Privacy Policy, Terms of Use

Privacy Policy
This Privacy Policy is applicable to individuals (hereinafter referred to as "Customers"), business partners, employees, and job applicants (hereinafter referred to as "Customers etc.") who receive services from us (Nestlé Nespresso K.K. and Nestlé Nespresso S.A.) as consumers, and describes how we acquire, use, and disclose personal information about our Customers etc. We also explain how Customers etc. can view and update Customers etc.’s personal information and what choices Customers etc. can make when using Customers etc.’s personal information.

Customers etc. should read this Privacy Policy carefully to understand our policies and practices regarding Customers etc.’s personal information.

This Privacy Policy describes as follows:

1. Personal Information of Customers etc. Acquired by Us and How It Is Acquired
2. Purpose of Use of Personal Information
3. Minors' Personal Information
4. Provision to Third Parties
5. Shared Use
6. Entrustment of Personal Information
7. Storage of Personal Information (Security Control Measures) 8. Transfer of Personal Information Overseas
9. Rights and Choices of Customers
10. Provision of “Information Related to Personal Information” to Third Parties
11. About Cookies
12. Changes to Privacy Policy
13. Data Administrators and Contacts

1. Personal Information of Customers etc. Acquired by Us and How It Is Acquired
We obtain various types of information from Customers etc. according to the means of communication between Customers etc. and us (online, offline, telephone, Nespresso boutique stores, events, etc.).

Contact information
Information provided by Customers etc. to contact us
Examples: name, address, e-mail address, telephone number, social network login ID, etc.

Account credentials
Information required to access a specific account of Customers etc.
Examples: Login ID, email address, screen name, unrecoverable password and security questions and answers

Demographic information and objects of interest
Information representing demographic or behavioral attributes of the Customers etc.
Examples: date of birth, age or generations, gender, location information (e.g. postal code), favorite products, interests, information on households and lifestyles, etc.

Information from computers and mobile devices
Information about computer systems and other technical equipment used by Customers etc. to access our websites and applications
Examples: Internet Protocol (IP) address, OS type, browser type and version required to connect Customers etc.’s computer or device to the Internet. Mobile-specific IDs, advertising IDs, location information, and similar mobile device data

Website and communication usage information
Information about Customers etc.’s actions on websites and e-mail magazines obtained using automated data collection technology tracking services
Examples: Information and statistics such as links clicked, the pages and content displayed and how long Customers etc. stayed, the content response time, download errors, and the time it takes to access a particular page

Market research and feedback from Customers etc.
Information Customers etc. voluntarily share with us about Customers etc.’s experience using our products and services
Examples: Contents of inquiries to the customer service desk or word of mouth
※We record communications with our customer service center for the purpose of improving customer service quality and training in accordance with applicable laws.

Content created by Customers, etc.
Content created by Customers etc. or others on a third-party social network and shared with us, or uploaded to our website or app and shared with us
Examples: Photos, videos, personal stories, and other similar media and content

Third-party social network information
Permission to share with us, for example, when Customers etc. register as a member of our company using information published on a third-party social network or information that is part of Customers etc.’s profile on a third-party social network
Examples: Basic account information such as name, e-mail address, gender, date of birth, place of residence, profile photo, user ID, and friends list
※For more information on how we may collect information from third-party social networks and opt-out of sharing such social network information, please visit the relevant third-party social network website.

Payment and financial information
Information necessary for Customers etc. to purchase our products or for us to process Customers etc.’s order
Examples: Debit or credit card information (such as name, card number, expiration date, etc.) and other payment methods
※In all cases, we and our payment processors comply with laws and regulations such as the Global Security Standard PCI DSS and handle payment and financial information.

Business partners' information
Business card information, etc.

Education and job history of applicants for employment
Information such as name, address, date of birth, e-mail address and telephone number, and personal history such as education, qualifications, and work history including salary

Personal information of employees and their families
Information such as names, gender, addresses, and dates of birth of our employees and their families
Examples: information such as official documents for identity verification (passport, driver's license), residence permit, My Number (individual number given to each person living in Japan), and basic pension number, bank accounts and health check results

※Sensitive personal information
We do not collect or process sensitive personal information of customers (excluding employees, job applicants and business partners) in our normal business. If we need to process customers’ sensitive personal information for any reason, we will respond to marketing and other voluntary purposes based on customers' prior explicit consent.

If we process customers’ sensitive personal information for any other purpose, we will only process it on the legal basis set out below.

