Chapter 1: All customers

AIPHONE CO., LTD. (the “Company”) recognizes the importance of the personal information of individuals, including our customers, and handles such personal information in accordance with the following policies.

1. Basic Policy on the Protection of Personal Information

The Company shall comply with the laws and regulations, the guidelines established by the government or administrative authorities and other rules concerning the protection of personal information and the corporate ethics of the Company.
As part of its personal information protection system, the Company shall assign a person in charge to manage personal information (a personal information protection manager) and clarify the management framework of the Company. In addition, the Company shall ensure that all officers and employees recognize the importance of, and comply with, the Company’s internal rules concerning personal information protection.
The Company shall only handle the personal information of a person within the scope of the purposes of utilization clearly shown to such person. The Company shall not disclose or provide personal information to any third parties, except in cases where the person has agreed thereto or such disclosure is based on the laws or regulations or other justifiable grounds.
The Company shall endeavor to keep personal information accurate and up-to-date, and shall take appropriate safety measures to prevent or correct, as necessary, the illegal access to, leakage, loss or destruction of personal information.
The Company shall respond in an appropriate manner, pursuant to the laws and regulations, to any inquiries, complaints, consultations and requests for disclosure from a person concerning the personal information of such person.
The Company shall establish and maintain a personal information protection management system taking the above into consideration, and shall endeavor to continuously improve such system.

2. Purposes of Utilization of Personal Information and Handling within such Purposes of Utilization

The Company shall collect, hold and utilize the personal information that it already holds and/or collects hereafter within the purposes described below:

To provide services concerning the Company’s products and/or services, including, without limitation, planning, development, research, purchase, manufacture, sales, construction, repair, and inspection;
To provide and/or exchange information concerning the Company’s products and/or services;
To respond to or discuss questions and/or inquiries; ^*1
To plan, operate and provide follow-up services concerning exhibitions, events and seminars;
To utilize the same for market research (questionnaires, investigations, etc.) and analysis, planning and improvement of products, and sales and marketing activities;
To utilize the same for recruiting activities and personal management and labor relations;
To provide and/or exchange information to/with the Company’s shareholders and other investors; and
To utilize the same for internal information exchanges and intra-company training with respect to the above, and other activities incidental or related to the above.

^*1 The contents of calls between you and the Company’s Customer Support Center (i.e. Service Reception Section and Customer Support Section) may be recorded in order for the Company to understand exactly what your concerns are and to avoid missing any of your requests.

3. Safety Measures

The Company shall endeavor to keep personal information accurate and up-to-date, and shall take appropriate safety measures to prevent or correct, as necessary, any illegal access to, or leakage, loss or destruction of personal information.

4. Supervision over Contractors

The Company may outsource the handling of personal information to a third party when utilizing personal information for the purposes of utilization. In such case, the Company shall assess and select a third party, enter into a confidentiality agreement, and oversee the third party as necessary.

5. Provision to a Third Party

The Company shall not disclose the personal information of a person to any third party without such person’s consent. However, the Company may provide personal information to a third party in cases where:

The person has agreed;
The Company outsources to a third party, within the purposes of utilization, catalogue dispatching, information provision, product planning or development, purchase, manufacture, sales, repair, inspection, data management or other services;
The Company’s outsourcing contractor responds to questions or inquiries from customers;
The Company promotes its services in collaboration with a third party;
Other cases where the Company provides personal information to its outsourcing contractor within the scope necessary to achieve the purposes of utilization;
The handling of personal information is pursuant to the laws and regulations; or
The handling of personal information is necessary for the protection of the life, limb, or property of an individual and where it is difficult to obtain the consent of such person.

6. Use of Statistically Processed Data

The Company may, based on the collected personal information, create statistical data which shall be processed in a manner that cannot identify any individual. The Company may use such statistical data without limitation.

