• HOME
  • Privacy Policy

Privacy Policy

I. General Information

We, This Privacy Policy describes the privacy practices of the Toray Group. By Toray Group (or “we,” “us” or “our”), we mean Toray Industries, Inc., together with our direct and indirect subsidiaries (. A full list of all entities included in the Toray Group, and their relevant contact information, can be found here.
This Privacy Policy describes the collection, use and disclosure of Personal Data (as defined below) collected through the Toray Group’s websites, and mobile and web-based applications, and any other tools, products, or services provided by the Toray Group that link to or reference this Privacy Policy (collectively, the “Services”). Each member company of the Toray Group is an independent controller for the Personal Data it collects. Additionally, the members of the Toray Group may act as joint controllers and collectively use your Personal Information for purposes such as managing and tracking our marketing efforts.
If you reside in the State of California, including our employees, contractors and vendors, please click here to learn more about your privacy rights. To the extent that there is a conflict between this Privacy Policy and the Privacy Notice for California Residents, the Privacy Notice for California Residents will prevail with respect to California Residents (as defined below) only.

This Privacy Policy applies to information we collect through the Services, as well as other information provided to us online or offline by third parties, when we associate that information with customers or users of the Services. However, except as noted above for employees, contractors and vendors who are residents of California, this Privacy Policy does not apply to information collected from our employees, contractors, or vendors. It also does not apply to your information after it has been shared with third parties, including after it has been collected by certain other third parties whose software or services are featured or included in the Services (as further described below).

The protection of your Personal Data is important to the Toray Group. In the following, we inform you about how we collect, use, and share your Personal Data. We handle this Personal Data in accordance with applicable laws, and regulations on the protection of Personal Data. By accessing or using the Services, you consent to this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use the Services.

II. Types of Personal Data We Collect

We collect Personal Data in a variety of ways, including when you use the Services (such as by registering for or using the Services), when you communicate with us (such as by sending emails or other electronic messages through the Services), or by providing us information offline (such as providing your business card at a conference). By “Personal Data” we mean information that can identify or reasonably be linked to an individual, such as:

  • Name;
  • Company;
  • Business address;
  • Job role;
  • Email addresses;
  • Phone numbers;
  • Type of shares acquired and the acquisition dates, and securities account information;
  • Department or division, if applicable;
  • Company information, such as address, and website;
  • Bank account information (for payments);
  • Internet Protocol (IP) address; and
  • Content of messages.

You may choose not to provide Personal Data or prevent the Services from accessing certain features of your mobile device (subject to the controls offered by your mobile device’s operating system), but this may prevent you from receiving certain features of the Services.

We also collect user experience recordings, which reproduce your interactions with the Services, including mouse movements, page scrolling, and information you type (including Personal Data), screen taps, and other actions you take while using the Services. Recordings may include technical and usage data, as well as visual representations of actions you take while using the Services. We use these recordings to help us understand how users interact with our Services and to design a better user experience for you. You consent to our collection and use of user experience recordings.

We also collect non-Personal Data relating to the Services, that is, information that does not personally identify an individual (“Non-Personal Data”). The Non-Personal Data we collect includes how you interact with the Services, information generally collected or “logged” by Internet websites or Internet services when accessed or used by users, and information about your web browser or device accessing or using the Services.

Examples of the Non-Personal Data we collect are:

  • The pages of our website that you viewed during a visit or the features of the Toray Product Selector mobile app you use;
  • What information, content or advertisements you view or interact with using the Services;
  • Date and time of access;
  • Operating systems information, such as language preference;
  • Web browser information, such as version number;
  • The city and state in which you are located (but not your precise geographic location); and
  • Unique identifiers that are not connected and cannot reasonably be connected to your identity.

We will not use Non-Personal Data to try to identify you, and if we associate any Non-Personal Data with information that personally identifies you, then we will treat it as Personal Data. As discussed in more detail below, we sometimes use cookies and other automatic information gathering technologies to gather Personal Data and Non-Personal Data. In addition, our Services uses cookies. To learn more about cookies, please refer to our separate Cookie Policy.

Information collected by the Services may be collected by us or one of our Service Providers (as defined in Section V below) or Online Tool Providers (as defined in Section VI below).

