Privacy notices

We may process Personal Data you provide directly to us, Personal Data we collect through automated means, or Personal Data we obtain through other sources. You are not required to provide any Personal Data, however, if you choose not to do so, we may not be able to provide you with our products or services or respond to your requests. Generally speaking, we will collect Personal Data relating to you and/or your use of our services in the following ways:

(A) Personal Data you provide to us:

• Contact data

We collect contact details when you sign-up to receive email alerts, attend one of our events, visit our offices, work with us, download our content, subscribe to our newsletters or where you ask us to respond to a query you have. The Personal Data we collect may include your name, email address, phone number, job title, and workplace location. 

• Marketing and communications data 

We collect Personal Data relating to your preferences regarding receiving marketing information from us and your communication preferences (where permitted under applicable privacy laws). 

• Location Data

We may ask you where you are located as part of our marketing activities, or when you sign up to events or ask to attend meetings. This will not be tracked through your device and will only include information you have shared with us.

(B) Personal Data we collect through automated means:

• Personal Data relating to your use of our website(s)

We collect Personal Data about how you use our website(s). This includes Personal Data relating to the pages you visit on our website(s), the services or information you search for and the links and content you choose to access.

• Profiling data

We may use the Personal Data you provide through your use of our website(s) to provide you with relevant content and to inform our marketing strategy. This type of activity is sometimes known as “profiling” – using automated means to process your Personal Data to analyse or predict your personal preferences, interests or behaviours. You can object to profiling (where entitled under applicable privacy laws).

•  Technical Personal Data 

We collect Personal Data about the device(s) you use to access our website(s) as well as other related information. You may find more information on the cookies we use and the purposes for which we use them on our separate Cookie Notice (available here: https://www.dentsu.com/policies/cookies-notice).

(C) Data we collect from other sources:

• Data we collect from third parties

We may collect Personal Data about you from third parties. Such third parties may include analytics providers, affiliate partners and third-party platforms such as LinkedIn. We may also collect Personal Data where you register and/or attend an event which we host or are a named affiliate partner of. We do not buy Personal Data lists.

Note that we do not actively seek to collect information about children or minors, or anyone’s sensitive Personal Data. Please see more details below.

• Children

We do not actively seek to collect the Personal Data of children or minors (as defined under the applicable law in your jurisdiction). If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered Personal Data onto our website(s), please contact us at dpo@dentsu.com. We will delete such Personal Data from our records within a reasonable time.

• Sensitive Personal Data

We do not intentionally collect or request sensitive Personal Data as part of the processing activities carried out under this privacy notice.

Except where required by law, we use and process the Personal Data we collect about you for the following purposes: 

• to generate leads;
• to send you newsletters and information relating to our brands and services;
• to manage our relationship with you;
• to arrange and manage visits to our offices;
• to ensure our website(s) are kept relevant and useful;
• to ensure our website(s) remain secure;
• to respond to your enquiries and feedback;
• to respond to, and manage, data subject rights requests;
• to analyse and/or improve our services;
• to verify your identity and Personal Data;
• to maintain and update our records;
• to protect and defend our legal rights / respond to complaints; and
• to facilitate acquisitions and potential acquisitions of or by our business, including any related transitional and business integration activities.

Under various data protection laws we are required to advise you on the legal basis for processing your personal data. In the table below we set out further information about the purposes for which we use your personal data and the legal basis we rely on for its use (where required under applicable privacy laws). Note that we may process your personal data for different lawful basis depending on the specific purpose for which we are using your data.

In Asia Pacific markets we usually rely on consent as our lawful basis in accordance with and as required by local laws. Where this is the case, we will have explicitly asked you to consent, and you will have the ability to withdraw your consent at anytime. Alternatively, we may rely on other lawful basis such as legitimate interest, as listed below, or any other lawful basis permitted under applicable privacy laws in relation to the specific processing activity.

Processing Activity	Types of data used	Lawful basis (where applicable)
To arrange and run events: The process by which invitations are sent to, acceptances are received from and attendance at dentsu events, are managed.	Contact data, data we collect from other parties, location data.	Legitimate interests
To generate leads: We may use Personal Data collected from visitors to and users of our website(s), attendees of events, or client contacts to locate potential leads.	Contact data, data we collect from other parties, Personal Data relating to your use of our website(s).	Legitimate interests or consent (where you have expressly provided it)
To send you our newsletters and information relating to our brands and services: The distribution of dentsu's own commercial content to potential customers, leads and prospects, and anyone else who has subscribed to receiving such collateral.	Contact data, data we collect from third parties, location data, marketing and communications data.	Consent
To manage our relationship with you: The processing of basic contact details of clients and suppliers for the purpose of relationship, account and/or project management.	Contact data, location data, marketing and communications data, technical Personal Data	Contractual necessity
To arrange and manage visits to our offices: the process of ensuring we keep an appropriate record of all visitors to the office, as well as possible accidents or incidents that may have occurred.	Contact data, location data.	Legitimate interests
To ensure our website(s) are kept relevant and useful: We conduct statistical analysis on your usage of our website(s) e.g. to enable us to improve our website(s), offer new features and material.	Personal data relating to your use of our website(s), Personal Data processed through automated means, technical Personal Data.	Legitimate interests (to study how clients use our service and engage with our content. To develop our service, to grow our business and to inform our marketing strategy) where permitted under applicable privacy laws.
To ensure our website(s) remain secure: This process protects against malicious web activity and blocks access to our website(s) that violate enterprise policy. Cloud and endpoint web filtering service.	Personal data relating to your use of our website(s), technical Personal Data.	Legitimate interests
To respond to any enquiries or feedback that you send us: To update you with any changes to our terms and conditions/other policies	All Personal Data we collect may be relevant.	Legitimate interests or Contractual Necessity
To respond to, and manage, data subject rights requests: The process of responding to data subject rights requests such as data subject access requests, data erasure requests, requests to opt out from specific type of processing and other, as legally required under relevant data protection laws.	All Personal Data we collect may be relevant.	Legal Obligation
To analyse and improve our services: this processing enables us to utilise our interactions with you to ensure we continue to provide the best service possible.	Personal data relating to your use of our website(s), email, name, phone, company name, job title.	Legitimate interests or consent where cookies are used
To maintain and update our records: we are required to keep up to date records to ensure we can operate efficiently and effectively as a business.	Contact data, location data, marketing and communications data.	Legitimate interests or Legal obligation
To protect and defend our legal rights / respond to complaints: This process involves complaints submitted to dentsu by regulators and/or individuals whistleblowing regarding dentsu Personal Data protection and management practices.	All Personal Data we collect may be relevant.	Legal obligation or Legitimate interests
To facilitate acquisitions and potential acquisitions of or by our business, including any related transitional and business integration activities.	All Personal Data we collect may be relevant.	Legitimate interests

We will keep your Personal Data for as long as is necessary for the relevant service, in accordance with our legal obligations. After this time, your Personal Data will either be securely deleted or anonymised so that it can be used for analytical purposes. You may request further information about our retention periods via the contact details given in this privacy notice or request that we delete your data in accordance with your rights as set out below.

We maintain appropriate organisational and technological safeguards to help protect against unauthorised use, access to or accidental loss, alteration or destruction of personal data whether in physical or electronic form. We also seek to ensure our service providers and/or any approved external Third-parties who store or process personal data on our behalf do the same. The safeguards we use, depending on the circumstances, may include firewalls, penetration testing, vulnerability scans, encryption and restricted access to our IT systems. 

Whenever we share Personal Data, access is controlled on a need-to-know basis, and is only provided where it is necessary to provide you with requested services or to allow us to perform any necessary or legitimate functions.

We will only transfer your Personal Data outside the market in which you are located where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any Personal Data being processed and in compliance with applicable privacy and data protection laws. This may be through a contract we have in place with the importing company, or because the importing company is based in a jurisdiction with stricter data protection laws than the jurisdiction from where it is exported.

We take internal data protection very seriously. Our employees and the service companies commissioned by us have been contractually bound to treat personal data with appropriate confidentiality and to act in compliance with data protection regulations.

Information shared with our third-party service providers

We use a number of third parties to perform business functions on our behalf, such as sending our newsletters and hosting our online services and customer relationship management. We will only disclose the information necessary to enable these third parties to perform their services. Our service providers are contracted to comply with our instructions. 

We might share information with third parties who help us with our marketing efforts, including social media platforms, advertising networks, and ad tech companies. For example, we may share email addresses or other contact information with social media platforms so they can serve our advertising to you on their platform. Personal data received by our partners may also be subject to their privacy policies and the tools they provide for you to manage how your Personal Data is used for advertising purposes.

Group company transfers

Dentsu International is a globally operating media group consisting of multiple companies. Therefore, we may from time to time disclose your Personal Data within our group of companies.

Where we transfer Personal Data between our group companies, we have covered these transfers by entering into an Intra-Group Data Transfer Agreement. This provides us with a mechanism to transfer Personal Data around the globe where necessary.

We may also disclose Personal Data with any successor to all or part of our business. For example, if part of our business is sold, we may give our customer list as part of that transaction.

Information shared with other parties 

Where required or permitted by law, Personal Data may be provided to others, such as regulators and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency request, or where we believe it is necessary to investigate, prevent or act regarding illegal activities, and as otherwise required by law. 

We may also collect Personal Data from the parties described in this section.

You may request further information on the measures used for such transfers via the contact details given in this Privacy Notice.