7. Inquiries and Requests for Disclosure

With respect to the personal information provided by a person to the Company, the Company will, based on laws and regulations concerning personal information protection, appropriately respond to such person’s request for disclosure, correction, suspension of use, or deletion of his/her personal information or opinions, inquiries, complaints or consultations. To submit a request, etc., please contact the department to which you provided personal information or any branches or business offices near you, or please contact the inquiry desks below.

Inquiry Desk for Personal Information

Support Desk for Personal Information Disclosure Requests

For shareholder information stated in the Company’s shareholder registry, please contact the Stock Transfer Agent Department, Mitsubishi UFJ Trust and Banking Corporation, which is the Company’s transfer agent.

Please note that the Company will confirm the identity of the person making the inquiry or request for disclosure, etc.

8. Continuous Improvement

The Company may revise this privacy policy as necessary to protect personal information and to comply with the laws and regulations, guidelines and other rules concerning personal information protection. In order to implement such policy, the Company shall establish a personal information protection management system, and shall implement and maintain the same through intra-company training and internal audits. Furthermore, the Company shall continuously improve the personal information protection management system in order to respond to various changes, including, without limitation, changes in personal information and how to handle such information and the environment surrounding the Company.

Tomio Suzuki
President (Representative Director)
AIPHONE CO., LTD.

Enacted: August 1, 2011
Revised: May 19, 2023

Chapter 2: Customers residing in the EEA or the UK

Personal Data Subject to GDPR, UK GDPR and DPA 2018

1. Introduction and Legal Framework for Processing of Personal Data

This Privacy Policy details how AIPHONE (hereinafter “Aiphone”, “we”, “us” or “our”) controls and processes Personal Data in connection with our products and services. It only applies to Processing of Personal Data subject to EU General Data Protection Regulation No. 2016/679 (the “GDPR”), or the UK GDPR and the Data Protection Act 2018 (the “DPA 2018”).
We will always process the Data Subject's Personal Data based on one of the legal bases provided for in the GDPR, or the UK GDPR and the DPA 2018, as applicable. In addition, when processing special categories of Personal Data which require special care, we will do so in accordance with the special rules provided for in the GDPR, or the UK GDPR and the DPA 2018.

2. General Information

2.1 Definitions

The following terms as used in this Privacy Policy shall have the meanings set forth below:

“EEA” means the European Economic Area.
“UK” means the United Kingdom
“GDPR” means EU General Data Protection Regulation No. 2016/679.
“UK GDPR” means United Kingdom General Data Protection Regulation
“DPA 2018” means the Data Protection Act 2018.
“Personal Data” means the personal data subject to the GDPR, or the UK GDPR and the DPA 2018. Please note that this Privacy Policy does not apply to all the Personal Data which we collect and process.
“Data Subject” means persons protected under the GDPR, or the UK GDPR and the DPA 2018..
“Processing of Personal Data” means processing of Personal Data of the Data Subject in any of the following cases:
1. if carried out in connection to activities of our establishment in the EEA and/or the UK,
2. if related to the offering of goods or services to the Data Subject residing in the EEA and/or the UK, or
3. if related to the monitoring of the behavior of the Data Subject residing in the EEA and/or the UK as far as their behavior takes place within the EEA and/or the UK.
“Software” means the software we are using in order to operate our intercom systems.

2.2 Collection and Processing of Personal Data

2.2.1 Legal Bases for Processing Operations

1. We may collect and process the Data Subject's Personal Data in the following cases :

if we have a legitimate interest in such processing, unless except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child, in accordance with the GDPR, or the UK GDPR and the DPA 2018, as applicable;
if required in order to perform an agreement with the Data Subject or carry out procedures before execution initiated by the Data Subject in accordance with the GDPR, or the UK GDPR and the DPA 2018, as applicable; or
if we have obtained the Data Subject's express prior consent in accordance with the GDPR, or the UK GDPR and the DPA 2018, as applicable.

2.2.2 Children’s Personal Data

Where we collect and process Personal Data from a child who is under 16 years of age or who has not reached the age limits under the laws of a Member State, we will process that data appropriately.