We do not knowingly collect or process any Personal Data which falls under special categories of Personal Data listed in Art 9 of the European Union General Data Protection Regulation (“GDPR”) or Personal Data from data subjects below the age of 18 (collectively, “Sensitive Data”). However, if we become aware that we have collected Sensitive Data, we will respond appropriately in accordance with applicable laws and regulations. If you are the parent or guardian and have learned or suspect that your child under the age of 18 has provided us with Personal Data, please contact and provide us with the name and email address that was used and we will promptly delete such information.

III. Purposes for Collection and Uses of Personal Data

We use your Personal Data for the following purposes:
  • To assist us in providing, maintaining, and protecting the Services and the systems used to provide the Services;
  • To setup, maintain, and protect accounts on the Services;
  • To improve our online and offline operations;
  • To communicate with you, such as providing you with account- or transaction-related information, newsletters, or other communications relating to the Services;
  • To perform research and analysis aimed at improving our products and services and developing new products or services;
  • To execute transactions and use payment services providers, including those necessary for order placement, shipment, billing, deposits, and payments;
  • To ensure we have your current contact information;
  • To develop a comprehensive view of and track our engagement activity with you and your company, including analyzing the type and quality of engagement activity;
  • To exercise rights and perform obligations under contracts, laws, and regulations;
  • To identify, communicate with, and comply with legal obligations in connection with shareholders;
  • To avoid duplicating meetings or communication on similar topics from a number of projects and functions within Toray;
  • To provide products or services, including providing information about products or services;
  • To send or display Toray Group´s advertising messages and other content that is customized to your interests and preferences;
  • To respond to any questions, feedback, communications, or queries you send us;
  • To notify and report to government agencies and organizations if we are legally obliged to do so and/or in order to protect and enforce our own legal interests.

IV. Transfer of Personal Data

We store your data on servers mainly within Europe, the United States and Asia, including China and Japan. From time to time, our IT staff and the technical support staff of our sub-processors, such as our IT service and hardware suppliers, may have access to your Personal Data from a jurisdiction other than your own. We have strict controls over how, why and when they can do this. In general, such access is only granted as far as necessary for the maintenance of the Services and on a need-to-know-basis only. In any case, we will only transfer Personal Data to recipients that provide an adequate level of data protection or as permitted by applicable data protection laws by implementing appropriate safeguards, including, but not limited to the EU Commission Standard Contractual Clauses for the transfer of data to third countries, when needed. With respect to applicable transfers to Japan we are also relying on the adequacy decision adopted by the European Commission on 23 January 2019. A copy of the safeguards can be provided to you at your request. Unless another valid legal basis applies, you consent to the transfers described in this Section IV.

V. Disclosure of Personal Data:

1. Disclosure Generally

We may disclose your Personal Data to third parties as described below.
We will share your Personal Data with the affiliated companies of the Toray Group listed in the URL below:
https://www.toray.com/network/

Additionally, we may disclose Personal Data to provide the Services, or when you authorize or instruct us to do so. We may disclose your interactions with the Services to social media platforms, as described above. We may also disclose Personal Data and Non-Personal Data to Service Providers. By “Service Providers” we mean companies, agents, contractors, service providers, or others engaged to perform functions on our behalf (such as processing of payments, provision of data storage, hosting of our websites, marketing of our products and services, and conducting audits). When we use a Service Provider, we require that the Service Provider use and disclose the Personal Data and Non-Personal Data received from us only to provide their services to us or as required by applicable law.

We may partner with advertisers to provide you with special offers, or to advertise products or services to you. If you redeem or respond to an offer, we may provide your Personal Data to the advertising partner, including your name, email address, or mailing address. If you answer questions or fill out surveys from an advertiser, we may share information with that advertiser. The advertising partner’s privacy policy will govern their use of your information, which may include marketing of other products or services to you. You should read each advertiser’s privacy policy before providing information to that advertiser.

Lastly, we may also disclose Non-Personal Data, aggregated with information about our other users, to our clients, business partners, merchants, advertisers, investors, potential buyers and other third parties if we deem such disclosure, in our sole discretion, to have sound business reasons or justifications.

