pengendalian kesemua maklumat peribadi oleh Hitachi dalam aktiviti-aktiviti syarikat.

Skope >

Hitachi melindungi dan mengurus maklumat peribadi dengan penjagaan yang paling teliti dan usaha yang terbaik berdasarkan “Polisi Privasi Hitachi”. Dalam dokumen ini, “Maklumat peribadi” adalah maklumat di bawah yang boleh digunakan untuk mengenal pasti orang-orang tertentu.

1. Maklumat yang diberi kepada Hitachi dengan memasukkannya ke dalam “Borang pertanyaan” atau borang-borang yang lain.
2. Maklumat yang diberi kepada Hitachi dengan cara-cara selain daripada yang dinyatakan di atas.

Maklumat Peribadi >

1. Mengenai aktiviti-aktiviti perniagaan utama Hitachi untuk komponen-komponen jentera elektrik, komponen-komponen jentera komunikasi maklumat, pembuatan komponen-komponen elektrik dan perkhidmatan maklumat, Hitachi akan mengumpulkan dan menggunakan maklumat peribadi untuk mencapai tujuan tertentu sahaja. Apabila Hitachi memerlukan seseorang memberikan maklumat peribadinya, kami akan menyatakan secara jelas tujuan penggunaan maklumat itu terlebih dahulu supaya mendapat persetujuan orang tersebut.
2. Hitachi tidak akan memberikan maklumat peribadi kepada pihak ketiga tanpa mendapatkan keizinan daripada orang tersebut terlebih dahulu, kecuali dalam keadaan-keadaan di bawah syarat-syarat yang tertentu
3. Apabila diperlukan untuk berbuat demikian untuk aktiviti-aktiviti perniagaan di mana Hitachi bekerjasama dengan syarikat-syarikat kumpulan Hitachi, Hitachi akan memberikan syarikat-syarikat kumpulan tersebut maklumat peribadi seperti nama, alamat-alamat tempat kerja atau rumah, nombor-nombor telefon, nombor-nombor faks, alamat-alamat e-mel, dll.

Apabila seseorang mahu meminta untuk mendedahkan, membetulkan, menambahkan, memadamkan, menghentikan penggunaan, menghentikan pemberian kepada pihak ketiga, atau memberitahu tujuan penggunaan maklumat peribadinya (selepas ini dirujuk sebagai “mendedahkan dan lain-lain”) yang disimpan oleh Hitachi, atau mahu membuat aduan, seseorang itu diminta supaya menyerahkan permintaannya melalui boring disini

1. Permintaan kepada seseorang tentang pemberian maklumat peribadi, pemerolehan persetujuan terlebih dahulu, dan perlindungan maklumat peribadi
2. Pemberitahuan tentang penggunaan “Mengenai Perlindungan Maklumat Peribadi”
3. Nota-nota mengenai penggunaan cookies dan beacon-beacon Web di laman web
4. Apabila seseorang menghubungi Hitachi melalui telefon, perbualan tersebut akan dirakamkan untuk membantu dalam pemberian jawapan yang tepat.

Permintaan daripada seseorang >
Pemberitahua tentang penggunaan “Mengenai Perlindungan Maklumat Peribadi” >
Penggunaan cookies dan beacon-beacon Web >

Untuk pertanyaan tentang dokumen ini kecuali permintaan untuk mendedahkan dan lain-lain maklumat peribadi dan membuatkan aduan, sila menghubungi kami melalui cara berikut.

Menghubungi melalui borang Pertanyaan >

Hitachi Asia Ltd. (hereinafter referred to as “HAS”) handles various information, including technical information and information provided by our business partners such as customers and suppliers. With this in mind, HAS strives to establish and fully enforce an information management system in order to respect the value of the said information.

HAS has put in place rules for the collection, use and disclosure of personal data by HAS and/or its parent and related companies. HAS will strive to protect personal data based on this Hitachi Asia Privacy Terms and Conditions (hereinafter referred to as “this HAS Privacy T&C”) and in accordance with the Singapore Personal Data Protection Act 2012 (hereinafter referred to as “the PDPA”)

By using this website, you acknowledge that you have read and understood this HAS Privacy T&C and agree to the collection, use or disclosure of any personal data submitted by you to us, as described in this HAS Privacy T&C. If you do not so agree, please do not submit any personal data. Please also do not submit personal data of other individuals to us through this website unless you have obtained their express consent for you to do so. We shall be entitled to assume that you have duly obtained such consent if you submit personal data of other individuals to us through this website.

If you are under the age of 13, please do not submit any personal data.

