General information about the collection of personal data
Personal data are all data which can be related to you personally, such as for example your form of address (title), your name, your address, your e-mail address, your telephone number, your bank details, your credit-card number, your IP address, etc. Your personal data are collected and processed by us only in accordance with the provisions of the EU General Data Protection Regulation (?GDPR?) and other provisions of applicable national data protection law.
Personal data are collected and processed on a regular basis only after you have given your consent or if the processing of such data is permitted by statutory provisions. The following provisions provide you with information about the nature, scope and purpose of the collection and processing of your personal data.
In the event that for individual functions of our offer and/or our services we have recourse to commissioned service providers or use your data for promotional or analysis purposes, we additionally provide you with detailed information below about the relevant procedures. At this point we also inform you about the defined criteria and the storage period. We also inform you about your rights regarding each instance of data processing.
- Name and address of the controller (CASIO)
The controller responsible for data protection law as contemplated by the GDPR and all other applicable provisions of EU data protection law is CASIO (?Controller?). If you have any questions, suggestions or criticisms relating to our website's data protection, please contact:
CASIO Europe GmbH
Tel.: +49 (0)40-528 65-0
- Contact information of the data protection officer
Any person affected can at any time also contact our data protection officer directly if they have questions and suggestions relating to data protection. The data protection officer can be contacted at:
CASIO Europe GmbH
Data Protection Officer
Telephone: +49 (0)40-528 65-0
- Notes on lawfulness and period of storage
- Lawfulness of the processing of personal data
If we obtain your consent for the processing operations of personal data, Article 6 (1) a) GDPR is the legal basis for the processing of personal data.
With regard to the processing of personal data which are required to perform a contract with you, Article 6 (1) b) GDPR is the relevant legal basis. This also applies to processing operations which already become relevant precontractually.
If processing of your personal data is required to fulfil one of our legal obligations, Article 6 (1) c) GDPR serves as the legal basis.
In the event that vital interests on your part or in the case of another natural person are interfered with which make a processing of personal data necessary, Article 6 (1) d) GDPR serves as the legal basis for this processing.
If processing is required to protect a legitimate interest of our company or of a third party and your interests, fundamental rights and fundamental freedoms do not override our legitimate interest, Article 6 (1) f) GDPR serves as the legal basis for processing.
We do not exercise any automated decision-taking in relation with the processing of personal data through the CASIO website.
- Storage period and erasure of data
The personal data collected, processed and stored by us will essentially only be stored for such time as demanded by the concrete purpose of storage. If the purpose of storage/processing ceases to apply, i.e., when we no longer need to use your personal data to comply with contractual or statutory obligations, your data will be erased or anonymized.
However, the situation may furthermore arise where European regulations, applicable national laws or other regulations (e.g. regulatory obligations) require that the data processed by us be retained for a longer period of time, e.g. statutory retention periods which can result from, e.g. Commercial Code, Tax Code and usually contain retention periods from 6 to 10 years, or if we need it to preserve evidence within the statutes of limitation, which is usually three years but can be up to thirty years. When these retention periods expire, we delete or anonymize your data.
Insofar as we process your personal data, you are a ?data subject? as contemplated by the GDPR. As a data subject, you may have the following rights in respect of CASIO. To exercise your rights please contact us as stated in Section 2.
- Right of access regarding processing
You can within the framework of the statutory provision request from us information as to whether personal data are processed by us. If this is the case, you have the right to request information about the extent of the data processing. The access information includes ? inter alia ? the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. You may have the right to obtain a copy of the personal data undergoing processing. However, this is not an absolute right and the interests of other individuals may restrict your right to obtain such copy.
The right of access is limited pursuant to Section 34 FDPA. The right of access does e.g. not apply if the data (a) were recorded only because they may not be erased due to legal or statutory provisions on retention, or (b) only serve the purposes of monitoring data protection or safeguarding data, and providing information would require a disproportionate effort, and appropriate technical and organizational measures make processing for other purposes impossible.