1. Cases governed by laws and regulations
2. When it is necessary for the protection of the life, body, or property of a person, and it is difficult to obtain the consent of the person
3. When it is particularly necessary for improving public health or promoting the sound development of children, and it is difficult to obtain the consent of the person
4. Other cases prescribed by laws and regulations

2. Purpose of Use of Personal Information
We explain the purposes for which we collect and use Customers etc.’s personal information, and the types of personal information we collect for each of those purposes. Not all the following are applicable to all Customers etc.

(1) Purpose of Use of Customer Information

Providing Services to Customers
・E-Commerce
・Machine repair and rental
・Contents for members

Contact information (such as name, address, phone number, and email address)

Order Processing
To process and ship orders, to inform customers of order status, to change customers’ address, to verify customers’ identity, and to detect other fraudulent activities.
Contact information(such as name, address, phone number, and email address)
Payment and financial information(such as credit card information)

Correspondence to Inquiries
Contact information(such as name, address, phone number, and email address)

Marketing (Promotion, Analysis, and Advertising)
1. To provide information about products and services recommended to customers (marketing communications, campaigns, promotions, etc.)
2. To conduct internal and market research and measure the effectiveness of advertising and campaigns, etc.
3. To predict needs based on customers profile analysis
4. To provide targeted advertising and content
5. Others to analyze customers’ member registration information, browsing history, purchase history information, etc., and to propose, provide, and distribute advertisements according to customers’ taste and preference

Contact information (such as name, address, phone number, and email address)
Demographic information and Subject of interest
Information from a computer or mobile device (such as location information, phone-specific IDs, and advertising IDs)
Website and Communication Usage Information
(such as attribute information, activity history, information exchanged on the internet through the "Like" button function of a third-party social network*, etc.)
※Please see the relevant section of the third-party’s social network for information on how these are functioning, and for information about customers obtained by us.
Market research and customer feedback

Site Operations
1. To improve and customize the customer experience value of our website and application
2. To ensure that the content of our websites and application is optimized for customers’ computer or device used by customers
3. To provide a website or application that is highly convenient for customers
(For example, if we remember customers’ login ID, email address, or screen name, customers can log in quickly the next time customers visit, or customers can easily retrieve items customers have placed in customers’ shopping cart.)

Website and Communication Usage Information(General data related to cookies and individuals obtained from them, such as browsing history and information on paths that enter our website)
※ If customers have more than one account with us, we have the right to integrate them into one for the management and operation of our IT and security systems.
※ To the extent permitted by customers, we will obtain and publish content that customers have created in connection with various activities such as contests and promotions, website community features, customer services, and third-party social networks.

(2) Purpose of Use of Information Provided by Business Partners
Purpose of use
Sales activities, credit management, business communications, etc.
Contents of Information to be Acquired and Used
Contact information, such as work address, name, phone number, and email address
Information about the equipment we sell or rent

(3) Purpose of Use of Information on Job Applicants
Purpose of use
Recruitment screening and procedures for joining us and our affiliated companies upon hiring
Contents of Information to be Acquired and Used
・Information such as name, address, and date of birth
・E-mail address, telephone number, and other information
・Information such as education, qualifications, and work history including salary

(4) Purpose of Use of Employee Information
Purpose of use
HR labor management and business communications, etc.
Contents of Information to be Acquired and Used
・Information such as name, sex, address, and date of birth
・Official documents for identification (passport, driver's license, residence permit)
・E-mail address, telephone number, and other information

Payment of compensation, tax, social insurance, and benefits
・Information such as basic salary and bonus payments
・Information such as My Number and Basic Pension Number
・Bank account information
・Information such as address, date of birth, and dependents

Decision of treatment, training, and transfer
・Information such as education, qualifications, and work experience
・Information such as the results of personnel appraisal and training history

Health care under the Safety and Health Act
・Information such as the results of health checks

3. Personal Information of Minors

We do not collect personal information from customers under 18 years of age for marketing purposes. If we find that we have unintentionally obtained personal information from a customer under the age of 18 for marketing purposes, we immediately delete the personal information. We do not collect personal information directly from children under the age of 13, even if it is not for marketing purposes.

4. Provision to Third Parties

We may provide information about Customers etc. to third-parties in the following cases.

(1) Provision to third-parties for the purpose of providing services or implementing/considering marketing measures and improving services, etc.

In order to provide services to Customers etc., or to send e-mail newsletters and direct mails introducing products and services, or to implement, consider, and improve other marketing measures, we may provide personal information of Customers etc. to third-parties such as advertising distributors, data analysis providers, subcontractors, and business partners.

In addition, we may provide personal information of Customers etc. to marketing research companies and conduct surveys on the awareness and actual situation of our products and services.