1. Establish rules for managing personal data protection and make continual improvements
   HAS will make sure that employees recognize the importance of personal data protection, and will establish rules for personal data management to appropriately use and protect personal data. These rules will be maintained and improved continually.
2. Collect, use and/or disclose personal data and forbid the use or disclosure of such data for purposes other than which the personal data was collected
   HAS will handle your personal data appropriately by establishing a management system for personal data protection for its various business lines. HAS will not use such personal data for purposes other than the original purpose for which it was collected and in accordance with the PDPA and other applicable law.
3. Implement safety measures and correct problems
   To ensure the integrity and safety of personal data, HAS has implemented various measures such as managing access to personal data, restricting the means for transporting personal data outside the company and preventing unauthorised access, and strive to prevent the leakage, loss or destruction of personal data. In addition, should any problems regarding personal data safety measures be found, HAS will identify the cause and take immediate corrective measures.
4. Follow laws and regulations
   HAS will follow the PDPA and will use reasonable endeavours to follow best practices for the collection, use and disclosure of personal data.
5. Respecting your rights regarding your personal data
   Whenever you make a request to access or correct your personal data, or withdraw your consent to us using your own personal data, HAS will respond with sincerity, respecting your rights in relation to that personal data in accordance with the PDPA.

HAS protects and manages personal data with reasonable endeavours based on this HAS Privacy T&C. “Personal data” refers to information that can be used to identify you. This may include your name, e-mail address, mobile and home telephone numbers, and home address.

The provisions of this HAS Privacy T&C do not apply to “business contact information” as defined in the PDPA, which includes an individual’s name, position name or title, business telephone number, business address, business e-mail address or business fax number and any other similar information about an individual, not provided by the individual solely for personal purposes.

1. In relation to HAS’s business and operational activities, HAS will collect, use or disclose personal data for the purpose of responding to your inquiry and reporting and/or channeling to its parent company, HAS’s related companies and/or other Hitachi group companies, about your inquiry. HAS may also collect, use and disclose your personal data for the following purposes (“Purposes”):
   • Execution of a contract concluded between HAS, HAS’s parent or related companies or other Hitachi group companies and a business partner;
   • Contacts for business negotiations and meetings with a business partner;
   • Delivery of after-sales service on products, and sending of information on events and new products;
   • Marketing purpose such as sending emails, promotions and other marketing materials relating to products and offerings by HAS, HAS’ parent or related companies or other Hitachi group companies;
   • Execution of business, including system development, operation and maintenance, entrusted by a business partner;
   • Affairs of stocks;
   • Response to various inquiries from a business partner;
   • Analysis based on questionnaires to improve products and services; and
   • Provision of personal data to HAS’s parent or related companies or other Hitachi group companies in case of co-operation with them.
2. HAS will not retain any personal data provided by you or automatically collected by us any longer than reasonably necessary for Purposes and other valid business or legal purposes.

1. HAS may disclose, in accordance with the PDPA and other applicable law, your personal data to HAS’s parent and related companies and other Hitachi group companies in order to achieve the Purposes. HAS may further disclose, in accordance with the PDPA and other applicable law, relevant personal data to certain third parties in connection with the provision of any product, item or service to HAS including any outsourcing services and telecommunication services. In addition, if necessary and in accordance with the PDPA and other applicable law, HAS may disclose personal data to our auditors and other outside professional advisers and to other parties that provide products or services to us, such as business process outsourcing providers, telecommunication and IT systems providers and consulting firms.
2. Where the processing of personal data is delegated to a third party data processor, such as those listed above, HAS will delegate such processing in writing, will choose a data processor that provides sufficient guarantees with respect to technical and organizational security measures governing the relevant processing and will ensure that the processor acts on our behalf and under our instructions. In addition, HAS will impose in writing appropriate data protection and information security requirements on such third party data processors.
3. International Transfers of Personal Data
   HAS may, in connection with the purposes set out in Section E paragraphs 1 and 2 above, transmit personal data to other members of the Hitachi group or to other third parties, located in Japan or other jurisdictions where data protection laws may not provide an equivalent level of protection to the laws in your home jurisdiction. HAS will take steps to establish appropriate data protection and information security requirements with such recipients to confirm that personal data is properly protected in accordance with this HAS Privacy T&C and the PDPA.
4. Additional Disclosures of Personal Data
   Personal data also may be disclosed, where permitted by the PDPA and other applicable law, to protect your vital interests, to protect the legitimate interests of HAS (unless this would prejudice your rights and freedoms or interests), to comply with any notice, order, directive, summons, subpoena or other forms of request from any judicial, administrative or regulatory body, any government or public or government agency, any instrumentality or authority or any domestic or foreign tax, revenue, fiscal or monetary authority or agency, or in HAS’s judgment to comply with applicable law. The recipients of these disclosures may be located in Japan or other countries where data protection laws may not provide an equivalent level of protection to the laws in your home jurisdiction, and in such cases, HAS will take steps to establish appropriate data protection and information security requirements with such recipients to confirm that personal data is properly protected in accordance with this HAS Privacy T&C and the PDPA.

HAS may use cookies and web beacons (also known as clear GIFs) to enhance your experience of our website. Cookies are pieces of information that we place on your computer to help us accurately understand how many consumers are visiting the site, how often they visit, and what content they are most interested in. Cookies and clear GIFs let HAS know how many people are coming to the site, how frequently, and how they are using the site, allowing us to make updates to content and improve navigation as appropriate.