Depending on the applicable privacy law of the market you are in, you may have several rights in relation to your Personal Data, including:

• Objecting to our processing of your Personal Data. Where we rely on legitimate interest (or those of a third-party) and if you feel it impacts on your fundamental rights and freedoms, you can object to our processing. You also have a right to object where your Personal Data is used for direct marketing or profiling. You can object at any time, and we shall stop processing the data you have objected to, unless we can show legitimate grounds to continue. 
• Accessing your Personal Data. We may be required to provide you with information we hold about you upon your request, including a description and copy of the Personal Data and why we are processing it, unless a lawful exception applies. We will require you to prove your identity before providing your Personal Data.
• Requesting the provision of your Personal Data to a third party. You may ask us to provide you or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. This right only applies to Personal Data you have provided to us; and if you have consented to our use or where we used the Personal Data to perform a contract with you. 
• Requesting erasure (deletion) of your Personal Data.  You may ask us to delete your data where you think we no longer require it. Note, we may be required to retain certain Personal Data by law and/or for our own legitimate business purpose. But when we do so, we will inform you.
• Requesting correction or updating of your Personal Data. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected. 
• Requesting the restriction of our processing of your Personal Data. In some situations and only in some jurisdictions you can request a restriction to our processing. If you request this, we can continue to store your Personal Data but are restricted from processing it while the restriction is in place.
• Withdrawing your consent. Where you have consented to our processing of your Personal Data, you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal or our right to continue collecting, using or disclosing your Personal Data where permitted by applicable laws without consent. If you receive marketing communications from us, you can withdraw your consent to marketing by hitting the unsubscribe button contained within the email.
• Making a Complaint. We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint, or if you wish to reach out to them directly, you can complain to your local data protection authority. For example, in the UK, the local data protection authority is the UK Information Commissioner's Office. If you have any questions about who your local authority is, please contact us and we can provide the relevant information.
• Opting out of marketing. You may choose not to receive marketing communications from us. You can ask us to stop such messages at any time by clicking on the “unsubscribe” link at the bottom of the message.  Please note that even if you choose not to receive marketing communications from us, you still may receive non-marketing communications, such as responses to your inquiries or notices regarding your account or our relationship with you.

If you exercise the rights above, the request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide adequate information that we can reasonably verify that you are the person about whom we collected the Personal Data (including information that enables us to verify the identifying information we possibly maintain about you).

We will respond to requests within the required timeframes. If we need extra time to respond, we will let you know why, and how long we require, in writing. To protect your Personal Data, we will only honour requests if we have been able to verify your identity or authority to make the request and confirm the Personal Data relates to you. The method used to verify your identity will depend on the type, sensitivity and value of the information, including the risk of harm to you posed by any access or deletion. Verification will usually be performed by matching the identifying information provided by you to the Personal Data that we already have.

Note that if you are in a market where these rights do not exist, we reserve the right to deny your request.

This privacy notice is limited to the Personal Data collected by us. We do provide links within our website(s) to other websites, including social media websites such as Facebook, Twitter and LinkedIn, or links to the sites of other dentsu entities. If you follow these links, your use of these websites will be governed by their applicable user and privacy notices since their data practices fall outside the scope of this privacy notice. Further, we can have no responsibility for or control over the Personal Data collected by any third-party website and we cannot be responsible for the protection and privacy of any information which you may provide on such websites.

This privacy notice may be updated from time to time to reflect changes in law, best practice, changes in what we do, or changes in the way we treat Personal Data. The date of the most recent revision will appear at the top of this page. If you do not agree to the changes, please stop using our services and refrain from sharing your Personal Data with us. You should check this notice frequently for updates.

If you have any questions about this privacy notice, our approach to privacy or you would like to exercise any of the rights mentioned in this privacy notice you can contact our Data Protection Officer in any of the following ways:

1. Address: Data Protection Officer, Dentsu International, Regent’s Place, 10 Triton Street, Regent’s Place, London, NW1 3BF
2. Email: DPO@dentsu.com  
3. Or using the information of your local DPO included in the section below.

(a) Transfers

The dentsu entities and other parties with which we share Personal Data may be located in European Economic Area, United Kingdom, United States of America, India, Singapore, New Zealand, and other countries. While they will often be required to comply with obligations to protect that Personal Data, we will and are not responsible for ensuring they comply with the specific requirements of your country’s privacy and data protection laws.

(b) Data Subject Rights

Requesting correction or updating of your Personal Data. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected. In Australia, you have related rights, including asking us to tell third parties about the correction if we had disclosed the uncorrected Personal Data to them, or, if we decline to make a correction, to ask us to note your disagreement together with the data.

Accessing Your Personal Data. If we decline your request, we will generally tell you why.

Belgium (dentsu)

Local Controller:  Dentsu Belgium BV. Boulevard du Souverain 24, 1170 Watermael-Boitsfort, Belgium

KBO 0766.997.311

Contact us: E-mail: dpo@dentsu.com

Local data protection authority: Gegevensberschermingsautoriteit

 https://www.gegevensbeschermingsautoriteit.be/burger/startpagina

Last Updated: 02/20/2026

In addition to the conditions set forth in the Dentsu Global People Privacy Notice, this Privacy Statement for Dentsu Brasil Employees applies specifically to personal data collected and/or processed by Dentsu in Brazil during the recruitment and selection phase, during the provision of services (by employees or service providers), and after the termination of the relationship with Dentsu Brasil.

Additional information on how Dentsu processes your personal data in Brazil may be communicated directly to you, locally, in specific cases.

Glossary

In addition to the terms defined in the Dentsu Global People Privacy Notice, the following definitions apply to this Privacy Statement for Dentsu Brasil Employees:

Personal data means any information related to you or that allows your identification.

Sensitive personal data means any personal data relating to racial or ethnic origin, religious belief, political opinion, trade union or religious affiliation, membership in philosophical or political organizations, data relating to health or sex life, genetic or biometric data, when related to a natural person.

Anonymized data means any personal data related to an individual who cannot be identified, considering the use of reasonable and available technical means at the time of processing to make the data anonymous.

LGPD means the General Data Protection Law (Law No. 13,709/2018), which regulates the processing of personal data in Brazil and applies to processing carried out in Brazil, processing related to the offer or supply of goods or services in Brazil, processing of data of individuals located in Brazil, and personal data that has been collected in Brazil.

International transfer means sending personal information outside Brazilian territory (for example, storing it on equipment located outside Brazilian territory) or allowing someone from outside Brazilian territory to access such information.

What personal data do we collect and how do we use it?

The personal data we collect about you varies according to your situation, your role, and whether you are a potential, current, or former employee or service provider. Below you will find information about what personal data and the purposes for processing your data, with an indication of the legal bases applicable in Brazil.

RECRUITMENT

We will need to process the personal data of all potential employees from the moment you become a candidate for a position. This allows us to assess your suitability for the position and for our company. The types of processing are as follows:

Purpose	Details	Legal Basis
Assess suitability for the position	We will use your personal data to assess your suitability for the position, enable pre-screening, prepare necessary interviews and assessments, and contact you to organize, conduct, evaluate, and provide feedback on assessments and interviews and, when successful, to make an offer/provide a work agreement/contract. This applies to all candidates and is valid whether you have already made a request directly to us, were added as a prospect, through an agency, or any other third party. For this purpose, we will collect: Contact data and other information to confirm your identity. This includes your name, gender, address, telephone number, date of birth, and email address; Information about your employment history and skills. This includes your resume, application forms, references, qualification records, skills, training, and other compliance requirements. This may also include records of when you contact us, emails, webchats, and telephone conversations; and Information generated by us and by you, through a combination of recruitment activities to better assess suitability for the position(s), such as interviews, assessment centers, assessments/tests (cognitive ability tests, skills tests, personality tests, employment simulations, psychometric tests, etc.). For example, you may take a written test, or we may take interview notes. When working at Dentsu, we will also use your personal data to assess your suitability for other positions you may apply for or projects that may be assigned to you.	Legitimate Interest
Candidate administration	We will conduct background checks (where permitted by law), using internal resources or approved third parties, to establish work eligibility and other background checks that are proportional to the risks and responsibilities of each position, such as criminal records, financial sanctions, etc., as well as follow-up references provided to us and potentially other sources, when necessary. We will process and record the personal data of anyone who has employment at Dentsu, even if they do not show up on the first day.	Legitimate Interest / Contract Performance / Legal Obligation
Talent Pool	If you are unsuccessful after assessment for the position or are a prospect, we will keep your data in our talent pool for a reasonable period so that we can contact you if suitable new vacancies arise. If you want us to delete this data, please contact the Data Protection Officer. Candidates can also request deletion of all data held in our HR system at the application login.	Legitimate Interest / Consent
Reasonable adjustments	Where applicable, we will make reasonable adjustments to the recruitment process based on accessibility requirements you inform us of or that we become aware of. For this purpose, we may, depending on the circumstances, collect information about you to help us assess adjustments that need to be made or work restrictions that may apply. This may include your nationality, preferred language, and details of any accessibility requirements.	Legitimate Interest / Legal Obligation
Equal opportunity monitoring	We may ask you to share information about your ethnicity, disability, age, religion/belief, gender, and sexual orientation. This information is used to comply with equality and diversity requirements and to help us improve our employment practices.	Legitimate Interest / Consent

WORKING FOR DENTSU

We will use your personal data for the purposes of your contract with us, to comply with legal obligations, to ensure fraud prevention and security of the data subject, for the regular exercise of rights, or when we have a legitimate interest in doing so to manage and protect our business. We will rely on Dentsu's legitimate interest when it is not overridden by the interests or fundamental rights and freedoms of our personnel. The table below lists the ways we do this.