- Right to rectification ("Right to be forgotten")
You may have a right to have your data corrected by CASIO if the processed personal data concerning you are incorrect. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to restriction of processing
If the preconditions exist for this, you can request the restriction of the processing of your personal data. In this case, the respective data will be marked and may only be processed by us for certain purposes.
- Right to erasure
Under certain circumstances, you may have the right to obtain from us to erase of personal data concerning you and we may be obliged to erase such personal data. Such right to erasure does pursuant to Section 35 FDPA, for instance, not apply if in the case of a non-automated processing erasure would be impossible or would involve disproportionate effort due to the specific mode of storage and if your interest in erasure can be regarded as minimal. In such case, you may have the right to restriction of processing.
- Right to data portability
Under certain circumstances, you may have the right to receive the personal data concerning you which you have provided to CASIO in a structured, commonly used and machine-readable format. Furthermore, you have the right to communicate these data to another controller without hindrance from CASIO provided the preconditions exist for this.
Right of objection
You have the right for reasons arising from your particular situation at any time to lodge an objection against the processing of the personal data concerning you that occurs on the basis of Article 6 (1) e) or f) GDPR.
The consequence of your an objection is that CASIO will no longer process the personal data concerning you unless it can demonstrate compelling reasons worthy of protection for the processing which override your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims.
In the event that we undertake marketing in respect of yourself, you have the right at any time to lodge an objection against the processing of the personal data concerning you for such promotional purposes. You can notify us of your objection using the following contact details:
CASIO Europe GmbH
- Right to withdraw your consent under data protection law
If you have consented under data protection law, you can withdraw this at any time for the future. Withdrawal of consent shall not affect the lawfulness of the processing conducted on the basis of the consent up to the point of withdrawal.
- Right to appeal to a supervisory authority
You may appeal to a supervisory authority, in particular in the Member State of your place of residence, your workplace or the place of the suspected infringement if you are of the opinion that the processing of the personal data concerning you infringes the GDPR.
- Visiting our website and generating log files
Our system automatically retrieves data and information from your computer system each time you visit our CASIO website.
The following of your data are collected here:
The data mentioned collected by us about you are stored in our system's log files. These data are not stored together with other personal data. The legal basis for the provisional storage of data and log files is Article 6 (1) f) GDPR. Considering the security and organizational requirements of the processing of data by CASIO, we believe that your interests are appropriately considered and protected. We provide you with further information on the balancing test upon request.
- Information about your browser type
- Information about your operating system
- Information about your internet service provider
- Your IP address
- Date and time of your visit to our website
- Information about the website from which your system is directed to our website
- Information about the website which is called up by your system via our website.
We have a legitimate interest in collecting and provisionally storing the mentioned data since the provisional storage of the IP address by the system is necessary to enable the website to be delivered to your computer. While you are surfing on our website your IP address may be stored for the duration of the session.
Storage in log files occurs to ensure the functionality of the website. In addition, these data serve to optimise our website and to ensure the security of our IT systems. The log files are not evaluated for marketing purposes. Considering the security and organizational requirements of the processing of data by CASIO, we believe that your interests are appropriately considered and protected.
The data are erased or anonymized so that they can no longer be assigned to you as soon as they are no longer needed for the purpose mentioned here. If the data are stored in log files, they are erased after seven days.
- Contact form
Our website features a contact form which you can use to contact us electronically. If you make use of this opportunity, the data entered on the input screen are communicated to us and stored. The data in question are in particular:
The legal basis for processing the data is Article 6 (1) b) GDPR, i.e., the performance of a contract or in order to take steps prior to entering into a contract. The collection of your personal data is a contractual precondition. Without the provision of your personal data, you cannot receive our services. We use the processing of the personal data from the input screen solely to process the contact approach. The data are erased as soon as they are no longer needed to fulfil the purpose of their collection and their erasure is not barred by any statutory archiving obligations. The purpose is fulfilled when the relevant conversation with the user is ended. The conversation is ended when it can be inferred from the circumstances that the issue in question is conclusively clarified.