You may refuse to accept cookies and web beacons by changing the settings of your web browser. However, do note that your usage of our website may be affected if you disable cookies and web beacons.

You may at any time:

1. Request access to your personal data and how it has been used/disclosed within the last year; or
2. Request for correction of your personal data.

Please note that we may charge you a reasonable fee to cover the costs of responding to your data access request.

Please see Section H below should you wish to make an access or correction request.

If you have other questions about this Website or how HAS collects, uses and discloses your personal data, including how you can make access and correction requests, please contact us using the following “Inquiry Form”.

https://www2.hitachi.com/inquiry/region/myanmar/en/general/form.jsp

If you submit to us any inquiry or opinion, we would like you to carefully read and agree to the terms stipulated in this document, otherwise please note that we may not answer the inquiry.

Requests for withdrawal of consent for HAS to collect, use and disclose your personal data as described in this HAS Privacy T&C should be made via mail to HAS’s data protection officer at the following address:

Data Protection Officer
Hitachi Asia Ltd.
20 Pasir Panjang Road,
#05-21, Mapletree Business City,
Singapore 117439

This HAS Privacy T&C may be updated from time to time to reflect changes and/or developments in data protection laws, regulations, guidelines, codes and industry practices and other applicable law. Revisions to this HAS Privacy T&C will be published on this website.

This notice describes how Hitachi Asia Ltd. – Philippine Branch (“HAS”) processes your Personal Information, the types of Personal Information we process, the purposes for which we process that Personal Information, the other parties with whom we may share it and the measures we take to protect the security of the data. It also tells you about your rights with respect to your Personal Information, and how you can contact us about our privacy practices.

Please note that this notice applies to the extent our processing of your Personal Information is subject to Philippines law, including the Data Privacy Act of 2012, its Implementing Rules and Regulations, and the issuances of the National Privacy Commission.

“Personal Information” refers to any information, whether recorded in a material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual.

We may collect the following categories of Personal Information:

• Personal identifiers, contacts, and characteristics (for example, name and contact details)
• Website usage and other similar information collected via automated means, such as cookies and similar technologies
• Job applications and related information when you apply for a job with us
• Business contact information when you work for one of our business partners

Most of the Personal Information we process is provided to us directly by you or via a third party who has been duly authorised by you to disclose your personal data to us for one of the following reasons:

• To apply for a job with us.
• To submit queries, requests, applications, complaints, and feedback.
• To maintain a business relationship with us.

We also receive Personal Information indirectly, from the following sources in the following scenarios:

• HAS may use cookies and web beacons to enhance your experience of our website. Cookies are text files that are stored on the user’s computer system in the Internet browser or by the Internet browser. When a user visits a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the user’s browser to be identified when the website is loaded again. Cookies help us understand how many users are visiting the site, how frequently, and how they are using the site, allowing us to update content and improve website navigation accordingly.

With regard to the collection of Personal Information for business purposes, we may use your Personal Information to:

• Perform obligations in the course of or in connection with our provision of the goods and/or services requested by you;
• Respond to, handle, and process queries, requests, applications, complaints, and feedback from you;
• Manage your relationship with us;
• Comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and Investigations conducted by any governmental and/or regulatory authority; and
• Effect any other incidental business purposes related to or in connection with the above.

With regard to the collection of Personal Information for recruitment purposes, we may use your Personal Information to:

• assess and evaluate your suitability for employment in any current or prospective position within the Hitachi organisation;
• verify your identity and the accuracy of your personal details and other information provided;
• perform administrative and human resources related tasks, including granting access to our premises and arranging interviews; and
• facilitate our compliance with any laws, customs and regulations which may be applicable to us.

Where required under the Data Privacy Act, we will only process your Personal Information with your consent; as necessary to fulfil our contracts with you; to comply with a legal obligation; or when there is a legitimate interest that necessitates the use of your Personal Information.

We store your Personal Information in secure servers and in physical files in locked cabinets.

We may share your Personal Information with:

• Our parent company and related companies and other Hitachi group companies
• Service providers acting on our behalf.
• Other entities as required under applicable law, or in the event of a sale or transfer of our business assets.

We implement and maintain reasonable and appropriate technical, organizational, and physical security measures to protect your Personal Information and only retain it for a limited period of time.

We also take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrolment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.

Personal Information stored on paper records is shredded completely before disposal in an appropriate manner. Personal Information stored on electronic media is deleted in a permanent and complete manner.

Under the Data Privacy Act, you have rights including:

• Your right to be informed – you have the right to be informed whether Personal Information pertaining you shall be, are being, or have been processed, including the existence of automated decision-making and profiling.

• Your right to object – you have the right to object to the processing of your Personal Information where such processing is based on consent or legitimate interest.

• Your right to access – you have the right to access information on the processing of your Personal Information.

• Your right to rectification – you have the right to dispute the inaccuracy or error in your Personal Information and have us correct the same within a reasonable period.

