Data Privacy Statement and Cookie Policy

Part A

General

1. Who is Responsible, and How Can I Contact the Chief Privacy Officer?

   Within the meaning of GDPR, the Data Controller is
   KYOCERA Fineceramics Solutions GmbH
   Steinzeugstraße 92
   68229 Mannheim
   Germany
   Tel.: +49 621 40547-300
   Email: info@kyocera-solutions.de
   Commercial Register No. HRB 734232, Amtsgericht Mannheim (Municipal Court)
   General Manager: Armin Kayser

   As regards any enquiries on our processing Personal Data or on data privacy issues, you may contact our Chief Privacy Officer as follows:
   
   KYOCERA Fineceramics Solutions GmbH Datenschutzbeauftragter
   Mr Joern Menzel
   Steinzeugstraße 92
   68229 Mannheim
   Germany
   Tel.: +49 621 40547-325
   Email: datenschutz@kyocera-solutions.de

2. Your Rights as Data Subject

   Each Data Subject is granted the following Rights:

   • Right of access to stored Personal Data (Art. 15 GDPR)
   • Right of rectification of inaccurate Personal Data (Art. 16 GDPR)
   • Right of erasure and/or `Right to be forgotten` (Art. 17 GDPR)
   • Right of restriction of processing of Personal Data (Art. 18 GDPR)
   • Right of data portability (Art. 20 GDPR).

   You may object to our processing of Personal Data for marketing purposes, including customer data analyses for marketing purposes, without giving any reasons for your objection at any time.

   Furthermore, you as Data Subject are also granted a general right of objection (cf. Art. 21 subs. 1 GDPR). In any such case, the Data Subject is required to state reasons for his/her objection to data processing. To the extent our data processing is based upon your consent, you may revoke such consent with effect for the future at any time.

   To exercise your Rights simply contact us at datenschutz@kyocera-solutions.de. In addition, you are granted the right to lodge a complaint with your competent Data Privacy Supervisory Authority.

   The contact data of the supervisory authority, i.e. the Commissioner for Data Privacy and Freedom of Information of the Federal State of Baden-Wuerttemberg, competent for the registered office of our company are as follows:

   Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Wuerttemberg
   Office address:
   Königstrasse 10 a
   70173 Stuttgart
   Germany
   
   Postal address:
   Postfach 10 29 32
   70025 Stuttgart
   Germany
   Tel.: +49 711 615541-0
   Fax: +49 711 615541-15
   Email: poststelle@lfdi.bwl.de

Part B

Access and Use of Our Internet Offer/Social Media

In the sections to follow, we should like to provide you with an overview of how we ensure the protection of Personal Data when you access our website and of the types of Personal Data we process for what purposes and to what extent.

1. Data Processing Upon Access to Our Website – Logfiles

   When accessing our website, information of general nature is compiled automatically. Such information (server logfiles) includes e.g. the type of web browser, the operating system used, the domain name of your Internet service provider, etc. Additionally, your IP address is transmitted and used to grant you access to the service you request. Such information is technically required to correctly deliver the contents you request and indispensably accrues whenever you use the Internet.

   In keeping with our IT Security Concept, the logfile data so compiled are, as a rule, stored for a period of four weeks to enable us to identify and analyse any potential attacks on our website. Art. 6 subs. 1 sentence 1 lit. f) GDPR forms the legal basis for such data processing.

   Also, we avail ourselves of service providers located outside the European Union we commission, carefully select, and monitor (in general for webhosting services). To ensure the adequacy of the level of data privacy we enter into the Standard Data Protection Clauses of the EU Commission with such service providers, unless the Commission, by way of a resolution, determined the adequacy of the level of data privacy in the recipient country, or the derogation provisions set forth in Art. 49 GDPR are applicable.

2. Processing of Data When Using Our Website – Your Enquiries

   To the extent you send us an enquiry via e-mail or via our contact form, respectively, we compile the data you transmitted to process and respond to your request. We store your enquiry for documentation purposes for a maximum period of two years. Depending on the type of your enquiry, such storage period may exceed two years; we provide relevant information on the storage period in the section setting forth the respective processing purposes hereinafter. Art. 6 subs. 1 sentence 1 lit. f) DGPR forms the legal basis for such data processing.

3. Information on Ensuring Data Privacy

   On our part, we take technical and operative security measures to protect Personal Data we store against third-party access, loss, or misuse and to provide for data transfer security.

   We should like to draw your attention to the fact that, owing to the structure of the Internet, unauthorised third-party data access may not be ruled out. In consequence, encoding or protecting your data against misuse in any other way also falls within your scope of responsibilities. Without taking appropriate security measures, in particular as to any unencrypted data transmission, including transmission by e-mail, it is easy for third parties to intercept your data communications.

