SUMMARY OF PRIVACY NOTICE
This summary Privacy Notice ("Summary Notice") will provide you with a summary of the accompanied, detailed Privacy Notice (hereafter "Full Notice", together "Summary and Full Notice") on the data processing activities of Casio Computer Co. Ltd, located at 6-2, Hon-machi 1-chome, Shibuya-ku, Tokyo 151-8543, Japan ("Casio", "we", "us" or "our") with respect to individually identifiable information ("Personal Data") about users of our App, G-SHOCK MOVE, and its web version (collectively, "App").
Scope of applicability
This Summary and Full Notice applies to you if you are a user of our App. Your Personal Data are processed by us in accordance with the provisions of the Regulation (EU) 2016/679 (EU General Data Protection Regulation, "GDPR") and other provisions of applicable national data protection laws. We are obliged to provide additional clarifications or protections to you, in order to comply with the Japanese Personal Information Protection Act which will apply to our processing of Personal Data including yours.
Processing of your Personal Data (categories of Personal Data)
We process the following of your Personal Data collected during your use of our App: (i) your Casio ID and data registered therewith, and profile data registered by yourself with the App; (ii) device identifier, system or setting data, usage data and other device information of your mobile device and watch product used in combination with the App ("Watch" together with such mobile device, collectively, "Devices"); (iii) your heart rate, VO2Max, location and other activity data recorded in the App and Devices [*1]; and (iv) any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you. For more details see 1. of the Full Notice.
[*1] Depending on the model of Devices, certain activity data cannot be functionally recorded by the App and Devices. For example, if your Watch does not have a heart rate sensor and/or VO2Max sensor, your heart rate data and VO2Max data are not measured and recorded by the App and Devices and therefore is not collected and processed by us unless manually entered into the App by yourself.
Processing purposes
We process your Personal Data for the following purposes: (i) providing the functions of the App and Devices; and (ii) conducting statistical analyses for development of our products and services. For more details see 2. of the Full Notice.
Legal justifications for the processing of your Personal Data
One of the key privacy law requirements is that any processing of Personal Data has to have a legal justification. We generally use the following legal justifications: (1) You have given your consent to the processing (Art. 6(1)(a) GDPR; "Consent Justification"), and (2) the processing is necessary for (a) the performance of a contract to which the data subject is party (Art. 6(1)(b) GDPR; "Contract Justification"), (b) compliance with a legal obligation (Art. 6(1)(c) GDPR; "Legal Obligation Justification") and (c) realizing a legitimate interest (Art. 6(1)(f) GDPR; "Legitimate Interest Justification"). For more details and the matching of purposes and corresponding legal justifications see 3. of the Full Notice.
Data transfers and recipients and legal justification for such transfers
We transfer your Personal Data to our service providers, in accordance with applicable law, other governmental authorities, courts, external advisors, and similar third parties, some of the aforementioned recipients located in jurisdictions outside the European Economisc Area("EEA").
Some of recipient of your Personal Data are located or have relevant operations outside of the EEA (namely, Japan, United States). By way of entering into appropriate data transfer agreements or by other adequate means, we have established that all such recipients located outside the EEA will provide an adequate level of protection for the Personal Data and that appropriate technical and organizational security measures are in place to protect Personal Data. Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law.
For more details see 4. of the Full Notice.
Retention periods for and deletion of your Personal Data
Your Personal Data will be deleted once they are not any longer needed for the purposes motivating their original collection or as required by applicable law. For more details see 5. of the Full Notice.
Your statutory rights
You have a number of rights with regard to the processing of your Personal Data, each as per the conditions defined in applicable law, such as the right to have access to your Personal Data, to have them corrected, erased or handed over. Please refer any of your questions to app1+gshock-move@casio.co.jp. For more details see 6. of the Full Notice.
