14. Links to third-party websites

We link to the websites of other providers not associated with us (third parties), e.g. to our profiles on social networks such as LinkedIn, Xing, Twitter, YouTube, Instagram and Facebook. We would like to inform you that we have no influence on the data processed by these providers when you click these links. As data processing by third parties is not under our control, we do not accept any responsibility or liability for it. For further information on data processing by these third parties, please refer to the data privacy information published by the respective provider.

15 . Safety measures

1. Personal information we collect is securely stored within our databases. We take suitable technical and organizational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons.  
2. We have physical, electronic and procedural safeguards in place and take reasonable steps to ensure that your personal data is protected from misuse, interference, loss and unauthorized access, modification and disclosure. These measures include the following: 
   – access to data processing systems by unauthorized measures is protected by implementing access controls, implementing security measures, maintaining authorizations and other relevant measures;
   – access to IT systems by unauthorized persons is protected by technical measures regarding user ID, dedicated password protocols, information and data classification policies, secure deletion of data and other relevant measures;
   – in relation to personnel who are authorized to access the data subject to their access authorization, we implement access rights that are based on role requirements, dedicated authorization processes, information and data classification policies and other appropriate measures;
   – to ensure the adequate separation of data, we implement physical separation of data based on the relevant purpose of collection, separate processing of personal data dependent upon intended function, encryption of personal data and other relevant measures;
   – we maintain the safety of personal data during electronic transmission by ensuring personal data can be verified, implementing an information and data classification policy, maintaining e-mail encryption and other relevant measures;
   – we maintain relevant systems and protocols that allow us to monitor access to personal data. We also implement further measures to protect data from accidental destruction or loss;
   – we ensure business continuity by maintaining contingency plans in our data centers and reviewing our recovery plans regularly; and
   – we have also implemented appropriate processes to respond to events and violations, including notification. The implementation and effectiveness of incident management is reviewed at regular intervals as part of internal audits and adjusted if necessary.
3. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it. You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website whilst it is in transit over the internet and any such submission is at your own risk. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us by sending a message to contact form.

16 . Passing on and transmission of data 

1. If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit or otherwise grant access to the data, this is only done on the basis of a statutory permission, resolution by a competent authority, your consent, a legal obligation, or on the basis of our legitimate interests and/or otherwise Justified. In particular, we disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected. Contract processors are only used for this purpose in a lawful manner (based on Art. 28 GDPR, or otherwise Justified). Where a disclosure to third parties is necessary, we will require that the third party undertake to treat the personal information in accordance with all applicable laws and regulations to which we are bound.
2. The data provided by you during the use of our website will be passed on within the Saki Corporation group of companies to the extent necessary for internal administrative purposes or to provide you our services.
   Any such disclosure of personal data is lawful, as (1) you consented, (2) we and the Saki Corporation group have a legitimate interest in disclosing the data for administrative purposes within our group, which outweighs your rights and interests in the protection of your personal data (based on Art. 6 para. 1 lit. f) GDPR), or (3) otherwise Justified.
3. In addition to be above, If there are indications of unlawful or mal usage of our website, and if necessary, for the clarification of such usage or for legal prosecution, personal data will be forwarded to law enforcement or other authorities and affected third parties or legal advisors. A transmission might also take place if it serves the enforcement of terms of use or other legal claims. We are also legally obliged to provide information to certain public bodies upon request, such as criminal prosecution authorities, authorities that pursue administrative offences including fines, and the tax authorities.
   Any disclosure of personal data is lawful, as (1) the processing is necessary for the fulfilment of a legal obligation which we are obliged to fulfil (based on Art. 6 para. 1 lit. f) GDPR in conjunction with national legal obligations regarding the disclosure of data to prosecution authorities, or comparable applicable laws and regulations), (2) we have a legitimate interest in disclosing the data to the aforementioned third parties if there are indications of misconduct or in order to enforce our terms of use, other conditions or legal claims of third parties, which outweighs your rights and interests in the protection of your personal data (based on Art. 6 para. 1 lit. f) GDPR), or (3) otherwise Justified.
4. For the provision of services through our website, we rely on the services of our affiliated company Saki Corporation, 3-1-4, Edagawa, Koto-ku, Tokyo 135-0051 Japan.
   Any disclosure of personal data is lawful, as (1) you consented to this processing, storing, disclosure and transfer of your information to such third parties, (2) we have a legitimate interest in disclosing the data for administrative purposes within our group, which outweighs your rights and interests in the protection of your personal data (based on Art. 6 para. 1 lit. f) GDPR), (3) we have carefully selected our internal companies and external service providers as processors (within the scope of Art. 28 para. 1 GDPR or comparable applicable law), re-examine them on a regular basis and contractually obliged them to process all personal data exclusively in accordance with our instructions, or (4) otherwise Justified.
5. In the course of the further development of our business, the structure of Saki Corporation companies may be subject to change as regards to legal form, the establishment, purchase or sale of subsidiaries, companies or parts thereof. In such transactions, customer information may be transmitted along with the company to be transferred. Whenever personal data is transferred to third parties to the extent described above, we safeguard that this is done in accordance with this privacy notice and the applicable data protection law.
   Any disclosure of personal data is lawful, as (1) you consented to this processing, storing, disclosure and transfer of your information to such third parties, (2) we have a legitimate interest in adapting our corporate form to the economic and legal circumstances as required, which outweighs your rights and interests in the protection of your personal data (based on Art. 6 para. 1 lit. f) GDPR), or (3) otherwise Justified.