4. Involvement of Third-Party Services/Social Media

   1. Integration of YouTube Videos on Our Website

      We embed YouTube videos on some of our websites; such videos are stored on http://www.youtube.com and may be watched directly from our website. Art. 6 subs. 1 sentence 1 lit. f) GDPR forms the legal basis for such data processing. Such videos are embedded in ‘extended data privacy mode’, i.e. no data about you as User are transmitted to YouTube as long as you do not play the videos. It is not until you watch such videos that the following data are transmitted.
      Once you decide to watch an embedded video, the data specified below are transmitted to YouTube, such transmission being beyond our sphere of control. By watching any embedded video, YouTube obtains the information that you called up on the relevant page on our website as well as further information outlined below, the extent of which, however, we are unaware. YouTube compiles such information irrespective of whether YouTube provides a user account you are logged on to or whether a user account has not been created. When you are logged on to YouTube, your data are allocated to your account directly. Should you not wish such data allocation to your YouTube profile, you should log out prior to clicking on the button. YouTube stores your data as user profile and processes them for the purposes of marketing, market research and/or demand-based design of its website. In particular, such data analysis may result in the provision of demand-based advertisements (also for users not logged in) and be used to inform other YouTube users about your activities on our website. You may exercise a right of objection to the creation of such user profile; we recommend, however, that you exercise such right directly vis-à-vis YouTube.

      By virtue of data privacy legislation, YouTube assumes responsibility for any data it processes. For any further information about the purposes and scope of data compilation and data processing, please refer to YouTube`s Data Privacy Policy. There, you will find further information about your Rights and preferences to protect your privacy. Vis-à-vis us, YouTube has undertaken to process Personal Data in compliance with DGPR provisions.

   2. KYOCERA Profiles in Social Networks

      Further, KYOCERA Mannheim avails itself of various other Internet presence possibilities on so-called social media platforms. We are currently present on the websites of the following service providers:

      • Facebook, Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland;
        For Facebook’s data privacy policy, please refer to:
        https://www.facebook.com/privacy/explanation;
        Account URL:
        https://www.facebook.com/diesternekueche
      • YouTube, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland;
        For YouTube’s data privacy policy, please refer to:
        https://policies.google.com/privacy?hl=en
      • LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland;
        For LinkedIN’s data privacy policy, please refer to:
        https://www.linkedin.com/legal/privacy-policy
      • Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland;
        For Pinterest’s data privacy policy, please refer to:
        https://policy.pinterest.com/en-gb/privacy-policy

      For such information services, we avail ourselves of the technical platforms and services of the providers. We should like to point out that you use our Internet presence on social media platforms and their functionalities under your own responsibility. That applies, in particular, to the use of interactive functions (e.g. commenting, sharing, de-/liking). When accessing our Internet presence, the operators of social media platforms and the like compile your IP address as well as further information which is stored on your terminal in form of cookies. Such information is used to place at our disposal statistical information on the interaction with us as operator of the accounts.

      Vis-à-vis us, the service providers undertake to assume primary responsibility for processing such data under GDPR, meet all obligations arising from GDPR as to such data, and to place the substance of such undertaking at the disposal of the relevant Data Subjects. Such data processing is in our (and your) legitimate interest so as to improve User experience with appropriate target groups accessing our social media presence. Hence, Art. 6 subs. 1 lit. f) GDPR forms the legal basis for such data processing. Additionally, social media providers also use so-called ‘cookies’ which are stored on your terminal when accessing our fan page even in case you do not maintain a profile of your own with the respective social media provider or are not logged in to your profile while accessing our fan page. With the aid of such cookies, the respective social media providers are given the opportunity to create User profiles on the basis of your preferences and interests and to present you matching advertisements (inside and outside the respective social media platform). Cookies are stored on your terminal until you delete them. For any further details on this aspect, please refer to the Data Privacy Policy of the relevant social media provider.

      To the extent you use our profiles on social networks to establish contact with us (e.g. by preparing own contributions, reacting to any of our contributions, or by sending private messages to us), we process the data you communicate to us for the exclusive purpose of entering into contact with you. Hence, Art. 6 subs. 1 lit. a) and b) GDPR form the legal basis for such data processing. We delete any stored data after the expiry of 14 months, once storage of such data is no longer necessary, or you request us to delete such data; in connection with statutory retention obligations, we limit processing of stored data accordingly.

