ARMAND DE BRIGNAC
DOM PÉRIGNON
KRUG
MOËT & CHANDON
RUINART
VEUVE CLICQUOT
CHANDON
CHÂTEAU D‘ESCLANS
CHÂTEAU GALOUPET
CHÂTEAU MINUTY
CLOUDY BAY
NEWTON
NUMANTHIA
SKYSIDE
TAYLOR'S
TERRAZAS
ARDBEG
BELVEDERE
GLENMORANGIE
HENNESSY
OLD PARR
ROYAL HOUSEHOLD
TALISKER
VOLCAN DE MI TIERRA
WHISTLEPIGPRIVACY POLICYLast revised on March 25, 2022
MHD Moët Hennessy Diageo K.K. (Address of Head Office: 1-105 Kanda Jimbocho, Chiyoda-ku, Tokyo; President and Representative Director: Bruno Yvon; hereinafter referred to as the “Company,” “we,” “our,” or “us”) believes that the trust of our customers is of utmost importance, and has implemented the following measures with respect to customers’ personal information.
1. Appropriate Processing of Personal Information
In accordance with the “Act on the Protection of Personal Information” (Act No. 57 of 2003; hereinafter referred to as the “Personal Information Protection Act”), the guidelines of the Personal Information Protection Commission, and other rules and regulations applicable to the processing of personal information, as well as our internal regulations, the Company acquires, uses, provides and otherwise processes personal information in an appropriate scope and manner, and has established an organizational structure and strive for the appropriate protection of personal information. In addition, when acquiring, using and providing, or otherwise processing personal information, the Company limits the purposes for which the information is acquired, used, provided or otherwise processed and we shall not process the information for any purpose other than such purposes.
In order to smoothly run our business, we acquire and use “name,” “address,” “telephone number,” “e-mail address,” “date of birth,” “website browsing history,” “product purchase history” and other information of our customers. The Company recognizes that the appropriate protection of such personal information of our customers (hereinafter referred to as “Personal Information”) is one of our important responsibilities, and the Company shall process Personal Information pursuant to the following policies in order to process it accurately and faithfully:
2. Acquisition and Use of Personal Information
The Company shall acquire Personal Information in a lawful and fair manner in the following cases:
The Company shall use Personal Information appropriately, within the scope necessary to achieve the purpose of use of such Personal Information. Further, the Company shall not use the Personal Information acquired by us in such manner that it may encourage or induce any illegal or unjustified activity.
3. Purpose of Use of Personal Information
We shall use Personal Information acquired by us for the following purposes and shall not use it for any purpose other than such purposes:
The use set forth in (5) above shall include the cases where customers’ IDs, advertising IDs, cookies and various other identifiers are linked, managed and used. In addition, the Company may use personal-related information received from any third party, such as webpage browsing history, product purchase history at stores or through online shopping services operated by any third party, encrypted e-mail addresses, cookies and advertising IDs, by linking such information to our retained personal data.
If it becomes necessary to change any of the above purposes of use, the Company shall notify our customers or make a public announcement promptly after the change. Please note that when Personal Information is to be provided through the website etc. of each brand of the Company’s products, purposes of use may be set forth separately from the above-mentioned purposes of use.
4. Measures to Ensure Accuracy, Up-To-Dateness and Safety
The Company shall implement measures to ensure that Personal Information is accurate, up-to-date and secured, shall check and verify Personal Information when it is entered into databases, etc. to the extent necessary to achieve the purposes of use of the Personal Information, and shall promptly take steps to correct any error etc. that is found, and strive to prevent divulgence, loss, damage or similar incident in respect of Personal Information.
In order to process personal data appropriately in accordance with the Personal Information Protection Act and this Privacy Policy, the Company has established internal regulations for processing Personal Information and appointed a person(s) responsible for processing personal data, and shall implement the following security control measures:
5. Measures to be Continued to Protect Personal Information
The Company shall continually review and improve our measures for the protection of Personal Information.