2.2.3 Withdrawal of Consent

Where our Processing of Personal Data is based on consent, the Data Subject is entitled to withdraw his or her consent to the collection and Processing of the Personal Data at any time without having to provide reasons.
We will not collect and Process Personal Data that is based on consent after such withdrawal, but this withdrawal will not affect the lawfulness of processing based on the consent before withdrawal thereof.

2.2.4 Change of Purpose of Use

We will process the Data Subject's Personal Data for the above specified, explicit and legitimate purposes, and will not further process the Personal Data in a way that is incompatible with those purposes.
If we intend to process Personal Data originally collected for one purpose in order to attain other objectives or purposes, we will ensure that the Data Subject is informed of this.

2.2.5 Storage of Personal Data

We will retain Personal Data for the period necessary for us to fulfill the respective processing purpose, unless a longer retention period is required by applicable laws.

2.2.6 Sharing of Personal Data

We may share Personal Data with our group entities and with specific third-parties in accordance with the GDPR, or the UK GDPR and the DPA 2018, as applicable.
Where we share Personal Data with any entity outside the EEA and the UK, we will put appropriate legal frameworks in place, notably controller-to-controller (2004/915/EC) and controller-to-processor (2010/87/EU) Standard Contract Clauses approved by the European Commission, in order to cover such transfers.

2.2.7 Collaborative Partners

Personal Data may be transferred to, stored, and further processed by collaborative partners that work with us to provide our products and services or help us market to Data Subjects. Such processing is based on our prevailing legitimate interests.
Data Subjects may object to the Processing of their Personal Data for direct marketing purposes without having to specify any reasons. Upon receipt of the objection, we will immediately discontinue such Processing Personal Data.

2.2.8 Corporate Reorganizations

In the event of a merger, corporate reorganization, civil rehabilitation, acquisition, joint venture, assignment, transfer, sale or disposition of all or any portion of our business (including in connection with any bankruptcy or similar proceedings), etc., we may transfer any and all Personal Data to the relevant third party based on our prevailing legitimate interests.

2.2.9 Legal Compliance andSecurity

It may be necessary for us – by law, legal process, litigation, and/or requests from public and governmental authorities within or outside the Data Subject's country of residence – to disclose Personal Data. We may also disclose Personal Data if we determine that, for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
We may also disclose Personal Data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our internal regulations, investigate fraud, or protect our operations or users.

2.2.10 Data Transfers outside EU /EEA and the UK

Disclosures or sharing of Personal Data as described above may involve transferring Personal Data out of the EEA and the UK. For each of these transfers we make sure that we provide safeguards of an adequate level of protection to the data transferred, including without limitation by entering into Standard Contract Clauses as defined by the European Commission decisions 2001/497/EC, 2002/16/EC, 2004/915/EC and 2010/87/EU, as necessary, or by transferring Personal Data based on the rules of the GDPR, the UK GDPR and the DPA.

2.2.11 Security measures

We process Personal Data in a manner that ensures such data appropriate security (including protection against unauthorized or unlawful processing and against accidental loss, destruction damage, etc.) using appropriate technical or organizational measures to achieve this.

2.2.12 Data subject's rights

Data Subjects are entitled to the following rights with regard to our processing of your Personal Data:
- The right to require free of charge (i) information whether your Personal Data is retained and (ii) to access your Personal Data under our control. However, if the request affects the rights and freedoms of others or is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee (taking into account the administrative costs of providing the information or communication or taking the action requested) or refuse to act on the request;
- The right to request proper rectification, removal or restriction of your Personal Data;
- Where processing is based on prevailing legitimate interests in accordance with the GDPR or the UK GDPR and the DPA 2018, as applicable, the right to object on grounds relating to your particular situation at any time. If you object we will no longer process your Personal Data unless there are compelling and prevailing legitimate grounds for the processing or the data is necessary for the establishment, exercise or defence of legal claims;
- Where processing of your Personal Data is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format or to have your Personal Data transmitted directly to another company, where technically feasible (data portability);
- Where the processing of your Personal Data is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal or to any other existing legal justification of the processing activity in question; and
- The right not to be subject to any automatic individual decisions which produces legal effects on you or similarly significantly affects you
If the Data Subject will exercise such rights, please contact us at the address set forth in 2.2.14 below.
If the Data Subject is not satisfied with the way in which we have proceeded with any request, or if the Data Subject has any complaint regarding the way in which we process Personal Data, the Data Subject may lodge a complaint with a Data Protection Supervisory Authority.