1. To Help You in Your Role

Purpose	Details	Legal Basis
Employee Administration	We will maintain and process the general records necessary for worker management, to operate the employment contract or service contract between you and the Dentsu organization, and we will need to allocate and manage your duties and responsibilities and the business activities to which they relate. Depending on where you are based, we may process and record your personal data for purposes that include, but are not limited to: Collecting information to facilitate your onboarding into the organization. For example, receiving IT equipment and setting up your systems or sending items to your home address if you work remotely. Facilitating changes within the company in case of changes to your position, location, or manager. If you move to another location, there are support processes for visa requests, taxes, and relocation assistance. Conducting surveys for new employees or those who have left. We may need to respond to reference requests made for you, for example, by new employers, etc. For some leave requests, we will need information indicating time so that we can approve, apply correct policies, and redistribute workload as necessary. In certain locations and for some roles, overtime will need to be tracked. When requested, we will need to process the information necessary to help you participate in activities and programs for which you are eligible. In some Dentsu units, we have workforce representation groups that need to be informed when workers join or leave the company.	Legitimate Interest / Contract Performance / Legal Obligation
Compensation and Benefits Administration	This involves providing and administering compensation, benefits (such as insurance, policies to benefit your health and well-being, etc.), and recognition/incentive schemes. This may involve us passing appropriate personal data to relevant third-party providers so they can contact you, or you may register directly with them. We will also provide the details of any beneficiaries you designate in case of death or other benefits to the relevant third party. We may use third-party providers for benefits and recognition systems, and we will ensure that we follow the requirements of the law and that your personal data is properly protected by them. We will implement salary benchmarking processes and reports as required by law, ensuring that we are rewarding our employees adequately with pay equity. We will process personal data related to employee awards, recognition schemes, and incentives to reward good performance. We may contact you or send gifts on special occasions, such as your birthday, and to recognize 'length of service' milestones. We will do this using any personal data you provide us (whether in an HRIS or more generally), but you can always ask for this not to happen by contacting your Leader or opening a case through Ask People Services.	Legitimate Interest / Contract Performance / Legal Obligation
Conduct reviews and determine performance requirements	Where applicable, we may need to conduct reviews to assess or investigate performance, capability, conduct, absence, or complaint, as well as other informal and formal HR or Legal processes, to make related management decisions and any other requirements of our contract with you. We will review and track your performance at regular intervals. Your personal data will be stored to track your progress. The ways your data will be used may include: Setting objectives and goals. Tracking progress against identified deficiencies based on specific action plans. Tracking your competencies against your current and other roles. Collecting feedback from managers, colleagues, direct reports, and other members of the organization. Managing rewards for employees who meet objectives/tasks.	Legitimate Interest / Contract Performance
Processing work-related claims from employees	Where applicable, we will need to process any claims made by you or involving you when one of the parties is seeking compensation in cases of illness or injury.	Legitimate Interest / Regular Exercise of Rights
Payroll Management	This involves providing and administering payroll, including tax and social security deductions and contributions, as well as any other deductions required by law or by your contract. We often use third-party providers for benefits and recognition systems, and we will ensure that we follow the requirements of the law and that your personal data is protected by adequate technical and organizational measures.	Legitimate Interest / Contract Performance / Legal Obligation
Expense Management	This involves reimbursing expenses when you have already paid for something considered an actual business cost or providing access to corporate credit cards. We often use third-party providers for expense systems and credit card schemes, we will ensure that we follow the requirements of the law and that your personal information is protected by adequate technical and organizational measures.	Legitimate Interest / Contract Performance

2. To Ensure Our Success as a Company

Purpose	Details	Legal Basis
Daily business operations	We will process your personal data due to your daily activities in your role with us at Dentsu. The type of personal data processed will depend on the nature of your position, but may include: Being part of internal group/'all office' email distribution lists; Having the ability to access team business records, such as email, Office 365, Teams, and OneDrive; Time management and team scheduling, including timesheet recording; Sharing contact information with clients, including for presentations; Booking and billing of services; Inviting and confirming your attendance at internal and external Dentsu events; Providing knowledge to a central service management system (e.g., ServiceNow) and responding to service downtime; Logging IT Service Desk tickets with internal system providers, which includes support for: (i) allowing internal or external IT support to remotely operate or physically repair team systems as needed to fix/manage requests made by you (only when you have granted access via screen or camera sharing); and, (ii) providing AI service desk chatbot to assist in triaging service calls; Tracking intranet usage. You will be available to search on the intranet; and information will appear on pages where you produced the content; Booking systems for meeting rooms and desks.	Legitimate Interest / Contract Performance
Business management and planning	Your personal data may be stored to enable Dentsu to manage its business operations and plan adequately for the future. This will include resource planning, project planning, staff cost management, resource allocation, client profitability analysis, and timesheet compliance. Managers are required to assess their direct reports to analyze Potential Level, Retention Risk, and Loss Impact. Your information will be processed for this on an ongoing basis.	Legitimate Interest
Accounting and auditing	This includes managing forecasts, budget/account management, and planning for the future. From time to time, we will disclose your personal data to third-party service providers (e.g., Microsoft Dynamics 365) to assist in our accounting and auditing processes.	Legitimate Interest / Contract Performance
Crime prevention and detection	We use your information to prevent and detect illegal activities, including IT and building access rights, security monitoring, CCTV use, fraud detection, and prevention measures.	Legitimate Interest / Fraud Prevention and Security of the Data Subject
Network and information security	We have systems to prevent unauthorized access to our computers and electronic communication systems, as well as to prevent the distribution of malicious software. Your personal data is processed for various reasons, including authentication of legitimate users, contacting you in case of an incident, training and testing on phishing awareness, setting up IT alerts, and restricting where corporate data can be stored. To further enhance security, we have implemented a secure corporate browser for Dentsu-managed devices and for Dentsu corporate applications on personal devices. This system monitors users' browsing activity to protect against malicious sites, threats, and malware, capturing and storing all browser-related traffic, including (but not limited to) sites visited, data transfers, IP addresses, and Dentsu email addresses. We also deploy tools that capture and process data about the reliability of Dentsu devices and systems and to identify issues requiring additional diagnostics, monitoring various technical parameters of end-user devices, with the aim of performing real-time device performance analysis. Please note: This system will not: monitor other browsers on your personal device (e.g., Chrome, Edge, Safari, etc.); The only data we will collect relates to interactions with corporate applications. Collect any inputs or clicks made by you on a website, including filling out forms, answering questions, or updating details. We only collect the full URL. Process, correlate, or share any collected information unless it triggers a security event.	Legitimate Interest / Contract Performance / Fraud Prevention and Security of the Data Subject
Support internal administration with our affiliates	This may include planning, due diligence, and implementation regarding a business transaction or service transfer that impacts your relationship with Dentsu. For example, mergers and acquisitions or a transfer of your employment under automatic transfer rules.	Legitimate Interest
Data analysis and reporting	We do this to review and better understand employee retention and attrition rates, as well as understand the success of our systems/programs. This helps inform our business decisions, and we often rely on third-party assistance for this. Your information may be collected for operational and business reporting documentation, such as preparation of annual reports, which may use images and photographic graphics, as well as team engagement questionnaires or benchmarks. Your data, if used, will normally be anonymized so that you are not personally identified. We will also perform data mining to assess the success of our systems and analyze how we can help you work more efficiently.	Legitimate Interest

3. To Keep Us Compliant

Purpose	Details	Legal Basis
Compliance with applicable legislation	We are required to monitor and document activity as necessary to demonstrate legal compliance. This includes conflict of interest records, gifts and hospitality, anti-bribery and corruption reports, as well as mandatory compliance training. This also includes our obligations regarding maternity or parental leave legislation, working time and health and safety legislation, tax rules, worker consultation requirements, other labor laws and regulations to which Dentsu is subject. Personal data is also maintained, allowing us to process rights requests that employees may have during or after their employment at Dentsu. Occasionally, we will need to comply with legal requests from public authorities (including, without limitation, to meet national security or law enforcement requirements), discovery requests or, when required or permitted by applicable laws, court orders, government regulations, or regulatory authorities (including, without limitation, data protection, tax, and employment), whether within or outside your country.	Legal Obligations / Legitimate Interest / Regular Exercise of Rights
Equal opportunity monitoring	We will also need to collect information such as ethnicity, disability, age, religion/belief, gender, and sexual orientation to comply with equality and diversity requirements and help improve the company's employment practices. We conduct D&I and social impact initiatives and ask all employees to sign a DEI commitment, for which your personal data will be processed.	Legitimate Interest / Consent
Education, training, and development requirements	Throughout your employment at Dentsu, you will undergo various training programs to enhance your skills and to comply with mandatory compliance requirements. This depends on your position and where you work, but may include: Mandatory Data Protection, Ethics and Compliance, Intellectual Property, Code of Conduct, and Security e-learning courses. Completion of these training courses by employees is recorded and stored. Additional mandatory training courses may be added, and completion is required, based on market and global requirements. External trainers occasionally conduct sessions. Basic personal data will be shared with these trainers. In certain markets, we offer a mentoring program to assist in the mentee's progression and learning. Participation data is monitored, and employee profile data may be used to select appropriate mentor/mentee matches. Available learning platforms will track learning content utilization, assessment scores, platform access, learning completion, and participation in live learning programs.	Legitimate Interest / Contract Performance
Compliance with health and safety obligations	This will include the need to process information about absence or (where required or permitted by applicable law) medical information related to physical or mental health or condition to: assess eligibility for compensation or benefits related to disability or permanent incapacity; determine fitness for work; facilitate return to work; make adjustments or adaptations to duties or the workplace; and make management decisions about employment or engagement, or continuation of employment or engagement, or reallocation, and conduct related processes. This includes offering support for work-related injuries, illnesses, managing your health and safety, providing any accessibility support you may need (including when you inform us in your health declaration when joining us and as updated by you when appropriate), and contacting your emergency contact if needed. This may include making a referral to occupational health services and assisting you with sickness retirement claims. Any team member who needs assistance leaving the building in an emergency will have their information provided to firefighters through Personal Emergency Evacuation Plans (PEEPs). These firefighters and any first responders will also have their information stored in company systems, including training received. In some Dentsu locations, we will conduct Display Screen Equipment (DSE) Assessment and Pregnant Mother (NEM) Assessment to ensure workstations are suitable for all employees. We are also required by law to record details of any accident that occurs in the workplace.	Legal Obligation / Legitimate Interest / Contract Performance / Regular Exercise of Rights
Business continuity	We may contact you in case of emergency or potential threat to you or our business, such as a natural disaster or cyber attack. These emergencies or disasters may include a fire or any other case where business cannot occur under normal conditions. To ensure you are promptly informed about these events, we may use any personal data you provide us (whether in an HRIS or more generally), which may include your private contact details, for example, private phone number or email. The following scenarios are in scope: Severe weather; Emergency Service/Security Incidents; Health emergencies; Cybersecurity; Significant technological failures.	Legitimate Interest