6. Disclosure or Provision of Personal Information to Third Parties
The Company shall not disclose or provide Personal Information to any third party except in the following cases:
7. Disclosure or Provision of Personal-Related Information to Third Parties
When the Company discloses or provides any personal-related information, such as website browsing history, to a third party and such third party is expected to acquire personal-related information as personal data, the Company shall, unless otherwise set forth in laws and regulations, conduct necessary verification and information provision to ensure that, among others, such third party has obtained consent from the information provider prior to the disclosure or provision of such personal-related information in accordance with applicable laws and regulations.
8. Shared Use of Personal Information within Group
The Company shall share Personal Information (information such as the “name,” “address,” “telephone number,” “e-mail address,” “date of birth,” “website browsing history” and “product purchase history” of customers) with MHCS SA (Registered Address: 9 Avenue de Champagne, 51200 Epernay, France) and Moët Hennessy SAS (Registered Address: 24-32 rue Jean Goujon, 75008 Paris, France), within the scope of the purposes of use of Personal Information set forth in Article 3, Paragraph 5.
The Company is, jointly and severally with all the other Moët Hennessy group companies, responsible for Personal Information that is shared therewith. Please refer to the beginning of this Privacy Policy for the Company’s address and representative. We accept any inquiry about this shared use at our contact point for personal information protection (personal_information@mhdkk.com) by e-mail.
9. Outsourcing of Tasks Involving the Processing of Personal Information
In order to ensure the smooth operation of our business, we may provide Personal Information only to the extent necessary to service providers to whom we outsource a part of our operations, such as ordering, settlement of accounts, delivery, arrangement and management of products and services, responding to inquiries, and marketing. In such case, the Company shall evaluate and select service providers that are considered to process Personal Information appropriately, impose on them the obligations to report and disclose information, to take security control measures, to keep confidentiality and to restrict sub-outsourcing, and any other obligations concerning the appropriate processing of Personal Information under the relevant service agreement, and shall conduct necessary and appropriate supervision of such service providers.
10. Notification of Purposes of Use
If, with respect to our retained personal data, any customer wishes to be notified of the specific purposes of use applied with respect to such customer’s Personal Information, we shall notify such customer of the purposes of use without delay after confirming the identity of the person who made such request.
11. Disclosure of Content of Our Retained Personal Data etc.
If, with respect to our retained personal data, we are requested by any customer to disclose contents of such customer’s Personal Information or record of provision of such customer’s Personal Information to any third party, we shall disclose the relevant information to the customer without delay after confirming the identity of the person who made such request. Provided, however, that if the disclosure of contents of customer’s Personal Information would result in any of the following cases (1) through (3) or if the disclosure of record of provision of such customer’s Personal Information to any third party would result in any of the following cases (1) through (7), we may decide not to disclose all or any part of such Personal Information, and if we decide not to disclose any such Personal Information, we shall notify the relevant customer to that effect without delay:
12. Correction of, Addition to or Deletion of Our Retained Personal Data
If, with respect to our retained personal data, we are requested by any customer to correct, add to or delete such customer’s Personal Information due to the reason that such information is incorrect, we shall, after confirming the identity of the person who made such request, conduct a necessary investigation without delay to the extent necessary to achieve the purposes of use, and then shall correct, add to or delete such Personal Information based on the result of such investigation, and shall notify such customer to that effect, unless special procedures are set forth pursuant to the provisions of other laws and regulations.