2.2.13 Updates to Privacy Policy

We may change this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy via the Website.
If we make changes which we believe are significant, we will inform the Data Subject through the Website to the extent possible and seek for the Data Subject's consent where applicable.

2.2.14 Contact

With respect to the Personal Data, you provided to us, we will appropriately respond to your request for disclosure, correction, suspension of use, or deletion of your personal information or opinions, inquiries, complaints or consultations, in accordance with laws and regulations regarding the protection of personal information.
For any questions or requests relating to this Privacy Policy, please contact us by email as follows:
contact: aiphone_gdpr@aiphone.co.jp

3. Processing of Personal Data on Our Website

This section highlights how we collect, process and use your Personal Data when you are using our Website.

3.1 Processed Personal Data

We collect and use your Personal Data when you are accessing and interacting with our Website. If you visit our Website without providing Personal Data via registration or in any other way, only the internet connection data that your browser transmits to our server will be processed. This information contains Personal Data only to a limited extent. The processed data includes information on:

Your IP address
Your device (type, name, ID)
Your browser (type/version)
Your operating system (including language settings)
Date and time of your request
Content of your requests
Your screen resolution
Your Internet service provider
Websites from which your system accesses our website (referrer URL)
Web pages that are called up by your system via our website.

We process this information in order to enable you to use our website (e.g. by adapting our website to the needs of your device) as well as to generate comprehensive demographic data to create anonymous statistics on the use of our website. This data is not merged with other data sources.

The legal basis for this data processing is Art. 6(1)(b) of the GDPR and the UK GDPR, as we need this data for the provision of our Website, and Art. 6(1)(f) of the GDPR and the UK GDPR, as we have a legitimate interest in ensuring the stability and security of our Website.

3.2 Processing of Personal Data For Additional Services

We offer additional services on our website (e.g. contact forms, newsletter and brochure requests). When you use these services, we ask you for further Personal Data such as your name or e-mail address. Mandatory information is always marked as such. Without this Personal Data, we may not be able to provide you with the requested service or answer any queries you may have. In the following, we will inform you about the respective data processing operations and legal bases.

Contacting Us – We will store your Personal Data if you choose to contact us – e.g. via email or contact form. This is usually your name and email address as well as the information you have provide us with your message. We process these information solely for the purposes of answering your request and the associated technical administration and do not forward the information to any third parties without your consent. The legal basis for this data processing is Art. 6(1)(b) of the GDPR and the UK GDPR, if carried out performance of contract or as pre-contractual measures, as well as Art. 6(1)(f) of the GDPR and the UK GDPR, as the processing of these requests is in the interest of both parties.
Newsletter – If you opt-in for our newsletter informing you about our latest products and services, We will process the Personal Data provided by you (such as name, address or email address) for the sending the newsletter to you.
Brochure Requests – If you make a request for a brochure of our products and/or services, we will process the Personal Data provided by you (such as name, address and email address) for the purpose of sending the brochure to you.

3.3. Use of Cookies and third-party software

Our Website uses cookies. Cookies are small text files that are saved on your hard disk which can be allocated to your browser and deliver particular information about your use of our Website. They are useful for making internet devices more effective and more user-optimized such as remembering your choices when you revisit the Website. The use of such cookies which are required to ensure the functionality of our Website and to provide a safe user experience are used based on our prevailing legitimate interest.
Cookies used for other purposes, such as analyzing visitor’s preferences and activities on the Website, are used. In regard to visitors from the EEA and the UK, Cookies are used in such manner only if Data Subjects have declared their consent to the Use of such Cookies.
Certain cookies we use last only for the duration of your web session and expire when you close your browser and are called session cookies. These cookies are stored as session IDs whereby different requests sent by your browser are assigned to the common session until you close the browser or otherwise cancel the session. Other cookies are used to remember you when you return to the Site/Application and will remain for longer. These are generally called persistent cookies which will remain on your device after concluding the session. However, persistent cookies are automatically deleted after a specified period of time. You can adjust the retention period or manually delete cookies from your device via your browser settings at any time. Please be advised that if you disable cookies you may not be able to use our Website’s services to their full extent.

