Effective Date: January 1, 2023
By accessing or using our website or submitting information to us, or otherwise agreeing to this Policy, e.g., in the context of registering for any of our products or services, you understand and consent to our collection and use of your personal information as described herein.
2. PERSONAL INFORMATION WE COLLECT AND USE
Personal information is information that identifies, relates to or describes you or can reasonably be associated with or linked to you. We collect and use personal information in certain common cases, including the following:
2.1 Key Relationship Contacts.
We collect personal information from individuals who are our business contacts at our corporate customers or potential corporate customers in respect of the trading arrangements, corporate lending, project finance and/or depositor related activities performed in the United States, or at our suppliers or potential suppliers. The personal information we collect in these cases may include: your full name and job title; your work contact details (which means business postal address at the corporate customer, business e-mail address, employer/business and professional information, job title, telephone and fax numbers); transaction details (for example, where you are identified on the trade confirmation as the trader or dealer who executed the transaction with us); and any other personal information which you or our corporate customer, counterparty or supplier may voluntarily provide to us from time to time (for example, if you are a signatory to the mandate in place for management of the operational relationship that your employer has with us, your employer will provide us with evidence of your signature and may also provide us with authentication information).
We use this information to identify and communicate with you in your role as a representative of our corporate customers, counterparties and suppliers, and other recipients of our services, in order to carry out our normal day to day business activities of delivering services to corporate customers and counterparties, or receiving goods and services from suppliers. The personal information described in this paragraph is “Contact Data”
2.2 Directors and Beneficial Owners of Corporate Customers, Counterparties and Suppliers.
We may collect personal information in the context of your role as a director or beneficial owner of a corporate customer, counterparty or supplier. In addition to the information we collect from key relationship contacts, as part of our onboarding and ongoing administration processes for the management of the contractual relationship with your employer, we may also process: proof of address and proof of identity documentation, such as copies of passports which include your date of birth, full name, home address and your photographic image, and (should you voluntarily include this information) pages which include details of family members/next of kin contacts; utility bills or bank statements which include your full name and home address; other government-issued data such as tax identification number(s), visa or other evidence of right to work in a particular jurisdiction, or driving license number(s); and signatures, photographs or other visual images and personal appearance (as these may appear of the documentation provided to us.
We use this information for the purpose of meeting applicable legal obligations and regulatory expectations. The personal information described in this paragraph is “Owner Data.”
We may collect personal information in the context of your role as an applicant to, an employee of, director of, or officer of our business. The personal information we collect in these cases may include your name, social security number, address, date of birth, gender, race, ethnicity, bank account and routing number, tax filing status, emergency contact information, telephone number, family member names, educational background, criminal background and employment history, medical provider information, dependent name(s), date of birth, gender, address, medical insurance provider, compensation and benefits data, workplace, and title. We only use this information for purposes of evaluating qualifications related to your job application or your job duties; evaluating your performance or for providing compensation, benefits and services in the context of the employment relationship. The personal information described in this paragraph is “Employee Data.”
2.4 Automatically Collected Website Use Information.
By its nature, our website also automatically collects some personal information about you. In order for you to view or interact with our website, we receive individual identifiers like your IP address, and some network information like the date and time that pages are visited. We may collect this personal information even if you are not logged in. We collect some personal information automatically using cookies or other tracking technologies as described below in Section 7. The personal information automatically collected may be collected by or on behalf of third parties who may provide us with inferences or aggregate reporting based on analysis of such personal information. We use this information to allow us to operate our website, manage your access to our website, understand how you are using our website, provide you with information about our goods and services, and to send you communications about updates, information or alerts regarding our website. The personal information described in this paragraph is “Use Data.”
Our facilities may use security cameras to monitor the activity of our visitors and staff. The information collected may include video recordings of your facial image, personal appearance and behavior. Audio is not recorded. The recordings are viewed only if there is reason to believe that there has been a breach of security. We use this information to meet applicable legal obligations and regulatory expectations (for example, we have to know who accesses particular areas of our premises), to protect our premises from crime (such as theft), and to protect the personal safety of our employees and other staff. The personal information described in this paragraph is “Security Data.”
3. SOURCES FROM WHICH WE COLLECT PERSONAL INFORMATION
We may collect personal information about you from a number of sources in addition to those means of collection indicated above, including offline or through sources unrelated to your use of our website. For example, we may collect personal information from publicly accessible sources (e.g., property records); directly from a third party (e.g., credit reporting agencies or customer due diligence providers); or from a third party with your consent (e.g., your bank). We may merge or co-mingle that personal information with the personal information we maintain about you and other data collected on or through our website. Categories of sources from which we may collect personal information include: affiliated companies; service providers (including data analytics providers); contractors; social networks and government entities.