13. Suspension of Use, Erasure and Suspension of Provision to Third Party of Our Retained Personal Data
If, with respect to our retained personal data, we are requested by any customer to suspend the utilization of, erase or suspend the provision of such customer’s Personal Information to any third party, because such Personal Information is being processed in a manner that exceeds the scope of the purposes of use previously announced, because such customer’s Personal Information was acquired through false or other illicit means, because such Personal Information has been illegally provided to any third party without such customer’s consent, because such customer’s Personal Information is being used inappropriately, because we no longer need to use such customer’s Personal Information, because any serious divulgence incident was occurred, or because such customer’s rights or legitimate interests may be impaired, the Company shall, after confirming the identity of the person who made such request, conduct a necessary investigation without delay, suspend the utilization of, erase or suspend the provision of such customer’s Personal Information to any third party based on the result of such investigation, and shall notify such customer to that effect. Provided, however, that if such suspension of utilization, erasure or suspension of the provision of such customer’s Personal Information to any third party would require a significant amount of money or would be difficult to implement due to other reasons and if the Company can take necessary alternative measures to protect the rights and interests of our customers, we shall take such alternative measures.
With respect to our customers’ information retained by us in compliance with laws and regulations, etc., we may not be able to accept any request to suspend the utilization, erase or suspend the provision thereof to any third party. In addition, if we suspend the utilization or erase your information in whole or part, we may unwillingly be unable to provide our products and/or services in accordance with the request of customers, which please understand and cooperate with us.
14. Method and Contact Point for Receiving Requests, Inquiries and Complaints
We receive any requests regarding our retained personal data set forth in 10. through 13. above and any inquiries or complaints regarding Personal Information at our contact point for personal information protection (personal_information@mhdkk.com) by e-mail. Please note that we may not be able to respond to any request, inquiry or complaint that does not follow the foregoing method of acceptance. Although we shall provide you with the details when we receive your message, we shall respond to you by a method pursuant to the applicable laws and regulations, after confirming that you are the customer as principal or representative. Depending on the content of the request, we may ask you to submit a document set forth by the Company.
15. Revision of Privacy Policy
We may revise this Privacy Policy from time to time to improve our services to our customers, to enhance the security of information management, or for other purposes. In the event that any customer makes an application for the purchase of any of our product or the provision of any of our service after the Company has revised this Privacy Policy, such customer shall be deemed to have agreed to the content of the revised Privacy Policy before making such application therefor, and the revised Privacy Policy shall automatically apply to the customer thereafter.
following blank
1. Appropriate Processing of Personal Information
In accordance with the “Act on the Protection of Personal Information” (Act No. 57 of 2003; hereinafter referred to as the “Personal Information Protection Act”), the guidelines of the Personal Information Protection Commission, and other rules and regulations applicable to the processing of personal information, as well as our internal regulations, the Company acquires, uses, provides and otherwise processes personal information in an appropriate scope and manner, and has established an organizational structure and strive for the appropriate protection of personal information. In addition, when acquiring, using and providing, or otherwise processing personal information, the Company limits the purposes for which the information is acquired, used, provided or otherwise processed and we shall not process the information for any purpose other than such purposes.
In order to smoothly run our business, we acquire and use “name,” “address,” “telephone number,” “e-mail address,” “date of birth,” “website browsing history,” “product purchase history” and other information of our customers. The Company recognizes that the appropriate protection of such personal information of our customers (hereinafter referred to as “Personal Information”) is one of our important responsibilities, and the Company shall process Personal Information pursuant to the following policies in order to process it accurately and faithfully:
- (1)
- We process Personal Information appropriately, in compliance with the Personal Information Protection Act and other relevant laws and regulations, and in accordance with practices generally accepted as fair and reasonable ones concerning the processing of Personal Information, and we strive to improve our processing practices from time to time;
- (2)
- We clearly set forth our internal regulations with respect to the processing of Personal Information and make all employees familiar with them, and we request our business partners and other parties to process Personal Information appropriately;
- (3)
- We notify or publicly announce the purposes of use of Personal Information, and we process Personal Information in accordance with such purposes of use;
- (4)
- We implement necessary and reasonable security control measures to prevent divulgence, loss, damage, or similar incident in respect of Personal Information, and to periodically review such measures; and
- (5)
- With respect to our retained personal data, through our designated contact point, we faithfully respond to any request for notification of the specific purposes of use of customer’s Personal Information, contents thereof or record of provision thereof to any third party, correction, addition and deletion thereof, or suspension of use, erasure and suspension of provision thereof to any third party, any inquiry and/or complaint.
