Data privacy statement
1. Entity responsible for data processing (referred to in the following as ‘(data) controller’ or ‘’we’)
Kikkoman Trading Europe GmbH
Managing Directors: Osamu Mogi, Hidekazu Yoshihashi
2. Data protection officer
Mr. Nobuaki Negishi
Legal & Compliance Department
Minato-ku, Tokyo 105-8428
Tel.: +81 (0)3-5521-5175
3. Personal data, purpose of processing and legal basis
This data privacy statement explains the nature, scope and purpose of the personal data we collect and use in connection with your use of our website.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We process data on our website in order to operate a website with information about our services and about us.
Personal data is processed on our website if this is necessary in these cases:
- to use the website (legal basis: Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation);
- for the purposes of legitimate interests to improve the user experience, advertise our services or to maintain website security (legal basis: Article 6 (1) f) of the General Data Protection Regulation);
- to use the services offered on the website and take steps prior to entering into a contract, e.g. data entered on forms (legal basis: Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation):
- to enter into or perform a contract (legal basis: Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation) and/or
- to comply with a legal obligation (such as fiscal law requirements).
You can find more detailed information about data processing under each of the following headers.
a. Access data / server log files
When you visit our website the servers automatically save the server log file information that is sent by your browser. This information includes:
- Name of the website being accessed
- File name
- Date and time of access
- Transmitted data volume
- Successful access message
- Browser type and version
- User’s operating system
- Referrer URL (URL of the previously visited website)
- IP address of the computer accessing the website and
Temporary storage of the IP address by the system is necessary to display website content on your terminal. The IP address is therefore stored for this purpose for the duration of the session. We do not combine this data with other data sources. The information is used exclusively for analytical purposes and to maintain the technical operation of the servers and the network. The legal basis is Article 6 (1) f) of the General Data Protection Regulation).
Some of the cookies used are session cookies which are deleted when you close your browser. Other cookies are stored on your terminal until you delete them.
Most cookies have a cookie ID. This is a sequence of characters which identifies the server or website being accessed by the browser when the cookie was stored. It makes it possible to differentiate between your browser and browsers with other cookies, and every browser can be identified and recognised on the basis of the unique cookie ID. Cookies can be used by website providers to collect data on user activity such as the number of unique visitors to the website each month.
These cookie functions are used on numerous websites and servers to make online services, including services such as the ones we provide, possible.
For example, when you bookmark a recipe on our website, a cookie is used to store the information about the recipes you have bookmarked.
A cookie is also used when you register as a food service user so that the next time you visit the website your browser is recognised and you don’t need to register again.
In all these processes, therefore, information is stored in cookies to allow us to provide our website functions. The legal basis for this is Article 6 (1) f) of the General Data Protection Regulation.
Cookies are also used to show relevant advertisements to users, to optimise campaign performance reports and to prevent users from seeing the same advertisements more than once. You can find further information about the Google cookies we use here: https://policies.google.com/technologies/types?hl=en. The legal basis for this is Article 6 (1) f) of the General Data Protection Regulation.
You can change your browser settings so that it informs you when a cookie is sent, or blocks certain sites’ cookies, or blocks all cookies, or deletes cookies when the browser is closed. You can manage the Google cookies that we use here: https://policies.google.com/technologies/managing?hl=en
You can also download and install the browser add-on at the following link to prevent the cookie-generated data that discloses your use of the website from being collected and transmitted to Google and prevent Google from processing this data: https://tools.google.com/dlpage/gaoptout?hl=en
If your browser is configured to reject all cookies you may not be able to use all the website functions.
c. E-mail contact
When you send us an e-mail enquiry, the information contained in the e-mail and your contact details are processed by us to deal with the enquiry and any follow-up correspondence. The legal basis for this is Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation. We also have a legitimate interest to process this data in order to protect our systems and prevent it from being misused; the legal basis is Article 6 (1) f) of the General Data Protection Regulation.