4. To Resolve Disputes

Purpose	Details	Legal Basis
Collecting evidence for disciplinary action or dismissal	Sometimes we may need to collect personal data related to any allegations, complaints, investigations, and disciplinary proceedings that occur during your time working at Dentsu, whatever your role in the process. This may include employee whistleblowing, which may be handled by third-party services. Evidence in all cases will need to be gathered and recorded for the duration of any investigation. We may also need to manage legal proceedings on behalf of Dentsu. Your data may be processed when necessary.	Legitimate Interest / Legal Obligation / Regular Exercise of Rights
Monitoring of communications at work	In accordance with relevant laws, we reserve the right to monitor and scan electronic communications sent using the accounts, network, and equipment we provide for work purposes. This is to ensure that Dentsu's IT resources are being used in compliance with the law and are aligned with Dentsu policies. You can learn more about using Dentsu's IT resources in our Acceptable Use Policy on Neon.	Legitimate Interest / Contract Performance

LEAVING DENTSU

After terminating your position with us, we may need to retain your personal information to fulfill certain contractual, commercial, or legal obligations, for the regular exercise of rights, or our legitimate interests for the following purposes:

Purpose	Details	Legal Basis
Employee administration	When you leave Dentsu, we execute certain processes involving your personal data to understand why you left us, to help administer our business, or to support a legal obligation we have. When you leave, we may conduct an exit interview and ask you to participate in a leaver survey. Your data will be used when we are preparing for your departure, for example, when you are returning IT equipment or corporate credit cards. This may involve using your home address if you work remotely. We will also retain information to manage and administer your pension and other related legal obligations.	Legitimate Interest / Contract Performance / Legal Obligation
Processing work-related claims from employees	Sometimes we need to handle claims or disputes involving you or others. This may include an accident at work. We do this because we have a legal obligation to provide the information, or it is in our interest to bring or defend a claim.	Legal Obligation / Regular Exercise of Rights
Business management and planning	After your departure, we will retain certain information to understand and substantiate decision-making in your role and maintain knowledge within the business; for example, this may include your handover notes or emails you sent. We do this because it is in our interest to use this information to help administer our business, or it may be to support a legal obligation we have. We may also ask if you would like to participate in our alumni marketing program, where you may receive communications about Dentsu and information about new job openings.	Legitimate Interest / Contract Performance
Compliance with applicable legislation	When necessary, we may need to use your personal information to fulfill our obligations to third parties related to your employment, such as tax authorities and professional bodies.	Legal Obligation / Legitimate Interest
Equal opportunity monitoring	Where required or permitted by applicable law, we conduct monitoring programs to ensure equal opportunities and diversity regarding personal characteristics protected by local anti-discrimination laws.	Legitimate Interest / Consent

International Data Transfer

Dentsu is a globally operating media group composed of several companies. Some of our group companies are located outside Brazil. To ensure the effectiveness and efficiency of your services and communication within the group, your personal data may be shared with other Dentsu entities located in other countries. In these cases, there will be an international data transfer.

We may also share your personal data with foreign vendors and store your personal data on servers located outside Brazil, including, but not limited to, third-party providers, cloud computing servers, external consultants, insurers, clients, and public authorities.

When transferring your personal data outside Brazil, we will ensure that there are adequate levels of security and will use one of the transfer mechanisms provided for in the LGPD.

You may request more information about how we make these transfers through the contact channel indicated in this Privacy Statement for Dentsu Brasil Employees.

How long do we keep your personal data?

We keep your personal data for as long as necessary to fulfill the purposes for which it was collected.

If you are an employee or former employee of Dentsu, your personal data will be kept for the period of your employment contract or service contract plus the applicable legal and/or regulatory retention and/or limitation period after the end of the employment or contract period.

If you are a candidate, your personal data will be kept for the period during which you are participating in a selection process. If, following assessment, your application for the intended position is unsuccessful, we will keep your personal data in our talent pool for a period of six months so that we can contact you if other vacancies that may suit your profile subsequently arise.

If you do not wish to be part of our talent pool, you may request your exclusion through our contact channel indicated in this Privacy Statement for Dentsu Brasil Employees.

After the purposes for which your personal data was collected have ended, it will be deleted or anonymized so that you cannot be identified and it can no longer be associated with you.

Your Rights

Specifically in Brazil, you have the following rights regarding your personal data:

Confirmation: right to be informed about the existence of data processing.

Access: right to request access to your personal data, including a description and copy of your personal data and the reason we are processing such data, unless a legal exception applies.

Correction: right to request the alteration of data when it is incomplete, inaccurate, or outdated.

Restriction: right to object to or request anonymization, blocking, or deletion of unnecessary, excessive data, or data processed in non-compliance with personal data protection legislation.

Portability: right to request the transfer of processed data to you or a third party, including another service provider, in a structured, commonly used, and machine-readable format. This right applies only to personal data you have provided to us.

Deletion: right to request the deletion of personal data processed based on your consent. Please note that we may be required to retain certain personal data by law and/or for our own legitimate business purposes, but when we do, we will inform you.

Information: right to be informed about the public and private entities with which your data has been shared and about the possibility of not providing consent and the consequences of such refusal.

Revocation of consent: right to revoke consent, when processing depends on your consent, at any time, through express manifestation, through a free and facilitated procedure. The revocation of your consent does not affect the legality of processing carried out until the moment of revocation or affect our right to continue with our collection, use, or disclosure of your personal data when such collection, use, or disclosure of personal data is permitted by applicable laws without consent.

Review: right to review decisions made solely based on automated processing of personal data that affect your interests, including decisions intended to define your personal, professional, consumption, and credit profile or aspects of your personality.

Petition: right to petition regarding your data against the controller before the National Data Protection Authority.

We will do our best to resolve any complaint. However, if you believe we have not resolved your complaint, you may complain to the National Data Protection Agency.

Confirmation of existence or access to personal data will be provided within fifteen days of your request. We will respond to other requests within the legally required timeframes and/or within the timeframes that will be informed to you at the time of your request, as applicable. If we need more time to respond, we will inform you in writing of the reason and the time required.

Please note that these rights are exclusive to personal data processed under the LGPD.

Contact

If you have any questions about the Dentsu Global People Privacy Notice or this Privacy Policy for Dentsu Brasil Employees, about our data processing practices, or if you wish to exercise any of the rights, please contact our Data Protection Officer for Brazil by email: brasil.dpo@dentsu.com.br

Data Protection Officer: FAS ADVOGADOS IN COOPERATION WITH CMS

Responsible: Danilo Roque

Other Information

To learn more about any processing of personal data for background checks, see our Internal Policy on Criminal Background Verification and Credit Records - Brazil.

To learn more about monitoring of accounts, networks, and equipment provided by Dentsu for professional purposes, see our Group Acceptable Use Policy.

Declaração de Privacidade para Colaboradores da Dentsu Brasil

Última Atualização: 02/20/2026

Adicionalmente às condições prevista na People Privacy Notice Global da Dentsu, a presente Declaração de Privacidade para Colaboradores da Dentsu Brasil se aplica especificamente aos dados pessoais coletados e/ou tratados pela Dentsu no Brasil na fase de recrutamento e seleção, durante a prestação de serviços (por empregados ou prestadores de serviços) e após o término do relacionamento com a Dentsu Brasil.

Informações adicionais sobre a forma como a Dentsu realiza o tratamento dos seus dados pessoais no Brasil podem ser comunicadas diretamente a você, localmente, em casos específicos.

Glossário

Além dos termos definidos na People Privacy Notice Global da Dentsu, as seguintes definições são aplicáveis a essa Declaração de Privacidade para Colaboradores da Dentsu Brasil:

Dados pessoais significa qualquer informação relacionada a você ou que permita a sua identificação.

Dados pessoais sensíveis significa quaisquer dados pessoais relativos à origem racial ou étnica, crença religiosa, opinião política, filiação sindical ou religiosa, filiação em organizações filosóficas ou políticas, dados relativos à saúde ou vida sexual, dados genéticos ou biométricos, quando relacionados a uma pessoa natural.

Dados anonimizados significa quaisquer dados pessoais relacionados a um indivíduo que não pode ser identificado, considerando o uso de meios técnicos razoáveis e disponíveis no momento do processamento para tornar os dados anônimos.

LGPD significa a Lei Geral de Proteção de Dados (Lei nº 13.709/2018), que regulamenta o tratamento de dados pessoais no Brasil, e se aplica aos tratamentos realizados no Brasil, tratamentos que sejam relacionados a oferta ou o fornecimento de bens ou serviços no Brasil, tratamento de dados de indivíduos localizados no Brasil e dados pessoais que tenham sido coletados no Brasil.

Transferência internacional significa o envio de informações pessoais para fora do território brasileiro (por exemplo, armazenando-as em equipamentos localizados fora do território brasileiro) ou permitindo que alguém de fora do território do Brasil acesse essas informações.

Quais dados pessoais coletamos e como os utilizamos?

Os dados pessoais que coletamos sobre você variam de acordo com a sua situação, a sua função e o fato de você ser um potencial, atual ou antigo colaborador ou prestador de serviços. Mais adiante você encontrará informações sobre quais dados pessoais e as finalidades do tratamento dos seus dados com a indicação das bases legais aplicáveis ao Brasil.