2. Name or appellation of the entity responsible for maintaining the shared Personal Data:

Toray Industries, Inc.

3. No sale of your data outside of Toray Group

Except as described in this Privacy Policy Personal Data we collect will not be sold or disclosed to third parties outside of the Toray Group.

4. Exceptional provision of personal information to third parties

We may also disclose your Personal Data to third parties when we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to (a) enforce or apply the terms and conditions of the Services, including investigation of potential violations thereof, (b) comply with legal or regulatory requirements, an enforceable governmental request, or litigation and legal processes within or outside of your country of residence, (c) protect the rights, property or safety of us, our users or other third parties, (d) prevent a crime or protect national security, or (e) detect, prevent or otherwise address fraud, security or technical issues.

We reserve the right to transfer information (including your Personal Data) to a third party in the event of a sale, merger, or transfer of all or substantially all of the assets of our company relating to the Services, or in the unlikely event of a bankruptcy, liquidation, or receivership of our business. We will use commercially reasonable efforts to notify you of such transfer, for example via email or by posting notice on our website.

VI. Tracking Technologies that we Use

We may also disclose Personal Data and Non-Personal Data to Online Tool Providers. By “Online Tool Provider” we mean a licensor of software that we include in, or use with, the Services, including an API or SDK, that provides a specialized function or service to us and that requires the transmission of Personal Data and/or Non-Personal Data to the Online Tool Provider. Online Tool Providers may have the right to use Personal Data and Non-Personal Data about you for their own business purposes. Use and disclosure of Personal Data and Non-Personal Data by an Online Tool Provider is described in its privacy policy.
We use these technologies to optimize our offers and Services for you. We use the following Online Tool Providers:

  • SanSan: SanSan is a multi-platform cloud-based contact management solution
  • Salesforce: Salesforce is a cloud based CRM services solution
  • Google Analytics: Google Analytics is a web analytics service that provides statistics and basic analytical tools for search engine (SEO) and marketing purposes
  • Marketo: Marketo is a marketing software as a service (SaaS) platform to help businesses assess and automate marketing tasks

VII. Links to Other Websites and Third Party Services

We may provide hypertext links from Toray Group’s websites to third-party websites or Internet sources, such as YouTube or LinkedIn.. We cannot be held liable for the content or practices of such third-party websites or Internet sources. Please read carefully the respective privacy policies to find out how they collect and handle your Personal Data. Additionally, on certain individual webpages of the Services, we use the Google Maps API provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). This service lets us show you where our offices are located for your easy access. When Google Maps is embedded in a webpage, your IP address and other information available to your web browser is transmitted directly to Google as soon as you visit the webpage, and a cookie is stored. You can obtain information about, and opt out of, data handling by Google anytime at: https://policies.google.com/privacy?hl=en&gl=de.
If you do not agree to have your data transmitted to Google when using Google Maps in the future, you also have the option to disable the Google Maps web service completely by turning off JavaScript on your browser. This will fully disable the display of Google Maps on the Services as well as any features of the Services or third party websites that rely on JavaScript.

VIII. Your Subscription to Newsletters

You need to provide your information including your name, email address and your company’s name to register for the newsletter. We send newsletter, emails and other electronic notifications with advertising material (referred to hereinafter as the “newsletter”) with the consent of the recipients or legal permission. Our newsletters usually contain information on our products, services, events, the relevant market and us. The newsletter registrations are recorded in order to be able to verify the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation and the IP address.
Our processing of Personal Data in connection with our newsletter is based on our legitimate interests in accordance with Art. 6 (1) lit. f GDPR, if applicable to your Personal Data. You may opt-out of receiving our newsletter at any time.
You can opt out of receiving newsletters from us by clicking on the “unsubscribe” link in the newsletter. Please note that it may take up to ten (10) business days for your opt-out request to be processed. Also, even if you opt out of newsletters, we may continue to send you certain account-related e-mails, such as notices about your account and confirmations of transactions you have requested.

