PRIVACY POLICY

1.Policy

For the proper collection, use and protection of, and to carry out safety management of, personal information of customers and information comparable to the same (“User Information”) that Japan Contemporary Art Platform (“JCAP”) acquires through trade shows, sales, planning and other projects (“Services”) it implements, JCAP stipulates this Privacy Policy (“Policy”).

2.Method of Obtaining Information, and Information to be Obtained

To provide the Services and have customers use JCAP website, JCAP will announce or give notice of the purposes of use in advance, and may obtain User Information such as the following through direct provision by customers or automatically through the internet. Moreover, to obtain User Information automatically through the internet, cookies that are used by Google Analytics, a website access analysis tool provided by Google, will be used, but customers can restrict or disable the function of cookies by setting their own browsers. For details regarding Google Analytics, refer to the following link.(https://support.google.com/analytics/answer/6004245?hl=ja
If a customer is unable to provide User Information, there may be cases where the customer will be unable to use the Services of JCAP.

  1. A customer’s name, date of birth, gender, address, telephone number, email address, occupation, portrait, and other information concerning a customer’s profile.
  2. A customer’s credit card information, bank account information, electronic money information, and other information concerning a customer’s settlement procedures.
  3. Information that a customer inputs or transmits through input forms or other methods specified by JCAP for the Services.
  4. Use history of the Services, visiting and browsing histories of JCAP’s website, types of terminals, terminal identifiers, types of browsers, referrers, IP addresses, cookies, domain names, visitor IDs, other advertisement identifiers, and other information automatically recorded when a customer uses the Services.

3.Purposes of Use of Information

JCAP will use customers’ User Information for the purposes set forth below, including the provision of guidance and information relating to JCAP’s projects, execution and performance of agreements with customers, provision of after-care services, communication with customers, and development of new services.
Further, unless otherwise provided in laws and regulations, without obtaining the advance consent of the customer, there will be no use of User Information that is personal information of a customer that exceeds the scope necessary for the realization of the use purposes.

  1. To provide the Services and implement after-care services for the same, and to execute and perform agreements regarding the Services with customers;
  2. To send guidance and proposals, and transmit information relating to the Services;
  3. To verify records of receipt of applications for the Services, identity verification (including agents), user authentication, and user settings etc.;
  4. To entrust distribution and other services necessary when carrying out the Services to third parties;
  5. To conduct surveys and interviews, and measure behavior, of customers, conduct market research and data analysis, improve the Services, and examine development of new products and services etc.;
  6. To analyze and prepare reports of website browsing histories etc. by Google Analytics, and maintain and enhance user-friendliness and quality of JCAP’s website; and
  7. To notify customers of changes to JCAP’s rules and other important matters, and verify content of, and respond to, opinions and inquiries of customers.

4.Safety Management Measures

JCAP will take necessary and appropriate safety management measures to prevent leaks, loss and damage etc. to, and manage, User Information. Moreover, JCAP will execute agreements that require appropriate management of personal information with employees and service providers (including subcontractors) who process personal information, and give and carry out necessary and appropriate guidance and supervision of such employees and service providers.

5.Provision to Third Parties

Without obtaining the consent of the relevant customer in advance and filing prior notification with the Personal Information Protection Commission, JCAP will not provide any User Information that is personal information of a customer to third parties; provided, however, that in the following cases, the foregoing will not apply, and personal information of a customer may be provided to third parties.

  1. If required under laws and regulations;
  2. If necessary to protect the life, body or property of a person, and obtaining the customer’s consent is infeasible;
  3. If especially necessary to enhance public health or facilitate healthy development of children, and obtaining the customer’s consent is infeasible;
  4. If JCAP’s cooperation is necessary for a national organ or a local public body, or a person entrusted by the foregoing, to perform any work specified in laws and regulations, and obtaining the customer’s consent is likely to hinder the performance of such work;
  5. If in conjunction with JCAP’s entrustment of all or a portion of personal information processing to an outside business operator, relevant personal information is provided to the extent necessary for the realization of the use purposes; and
  6. If providing personal information in conjunction with an assumption of a business due to a merger or other event.

6.Demand for Disclosure, Correction, Suspension of Use, or Erasure etc. of Personal Information

If a customer requests disclosure of personal information, correction of, addition to, deletion of, suspension of use or erasure of, or notification of the use purpose of, personal information (“Disclosure etc.”), JCAP will verify that it is a request from the customer (or the customer’s agent), conduct necessary investigations without delay, and based on the results of such investigations, respond to the customer’s request; provided, however, that the foregoing will not apply if JCAP owes no duty of Disclosure etc. under the Act on the Protection of Personal Information or other laws and regulations.
The customer will be separately notified of the results of the investigations, and as to whether there will be any response. Further, there may be cases where payment of fees as expenses required for procedures will be necessary. With respect to specific procedural methods, please contact the person in charge set forth in the following paragraph.

7.Contact Point for Disclosure etc. Requests, and Inquiries Regarding Processing of Personal Information

With respect to any requests for Disclosure etc. specified in the preceding paragraph, and any complaints or consultations etc. regarding JCAP’s processing of personal information, please contact the following person in charge.
Any personal information obtained at the time of such request or communication will be processed to the extent necessary to respond to such request or communication, and erased by appropriate methods after the conclusion of such response.