      Furthermore, we as information services provider solely process data arising from your using our services, i.e. data you place at our disposal and requiring interaction. For example, in case you submit a question which we may answer by e-mail only, we store your information in keeping with the general principles of our data processing policy we set out in this Data Privacy Statement. Art. 6 subs. 1 sentence 1 lit. f) GDPR forms the legal basis for processing such data on social media platforms.

      To exercise your Data Subject Rights you may contact us or the provider of the relevant social media platform. To the extent a party does not hold the competence to reply to a question or must obtain information from the other party, KYOCERA Mannheim or the provider refers your enquiry to the respective partner. For any enquiries as regards profile creation and/or processing of your data while accessing the website, please contact the operator of the relevant social media platform directly. For any enquiries as to processing your interaction with us you may use our contact data set forth above.

      The providers specify the type of information compiled on their social media platform and how they use such information in their data privacy policies (see table for their links). There, you may also find contact details as well as information about potential marketing preferences. For any further information about social networks and how you may protect your data, you may also refer to www.youngdata.de.

   3. Use of Facebook Pixel and Facebook Custom Audience (Remarketing)

      We use the so-called ‘Facebook pixel’ (provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) on our home sites. The Facebook pixel allows us to categorise Users visiting our websites into specific target groups. This way, we are able to present them relevant advertisements (‘Ads’) on Facebook. We do not have access to view the Data so captured (e.g. IP addresses, information about the web browser used, the location of the website, clicked buttons, pixel IDs, if any, and other characteristics). However, we may use such Data only within the framework of displaying specific Ads. When using the Facebook pixel code, so-called cookies are installed as well.

      If you have a Facebook account and are logged on to Facebook, your visit to the website will be assigned to your Facebook user account.

      To a certain extent, we make use of Facebook’s remarketing function named ‘Custom Audiences’. This way, Users having visited the website may be displayed interest-based advertisements (‘Facebook Ads’) when visiting the Facebook website or any other website also using this function. The purpose of our using this function is to display advertisements meeting your specific interest so as to make our website even more interesting for you.

      In order to exchange the relevant Data your browser automatically establishes a direct connection to Facebook’s server. We have no influence on the scope and subsequent use of the Data Facebook complies by using this tool. Hence, we herewith inform you thereof on the basis of the information presently available to us: By integrating Custom Audiences, Facebook obtains the information that you called up the relevant website of our web presence or clicked on one of our advertisements. Should you be a registered User of a Facebook service, Facebook may assign your visit to your Facebook user account. Even if you are not a registered Facebook User or have not logged on to the Facebook website, the provider may detect and store your IP address as well as further identification characteristics.

      Should you have given us your consent, we may transmit your telephone number or e-mail address to Facebook to show you relevant advertisements meeting your specific interest.

      • For any further information about how Facebook uses its Facebook pixel for advertising campaigns, please refer to https://www.facebook.com/business/ learn/facebook-ads-pixel.
      • For any further information about Facebook’s data privacy statement, please refer to https://www.facebook.com/policy.php.
      • For any further information about Facebook’s data processing, please refer to https://www.facebook.com/about/privacy.

      Purpose of Data Processing
      We make use of this function to submit to you promotional offers meeting your specific interest.

      Legal Basis
      We process your Data, because you consented to such processing or such Data processing is in our legitimate interest, Art. 6 subs. 1 sentence 1 lit. a) and f) GDPR.

      Duration of Data Storage and Control Options
      We store your Data for as long as we require them for the respective purpose (i.e. display of interest-based advertisements) or you have not objected to our storing your Data or you have not revoked your consent.

      • Users logged in to Facebook may deactivate the ‘Facebook Custom Audiences’ function at https://www.facebook.com/settings/?tab=ads#_.
      • You may change your preferences for promotional ads on Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, whenever you logged in to Facebook.

   4. Use of Pinterest Conversion Tracking Tag

      We make use of the Pinterest Conversion Tracking Tag (‘Pinterest Tag’) on our websites.

      With the aid of this tool, we can ensure that the Pinterest Ads we booked are displayed only to such Pinterest Users who showed interest in our offers. This way, we intend to share our promotional offers and product information only with such Users having shown interest in our products – and not to Users our products do not appeal to, if any.

      Furthermore, by using this tool, we may track the actions of Pinterest Users, once they clicked on, or took a look at, the Pinterest Ads we initiated. Such tracking allows us to statistically analyse and optimise the advertising campaigns we booked. This tool processes the following User Data: information about the device/terminal (e.g. type, brand), used operating system (e.g. iOS 11, Android etc.), IP address of the used device/terminal, time of call-up of our offer, type and content of our campaign, and the response to our relevant campaign (e.g. button clicks).