3.3.1 Google Analytics

Our Website uses Google Analytics. Google Analytics is a service from Google LLC. (1600 Amphitheatre Parkway Mountain View, CA 94043. USA; ‘Google’) employing cookies which are saved on your computer, allowing Google to analyze your use of the Site. The information generated by the cookie is transferred to a Google server generally located in the USA and stored there. On our Website, IP anonymization is activated, so that the IP address of Google users within member states of the European Union or other contracting parties to the Agreement on the European Economic Area is effectively anonymized before being transferred, thus eliminating any possibility of personally identifying the user in question.
In exceptional cases only the full IP address is transferred to a Google server in the USA and abbreviated there. Google uses this information on our behalf in order to analyze the use of the Website, to compile reports on the Website activities, and to provide other services relating to use of the Site and Internet use for the Website operator. The IP address transferred from your browser through Google Analytics is not merged with other data by Google for profiling purposes. Further information on Google’s use of data can be [https://support.google.com/analytics/answer/4597324?hl=en].
You can prevent the collection and subsequent transfer of any data (including the anonymized IP address) generated by the Google Analytics cookie relating to use of the Website by Google as well as the processing of this data altogether by Google by either downloading and installing the Browser Plugin available here. Alternatively, you can click here [https://tools.google.com/dlpage/gaoptout?hl=en].

3.3.2 Social-Media Plugins

We use social-media plugins from Facebook, Twitter and LinkedIn. The providers of these services can communicate with you via the plugins and collect information about your visit to our website. This processing is based on Art. 6(1)(f) of the GDPR and the UK GDPR. We have a legitimate interest in increasing your user experience and optimizing our Services.

Facebook - Our Website uses social plugins operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").

The social-media plugins are being used to create user profiles in order to store information about you. This information may include, for example, content viewed, websites visited, online networks used, communication partners and technical information (device information, metadata). This may also include location data if you have given your consent in the collection of such data. The collection of data is being carried out across the devices. Additionally, if you use the social network facebook.com, the collected data can be assigned to your Facebook user profile. We generally only receive access to aggregated information about the interaction with our ads and can use the aggregated data to provide our marketing campaigns to the relevant interest groups. Please note that you can find further information about Facebook's privacy policies at [https://www.facebook.com/about/privacy]. You may object to your data being captured by Facebook and used in the above-mentioned way. You can change your user-based advertising settings here: [https://de-de.facebook.com/ads/settings]. You can also prevent Facebook from installing the respective cookie by adjusting your browser settings.
Twitter – We are using Twitter social-media plugins on our Website. These social-media plugins are operated by Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). By using Twitter and the Re-Tweet function, the website you visit will be linked to your Twitter account and made public to other users. This includes the transfer of your personal data.
These processing operations are based on Art. 6(1)(f) of the GDPR and the UK GDPR as we have a legitimate interest in an attractive presentation and simplification of the use of our online offers. Please find further information on the data processing under [http://twitter.com/privacy].

You can change your privacy settings on Twitter in the account settings under [http://twitter.com/account/settings.
LinkedIn – We use social-media plugins on our Website operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (“LinkedIn”).
The social-media plugin notifies LinkedIn of which specific page of our Website is being visited. If you click the LinkedIn Recommend Button while you are logged in to your LinkedIn account, you can post the contents of our website via your LinkedIn profile. This enables LinkedIn to associate your visit to our website with your LinkedIn account.