• Your right to erasure or blocking – you have the right to request for the suspension, withdrawal, blocking, removal, or destruction of your Personal Information from our systems.

• Your right to data portability – you have the right to obtain from us a copy of your Personal Information and/or have it transmitted from us to another, in an electronic or structured format that is commonly used and allows for your further use.

• Your right to damages – you have the right to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your Personal Information, taking into account any violation of your rights and freedoms as a data subject.

• Your right to file a complaint – you have the right to file a complaint with the National Privacy Commission in case of a perceived violation of your rights as a data subject.

If you have any concern about our use of your Personal Information, or if you would like to exercise your rights as a data subject, you can contact our Data Protection Officer using the following contact information:

Ms. Elsa Vida
E-mail address: dataprotection.ph.gv@hitachi.com
Local contact number : 632 88869018
Local Extension number: 102
Address: Zuellig Building, Unit 8, 11th Floor, Makati Avenue, corner Paseo de Roxas, Makati, 1225, Philippines

You can also file a complaint with the National Privacy Commission in case you believe there has been a problem with respect to our use of your Personal Information.

Hitachi Asia Ltd. (hereinafter referred to as “HAS”) handles various information, including technical information and information provided by our business partners such as customers and suppliers. With this in mind, HAS strives to establish and fully enforce an information management system in order to respect the value of the said information.

HAS has put in place rules for the collection, use and disclosure of personal data by HAS and/or its parent and related companies. HAS will strive to protect personal data based on this Hitachi Asia Privacy Terms and Conditions (hereinafter referred to as “this HAS Privacy T&C”) and in accordance with the Singapore Personal Data Protection Act 2012 (hereinafter referred to as “the PDPA”)

By using this website, you acknowledge that you have read and understood this HAS Privacy T&C and agree to the collection, use or disclosure of any personal data submitted by you to us, as described in this HAS Privacy T&C. If you do not so agree, please do not submit any personal data. Please also do not submit personal data of other individuals to us through this website unless you have obtained their express consent for you to do so. We shall be entitled to assume that you have duly obtained such consent if you submit personal data of other individuals to us through this website.

If you are under the age of 13, please do not submit any personal data.

1. Establish rules for managing personal data protection and make continual improvements
   HAS will make sure that employees recognize the importance of personal data protection, and will establish rules for personal data management to appropriately use and protect personal data. These rules will be maintained and improved continually.
2. Collect, use and/or disclose personal data and forbid the use or disclosure of such data for purposes other than which the personal data was collected
   HAS will handle your personal data appropriately by establishing a management system for personal data protection for its various business lines. HAS will not use such personal data for purposes other than the original purpose for which it was collected and in accordance with the PDPA and other applicable law.
3. Implement safety measures and correct problems
   To ensure the integrity and safety of personal data, HAS has implemented various measures such as managing access to personal data, restricting the means for transporting personal data outside the company and preventing unauthorised access, and strive to prevent the leakage, loss or destruction of personal data. In addition, should any problems regarding personal data safety measures be found, HAS will identify the cause and take immediate corrective measures.
4. Follow laws and regulations
   HAS will follow the PDPA and will use reasonable endeavours to follow best practices for the collection, use and disclosure of personal data.
5. Respecting your rights regarding your personal data
   Whenever you make a request to access or correct your personal data, or withdraw your consent to us using your own personal data, HAS will respond with sincerity, respecting your rights in relation to that personal data in accordance with the PDPA.

This Privacy Notice prescribes Hitachi Asia (Thailand) Co., Ltd. (“the Company”, “we”, “us” or “our”) fundamental principles in handling all personal data obtained, either directly or indirectly, by us. The Company and all our employees, business partners, vendors or other third parties who perform work for or on behalf of us are fully committed to protect your privacy and ensure that your personal data will be processed in accordance with the applicable data protection laws including the Personal Data Protection Act, B.E. 2562 (the “PDPA”). Your collected personal data will always be kept safe and secure.

This Privacy Notice comprises of:

• What is personal data?
• What personal data do we collect?
• How do we collect your personal data?
• How do we use your collected personal data?
• When do we disclose or share your collected personal data?
• Do we transfer your collected personal data overseas?
• When do we inform you about your personal data?
• What are your rights under the PDPA?
• How long do we keep your collected personal data for?
• What measures do we use to secure your collected personal data?
• When do we make changes to this Privacy Notice?
• How to contact us?

Please carefully read this Privacy Notice to understand how we handle your personal data and your rights to your personal data. This Privacy Notice is subject to change at any time while our relationship with you continues. So, you should come back and read this Privacy Notice from time to time. If there is any significant change to our Privacy Notice which may affect the rights to your personal data, we will inform you without delay by announcing on our website.

Our website may contain hyperlinks to websites owned and operated by third parties. These third-party websites have their own privacy policies, and are also likely to use cookies. We recommend that you review the third-parties’ policies which will govern the use of personal data which you may submit when visiting these websites and which may also be collected by cookies. We do not accept any liability for using such third-party websites.