d. Contact form
When you send us an enquiry using our contact form, the information contained in the contact form, including your IP address and the contact data you provide in the form, are processed by us to deal with the enquiry and any follow-up correspondence. The legal basis for this is Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation. We also have a legitimate interest to process this data in order to protect our systems and prevent it from being misused; the legal basis is Article 6 (1) f) of the General Data Protection Regulation.
e. Newsletter, recipe subscription
If you subscribe to our recipe service by entering your e-mail address, we send you weekly recipe ideas with our products. You can find examples of the recipes here: http://www.kikkoman.eu/consumer/recipes/
When you send us your e-mail address to subscribe to the service, we send a message to the e-mail address you provided requesting you to confirm your subscription by clicking on a link. This is necessary to prevent an unauthorised person from subscribing to the service with your e-mail address. The double opt-in process is logged as proof of subscription. We store the time of subscription, the time of confirmation and your IP address. We also use your e-mail address to send you the recipes. The e-mails are sent via Amazon SES. We have concluded a commissioned processing contract with our service provider.
The legal basis for this is Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation. We also have a legitimate interest to process this data in order protect our system and prevent it from being misused; the legal basis is Article 6 (1) f) of the General Data Protection Regulation.
You can de-subscribe from the recipe service at any time by clicking on the link that is included in every e-mail we send you, or by sending a message to the above-stated contacts. You can also revoke your consent with future effect at any time.
f. User account
When a food service user account is set up on our online portal, the information you disclose to us is used until the account is closed again so that we can provide the online user account service. Please refer to the GTCs in the food service section for the mandatory disclosures. The legal basis for this is Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation. We also have a legitimate interest to process this data in order to protect our systems and prevent it from being misused; the legal basis is Article 6 (1) f) of the General Data Protection Regulation.
g. Google Analytics
This website uses Google Analytics, a web analysis service provided by Google LLC., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (‘Google’) to analyse use of the website and optimise its design. Google is Privacy Shield-certified and has therefore undertaken to comply with EU data protection laws. We have also concluded a commissioned processing contract with Google. In this contract, Google undertakes to protect our users’ data, to process it in compliance with our data protection laws on our behalf and, in particular, not to pass it on to third parties.
IP anonymization is activated on our website. Your IP address is truncated by Google within the Member States of the European Union and in other states that are parties to the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and truncated there in specific, exceptional cases. We have instructed Google to use this information to evaluate your use of the website, to compile reports about website activities and to provide other services relating to website and Internet usage. The legal basis for this is Article 6 (1) f) of the General Data Protection Regulation.
You can change your browser settings to prevent cookies from being saved, but we would like to point out that if you do this, you may not be able to use all the functions of this website to their full extent. (Please refer to section b. above). You can also download and install the browser add-on available at the following link (http://tools.google.com/dlpage/gaoptout?hl=en) to prevent the cookie-generated data that discloses your use of the website (incl. your IP address) from being collected and transmitted to Google and prevent Google from processing this data. Install browser add-on.
h. Integration of third party services and content (Google Maps, RSS feeds, graphics from other websites, YouTube videos etc.)
The following third party services and content may be integrated in our websites:
1. Google Maps maps from third party provider Google
- Data privacy statement https://policies.google.com/privacy?hl=en and https://www.google.com/intl/en_en/help/terms_maps.html
- Opt-out: https://www.google.com/settings/ads/
2. YouTube videos from third party provider Google
- Data privacy statement: https://policies.google.com/privacy?hl=en and https://support.google.com/youtube/answer/7671399?hl=en-GB&ref_topic=2803240
- Opt-out: https://www.google.com/settings/ads/
The legal bases are, if you provide your consent and the data is processed for performance of a contract to which you are party or prior to your entering into a contract, Article 6 (1) a) and/or Article 6 (1) b) of the General Data Protection Regulation, or, if the data is processed for the purposes of legitimate interests to improve the user experience, advertise our services or to maintain website security, the legal basis is Article 6 (1) f).
i. Our social media profiles on Facebook and Instagram
We do not use any social media plugins on www.kikkoman.eu. We only use hyperlinks to our social media pages. Therefore, when you visit our website no data is forwarded to the social media platforms.