      We receive the Data so captured in anonymised form, i.e. such Data does not give any indication of the identity of the respective Users. Such processing for behaviour and interest-based promotional purposes is our legitimate interest pursuant to Art. 6 subs. 1 sentence 1 lit. f) GDPR.

      We store such Data in accordance with legally defined storage periods; thereafter they will be deleted automatically.

      In addition to collecting Data on the behaviour of its Users, Pinterest, on its own account, also compiles further User Data for analytical purposes. Pinterest uses the Data so collected also for promotional purposes.

      For any further information about Pinterest’s Data Privacy Statement, please refer to: https://policy.pinterest.com/en-gb/privacy-policy. You may object to Pinterest’s processing your User Data by changing the relevant preferences/options in your Pinterest account (you may find some helpful instructions on how to change the relevant preferences/options at: https://help.pinterest.com/de/articles/edit-your-settings#Web.

      Additionally, you may enable the ‘Do Not Track’ function in your browser.

Part C

Our Cookie Policy

1. General Information on the Use of Cookies

   Our website uses so-called ‘cookies’. Cookies are small data files which are installed on your terminal and stored by your browser. Cookies have for their purpose to increase the user-friendliness of our offers and render them more effective and more secure. We make use of both so-called temporary cookies, which are deleted automatically once you close your browser (‘session cookies’), and persistent (permanent) cookies.

   You may select whether you want to permit the installation of cookies or not. You may change relevant preferences via your browser settings. In general, you may choose whether you want to accept all cookies, to be informed about the installation of cookies, or to reject all cookies. Should you opt for the latter variant, we may not rule out that you cannot benefit from all functionalities of our offer.

   In connection with the use of cookies, a differentiation must be made between cookies which are absolutely necessary and cookies used for downstream purposes (measurement of access numbers, marketing purposes).

2. Cookies Absolutely Necessary to Use Our Website

   We use session cookies absolutely necessary for using our websites. These include cookies allowing us to re-identify you while accessing our website within the framework of an individual session. Such session cookies contribute to the secure use of our offer by ensuring the secure processing of order and payment processes, respectively.

3. Use of Cookies with Your Consent

   Below, you may find an overview over the cookies we install with your consent given when starting using our website. Additionally, each explanation of cookie usage also includes an opting-out possibility. Such possibilities refer to cookies to capture User behaviour on our website as well as cookies used for marketing purposes.

   1. Use of Cookies to Capture User Behaviour (Tracking)

      By using tracking cookies, we are in the position to re-identify Users when re-accessing our website and so allocate usage procedures to an internally defined code (pseudonym). This way, we may capture repeated accesses to our website and analyse interconnections.

      The following specific tracking cookies are used:

   2. Google Analytics Tracking/Google Tag Manager

      To ensure the demand-based design of our websites we generate pseudonymous User profiles with the aid of Google Analytics. Google Analytics uses targeting cookies which may be stored on your terminal and retrieved by us. This way, we are in the position to identify recurring Users, classify them as such, and find out how frequently different Users call up our websites. Art. 6 Abs. 1 lit. a) (Consent) GDPR forms the legal basis for such data processing.
      As a rule, the information about your use of our website generated by cookies is transmitted to, and stored on, a Google server located in the United States. Since IP anonymisation is activated on our website, Google truncates your IP address within member states of the European Union first. It is in exceptional cases only that any complete IP address is transmitted to a Google Server located in the United States and truncated then (for further information about the purpose and scope of data compilation, please refer to e.g. https://policies.google.com/privacy?hl=de&gl=de). Vis-à-vis us, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, undertakes to process Personal Data in compliance with GDPR provisions. In consequence, Google uses any information for strictly defined purposes to analyse the use of our websites for us and prepare reports on the activities on our websites.
      Google installs the following cookies, when you access our website and consent to the use of Google Analytics cookies:

      Name	Purpose	Expiry
      _ga	With the aid of this cookie, we may count the number of persons accessing our Internet presence after you accessed it.	[2 Years]
      _gid	With the aid of this cookie, we may count the number of persons accessing our Internet presence after you accessed it.	[24 hours]
      _gat	With the aid of this cookie, we may manage the request frequency for calling up pages.	[1 minute]

      You may revoke your consent granted any time. To such end, please make use of the following possibilities:

      • You inform us about your revoking your consent.
      • You may prevent the storage of cookies by selecting relevant settings in your browser software; please mind that you might not benefit from all functionalities of our website in their entirety in such case.
      • Further, you may prevent Google’s compiling data generated by way of cookies and referring to your use of our website (including your IP address) and Google’s processing such data by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=de

Part D

Data Privacy Statement for Business Partners and Prospects

In this part, we should like to provide you with an overview of what type of Personal Data we process, when you enter into contact with us or if you maintain business relations with us. By way of this information (applicable since 25 May 2018), we should like to comply with the duties set forth in GDPR and to set out our data processing vis-à-vis you.