If you have questions or do not understand any part of this Privacy Notice or wish to exercise your rights relating to your collected personal data, please do not hesitate to contact us at https://www2.hitachi.com/inquiry/region/thailand/en/general/form.jsp.

Under the PDPA, a personal data means any data or information relating to an individual which enable us to identify such individual, whether directly or indirectly, from that data or information alone or in a combination with other identifiers we possess or can reasonably access, except information of the deceased. The personal data can be categorised as follows:

• General personal data – means any personal data which is not sensitive personal data e.g. name and surname, gender, date of birth, age, nationality, contact number, photo, address, and email address.
• Sensitive personal data – means a special category of personal data under the PDPA consisting of racial or ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behaviour, criminal records, health data or disability condition, trade union information, genetic data, and biometric data.

The type of personal data we collect from you may be different depending on who you are and your relationship with us. The collected personal data may include:

If you do not or are unable to provide your personal data which we require, we may not be able to establish a relationship with you or offer you our products and/or services including our employment with you and other benefits and welfare.

We will collect your personal data directly from you, but sometimes from publicly available sources and/or from other third parties, provided that we will ensure that we fully comply with the PDPA.

Those other third parties may include our subsidiaries, authorised business partners, service providers or vendors.

We collect, use, disclose, transfer or process your personal data by fair and lawful means to the extent necessary to achieve our purposes. The lawful basis includes:

1. Obtaining your consent to use your personal data;
2. Believing that the use of your personal data is of vital interest or to prevent or avoid danger to a person’s life, body or health;
3. Believing that the use of your personal data is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
4. Believing that the use of your personal data is necessary for the performance of our task carried out in the public interest or in the exercise of official authority vested in us;
5. Believing that the use of your personal data is necessary for the legitimate interests pursued by us or by a third party, unless the interests are overridden by your interests or fundamental rights and freedoms;
6. Believing that the use of your personal data is necessary for the establishment, complaint, exercise or defence of legal claims against you; and
7. Believing that the use of your personal data is necessary for compliance with a legal obligation to which we are subject.

We may use your personal data for purposes as follows:

4.1     Our contract with you

We will rely on the performance of contracts to which you are a party to use your personal data. Depending on the nature of each contract with us, we may use your personal data for the following reasons:

• Processing recruitment and selection, evaluate the qualification of candidates;
• Procuring, issuing or executing contracts, registering your account with us; and/or
• Exercising rights or performing obligations under executed contracts.

4.2     Our legitimate interests

We may rely on the purpose of legitimate interests pursued by us or by a third party which require us to use and process your general personal data, except where such interests are overridden by your interests or fundamental rights and freedoms.

For instance, we have legitimate interests which allow us to process your collected personal data in the following circumstances:

• Business communication;
• Maintaining security and safety of persons and properties on our premises e.g. using of CCTV surveillance, recording your entry and exit information from the Company;
• Contacting relatives or contact persons in emergency cases e.g. emergency contact persons of employees; and/or
• Designating a beneficiary for life insurance.

4.3     Our legal compliances and legal claims

We will rely on the purpose of legal compliances when it is required or allowed by any applicable laws to which we are subject. For instance, we rely on legal compliance or legal obligation grounds to process your collected personal data in the following circumstances:

• Performing obligations under the laws with government authorities such as the Revenue Department, Social Security Office, Department of Skill Development, Department of Labour Protection and Welfare, Empowerment for Person with Disabilities Fund, Department of Legal Execution and Student Loan Fund; and/or
• Complying with the applicable laws, notifications, and orders, or for litigation proceedings, processing data under subpoenas including the exercise of rights relating to personal data.

We may rely on the legal claims basis to process your sensitive personal data to establish, comply, exercise or defend legal claims against you or initiate litigation action to protect our interests.

4.4     Consents

We will process your collected personal data on grounds of consents; especially, in the case where our processing activities have potential impact on your sensitive personal data.

We may inform you of the objectives of our personal data usage and request your consent or explicit consent to process your collected personal data in the following circumstances:

• When we do not have other lawful grounds to process your general personal data or sensitive personal data, e.g. processing criminal records for your recruitment and selection process, processing copies of ID cards containing sensitive personal data for contract execution;
• When we intend to transfer your collected personal data overseas and the destination country has lesser data privacy standards; or
• When you are classified as a minor, quasi-incompetent or incompetent of which the consent will be requested from your legal representatives, guardians or curators, as the case may be.

We may disclose to or share your collected personal data with other third parties to achieve the specific purposes for which the personal data was collected. The third parties who we may disclose or share your collected personal data with may include:

• Group companies and subsidiaries;
• Governmental agencies, regulatory or judicial authorities;
• Commercial banks;
• Hospitals, doctors, and nurses;
• Authorised business partners, service providers or vendors; or
• Police.

When we disclose or share your collected personal data with any third parties, we will conduct necessary and appropriate supervision of the third parties to ensure safe processing of disclosed or shared personal data, by, for instance, entering into an agreement regarding the processing of personal data with the third parties.

