Nessum Alliance (the “Alliance”) values the protection of its customers’ personal data and treats it appropriately and cautiously in order to respect their fundamental rights to privacy and data protection. The Alliance Office (the “Office”) wants the Alliance to be a reliable body to which an individual customer (such as you) can trustfully provide his/her personal data.
This Privacy Notice explains (1) how and why we use any information about you (referred to in this Privacy Notice as Personal Data, as further defined below) that you provide to us or that we collect through your visit to Website and/or application for the Membership to access the Services and (2) what your rights and our obligations are in relation to the processing of your Personal Data. This Privacy Notice is further formed in accordance with the European data protection legislation, including the General Data Protection Regulation (the “GDPR“).
Please read this Privacy Notice carefully.
The Office is represented in the European Economic Area (i.e. the European Union, Iceland, Liechtenstein and Norway) for any data protection related matters by its French entity, Progilon Srl., having its registered office at WTC Business Center, 5 place Robert Schuman, F-38000 Grenoble, France.
This Privacy Notice does not apply to:
･the specific data processing activities which may occur when receiving the actual Service (i.e. after you have become/connected to the relevant Service with your Membership) － a separate privacy notice will be made available for each Service;
･information that may be collected by or through third party applications that are available through the Services; or
･our services which cannot be accessed through your Membership.
We may change this Privacy Notice over time. The “Date last updated” mentioned at the end of this document states when the notice was last updated and changes will become effective upon our notification of the revised Privacy Notice to you. Where required by applicable law, we will request your consent to any such changes. We will notify you of these changes by contacting you via email if you have provided your email address, and/or by posting a notice on this page to ensure that you are aware of any changes.
For the purposes of this Privacy Notice, “Personal Data” consists of any information that relates to an identified or identifiable individual (such as you). For example, information which identifies you may consist of your name, address, telephone number, payment details, a specific Alliance product/device identification number that you purchased, location data, an online identifier (e.g. cookies and your IP address). Information which does not identify you on its own but that we link to you also qualifies as Personal Data.
A. Personal Data you provide directly about yourself
Although you can use some of our Services without providing your Personal Data, the Service which are accessible using your Membership require the collection and processing of your Personal Data. You can choose whether or not to create a Membership and provide your Personal Data for that purpose, but you may not be able to access our full Services if you choose not to do so.
We have detailed below the circumstances where we collect your Personal Data in relation to your visit Website and the Membership.
I. When you apply for a Membership
When you apply for a Membership on Website to use the Services and/or their functions, we ask you to provide the following categories of Personal Data:
･your country of residence;
･your name and surname;
･your job title;
･your telephone number;
･your email address;
･your company information:
address of company headquarters
name and title of company representative
business activities and
website address; and
II. When you receive your Membership Service to access one of our Services
You will be prompted to enter (i) your email address and (ii) password each time you wish to log in to Website or access a Service using your Membership.
III. When you communicate with us
If you contact us to exercise your rights under the GDPR or make inquiry about this Privacy Notice, we may ask you to provide certain additional information, including your Membership.
B. Information about your use of the Services
In addition to the information that you provide, we automatically collect information when you access the Services via your Membership and how you use them. For example, when you use the Services, we may automatically collect certain information from you such as IP address, unique device identifier, device configurations and device, our Services usage data (however we do not collect data on what you do on such Services). Please review the respective privacy policies in relation to each of our Services which you access using your ID for Membership.
We are not allowed to process Personal Data if we cannot rely on a valid legal ground. Therefore, we will only process your Personal Data when:
II. the processing is necessary to comply with our legal or regulatory obligations;
III. the processing is necessary for our legitimate interests except where they are overridden by your interests or fundamental rights and freedoms. Examples of such ‘legitimate interests’ include:
1) to protect the security of our IT systems, architecture and networks;
2) to meet our corporate and social responsibility objectives.