2. Acquisition and Use of Personal Information
The Company shall acquire Personal Information in a lawful and fair manner in the following cases:
- (1)
- where it is provided by any of our customers directly or in writing or in any other medium;
- (2)
- where it is entered by any of our customers or other persons by operation of a personal computer, smartphone or any other terminal;
- (3)
- where it is automatically sent to the Company as a result of any of our customers’ visit to any website relating to our products or services; or
- (4)
- where it is lawfully acquired, such as where it is provided by a third party who has obtained consent from the relevant customer.
The Company shall use Personal Information appropriately, within the scope necessary to achieve the purpose of use of such Personal Information. Further, the Company shall not use the Personal Information acquired by us in such manner that it may encourage or induce any illegal or unjustified activity.
3. Purpose of Use of Personal Information
We shall use Personal Information acquired by us for the following purposes and shall not use it for any purpose other than such purposes:
- (1)
- to conduct identification or verification of our customers, including confirmation of age of our customers in accordance with the “Act on Prohibition of Drinking of Alcohol by Persons Under 20 Years of Age” (Act No. 20 of 1922);
- (2)
- to commence business with our customers, engage in necessary communication for business discussions, etc., execute and perform contracts, and manage customer information;
- (3)
- to fulfill our customers’ orders for our products and/or services, such as shipping products or arranging tours;
- (4)
- to respond to our customers’ inquiries, consultation, complaints, requests for our support, etc.;
- (5)
- to analyze website browsing history and product purchase history, etc. and to consider our products and/or services that align with our customers’ interests and preferences, and to conduct behavioral targeting advertising for the purpose of proposing such products and/or services to our customers;
- (6)
- to provide our customers with our products and/or services securely, including to detect violators of the terms of use and notify them to that effect and to prevent, detect, investigate, and take legal action against, fraudulent or unauthorized access or other illegal activities that exploit our products and/or services;
- (7)
- in case we received Personal Information from any third party who had obtained consent from the relevant customer and in case the purpose of use of such information is separately specified, to use such Personal Information for the purpose within the scope of such specified purpose; and/or
- (8)
- to disclose to or provide any third party with such Personal Information within the scope set forth in Article 6.
The use set forth in (5) above shall include the cases where customers’ IDs, advertising IDs, cookies and various other identifiers are linked, managed and used. In addition, the Company may use personal-related information received from any third party, such as webpage browsing history, product purchase history at stores or through online shopping services operated by any third party, encrypted e-mail addresses, cookies and advertising IDs, by linking such information to our retained personal data.
If it becomes necessary to change any of the above purposes of use, the Company shall notify our customers or make a public announcement promptly after the change. Please note that when Personal Information is to be provided through the website etc. of each brand of the Company’s products, purposes of use may be set forth separately from the above-mentioned purposes of use.
4. Measures to Ensure Accuracy, Up-To-Dateness and Safety
The Company shall implement measures to ensure that Personal Information is accurate, up-to-date and secured, shall check and verify Personal Information when it is entered into databases, etc. to the extent necessary to achieve the purposes of use of the Personal Information, and shall promptly take steps to correct any error etc. that is found, and strive to prevent divulgence, loss, damage or similar incident in respect of Personal Information.
In order to process personal data appropriately in accordance with the Personal Information Protection Act and this Privacy Policy, the Company has established internal regulations for processing Personal Information and appointed a person(s) responsible for processing personal data, and shall implement the following security control measures:
- (1)
- Organizational Security Control Measures: To limit the employees who process personal data and the scope of personal data to be processed, and to establish a system for reporting to the person(s) responsible for processing personal data in the event that any violation of the Personal Information Protection Act or internal regulations regarding the processing of Personal Information, or any sign of such violation, is detected;
- (2)
- Human Security Control Measures: To provide regular training for employees on points to keep in mind with respect to the processing of personal data;
- (3)
- Physical Security Control Measures: To implement physical access restrictions by employees on personal data, and to implement measures to prevent access to personal data by such unauthorized persons; and
- (4)
- Technical Security Control Measures: To control access to databases and to implement measures to prevent unauthorized access, to control server facilities and security therein and to implement security measures including encryption of personal data during the storage in the servers or during transfer to any third party
5. Measures to be Continued to Protect Personal Information
The Company shall continually review and improve our measures for the protection of Personal Information.