We may transfer your collected general personal data and/or sensitive personal data to group companies or third parties located in countries outside Thailand for the purposes prescribed in this Privacy Notice.

We will only transfer your collected personal data to a country that, in the view of the Thai Personal Data Protection Commission, has adequate data protection or privacy laws. Where such data security standards are deemed inadequate, we will provide appropriate safeguards to protect your interest or the transfer will take place if one of the exceptions defined by the PDPA is met. The exceptions are where:

• the transfer is necessary for compliance with the law;
• you have explicitly consented to the proposed transfer after having been informed of the possible risks of such transfer due to the absence of adequate security standards or safeguards;
• the transfer is necessary for the performance of a contract with you or the implementation of pre-contractual measures taken at your request;
• the transfer is necessary for the conclusion or performance of a contract in your interest between us and another natural or legal person;
• the transfer is necessary to protect your vital interests or those of other persons, and the data subject is incapable of giving consent; or
• the transfer is necessary for important reasons of public interest.

Before or at the time of collecting your personal data, we will always inform you of our purposes of processing your personal data. Only in some circumstances, it is not necessary for us to inform you of our processing purposes, such as when:

• you are already aware of such new purposes or details of processing of your personal data;
• we believe that notice of such new purposes or the details of our processing is impossible or will obstruct the use or disclosure of your personal data, where we have taken suitable measures to protect your rights, freedoms and interests;
• it is urgent to use or disclose your collected personal data as required by law and we have implemented suitable measures to protect your interests; or
• we are aware of or acquire your personal data from our duty, occupation or profession, and we have maintained such new purposes or certain details with confidentiality as required by law.

Under the PDPA, you have the following rights in respect of your personal data:

1. Right to access
   You have a right to access and obtain a copy of personal data that we hold about you, or you may ask us to disclose the sources of where we obtained your collected personal data that you have not given consent.We will respond to your request as soon as reasonably possible but not exceeding thirty (30) days after receiving your request.
2. Right to data portability
   You have a right to request us to transfer your collected personal data to other persons/organisations, or request to see your collected personal data that we have transferred to other persons/organisations, unless it is impossible due to technical circumstances.
3. Right to object to the processing of your collected personal data
   You have a right to object to the processing of your collected personal data, unless there are circumstances that do not allow you to make the objection. This may include when we have compelling legitimate grounds or when the processing of your collected personal data is carried out to comply, exercise or defend legal claims or for our public interest.
4. Right to erasure
   You have a right to request us to delete, destroy or anonymise your collected personal data in the following circumstances where:

    

   1. Your collected personal data is no longer necessary for the purpose for which it was collected, used or disclosed;
   2. You have withdrawn your consent to which the collection, use or disclosure is based on and we do not have legal grounds to collect, use or disclose your collected personal data;
   3. You have objected to the collection, use or disclosure of your collected personal data and we do not have legal grounds to reject your request; and/or
   4. Your personal data has been unlawfully collected, used or disclosed under the PDPA.
5. Right to restrict the processing of your collected personal data
   You have a right to request us to restrict the processing of your collected personal data in the circumstances when:

    

   1. It is under the pending examination process of checking whether your collected personal data is accurate, up-to-date, complete and not misleading;
   2. It is your collected personal data that should be deleted or destroyed as it does not comply with the laws, but you request to restrict it instead;
   3. Your collected personal data is no longer necessary to be retained for the purpose for which it was collected, used or disclosed, but you still have the necessity to request the retention for the purposes of the establishment, compliance, exercise of legal claims or the defence of legal claims; and/or
   4. We are pending verification in order to reject the objection request to the collection, use or disclosure of your collected personal data.
6. Right to rectification
   You have a right to rectify inaccurate personal data in order to make it accurate, up-to-date, complete and not misleading. If we reject your request, we will record such rejection with reasons.
7. Right to lodge a complaint
   You have a right to make a complaint in the case of where we, our data processors including our employees or contractors do not comply with the PDPA or other notifications or announcements under the PDPA.
8. Right to withdraw consent
   You may withdraw your consent at any time, unless we have a lawful basis to deny your request. We would like to also inform you that your consent withdrawal may affect our relationships with you or the products and/or the services that will be provided to you by us. This is because, for instance, the personal data, if remaining after consent withdrawal, may be insufficient for us to render complete services that you need, or we may need time to request additional information from you.If you change your mind about how you would like us to have or process your collected personal data and would like to withdraw your consent, you can tell us anytime by contacting us at the provided details in the “Contact Us” section.

Upon our receipt of a request to exercise your rights, we may, in certain cases, request additional information in order to confirm your identity and your rights as part of our security measures.

We will only retain your collected personal data for as long as it is necessary for the specific purposes for which the personal data was collected. This means that the retention periods will vary according to the type of your collected personal data and the purpose or reason that we collect the personal data. If we do need to keep your collected personal data for a longer period to comply with the legal obligation, or if some existing claims or complaints will reasonably require us to keep your personal data or for regulatory or technical reasons, we will continue to protect that collected personal data.