IX. Legal Bases for Processing Personal Data

This Section IX applies to data subjects whose Personal Data is subject to the GDPR. We will process your Personal Data based on performance of contract (Art 6 (1) b GDPR) if we are dealing with you as data subject in connection with an ongoing or starting business relationship, because this is necessary in order for us to supply services and/or goods to you (or the company you represents) and perform our contract with you or your company and/or taking steps at your request to enter into such a contract.
For such reason, in case you fail to provide us the required Personal Data, we may not be able to supply you with your desired goods and/or services, and our contract may not be performed in a proper manner.
In all other cases we will process our business contacts’ Personal Data based on our legitimate business interests (Art. 6 (1) f GDPR) or your consent given upon our requests (Art. 6 (1) a GDPR). We have an interest in cultivating contacts arising in the course of business even after the first contact, to use for establishing a business relationship and to stay in contact for marketing our services or providing communications which we think will be of interest to recipients. Furthermore, if you made an inquiry, our legitimate interest in the use of this service is to be able to answer user requests quickly and efficiently.

X. Security Measures

We handle your Personal Data in a manner designed to protect its security, including protection against unauthorized or unlawful handling, accidental loss, destruction, or damage. Moreover, we use reasonable and appropriate technical or organizational measures designed to protect your Personal Data, and we integrate the protection measures into our policies to achieve this level of protection.
For example, our Services use Secure Socket Layer-encryption (SSL), Transport Layer Security (TLS), or similar encryption technology when sensitive data is transmitted over the Internet. However, no data transmission over the Internet and no method of data storage can be guaranteed to be 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its security.

XI. Notification of Breach of Security of Personal Data

In case of a breach of security where your Personal Data is transmitted externally, stored, or otherwise handled due to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access thereto, we have mechanisms and company regulations in place to identify and investigate the event promptly. Depending on the outcome of our assessment, if an incident such as a leakage occurs, we will take appropriate actions under the circumstances, such as making reports to the supervisory authorities and contacting the individuals who may be affected.

XII. How Long We Keep Personal Data

We keep your data for as long as we are engaged with you and your company and/or the period necessary to comply with our relevant legal obligations and to conduct our proper business operations.
We regularly review the data we hold to try to ensure that it’s accurate and updated. Once you ask us to delete your data or when an engagement closes, or when we no longer need that data, we will remove it from our databases unless we are under a legal obligation to keep the data for a longer period.

XIII. Your GDPR Rights

This Section XIII applies to data subjects whose Personal Data is subject to the GDPR. We recognize the right to access and rectify any Personal Data stored in our systems (in particular our databases), to those individuals concerned.

  • You have the right to obtain from us a confirmation as to whether or not your Personal Data is being handled, and, where that is the case, you can request a disclosure of the Personal Data and certain related information such as the purpose of the handling and the categories of Personal Data in question. This information has to be provided in a clear, transparent and easily understandable manner (right to be informed; Art. 15 (1), (2) GDPR),
  • You have the right to request us to delete certain data pertaining to specific circumstances and if the processing is no longer necessary in relation to the purpose for which it was originally collected (right to erasure, Art. 17 GDPR); Furthermore, you have the right to rectification and completion if you believe that the data concerning you is not correct (right to rectification, Art. 16 GDPR)
  • You have the right to the extent provided by the GDPR - request us to move, copy or transfer (where technically feasible) your Personal Data in a structured, commonly used and machine-readable format, for your own purposes across different services under certain conditions, unless there are legitimate reasons hindering us from undertaking such transmission (right to data portability, Art. 20 GDPR)
  • You have the right to object to the processing of your Personal Data (right to oppose, Art. 21 GDPR),
  • You have the right to request us to restrict or suspend our processing of your data in certain circumstances (right to restriction of processing, Art. 18 (1) GDPR)

To avail yourself of these rights, please contact us by emailing or writing to us and we will endeavor to respond within 30 days. Contact details can be found in the CONTACT Section below.

XIV. Your United States Rights

This Section XIV applies to individuals residing in the United States. If you are a California resident, you may have additional rights; please click here for more information.
You may request access to your Personal Data by clicking here. We will try to locate and provide you with your Personal Data and give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request. But, in either case, we may need to retain it for legal reasons or for legitimate business purposes. You may also remove any content that you post to the Services using the deletion or removal options within the Services. However, we (and you) are not able to control information that you have already shared with other users or made available to third parties through the Services.