This Data Privacy Statement applies to each of the companies listed below. The Data Controller within the meaning of Art. 4 No. 7 DSGVO is mentioned in the Legal Notice.

KYOCERA Europe GmbH
Address: Fritz-Mueller-Str. 27, 73730 Esslingen, Germany

KYOCERA Fineceramics Italy S.r.l.
Address: Viale delle Industrie 20/5, 20020 Arese (MI), Italy

KYOCERA Fineceramics S.A.S.
Address: Parc Icade Orly - Rungis, 21 rue de Villeneuve, 94150 Rungis, France

KYOCERA Fineceramics Ltd.
Address: Prospect House, Archipelago, Lyon Way, Frimley, Surrey GU16 7ER, England

KYOCERA Automotive and Industrial Solutions GmbH
Address: Waldstrasse 41, 63128 Dietzenbach, Germany

KYOCERA Fineceramics Solutions GmbH
Address: Steinzeugstrasse 92, 68229 Mannheim, Germany

KYOCERA Fineceramics Precision GmbH
Address: Lorenz-Hutschenreuther-Str. 81, 95100 Selb, Germany

For any enquiries as to our processing of Personal Data or any general data-privacy-related issues, please contact our Chief Privacy Officer at the above-mentioned postal address or, by e-mail at privacy@kyocera.de (or privacy.kas@kyocera.de for KYOCERA Automotive and Industrial Solutions GmbH, datenschutz@kyocera-solutions.de for KYOCERA Fineceramics Solutions GmbH, or datenschutz.selb@kyocera-precision.com for KYOCERA Fineceramics Precision GmbH).

1. Personal Data We Process

   Personal Data cover any information referring to an identified or identifiable natural person. Such Personal Data includes, inter alia, your name, your (business) contact data, as well as the relationship with a company, and your interaction/activities with us.

   We process data we receive from you within the framework of your enquiries or current contractual relationships. That is to say, in addition to your (business) contact data, such data also includes, in particular, any information exchanged, such as e-mails, orders, product specifications, and payment data. In case of business relations, you are obligated to provide Personal Data required for preparing or implementing contracts or which we are legally required to process; otherwise, we will not be in the position to perform contracts with you.

2. Scope of Data Processing and Purposes

   1. Implementation of Contract

      KYOCERA Europe GmbH Group (hereinafter KEG Group) processes data provided within the framework of placement of orders to perform contracts and may avail itself of specialised, carefully selected and monitored service providers (e.g. financial services providers, data hosting services providers, service/maintenance services providers) for such purpose. Our data processing in connection with our performance of contract includes the use of data to ensure fulfilment of our contractually agreed performance, including processing of payments through our payment services providers/bankers, provision of services within the framework of service contracts, or handling of potential warranty claims. Additionally, within the framework of financing applications, KEG Group may use, and, to the extent required, transfer data required to prepare quotations to its contract partners. Any further details as to the purposes may be gathered from the relevant contract documents. Art. 6 subs. 1 sentence 1 lit. b) GDPR forms the legal basis for such data processing.

      Any data on the sale of our products or the purchase of our services compiled with KEG Group may also be transferred to KEG Group’s external chartered public accountants and/or tax advisors for the purpose of consultancy und auditing services. KEG Group stores data compiled to perform its contracts in its operative system for as long as warranty claims exist or other purposes set forth in this Data Privacy Statement are met. Thereafter, data subject to the retention obligations pursuant to §§ 146 ff. German Fiscal Code (Abgabenordnung) or § 257 German Commercial Code (Handelsgesetzbuch), as applicable, are archived and deleted after expiry of such retention obligations. Any other data are deleted promptly, unless the data are subject to further purposes set forth in this Data Privacy Statement. As to warranty claims, data processing is based upon Art. 6 subs. 1 sentence 1 lit. b) GDPR, and as to performance of statutory obligations upon Art. 6 subs. 1 sentence 1 lit. c) GDPR.

   2. Verification Address and Credit Rating

      For the purpose of verifying addresses and credit ratings, KEG Group checks the address data as well as credit-rating data about your company, including data determined on the basis of mathematical and/or statistical methods (scoring), stored in databases of credit agencies and credit insurance companies. KEG Group initiates such verification, if some economic risk is linked to conclusion of contract and KEG Group intends to hedge against financial loss by way of such credit-rating check. Based on such information, KEG Group may grant product and/or service credits.