RECRUTAMENTO

Precisaremos tratar os dados pessoais de todos os potenciais colaboradores a partir do momento em que você se tornar um candidato a uma vaga. Isso nos permite avaliar sua adequação para a vaga e para nossa empresa. Os tipos de tratamento são os seguintes:

Finalidade	Detalhamento	Base legal
Avaliar a adequação para o cargo.	Usaremos seus dados pessoais para avaliar sua adequação para o cargo, permitir a pré-seleção, preparar entrevistas e avaliações necessárias, e entrar em contato para organizar, conduzir, avaliar e dar feedback sobre avaliações e entrevistas e, quando bem-sucedido, para fazer uma oferta/fornecer um acordo/contrato de trabalho. Isso se aplica a todos os candidatos  e vale se você já fez uma solicitação diretamente para nós, foi adicionado como prospect, por meio de uma agência ou qualquer outro terceirizado. Para esse fim, coletaremos: Dados de contato e outras informações para confirmar sua identidade. Isso inclui seu nome, gênero, endereço, telefone, data de nascimento e endereço de e-mail; Informações sobre seu histórico de emprego e habilidades. Isso inclui seu currículo, formulários de inscrição, referências, registros de qualificações, habilidades, treinamento e outros requisitos de conformidade. Isso também pode incluir registros de quando você nos contata, e-mails,  webchats e conversas telefônicas; e Informações geradas por nós e por você, por meio de uma combinação de atividades de recrutamento para avaliar melhor a adequação para o(s) cargo(s), como entrevistas, centros de avaliação, avaliações/testes (testes de capacidade cognitiva, testes de habilidades, testes de personalidade, simulações de emprego, testes psicométricos, etc). Por exemplo, você pode fazer uma prova escrita ou podemos fazer anotações de entrevista. Ao trabalhar na Dentsu, também usaremos seus dados pessoais para avaliar sua adequação para outras vagas às quais você possa se candidatar ou projetos que possam ser designados a você.	Legítimo Interesse
Administração dos candidatos	Realizaremos verificações de antecedentes (quando permitido por lei), utilizando recursos internos ou terceiros aprovados, para estabelecer a elegibilidade ao trabalho e outras verificações de antecedentes que estejam proporcionais aos riscos e responsabilidades de cada cargo, como antecedentes criminais, sanções financeiras, etc., além de referências de acompanhamento fornecidas a nós e a possíveis outras fontes, quando necessário. Vamos tratar e registrar os dados pessoais de qualquer pessoa que tenha um emprego na Dentsu, mesmo que não apareça no primeiro dia.	Legítimo Interesse Execução de Contrato Obrigação Legal
Banco de Talentos	Se você não for bem-sucedido após a avaliação para a vaga ou for um prospect, manteremos seus dados em nosso banco de talentos por um período razoável, para que possamos entrar em contato caso surjam novas vagas adequadas. Se você deseja que excluamos esses dados, entre em contato com o Encarregado. Os candidatos também podem solicitar a exclusão de todos os dados mantidos em nosso sistema de RH no login da inscrição.	Legítimo Interesse Consentimento
Ajustes razoáveis	Quando aplicável, faremos ajustes razoáveis no processo de recrutamento com base nos requisitos de acessibilidade que você nos informa ou que tomamos conhecimento. Para esse fim, podemos, dependendo das circunstâncias, coletar informações sobre você para nos ajudar a avaliar ajustes que precisam ser feitos ou restrições de trabalho que possam se aplicar. Isso pode incluir sua nacionalidade, idioma preferido e detalhes sobre quaisquer requisitos de acessibilidade.	Legítimo Interesse Obrigação Legal
Monitoramento de igualdade de oportunidades	Podemos pedir que você compartilhe informações sobre sua etnia, deficiência, idade, religião/crença, gênero e orientação sexual. Essas informações são usadas para cumprir os requisitos de igualdade e diversidade e para nos ajudar a melhorar nossas práticas de emprego.	Legítimo Interesse Consentimento

TRABALHANDO PARA DENTSU

Utilizaremos seus dados pessoais para os fins do seu contrato conosco, para cumprir obrigações legais, para garantia da prevenção à fraude e à segurança do titular, para exercício regular de direitos ou quando tivermos um interesse legítimo em fazê-lo para gerenciar e proteger nossos negócios. Contaremos com o interesse legítimo da Dentsu, quando este não for superado pelos interesses ou direitos e liberdades fundamentais de nosso pessoal. A tabela abaixo lista as maneiras como fazemos isso.

	1. Para Ajudá-lo em seu papel
Finalidade	Detalhamento		Base Legal
Administração de Colaboradores	Manteremos e processaremos os registros gerais necessários para a gestão dos trabalhadores, para operar o contrato de emprego ou contrato de serviços entre você e a organização Dentsu, e precisaremos alocar e gerenciar suas funções e responsabilidades e as atividades empresariais às quais elas se referem. Dependendo de onde você está baseado, podemos processar e registrar seus dados pessoais para fins que incluem, mas não se limitam a: Coleta de informações para facilitar sua integração na organização. Por exemplo, ao receber equipamentos de TI e configurar seus sistemas ou enviar itens para seu endereço residencial caso você trabalhe remotamente. Facilitar mudanças dentro da empresa em caso de mudanças no seu cargo, localização ou gestor. Caso você se mude para outro local, existem processos de suporte com solicitações de visto, impostos e assistência para realocação. Realizando pesquisas para colaboradores, novos ou de pessoas que saíram. Podemos precisar responder a pedidos de referência feitos para você, por exemplo, por novos empregadores, etc. Para alguns pedidos de licença, precisaremos de informações que indiquem tempo para que possamos aprovar, aplicar políticas corretas e redistribuir a carga de trabalho conforme necessário. Em certos locais e para algumas funções, as horas extras precisarão ser acompanhadas. Quando solicitado, precisaremos processar as informações necessárias para ajudar você a participar de atividades e programas para os quais você é elegível. Em algumas unidades Dentsu, temos grupos de representação da força de trabalho que precisam ser informados quando os trabalhadores entram ou saem da empresa.		Legítimo Interesse Execução de Contrato Obrigação Legal
Administração de remuneração e benefícios	Isso envolve fornecer e administrar remuneração, benefícios (como seguros, apólices para beneficiar sua saúde e bem-estar, etc.) e esquemas de reconhecimento/incentivos. Isso pode envolver que repassemos dados pessoais apropriados para os fornecedores terceirizados relevantes para que possam entrar em contato com você, ou você pode se registrar diretamente com eles. Também forneceremos os detalhes de quaisquer beneficiários que você indicar em caso de falecimento ou outros benefícios ao terceiro relevante. Podemos usar fornecedores terceirizados para benefícios e sistemas de reconhecimento, e garantiremos que seguimos os requisitos da lei e que seus dados pessoais sejam devidamente protegidos por eles. Implementaremos processos de benchmarking salarial e relatórios conforme exigido por lei, garantindo que estamos recompensando nossos colaboradores adequadamente com igualdade salarial. Processaremos dados pessoais relacionadas a prêmios para colaboradores, esquemas de reconhecimento e incentivos para recompensar o bom desempenho. Podemos entrar em contato com você ou enviar presentes em ocasiões especiais, como seu aniversário, e para reconhecer marcos de 'tempo de serviço' que funcionam para nós. Faremos isso usando qualquer dado pessoal que você nos fornece (seja em um HRIS ou, de forma mais geral), mas você sempre pode pedir para que isso não aconteça entrando em contato com seu Líder ou abrindo um caso pelo Ask People Services.		Legítimo Interesse Execução de Contrato Obrigação Legal
Realizar revisões e determinar os requisitos de desempenho.	Quando aplicável, podemos precisar realizar revisões para avaliar ou investigar desempenho, capacidade, conduta, ausência ou reclamação, além de outros processos informais e formais de RH ou Jurídicos, para tomar decisões gerenciais relacionadas e qualquer outra exigência do nosso contrato com você. Vamos revisar e acompanhar seu desempenho em intervalos regulares. Seus dados pessoais serão armazenados para acompanhar seu progresso. As formas pelas quais seus dados serão usados podem incluir: Definir objetivos e metas. Acompanhar o progresso em relação às deficiências identificadas com base em planos de ação específicos. Acompanhar suas competências em relação às suas funções atuais e outras. Coletar feedback de gerentes, colegas, subordinados diretos e outros membros da organização. Gerenciar recompensas para colaboradores que cumprem objetivos/tarefas.		Legítimo Interesse Execução de Contrato
Processamento de reivindicações relacionadas ao trabalho dos colaboradores	Quando aplicável, precisaremos processar qualquer reivindicação feita por você ou envolvendo você quando uma das partes estiver buscando compensação em casos de doença ou lesão.		Legítimo Interesse Exercício Regular de Direitos
Gestão de folha de pagamento	Isso envolve fornecer e administrar a folha de pagamento, incluindo deduções e contribuições fiscais e de seguridade social, além de quaisquer outras deduções exigidas por lei ou por seu contrato. Frequentemente utilizamos fornecedores terceirizados para benefícios e sistemas de reconhecimento, e garantiremos que seguimos os requisitos da lei e que seus dados pessoais sejam protegidas pelas medidas técnicas e organizacionais adequadas.		Legítimo Interesse Execução de Contrato Obrigação Legal
Gestão de despesas	Isso envolve reembolsar despesas quando você já pagou por algo considerado um custo real do negócio ou fornecer acesso a cartões de crédito corporativos. Frequentemente utilizamos fornecedores terceirizados para sistemas de despesas e esquemas de cartão de crédito, garantiremos que seguimos os requisitos da lei e que suas informações pessoais estejam protegidas pelas medidas técnicas e organizacionais adequadas.		Legítimo Interesse Execução de Contrato