6. Disclosure or Provision of Personal Information to Third Parties
The Company shall not disclose or provide Personal Information to any third party except in the following cases:
- (1)
- where the Company has received prior consent from customers;
- (2)
- where the Company discloses or provides such Personal Information to shared users within the Moët Hennessy group in accordance with Article 8;
- (3)
- where the Company has outsourced any task within the scope necessary to achieve the purposes of use in accordance with Article 9;
- (4)
- where the Company is required to disclose or provide such Personal Information based on laws and regulations;
- (5)
- where there is a need to protect human life, body or property, and where it is difficult to obtain any consent from the relevant customer;
- (6)
- where there is a special need to enhance public health or promote the fostering of healthy minors, and where it is difficult to obtain any consent from the relevant customer; or
- (7)
- where there is a need to cooperate in public duties conducted by the national or local government, etc., and where obtaining the consent from the relevant customer may interfere with the performance of such duties.
7. Disclosure or Provision of Personal-Related Information to Third Parties
When the Company discloses or provides any personal-related information, such as website browsing history, to a third party and such third party is expected to acquire personal-related information as personal data, the Company shall, unless otherwise set forth in laws and regulations, conduct necessary verification and information provision to ensure that, among others, such third party has obtained consent from the information provider prior to the disclosure or provision of such personal-related information in accordance with applicable laws and regulations.
8. Shared Use of Personal Information within Group
The Company shall share Personal Information (information such as the “name,” “address,” “telephone number,” “e-mail address,” “date of birth,” “website browsing history” and “product purchase history” of customers) with MHCS SA (Registered Address: 9 Avenue de Champagne, 51200 Epernay, France) and Moët Hennessy SAS (Registered Address: 24-32 rue Jean Goujon, 75008 Paris, France), within the scope of the purposes of use of Personal Information set forth in Article 3, Paragraph 5.
The Company is, jointly and severally with all the other Moët Hennessy group companies, responsible for Personal Information that is shared therewith. Please refer to the beginning of this Privacy Policy for the Company’s address and representative. We accept any inquiry about this shared use at our contact point for personal information protection (personal_information@mhdkk.com) by e-mail.
9. Outsourcing of Tasks Involving the Processing of Personal Information
In order to ensure the smooth operation of our business, we may provide Personal Information only to the extent necessary to service providers to whom we outsource a part of our operations, such as ordering, settlement of accounts, delivery, arrangement and management of products and services, responding to inquiries, and marketing. In such case, the Company shall evaluate and select service providers that are considered to process Personal Information appropriately, impose on them the obligations to report and disclose information, to take security control measures, to keep confidentiality and to restrict sub-outsourcing, and any other obligations concerning the appropriate processing of Personal Information under the relevant service agreement, and shall conduct necessary and appropriate supervision of such service providers.
10. Notification of Purposes of Use
If, with respect to our retained personal data, any customer wishes to be notified of the specific purposes of use applied with respect to such customer’s Personal Information, we shall notify such customer of the purposes of use without delay after confirming the identity of the person who made such request.
