Page 7 of 9
We will transfer your data to Japan, which is outside of the European Economic Area.
The reason for transferring your data to Japan is to comply with the financial reporting
requirements that Seiko Holdings global is subject to. There is an adequacy decision
by the European Commission in respect of Japan, which means it is deemed to provide
an adequate level of protection for your personal information. In addition, we ensure
that appropriate data encryption is followed.
Protecting your data
We are aware of the requirement to ensure your data is protected against accidental
loss or disclosure, destruction and abuse. We have implemented processes to guard
against such issues including off-site back up of all IT data in a secure location and
cloud back-up of HR data and systems. Our IT security policy provides further
information.
Where we share your data with third parties, we provide written instructions to them
to ensure that your data is held securely and in line with GDPR requirements. Third
parties must implement appropriate technical and organisational measures to ensure
the security of your data.
We have put in place procedures to deal with any suspected data security breach and
will notify you and any applicable regulator of a suspected breach where we are
legally required to do so.
How long we keep your data for
We will only retain your personal information for as long as necessary to fulfil the
purposes we collected it for, including for the purposes of satisfying any legal,
accounting, or reporting requirements. To determine the appropriate retention period
for personal data, we consider the amount, nature, and sensitivity of the personal data,
the potential risk of harm from unauthorised use or disclosure of your personal data,
the purposes for which we process your personal data and whether we can achieve
those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no
longer be associated with you, in which case we may use such information without
further notice to you. Once you are no longer an employee, worker or contractor of
the company we will retain and securely destroy your personal information in
accordance with applicable laws and regulations.
Automated decision making
No decision will be made about you solely on the basis of automated decision making
(where a decision is taken about you using an electronic system without human
involvement) which has a significant impact on you.