- For new customers
- Your full name
- Your address
- Your e-mail address
- For support/repair purposes
- Your full name
- Your e-mail address
- Your address (if necessary for the purpose of returning or shipping devices)
The following data are additionally stored at the moment the message is sent:
The data are not passed on to third parties in this connection. The data are used solely to process the conversation. These personal data processed during the sending operation serve to prevent the contact form from being misused and to ensure the security of our IT systems. The personal data additionally collected during the sending operation are erased no later than after a period of seven days. The legal basis for the processing of data is Article 6 (1) b) GDPR.
- Your IP address
- Date and time of your contact approach
On our CASIO website we offer you as a user the opportunity to search for the specialist dealer of our products who is nearest to your immediate location. For this purpose we collect from you your geo data; this involves you entering these data in a designated form (a) or clicking to allow your web browser to identify your location by means of IP address (b). To be able to display the right specialist dealer, CASIO uses the service Google Maps API, a map service operated by Google Inc. (?Google?). Google can be contacted at Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. In this way, we can display interactive maps directly in your web browser and enable you to use the map function conveniently.
- Collecting the data by form
You have the opportunity on our CASIO website for the specialist-dealer search to complete a form in which you enter (optionally) the following details:
Then click on ?Find dealer? and the specialist-dealer search is activated. In this way, Google receives the information that you have called up the corresponding subpage of our website. In addition, the following data are communicated to Google:
- Your country
- Your postcode or your town/city
- If necessary, street/road name
This takes place irrespective of whether Google provides a user account via which you are logged in or whether no user account exists at Google. When you are logged in to Google, your data are assigned directly to your account. If you do not want your data to be assigned with your profile at Google, you must log out from Google before visiting the CASIO website.
- Your IP address
- Date and time of the request
- The time-zone difference from Greenwich Mean Time (GMT)
- Contents of the request (concrete page)
- Access status/HTTP status code
- Data volume transmitted in each case
- Website from which the request comes
- Your browser type
- Your operating system and its interface
- Your language and version of the browser software
Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield for this purpose: https://www.privacyshield.gov/EU-US-Framework.
The use of Google Maps API is justified in accordance with Article 6 (1) Sentence 1 b) GDPR since the data in the present case are required to perform the contract. We use Google Maps API to be able to offer you a map function so that you find the right specialist dealer as quickly as possible. If you consented to such processing, we use your browser data for the purpose of market and opinion research and optimization of our CASIO website as well as for personalizing your user experience with Google Analytics. The legal basis for the processing of your browser data is Article 6 (1) ( f) GDPR for the optimization of our CASIO website. We provide you with further information on the balancing test upon request.
- Collecting the data via your web browser?s geo query
CASIO sometimes uses websites which facilitate location-dependent browsing. It is therefore possible for your web browser, before you enter the data independently, already to ask whether our CASIO website is permitted to access your location. As soon as you permit your web browser to approve the website with an active click, the browser transmits data (degrees of longitude and latitude) to the Google location service to determine your approximate location. The browser then releases this information for the querying CASIO website so that CASIO can display the right specialist dealer for you.
The legal basis for processing is in this case Article 6 (1) Sentence 1 b) GDPR.
In addition to the above-mentioned data, different types of cookies are used and stored on your computer while our CASIO website is being used.
Cookies are small text files which are stored on your computer or mobile end devices when you visit our CASIO websites. We receive a variety of information through the setting of cookies.
On the CASIO website you have the opportunity to subscribe to a free newsletter. The data you enter on the input screen when registering for the newsletter are transmitted to us. These are usually:
We need your e-mail address to send you the newsletter. Any additional details on your part are voluntary.
