PRIVACY NOTICE (PDPA)
Welcome to Arçelik-Hitachi. This privacy notice describes how we collect, use, and share your personal data: through your use of our website at https://estore-my.hitachi-homeappliances.com/ (“the Site”),
- where we enter into business partnerships with you (or the company you work for), and
- where you (or the company you work for) provides services to us.
We recommend that you read this privacy notice in full to ensure you are fully informed. However, if you only want to access a particular section of this notice, then you can click on the heading below to access the information for that topic.
Who we are
When we refer to “Arçelik-Hitachi”, “we” “our” or “us”, we are referring to Arçelik Hitachi Home Appliances Sales Malaysia Sdn. Bhd. We are also a member of the Arçelik Group. More information about the Arçelik Group can be found on Arçelik’s website here.
How to contact us
If you have any questions about how we use your personal data or this privacy notice in general, please contact us using this form.
When do we collect your personal data?
- When you contact us with general queries or public relations inquiries.
- When you visit our Site, we capture information automatically through cookies and similar technologies. You can manage these when you visit our Site. See our Cookie Notice for further information.
- During the course of our commercial discussions, such as entering into business partnerships or where we engage you to provide services to us.
- We may collect personal data about you through your colleagues or, where available, through publicly available sources, such as professional networking sites and general market research.
What types of personal data do we collect?
Where we talk about “personal data” in this privacy notice, this means any information that may be used alone or in combination with other information to identify you.
The types of information we collect are set out below:
- We need a small amount of information from our business partners and service providers to ensure that our contract runs smoothly. For example, we need contact details of relevant individuals (such as names, telephone numbers, and email addresses) so that we can communicate with you. We also need other information, such as your bank details so that we can pay for the services you provide (if this is part of the contractual arrangements between us). We may also hold extra information that someone in your organisation has chosen to tell us from time to time.
- Details of your interactions with us when you contact us via email (for public relations inquiries), telephone, or post using the details listed on the Site.
- Copies of documents you provide to us to prove your age or identity where the law requires this. For example, if you send us a request relating to your personal data, we may need further information to verify your identity. We will therefore process personal data contained in the identity documents you choose to provide us with.
- Information we collect through cookies and similar technologies. Data we collect automatically includes the type of web browser or mobile device, your operating system, your IP address, the URL of the landing page and the referring website, the time and date of your visit to the Site, and the search terms used by you to reach the Site. For more information, please see our Cookie Notice.
What lawful bases do we rely on for processing your personal data?
There are several different reasons under data protection law for which we may collect and process your personal data. These include:
Performing contractual obligations
In some circumstances, we need your personal data to comply with our contractual obligations. For example, where we process your personal data in connection with obtaining services from you.
Complying with a legal obligation
If the law requires us to, we may need to collect and process your personal data.
We may process your personal data where it is necessary for our legitimate interests as a company, where this does not override your data protection interests and fundamental rights. For example, we will process your personal data to administer and manage our business relationship with you.
How and why we use your personal data
This section tells you how and why we will use your personal data and explains the lawful basis we rely on in each case. Please remember that if you choose not to share your personal data with us, we may not be able to engage you as our business partner/service provider. We process your personal data for the following purposes on the basis of our contractual obligations to you:
- To store (and update where necessary) your contact details on our database so that we can contact you in relation to our agreements.
We process your personal data for the following purposes to comply with our legal obligations.
- To send you service-related communications which are required by law, or necessary to inform you about updates to the services we provide to you. For example, updates to our privacy notice or terms and conditions.
- To verify your identity where the law requires us to.
We process your personal data for the following purposes on the basis of our legitimate interests.
- To administer our business relationship with you.
- To respond to your queries, including any public relations inquiries.
- To deliver relevant website content to you across our Site and to measure and understand the effectiveness of the content we serve to you.
- To administer and protect our Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
- To use data analytics to improve our Site, content, marketing, and user experience.
- To protect our business from fraud and other illegal activities.
- To protect or enforce our legal rights, for example defending Arçelik-Hitachi in the case of legal disputes.
Who do we share your personal data with?