We have procedures in place regarding our retention periods, which are kept under constant review, taking into account the purposes for processing your collected personal data and the lawful basis for doing so.

We may need to retain images and video footages from CCTV surveillance systems installed for security and safety of persons and properties within our premises for 90 days.

We will delete, destroy, permanently anonymise or otherwise dispose of all collected personal data at the end of the retention period, or when we must comply with your request for erasure of your collected personal data.

If you have any questions, please contact us at the provided details in the “Contact Us” section.

We adopt security measures to keep your collected personal data safe and secure as well as to prevent loss or damage and illegal or unauthorised collection, access, use, modification, correction, disclosure or otherwise processing of your collected personal data. Our security measures which are applied to all types of data processing regardless of whether the collected personal data is processed electronically or in paper form, include encryption and other forms of security.

We require our employees and third parties who carry out work on our behalf to comply with the PDPA and the appropriate privacy standards including obligations to protect any leakage of personal data and to apply appropriate security measures for the processing of personal data.

We consistently maintain our security procedures and measures and if an improvement proves to be needed, we will promptly correct or update our security procedures and measures taking into account the appropriate physical, technical and organisational security procedures and measures to ensure a level of security of your collected personal data appropriate to the respective risk and the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing.

We assure that all collected personal data will be stored safely and securely with strict and adequate security standards. If you have a reason to believe that your collected personal data has been breached or if you have any questions regarding this Privacy Notice, please contact us at the provided details in the “Contact Us” section.

We reserve the right to change, amend or update this Privacy Notice at any time as it deems appropriate. We will notify you of the changes on our website in which you can check at any time.

If you have any comments, suggestions, questions or want to make a complaint or exercise your rights regarding your personal data, please contact us at https://www2.hitachi.com/inquiry/region/thailand/en/general/form.jsp or visit Hitachi Asia Website, click “Contact Us” and select Thailand in “Other Enquiries” section.

Data Protection Officer for this form:
Hitachi Asia (Thailand) Co., Ltd. Personal Data Personnel

E-mail address: hasth.pdpa.rf@hitachi.com
Local contact number: +6626329292
Address: 12th Floor, Ramaland Bldg., No.952 Rama IV Road, Suriyawongse, Bangrak, Bangkok 10500

Hitachi Asia Ltd. (hereinafter referred to as “HAS”) handles various information, including technical information and information provided by our business partners such as customers and suppliers. With this in mind, HAS strives to establish and fully enforce an information management system in order to respect the value of the said information.

HAS has put in place rules for the collection, use and disclosure of personal data by HAS and/or its parent and related companies. HAS will strive to protect personal data based on this Hitachi Asia Privacy Terms and Conditions (hereinafter referred to as “this HAS Privacy T&C”) and in accordance with the applicable local personal data protection laws and regulations (hereinafter referred to as “the PDPA”)

By using this website, you acknowledge that you have read and understood this HAS Privacy T&C and agree to the collection, use or disclosure of any personal data submitted by you to us, as described in this HAS Privacy T&C. If you do not so agree, please do not submit any personal data. Please also do not submit personal data of other individuals to us through this website unless you have obtained their express consent for you to do so. We shall be entitled to assume that you have duly obtained such consent if you submit personal data of other individuals to us through this website.

If you are under the age of 13, please do not submit any personal data.

1. Establish rules for managing personal data protection and make continual improvements
   HAS will make sure that employees recognize the importance of personal data protection, and will establish rules for personal data management to appropriately use and protect personal data. These rules will be maintained and improved continually.
2. Collect, use and/or disclose personal data and forbid the use or disclosure of such data for purposes other than which the personal data was collected
   HAS will handle your personal data appropriately by establishing a management system for personal data protection for its various business lines. HAS will not use such personal data for purposes other than the original purpose for which it was collected and in accordance with the PDPA and other applicable law.
3. Implement safety measures and correct problems
   To ensure the integrity and safety of personal data, HAS has implemented various measures such as managing access to personal data, restricting the means for transporting personal data outside the company and preventing unauthorised access, and strive to prevent the leakage, loss or destruction of personal data. In addition, should any problems regarding personal data safety measures be found, HAS will identify the cause and take immediate corrective measures.
4. Follow laws and regulations
   HAS will follow the PDPA and will use reasonable endeavours to follow best practices for the collection, use and disclosure of personal data.
5. Respecting your rights regarding your personal data
   Whenever you make a request to access or correct your personal data, or withdraw your consent to us using your own personal data, HAS will respond with sincerity, respecting your rights in relation to that personal data in accordance with the PDPA.

HAS protects and manages personal data with reasonable endeavours based on this HAS Privacy T&C. “Personal data” refers to information that can be used to identify you. This may include your name, e-mail address, mobile and home telephone numbers, and home address.

The provisions of this HAS Privacy T&C do not apply to “business contact information” as defined in the PDPA, which includes an individual’s name, position name or title, business telephone number, business address, business e-mail address or business fax number and any other similar information about an individual, not provided by the individual solely for personal purposes.