- Your e-mail address
- Your name
- Your country of origin
- Your date of birth
We use the so-called double opt in procedure for registering for your newsletter. In other words, we send you, after you have registered, an e-mail to the specified e-mail address in which we ask you to confirm that you wish to be sent the newsletter. If you fail to confirm your registration within 24 hours, your information is blocked and automatically erased after one month. We also store in each case your used IP addresses and registration and confirmation times. The purpose of the procedure is to verify your registration and if necessary to be able to clear up any possible misuse of your personal data.
After your confirmation we store your e-mail address and the further details in order to send the newsletter. The legal basis is Article 6 (1) Sentence 1 a) GDPR. We erase your data as soon as you have terminated your subscription to the newsletter or the subscription is terminated.
Disclosure of data to third parties
We will pass on your personal data to service providers, business partners, affiliated companies and other third parties only within the framework of the applicable data protection legislation.
We can disclose personal data to the service providers commissioned by us and place them under an obligation to perform services in our name (order processing). Such service providers can be affiliated companies of CASIO or external service providers. In this respect we comply with the strict applicable national and European data protection provisions. The service providers are subject to our instructions and to strict contractual restrictions with regard to the processing of personal data. In accordance with this, processing is only permitted if it is required to perform the services in our name or to adhere to legal requirements. We establish precisely in advance what rights and obligations our service providers are to have with regard to personal data.
We can disclose personal data to a third party if we are obliged to do so on account of a law or legal proceedings or in order to deliver and manage our products and services. We may furthermore be obliged to give information to a law enforcement agency or to another authority. If it is necessary to pass on information for cooperation and consequently for the provision of services by CASIO to you or you consented , we are also authorised to disclose data. Also, when company audits are due, a disclosure may be lawful.
- Web hosting
Our website and consequently also your user account are hosted by an external service provider. Further information about our service provider can be found here: https://www.casio-europe.com/euro/provider/
Our service provider may only access your data within the framework of our instructions (order processing). Our service provider also takes strict technical measures to protect your personal data. Our service provider will not pass on your personal data to third parties except where it is necessary to pass them on to render the agreed services or our service provider is obliged to do so to comply with the law or a valid and mandatory instruction of a government or regulatory agency. The data transmitted for this purpose are restricted to the necessary minimum. Our service provider stores all information exclusively on servers in Germany.
Our service provider is subject to our instructions and to strict contractual restrictions with regard to the processing of personal data. In accordance with this, processing is only permitted if it is necessary to perform the services in our name or to adhere to legal requirements. We establish precisely in advance what rights and obligations our service provider is to have with regard to personal data.
The legal basis for the processing of data is Article 6 (1) f) GDPR. The purpose of the data processing is for our service provider to offer us the opportunity to use its servers. Our service provider stores your data only for such time as is required to fulfil the above-mentioned purpose. We provide you with further information on the balancing test upon request.
- Database maintenance
We work together with external service providers for application development and database maintenance. Further information about our service provider can be found here: https://www.casio-europe.com/euro/provider/
The service providers may only access your data within the framework of our instructions (order processing). Our service providers also take strict technical measures to protect your personal data. Our service providers will not pass on your personal data to third parties except where it is necessary to pass them on to render the agreed service or our service providers are obliged to do so to comply with the law or a valid and mandatory instruction of a government or regulatory agency. The data transmitted for this purpose are restricted to the necessary minimum.
Our service providers are subject to our instructions and to strict contractual restrictions with regard to the processing of personal data. In accordance with this, processing is only permitted if it is necessary to perform the services in our name or to adhere to legal requirements. We establish precisely in advance what rights and obligations our service providers are to have with regard to personal data.
The legal basis for the processing of data is Article 6 (1) f) GDPR. The purpose of the data processing is for our service providers to maintain our databases for us. Our service providers store your data only for such time as is required to fulfil the above-mentioned purpose. We provide you with further information on the balancing test upon request.
- Security standards
CASIO has implemented appropriate physical, technical and administrative security standards to protect personal data against loss, misuse, modification or destruction. Our service providers are contractually obligated to preserve the confidentiality of personal data. In addition, they may not use the data for purposes that have not been approved by us.
- Changes to this policy