Adobe Analytics
This App uses Adobe Analytics Cloud ("Adobe Analytics"), an analytics service provided by Adobe Systems Software Ireland Limited ("Adobe"). Adobe Analytics uses cookies, which are text files placed on your mobile device or other hardware device, or certain unique identifiers for your device to help us analyze how users use the App. By selecting the appropriate setting on the App following the App’s guidance, you may refuse or opt-out of the processing of information relating to your usage of the App by Adobe using the cookies or unique identifiers. For more details see 7. of Full Notice.
Connection with third party’s apps
The App has a feature to connect the App with certain apps provided by a third party ("Third Party Apps") by linking your user account of the Third Party Apps in order to automatically send your Personal Data in whole or in part to such Third Party Apps. Such feature is enabled by setting your user account of the Third Party Apps on the App following the App’s guidance. In no event your Personal Data will be sent to any Third Party Apps without your permission and your setting to do so.
Your Personal Data sent to the Third Party Apps by such feature will be processed by a provider of such Third Party Apps pursuant to applicable terms of use, privacy policy and other terms and conditions set forth by such provider. (In such case, this Summary and Full Notice will not apply to you.)
Within this app, the above settings can be used to link to Google Fit, and apply the customer data collected within Google Fit within the various functions of this app. In such instances, Casio will use the customer data collected by Google Fit within this app in accordance with the “Google Fit Developer and User Data Policy” (https://developers.google.com/fit/policy) established by Google, including the section pertaining to “Limited Uses of User Data” (https://developers.google.com/fit/policy#limited_uses_of_user_data). The data derived from Google Fit and its uses within this app are as defined below.
- Data used within this app: step count, calories consumed, heart rate, distance traveled, movement speed
- Uses of this data within this app: This data will be used for body weight, step count, and distance displays, as well as to calculate other activity values based on this data.
User data collected within this app can also be linked to various functions within Google Fit. In such instances, personal information will be handled within Google Fit in accordance with Google’s privacy policy (https://policies.google.com/privacy).
Changes of this Summary and Full Notice as well as further notices
This Summary and Full Notice are subject to change. You will be notified adequately of any such changes. Further, you will be notified adequately through further relevant privacy notices (e.g. for specific purposes) in case such is not covered by this Summary and Full Notice.
How to contact Us
If you wish to exercise your data subject rights or if you have any other questions concerning this Summary and Full Notice, please address your request to us, our data protection officer and/or our representative in EEA, who can be contacted at the following addresses:
Our contact information:
| Company name: | Casio Computer Co. Ltd. |
|---|---|
| Address: | 6-2, Hon-machi 1-chome, Shibuya-ku, Tokyo 151-8543, Japan |
| E-mail address: | app1+gshock-move@casio.co.jp |
You may contact our data protection officer by:
| Ordinary mail: | Casio Computer Co. Ltd. |
|---|---|
| Attention: |
Data Protection Officer 6-2, Hon-machi 1-chome, Shibuya-ku, Tokyo 151-8543, Japan |
| Email: | dataprotection@casio.co.jp |
Our representative in EEA (only applies if you are in the EEA):
| Company name: | Casio Europe GmbH |
|---|---|
| Address: | Casio-Platz 1 D-22848 Norderstedt, Germany |
| E-mail address: | dataprotection@casio.de |
Full Notice
We are delighted about your interest in our App. Your privacy is important to us. Hereafter we provide you with detailed information on dealing with your personal data on this App.
This Full Notice applies to information you provide to us or that we collect automatically when you access, use, or register with our App. This Full Notice does not apply to information we collect when you visit or use our websites or otherwise, such as when you communicate with us through email, text, or other electronic means. For information regarding how we collect and use information when you visit or use our websites, including web-based pages accessible through our App, please refer to our respective website privacy notice.