The data processing is based on Art. 6(1)(f) of the GDPR and the UK GDPR as we have a legitimate interest in an attractive presentation and simplification of the use of our online offers.

For further details about LinkedIn's data processing and your rights and preferences, please refer to LinkedIn's privacy policy under [http://www.linkedin.com/legal/privacy-policy].

4. Processing of Personal Data for the Provision of Our Products and/or Services, Including Software

We process your personal data to provide our products and/or services, including software.
Customers, administrators and/or installers of our products and services, please visit the following URL for our privacy statement.
https://www.aip-info.net/legal/privacy/

Last updated on the 1^st March, 2024

Chapter 3: Customers residing in California, USA

PRIVACY POLICY FOR CALIFORNIA RESIDENTS

This privacy policy for California residents (“CA privacy policy”) supplements our privacy policy, explains how we, AIPHONE CO., LTD. and AIPHONE CORPORATION collect, use, disclose and protect personal information of California residents and any information related to it ("personal information"). In the event of a conflict between this CA privacy policy and our privacy policy, this CA privacy policy controls. Certain terms used in this CA privacy policy have the meanings defined in the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (the “CCPA”), and its regulations (collectively “CCPA”).

1. Right to Know About Personal Information Collected, Sold or Shared, Disclosed

1-1. The CCPA states you have the right to request us to disclose the following information regarding your personal information we collect, use, disclose, sell and share.

The categories of personal information we collect
The categories of sources from which the personal information is collected
The business or commercial purpose for collecting, selling, or sharing personal information
The categories of third parties to whom the business discloses personal information
The specific pieces of personal information the business has collected about the consumer

1-2. You can exercise your above-mentioned right, unless you have exercised the right twice within the preceding 12 months. We endeavor to respond to you within 45 days of receiving a verifiable request. If you intend to exercise such rights, please refer to section 8.

1-3. We use your information (unique personal identifiers, such as name, postal address and email address) to verify your request.

1-4. We have collected the following categories of personal information relating to the respective users in the preceding 12 months from the following sources for the following purposes:

Intercom users
Categories of Personal Information	Sources	Purposes
"Identifiers" that identifies or could be, directly or indirectly, associated with an individual such as building ID, building number, building name, residential number, residential ID, residential name, intercom device ID, intercom device serial number, intercom device name, smartphone ID, smartphone number and smartphone name	・Setting by installers, property managers or you ・From your device	・To provide smartphone integration services ・To provide maintenance and technical support services
"Electronic information" such as device display language, smartphone type, smartphone OS type, and other information necessary for providing smartphone integration services including IoT client certificate and endpoint type	・Setting by installers, property managers or you ・From your device	・To provide smartphone integration services ・To provide maintenance and technical support services
"Audio and Visual information" such as voice and image data	From your device	・To provide smartphone integration services ・To provide maintenance and technical support services ・To improve the quality of products and user experience with the smartphone integration services (Research and Development)
"Internet or other electronic network activity information" such as cloud server communication logs, intercom device operation logs, smartphone application operation logs and door release logs	From your device	・To provide maintenance and technical support services・To improve the quality of products and user experience with the smartphone integration services (Research and Development)

Website users
Categories of Personal Information	Sources	Purposes
"Identifiers" that identifies or could be, directly or indirectly, associated with an individual such as Internet Protocol address and your device ID	From your device	・To enable you to use our website (e.g. by adapting our website to the needs of your device) ・To generate comprehensive demographic data to create anonymous statistics on the use of our website
"Electronic information" such as your device type/name, your browser type/version, your operating system (including language settings), your screen resolution and your internet service provider	From your device	・To enable you to use our website (e.g. by adapting our website to the needs of your device) ・To generate comprehensive demographic data to create anonymous statistics on the use of our website
"Internet and other electronic network activity information" such as date and time of your request, content of your requests, websites from which your system accesses our website (referrer URL) and web pages that are called up by your system via our website	From your device	・To enable you to use our website (e.g. by adapting our website to the needs of your device) ・To generate comprehensive demographic data to create anonymous statistics on the use of our website ・To analyze visitor’s preferences and activities on the website and to improve the performance of the website
”Unique personal identifier or online identifier” such as cookies	From your device	・To make Internet devices more efficient and user-optimized, such as remembering your choices when you revisit our website ・To analyze visitor’s preferences and activities on the website and to improve the performance of the website