Name of business processing personal information:Japan Contemporary Art Platform
Address:5-4-30 Minamiaoyama, Minato-ku, Tokyo 107-0062
Person in charge:Japan Contemporary Art Platform, Personal Information Processing Manager
Contact point:info@artweektokyo.com

8.Amendment

When necessary, JCAP may amend this Policy; provided, however, that when making any amendments that require the consent of customers under laws and regulations, the amended Policy will apply only to customers who consented to the amendment by a method prescribed by JCAP.
The timing when the amended Policy comes into effect, and the content of the amendment will be disseminated or reported to customers by displaying them on JCAP’s website or other appropriate method.

GDPR Privacy Policy

When processing Personal Information, Japan Contemporary Art Platform (“JCAP”) will comply with the applicable restrictions relating to data protection in the EU and EU member states, in particular General Data Protection Regulations (“GDPR”).
This GDPR Privacy Policy complements JCAP Privacy Policy and sets forth policy in relation to the GDPR in particular.
This GDPR Privacy Policy applies to cases in which personal data is provided to JCAP via the Website by persons located in EU member states or Iceland, Norway, or Lichtenstein, which form part of the European Economic Area (EEA); users of the Website in such cases are specifically referred to as “Data Subject(s)”.

1.Definition of Personal Data

In this GDPR Privacy Policy, “Personal Data” is defined as follows:
Any information relating to an identified or identifiable natural person (“Data Subject(s)”) ; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.Name and Address of Controller

Name: Japan Contemporary Art Platform
Address: 5-4-30 Minamiaoyama, Minato-ku, Tokyo 107-0062
Email: info@artweektokyo.com

3.Name and Address of Data Protection Officer (DPO)

Name: Hidemi Mavrin
Address: 5-4-30 Minamiaoyama Minato-ku, Tokyo
Email: info@artweektokyo.com

4.Purpose, Legal Basis, and Period of Processing of the Personal Data

  1. Purpose of Use
    As set forth in Article 3 of this Privacy Policy, ‘Purpose of Use’.
  2. Legal Basis for Use
    The legal basis for the use of the Personal Data is as follows:
    1. The Data Subject has given consent to the processing of his or her Personal Data for one or more specific purposes;
      *In cases where use is pursuant to the consent of the Data Subject in (i) above, the Data Subject has the right to withdraw his or her consent.
    2. Processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract.;
    3. Processing is necessary for compliance with a legal obligation to which the Controller is subject;
    4. Processing is necessary in order to protect the vital interests of the Data Subject or of another natural person;
    5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.
  3. Term of Use
    JCAP will promptly destroy the Personal Data of the Data Subject after the passage of a period of time reasonable for the purpose in question. The Personal Data of the Data Subjects collected for the purpose of participation in events being conducted, collaborated with, or co-sponsored, etc. by JCAP will be stored until the event or the like has ended. In the case of ongoing events, and the like, the Personal Data will be stored until the last session has ended. After said events and the like have ended, the Personal Data collected will be disposed of or anonymized within a reasonable period of time so that the Data Subject cannot be identified, unless the Data Subject has provided its individual consent to JCAP to the use of its Personal Data.
  4. Parties with which the Personal Data is Shared
    JCAP may only share online identifier out of the Personal Data of Data Subjects with third parties for the purpose of outsourcing access analysis of the Website. JCAP protects the Data Subject’s rights relating to the Personal Data by imposing data security and confidentiality obligations on the third parties by concluding a data processing agreement with the third parties that conforms to the GDPR Article 28.
  5. Sensitive Personal Data
    The Service will not collect sensitive categories of the Personal Data as defined in Articles 9 and 10 of the GDPR from users of the Service.

5.Rights of Data Subject

The Data Subject enjoy the following rights under applicable privacy laws and regulations, including the GDPR. In order to assert these rights, the Data Subject is able to contact the Data Protection Officer designated by JCAP.

  1. Right of Access (Article 15 of the GDPR)
    The Data Subject shall have the right to access to the Personal Data concerning him or her that is being processed by the Controller.
  2. Right to Rectification (Article 16 of the GDPR)
    The Data Subject shall have the right to obtain from the Controller the rectification of the inaccurate Personal Data concerning him or her.
  3. Right to Erasure (“Right to be Forgotten”) (Article 17 of the GDPR)
    The Data Subject shall have the right to obtain from the Controller the erasure of the Personal Data concerning him or her without undue delay under certain circumstances.
  4. Right to Restriction of Processing (Article 18 of the GDPR)
    The Data Subject shall have the right to obtain from the Controller restriction of processing the Personal Data concerning him or her under certain circumstances.
  5. Right to Data Portability (Article 20 of the GDPR)
    The Data Subject shall have the right to receive the Personal Data concerning him or her in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Controller to which the Personal Data have been provided.
  6. Right to Object (Article 21 of the GDPR)
    The Data Subject shall have the right to object to processing of the Personal Data relating to him or her under certain circumstances.
  7. Right to Lodge a Complaint with a Supervisory Authority (Article 77 of the GDPR)
    The Data Subject shall have the right to lodge a complaint with a supervisory authority established by the EU member states regarding the processing of the Personal Data of JCAP.

6.Profiling and other Automated Decision-Making

JCAP will never subject the Personal Data of Data Subjects to profiling or other automatic processing of the nature described in Article 22 of the GDPR.