      Various credit agencies and credit insurance companies place addresses and credit ratings at the disposal of KEG Group. Upon request, we shall be pleased to inform you about the credit agencies and credit insurance firms we cooperate with in connection with your company. Please refer to the contact data set out above.

      KEG Group assesses the information provided by credit-rating agencies and in-Group information about your payment history to draw up its own credit rating forming the basis for granting you a credit limit. Credit-rating data are deleted five years after the final delivery of goods. Additionally, for such purpose, credit-related information may also be transferred to KYOCERA Corporation, 6 Takeda, Tobadono-cho, Fushimi-ku, Kyoto 612-8501, Japan, in the run-up to the conclusion of a contract. As confirmed by the EU Commission, Japan offers an appropriate data privacy level. Art. 6 subs. 1 sentence 1 lit. f) GDPR forms the basis for data processing as described above to offer you a product or service credit, if any.

   3. Use of Personal Data by KEG Group for Marketing Purposes

      KEG Group as well as commissioned, carefully selected, and monitored service providers (printers, letter shops etc.) use your name and address and the data cropping up within the framework of the business relationship (contact data, purchased products, ordered services, etc.) for marketing purposes, i.e. to contact you as current business partner or as prospective customer. KEG Group provides further information about KEG Group’s products and services and conducts analyses for marketing purposes (so-called marketing scoring). Additionally, KEG Group may use data it obtains from you on the basis of your consent to conduct data analyses for marketing purposes. By way of this marketing approach, we are in the position to continuously inform you about current developments of our products and services and we may ensure our providing you with the services you need, thus creating the groundwork for a sustained business relationship with you.

      KEG Group uses your telephone number for marketing purposes, to the extent you consent to such use or the requirements for your presumed consent are met – e.g. within the framework of an ongoing business relationship or following prior contacting. Furthermore, KEG Group uses the e-mail addresses contacts disclose within the framework contract conclusion to advertise similar offers. Of course, you may object to such marketing approach; please feel free to exercise such right of objection simply by referring to the above-mentioned contact data. In each individual case, we inform you about your right of objection to use your data for marketing purposes.

      For the purpose of achieving the targets as regards KEG Group’s marketing approach, we process data during the lifetime of our products and for as long as you are assigned customer status. Exceptions apply, in case, on the basis of your consent, some longer use is permissible and/or data are subject to statutory retention obligations. In the latter case, data will be deleted upon expiry of the retention period. Your exercising your right of objection, of which we inform you in Section IV., may result in some shorter processing period.

      Art. 6 subs. 1 sentence 1 lit. f) GDPR or, in case you submitted your relevant consent, Art. 6 subs. 1 sentence 1 lit. a) GDPR, respectively, forms the legal basis for such marketing use; in particular as regards your right of objection, we inform you hereinbelow.

   4. Data Processing for Press Relations

      In case you are a journalist and contact us (e.g. by telephone or in writing), we store your data to handle and retrace our communication with you. We shall be pleased to forward to your information about the KYOCERA group of companies, its products and services by e-mail or post, once you subscribe to our distribution list for press releases. We may transfer the data you provide also to supervised and monitored agencies with which we cooperate. You may object to receiving press information any time or revoke your request, respectively – please feel free to inform us thereof by referring to the contact data mentioned hereinabove or in relevant e-mails. Legally, our data processing for the purpose of press relations is based upon your consent granted pursuant to Art. 6 subs. 1 sentence 1 lit. a) GDPR and, in particular as to our sending you marketing material by mail, upon Art. 6 subs. 1 sentence 1 lit. f).

   5. Processing of Personal Data on the Grounds of Statutory Obligations

      Just like any other company headquartered within the European Union, KEG Group is subject to various legal obligations focusing on reviewing the data we store about our customers and business partners. In any such case, we process Personal Data only insofar as processing is necessary to comply with such legal requirements. To comply with such legal obligations it might be necessary to process your data in part by way of automatic equipment to assess personal aspects (profiling). Unless you are explicitly informed thereof, automated case-by-case decisions are conducted. Art. 6 subs. 1 sentence 1 lit. c) GDPR in conjunction with relevant legal provisions forms the legal basis for such data processing.