If you need further assistance with removing any content you posted through the Services, you can contact us by clicking here. Removal of your posted content may not ensure complete or comprehensive removal from our computer systems.

We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Personal Data. In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.

Please be aware that if you ask us to delete your Personal Data, you may not be able to continue to use the Services. Also, even if you request that we delete your Personal Data, we may need to retain certain information for a limited period of time to satisfy our legal, audit and/or dispute resolution requirements.

We may use third-party service providers that collect information for interest-based advertising purposes (advertisements that are tailored to your likely interests, based on categories in which you have shown an interest). To learn more about these third parties and the choices they offer users, please visit the Network Advertising Initiative’s choices page or the Digital Advertising Alliance’s choices page. If you are reading this Privacy Policy from a mobile device, you can learn more about the DAA's mobile choices program here.

We support the development and implementation of a standard "do not track" browser feature that provides customers with control over the collection and use of information about their web-browsing activities. Once a standardized "do not track" feature is released, we intend to adhere to the browser settings accordingly.

XV. Residents of Nevada

Nevada residents, we do not sell your Personal Data. However, you may click here with questions.

XVI. Right to Complain to a Supervisory Authority

This Section XVI applies to data subjects whose personal data is subject to the GDPR. If you are not satisfied with the way any complaint you make in relation to your Personal Data is handled by us as set forth in the preceding section or if you consider your data protection rights have not been respected, you can lodge a complaint with the relevant Data Protection Authority.
A list with the contact details of the respective Data Protection Supervisory Authorities can be found here:
https://edpb.europa.eu/about-edpb/board/members_en
You can also lodge your complaint with the relevant Lead Data Protection Supervisory Authority for the Toray EU, which is as follows:
Landesbeauftragter für Datenschutz und Informationsfreiheit des Landes Hessen
P.O. box 3163
65021 Wiesbaden
Gustav-Stresemann-Ring 1
2nd floor
65189 Wiesbaden
phone: +49 611 1408 – 0
fax: +49 611 1408 – 611
e-mail: Poststelle@datenschutz.hessen.de
online complaint form: https://datenschutz.hessen.de/service/beschwerde

XVII. Updates to this Privacy Policy

We shall observe all applicable laws, regulations, guidelines and any other standards related to our handling of Personal Data, and shall periodically review and modify this Privacy Policy. Any changes to the Privacy Policy will become effective upon the posting of the revised Privacy Policy on the Services. You can always check the “Last Updated” date at the top of this document to see when the Privacy Policy was last changed. If we make any material changes to this Privacy Policy, we will notify you by reasonable means, which may be by e-mail or posting a notice of the changes on our website or through the mobile app prior to the changes becoming effective. We encourage you to check this Privacy Policy from time to time. IF YOU DO NOT AGREE TO CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES.

XVIII. Contact Us

For questions concerning personal information handled by Toray, please contact the Personal Information Helpdesk via the below inquiry form.

Inquire here.

Privacy Notice for California Residents

This Privacy Notice for California Residents (the “Notice”) supplements the information contained in our Privacy Policy and applies only if you reside in the State of California (you are a “California Consumer”).

“Sell,” “Selling,” “Sale,” or “Sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Data to another business or a third party for monetary or other valuable consideration.

“Share”, “Shared,” or “Sharing” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Data to a third party for Cross-context Behavioral Advertising, whether or not for monetary or other valuable consideration.

“Cross-context Behavioral Advertising” means the targeting of advertising to a consumer based on that consumer’s Personal Data obtained from activity across businesses or distinctly-branded websites, applications, or services, other than the business or distinctly-branded website, application, or service with which the consumer intentionally interacts. (In other words, if we send you an ad based solely on your interaction with us or our Services, this is not Cross-context Behavioral Advertising.)

“Sensitive Personal Data” means Personal Data that is not publicly available and reveals one or more of the following:

  • A consumer’s Social Security, driver’s license, state identification card, or passport number;
  • A consumer’s account log-in, financial account, debit card or credit card number in combination with any required security or access code, password, or credentials allowing access to an account;
  • A consumer’s precise geolocation;
  • A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
  • The contents of a consumer’s mail, email, and text messages unless we are the intended recipient of the communication;
  • A consumer’s genetic or biometric data; or
  • Personal Data collected and analyzed concerning a consumer’s health, sex life, or sexual orientation.