4. PURPOSES FOR WHICH WE COLLECT PERSONAL INFORMATION
In addition to the purposes set forth in Section 2 above, we may collect your personal information for the following purposes:
Auditing related to a current interaction with you, including, but not limited to, counting ad impressions of unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
Helping to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for these purposes;
Debugging to identify and repair errors that impair existing intended functionality;
4.4 Transient Use.
Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with us provided that your personal information is not disclosed to a third party and is not used to build a profile about you or otherwise alter your experience outside the current interaction with us;
Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage or providing similar services on our behalf;
Providing advertising and marketing services to you.
Undertaking internal research for technological development and demonstration;
4.8 Quality and Safety.
Undertaking activities to verify or maintain the quality or safety of our products and services and to improve, upgrade, or enhance our products and services; and
4.9 Commercial Interests.
Advancing our commercial or economic interests, such as by inducing a person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction.
5. LIMITED USE OF PERSONAL INFORMATION
We will only use your personal information for the purposes for which we have collected it, unless we reasonably determine we need to use it for another reason and that reason is compatible with the original purpose. For example, we consider de-identification, aggregation, and other forms of anonymization of personal information to be compatible with the purposes listed above and in your interest, because the anonymization of such information reduces the likelihood of improper disclosure of that information.
If you wish to receive an explanation as to how the processing for a particular purpose is compatible with the original purpose, please contact us via the information specified in the Contact section below.
6. OUR DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information to the following entities:
We may disclose your personal information to our main office in Japan, our branch and representative offices and entities that we control for legitimate business purposes (including, for example, the provision of loan finance to the organization for whom you work) in accordance with applicable law (“Affiliates”).
6.2 Service Providers.
We disclose your personal information to entities that process personal information on our behalf for a business or commercial purpose, including, but not limited to, back up and server hosting providers, IT software and maintenance providers, mobile telephone management providers, document storage providers and suppliers of other back office functions (such as brokers or dealing platform providers for our trading activities with market counterparties for whom you work or on whose behalf you execute such trades), and payment service providers (“Service Providers”). Service Providers are not permitted to sell or share your personal information or to use your personal information other than to perform the tasks we assign to them
We disclose personal information to entities that help us fulfill a business or commercial purpose including, but not limited to, our legal and other professional advisors (including our auditors and financial advisors), subject to legal (including contractual) confidentiality obligations or duties, any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties (including for the purposes of safeguarding the vital interests of any individual, such as the prevention of threats to public security) (“Contractors”). Contractors are not permitted to sell or share your personal information or to use your personal information other than to perform the tasks we assign to them.
6.4 Governmental Entities.
We may disclose your personal information to governmental, legal, regulatory or similar authorities, ombudsmen, or governmental agencies, or those acting on their behalf (including for the purposes of reporting any actual or suspected breaches of applicable law or regulation) (“Governmental Entities”).
6.5 Compliance with Laws.
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose your personal information to government or law enforcement officials or private parties in response to lawful requests when we believe disclosure or sharing is necessary to comply with any legal obligation, enforce or apply our terms and conditions, respond to claims and legal process, protect our services, members, dealers, our rights and/or the safety of the public or any person, or prevent or stop any illegal, unethical or legally actionable activity (including for the purposes of fraud protection).
6.6 Sale or Transfer of Business or Assets.
We may disclose some or all of your personal information in connection with a merger, bankruptcy, or other transaction in which another entity assumes control of all or part of our business. If another company or individual acquires our business, or assets, that company or individual will possess the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Policy.
8. OPTING OUT
You can make the following choices regarding your personal information:
8.1 Promotional and Other Emails.
You may choose to provide us with your email address for the purpose of allowing us to send newsletters, surveys, offers, and other materials related to our services. You can stop receiving these emails by sending a request to the email address in the Contact Us section below. If you decide not to receive these emails, we may still send you communications related to your current or former membership.
You may learn more about the use of information by and opting-out of Google Analytics by visiting its opt-out page at the following links: www.google.com/policies/privacy/partners/ and https://tools.google.com/dlpage/gaoptout .