(2) Cases Based on Legal Grounds
・Cases in which the handling of personal information is based on laws and regulations
・When it is necessary for the protection of the life, body or property of a person, and it is difficult to obtain the consent of the person
・When it is particularly necessary for improving public health or promoting the sound development of children, and it is difficult to obtain the consent of the person
・When it is necessary to cooperate with a national government, a local government, or an organization entrusted by it to perform the duties prescribed by laws and regulations, and obtaining the consent of the person is likely to hinder the performance of the duties

5. Shared Use

We use personal information with Nestlé Japan Ltd., Nestlé Group affiliates overseas, and Nestlé Health Insurance Societies as follows.

(1) Shared Use with Nestlé Japan Ltd.
[Categories of personal information provided]
・Information of Customers stated in the 1. Personal Information of Customers etc. Acquired by the Company Us and How It Is Acquired
・Employee information stated in (4) Purpose of Use of Employee Information" in "2. Purpose of Use of Personal Information

[Purpose of our Provision]
Stated in "2. Purpose of Use of Personal Information"

[Person in charge of management of shared use]
・This Company
[Personal Information Handling Business Operator]
Nestlé Nespresso K.K.
15F Higashi Gotanda Square, 2-10-2 Higashi Gotanda, Shinagawa-ku, Tokyo 141-0022
Sylvain Simaud, President and Representative Director

Nestlé Nespresso S.A.（Nestlé Nespresso Ltd）
Chaussée de la Guinguette 10, 1800 Vevey, Switzerland

(2) Shared Use with overseas Nestlé Group affiliates
[Categories of personal information provided]
・Job applicants information stated in "(3) Purpose of Use for Information on Job Applicants" in "2. Purpose of Use of Personal Information"
・Employee information stated in "(4) Purpose of Use for Employee Information" in "2. Purpose of Use of Personal Information"

[Purpose of our Provision]
Stated in 2. Purpose of Use of Personal Information

[Person in charge of management of shared use]
・This Company
・Nestlé Nespresso S.A.(Nestlé Nespresso Ltd.)
Chaussée de la Guinguette 10, 1800 Vevey, Switzerland

(3) Shared Use with Nestlé Health Insurance Societies
[Categories of personal information provided]
Employee Information described in (4) Purpose of Use for Employee Information" in "2. Purpose of Use of Personal Information"

[Purpose of our Provision]
To understand the health of employees and to manage their health at work.

[Person in charge of management of shared use]
・This Company
・Managing Director of Nestlé Japan Health Insurance Association

6. Entrustment of Personal Information

We may entrust the handling of personal information of Customers etc. to the following companies. In this case, we provide necessary and appropriate supervision to the subcontractor.

(1) Service Providers
This refers to external companies that we entrust our business operations (e.g., order processing, payment processing, fraud detection and identity verification, website development, operation and support, promotion, advertising distribution, data analysis, customer support, recruitment-related operations, employee development and management-related operations).

The service provider and its appointed staff are only permitted to access and use the personal information of the Customers etc. on our behalf only when performing the specific work requested based on our instructions.

(2) Credit Analysis Companies and Debt Collection Companies
To the extent permitted by applicable law, this refers to external credit research companies and debt collection companies that we entrust to confirm Customers etc.'s credit and collect outstanding bills.

7. Storage of Personal Information (Security Control Measures)

We take appropriate measures (described below) to keep Customers etc.’s personal information confidential and to handle it safely. However, information shared publicly by Customers etc. via social networks, etc. is not protected.

(1) Restriction on Persons Who Can Access to Personal Information of Customers etc.
Customers etc.’s personal information is collected for a specific purpose and is only handled by our authorized staff or agents.
(e.g., Customer Service Representative can access Customers etc.’s information.)

(2) Safe Operating Environment
Customers etc.’s personal information is stored in an operating environment that has implemented security measures to prevent unauthorized access. Although we take great care to protect Customers etc.’s personal information, we cannot guarantee the safety of Customers etc.’s data while Customers etc. are sending it to our website or app because it is not completely safe to send and receive information over the internet.

[Formulation of Basic Policy]
・Formulate basic policies for "compliance with relevant laws and guidelines" and "contact point for questions and complaint processing" to ensure the proper handling of personal data.

[Establishment of Rules on the Handling of Personal Data]
・Establish rules for handling personal data at each stage of acquisition, use, storage, provision, deletion, disposal, etc. with respect to the handling method, responsible persons, persons in charge, and their duties, etc.

[Organizational security control measures]
・Staffs responsible for the handling of personal data are appointed, the staffs who handle personal data and the scope of personal data that the staffs handle is clarified, and a system for reporting and contacting the person responsible in the event that a fact or sign that the staff violates the law or the handling rules is identified.
・Conduct regular self-inspections of the handling status of personal data and audits by other departments and external parties.