      Such legal requirements include, without limitation:

      • Prevention of fraud and money laundering
      • Fiscal monitoring and reporting obligations
      • Assessment and management of risks within the group of companies
      • Sanction lists

3. Data Transfer Within KEG Group and to Distributors

   KEG Group may transfer your customer master data (name of company, contact person, address and contact data such as telephone number and e-mail address) to other companies of KEG Group as well as to KYOCERA Corporation (address: 6 Takeda, Tobadono-cho, Fushimi-ku, Kyoto 612-8501, Japan, tel. +81 75 604 3500; fax +81 75 604 3501) (hereinafter “KC”) and to KYOCERA International Inc. (address: 8611 Balboa Avenue, San Diego, California 92123, tel. +1 858-576-2626) (hereinafter “KII”) and, as the case may be, update such data to ensure that all companies, i.e. KEG Group, KC or KII, involved in a transaction (e.g. fulfilment of contract) with you may refer to the same customer master data concerning you. Such data transfer and update help us facilitate our processes and may free you from re-entering your master data when contacting one of our group companies. Art. 6 subs. 1 sentence 1 lit. b) or f) GDPR form the legal basis for such data processing. Your Rights are safeguarded by way of regulations meeting high data privacy standards.

   In addition to master data, we may also transfer order data to other member companies of KEG Group, KC or KII, if such transfer is necessary on the grounds of your order. Various KYOCERA companies (mostly KC) produce various products; hence, to facilitate the ordering and delivery processes we may transfer delivery data. In any such case, we shall inform you of such data transfer within the framework of conclusion of contract. Art. 6 subs. 1 sentence 1 lit. b) GDPR forms the legal basis for such data processing.

   Transfer of the data you provide may also take place in the run-up to a contract. In some cases, the products/services you request might not be distributed by our company, but by different companies within KEG Group or by external companies (i.e. independent of Kyocera) (in particular by distributors). In any such case, we may transfer your enquiry directly to the specialised company to enable such company holding specialist knowledge to contact you directly and support you in your enquiry in the best possible way. It may not be ruled out that any such specialised company is headquartered outside the European Union, in particular the headquarters may be located in Japan. With the companies located in Japan, we entered into agreements ensuring their maintaining similar data privacy levels, in particular within KEG Group, on the basis of Standard Contractual Clauses of the EU Commission. For any further information, do not hesitate to directly contact the companies to which we transferred your data. Of course, you may also contact us by referring to the above contact data. Either Art. 6 subs. 1 sentence 1 lit. b) or (should our data transfer not be part of your enquiry) lit. f) GDPR forms the legal basis for such data processing.

   Owing to our processing of data as described above, your master data may also be processed by KEG Group companies or further cooperating companies located outside the European Union or the European Economic Area, respectively. As confirmed by the EU Commission, Japan offers an appropriate data privacy level. In cases in which the EU Commission determined that an appropriate data privacy level is not maintained, we provided for a contractual basis to ensure such level; in general, we entered in the EU standard contractual clauses of the EU Commission.

4. Your Rights

   To exercise your Rights simply refer to the address mentioned above. Each Data Subject is granted the following Rights:

   • Right of access to stored data (Art. 15 GDPR)
   • Right of rectification of inaccurate data (Art. 16 GDPR)
   • Right of erasure (Art. 17 GDPR)
   • Right of restriction of processing of Personal Data (Art. 18 GDPR)
   • Right of data portability (Art. 20 GDPR).
   • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

   At any time, you may object to our processing of Personal Data for marketing purposes, including customer data analyses for marketing purposes, or our transferring of Personal Data to third parties without giving any reasons for your objection.

   Furthermore, each Data Subject is also granted a general right of objection (cf. Art. 21 subs. 1 GDPR). In any such case, the Data Subject is required to state reasons for his/her objection to data processing. To the extent our data processing is based upon your consent, you may revoke such consent with effect for the future at any time. Any such revocation of your consent will not affect the legitimacy of our data processing effected on the basis of your consent until your revocation.

Part E

Data Privacy Information for Applicants Seeking Employment With KYOCERA Fineceramics Solutions GmbH

1. Personal Data We Process

   The term “Personal Data” means any information referring to an identified or identifiable natural person. Such data includes, without limitation, your name, your (business and private) contact data, your address, hobbies or information about illnesses and your fiscal status (including your religious belief). We treat any information you transfer to us as application data, i.e. apart from your curriculum vitae, also your photograph, potential details on your health status or any other private information, if any. We process Personal Data you submit to us within the framework of your application. That applies to both your application documents and the data you personally communicate to us in the course of the application procedure, e.g. in telephone interviews, personal application interviews, or in the course of a visit at a trade fair. In any case, for the purpose of conducting a comprehensive evaluation of your application, we require your curriculum vitae as well as certificates or relevant evidence. Any further data, including a photograph, constitute information provided voluntarily.