“Verifiable Request” means that the identifying information provided by a consumer in connection with a request matches the Personal Data of the consumer already maintained by us or a third party identity verification service. Identifying information includes name, email address, and any other information reasonably requested by us to verify your identity.

1. Information We Collect

In the past twelve (12) months, the Toray Group has collected the following categories of Personal Data from California residents:

  • Name;
  • Company;
  • Business address;
  • Job role;
  • Email addresses;
  • Phone numbers;
  • Type of shares acquired and the acquisition dates, and securities account information;
  • Department or division, if applicable;
  • Company information, such as address, and website;
  • Bank account information (for payments);
  • Internet Protocol (IP) address; and
  • Content of messages.

In the past twelve (12) months, the Toray Group has not collected Sensitive Personal Data from California residents.

The Toray Group obtains this Personal Data from the following types of sources:

  • Directly from you. For example, from forms when you contact us through the Services or purchase products and services from us; and
  • Indirectly from you. For example, from information automatically sent by your web browser or from analyzing data about your actions on our website.

2. Use of Personal Data

The Toray Group may use, or disclose the Personal Data we collect for one or more of the following “Business Purpose”:

  • To assist us in providing, maintaining, and protecting the Services and the systems used to provide the Services;
  • To setup, maintain, and protect accounts on the Services;
  • To improve our online and offline operations;
  • To communicate with your, such as providing you with account- or transaction-related information, newsletters, or other communications relating to the Services;
  • To perform research and analysis aimed at improving our products and services and developing new products or services;
  • To execute transactions, including those necessary for order placement, shipment, billing, deposits, and payments;
  • To ensure we have your current contact information;
  • To develop a comprehensive view of and track our engagement activity with you and your company, including analyzing the type and quality of engagement activity;
  • To exercise rights and perform obligations under contracts, laws, and regulations;
  • To identify, communicate with, and comply with legal obligations in connection with shareholders;
  • To avoid duplicating meetings or communication on similar topics from a number of projects and functions within Toray;
  • To provide products or services, including providing information about products or services;
  • To send or display Toray Group´s advertising messages and other content that is customized to your interests and preferences;
  • To respond to any questions, feedback, communications, or queries you send us;
  • To notify and report to government agencies and organizations if we are legally obliged to do so and/or in order to protect and enforce our own legal interests;
  • To facilitate Cross-context Behavioral Advertising;
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • To respond to your requests under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (the “CCPA”);
  • For any other purpose described to you when we collect your Personal Data; and
  • For any other acceptable purposes as set forth in the CCPA.

Unless we notify you otherwise, we will not collect additional categories of Personal Data, nor use the Personal Data we collect for any other materially different, unrelated, or incompatible purposes.

3. Retention of Personal Data

We keep your data for as long as we are engaged with you and your company and/or the period necessary to comply with our relevant legal obligations and to conduct our proper business operations.

We regularly review the data we hold to try to ensure that it is accurate and updated. If you ask us to delete your data or when an engagement closes, or when we no longer need that data, we will remove it from our databases unless we are under a legal obligation to keep the data for a longer period.

4. Disclosure of Personal Data

The Toray Group may disclose Personal Data to our “service providers,” to our “contractors,” and to “third parties” (each as defined by the CCPA) for a Business Purpose. When we disclose Personal Data for a Business Purpose, we enter into an agreement with the receiving party that describes the purpose for sharing the Personal Data, and that requires the receiving party to keep that Personal Data confidential. In the case of disclosures to our service providers, our service providers are obligated not to use the Personal Data for any purpose other than performing the services according to their agreement with us. In the case of our contractors, our contractors are obligated not to use the Personal Data for any purpose unrelated to the business purpose for which we’ve engaged them.

We may disclose your Personal Data with the following categories of entities: service providers, contractors, other member companies of the Toray Group.

