1. Home
  2. privacy
  3. GDPR Privacy Policy of Fontworks Inc.

GDPR Privacy Policy of Fontworks Inc.

0123456789

This privacy policy only applies to processing of personal data subject to EU General Data Protection Regulation 2016/679 (“GDPR”).

1.Purpose of this privacy policy

This privacy policy aims to give you information on the way of processing (including, but not limited to, collection, use, storage, disclosure by transmission) personal data relating to an identified or identifiable natural person in EU (such natural person shall be “Data Subject” and such personal data shall be “Personal Data”) by Fontworks Inc. (the “Company”, or “we”) as a data controller.

We will respect the right to privacy of individuals and comply with data protection and privacy related laws and regulations including GDPR.

2.Contact details

For questions or inquiries regarding this privacy policy, please contact Company or its representative set out below. We would appreciate it if Data Subject contacts Company before approaching representative.

(a) Company
Nisshin Aoyama Building 5F, 3-2-4 Kita-aoyama, Minato-ku,
Tokyo, 107-0061, Japan
Email: info@fontworks.co.jp
https://www.fontworks.co.jp/en/

(b) Representative
LCA Studio Legale
Via della Moscova 18, 20121 Milan, Italy
Tel: +39 027788751
Email: milano@lcalex.it

3.Legal grounds for lawful processing of Personal Data

We will use Personal Data only when relevant laws and/or regulations (in particular, GDPR) allows us to do so.

When we process Personal Data, we will rely on at least one of the legal grounds for lawful processing.

We have set out below a description of (a) purposes for using Personal Data, (b) types of Personal Data and (c) legal grounds for lawful processing of Personal Data.

(a) purposes for using Personal Data 1. To register a new customer
(b) types of Personal Data
  • Full Name
  • Address
  • Email address
  • Fax number
  • Telephone number
  • Country
  • Company Name
(c) legal grounds Consent by Data Subject
(a) purposes for using Personal Data 2. To implement supply of products or services including:
(i)placing (or receiving) order
(ii)delivery (or take delivery)
(iii)payment for fees
(iv)administration of debts and credits
(b) types of Personal Data
  • Company Name
  • Delivery address
  • Email address
  • Telephone number
(c) legal grounds Performance of Contract
(a) purposes for using Personal Data 3. To announce an event or introduce new products or services
(b) types of Personal Data
  • Full Name
  • Company Name
  • Address
  • Email address
(c) legal grounds Consent by Data Subject

4.Sources of Personal Data

We collect Personal Data directly from Data Subject or indirectly from third persons and/or public sources.

5.Sharing and disclosure of Personal Data

We share and disclose your Personal Data to the following third persons in accordance with the GDPR for the purposes stated in this privacy policy:

  • NI Consulting Co., Ltd.
    2-16-1-19F Minatominami, Minato-ku, Tokyo, Japan
    Category of business: Consulting, hosting service
  • Sansan, Inc.
    Aoyama Oval Building 13F, 5-52-2 Jingumae, Shibuya-ku, Tokyo, Japan
    Category of business: Planning, development, and selling of cloud services for business card management

Your Personal Data will be transferred to the following third countries outside the EEA:

  • Japan

6.Retention period of Personal Data

We will retain Personal Data only to the reasonable extent necessary to achieve the purposes for processing Personal Data. Specific retention periods are decided based on the following considerations: the purpose for obtaining and processing Personal Data; the nature of Personal Data; and the necessity of retaining Personal Data for legal or business reasons.

7.Legal rights of Data Subject

If certain conditions are satisfied, Data Subject may have the following rights in relation to Personal Data:

(a) to request access to Personal Data: Data Subject can receive a copy of Personal Data held by us and check the status of lawful processing of such Personal Data.
(b) to request correction of Personal Data: Data Subject can correct incomplete or inaccurate relevant Personal Data, though we may need to verify the accuracy of new data provided to us.
(c) to request deletion of Personal Data: Data Subject can ask us to delete relevant Personal Data if there is no good reason for us to continue to process it. However, we may not always be able to comply with Data Subject’s request to delete Personal Data for specific legal reasons.
(d) to object to inappropriate processing of Personal Data: Data Subject can object to processing of relevant Personal Data.
(e) to request restriction on processing of Personal Data: Data Subject can ask us to suspend the processing of Personal Data.
(f) to request the data portability of Personal Data: Data Subject can receive relevant Personal Data in a structured, commonly used, and machine-readable format and has the right to transfer that data to another controller without hindrance from us.
(g) to withdraw consent by Data Subject to process Personal Data: Data Subject can withdraw its consent to process Personal Data. This will not affect the lawfulness of any processing carried out before such withdrawal. If Data Subject withdraws Data Subject’s consent, we may not be able to provide certain products or services to Data Subject. We will advise Data Subject if this is the case at the time of such withdrawal by Data Subject.

Data Subject has the right to make a complaint to the relevant supervisory authority in the member state of the habitual residence of Data Subject. However, we would appreciate it if Data Subject gives us a chance to deal with Data Subject’s concerns in the first instance before Data Subject approaches such supervisory authority.

8.Updates to this policy

This policy may be updated from time to time. You can find the latest version on our website.