2. Scope of Data Processing and Purposes

   We process data provided within the framework of your application to evaluate your application and your suitability for the advertised position. Incidentally, for such evaluation we may also avail ourselves of the services of specialised service providers. In the event such specialised service providers are located outside the European Economic Area, we herewith represent and warrant that reasonable data privacy safeguards have been implemented already. The Human Resources Department transfers suitable applications for a position to the relevant specialist departments or (inter)national companies for more detailed evaluation. We delete your application data six months after conclusion of the relevant application procedure, i.e. after the vacant position was filled. Art. 6 subs. 1 sentence 1 lit. b) GDPR forms the legal basis for such data processing. Your application data will be stored in our pool of applicants, only if you consent to such storage. We shall store your application data for a period of three years, unless you wish to extend such storage period. Should you consent to such storage, we shall review in connection with the application procedure whether you might be a candidate for a different position meeting your qualification within our company. Art. 6 subs. 1 sentence 1 lit. a) GDPR forms the legal basis for such data processing.
   In the event you still have not attained the age of eighteen, we, when entering into a contract with you, require the approval of your parent(s) or relevant legal guardian(s). Likewise, any extended storage of your application data (e.g. for some future internship) requires your consent and the approval of your parent(s) or relevant legal guardian(s) exclusively.

3. Your Rights During the Application Procedure

   As an applicant, you are granted various rights. For the purpose of exercising the rights you are granted, please do not hesitate to contact our Chief Privacy Officer by referring to the following contact data. Each Data Subject is granted the following rights:

   Right of access to stored data (Art. 15 GDPR)
   Right of rectification of inaccurate data (Art. 16 GDPR)
   Right of erasure (Art. 17 GDPR)
   Right of restriction of processing of Personal Data (Art. 18 GDPR)
   Right of data portability (Art. 20 GDPR).
   Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

   Furthermore, each Data Subject is also granted a general right of objection (cf. Art. 21 subs. 1 GDPR). In any such case, the Data Subject is required to state reasons for his/her objection to data processing. To the extent our data processing is based upon your consent, you may revoke such consent with effect for the future at any time. Any such revocation of your consent will not affect the legitimacy of our data processing effected on the basis of your consent until your revocation. Please mind that, in case of your objecting to our processing Personal Data, we may no longer consider you in the course of the current application procedure and for the future filling of any potential position meeting your qualification.

Part F

Use of Our Online Shop

1. Description of Our Data Processing

   Should you wish to place an order on our Online Shop, we, for the purpose of conclusion of contract, shall request you to provide Personal Data we need to process your order. Such data is stored in a customer account. You may delete all data you provide, including your customer account, via our customer portal any time. Any compulsory data required to manage your contract(s) are marked separately; you may provide any further particulars on a voluntary basis.

2. Legal Basis for Our Data Processing

   As to data processing required for contract management Art. 6 subs. 1 sentence 1 lit. b) GDPR or, insofar as we use data for advertising purposes, Art. 6 subs. 1 lit. f) GDPR, respectively, forms the legal basis for such data processing.

3. Purpose of Our Data Processing

   We process the data you provide to manage your order(s). To such end, we may transfer your payment data to our principal bank or credit reference agencies to verify your financial standing. Further, we may process the data you provide to inform you about other interesting products making up our product portfolio or send you e-mails containing technical information.

4. Duration of Data Storage

   Against the backdrop of commercial and fiscal requirements, we are obligated to store your address, payment, and order data for a period of ten years. After two years, however, we restrict our data processing, i.e. thereafter we will use your data to comply with statutory obligations only.

5. Encryption During Order Process

   To prevent any unauthorised third-party access to Personal Data, in particular your financial data, we use SSL encryption technology for your order process.

Part G

Participation in Raffles/Prize Draws

1. Data Controller

   We should like to inform you hereinafter about our processing your data and about your rights, should you wish to participate in a raffle or prize draw we organise. In this context, responsibility for data processing lies with KYOCERA Fineceramics Solutions GmbH, Steinzeugstrasse 92, 68229 Mannheim, Germany, tel.: +49 (0)621 40547-300, info@kyocera-solutions.de, General Manager: Armin Kayser.

2. Description, Purpose, Duration and Place of Data Processing

   We process and store the data you transmit to us within the framework of your participating in a raffle/prize draw. Such processing and storage have for their purpose to carry out such raffle/prize draw. Art. 6 Lit. b) GDPR forms the legal basis for subsequent data processing. We store your data for such purpose until you request their deletion. After expiry of the time limit for participation in a raffle/prize draw, we store your data only for as long as necessary to draw the winner(s). Thereafter, we delete such data.

   Data processing takes place in computer centres located in Germany exclusively.

3. Your Rights

   Your Rights are listed in Part A II above. In Part A I, you may find the details to contact our Chief Privacy Officer.

Last updated in March 2021