1. Categories of Personal Data
We process the following Personal Data about you (hereinafter jointly "Your Data"):
| (i) | your Casio ID and information registered therewith (including your name, email address and other information registered therewith) and profile data registered by yourself with the App, including your birth date, height, weight, sex and any other profile data (hereinafter jointly "Profile Data"); |
|---|---|
| (ii) | device identifier, model name, OS version, system or setting data, usage data and other device information of your Devices (hereinafter jointly "Device Data"); |
| (iii) | your heart rate, VO2Max, location, activity date and time, and other activity data recorded in the App and Devices (including numerical data calculated from measurement of your activity log data) (hereinafter jointly "Activity Data"); and |
| (iv) | any other information related to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you (hereinafter jointly "Form Data") . |
2. Processing purposes
We process Your Data to the extent permitted or required under applicable law, for the following purposes:
- to (i) operate the App by providing you with the respective functionalities of the App, (ii) monitor, analyse and maintain the performance of the App and Watch, and (iii) review and improve the App and Watch (hereinafter jointly "Technical Purposes");
- to conduct user analyses for statistical purposes to develop, review and improve our products and services other than the App and Watch (hereinafter "Development Purposes"); and
- to get in contact with you concerning your queries, security and fraud prevention (hereinafter "Contact Purposes").
3. Legal justification for the processing of Your Data
Generally, the processing of Your Data is voluntary. However, if you do not provide Your Data, your user experience of the App may be different or the use may be impossible.
Furthermore, we rely on the following legal justifications for the processing of Your Data:
[Processing purposes: (i) Categories of Your Data involved: (ii) Legal basis]
- Technical Purposes: (i) Profile Data and Device Data: (ii) Contract Justification (Necessary for the performance of a contract) (Art.6 (1) (b) GDPR);
- Technical Purposes: (i) Activity Data: (ii) Legitimate Interest Justification (to improve the usage of the App and our products and services for you) (Art. 6 (1) (f) GDPR)
- Development Purposes: (i) Profile Data, Device Data and Activity Data: (ii) Legitimate Interest Justification (to optimize the usage our products and services for you and other users) (Art. 6 (1) (f) GDPR); and
- Contact Purposes: (i) Form Data: (ii) Legitimate Interest Justification (to address any query you submit as well as to detect and prevent any possible fraud.) (Art. 6 (1) (f) GDPR)
4. Data transfers and recipients and legal justification for such transfers
4.1 Recipients
| (i) | Third parties: We may transfer Your Data to governmental agencies and regulators, courts, and government authorities, all in accordance with applicable law based on Legal Obligation Justification and to external advisors acting as controllers (e.g., lawyers, accountants, auditors etc.) based on Legitimate Interest Justification. |
|---|---|
| (ii) | Service providers: We contract with third party service providers as part of our normal business operations in connection with operating the App and with other technical and organizational services. |
| (iii) | A list of data recipients can be found in the Annex containing the identity, short description of the processing activity and location of the relevant data recipients. |
4.2 Cross-Border Data Transfers
| (i) | Some of the recipients of Your Data are located or have relevant operations outside of country or region where you are located (namely, Japan and UK as listed in the Annex), where the data protection laws may provide a different level of data protection compared to the laws in your jurisdiction. We will take all necessary measures to ensure that cross-border transfers are adequately protected as required by applicable data protection law. |
|---|---|
| (ii) | By way of entering into appropriate data transfer agreements based on Standard Contractual Clauses (2021/914/EU) as referred to in Art. 46(2) (c) GDPR or other adequate means, which are accessible upon request under the contact details above, we have established that all recipients located outside the EEA will provide an adequate level of data protection for Your Data and that appropriate technical and organizational security measures are in place to protect Your Data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing. Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law. On the other hand, transfers of Your Data to the UK and Japan jurisdiction are covered by the Decision of Adequacy referred to in Art. 45 GDPR, issued by the European Commission, and therefore the level of protection of personal data transferred to the UK and Japan is equal to that of the European Union. |