17. Transfer to third countries

1. In addition to the data transmissions already described, the following applies: If the data is transferred, stored or processed abroad/overseas, in particular on our servers in Germany, Japan, U.S.A. or in other countries of the European Union or the European Economic Area, or if this is done in the context of using the services of third parties or the disclosure or transmission of data to third parties, this is only done (1) in order to fulfil our (pre-)contractual obligations, (2) on the basis of consent, (3) on the basis of a legal obligation, (4) on the basis of our legitimate interests, or (5) if otherwise permitted by relevant laws and regulations; and in which case the data will be subject to the laws and regulations of the country to which the data is transferred, stored or processed. 
2. Subject to statutory or contractual permissions, we will only process the data in a country or permit to be processed in a country if special conditions are met (in accordance with Art. 44 ff. GDPR, or comparable applicable law and regulations). This means, for example, that the processing is carried out (1) on the basis of special guarantees, such as the official recognition of an EU-level of data protection compliance, (2) in compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”) or through binding corporate rules, (3) based on your consent, or (4) as otherwise Justified.

18. Change of purpose

Processing of your personal data for purposes other than those described above will only be carried out to the extent permitted by applicable laws and regulations or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected or material changes to this privacy policy has taken place, we will inform you of these other purposes before processing and provide you with all further relevant information.

19. Your Rights

1. Right to information: You have the right to obtain from us, at any time and upon request, information on the personal data processed by us and relating to you (in accordance with Art. 15 GDPR, or other applicable laws and regulations). To do so, please contact us at the addresses below. Please note that we may refuse access to the information in circumstances recognized under applicable law, such as when (i) the information is inseparable from the personal information of other individuals, (ii) the information is subject to attorney-client privilege, or (iii) the disclosure of the information would reveal confidential commercial information.   
2. Right to correct incorrect data: You have the right to ask us to correct any personal data concerning you without delay if it is incomplete or inaccurate. To do so, please contact us at the addresses below.
3. Right to deletion: Under the conditions set forth in Art. 17 GDPR or other applicable laws and regulations, you have the right to request us to delete or anonymize the personal data concerning you. These conditions provide in particular for a right of deletion if the personal data is no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or withdrawal of consent, or the existence of an obligation to delete them. To exercise your rights, please contact us at the addresses below. Instead of anonymization, we will delete your data. 
4. Right to limit processing: You have the right to demand that we restrict processing (in accordance with Art. 18 GDPR or other applicable laws and regulations). This right exists in particular if the accuracy of the personal data is disputed between you and us, for the period of time required to verify its accuracy, and in the event that you request limited processing instead of deletion in the case of an existing right to deletion; also in the event that the data is no longer required for the purposes pursued by us, but you require it for the assertion, exercise or defense of legal claims, and if the successful exercise of an objection is still disputed between you and us. In order to exercise your right to limit the processing, please contact us at the addresses below.
5. Right to data transferability: You have the right to receive from us the personal data concerning you that you have provided to us in a structured, common, machine-readable format (in accordance with Art. 20 GDPR or other applicable laws and regulations). To exercise your right to data transferability, please contact us at the contact addresses below.
6. Revocation of consent: If you have given us your consent to process your personal data, you can revoke this consent at any time, free of charge and free of disadvantages and with effect for the future. With regard to the use of Cookies, you can revoke your consent through the respective links contained above in this privacy notice. Otherwise, by sending a message to contact form. After general revocation of your consent, your personal data will no longer be used for the aforementioned purposes and – subject to permissible processing for other purposes and compliance with applicable laws and regulations – will be deleted.
7. Right of objection: Furthermore, you have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data relating to you which is carried in the public interest (on the basis of Art. 6 para. 1 lit. e) GDPR or other applicable laws and regulations), or to the data processing based on a weighing of interests (on the basis of Art. 6 para. 1 lit.  f) GDPR or other applicable laws and regulations); this also applies to profiling being justified on the aforementioned legal grounds (compare Art. 21 GDPR). If you lodge an objection, we will only process your personal data if we can prove that there are compelling legitimate reasons for doing so which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims, and if appliable law provides for such overriding processing.
8. Right of complaint: You also have the right to lodge a complaint to a data protection supervisory authority about the processing of your personal data by us (in accordance with Art. 77 GDPR or other applicable law).

20. Privacy Rights for California Residents

If you are a resident of the states of California in the United States of America, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit CCPA Privacy Notice for California Residents.

21. Use By Minors

Our website is not intended for minors under 16 years of age. No one under age 16 may provide any personal information through this website. We do not knowingly collect personal information from minors under 16. If you are under 16, do not use or provide any information on the website or register on it, use any of the interactive or public comment features, or provide any information about yourself to us, including your name, address, telephone number, or email address. If we learn we have collected or received personal information from a minor under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a minor under 16, please contact us.

22. Sensitive Personal Information

Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive personal information under applicable laws and regulations (e.g., credit or debit card number, with our without any required security code, personal identification number, financial account number, driver’s license number, government-issued identification card number, information related to racial or ethnic origin, political opinions, religion or philosophical beliefs, health, sex life or sexual orientation, criminal background, or trade union membership, or biometric or genetic data for the purpose of uniquely identifying an individual) on or through this website or otherwise to us. If you have accidentally sent or disclosed to us any sensitive personal information, please contact us and request deletion of such information.

23. Your Contact Person for Questions and Comments (Data Protection Officer) 

We would like to ask you to address claims or statements to contact form.