We sometimes share your personal data with third parties. The types of third parties with which we share personal data are described below:
Other Arcelik group companies
We may share your personal data with other companies belonging to the Arçelik Group, including our parent company Arçelik A.S. in Turkey, who may use your personal data for purposes and in a manner consistent with the information set out in this privacy notice. In particular, Arçelik A.S. will process some of your personal data for analysing and reporting purposes at a global level based on its legitimate interests in developing the Arçelik Group’s business and complying with local rules and regulations. Arçelik A.S. may disclose your personal data to third parties (such as service providers, agents and public authorities and institutions) where it is necessary for Arçelik A.S. to lawfully carry out its business activities in accordance with the purposes set out above and as required and permitted by applicable law.
We may disclose your personal data to companies that provide services to us and other members of the Arçelik Group. Examples of the types of service providers we work with include:
- IT companies that operate the Site on our behalf,
- Customer relationship management companies who help us manage our contacts database and our communications with you, and
- Customer services companies who operate and manage our call centres.
Our service providers are required to keep your personal data confidential and are not allowed to use it for any other purpose than to carry out the services they are performing for us.
Third parties where required by law
We may disclose your personal data to a third party if it is necessary to comply with a legal obligation or the decision of a judicial authority, a public authority or a government body or if disclosure is necessary for national security, law enforcement or other issues of important public interest.
We may disclose personal data to professional advisors, such as lawyers, auditors, and insurers, as necessary in the course of the professional services they provide us with.
Third parties in connection with a business sale
If we make a sale or transfer of assets or are otherwise involved in a merger or business / asset transfer, we may transfer your personal data to one or more third parties as part of that transaction. If a change happens to our business, the new owners may use your personal data in the same way as set out in this privacy notice.
Other third parties with your consent
We may also share your personal data with other third parties when you consent to such sharing.
International transfers of your personal data
When we share your personal data with our affiliated companies or other companies with whom we contract (as described in ‘Who do we share your personal data with?’), these companies may be located outside of your country of residence, in countries with different laws for protecting personal data than the laws in of your country of residence. In particular, your personal data may be transferred to our group companies located in Turkey, including Arçelik A.S.
If we transfer your personal data outside your country of residence, we will take steps to ensure that your data will receive the same level of protection as if it was being processed within your country of residence. For example, we may include standard contractual clauses adopted by the European Commission in our contracts with third parties or our group companies to ensure there are safeguards in place to protect your personal data. Please contact us using the details in ‘How to contact us’ for more information about the specific measures we have taken.
Please note that we may further transfer your personal data to third parties located in countries that do not provide an adequate level of data protection. Such transfers will be carried out in accordance with applicable laws including where applicable, contractual requirements set out in standard contractual clauses adopted by the European Commission or local authorities.
How long do we keep your personal data?
We will only keep your personal data for as long as reasonably necessary for the purposes set out in this privacy notice and in accordance with applicable laws. This may include satisfying any legal, accounting, or reporting requirements.
How do we keep your personal data secure?
We will take reasonable precautions to protect your personal data against loss, misuse or alteration. Among other measures, we ensure the security of your personal data by means of encryption, password protection and by otherwise restricting access to it.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data as required by law, we cannot guarantee the security of your personal data transmitted to us using unsecured means; any such transmission is at your own risk.
What are your rights relating to your personal data?
You have the following rights with respect to your personal data that we process, subject to conditions set out in the applicable laws:
- to request access to your personal data (commonly known as a “subject access request”) and to certain additional information about our processing of your personal data that this privacy notice is designed to address,
- to request the correction of any inaccurate or incomplete personal data,
- to request the erasure of your personal data or the restriction of the processing of your personal data,
- to object to our processing of your personal data,
- to withdraw any consent you have given,
- under certain circumstances to demand data portability,
- to lodge a complaint with the applicable data protection supervisory authority; and
- to contest certain automated decisions we make about you that have legal or otherwise similarly significant consequences. We do not typically carry out such automated decision-making but, if we do, we will make it clear where such decisions are being made.
To exercise your rights, please contact us using the contact details listed in ‘How to contact us’.
Third-party websites and content
Third parties, whose sites you may visit after clicking on a link from the Site, may have less stringent privacy policies. We do not have control over these policies and urge you to read their privacy statements before providing any personal data to such sites.
Manage your cookies
You can change your browser settings anytime so that cookies are not accepted. You can learn more about how to block cookies by visiting http://www.allaboutcookies.org/. Please note that if you block cookies completely, many websites will not work properly and some functionality on our Sites will not work at all.
Changes to this Privacy notice
We may change and update this privacy notice from time to time. Any changes to our privacy notice will be posted on this page.
This Privacy notice was last updated on September 2022.