	2. Garantir nosso sucesso como empresa
Finalidades	Detalhamentos	Base Legal
Operações diárias dos negócios	Trataremos seus dados pessoais devido às suas atividades diárias em seu papel conosco na Dentsu. O tipo de dados pessoais tratados dependerá da natureza do seu cargo, mas pode incluir: Fazer parte de listas de distribuição de e-mails internas em grupo/'todo o escritório'; Ter a capacidade de acessar registros de negócios da equipe, como e-mail, Office 365, Teams e OneDrive; Gestão do tempo e agendamento da equipe, incluindo registro de folhas de ponto; Compartilhar informações de contato com clientes, inclusive para apresentações; Reserva e faturamento de serviços; Convidando e confirmando sua presença em eventos internos e externos Dentsu; Fornecimento de conhecimento para um sistema central de gerenciamento de serviços (por exemplo, ServiceNow) e resposta a tempos de inatividade do serviço; Registrar tickets de TI Service Desk com provedores internos de sistema, o que inclui suporte para: (i) permitir que suporte de TI interno ou externo opere remotamente ou repare fisicamente sistemas de equipe conforme necessário para corrigir/gerenciar solicitações feitas por você (somente quando você concedeu acesso via compartilhamento de tela ou câmera); e, (ii) fornecimento de chatbot de balcão de serviço de IA para auxiliar na triagem dos chamados de serviço; Acompanhando o uso da intranet. Você estará disponível para pesquisar na intranet; e informações aparecerão nas páginas onde você produziu o conteúdo; Sistemas de reservas para salas de reunião e mesas.	Legítimo Interesse Execução de Contrato
Gestão e planejamento empresarial	Seus dados pessoais podem ser armazenados para permitir que a Dentsu gerencie suas operações comerciais e planeje adequadamente para o futuro. Isso incluirá planejamento de recursos, planejamento de projetos, gestão de custos de equipe, alocação de recursos, análise de lucratividade do cliente e conformidade com folhas de ponto. Os gestores são obrigados a avaliar seus subordinados diretos para analisar o Nível Potencial, o Risco de Retenção e Impacto da Perda. Suas informações serão processadas para isso de forma contínua.	Legítimo Interesse
Contabilidade e auditoria	Isso inclui gerenciar previsões, gerenciamento de orçamento/contas e planejamento para o futuro. De tempos em tempos, divulgaremos seus dados pessoais a provedores de serviços terceirizados (por exemplo, Microsoft Dynamics 365) para auxiliar em nossos processos contábeis e de auditoria.	Legítimo Interesse Execução de Contrato
Prevenção e detecção de crimes	Utilizamos suas informações para prevenir e detectar atividades ilegais, incluindo direitos de acesso de TI e edifícios, monitoramento de segurança, uso de CCTV, detecção de fraudes e medidas de prevenção.	Legítimo Interesse Garantia da prevenção à fraude e à segurança do titular
Segurança de rede e da informação	Temos sistemas para impedir o acesso não autorizado aos nossos computadores e sistemas de comunicação eletrônica, além de impedir a distribuição de softwares maliciosos. Seus dados pessoais são processados por vários motivos, incluindo autenticação de usuários legítimos, contato com você em caso de incidente, treinamento e testes em conscientização sobre phishing, configuração de alertas de TI e restrição de onde os dados corporativos podem ser armazenados. Para aumentar ainda mais a segurança, implementamos um navegador corporativo seguro para dispositivos gerenciados pela Dentsu e para aplicativos corporativos da Dentsu em dispositivos pessoais. Este sistema monitora a atividade de navegação dos usuários para proteger contra sites maliciosos, ameaças e malwares, capturando e armazenando todo o tráfego relacionado ao navegador, incluindo (mas não se limitando a) sites visitados, transferências de dados, endereços IP e endereços de e-mail dentsu. Também implantamos ferramentas que capturam e processam dados sobre a confiabilidade de dispositivos e sistemas Dentsu e para identificar questões que exigem diagnósticos adicionais, monitorando diversos parâmetros técnicos dos dispositivos dos usuários finais, com o objetivo de realizar análises sobre o desempenho dos dispositivos em tempo real. Por favor, note: Este sistema não vai: monitorar outros navegadores no seu dispositivo pessoal (por exemplo, Chrome, Edge, Safari etc); Os únicos dados que coletaremos referem-se a interações com aplicações corporativas. Colete quaisquer entradas ou cliques realizados por você em um site, incluindo preencher formulários, responder perguntas ou atualizar detalhes. Coletamos apenas a URL completa. Processe, correlacione ou compartilhe qualquer informação coletada, a menos que isso desencadeie um evento de segurança.	Legítimo Interesse Execução de Contrato Garantia da prevenção à fraude e à segurança do titular,
Apoie a administração interna com nossos afiliados	Isso pode incluir planejamento, due diligence e implementação em relação a uma transação comercial ou transferência de serviço que impacte seu relacionamento com a Dentsu. Por exemplo, fusões e aquisições ou uma transferência do seu emprego sob as regras de transferência automática.	Legítimo Interesse
Análise e relatórios de dados	Fazemos isso para revisar e compreender melhor as taxas de retenção e desistência de funcionários, além de entender o sucesso dos nossos sistemas/programas. Isso ajuda a informar nossas decisões empresariais e frequentemente contamos com a assistência de terceiros para isso. Suas informações podem ser coletadas para documentação operacional e de relatórios empresariais, como a preparação de relatórios anuais, que podem usar imagens e gráficos fotográficos, além de questionários de engajamento da equipe ou benchmarks. Seus dados, se usados, normalmente serão anonimizados para que você não seja identificado pessoalmente. Também executaremos mineração de dados para avaliar o sucesso de nossos sistemas e analisar como podemos ajudar você a trabalhar de forma mais eficiente.	Legítimo Interesse

	3. Para nos manter em conformidade
Finalidades	Detalhamentos	Base Legal
Conformidade com a legislação aplicável	Somos obrigados a monitorar e documentar a atividade conforme necessário para demonstrar conformidade legal. Isso inclui registros de conflito de interesses, presentes e hospitalidade, relatórios antisuborno e corrupção, além de treinamento obrigatório em conformidade. Isso também inclui nossas obrigações em relação à legislação de licença-maternidade ou parentalidade, legislação sobre tempo de trabalho e saúde e segurança, regras tributárias, requisitos de consulta com trabalhadores, outras leis e regulamentos trabalhistas aos quais a Dentsu está sujeita. Os dados pessoais também são mantidos, permitindo que processemos solicitações de direitos que os colaboradores possam ter durante ou após seu emprego na Dentsu. Ocasionalmente, precisaremos cumprir solicitações legais de autoridades públicas (incluindo, sem limitação, para atender a requisitos de segurança nacional ou aplicação da lei), solicitações de descoberta ou, quando exigidas ou permitidas por leis aplicáveis, ordens judiciais, regulamentos governamentais ou autoridades regulatórias (incluindo, sem limitação, proteção de dados, impostos e emprego), seja dentro ou fora do seu país.	Obrigações Legais Legítimo Interesse Exercício Regular de Direitos
Monitoramento de igualdade de oportunidades	Também precisaremos coletar informações como etnia, deficiência, idade, religião/crença, gênero e orientação sexual para cumprir os requisitos de igualdade e diversidade e ajudar a melhorar as práticas de emprego da empresa. Realizamos iniciativas de D&I e impacto social e pedimos a todos os funcionários que assinem um compromisso de DEI, para o qual seus dados pessoais serão tratados.	Legítimo Interesse Consentimento
Requisitos de educação, treinamento e desenvolvimento	Ao longo do seu emprego na Dentsu, você passará por diversos programas de treinamento para aprimorar suas habilidades e para cumprir os requisitos obrigatórios de conformidade. Isso depende do seu cargo e de onde você trabalha, mas pode incluir: Cursos obrigatórios de Proteção de Dados, Ética e Conformidade, Propriedade Intelectual, Código de Conduta e Segurança em e-learning. A conclusão desses cursos de treinamento pelos colaboradores é registrada e armazenada. Cursos de treinamento adicionais obrigatórios podem ser adicionados, e a conclusão é necessária, com base nos requisitos de mercado e globais. Treinadores externos ocasionalmente conduzem as sessões. Os dados pessoais básicos serão compartilhadas com esses treinadores. Em certos mercados, oferecemos um programa de mentoria para auxiliar na progressão e aprendizado do mentorado. Os dados de participação são monitorados, e os dados do perfil dos colaboradores podem ser usados para selecionar correspondências apropriadas para mentores/mentorados. As plataformas de aprendizagem disponíveis acompanharão a utilização do conteúdo de aprendizagem, as notas das avaliações, o acesso à plataforma, a conclusão do aprendizado e a participação em programas de aprendizagem ao vivo.	Legítimo Interesse Execução de Contrato
Cumprimento das obrigações de saúde e segurança	Isso incluirá a necessidade de processar informações sobre ausência ou (quando exigido ou permitido pela lei aplicável) informações médicas relacionadas à saúde física ou mental ou condição para: avaliar a elegibilidade para remuneração ou benefícios relacionados à incapacidade ou incapacidade permanente; determinar aptidão para o trabalho; facilitar o retorno ao trabalho; fazer ajustes ou adaptações em funções ou no local de trabalho; e tomar decisões de gestão sobre emprego ou engajamento, ou continuidade do emprego ou engajamento, ou realocação, e conduzir processos relacionados. Isso inclui oferecer suporte em lesões relacionadas ao trabalho, doenças, gestão da sua saúde e segurança, fornecer qualquer suporte de acessibilidade que você possa precisar (incluindo quando você nos informar em sua declaração de saúde ao se juntar a nós e conforme atualizado por você quando apropriado) e entrar em contato com seu contato de emergência caso precise. Isso pode incluir que faremos uma indicação ao serviço de saúde ocupacional e auxiliá-lo com pedidos de aposentadoria por doença. Qualquer membro da equipe que precise de assistência para sair do prédio em caso de emergência terá suas informações fornecidas aos bombeiros por meio de Planos Pessoais de Evacuação de Emergência (PEEPS). Esses bombeiros e quaisquer socorristas também terão suas informações armazenadas nos sistemas da empresa, incluindo o treinamento recebido. Em alguns locais Dentsu, realizaremos a Avaliação de Equipamentos de Tela de Exibição (DSE) e a Avaliação da Mãe Grávida (NEM) para garantir que as estações de trabalho sejam adequadas para todos os funcionários. Também somos obrigados por lei a registrar detalhes de qualquer acidente que ocorra no local de trabalho.	Obrigação Legal Legítimo Interesse Execução de Contrato Exercício Regular de Direitos
Continuidade dos negócios	Podemos entrar em contato com você em caso de emergência ou ameaça potencial a você ou ao nosso negócio, como um desastre natural ou ataque cibernético. Essas emergências ou desastres podem incluir um incêndio ou qualquer outro caso em que o negócio não possa ocorrer em condições normais. Para garantir que você seja informado prontamente sobre esses eventos, podemos usar quaisquer dados pessoais que você nos forneça (seja em um HRIS ou, de forma mais geral), que podem incluir seus dados de contato privados, por exemplo, número de telefone ou e-mail privado. A seguir estão os cenários em escopo: Clima severo Incidentes de Serviço de Emergência/Segurança Emergências de saúde Segurança Cibernética Falhas tecnológicas significativas	Legítimo Interesse

	4. Para Resolver Disputas
Finalidades	Detalhamentos	Base Legal
Coletando provas para ação disciplinar ou demissão.	Às vezes, podemos precisar coletar dados pessoais relacionados a quaisquer alegações, reclamações, investigações e processos disciplinares que ocorram durante seu tempo de trabalho na Dentsu, seja qual for seu papel no processo. Isso pode incluir denúncias de colaboradores, podendo ser  tratadas por serviços terceirizados. As provas em todos os casos precisarão ser reunidas e registradas durante a duração de qualquer investigação. Também podemos precisar gerenciar processos judiciais em nome da Dentsu. Seus dados podem ser tratados quando necessário.	Legítimo Interesse Obrigação Legal Exercício Regular de Direitos
Monitoramento das comunicações no trabalho	De acordo com as leis relevantes, reservamo-nos o direito de monitorar e escanear comunicações eletrônicas enviadas usando as contas, rede e equipamentos que fornecemos para fins de trabalho. Isso é para garantir que os recursos de TI da Dentsu estejam sendo usados em conformidade com a lei e estejam alinhados com as políticas da Dentsu. Você pode aprender mais sobre como usar os recursos de TI da Dentsu em nossa Política de Uso Aceitável na Neon.	Legítimo Interesse Execução de Contrato

DEIXANDO A DENTSU

Após encerrar seu cargo conosco, talvez precisemos reter suas informações pessoais para cumprir certas obrigações contratuais, comerciais ou legais, para o exercício regular de direitos ou nossos interesses legítimos para os seguintes fins:

Finalidades	Detalhamento	Base Legal
Administração de colaboradores	Quando você sai da Dentsu, executamos certos processos envolvendo seus dados pessoais para entender por que você nos deixou, para ajudar a administrar nosso negócio ou para apoiar uma obrigação legal que temos. Quando você sair, podemos realizar uma entrevista de saída e pedir que participe de uma pesquisa para quem sai. Seus dados serão usados quando estivermos nos preparando para sua partida, por exemplo, quando você estiver devolvendo equipamentos de TI ou cartões de crédito corporativos. Isso pode envolver o uso do seu endereço residencial caso você trabalhe remotamente. Também reteremos informações para gerenciar e administrar sua previdência e outras obrigações legais relacionadas.	Legítimo Interesse Execução de Contrato Obrigação Legal
Processamento de reivindicações relacionadas ao trabalho dos colaboradores	Às vezes, precisamos lidar com reivindicações ou disputas envolvendo você ou outros. Isso pode incluir um acidente no trabalho. Fazemos isso porque temos a obrigação legal de fornecer a informação, ou é do nosso interesse apresentar ou defender uma reclamação.	Obrigação Legal Exercício Regular de Direitos
Gestão e planejamento empresarial	Após sua saída, reteremos certas informações para entender e comprovar a tomada de decisões em seu papel e manter o conhecimento dentro do negócio; por exemplo, isso pode incluir suas notas de transferência ou e-mails que você enviou. Fazemos isso porque é do nosso interesse usar essas informações para ajudar a administrar nosso negócio, ou pode ser para apoiar uma obrigação legal que temos. Também podemos perguntar se você gostaria de participar do nosso programa de marketing para ex-alunos, onde você pode receber comunicações sobre a dentsu e informações sobre novas vagas de emprego.	Legítimo Interesse Execução de Contrato
Conformidade com a legislação aplicável	Quando necessário, podemos precisar usar suas informações pessoais para cumprir nossas obrigações com terceiros relacionadas ao seu emprego, como autoridades fiscais e órgãos profissionais.	Obrigação Legal Legítimo Interesse
Monitoramento de igualdade de oportunidades	Quando exigido ou permitido pela lei aplicável, realizamos programas de monitoramento para garantir igualdade de oportunidades e diversidade em relação às características pessoais protegidas pelas leis locais antidiscriminação.	Legítimo Interesse Consentimento

Transferência Internacional de Dados

A Dentsu é um grupo de mídia com operação global, composto por várias empresas. Algumas de nossas empresas do grupo estão localizadas fora do Brasil. Para assegurar a eficácia e a eficiência dos seus serviços e da comunicação dentro do grupo, seus dados pessoais podem ser compartilhados com outras entidades Dentsu localizadas em outros páíses. Nesses casos haverá uma transferência internacional de dados.

Também podemos compartilhar seus dados pessoais com fornecedores estrangeiros e armazenar seus dados pessoais em servidores localizados fora do Brasil, incluindo, mas não se restringindo, a terceiros fornecedores, servidores de computação em nuvem, consultores externos, seguradoras, clientes e autoridades públicas.

Ao transferir os seus dados pessoais para fora do Brasil nos certificaremos de que existem níveis adequados de segurança e utilizaremos um dos mecanismos de transferências previstos na LGPD.

Você pode solicitar mais informações sobre como fazemos essas transferências através do canal de contato indicado nessa Declaração de Privacidade para Colaboradores da Dentsu Brasil.

Por quanto tempo mantemos os seus dados pessoais?

Mantemos seus dados pessoais pelo tempo necessário para cumprir com as finalidades para as quais foram coletados.

Se você for colaborador ou ex-colaborador da Dentsu, seus dados pessoais serão mantidos pelo período de seu contrato de emprego ou de prestação de serviços somado ao prazo de retenção e/ou de prescrição legal e/ou regulatória aplicável após o término do período de emprego ou contrato.

Se você for um candidato, seus dados pessoais serão mantidos pelo período em que você estiver participando de um processo seletivo. Se, na sequência da avaliação, a sua candidatura ao cargo pretendido não for bem-sucedida, conservaremos os seus dados pessoais no nosso banco de talentos durante um período de seis meses, para que possamos contatá-lo, caso surjam, posteriormente, outras vagas que possam se adequar ao seu perfil. Se você não desejar fazer parte do nosso banco de talentos, poderá nos solicitar a sua exclusão no nosso canal de contato indicado nessa Declaração de Privacidade para Colaboradores da Dentsu Brasil.

Após o término das finalidades para os quais os seus dados pessoais foram coletados, eles serão excluídos ou anonimizados de forma que você não possa ser identificado e eles não possam mais ser associados a você.

Os seus direitos

Especificamente no Brasil você possui os seguintes direitos em relação aos seus dados pessoais:

Confirmação: direito a ser informado sobre a existência de tratamento de dados.
Acesso: direito de solicitar o acesso aos seus dados pessoais, incluindo uma descrição e cópia dos seus dados pessoais e a razão pela qual estamos realizando o tratamento desses dados, a menos que uma exceção legal se aplique.
Correção: direito de solicitar a alteração dos dados quando estiverem incompletos, inexatos ou desatualizados.
Restrição: direito de se opor ou solicitar a anonimização, o bloqueio ou a eliminação de dados desnecessários, excessivos ou tratados em desconformidade com a legislação de proteção de dados pessoais.
Portabilidade: direito de solicitar a transmissão dos dados tratados para você ou terceiro, incluindo outro fornecedor de serviços, em um formato estruturado, comumente usado e legível por máquina. Este direito se aplica apenas aos dados pessoais que você nos forneceu.
Eliminação: direito de solicitar a eliminação de dados pessoais tratados com base no seu consentimento. Observe que podemos ser obrigados a reter certos dados pessoais por lei e/ou para nossos próprios fins comerciais legítimos, mas quando o fizermos, informaremos você.
Informação: direito de ser informado sobre as entidades públicas e privadas com as quais seus dados foram compartilhados e sobre a possibilidade de não fornecer o consentimento e as consequências desta negativa.
Revogação do consentimento: direito de revogar o consentimento, quando o tratamento depender o seu consentimento, a qualquer momento, através de manifestação expressa, por procedimento gratuito e facilitado. A revogação do seu consentimento não afeta a legalidade de tratamentos realizados até o momento da revogação ou afetará nosso direito de continuar com nossa coleta, uso ou divulgação de seus dados pessoais quando tal coleta, uso ou divulgação de dados pessoais for permitido pelas leis aplicáveis sem consentimento.
Revisão:  direito de revisão de decisões tomadas unicamente com base em tratamento automatizado de dados pessoais que afetem seus interesses, incluídas as decisões destinadas a definir o seu perfil pessoal, profissional, de consumo e de crédito ou os aspectos de sua personalidade.
Petição: direito de peticionar em relação aos seus dados contra o controlador perante a Autoridade Nacional de Proteção de Dados. Faremos o nosso melhor para resolver qualquer reclamação. No entanto, se você acha que não resolvemos sua reclamação, você pode reclamar para a Agência Nacional de Proteção de Dados.

