Privacy Policy
How Nippon Vehicles (Nihon Jidosha Godo Gaisha) collects, uses, and protects your personal information on nipponvehicles.com and in our sales operations.
1) Scope & Controller
This Privacy Policy applies to nipponvehicles.com and to our offline activities related to quotations, purchases, export procedures, and after-sales communications.
Data Controller: Nippon Vehicles (Nihon Jidosha Godo Gaisha), based in Yamagata, Japan. Contact details are in the Contact section.
We operate under Japan’s Act on the Protection of Personal Information (APPI) and, where applicable, the EU/UK GDPR for visitors and customers located in those regions.
2) Data We Collect
A. Identity & Contact
- Name
- Email address
- Phone / WhatsApp
- Company name and role (if applicable)
- Billing/shipping address (when needed for deals/shipping)
B. Transactional
- Quotes, orders, invoices, payments (amounts/date; we do not store card details)
- Vehicle details (VIN/chassis, model, specs), shipping instructions
- Inspection requests (e.g., JEVIC/JAAI booking info)
C. KYC/Compliance
- Government ID, importer code, company registry info (where required by law)
- Sanctions/AML screening results (pass/fail metadata)
D. Technical
- IP address, device/browser info
- Log data (pages, time, referrer)
- Cookies/analytics identifiers (see Cookies)
3) Sources of Data
- Information you provide via website forms, email, messaging apps, or phone.
- Order and logistics partners (banks for payment confirmation, shippers for delivery status).
- Public or third-party sources when necessary (e.g., corporate registries, sanctions lists).
4) How We Use Data
- Account and lead management; responding to inquiries and preparing quotations.
- Order processing, export paperwork, shipping updates, and after-sales support.
- KYC/AML checks and fraud prevention, as required by law or contracts.
- Website operation, performance, troubleshooting, and security.
- Basic marketing about our services (you can opt out at any time).
We do not sell personal information. We also do not share it with unrelated third parties for their independent marketing purposes.
5) Legal Bases
Where GDPR applies, our processing rests on:
- Contract necessity (to provide quotations, process orders, ship goods).
- Legal obligation (KYC/AML, tax/accounting, customs compliance).
- Legitimate interests (website security, service improvement, preventing fraud).
- Consent (optional marketing, certain cookies where required).
7) Retention
- Inquiry/lead data: generally up to 24 months after last contact.
- Order and accounting records: retained for the periods required by law (typically 5–10 years).
- KYC/AML records: retained as required by regulations and industry practice.
- Cookies/analytics: see Cookies for lifetimes.
8) Security
We use reasonable technical and organizational measures to safeguard personal data (access controls, HTTPS, least-privilege). No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
10) Your Rights
Depending on your location, you may have rights to:
- Access, correct, or delete your personal data.
- Restrict or object to certain processing.
- Port your data to another provider.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with a data protection authority.
To exercise these rights, contact us via the details in Contact. We may verify your identity before responding.
11) Children’s Privacy
Our services are intended for adults and businesses. We do not knowingly collect personal information from children. If you believe a child has provided data, please contact us and we will delete it where required.
12) Changes to This Policy
We may update this Policy from time to time. If changes are material, we will highlight them on this page. Continued use of the site after publication means you accept the updated Policy.
13) Contact
If you need a Data Processing Agreement (DPA) or specific clauses for your organization, contact us before submitting personal data.