For cases other than where GDPR applies as specified in the second paragraph in this Clause:
You have to be 13 years or older to apply for a Membership. We do not solicit or knowingly collect Personal Data from or about children under the age of 13 without the consent of a parent or guardian. If we nevertheless become aware that Personal Data that relates to children under the age of 13 has been submitted to us without the consent of a parent or guardian, we will delete such information from our systems as quickly as possible or, where deletion is not possible, we will ensure that the Personal Data is not used for any purpose or disclosed to any third party.
In case where GDPR applies:
You have to be 16 years or older to apply for a Membership. We do not solicit or knowingly collect Personal Data from or about children under the age of 16 without the consent of a parent or guardian. If we nevertheless become aware that Personal Data that relates to children under the age of 16 has been submitted to us without the consent of a parent or guardian, we will delete such information from our systems as quickly as possible or, where deletion is not possible, we will ensure that the Personal Data is not used for any purpose or disclosed to any third party.
We will use your Personal Data for the following purposes:
I. Acceptance of an application and screening － to proceed our screening processes, and, if your application gets through such screening processes, to offer the Membership and to enable you to obtain information relating to or to enjoy the Services on our websites or by way of communications otherwise, and to enable you to log in to such website using your Membership ID;
III. Proof of identity － to identify you when you login to the relevant Services with your Membership ID or when you communicate with us.;
IV. Statistics － to create anonymous, aggregated statistics about the use of Membership and the related Services. This anonymised data may be shared with third parties;
V. Customer Support Services － to provide customer support services for the Mermbership and the related Services, or to deal with any other support queries you may have (such as complaint handling);
VII. Updates － to communicate with you, including communicating with you about your Membership or transactions with us, to give you important information about your use of Membership; and to provide the latest version of this Privacy Notice; and
We will retain your Personal Data (A) for up to 5 years following the collection of the Personal Data for the purposes as outlined in this Privacy Notice, or (B) for up to one year after you terminate the use of Membership, whichever is longer.
When your Personal Data is no longer required for the purpose for which it was collected or as required by applicable law, it will be deleted in accordance with applicable law.
A. Third parties recipient of the Personal Data
We may disclose your Personal Data to third parties listed in this Section 7 to achieve the purposes described in this Privacy Notice. We require these third parties to take steps to maintain the confidentiality of any Personal Data they may receive from us to perform their tasks, consistent with our Privacy Notice, and we require them not to use this information for any other purpose. We may disclose your information as follows:
I. Nessum Alliance Affiliates
We may need to transfer your Personal Data to other Alliance Affiliates (the “Affiliates”) to enable you to create an Membership ID or use your Alliance ID to access any Service/assistance. All Affiliates are required to follow the privacy related rules set forth in this Privacy Notice. “Affiliates” means any corporate entity that is directly or indirectly controlled by the Alliance.
II. Service Providers
We share Personal Data about you with third party service providers solely for the purpose of enabling them to perform services on our behalf that are related to the Alliance ID and provided they operate in compliance with our instructions.
Examples of such third party service providers are:
･service providers who provide us with data hosting services to store data in relation to your Alliance ID or in relation to the Services accessed via your Alliance ID; and
･service providers who provide us with maintenance services for the Alliance ID and the Services access via your Alliance ID.
III. Third parties when required by law or to protect the ServicesWe will disclose your Personal Data as required by the laws of the European Union and of its Member States, such as in response to an order from a court, public authority or competent regulator of the European Union or one of its Member States.
IV. Third parties when required by law outside of EU or protect the Services
We will disclose your Personal Data in connection with legal requirements, such as in response to an authorized subpoena, governmental request or investigation, or as otherwise required by law, in full compliance with all applicable laws (including without limitation the GDPR).
V. Other parties in connection with corporate transactions
As our business develops, we may sell, buy, or transfer corporate assets. In such transactions, customer information, including your Personal Data, can be part of the transferred business assets to the extent permitted by applicable law. Also, in the event that we, the Alliance ID, the Service, or substantially all of our assets are acquired, your Personal Data will be one of the assets transferred in such acquisition to the acquiring company.
VI. Third parties to which you agreed to disclose your Personal Data
With your consent or upon your request, we may also disclose your Personal Data to other third parties.