You may disable, or delete cookies in your Web browser, but doing so may impact the usability of the website. To block cookies, you can also browse our service using your browser’s anonymous usage setting (called “Incognito” in Chrome, “In Private” for Internet Explorer, “Private Browsing” in Firefox and Safari, etc.).
8.4 Do Not Track.
Our website does not recognize and respond to “Do Not Track” requests available through many popular web browsers.
9. INTERNATIONAL TRANSFERS OF INFORMATION
Your personal information may be processed in the country in which it was collected and in other countries, where laws regarding personal information may be less stringent than the laws in your country. Therefore, in some circumstances, you might be left without a legal remedy in the event of a privacy breach or other use that is prohibited in your country. By submitting your personal information, you agree to this transfer, storage and/or processing, including all associated risks.
10. INFORMATION SECURITY
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. We make efforts to protect your personal information from improper or unauthorized loss, misuse, access, disclosure, alteration, or destruction. If you have questions about the security of your personal information, contact us at the email or regular mail address specified in the Contact section below.
11. DATA RETENTION
We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and the applicable legal requirements.
12. THIRD-PARTY LINKS
Our website may contain links to other websites or apps. We are not responsible for the privacy practices or the content of these other websites or apps. You should read the policy statement of these other websites or apps to understand their policies. When you access linked websites or apps, you may be disclosing private information. It is your responsibility to keep such information private and confidential.
We may update this Policy from time to time, in our sole discretion. When we do so, we will post the new Policy on our website. You should consult this Policy regularly for any changes. Continued use of services following posting of such changes constitutes your acknowledgement of such changes and agreement to be bound by the changes. If you do not agree, you should immediately discontinue your use of our website and services.
14. CONTACT US
If you have questions regarding this Policy, its appendices, or our treatment of your personal information, you may contact us at:
245 Park Avenue, 21st floor
New York, NY 10167-0104
Attention: Human Resources
email@example.com, with the subject “Privacy”
Copyright © 2023 The Norinchukin Bank. All rights reserved.
APPENDIX A CALIFORNIA PRIVACY RIGHTS NOTICE
Effective Date: January 1, 2023
1. YOUR CALIFORNIA PRIVACY RIGHTS UNDER THE CCPA
Under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”), if you are a resident of California you have the following rights with respect to your personal information.
1.1 Right to Know About Our Collection, Disclosure, Sharing and Sale of Personal Information about You.
Personal information as defined in the CCPA is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you, including the following categories of information: (a) identifiers; (b) categories described in California Civil Code §1798.80(e); (c) characteristics of protected classes; (d) commercial information; (e) biometric information; (f) internet or other electronic network activity; (g) geolocation data; (h) audio, electronic, visual, thermal, olfactory or similar information; (i) professional or employment related information; (j) education information; and (k) inferences drawn from such information to create a consumer profile.
You have the right to know the categories of personal information we have collected about you; the categories of sources from which we collect personal information; our business or commercial purpose for collecting, disclosing, sharing or selling personal information; the categories of third parties to whom we disclose, share or sell personal information, if any; and the specific pieces of personal information we have collected about you. Personal information includes “sensitive” personal as described below.
1.2 Right to Know About Our Collection, Disclosure, Sharing and Sale of “Sensitive” Personal Information about You.
“Sensitive” personal information as defined in the CCPA is personal information that reveals: (a) your social security, driver’s license, state identification card, or passport number; (b) your account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) your precise geolocation; (d) your racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of your mail, email, and text messages unless we are the intended recipient of the communication; and (f) your genetic data. “Sensitive” personal information also includes biometric information that is processed for the purpose of identifying you, information that is collected and analyzed concerning your health; or your sex life or sexual orientation.
You have the right to know the categories of “sensitive” personal information we have collected about you, the categories of sources from which we collect personal information, our business or commercial purpose for collecting, selling or sharing “sensitive” personal information, the categories of third parties with whom we sell or share “sensitive” personal information, if any, and the specific pieces of “sensitive” personal information we have collected about you.
1.3 Right to Delete Your Personal Information
Subject to the exceptions set out below, and upon your submission of a verifiable request, you have the right to deletion of your personal information from our records, and to have us direct our service providers, contractors and third parties to delete your personal information from their records.
We are not required to, and reserve our right to not delete your personal information if it is necessary to: (i) complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us; (ii) help to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for those purposes; (iii) debug to identify and repair errors that impair existing intended functionality; (iv) exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law; (v) comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code; (vi) engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent; (vii) enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the information; and (viii) comply with a legal obligation.