Users of additional services on the website (e.g. contact form and newsletter/brochure requests)
Categories of Personal Information	Sources	Purposes
"Identifiers" that identifies or could be, directly or indirectly, associated with an individual such as your name and e-mail address	・From you via email or contact form ・From you based on opt-in consent to receive newsletters	・To answer your requests or inquiries ・To send you newsletters
"Any personal information described in subdivision (e) of Section 1798.80 of California Civil Code" such as telephone number and (postal) address	・From you based on opt-in consent to receive newsletters ・From you via brochure requests	・To send you newsletters ・To send you brochures
"Professional or employment-related information" such as your company name	・From you via email or contact form	・To answer your requests or inquiries

1-5. We have not sold or shared personal information to/with third parties in the past 12 months.

1-6. We do not knowingly sell or share the personal information of consumers under 16 years of age.

1-7. We have not disclosed personal information to third parties in the past 12 months.

1-8. We may allow our service providers to process your personal information only when we have confirmed that they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure that they can only use your personal information for purposes set forth in agreements with us as required in the CCPA. We may also share personal information with external auditors.

1-9. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

1-10. We may also need to share some personal information with other parties, such as potential buyers of some or all of our businesses or during a re-structuring. Usually, information will be anonymized, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. We will not share your personal information with any third parties other than those described in this notice.

2. Right to Request Deletion of Personal Information

2-1. The CCPA states you have the right to request us to delete your personal information collected by us.

2-2. You can exercise your above-mentioned right, unless you have exercised the right twice within the preceding 12 months. We endeavor to respond to you within 45 days of receiving a verifiable request. If you intend to exercise such rights, please refer to section 8.

2-3. We use your information (unique personal identifiers, such as name, postal address, and email address) to verify your request.

3. Right to Request Correction of Inaccurate Personal Information

3-1. The CCPA states you have the right to request us to correct inaccurate personal information about you.

3-2. You can exercise your above-mentioned right, unless you have exercised the right twice within the preceding 12 months. We endeavor to respond to you within 45 days of receiving a verifiable request. If you intend to exercise such rights, please refer to section 8.

3-3. We use your information (unique personal identifiers, such as name, postal address, and email address) to verify your request.

4. Use and Disclosure of Sensitive Personal Information

4-1. We do not collect, use or disclose your sensitive personal information.

5. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Right

5-1. The CCPA states you have the right not to receive discriminatory treatment by us for the exercise of the privacy rights conferred by the CCPA.

6. Authorized Agent

6-1. When you use an authorized agent to submit a request to know or a request to delete, we may require that you:

Provide the authorized agent with written permission to do so; and
Directly confirm with us that you provided the authorized agent with permission to submit the request.

6-2. We may deny a request from an agent that does not submit a proof that they have been authorized by you to act on your own behalf.

7. Contact us

7-1. If you would like to exercise your rights mentioned in the section 1 to 4, or if you have any questions or concerns about this CA privacy policy or the information we hold about you, please contact us by email or Toll-free number below.
e-mail: aiphone_ccpa@aiphone.co.jp
Toll-free Number: (800)692-0200

8. Updates to the CA Privacy Policy

8-1. We may revise or update this CA privacy policy from time to time. Any changes to this CA privacy policy will become effective upon posting of the revised CA privacy policy via our website.

9. Processing of Personal Data for the Provision of Our Products and/or Services, Including Software

9-1. We process your personal data to provide our products and/or services, including software. Customers, administrators and/or installers of our products and services, please visit the following URL for our privacy statement. https://www.aip-info.net/legal/privacy/

Last updated: April 1, 2025

AIPHONE Privacy Policy