B. International Transfer of Personal Data
The Personal Data that we collect from you may be stored and processed in your region, or transferred to, stored at or otherwise processed outside your country of residence, including, in respect of residents of a country within the European Economic Area (the “EEA”), to a country outside the EEA including but not limited to Japan or in any other country which does not offer an adequate level of data protection as recognised by the European Commission and where we or our affiliates or service providers, maintain facilities. Your Personal Data may also be processed by staff operating inside or outside your country of residence, including staff located outside of the EEA, who work for us or for one of our suppliers or service providers.
Where we transfer your Personal Data outside the EEA, we will ensure that suitable safeguards are in place to help ensure that our third party service providers provide an adequate level of protection to your Personal Data. For the processing of your Personal Data in relation to your use of your Membership, we have put in place an appropriate transfer agreement incorporating the Standard Contractual Clauses approved by the European Commission. You may request additional information in this respect and obtain a copy of the relevant safeguards upon request through sending a request to the contact indicated in section 11 below.
The Alliance has put in place appropriate technical and organisational measures to safeguard the Personal Data we collect in connection with your Membership and the Services. These measures take into account:
I. the state of the art of the technology;
II. the costs of its implementation;
III. the nature of the data; and
IV. the risk of the processing.
The purpose thereof is to protect against accidental or unlawful destruction or alteration, accidental loss, unauthorized disclosure or access and against other unlawful forms of processing.
However, please note that although we take appropriate steps to protect your Personal Data, no website, product, device, online application or transmission of data, computer system or wireless connection is completely secure and therefore we cannot guarantee the security of your Personal Data.
B. Security of storage
All Personal Data you provide to us is stored on our secured servers. You are responsible for keeping the password of your Membership confidential and we ask you not to share it with anyone.
C. Other security measures
Information security, including the protection of Personal Data is organized in the Alliance called “Information Security Management” (ISM). The related aim, standards and implementation measures are organized in globally valid policy, standards and guidelines. The IT systems which deal with your Membership information are externally assessed and fall under the information security management rules applicable under the ISO 27001 certification. The program in all its parts follow a strong yearly PDCA (Plan-Do-Check-Act) approach to secure the confidentiality, integrity and availability of all data (including your Personal Data) for the whole information lifecycle from collection to destruction of such data.
A. What are cookies?
B. Further information on cookies
A. What are your rights?
We will collect, store and process your Personal Data in accordance with your rights under any applicable data protection laws.
Your rights under the GDPR include the right to access a copy of your Personal Data, the right to request the correction or the update of any inaccurate Personal Data and the right to object to the processing of your Personal Data under the conditions set out in the GDPR.
You also have the right to request the erasure of your Personal Data and, where you have consented to the processing of your Personal Data, you have the right to withdraw such consent at any time (without this withdrawal affecting the lawfulness of the processing prior to such withdrawal).
In addition, you also have the right to data portability in certain cases. This is the right to request the return of the Personal Data you have provided to us in a structured, commonly used and machine-readable format and to request the transmission of such Personal Data to a third party, where technically feasible, without hindrance from us and subject to your own confidentiality obligations.
B. Exercising your rights
We will respond to your request without undue delay and no later than one month from receipt of any such request, unless a longer period is permitted by applicable data protection laws.
If you are not satisfied with how we process your Personal Data, you may also file a complaint with the competent supervisory authority, in addition to your rights outlined above.
(Date last updated on 4th June 2021)
This website uses programs provided by third parties, such as ad distributors, to conduct behavioral targeting advertising (advertising method for distributing advertisement according to user’s interest based on website browsing information), manage the website, and measure access status on specific pages.
〇Marketing Automation Tool(BowNow)
Cookies are used to collect the user’s website visit history information (without containing any information that can identify individuals). Third parties such as ad distributors use the cookies to distribute advertisements, manage the website, and measure access status, based on past access information to this website. Users wishing to disable this advertising and measurement may access the opt-out pages of the third parties such as ad distributors to disable the cookies. The setting needs to be repeated when you change to a different browser, after clearing cookies, or changing to a new PC.
Click the link below to complete the opt-out setting.