5. Retention periods for and deletion of Your Data
| 5.1 | Your Data processed for the purposes hereunder will be stored only to the extent necessary. If a judicial action is initiated, Your Data may be stored until the end of such action, including any potential periods for appeal, and will then be deleted or archived as permitted by applicable law. |
|---|---|
| 5.2 | In principle, we will retain Your Data as long as required or permitted by applicable law. Afterwards, we will remove Your Data from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it. |
6. Your statutory rights
Under the conditions set out under applicable law (i.e., the GDPR), you have the following rights:
| 6.1 | Right of access: You have the right to obtain from us confirmation as to whether or not Personal Data concerning you is being processed, and, where that is the case, to request access to the Personal Data. The access information includes – inter alia – the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data have been or will be disclosed. You have the right to obtain a copy of the Personal Data undergoing processing. For additional copies requested by you, we may charge a reasonable fee based on administrative costs. |
|---|---|
| 6.2 | Right to rectification: You have the right to obtain from us the rectification of inaccurate Personal Data concerning you. Depending on the purposes of the processing, you have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement. |
| 6.3 | Right to erasure (right to be forgotten): You have the right to ask us to erase your Personal Data. |
| 6.4 | Right to restriction of processing: You have the right to request the restriction of processing your Personal Data. In this case, the respective data will be marked and may only be processed by us for certain purposes. |
| 6.5 | Right to data portability: You have the right to receive the Personal Data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those Personal Data to another entity without hindrance from us. |
| 6.6 | Right to withdraw your consent: If you have given your consent regarding certain types of processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. |
| 6.7 | Right to object: YOU HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA BY US WHICH IS BASED ON THE NECESSITY OF PROCESSING FOR THE PURPOSES OF THE LEGITIMATE INTERESTS PURSUED BY US OR BY A THIRD PARTY, EXCEPT WHERE SUCH INTERESTS ARE OVERRIDDEN BY YOUR INTERESTS OR FUNDAMENTAL RIGHT AND FREEDOMES WHICH REQUIRE PROTECTION OF PERSONAL DATA, IN PARTICULAR IF YOU ARE A CHILD, INCLUDING PROFILING BASED ON THOSES PROVISIONS. WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR FOR THE ESTABLISHMENT EXERCISE OR DEFENCE OF LEGAL CLAIMS. MOREOVER, IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, WHERE SUCH PROCESSING IS PERMINTTED WITHOUT YOUR PRIOR CONSENT, YOU HAVE A RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IN THIS CASE YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR SUCH PURPOSES BY US. EXERCISING THIS RIGHT WILL NOT INCUR ANY COSTS. SUCH A RIGHT TO OBJECT MAY NOT EXIST, IN PARTICULAR, IF THE PROCESSING OF YOUR PERSONAL DATA IS NECESSARY TO TAKE STEPS PRIOR TO ENTERING INTO A CONTRACT OR TO PERFORM A CONTRACT ALREADY CONCLUDED. |
Please note that the aforementioned rights might be limited under the applicable national data protection law. We remain the universal point of contact for your execution of these rights.
Please refer any of your questions to app1+gshock-move@casio.co.jp.
In case of complaints you also have the right to lodge a complaint with the competent supervisory authority, in particular in the member state of your habitual residence or alleged infringement of the GDPR.
7. Analysis Tools
We may use third-party analysis tools that use cookies or identifiers for mobile devices (including similar technologies) when obtaining information from you according to this Notice. For this purpose, we may provide Your Data in an anonymous format to the provider of the third-party analysis tools. This information is handled according to agreements such as the privacy policy of the provider of the third-party analysis tools. Except in the case of the existence of any technical or fundamental difficulty, you can opt out of providing Your Data to the provider of these analysis tools via the method offered by us or the provider of the third-party analysis tools (including the following method).
Privacy Policy of Adobe: For more details about Adobe Analytics and the privacy policy of Adobe, see the following site:
- Official website of Adobe Analytics : https://www.adobe.com/analytics/adobe-analytics.html
- Privacy Policy of Adobe Analytics : https://www.adobe.com/privacy/policy.html
Summary and Full Notice last updated: November 30, 2022
ANNEX
Data Recipients
[# Name of Data Recipient: (i) Location: (ii) Receiving Data as Controller or Processor: (iii) Short description of processing activities: (iv) Safeguards]
#1: AWS Japan:
#2:Adobe Systems Software Ireland Limited: