CYBERDYNE Inc.

(The English translation from the original in Japanese.)

1.      Introduction

The Privacy Policy explains how personal information obtained by CYBERDYNE, INC., its Japanese subsidiaries Shonan RoboCare Center Co., Ltd., Oita RoboCare Center Co., Ltd., Suzuka RoboCare Center Co., Ltd., Cyberdyne Care Robotics GmbH, CYBERDYNE Europe GmbH(subsidiary of CYBERDYNE in Germany) and CYBERDYNE USA Inc. (subsidiary of CYBERDYNE in USA, and, together with the aforementioned companies, collectively referred to as “CYBERDYNE”) from customers/shareholders as well as CYBERDYNE’s officers, employees, any other person who is or was engaged in the business of CYBERDYNE (collectively referred to as “employees”) is utilized. Please read this Privacy Policy carefully when using CYBERDYNE’s services, software and website (collectively referred to as “services”). Any use by customers/shareholders of CYBERDYNE’s services and products or any engagement by employees in CYBERDYNE's business shall be deemed to have been conducted after having fully understood and agreed to this Privacy Policy.

2.      Scope of application

This Privacy Policy will be applied when customers/shareholders use CYBERDYNE’s services and products or when employees engage in the business of CYBERDYNE.

3.      Purposes of using personal information

CYBERDYNE utilizes personal information obtained from customers/shareholders/employees for the following purposes (collectively, the “purposes”)

(1)    Purposes of utilizing customer’s personal information

1.       For receiving applications for and providing the products and services offered by CYBERDYNE

2.       For guidance, provision and management of other services and products offered by CYBERDYNE

3.       For research, analysis and recruiting activity related to CYBERDYNE's business. 

4.       For all operations incidental or related to 1 – 3 above.

5.       For implementation of questionnaires concerning the services and products, etc., offered by CYBERDYNE

6.       For development of new services and products

7.       For guidance, operation, management and provision of information regarding various events and campaigns

8.       For notification of services and products offered by CYBERDYNE

9.       For guidance, operation, management and notification of services, products, events and campaigns of CYBERDYNE as well as its group companies and partner companies

10.    For fulfilling obligations and delivering printed materials to CYBERDYNE’s shareholders

11.    For responding to inquiries and requests

(2)    Purposes of utilizing employee’s personal information

1.    For recruitment and employment, social insurance, provision of benefit packages, business communication, legally required procedures and any other procedures related to employment management

2.    For decision and payment of salary, tax withholding procedures, payment of prefectural and municipal inhabitants’ taxes, and any other procedures related to salary payment

3.    For performance evaluation, posting, promotion, secondment, leave of absence, reinstatement and any other procedures related to personnel changes

4.    All operations incidental or related to the above

(3)    Purposes of utilizing shareholders’ personal information

1.  For exercising rights and performing obligations under the Companies Act in Japan,

2.    For operating and recording the shareholders' general meetings,

3.    For promoting the exercise of voting rights, and for providing and offering various benefits for the status as a shareholder including shareholders special benefit programs,

4.    For preparing data, etc. pursuant to applicable laws and regulations, and managing the shares,

5.    For providing shareholders with information on IR activities,

6.    Amongst the relationship between shareholders and CYBERDYNE, for implementing various measures to facilitate the relationship between shareholders and CYBERDYNE from the perspective of being members of an association, and

7.    For implementing any and all operations incidental or related to Items 1 to 6 above.

4.      Acquisition of personal information

CYBERDYNE will obtain the following personal information from customers, shareholders and employees by fair and appropriate means in order to achieve the purposes defined in Article 3. The following items are merely examples and, depending on the case, may not be considered personal information. 

(1)        Acquisition of personal information from customers

1.    Personal information provided to CYBERDYNE by customer when applying for or using the services or purchasing, renting or using the products.

The customer’s name, gender, date of birth, address, telephone number, fax number, email address, business contact, mailing address, physical and medical information relating to use of the products or services and information related to the usage of other products or services.

2.    Information provided to CYBERDYNE by customer upon visiting CYBERDYNE's website

IP address, cookies and web beacons, etc. will be obtained from the customer's browser upon visiting CYBERDYNE's website which provides the services to the users and information on advertisements, access history and access situation of websites and the customer’s usage environment will be automatically collected.

(2)        Acquisition of personal information from employees

1.    Basic information of employees such as name, address, department, title, etc.

2.    Information regarding employee's family such as names and existence of dependents, etc. 

3.    HR information such as qualification/license, personnel changes, performance evaluation, official commendation and disciplinary punishment

4.    Information related to salary, bonus, retirement allowance and pension, etc.

5.    Information related to benefit packages such as status of use of welfare programs

6.    Information related to health such as health check results

(3)        Acquisition of personal information from shareholders

Personal information of shareholders necessary to achieve the purposes of use described in Article 3, including shareholder’s name, address, number of shares held, and shareholder number.

CYBERDYNE will never obtain or use information of a sensitive nature to the customer/shareholder/employee (hereinafter, “sensitive information”), such as information on race, beliefs, social standing, medical history, crime records, and history of having been a victim of a crime, unless explicitly stated otherwise in this Privacy Policy or as required by laws and regulations or for which the consent of the customer/shareholder/employee is obtained.

5.      Choice by the customers/shareholders/employees

As a rule, CYBERDYNE obtains personal information by the volition of the customers/shareholders/employees. Customers may experience disadvantages if they refuse to provide their personal information, such as being unable to make use of the various services provided by CYBERDYNE, or being unable to receive campaign notices and other CYBERDYNE information because part or all of the functions of CYBERDYNE’s system become inoperable and thereby unavailable. The same circumstances will apply to employees who are engaged in CYBERDYNE’s business operations. Please note that customers/shareholders/employees may at any time change their contact information, in a manner designated separately by CYBERDYNE.

6.      Disclosure and provision of information to third parties

CYBERDYNE will not disclose or provide the personal information of customers/shareholders/employees to any third parties, except under the following circumstances:

1.    Customer's/shareholder’s/employee's consent has been obtained;

2.    Disclosure or provision is required or within the scope allowed by laws or regulations;

3.    Disclosure is required to protect human life, health, or property in cases where obtaining customer's/shareholder’s /employee's consent is difficult;

4.    Disclosure is required to cooperate with the public affairs of national or local governments, and when obtaining customer's/shareholder’s /employee's consent is likely to hinder the administration of public affairs;

5.    Disclosure or provision of information as statistical data (in a format that does not disclose the customer’s, shareholder’s or employee’s identity);

6.    Provision of information as a result of the succession of business due to a merger, company split, transfer of business or otherwise;

7.    Provision of information in accordance with procedures based on laws and regulations, under the condition that the following information can be easily checked by the customer, shareholder or employee themselves through the CYBERDYNE website, etc., and that the customer/shareholder/employee has not declared their wish to refuse provision of their information:

①       The purpose of obtaining information is to provide such information to a third party;

②       The specific personal data items to be provided to a third party;

③       The means by which such personal information is provided to a third party;

④       The fact that the provision of information will be suspended upon the customer's/shareholder’s/employee's request; and

⑤       The methods for accepting requests from customers/shareholders/employees

Further, personal information of the customer/shareholder/employee which includes sensitive information will not be provided to a third party for any reason, unless such provision is stipulated under the laws or regulations or consent is obtained from the customer/shareholder/employee.  Data sharing or provision to business entrusted companies shall not be considered as disclosure or provision to a third party. 

7.      Data Sharing

CYBERDYNE will share customer/employee information as follows:

(1)    Scope of Data Sharing

CYBERDYNE, INC., its consolidated subsidiaries and affiliated companies accounted for by the equity-method as stated in the annual securities report, etc.

(2)    Purpose of use by the user

1)       Personal information of customers

1.       For development of new services and products, etc.

2.       For notification of new products and services

3.       For delivery and transfer to relevant company in the event of an inquiry, application for use or other request from a customer regarding products and services provided by CYBERDYNE or its group companies

4.       For appropriate and smooth fulfillment of other transactions with customers, etc.

2)       Personal information of employees

For using personal information of employees such as information defined in “3. Purposes of using personal information” and to conduct business communications.

(3)    Personal information items to be shared

1)      Personal information of customers

Customer ID, customer name, gender, date of birth, address, telephone number, fax number, email address, business contact (name of company, department, title, address, telephone and fax numbers), mailing address, information on physical conditions or diseases related to service offered by CYBERDYNE, record of service use, vital information (heart rate, blood pressure, pulse), transaction history, etc.

2)      Personal information of employees

Employee name, address, department, title and other basic information of the employee stated in “4. Obtaining personal information”

(4)    Head of administration for data sharing

CYBERDYNE, INC.

8.      Business entrustment

In providing products and services to customers or handling the personal information of employees, CYBERDYNE may entrust part of its business operations to third parties to which personal information may also be disclosed to the extent required to achieve the purposes of the entrustment. In these cases, CYBERDYNE will implement all appropriate measures in managing and supervising such third parties to safeguard the handling of customers'/employees' personal information, including executing agreements on the handling of such personal information.

9.      Transfer to outside of Japan

If CYBERDYNE provides customers’/employees’ personal information to third party business operators outside of Japan, including business entrusted companies and data sharing partners, CYBERDYNE will take necessary and appropriate measures in compliance with the laws and regulations.

10. Management of personal information

In receiving customers’/shareholders’/employees’ personal information, CYBERDYNE will manage such information according to the strictest standards and take the utmost care to prevent leaks, losses, or alterations. CYBERDYNE ensures that its officers and employees are properly trained regarding appropriate handling to safeguard the security of information identifying individual customers/shareholders/employees An appropriate retention period for personal information will be established in accordance with the purpose for which such information is used. After the purpose of the information has been achieved, CYBERDYNE will dispose of the information in question by appropriate methods.

11. Requests about handling of personal information

If CYBERDYNE receives a request from a customer/shareholder/employee, submitted in the manner specified, regarding the disclosure, correction, deletion, addition, discontinuance, or erasure (hereinafter, “disclosure, etc.”) of such customer's/shareholder’s/employee's personal information stored in a database held by CYBERDYNE, the request will be handled as follows, within a reasonable timeframe and scope, after confirming that the request was submitted by such customer/shareholder/employee themselves.

(1)    Request for disclosure

Personal information items will be disclosed in accordance with the customer's/shareholder’s/employee's request.

(2)    Request for correction, deletion, or addition

Correction, deletion or addition of personal information will be undertaken wherever possible after due review of the request.

(3)    Request for discontinuance or erasure

The use of personal information items designated by customers/shareholders/employees will be discontinued, and the relevant information erased if so desired, in accordance with the submitted request. However, please note that such requests may prevent customers from being provided with services that they have utilized, or may impede the provision of services in accordance with their wishes. For the employees, it may prevent them from engaging in company business.

CYBERDYNE may not be able to fulfill the customers’/shareholders’/employees’ requests if compliance with such request would seriously impede CYBERDYNE’s business operations or result in a violation of the laws and regulations.

12. Submission of request for disclosure, etc.

The method for submitting requests for disclosure, etc., or notification of purposes of use of personal information received by CYBERDYNE from a customer/shareholder/employee is as follows:

(1)    How to make requests

Please send the required documents by postal mail or e-mail to the address below.

Address:

Personal Information Handling Desk, Corporate Department

CYBERDYNE, INC.

2-2-1, Gakuen-minami, Tsukuba, Ibaraki, 305-0818, Japan. 

E-MAIL:

privacy@cyberdyne.jp

(2)    Documents required for confirmation of identification of individual, etc.

1)      For the individual

Copies of two from the following: driver’s license, passport, health insurance certificate, basic resident registration card with photo, pension insurance booklet, physical disability certificate, resident card or special permanent resident certificate, certificate of seal registration, Individual Number Card (front side only)

2)      For a representative (Both (a) and (b) below are required)

(a) Letter of proxy (legal representatives must provide a certifying document)

(b) Document to identify the representative (copies of two from the following: driver’s license, passport, health insurance certificate, basic resident registration card with photo, pension insurance booklet, physical disability certificate, resident card or special permanent certificate, certificate of seal registration, Individual Number Card [front side only])

(3)    Fee

A fee may be charged depending on the type of request.

13. Modification of this Privacy Policy

CYBERDYNE may make modifications to this Privacy Policy. If modifications are made, details will be posted on the CYBERDYNE website (https://www.cyberdyne.jp/english/), so please be sure to carefully read the contents of any changes made.

In addition to Chapter 1, Chapter 2 will also be applied to the handling of personal information of customers/employees residing in the European Economic Area, which consists of the European Union member States, Norway, Iceland and Liechtenstein (the “EEA”) based on the "REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive “95/46/EC”" (the "GDPR"). In the event of any provision of this chapter contradicting those of chapter 1, the provisions of this chapter shall prevail. In particular, items 6. and 9. in Chapter 1 do not apply upon the handling of personal information of customers and employees residing in the EEA.

1.      Legal basis for handling personal information

CYBERDYNE handles personal information of its customers/employees based on their consent to this Privacy Policy. Furthermore, CYBERDYNE may utilize personal information for the purpose of achieving the rightful benefit of CYBERDYNE or a third party (including but not limited to the benefit generated by requests from customers to CYBERDYNE for the provision of its products and services and the benefit generated by the smooth maintenance of the employment relationship between CYBERDYNE and the employees' management).

A guardian’s consent or permission to consent to this Privacy Policy must be obtained in the event of a customer under the age of 16 using CYBERDYNE’s services. The data subject’s consent to this Privacy Policy must be obtained in the event that a person such as a family member applies for CYBERDYNE’s services on behalf of the data subject.

2.      Request about handling of Personal Information

An EEA resident, has a right to withdraw their consent, request a copy of their personal information, request correction, request to delete or limit the usage of personal data, and request data portability to CYBERDYNE. Furthermore, an EEA resident may object to the handling of their personal information (including personal information handled by CYBERDYNE for direct marketing) if it is recognized by law.

If CYBERDYNE receives a request from an EEA resident, submitted in the manner specified, for copying, correcting, deleting and limiting the usage of their personal information, the request will be handled as follows, within a reasonable timeframe and scope, after confirming that the request was submitted by the customer/employee themselves according to Chapter 1, Article 11 (Request about handling personal information).

(1)    Request for withdrawal

Personal information will be deleted or suspended in accordance with the customer’s or employee's request, wherever possible and appropriate, after due review of the request.

However, please note that such requests may prevent customers from being provided with services that they had utilized, may impede the provision of services in accordance with their wishes, or may prevent employees from engaging in CYBERDYNE's business.

(2)    Request for data portability

A copy of the personal information held by CYBERDYNE will be provided in accordance with the customer's/employee's request, wherever possible and appropriate, after due review of the request.

(3)    Objection to data processing

The use of personal information will be suspended, wherever possible and appropriate, after due review of a request therefor.

(4)    Making a request or an objection

Customers/employees may submit such request by the method provided in Chapter 1, Article 12.

3.      Transfers to outside the EEA

CYBERDYNE may provide the customers'/employees' personal data to third parties, such as its affiliates, cloud vendors and outside contractors, etc. to implement the purposes of use specified above. Since countries located outside the EEA (including, without limitation, Japan and the U.S., the same shall apply hereafter) are among the locations of third parties to whom CYBERDYNE will disclose the personal data of the customers/employees, the customers/employees shall be deemed as having consented to the following matters by consenting to this Privacy Policy:

1.        In the case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as the EEA, many of the rights provided in the EEA to the data subjects of the data will not necessarily be secured.

2.        The customers'/employees' personal data may be provided for the purposes specified above to the subsidiaries and affiliates of CYBERDYNE or third parties, outside the EEA.

4.      Change of purposes of use of personal data

In the case of a change to the purposes of use of personal data, CYBERDYNE will announce the revised Privacy Policy in advance on the CYBERDYNE website (https://www.cyberdyne.jp/english/). If the purposes of use after such change differ from the original purposes of use, CYBERDYNE will ask for consent from the customers/employees regarding the revised purposes of use.

5.      Lodging a complaint with an authority

Customers/Employees have the right to express a complaint on the processing of their personal data with the data protection authority having jurisdiction over their residence. Customers/employees are requested to use the following URL to contact the authority having jurisdiction over their residence:（http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080）

6.      Holding period of personal information

CYBERDYNE will store personal information for 10 years after obtaining the information; provided, however, that this shall not apply in the case where CYBERDYNE is obliged or allowed to store the same for more than 10 years due to the provisions of laws or regulations or of contracts.

(Originally enacted October 17th, 2018)

(as of June 8th, 2021)

1.      Pemprosesan maklumat peribadi untuk transaksi komersial oleh entiti Malaysia.

Sebagai tambahan kepada Chapter 1, Chapter 3 akan tertakluk kepada maklumat peribadi yang diproses oleh servis yang ditawarkan oleh CYBERDYNE di Malaysia atau mana-mana orang lain yang diberi kuasa oleh CYBERDYNE di Malaysia ("CYBERDYNE") untuk memproses maklumat peribadi berkenaan dengan transaksi komersial ("Data Malaysia"). Jika maklumat peribadi anda dikumpul oleh servis CYBERDYNE atau orang yang diberi kuasa oleh CYBERDYNE di Malaysia, Chapter 3 ini adalah terpakai untuk anda.

Dalam Chapter 3 ini, "anda" "individu" hendaklah merujuk kepada pelanggan, pekerja dan pemegang saham yang menggunakan perkhidmatan CYBERDYNE di Malaysia.

"Dasar Privasi" hendajlah merujuk kepada Privacy Policy ini secara keseluruhan. Sekiranya terdapat percanggahan dari segi maksud terma-terma yang terkandung di dalam versi Bahasa Melayu dan Bahasa Inggeris, maksud terma di dalam Bahasa Inggeris adalah terpakai.

2.      Notis PDPA dan Persetujuan

Chapter 3 ini disediakan dalam kedua-dua Bahasa Inggeris dan Melayu dan akan berfungsi sebagai notis perlindungan data peribadi kepada semua individu yang ingin memberikan data peribadi mereka kepada CYBERDYNE bagi tujuan menggunakan perkhidmatan yang ditawarkan oleh CYBERDYNE. Dengan mengklik butang "I AGREE TO SHARE MY INFORMATION", anda dianggap telah membenarkan kami memproses data peribadi anda mengikut Dasar Privasi ini. Penerimaan dan persetujuan yang diberikan di sini akan kekal sah selagi data peribadi tersebut diperlukan bagi Tujuan yang dinyatakan disini.

Sekiranya data peribadi yang akan diberikan melibatkan kanak-kanak bawah umur (iaitu individu di bawah umur 18 tahun) atau individu yang tidak kompeten di sisi undang-undang untuk memberi persetujuan, anda mengesahkan bahawa mereka telah dilantik untuk bertindak untuk memberi kebenaran bagi pihak mereka untuk pemprosesan (termasuk pendedahan dan pemindahan) data peribadi mereka mengikut Dasar Privasi ini.

Anda tidak dibenarkan mengakses dan menggunakan perkhidmatan CYBERDYNE atau mana-mana bahagian daripadanya jika anda tidak bersetuju dengan Dasar Privasi ini atau tidak membenarkan kami memproses data peribadi anda.

3. Pematuhan undang-undang, peraturan dan peraturan Malaysia.

Semua Data Malaysia yang diproses di bawah Chapter 3 ini hendaklah menurut tujuan yang dinyatakan dalam Dasar Privasi ini dan menurut Akta Perlindungan Data Peribadi Malaysia 2010 (Akta 709) (selepas ini dirujuk sebagai "PDPA") dan arahan berkaitan daripada Kementerian Malaysia yang bertanggungjawab untuk perlindungan data peribadi (lebih dikenali sebagai "Kementerian") mengenai pengumpulan, penyimpanan, penyimpanan, perkongsian, pemprosesan dan penggunaan data peribadi anda dan perkara lain yang berkaitan seperti yang ditakrifkan dalam PDPA.

Maklumat peribadi untuk Data Malaysia akan dirujuk sebagai "Data Peribadi" dalam Chapter 3 ini. "Data peribadi" dan istilah lain yang ditakrifkan di bawah PDPA apabila digunakan dalam Dasar Privasi ini hendaklah mempunyai maksud yang sama seperti yang ditakrifkan di bawah PDPA. Sekiranya berlaku ketidakselarasan terma antara Chapter 1 dan Chapter 3, terma dalam Chapter 3 ini akan mengatasi setakat Data Malaysia berkenaan.

4. Tujuan

Anda mengakui dan bersetuju bahawa dengan memberikan data peribadi anda kepada CYBERDYNE, CYBERDYNE boleh menggunakan, mendedahkan dan sebaliknya memproses data peribadi anda untuk tujuan seperti yang dinyatakan dalam Bahagian 3 Chapter 1 di dalam Dasar Privasi ini ("Tujuan").

CYBERDYNE boleh mengubah Tujuan penggunaan seperti yang diterangkan di atas sekiranya keperluan yang munasabah dan relevan memenuhi Tujuan penggunaan asal. Dalam keadaan sedemikian, kami akan memberitahu pelanggan/pekerja/pemegang saham kami berkenaan perubahan dalam terma berkenaan penggunaan data peribadi di laman web kami atau platform lain atau melalui e-mel. Oleh itu, anda dinasihatkan untuk menyemak Dasar Privasi terkini dari semasa ke semasa.

5. Pengumpulan Data Peribadi

Jenis data peribadi yang dikumpul

Data Malaysia yang dikumpul oleh CYBERDYNE hendaklah termasuk maklumat peribadi seperti yang dinyatakan Dalam Bahagian 4 Chapter 1. Sebagai tambahan kepada maklumat peribadi tersebut, CYBERDYNE boleh, dalam keadaan tertentu mengumpul data sensitif anda untuk Tujuan seperti yang dinyatakan di sini. Maklumat berikut hendaklah dianggap sebagai "data sensitif" menurut PDPA seperti berikut:

“Data Sensitif” ditakrifkan di bawah seksyen 4 PDPA sebagai data yang terdiri daripada maklumat tentang kesihatan atau keadaan fizikal atau mental, pendapat politik, kepercayaan agama subjek data (individu).

Dengan menerima Dasar Privasi ini, anda dengan ini dianggap telah memberikan kebenaran yang jelas untuk kami memproses data peribadi anda termasuk data sensitif. Walau apa pun perkara di atas, CYBERDYNE boleh memproses data peribadi yang sensitif untuk keadaan berikut tanpa perlu mendapatkan kebenaran berasingan:

•       untuk pelaksanaan atau tuntutan hak atau kewajipan di bawah undang-undang terhadap seseorang individu dalam hal pekerjaan;

•       untuk melindungi kepentingan individu atau orang lain, di mana kebenaran tidak boleh diberikan oleh individu atau wakilnya atau mustahil untuk kami mendapatkan kebenaran dengan cara yang biasa dan munasabah;

•       untuk melindungi kepentingan individu atau orang lain, di mana kebenaran oleh individu atau wakilnya tidak dengan sengaja tidak diberikan;

•       untuk tujuan perubatan - di bawah jagaan profesional dalam bidang penjagaan kesihatan atau seseorang yang mempunyai tanggungjawab kerahsiaan yang sama dengan profesional dalam bidang penjagaan kesihatan;

•       untuk sebarang tindakan undang-undang yang berkaitan;

•       untuk mendapatkan nasihat undang-undang;

•       untuk mencipta, membawa atau mempertahankan hak di bawah undang-undang;

•       untuk mentadbir sistem keadilan undang-undang;

•       untuk menjalankan apa-apa fungsi yang diberikan kepada seseorang oleh atau di bawah undang-undang;

•       tujuan lain yang dilihat oleh Kementerian; atau

•       maklumat yang terkandung dalam data peribadi telah diketahui umum hasil daripada tindakan individu dan dalam keadaan sedemikian, kami tidak perlu mendapatkan kebenaran individu berkenaan dengan data peribadi tersebut.

Bagaimana kami mengumpul

Menurut Bahagian 4 di Chapter 1, data peribadi yang diberikan ketika menggunakan servis atau produk CYBERDYNA akan dikumpul oleh CYBERDYNE dan/atau pembekal perkhidmatan pihak ketiga melalui cara-cara berikut:

•       terus daripada anda;

•       apabila anda mendaftar sebagai ahli di laman web atau aplikasi CYBERDYNE;

•       tempat anda mengakses dan berinteraksi dengan tapak web atau aplikasi CYBERDYNE;

•       apabila anda berkomunikasi dengan perkhidmatan pelanggan kami, rakan kongsi penghantaran dan pembekal perkhidmatan lain;

•       atau bila-bila masa yang difikirkan sesuai untuk mencapai tujuan seperti yang dinyatakan dalam Bahagian 3 Chapter 1 Dasar Privasi ini.

Skop Penggunaan

CYBERDYNE hanya akan mengendalikan data peribadi dalam skop yang diperlukan untuk mencapai Tujuan penggunaan. Sekiranya berlaku kejadian yang jarang berlaku dan tidak diramalkan, kami akan mendapatkan kebenaran individu itu terlebih dahulu, melainkan ia adalah untuk salah satu daripada situasi berikut:

•       pencegahan atau pengesanan jenayah atau untuk tujuan penyiasatan;

•       penangkapan atau pendakwaan pesalah undang-undang;

•       penilaian atau taksiran cukai atau sebarang pembayaran lain yang serupa;

•       garis panduan atau arahan lain yang dikeluarkan oleh Kementerian dan diwartakan untuk PDPA.; atau

•       untuk mematuhi sebarang keperluan undang-undang yang terpakai kepada atau dikenakan ke atas kami;

•       untuk melindungi kepentingan penting anda;

•       untuk pentadbiran keadilan; atau

•       untuk menjalankan apa-apa fungsi yang diberikan kepada mana-mana orang oleh atau di bawah mana-mana undang-undang.

6. Pemindahan data peribadi anda ke luar Malaysia

Kemudahan dan pelayan storan teknologi maklumat CYBERDYNE mungkin terletak di bidang kuasa lain di luar Malaysia . Ini mungkin termasuk, Data peribadi anda mungkin disimpan pada pelayan yang terletak di luar Malaysia termasuk tetapi tidak terhad kepada di Jepun. Selain itu, data peribadi anda mungkin didedahkan atau dipindahkan kepada entiti yang terletak di luar Malaysia atau di mana anda mengakses tapak CYBERDYNE dari negara di luar Malaysia.

