POLYPLASTICS CO., LTD. (hereinafter referred to as "Company") is committed to process the personal data of the Customer (hereinafter referred to as "Personal Data"), in accordance with the following policies.

"Personal Data" means any data which are able to identify natural person living in the European Economic Area (hereinafter referred to as "EEA") (hereinafter referred to as "Customer"), including but not limited to his or her names, addresses, birth dates, gender, telephone numbers, e-mail addresses, company name, IP addresses and other online identifiers.

"Processing" means any operation which is performed on the Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The Personal Data possessed by the Company is processed for the sales, marketing survey, product management, and other customer management activities of the Company.

In the case of the Processing of the Personal Data for purposes other than the above, the Company shall notify the Customer in advance of such new purposes of the Processing and other matters as required by applicable law.

By manifesting their intentions to consent to the Privacy Policy, the Customer shall be deemed as having consented to the Processing of the Personal Data by the Company, and the Company shall process the Personal Data based on such consent; provided, however, that Customer may withdraw such consent at any time. The withdrawal of such consent shall not affect the lawfulness of the Processing based on the consent before its withdrawal.

The Company may require the Customer to provide their personal data in connection with the provision of the Company's services and information. In such case, if a certain Customer does not provide their personal data, the Company may be unable to provide the services and information.

By manifesting their intentions to consent to the Privacy Policy, the Customer shall be deemed as consented to the Processing of the Personal Data in Japan, where the European Commission has not decided on adequacy of the level of protection, without protection measures such as standard contract provisions.

With respect to the Processing of the Personal Data, the Company shall properly take organizational safety management measures, and technical safety management measures as mentioned in "9. Safety management measures".

The Company may provide the Personal Data to third parties such as the subsidiaries and affiliates of the Company, cloud vendors and outside contractors of the Company etc., to implement the purposes of the Processing specified above. Since some companies located in countries outside of the EEA (including, without limitation, Japan, the U.S., the same shall apply hereafter) are included in the third parties to whom the Company will disclose the Personal Data of the Customer, the Customer shall be deemed as having consented to the following matters by consenting to the Privacy Policy:

(1) In the case that the country in which the third parties are located is outside the EEA and does not have the same data protection laws as the EEA, i.e., many of the rights provided in the EEA to the Customers are not given.

(2) The Personal Data will be provided to the third parties located outside the EEA.

(3) The Personal Data will be provided and processed for the purposes specified above by the third parties outside the EEA to whom the Company will disclose the Personal Data of the Customer.

In the case that the Company provides the Personal Data to a third party located in a country outside the EEA, the Company shall ensure that adequate measures are taken concerning the protection of the Personal Data by executing standard contract provisions based on the EU General Data Protection Regulation, etc.

The Customer is entitled to access, request for rectification, request for erasure, request to restrict the processing, object to the processing, and request for data portability, with regards to the Personal Data retained by the Company pursuant to the provisions of relevant laws and regulations.

The Customer may object to the data protection authorities with jurisdiction over the Company or the location of the Customer's domicile with regard to the Processing of the Personal Data of the Customer.

In the event of any questions or concerns regarding the Privacy Policy or the Processing of the Personal Data by the Company, or any requests, etc., concerning the access to, rectification or erasure of, restriction of the Processing of the Personal Data, objecting to the Processing of the Personal Data, or requesting for data portability, please contact the Company. The Company determines the purpose and means of the Processing of the Personal Data.

The contact information for the Company is as follows:

https://www.polyplastics.com/InqForm/Index.do?_LOCALE=ENGLISH

With respect to the Processing of the Personal Data, the Company shall comply with the General Data Protection Regulation and related laws and regulations, and shall observe the guidelines of competent government agencies and industry guidelines.

The Company shall retain the Personal Data as long as we require such data to provide the services to the Customer.

With respect to the Processing of the Personal Data, the Company shall properly take organizational safety management measures, and technical safety management measures.

The Company may amend the Privacy Policy by publishing the amended Privacy Policy on the Company's website without any individual notice to the Customer.