1.4 Right to Correct Inaccurate Personal Information.
Subject to the exceptions set out below, and upon your submission of a verifiable request, you have the right to correct any inaccurate personal information in our records, and to have us direct our service providers, contractors and third parties to correct any inaccurate personal information from their records.
If we cannot verify your identity pursuant to the CCPA and its regulations we may deny a request to correct. In such event, we shall inform your that your identity cannot be verified.
In determining the accuracy of the personal information that is the subject of your request to correct, we shall consider the totality of the circumstances relating to the contested personal information. We may deny your request to correct if we determine that the contested personal information is more likely than not accurate based on the totality of the circumstances.
1.5 Right to Be Free from Discrimination
You have the right to not be discriminated against by us because you have exercised any of your rights under the CCPA. This means we cannot, on the basis of the exercise of your rights thereunder, among other things, deny goods or services to you, charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provide a different level or quality of goods or services to you; or suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services or retaliate against you as an employee, applicant for employment or independent contractor.
1.6 Right to Opt-Out of the Sharing of Personal Information
Disclosure of your personal information to third parties for cross-context behavioral advertising purposes is “Share” or “Sharing” under the CCPA. This means the targeting of advertising to you based on your personal information obtained from your activity across businesses, distinctly-branded websites, applications, or services, other than our business, distinctly-branded website, application, or service.
We do not Share your personal information with third parties. If we did, you would have the right to opt-out of the Sharing of your personal information and you would be able to exercise your right by clicking a link entitled, “Do Not Sell or Share My Personal Information.” Since we do not Share your personal information, we do not provide such link.
1.7 Right to Opt-Out of the Sale of Personal Information
Disclosure of your personal information to third parties in exchange for monetary or other consideration is considered to be a “Sale” under the CCPA. We do not Sell personal information to third parties. We may engage Google Analytics to provide us with website analytical data. If so, we will apply Google Analytics in a manner that will require Google Analytics to refrain from using personal information for any purpose other than to provide website analytical data to us. Since they do not use such personal information for their own purposes, disclosure of personal information to them would not be a “Sale.”
If we were to “Sell” personal information to third parties, you would have the right to opt-out of the Sale of your personal information and you would be able to exercise your right by clicking on a link entitled “Do Not Sell or Share My Personal Information.” Since we do not Sell your personal information, we do not provide such a link.
1.8 Right to Opt-Out by Using Opt-Out Preference Signals.
If we Sell or Share your personal information, we would be required to process any opt-out preference signal, which is a signal sent by or through your browser that (a) is in a format commonly used and recognized by businesses (for example, in an HTTP header field) and (b) is sent from a platform, technology, or mechanism that makes it clear to the consumer, whether in its configuration or in disclosures to the public, that the use of the signal is meant to have the effect of opting the consumer out of the sale and sharing of their personal information (“Opt-Out Preference Signal”). Since we do not Sell or Share your personal information, we do not process Opt-Out Preference Signals.
1.9 Right to Limit the Use of “Sensitive” Personal Information
We use your “sensitive” personal information only to the extent that it is necessary to provide our goods and perform our services as reasonably expected by you. If we were to use your “sensitive” personal information other than is necessary to provide our goods and perform our services, you would have the right to limit our use of your “sensitive” personal information to that which is necessary to provide our goods and services to you and would be able to exercise your right by clicking on a link entitled, “Limit the Use of My Sensitive Information.” Since we do not use your “sensitive” personal information beyond your reasonable expectation, we do not provide such a link.
1.10 Children’s Personal Information
We do not knowingly collect or sell the personal information of minors under 16 years of age. Our website and services are available only to individuals and entities that can form legally binding contracts. You warrant that you are eighteen (18) years of age or older. If you do not qualify, you may not use our website or services.
2. HOW TO EXERCISE YOUR CCPA RIGHTS
Unless otherwise specified, to exercise any of your rights described in this Appendix A, please contact us at firstname.lastname@example.org or call us at 1-888-998-8852.
In order to verify your request, we will need you to provide us with enough information to identify you (e.g., your full name, address, and customer or matter reference number), proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill), and a description of what right you wish to exercise along with any information to which your requests relates. If feasible, we will match the identifying information provided by you with the personal information that we already maintain about you.
You may designate an authorized agent to make a request under the CCPA on your behalf. In order to fulfill your request to know or delete submitted by an authorized agent, you must provide the authorized agent written permission to do so, and we may require that you verify your own identity with us directly.