[Personnel security control measures]
・Provide regular training to employees on points to note regarding the handling of personal data.
・Confidentiality of personal data are stated in the rules of employment.

[Physical security control measures]
・Manage employees' access to and exit from the area where personal data is handled, and restrict on equipment to be brought in, and take measures to prevent unauthorized persons from viewing personal data.
・Take measures to prevent theft or loss of equipment, electronic media, and documents handling personal data, and to prevent easy identification of personal data when carrying such equipment, electronic media, or other materials.

[Technical security control measures]
・Access control to restrict the personnel and the scope of personal information databases etc. handled.
・Introduce a mechanism to protect the information system that handles personal data from unauthorized access from outside or unauthorized software.

[Understanding the external environment]
Security Control Measures taken after understanding the systems for the protection of personal data in the Swiss Commonwealth, Ukraine, Brazil, Paraguay and the Philippines, where personal data of business partners, job applicants and employees is stored, and the Swiss Commonwealth, the Philippines and Australia, where we store customer data on our websites and apps and boutiques.

8. Transfer of Personal Information Overseas

In connection with the purposes described in this Privacy Policy, Customers etc.’s personal information may be transferred and transmitted to the third parties stated in 6. Entrustment of Personal Information and the Nestlé Group and may be stored at that location. Therefore, we may transfer Customers etc.’s personal information to other countries that have different laws and data protection compliance requirements from those in Japan.

[Cases in which personal information is provided to a third-party]
If the recipient of personal information is a third-party located in a foreign country, we provide the personal information within the scope specified in the purpose of use after obtaining prior consent.

[Cases in which the handling of personal information is outsourced]
Some of the subcontractors to which we entrust all or part of the personal information handling operations are located in foreign countries. In this case, we provide necessary and appropriate supervision to the subcontractors. This includes our group companies located in foreign countries.

[Cases in which personal information is provided upon succession of business due to merger or other reasons]
The successor of the business due to merger or other reasons may become a business operator located in a foreign country. In this case, we handle personal information within the scope of the purpose of use before the business succession.

9. Customers etc.’s Rights and Choices

(1) Rights of Customers etc.
Customers etc. have the following rights regarding information about themselves.
1. The right to access and verify information and request a physical or electronic copy of it
2. The right to request information about the source of Customers etc.’s personal information
3. The right to request correction, addition or deletion of personal information
4. The right to request suspension of personal information
5. The right to request disclosure of records of provision of personal data to third-parties
6. The right to request notification of purpose of use

・Through “My Account” (on our website menu)
Customers etc. can check and edit Customers etc.’s registered personal information on our website. After logging in with Customers etc.’s registered email address and password, please check and change Customers etc.’s registration details in “My Account”.
・Not through “My Account”
For information about Customers etc. that cannot be confirmed through “My Account”, please request it from Request Form for Retained Personal Data.

If Customers etc. wish to exercise any of the rights above (1) through (6), please print out the Request Form for Retained Personal Data and fill in the necessary information, and then send it to us by registered mail with a copy of the prescribed identity verification document. After we confirm that Customers etc. are the person, we respond within 30 days.

[Address to the Request Form for Retained Personal Data]
Nestle Nespresso K.K.　Customer Service Dept.
15F Higashi Gotanda Square, 2-10-2 Higashi Gotanda, Shinagawa-ku, Tokyo 141-0022 JAPAN

If Customers etc. are asked to exercise Customers etc.’s rights by someone other than the Customers etc., Customers etc. may be asked to provide a certificate indicating that the person is acting on Customers etc.’s behalf. The information provided to us is handled in accordance with applicable law and to the extent permitted by applicable law.

(Caution)
Please note that deleting Customers etc.’s personal information may also require the deletion of Customers etc.’s user account.

In order to fulfill our legal or contractual obligations, we may need to retain some of Customers etc.’s personal information even after Customers etc. have been asked to delete it.

In addition, we may be permitted by law to hold a part of the personal information of Customers etc., for the purpose of our business execution.

(2) Selection by Customers (Regarding Receipt of Direct Mail, etc.)
In principle, the provision of personal information to us by Customers etc. is done at the will of the Customers etc. If Customers etc. do not provide the information to us, Customers etc. may not be able to use some of the functions provided by our services, and receive information such as campaigns from us.

In addition, Customers etc. can change the intention to receive direct mail and e-mail magazines at any time from the contact form on website or the “My Account” page. If Customers etc. want to unsubscribe our e-mail magazines, please follow the procedures from the link set in the e-mail magazine.