1. In relation to HAS’s business and operational activities, HAS will collect, use or disclose personal data for the purpose of responding to your inquiry and reporting and/or channeling to its parent company, HAS’s related companies and/or other Hitachi group companies, about your inquiry. HAS may also collect, use and disclose your personal data for the following purposes (“Purposes”):
   • Execution of a contract concluded between HAS, HAS’s parent or related companies or other Hitachi group companies and a business partner;
   • Contacts for business negotiations and meetings with a business partner;
   • Delivery of after-sales service on products, and sending of information on events and new products;
   • Marketing purpose such as sending emails, promotions and other marketing materials relating to products and offerings by HAS, HAS’ parent or related companies or other Hitachi group companies;
   • Execution of business, including system development, operation and maintenance, entrusted by a business partner;
   • Affairs of stocks;
   • Response to various inquiries from a business partner;
   • Analysis based on questionnaires to improve products and services; and
   • Provision of personal data to HAS’s parent or related companies or other Hitachi group companies in case of co-operation with them.
2. HAS will not retain any personal data provided by you or automatically collected by us any longer than reasonably necessary for Purposes and other valid business or legal purposes.

1. HAS may disclose, in accordance with the PDPA and other applicable law, your personal data to HAS’s parent and related companies and other Hitachi group companies in order to achieve the Purposes. HAS may further disclose, in accordance with the PDPA and other applicable law, relevant personal data to certain third parties in connection with the provision of any product, item or service to HAS including any outsourcing services and telecommunication services. In addition, if necessary and in accordance with the PDPA and other applicable law, HAS may disclose personal data to our auditors and other outside professional advisers and to other parties that provide products or services to us, such as business process outsourcing providers, telecommunication and IT systems providers and consulting firms.
2. Where the processing of personal data is delegated to a third party data processor, such as those listed above, HAS will delegate such processing in writing, will choose a data processor that provides sufficient guarantees with respect to technical and organizational security measures governing the relevant processing and will ensure that the processor acts on our behalf and under our instructions. In addition, HAS will impose in writing appropriate data protection and information security requirements on such third party data processors.
3. International Transfers of Personal Data
   HAS may, in connection with the purposes set out in Section E paragraphs 1 and 2 above, transmit personal data to other members of the Hitachi group or to other third parties, located in Japan or other jurisdictions where data protection laws may not provide an equivalent level of protection to the laws in your home jurisdiction. HAS will take steps to establish appropriate data protection and information security requirements with such recipients to confirm that personal data is properly protected in accordance with this HAS Privacy T&C and the PDPA.
4. Additional Disclosures of Personal Data
   Personal data also may be disclosed, where permitted by the PDPA and other applicable law, to protect your vital interests, to protect the legitimate interests of HAS (unless this would prejudice your rights and freedoms or interests), to comply with any notice, order, directive, summons, subpoena or other forms of request from any judicial, administrative or regulatory body, any government or public or government agency, any instrumentality or authority or any domestic or foreign tax, revenue, fiscal or monetary authority or agency, or in HAS’s judgment to comply with applicable law. The recipients of these disclosures may be located in Japan or other countries where data protection laws may not provide an equivalent level of protection to the laws in your home jurisdiction, and in such cases, HAS will take steps to establish appropriate data protection and information security requirements with such recipients to confirm that personal data is properly protected in accordance with this HAS Privacy T&C and the PDPA.

HAS may use cookies and web beacons (also known as clear GIFs) to enhance your experience of our website. Cookies are pieces of information that we place on your computer to help us accurately understand how many consumers are visiting the site, how often they visit, and what content they are most interested in. Cookies and clear GIFs let HAS know how many people are coming to the site, how frequently, and how they are using the site, allowing us to make updates to content and improve navigation as appropriate.

You may refuse to accept cookies and web beacons by changing the settings of your web browser. However, do note that your usage of our website may be affected if you disable cookies and web beacons.

You may at any time:

1. Request access to your personal data and how it has been used/disclosed within the last year; or
2. Request for correction of your personal data.

Please note that we may charge you a reasonable fee to cover the costs of responding to your data access request.

Please see Section H below should you wish to make an access or correction request.

If you have other questions about this Website or how HAS collects, uses and discloses your personal data, including how you can make access and correction requests, please contact us using the following “Inquiry Form”.

https://www2.hitachi.com/inquiry/region/vietnam/en/general/form.jsp

If you submit to us any inquiry or opinion, we would like you to carefully read and agree to the terms stipulated in this document, otherwise please note that we may not answer the inquiry.

Requests for withdrawal of consent for HAS to collect, use and disclose your personal data as described in this HAS Privacy T&C should be made using the following “Inquiry Form”.

https://www2.hitachi.com/inquiry/region/vietnam/en/general/form.jsp

This HAS Privacy T&C may be updated from time to time to reflect changes and/or developments in data protection laws, regulations, guidelines, codes and industry practices and other applicable law. Revisions to this HAS Privacy T&C will be published on this website.