We reserve our right not to grant a consumer request if we cannot verify that the person making the request is the person about whom we have collected information, or someone authorized to act on such person’s behalf. You may only make a request to access or receive copies of personal information twice within a 12-month period. Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.
3. OUR PERSONAL INFORMATION COLLECTION, USE AND DISCLOSURE PRACTICES
A description of the personal information that we collect online and off-line is provided in Section 2 of the main Policy. The purposes for which we collect and use personal information are described in Sections 2 and 4 of the main Policy. Sources from which we receive personal information are described in Section 3 of the main Policy. Our personal information disclosure practices are described in Sections 6 and 7 of the main Policy. Our personal information retention practices are described in Section 11 of the main Policy.
3.1 Categories of Personal Information Collected; Sold or Shared for Cross-Context Behavioral Advertising; and Disclosed for a Business Purpose within the past 12 months.
|Category of Personal Information||Information Collected||Sold or Shared in the Past 12 Months?||Categories of Third Parties to Whom Sold or Shared||Disclosed for a Business Purpose in Past 12 Months?||Categories of Third Parties to Whom Disclosed|
|Individual Identifiers||Contact Data; Owner Data;
Use Data; Security Data; Employee Data
|Categories Described in California Consumer Records Act, Civil Code §1798.81.5||Contact Data; Owner Data; Use Data; Security Data; Employee Data||No||None||Yes||Contractors;
|Characteristics of protected classifications under California or federal law.||Employee Data||No||None||Yes||Contractors;
|Commercial information.||Employee Data; Owner Data||No||None||Yes||Contractors;
|Biometric information.||Employee Data||No||None||Yes||Contractors|
|Internet or other electronic network activity.||Use Data||No||None||Yes||Contractors; Service Providers|
|Geolocation data.||Security Data
|No||None||Yes||Contractors; Service Providers; Governmental Entities|
|Audio, electronic, visual, thermal, olfactory, or similar information.||Security Data||No||None||Yes||Contractors; Service Providers’
|Professional or employment-related information.||Employee Data; Owner Data||No||None||Yes||Contractors; Governmental Entities|
|Education information.||Employee Data||No||None||Yes||Contractors;
Service Providers; Affiliates
|Inferences drawn from any of the information identified above.||None||No||None||No||None|
3.2 Categories of “Sensitive” Personal Information Collected; Sold or Shared for Cross-Context Behavioral Advertising; and Disclosed for a Business Purpose within the past 12 months.
|Category of Sensitive Personal Information||Information Collected||Shared or Sold in the Past 12 Months?||Categories of Third Parties to Whom Shared or Sold||Disclosed for a Business Purpose in Past 12 Months?||Categories of Third Parties to Whom Disclosed|
|Social Security, Driver’s License,
State ID, Passport Number.
|Employee Data; Owner Data||No||None||Yes||Service Providers; Contractors|
|Account Log-in and Password||Employee Data; Contact Data; Owner Data||No||None||Yes||Service Providers; Contractors|
|Financial Account, Debit Card, Credit Card Number and account access information.||Employee Data; Owner Data||No||None||Yes||Service Providers; Contractors|
|Precise Geolocation.||Security Data; Employee Data||No||None||No||Service Providers|
|Racial or ethnic origin, religious or philosophical beliefs or union membership.||Employee Data||No||None||Yes||Governmental Entities|
|Contents of e-mail, text messages unless we are intended recipient.||Employee Data||No||None||No||None|
|Biometric Information for purpose of identification.||No||No||None||No||None|
|Health information collected and analyzed.||Employee Data||No||None||No||None|
|Sex life or sexual orientation collected and analyzed.||No||No||None||No||None|
4. OTHER CALIFORNIA PRIVACY RIGHTS
4.1 Shine the Light Request.
Individual consumers who reside in California and have provided us with their personal information may request information about our disclosures of certain categories of personal information to third parties for their direct marketing purposes. Such requests must include your name, street address, city, state, and zip code, and be submitted to us at one of the following addresses: [email address] with the subject “California Shine The Light Request” or [address], Attention: Shine the Light. Within thirty days of receiving such a request, we will provide a list of the categories of personal information disclosed to third parties for third-party direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted to addresses other than the addresses specified in this paragraph.
4.2 Minor’s Right to Remove Posted Content.
If you are a California resident under the age of 18, and a registered user of any website where this Policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information that you have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information to [email address] with the subject “Privacy Rights for Minors.” Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.