However, if you visit the social media platforms or our profiles on those platforms, the following applies.
If you are a Facebook member and do not want Facebook to collect data about you via our website, or to link this with your data stored on Facebook, you need to log off from Facebook before going to our website and delete the Facebook cookies. Further settings and opt-outs to the use of data for promotional purposes exist on Facebook: https://www.facebook.com/settings?tab=ads. Or you can visit the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/
If you are an Instagram member and do not want Instagram to collect data about you via our website, or to link this with your data stored on Instagram, you need to log off from Instagram before going to our website and delete the Instagram cookies. Further settings and opt-outs to the use of data for promotional purposes exist in the Instagram profile settings: https://help.instagram.com/284802804971822?helpref=page_content
j. Adobe Typekit
4. Recipients of personal data
Personal data is transmitted to the following categories of recipients: processors, such as identification service providers, software developers, server hosters, newsletter distributors, customer support and web analysis service providers.
We never pass your data on to third parties without your explicit consent, unless we are legally required to do so or it is absolutely necessary for the performance of a contract.
5. Duration of storage
We delete personal data immediately after the purpose for which it was stored has been served.
Stored server log files and IP addresses are deleted at the latest within 90 days.
Data collected so that the user can use the website is deleted at the end of the session. Session cookies are also automatically deleted at the end of the session.
Cookies are stored on your terminal. You can control their use and deletion (see above).
Personal data provided in connection with e-mail enquiries or the e-mail contact form are processed until your enquiry has been dealt with and then deleted. Please note that it is a statutory requirement to archive data relating to legal transactions for at least six years (section 257 of the German Commercial Code, HGB) or ten years (section 147 of the German Fiscal Code, AO). This can also apply to the content of contact enquiries and e-mails.
Newsletter and recipe subscription data is processed for the duration of the subscription and then deleted.
User account data is deleted when the account is closed, unless there is a mandatory archiving period for contractual or legal reasons, such as commercial or fiscal law requirements.
We have set a delete cycle of 14 months for Google Analytics data.
If you send in an online job application we delete the personal data and the application data within six months of the conclusion of the application process.
We also implement annual reviews to ascertain whether data can be deleted. Data is deleted when the purpose and legal basis for processing no longer applies and we are not under any legal obligation to archive it.
6. Provision of personal data and rights of data subjects
You are not legally required to provide your personal data to us. However, it may be necessary to conclude a contract with us or use our website functions. If you decide not to provide your personal data, it may not be possible to offer a contract or function on the website. There is no automated decision making or profiling on the website.
The rights of data subjects are set out in Articles 15 to 23 and 77 of the General Data Protection Regulation and the revised sections 32 to 37 of the Federal Data Protection Act.
You have the right to request
- information on,
- correction of or
- deletion of your personal data, and to
- impose restrictions on data processing and
You also have the right to
to the processing of your data.
If you have granted your consent to the processing of personal data, you have the right to
- revoke your consent
with future effect.
Please address all enquiries, requests and messages to us. (See section 1 above).
If you believe that processing your personal data contravenes data protection laws, you have the
- right to lodge a complaint
with the competent supervisory authority pursuant to Article 77 of the General Data Protection Regulation. Unless an administrative or judicial remedy provides otherwise, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State you live or work in, or at the place of the suspected contravention if you believe that the processing of your personal data violates the General Data Protection Regulation.
The supervisory authority which is responsible for us is the North Rhine-Westphalian State Data Protection and Freedom-of-Information Officer, (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen), Kavalleriestraße 2-4, 40213 Düsseldorf