We do not Sell and/or Share Personal Data

In the past twelve (12) months, we have disclosed the following categories of Personal Data about its California Consumers :

  • Name;
  • Company;
  • Business address;
  • Job role;
  • Email addresses;
  • Phone numbers;
  • Type of shares acquired and the acquisition dates, and securities account information;
  • Department or division, if applicable;
  • Company information, such as address, and website;
  • Bank account information (for payments);
  • Internet Protocol (IP) address; and
  • Content of messages.

5. Your Rights and Choices

If you are a California Consumer, you may request information about our collection, use, disclosure, Sale and Sharing of your Personal Data over the past twelve (12) months, whether or not it was collected electronically. If you submit a Verifiable Request, we will provide you with information regarding:

  • the categories of Personal Data we have collected about you; the categories of sources from which your Personal Data was collected; our Business Purpose for collecting, Selling, or Sharing your Personal Data; the categories of third parties with whom we disclose that Personal Data; and the specific pieces of Personal Data we collected about you; and
  • if we Sold, Shared, or disclosed your Personal Data for a Business Purpose: what categories of Personal Data we Sold or Shared, and to which categories of recipients we Sold or Shared it; and what categories of Personal Data we disclosed for a Business Purpose, and to which categories of recipients we disclosed it.

You also have the right to request a copy of your Personal Data, and/or to request that we transmit your Personal Data to another entity. To the extent technically feasible, we will comply with your request and provide and/or transmit your Personal Data in a structured, commonly used, machine-readable format.

You also have the right to request that we delete any of your Personal Data that we collect or maintain by submitting a Verifiable Request. We may deny your deletion request if retaining your Personal Data is necessary for us or our service providers or contractors to:

  • Complete the transaction for which we collected your Personal Data, provide goods or services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  • Debug products to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their right of free speech, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the achievement of such research, if you previously provided informed consent;
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  • Comply with a legal obligation; or
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

You further have the right to request that we correct any of your Personal Data that is inaccurate by submitting a Verifiable Request. We will correct any inaccurate Personal Data pursuant to your request to the extent possible using commercially reasonable efforts. We may deny your correction request if the Personal Data is accurate. We may also delete your Personal Data instead of correcting it to the extent such deletion would not negatively impact you. If you choose to exercise a privacy right under the CCPA, you have the right not to receive discriminatory treatment.

You may submit a Verifiable Request for the information listed above, or exercise any of your rights enumerated under this Notice, by calling us at (800) 519-2921, or by completing a form on our website. You may also submit a Verifiable Request on behalf of your minor child.

After we receive your Verifiable Request, we will provide to you, in writing and free of charge (unless your request is excessive, repetitive, or manifestly unfounded), the requested information for the 12-month period preceding your request (unless you specifically request disclosure beyond such 12-month period, in which case, we will process your request with respect to Personal Data we have collected during the time period you specify, provided that (a) the earliest date that your request may apply to is January 1, 2022, and (b) processing your request does not require disproportionate effort). You can choose to have this information delivered to you by postal mail, electronically. We will try to respond to your verified request within forty-five (45) days of receipt, but if we require more time (up to another forty-five (45) days) we will inform you of the reason and extension period in writing. Please note that we are not required to comply with your request for information more than twice in any 12-month period. If applicable, our response will explain the reasons why we cannot comply with your request.

If you are 16 years of age or older, you will have the right to direct us to stop Selling or Sharing your Personal Data to third parties at any time. You may opt-out here. However, if you change your mind, you may opt-in to Personal Data Sales at any time by resubmitting your Personal Data to us. We do not knowingly Sell or Share Personal Data from California Consumers who are under 16 years of age. Consumers who opt-in to Personal Data Sales or Sharing may opt-out of future Sales or Sharing at any time.

If you have an authorized agent to submit your Verifiable Request, we may require you to (i) provide a copy of your signed permission authorizing the agent to do so, (ii) verify your own identity directly with us, or (iii) directly confirm with us that you provided the authorized agent permission to submit the request.

If you choose to exercise any of the rights enumerated under this Notice, we will not:

  • Deny you goods or services;
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
  • Provide you a different level or quality of goods or services; or
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, please be aware that it may be a functional necessity for our Services to have Personal Data about you in order to operate, and we may not be able to provide some or all of our Services to you if you direct us to delete your Personal Data.