BUSINESS PARTNER PRIVACY POLICY

1. Purpose

Advantest Corporation, 1-6-2, Marunouchi, Chiyoda-ku, Tokyo 100-0005, Japan (“Advantest”) is committed to strong and meaningful privacy protection for personal information we may collect with respect to individuals working for or on behalf of Advantest’s customers, suppliers and other non-Advantest enterprises.

This Policy applies to all Advantest entities, its officers and employees worldwide subject to additional local privacy policies and declarations that may apply. At Advantest our goal is to collect, use and transfer Personal Data (defined in Section 2 below) in a lawful and honest fashion.

Collection, use and transfer of Personal Data by Advantest, is based on the following Advantest privacy principles:

  • We respect the privacy of individuals working for or on behalf of our customers, suppliers and other non-Advantest enterprises with which Advantest conducts business (collectively referred to as “Business Partner Personnel”);
  • We tell Business Partner Personnel what Personal Data we collect and why (at the point where the Personal Data is collected or otherwise by notice to the individual);
  • Where appropriate, we provide Business Partner Personnel with a choice as to certain usages or sharing of Personal Data;
  • We collect, use and retain only Personal Data that is necessary, relevant and not excessive for the business purposes for which it is to be used;
  • We value and uphold information quality;
  • Where we disclose Personal Data to service providers outside of Advantest, we require that they maintain protections consistent with this Policy;
  • Where we transfer Personal Data to Advantest entities located in countries other than the country in which the Personal Data was collected, we require that they maintain protections consistent with this Policy;
  • We use commercially appropriate and reasonable information security safeguards designed to protect the Personal Data we collect;
  • We tell Business Partner Personnel how they can correct information we have about them; and
  • We do not sell or lease Personal Data.

2. Privacy Practices

Advantest is committed to using commercially appropriate and reasonable measures to adhere to the privacy principles set forth above. To that end, Advantest has adopted the following privacy practices with regard to Personal Data:

A) Definitions

For purposes of this Policy, "Personal Data" is information that can directly or indirectly identify, relate to or describe a natural person by reference to an identifier such as an individual’s name, email, home address, personal cell phone number, government identifier (such as a social security or tax identification number), purchase history, call history, photograph or video identifiable to an individual, as well as professional interests.

Special categories of Personal Data include information related to racial, ethnic or national origin, political opinions, religious or philosophical beliefs, physical, physiological, mental, economic, cultural or social identity, trade union membership, sexual orientation, health information and criminal offences and convictions. This also includes any other Personal Data considered to be sensitive under local law. Special categories of data may only be collected for special purposes as defined under local law.

The term "processing" of Personal Data as used in this Policy is any operation which is performed on Personal Data. Processing can be collecting, reading, storing, modifying, using and also disclosing Personal Data. Processing also includes deleting or destroying such Personal Data.

Advantest collects and processes Personal Data in a lawful manner according to the requirements under local law.

B) Purposes of Processing of Personal Data

Advantest will only process Personal Data for legitimate business purposes and will not process Personal Data in ways that are incompatible with the purposes for which it was collected. Advantest processes Personal Data for the administration of the contractual relationship, to conduct its business and to comply with applicable laws and regulations. In particular, Personal Data is processed for the following purposes:

  • Developing and issuing proposals or quotations to or soliciting proposals or quotations from Business Partner Personnel;
  • Completing and/fulfilling orders;
  • Providing or obtaining order and/or shipment status for outstanding orders;
  • Providing service, support or product updates;
  • Sending marketing communications (when the Business Partner Personnel has the option of not receiving such communications);
  • Training and training administration;
  • IT services management;
  • Compliance with Advantest's legal or regulatory obligations; and
  • Protection of the vital interests of Advantest or Business Partner Personnel

Advantest does not make any automated decisions based on Personal Data, including profiling.

C) Transfer and Disclosure of Personal Data

Advantest does not sell or lease Personal Data. Advantest may transfer Personal Data among Advantest entities, and may make Personal Data stored in one country accessible to Advantest employees in that country or in other countries unless restricted by law, regulation or contract. Advantest provides access to Personal Data only to Advantest employees or service providers who requires access to such information in order to perform their job duties consistent with the legitimate business purposes for which Advantest collects Personal Data, as described above.

Advantest may also transfer or disclose Personal Data to unaffiliated third parties unless restricted by law, regulation or contract. 