11. Disclosure of Content of Our Retained Personal Data etc.
If, with respect to our retained personal data, we are requested by any customer to disclose contents of such customer’s Personal Information or record of provision of such customer’s Personal Information to any third party, we shall disclose the relevant information to the customer without delay after confirming the identity of the person who made such request. Provided, however, that if the disclosure of contents of customer’s Personal Information would result in any of the following cases (1) through (3) or if the disclosure of record of provision of such customer’s Personal Information to any third party would result in any of the following cases (1) through (7), we may decide not to disclose all or any part of such Personal Information, and if we decide not to disclose any such Personal Information, we shall notify the relevant customer to that effect without delay:
- (1)
- where there is a possibility of harming the human life, body, property or any other rights and interests of the customer or any third party;
- (2)
- where there is a possibility of severely interfering with the Company’s appropriate operation of business;
- (3)
- where such disclosure violates laws and regulations;
- (4)
- where there is a possibility of harming the human life, body or property of the customer or any third party because of ascertainment of the existence of such record;
- (5)
- where there is a possibility of encouraging or inducing any illegal or unjustified activity because of ascertainment of the existence of such record;
- (6)
- where there is a possibility of harming the national security, impairing relationship of trust with any country or international organization or suffering disadvantage in negotiation with any country or international organization because of ascertainment of the existence of such record; or
- (7)
- where there is a possibility of interfering with prevention, suppression or investigation of crime and preservation of public security and order because of ascertainment of the existence of such record.
12. Correction of, Addition to or Deletion of Our Retained Personal Data
If, with respect to our retained personal data, we are requested by any customer to correct, add to or delete such customer’s Personal Information due to the reason that such information is incorrect, we shall, after confirming the identity of the person who made such request, conduct a necessary investigation without delay to the extent necessary to achieve the purposes of use, and then shall correct, add to or delete such Personal Information based on the result of such investigation, and shall notify such customer to that effect, unless special procedures are set forth pursuant to the provisions of other laws and regulations.
13. Suspension of Use, Erasure and Suspension of Provision to Third Party of Our Retained Personal Data
If, with respect to our retained personal data, we are requested by any customer to suspend the utilization of, erase or suspend the provision of such customer’s Personal Information to any third party, because such Personal Information is being processed in a manner that exceeds the scope of the purposes of use previously announced, because such customer’s Personal Information was acquired through false or other illicit means, because such Personal Information has been illegally provided to any third party without such customer’s consent, because such customer’s Personal Information is being used inappropriately, because we no longer need to use such customer’s Personal Information, because any serious divulgence incident was occurred, or because such customer’s rights or legitimate interests may be impaired, the Company shall, after confirming the identity of the person who made such request, conduct a necessary investigation without delay, suspend the utilization of, erase or suspend the provision of such customer’s Personal Information to any third party based on the result of such investigation, and shall notify such customer to that effect. Provided, however, that if such suspension of utilization, erasure or suspension of the provision of such customer’s Personal Information to any third party would require a significant amount of money or would be difficult to implement due to other reasons and if the Company can take necessary alternative measures to protect the rights and interests of our customers, we shall take such alternative measures.
With respect to our customers’ information retained by us in compliance with laws and regulations, etc., we may not be able to accept any request to suspend the utilization, erase or suspend the provision thereof to any third party. In addition, if we suspend the utilization or erase your information in whole or part, we may unwillingly be unable to provide our products and/or services in accordance with the request of customers, which please understand and cooperate with us.
14. Method and Contact Point for Receiving Requests, Inquiries and Complaints
We receive any requests regarding our retained personal data set forth in 10. through 13. above and any inquiries or complaints regarding Personal Information at our contact point for personal information protection (personal_information@mhdkk.com) by e-mail. Please note that we may not be able to respond to any request, inquiry or complaint that does not follow the foregoing method of acceptance. Although we shall provide you with the details when we receive your message, we shall respond to you by a method pursuant to the applicable laws and regulations, after confirming that you are the customer as principal or representative. Depending on the content of the request, we may ask you to submit a document set forth by the Company.
15. Revision of Privacy Policy
We may revise this Privacy Policy from time to time to improve our services to our customers, to enhance the security of information management, or for other purposes. In the event that any customer makes an application for the purchase of any of our product or the provision of any of our service after the Company has revised this Privacy Policy, such customer shall be deemed to have agreed to the content of the revised Privacy Policy before making such application therefor, and the revised Privacy Policy shall automatically apply to the customer thereafter.
following blank