10. Provision of “Information Related to Personal Information” to Third Parties

(1) Information Related to Personal Information
“Information Related to Personal Information” means information about a living individual that does not fall under any of personal information, pseudonymized personal information and anonymized personal information.

Information Related to Personal information may include the following:
・Information using cookie data and cookie-like technologies
・Advertising identifiers such as IDFA and Google Play advertising IDs
・Identifier on the websites
・The URL of the target site that Customers etc. visited and the time that Customers etc. visited the target site
・Device-related information and browser information (including IP address, OS, and browser type) used when Customers etc. visited the target site
・Referrer information (URL of external site passed through immediately before Customers etc. browse the target site)
・Information such as browsing history, search history, and purchase history, as well as attribute information and taste information associated with various identifiers such as cookie IDs and advertisement identifiers on websites and applications

(2) Cases in which we provide the information to a third-party
We collect personal information and provide them when using third-party services for the purpose described in "2. Purpose of Use of Personal Information".

If it is assumed that the third-party is to use such information in connection with personal data, we will confirm whether the third-party has obtained appropriate consent in accordance with the Act on the Protection of Personal Information.

(3) Cases in which a third-party provides the information to us
We may receive information related to personal information from third-parties such as marketing companies and DMP companies.

We may associate the information related to personal information we have obtained with Customers etc.’s personal information that we already have for the purpose described in "2. Purpose of Use of Personal Information". In such cases, we will also treat the information related to personal information as personal information.

11. About Cookies
This content applies to all of our websites and apps ("our Sites").

(1) What are cookies?
Cookies are text files that are stored on Customers etc.’s device when Customers etc. access the website. Each time Customers etc. access it, it will be sent to the original website or to other websites that recognize cookies. Cookies are used not only to provide information to website owners, but also to make the website work more efficiently.

The term "cookie" used herein shall include all similar technologies, such as web beacons and advertising identifiers, SDKs, log files, pixel tags, etc.

(2) Types of cookies and their purposes?
The types of cookies used on our Site and their purposes are as follows. Each cookie information is stored only for the period necessary for our business.

Cookie Types
(1) Functional cookies (= required)
We store information about Customers etc.’s browser settings (language, region, etc.) and information provided to us by Customers etc., etc.

These cookies enable features such as site search, registration, login information, and the registration of Customers etc.’s favorite products. If Customers etc. disable these cookies, some functions, such as adding products to Customers etc.’s shopping cart and paying for them, will not be available.

(2) Analysis cookies
These cookies enable us to measure and analyze how Customers etc. use our Site and mobile platforms to improve the functionality and ease of use of the site.

(3) Advertising or targeting cookies
These cookies are used to distribute advertisements related to Customers etc., limit the number of times Customers etc. can view advertisements, and measure the effectiveness of Customers etc.’s marketing and campaigns. We may also use information obtained through these cookies to provide advertisements that we believe may be of interest to Customers etc. based on Customers etc.’s past online behavior. We may share this information with third-parties.

(4) Social media cookies
These cookies are recorded on social networks when Customers etc. share information using the social media share button on our Site. This information may be used for targeted advertising activities.

(3) Cookie Management
We use cookies to use tools and services provided by third parties. If Customers etc. do not wish to use the service, please refer to our homepage to disable cookies (opt-out).

Customers etc. can also set Customers etc.’s browser to receive notifications before Customers etc. allow cookies and disable cookies. However, please note that disabling cookies may not enable the functionality of our Site.

12. Changes to the Privacy Policy

We continue to implement and improve measures for the protection and handling of personal information.

We also reserve the right to change this Privacy Policy as necessary. In this case, we will inform Customers etc. in an appropriate manner.

13. Data Administrators and Contacts

If Customers etc. have any inquiries or comments regarding this Privacy Policy, or if Customers etc. have any complaints regarding our compliance with the protection of personal information, please contact us below.

・Website: [/jp/en/contact-us]
・Telephone: [Customer Service: 0120-57-3101 (Business Hours: 08:00-22:00)]

We receive and investigate opinions and requests regarding our management of personal information. (This includes a claim that we have infringed on the rights of the Customers etc. provided for in the Personal Information Protection Law.)

Data Administrator

[Personal Information Handling Business Operator]
Nestlé Nespresso K.K.
Sylvain Simard, President and Representative Director
15F Higashi Gotanda Square, 2-10-2 Higashi Gotanda, Shinagawa-ku, Tokyo 141-0022

Nestlé Nespresso S.A.（Nestlé Nespresso Ltd）
Chaussée de la Guinguette 10, 1800 Vevey, Switzerland

Inquiries
General

Last Modified: 2024/07