Whenever Advantest transfers Personal Data to a third party, legally required safeguards will be followed to help ensure that the information is used for authorized purposes and by authorized persons in a manner consistent with this Policy as well as required by applicable local laws, and that the security, integrity and privacy of the information is maintained.

D) Erasure of Personal Data

Personal Data will be stored by Advantest for as long as it is necessary to fulfill a specific purpose during the business relationship, and subsequently for claims resulting out of the business relationship, as well as subject to any applicable laws and regulations.

E) Notification

Advantest notifies Business Partner Personnel from whom the Personal Data is collected (at the point where the Personal Data is collected or otherwise by notice to the individual) as to what Personal Data is collected, how it is used, how to contact Advantest, the types of third-parties to which Advantest discloses information, and the choices provided where appropriate.

F) Rights

Subject to the privacy laws in the jurisdiction in which Business Partner Personnel resides, they may be entitled to:

  • Obtain confirmation from Advantest as to whether or not Personal Data is being processed, and where that is the case, access to the Personal Data;
  • Obtain the correction of inaccurate Personal Data;
  • Obtain the erasure of Personal Data;
  • Obtain restriction of processing regarding Personal Data;
  • Data portability concerning Personal Data, which the Business Partner Personnel actively provided;
  • Object, on grounds relating to the Business Partner Personnel’s particular situation, to further processing of Personal Data; and
  • Withdraw consent to Advantest’s processing of Personal Data.

G) Access and Integrity

Advantest takes commercially appropriate and reasonable measures to ensure that all Personal Data is accurate, complete and relevant for the purposes for which it is to be used. Advantest allows Business Partner Personnel, upon request, reasonable and appropriate access to review their Personal Data that has been collected by or on behalf of Advantest. Where appropriate, Business Partner Personnel are allowed to correct their Personal Data to the extent that it is inaccurate. Advantest strives to respond to access requests within a reasonable timeframe. The obligation of Advantest to respond to requests for access or correction may be limited when: the burden or expense of providing access would be disproportionate to the risks to privacy, the rights of individuals would be violated, when necessary to protect the legal interests of Advantest, or necessary to abide by law, regulation or contract.

H) Information Security

Advantest takes reasonable security precautions to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, including but not limited to the assignment of IT security personnel, training to Advantest employees, and the establishment of information security policies, guidelines and manuals.

I) Compliance & Enforcement

From time to time, as it deems appropriate, Advantest will take commercially reasonable steps designed to:

  • Verify that Personal Data is managed in a manner that is consistent with this Policy;
  • Assess the effectiveness of privacy controls, which are intended to be commensurate to the risks they seek to mitigate; 
  • Verify that the representations that Advantest makes about its privacy practices are accurate and that privacy controls have been implemented as represented; and
  • Utilize an independent dispute resolution mechanism as necessary.

Following such verification process, if necessary, Advantest will put commercially appropriate and reasonable procedures in place designed to help ensure that Advantest's representations regarding its privacy practices are accurate and that privacy controls have been implemented as represented. Advantest will monitor remediation activities to confirm compliance findings are addressed in a timely manner.

Where appropriate, Advantest will participate in relevant outside certification programs that will provide oversight to Advantest's privacy program. Advantest will cooperate with the relevant data protection authorities in investigations and resolutions of complaints relating to this Policy, and will seek to comply in good faith with the advice of these authorities, including remedial or compensatory measures for the benefit of individuals. Advantest will provide timely written confirmation of its actions to comply in good faith with the advice of the data protection authorities.

J) Contact Information

Advantest's Information Security Committee, in conjunction with any local data privacy officer, is responsible for addressing your rights, privacy incidents, inquiries, complaints and third party disputes. Advantest will investigate all complaints or disputes regarding Personal Data promptly. The regional information security officer will designate individuals who will be responsible for investigating and resolving such matters, as well as ensuring that the Business Partner Privacy Policy is observed and enforced.

If you are located in Japan, you can learn more about your rights according to APPI here.

California Residents. If you are a California resident, for more information about your privacy rights, please see the California Privacy Notices here.

If you are located in the European Union, you can learn more about your rights according to the GDPR here.

To support Advantest's efforts to meet the commitments in the preceding privacy practices, Advantest has designated the Information Security Committee to provide oversight of the Business Partner Privacy Policy within the Advantest group of companies. The Information Security Committee can be reached via email* at

InformationSecurityCommittee@advantest.com.

* We would appreciate if you contact us in English or Japanese.

 

ADVANTEST CORPORATION