Sila ambil perhatian bahawa entiti asing ini mungkin ditubuhkan di negara yang mungkin tidak menawarkan tahap perlindungan data yang setara dengan yang ditawarkan di Malaysia di bawah undang-undang Malaysia. Anda dengan ini secara nyata membenarkan kami memindahkan data peribadi anda ke luar Malaysia untuk tujuan tersebut. Kami akan berusaha untuk memastikan bahawa langkah-langkah yang munasabah diambil untuk memastikan semua pihak ketiga di luar Malaysia tidak akan menggunakan data peribadi anda selain daripada bahagian Tujuan tersebut dan untuk melindungi kerahsiaan dan privasi data peribadi anda dengan secukupnya.

7. Ketepatan data peribadi anda

CYBERDYNE mengambil langkah yang munasabah untuk memastikan bahawa maklumat yang kami pegang tentang anda adalah tepat, lengkap dan terkini. Untuk membantu kami melakukan ini, sila berikan kami maklumat yang betul dan maklumkan kepada kami jika butiran anda berubah. Anda mempunyai hak untuk mengakses dan membetulkan maklumat peribadi anda yang dipegang oleh kami tentang anda. Anda boleh menyerahkan permintaan anda menurut Seksyen 11 dan 12 Bab 1 Dasar Privasi ini.

8. Pengesahan dan Penyimpanan Rekod

CYBERDYNE akan mengesahkan dan menyimpan rekod dengan tepat dan mengikut undang-undang dan garis panduan yang berkaitan, terutamanya yang dikeluarkan di bawah PDPA, apabila bertukar maklumat dalam data peribadi anda dengan pihak ketiga.

9. Pendedahan data peribadi kepada pihak ketiga

Pendedahan data peribadi anda kepada pihak ketiga adalah tertakluk kepada persetujuan anda terlebih dahulu. Kami tidak akan menjual, menyewa, memindahkan atau mendedahkan mana-mana data peribadi anda kepada mana-mana pihak ketiga tanpa kebenaran anda. Dengan menerima Dasar Privasi ini, anda dengan ini bersetuju untuk kami mendedahkan data peribadi anda kepada pihak ketiga berikut untuk satu atau lebih Tujuan:

•       pekerja, ejen, ahli gabungan dan syarikat bersekutu kami;

•       mana-mana orang yang kepadanya kami mempunyai kewajipan untuk membuat pendedahan di bawah mana-mana undang-undang yang terpakai;

•       mana-mana mahkamah dan/atau pegawai mahkamah;

•       juruaudit kami, penasihat undang-undang, profesional pematuhan dan penasihat lain;

•       pembekal perkhidmatan gerbang pembayaran kami;

•       rakan kongsi penghantaran kami; dan

•       pembekal perkhidmatan dan vendor kami.

CYBERDYNE juga boleh memindahkan, mendedahkan atau berkongsi data peribadi anda dengan ahli gabungan dan/atau rakan kongsinya yang mungkin terlibat, atau dalam beberapa kes, memindahkan data peribadi anda ke

10. Keselamatan data peribadi anda

Seperti yang dinyatakan di dalam Bahagian 10 Chapter 1, CYBERDYNE akan mengambil tindakan yang perlu dan sesuai untuk tujuan kawalan keselamatan untuk melindungi data peribadi daripada akses tanpa kebenaran, pemalsuan, kebocoran, kehilangan atau kerosakan kepada data peribadi. Walaupun penjagaan diambil untuk melindungi data peribadi anda di bawah pemilikan kami, malangnya tiada penghantaran data melalui Internet dapat dijamin 100% selamat. Sehubungan itu, kami tidak dapat memastikan atau menjamin keselamatan sebarang maklumat yang anda hantar kepada kami atau terima daripada kami dalam talian.

11. Hak Anda

CYBERDYNE menawarkan pilihan untuk memohon akses, mendedahkan, mengemas kini atau membetulkan data peribadi anda dan menarik diri daripada cara kami berkomunikasi dengan anda. CYBERDYNE akan memberikan maklum balas tentang sebarang bentuk permintaan, pemberitahuan, permohonan akses dan pembetulan perkara yang berkaitan dengan data peribadi anda yang diperolehi seperti yang dinyatakan oleh PDPA. Penggunaan atau akses anda kepada tapak, perkhidmatan dan alatan CYBERDYNE mungkin terhad, digantung atau ditamatkan (seperti yang kami anggap sesuai mengikut budi bicara kami) jika anda mengenakan sebarang had ke atas kami dalam pemprosesan data peribadi anda atau jika anda menarik balik kebenaran anda untuk kami untuk memproses data anda.

Walau bagaimanapun, kami berhak untuk menolak permohonan untuk mendapatkan akses atau melanjutkan pengesahan sebelum membenarkan akses kepada alasan yang dibenarkan di bawah PDPA, jika pemberian akses kepada anda mungkin menjadi risiko kepada privasi anda, atau keadaan di mana hak orang lain juga mungkin tergendala.

