Bridgestone Europe NV/SA, a company incorporated under Belgian law, having its registered offices at Kleine Kloosterstraat 10, 1932 Zaventem, Belgium and with company number 0441.192.820, and its subsidiaries and branch offices, having its registered offices in the European Union (“we”, “us” or “our”), process personal data that we collect from or about “you”.
Since we are based in the European Union, we process your personal data in compliance with applicable European data protection laws and other statutory provisions.
1. What are Personal Data?
Personal data is information that directly or indirectly identifies you (the user of the Service) as an individual, indirectly meaning when combined with other information, for example, your name, username, postal address, email address and phone number, a unique device identifier such as the IMEI or the MAC-address or the IP address.
2. How and why do we collect personal data? a) Information that you give us
Through your use of the Services, we may collect your personal data. In any case, you will be either asked to explicitly consent to collection and further processing of your personal data or at least be informed that such processing is based on another lawful premise. We will use your personal data for the purposes as described below or described when we are seeking your consent. We do not collect and process more or other types of personal data than necessary to fulfill the respective purposes. We will only use personal data as set forth in this Policy, unless you have specifically provided your consent to another use of your personal data. If we intend to use your personal data for purposes other than we originally collected them for, we will inform you in advance and, in cases where the processing is based on your consent, use your personal data for a different purpose only with your permission.
In case we rely on your consent to process your personal data, you will have the right to withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Each registration form will indicate what kind of personal data we collect – various purposes may require collection of various personal data, for instance:
b) Information we get from your use of our Services
We are constantly seeking to improve your experience when you visit our websites or when you are interacting with us through other means.
Through your interaction with us and your use of the Services, we may collect personal data. Personal data we collect may include, but is not limited to:
3. What do we do with your personal data?
Depending on your use of the Services, we may, for instance, collect and use your personal data for the following purposes (“the Purposes”):
We shall not collect personal data that are not relevant for the purposes as set out above or otherwise notified to you when we seek your consent for the processing of your personal data, and shall not retain the data longer than necessary for those purposes or, as the case may be, for the period as determined in an agreement or by law.
This means that we use your personal data:
In general, we will delete the personal data we collected from you if they are no longer necessary to achieve the purposes for which they were originally collected. However, we may be required to store your personal data for a longer period due to requirements by law.
4. The confidentiality and security of your Personal data
All personal data we are collecting from you is stored within a secured infrastructure under our management, with support of external suppliers as described in section 5 of this Policy.
We take data security very seriously. We apply an appropriate level of security and have therefore implemented reasonable physical, electronic, and administrative procedures to safeguard the information we collect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements. Access to your personal data is granted only to those personnel, service providers or our affiliates with a business need-to-know or who require it in order to perform their duties.
Among other things, we optimize the security of your personal data by:
In the event of a data breach containing personal data, we will follow all applicable data breach notification laws.
5. To whom do we disclose your Personal data?
We will disclose your personal data only for the purposes and to those third parties, as described below. We will take appropriate steps to ensure that your personal data are processed, secured, and transferred according to applicable law.
a) Within Bridgestone Group in Europe
We part of a global organization (the “Bridgestone Group”), consisting of several companies in Europe and abroad. Your personal data may be transferred to one or more Bridgestone Group affiliated companies located in or outside Europe as needed for data processing and storage, providing you with access to our services, providing customer support, making decisions about service improvements, content development and for other Purposes as described in this Policy.
The above will be strictly connected with:
b) External service providers
Where necessary, we will commission other companies and individuals to perform certain tasks contributing to our services on our behalf within the framework of data processing agreements. We may, for example, provide personal data to agents, contractors or partners for data processing services or to send you information that you requested. We will only share or make accessible such information with external service providers to the extent required to process your requests. This information may not be used by them for any other purposes, in particular not for their own or third party purposes. Our external service providers are contractually bound to respect the confidentiality of your personal data.
c) Business transfers
In connection with any reorganization, restructuring, merger or sale, or other transfer of assets (collectively “Business Transfer”), we will transfer information, including personal information, in a reasonable scale and as necessary for the Business Transfer, and provided that the receiving party agrees to respect your personal data in a manner that is consistent with applicable data protection laws. We will continue to ensure the confidentiality of any personal data and give affected users notice before personal data become subject to a different privacy statement.