[tamat]

(Originally enacted January 27th, 2022)

The following describes how we treat personal information gathered via the CYBERDYNE website. If a customer/employee wishes to know more about our general policy on privacy protection, etc. please refer to the CYBERDYNE Privacy Policy document.

1.      Introduction

This document defines how CYBERDYNE deals with information gathered via the CYBERDYNE website and is based on the CYBERDYNE Privacy Policy. CYBERDYNE makes every effort to protect customer/employee privacy so that customers/employees can use the CYBERDYNE website with confidence and peace of mind.

By using the CYBERDYNE website the customer/employee is deemed to have understood and agreed to the following content:

2.      Scope

This Privacy Policy only applies to use of the CYBERDYNE website (cyberdyne.jp as the domain) and does not apply to sites managed by other companies. In order to provide useful information and services to the user, links to other websites are introduced on the CYBERDYNE site. This Privacy Policy does not apply to sites accessed via such links. We recommend that customers/employees check the privacy protection policies of each individual website.

3.      Security

n   Security technology which protects personal information

To protect from illegal accesses by an unauthorized third party, protection of personal information is secured by encrypting personal information by using SSL (Secure Sockets Layer) encryption technology and the other similar technology. This means that any information provided by customers/employees when using this site cannot be accessed by an unauthorized third party. Furthermore, a firewall, anti-virus measures and the other reasonable security measures have been installed to prevent disclosure, appropriation, alteration, etc. of personal information.

Structure of SSL (Secure Sockets Layer)

By using the SSL, a digital "handshake" (by digital confirmation, digital signature) between CYBERDYNE and the customer takes place where security is mutually confirmed, and upon mutual confirmation, the personal information of the customer is sent by customer. At that time, the data is encrypted and this prevents the data from being sent to any third-party identity thieves. 

Moreover, the data transmitted through SSL is encrypted using two types of encryption; namely, public key encryption (RSA) and common key (private key) encryption scheme. A key is required to decrypt such information. Even when data is intercepted by a third party, such encrypted data may not be decrypted without the correct key. Even though the number of types of keys is limited, it will take an unrealistically long time to figure out the correct key by trying out each key in order, even electronically by using devises such as a personal computer and thus it can be said that it is extremely difficult for a third party to decrypt the information.  

3. Collection of data

■ Site access

So that our customers can use our website with greater ease, the information below is collected.

(1)  Regarding use of Cookies*1

CYBERDYNE will collect Cookies under a purpose to provide the following information.

· Log-in data for online service provided by CYBERDYNE

· Data from personalized pages for customers

· Registration data including special campaigns, etc.

· Site access history (using Web beacon*2)

Customers may always block Cookies by setting their browser.  It is recommended that customers set their browser to only accept cookies from websites they can trust.  However, please be advised that without the cookie, the speed of the website may substantially decrease. 

(2)  Regarding use of IP Address *3

CYBERDYNE will collect IP addresses under a purpose to provide information suiting the customer's region.  When the customer views the CYBERDYNE website, the region the customer is accessing from will be determined based on the IP address, but the customer will not be identified. 

■ Email

When CYBERDYNE sends e-mail to our customers, the following data may be collected:

· The status of HTML emails, i.e., whether they have been opened or previewed (using Web beacon*2)

· Whether our website has been accessed via a link in a text email or HTML mail.

*1 Cookies

1.        A Cookie is a function where the fact that the user visited a specific website will be stored in the computer of such user.  Information such as e-mail address or name which can identify the individual is not among the data collected through the Cookie. 

2.        CYBERDYNE may provide the information collected through the Cookie to any third party if it is within the scope necessary to achieve the purpose stated under (1) Regarding use of Cookies*1 of this Privacy Policy.

3.        Users may select whether the Cookie may be used for each purpose on its own under the setting method of the web browser used by the user.  If the user accepts the Cookie and thereupon visits the CYBERDYNE website, it is deemed that the user agreed to CYBERDYNE's use of the information that the user visited our website.

* In order to gain full advantage of our website, it is recommended that the user accepts the Cookie.

*2 Web beacon

Web beacon means a structure constituting minute pictures invisible to the naked eye (1x1 pixel GIF) that are embedded into webpages or HTML emails and used to record the following data: opening/ previewing of emails, and access to websites using links in emails.

*3 IP Address

This is a number automatically assigned when the customer visits various websites.  The webserver (the computer providing the website) automatically recognizes the customer's computer based on the IP address and connects.