d) Public bodies
We will only disclose your personal data to public bodies where this is required by law. We will for example respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence.
e) On other legal grounds
Further, we may disclose your personal data in order to protect our legitimate interests or if it is required or permitted by law or if you give your explicit consent for such transfer of your personal data.
f) International transfers of Personal data
Under specific circumstances, it will also be necessary for us to transfer your personal data to countries outside the European Union/European Economic Area (EEA) (“Third Countries”). Transfers to Third Countries may refer to all processing activities described in this Policy. This Policy shall apply also if we transfer personal data to third countries, in which a different level of data protection applies than in your country of residence.
Any transfers of personal data into countries other than those for whom an adequacy decision regarding the level of data protection was made by the European Commission, as listed on http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm, occur on the basis of contractual agreements using standard contractual clauses adopted by the European Commission, and providing for the appropriate safeguards in accordance with the applicable law. If you wish to verify the appropriate safeguards? you can request a copy via https://privacy.bridgestone.eu/?language=EN.
While using our Services, you may be asked to indicate whether you wish to receive certain marketing information by phone, text message, email and/or mail. If you do so, you thereby agree that we may use your personal data to provide you with information about its products, promotional activities and special offers as well as with any other information about our products or services.
At any given time, you may change your preferences regarding Direct Marketing by using the opt-out option contained in every direct marketing mailing, contacting us in accordance with section 12 below or, if applicable, by adapting your account information.
7. User rights with regard to Personal data
As a data subject you have specific legal rights relating to the personal data we collect from you. This applies to all processing activities stipulated in this Policy. We will respect your individual rights and will deal with your concerns adequately.
The following list contains information on your legal rights which arise from applicable data protection laws:
• Right to object: you may object – at any time – to the processing of your personal data due to your particular situation, provided that the processing is not based on your consent but on our legitimate interests or those of a third party. In this event we shall no longer process your personal data, unless we can demonstrate compelling legitimate grounds and an overriding interest for the processing or for the establishment, exercise or defense of legal claims. If you object to the processing, please specify whether You wish the erasure of your personal data or the restriction of its processing by us.
• Right to lodge a complaint: In case of an alleged infringement of applicable privacy laws, You may lodge a complaint with the data protection supervisory authority in the country you live in or where the alleged infringement occurred.
We will try to fulfill your request within 30 days. However, the period may be extended due to specific reasons relating to the specific legal right or the complexity of your request.
In certain situations we may not be able to give you access to all or some of your personal data due to statutory provisions. If we deny your request for access, we will advise you of the reason for the refusal.
In some cases, we may not be able to clearly identify you on the basis of your personal data due to the identifiers which you provide in your request. In such cases, where we cannot identify You as a data subject, we are not able to comply with Your request to execute your legal rights as described in this section, unless You provide additional information enabling Your identification.
In order to exercise your legal rights, please log your request at:
You may also turn directly to our contact person for data protection:
If you believe that the processing of your personal data infringes your statutory rights, you have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
Our Services may, from time to time, contain hyperlinks to websites which are not controlled by us. Although we will do our utmost to make sure that the hyperlinks on the Website lead exclusively to websites which share our safety and confidentiality standards, we are not responsible for the protection or confidentiality of any data you may submit on such other websites. Before submitting information on such sites, we recommend that you read their privacy and other statements in that regard.
Individuals under the age of 16 should not provide us with their personal data without the consent and supervision of their parent or guardian. Without such permission, we do not wish to save personal data from such individuals, nor process or forward such data to any third parties. If we become aware that personal data from under aged persons were inadvertently collected, we will delete such data without undue delay.
10. Sensitive data
We will not process special categories of personal data concerning you (“sensitive data”). Sensitive data refer to personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, health or a natural person’s sex life or sexual orientation.
11. Changes to this Policy
We reserve the right, at our discretion, to modify our privacy practices and update and make changes to this Policy at any time. For this reason, we encourage you to refer to this Policy on an ongoing basis. This Policy is current as of the “last revised” date which appears at the top of this page. We will treat your personal data in a manner consistent with the Policy under which they were collected, unless we have your consent to treat them differently.
We will also keep prior versions of this Policy in an archive for your review.