A confirmação de existência ou o acesso a dados pessoais serão providenciados em até quinze dias da sua solicitação. Responderemos às demais solicitações dentro dos prazos legais exigidos e/ou nos prazos que serão informados a você no momento da sua solicitação, conforme aplicável. Se precisarmos de mais tempo para responder, informaremos por escrito o motivo e o tempo necessário.

Note que esses direitos são exclusivos para os dados pessoais tratados no âmbito da LGPD.

Contato

Se você tiver alguma dúvida sobre a People Privacy Notice Global da Dentsu ou essa  Política de Privacidade para Colaboradores da Dentsu Brasil, sobre nossas práticas de tratamento de dados ou se desejar exercer algum dos direitos, entre em contato com nosso Encarregado pelo Tratamento de Dados do Brasil pelo e-mail:
brasil.dpo@dentsu.com.br
Encarregado: FAS ADVOGADOS IN COOPERATION WITH CMS
Responsável: Danilo Roque

Outras informações

Para saber mais sobre eventual tratamento de dados pessoais para background checks, veja nossa Política Interna de Verificação de Antecedentes Criminais e Registro de Créditos - Brasil.

Para saber mais sobre o monitoramento de contas, redes e equipamentos fornecidos pela Dentsu para fins profissionais, veja nossa Política de Uso Aceitável do Grupo.

(a) Basis for Processing

In Canada we usually rely on Consent as our lawful basis to process Personal Data. Where this is the case, you will have the ability to withdraw your consent at anytime, subject to legal requirements.

(b) Cross-border transfers

The dentsu entities and other parties with which we share Personal Data, such as service providers, may be located outside of your province or Canada. Your Personal Data may be accessed, stored or processed outside of your province or Canada for the purposes described in this Privacy Notice, and it may be subject to the laws of the other countries or provinces where your data is accessed, stored or processed. We or our service providers may be required to disclose Personal Data to courts, government authorities, regulators or law enforcement in these countries or provinces in accordance with such laws.

(c) Your privacy rights

Canada residents have the following rights in relation to their Personal Data:

• Accessing your Personal Data. We may be required to provide you with information we hold about you upon your request, including a description and copy of the Personal Data and why we are processing it, unless a lawful exception applies. We will require you to prove your identity before providing your Personal Data.
• Requesting correction or updating of your Personal Data. This enables you to have any incomplete or inaccurate Personal Data we hold about you corrected. 
• Withdrawing your consent. Where you have consented to our processing of your Personal Data, you can withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of what we have done with your Personal Data before you withdrew consent or affect our right to continue with our collection, use or disclosure of your Personal Data where such collection, use or disclosure of Personal Data is permitted under applicable laws without consent.
• Challenging compliance. If you think that your Personal Data has not been handled in compliance with the personal information protection laws applicable in your province, you have the right to let us know by contacting us. We will do our best to resolve any concern related to your Personal Data.
• Opting out of marketing. You may choose not to receive marketing communications from us. You can ask us to stop such messages at any time by clicking on the “unsubscribe” link at the bottom of the message.  Please note that even if you choose not to receive marketing communications from us, you still may receive non-marketing communications, such as responses to your inquiries or notices regarding your account or our relationship with you.

 Quebec residents have the following additional rights:

• Requesting erasure (deletion) of your Personal Data.  You may ask us to delete your data if it is out of date, or if you think we no longer require it for the purposes for which it was collected. Note that we may be required to retain certain Personal Data by law and/or for our own legitimate business purposes. But when we do so, we will inform you.
• Requesting the provision of your Personal Data to a third party. You may ask us to provide you or a third party you have chosen with your Personal Data in a structured, commonly used, machine-readable format. This right only applies to Personal Data you have provided to us directly.
• Rights related to automated processing decisions. You have the right to be informed if your Personal Data will be used to make a decision based exclusively on automated processing. If such a decision is made about you, you also have the right to request certain additional information about the decision and the right to request a review of the decision.

All of the above rights can be exercised by contacting us using the contact information under section 9 above / using the following contact information:

Address:
Americas Privacy Office
dentsu
150 E 42nd St, New York, NY 10017, United States

Telephone:
(+1) (877) 570-5939 (U.S. toll-free)

Or by email at: Americas.DPO@dentsu.com

Sensitive Personal Data

“Sensitive Personal Information” refers to the Personal Data that is likely to result in damage to the personal dignity of any natural person or damage to his or her personal or property safety once disclosed or illegally used, including information such as biometric identification, religious belief, specific identity, medical health, financial account and location tracking, as well as the Personal Data of minors under the age of 14.

“Location Data” and “Personal Data relating to your use of our website(s)” mentioned in “Personal Data we may collect” would not be collected under PRC data protection laws. . To the extent required under applicable law, we will obtain your separate consent for, and apply higher protection to, our processing of your sensitive Personal Data.

 Information Sharing and Disclosure

All of your Personal Data (including Sensitive Personal Information) that we collect in Mainland China as set out in the "Personal Data we may collect" above will be stored in Mainland China and, with your separate consent, the following types of Personal Data may be exported out of Mainland China as necessary for business purposes such as set out in Section 2. How we use this Personal Data and in accordance with applicable PRC data protection laws to the following foreign recipients:

 

S/N	Type of Personal Data	Foreign Recipient’s Name	Address	Email
1	As set out in Section 1. Personal Data we may collect	Dentsu International Limited	10 Triton Street, Regent's Place, London, United Kingdom, NW1 3B	dpo@dentsu.com

Although other jurisdictions may not have the same data protection measures as the standards in your country, we will ensure that the foreign recipient protects the Personal Data we transfer to them to a degree no less than that set out in this Privacy Notice. Notwithstanding the above, you may exercise your rights as set out under  “Your rights” in this Privacy Notice.

Additional Requirement

In the event of any merger, acquisition or liquidation, or any other circumstance involving a merger, acquisition or liquidation of dentsu, dentsu will inform you of the name and contact information of the recipient in case of a transfer of Personal Data. Dentsu will request that the recipient remain bound by this Privacy Notice; otherwise, the recipient will obtain your separate consent. We will ensure that the recipient protects the Personal Data we transfer to them to a degree no less than that set out in this Privacy Notice.

Contact Us

If you have any questions about this Privacy Notice, our approach to privacy or you would like to exercise any of the rights mentioned in this Privacy Notice, you may contact us in any of the following ways:

Address: Building A, Haisu Culture Plaza , No.658 Zhaohua Road, Changning District, Shanghai, China

Telephone: +86 （21）3335 0888

Email: dpo@dentsu.com

Denmark (dentsu)

Local Controller: Dentsu Danmark A/S

Overgaden Neden Vandet 7, 1414 Copenhagen

CVR: 58 22 78 11

Contact us: E-mail: dpo@dentsu.com

Local data protection authority: Datatilsynet

You will find Datatilsynet’s contact information at www.datatilsynet.dk

Der Verantwortliche im Sinne der DSGVO ist:

Carat Deutschland GmbH Speicherstraße 53 60327 Frankfurt am Main

Vetretungsberechtigte Geschäftsführer: Andrea Beninde, Jens Erichsen, Nina Brit Brando, Giulio Malegori

Amtsgericht Frankfurt am Main  HRB 117248 UST-IdNr. DE 813 252 362

Für Fragen zur Verarbeitung Ihrer personenbezogenen Daten durch uns oder zum Thema Datenschutz allgemein wenden Sie sich bitte an datenschutz_germany@dentsuaegis.com.

Impressum

Dentsu Germany GmbH
Speicherstrasse 53
D-60327 Frankfurt am Main
Tel: +49 (0)69 505026-100
Fax: +49 (0)69 505026-500

Authorized managing directors:
Karin Zimmermann, Georg Berzbach, Werner aus den Erlen, Walter Hassler, Giulio Malegori, Nathalie Schubert, Rosemary Alexander, Björn Osterndorff, Robin Jansen

District Court of Frankfurt am Main HRB 117289
VAT ID No. DE 815 235 688

Ι) EDEE/HACA, Hellenic Association of Communications Agencies. EDEE/HACA is the national trade body representing all communications disciplines in Greece: Advertising, Media, PR, Integrated Marketing Communications, Branding & Design. EDEE/HACA is a member of: European Association of Communications Agencies (EACA), International Communications Consultancy Organisation (ICCO), Federation of European Direct & Interactive Marketing (FEDMA), Integrated Marketing Communications Council Europe (IMCCE), (Website: http://www.edee.gr/).

ΙΙ) SEE (Advertising Self-Regulation Council). SEE is the independent national self-regulatory organization of the Greek advertising industry, officially established by law in 2003. Its main goal is the right implementation of the ethical rules of the Greek Code of Advertising and Communications Practices by the industry, to ensure that consumers are protected, and marketing communication maintains its credibility. SEE is a member of the: European Advertising Standards Alliance (EASA), International Council for Ad Self-Regulation (ICAS), Institute of Communication. SEE is fully and legally recognized by the Greek regulators as having the exclusive responsibility for upholding the provisions of the Greek Code of Advertising and Communications Practices and has won EASA’s Bronze Best Practice Award in 2019. SEE’s services include: 1. Receiving and acting on complaints regarding marketing communications, 2. Providing copy advice for unpublished advertising material, 3. Issuing sector/issue based Best Practice Recommendations, 4. Informing companies and consumers about the Advertising Code, 5. Providing training of SEE’s Committee members, 6. Offering educational seminars to companies wishing to learn more about the Code and good advertising practices, (Website http://www.see.gr/). The purpose of the organization is both the suppressive and voluntary control of the content of all forms of commercial communication in order to ascertain consultatively, preventively or repressively compliance with the provisions of the ‘GREEK ADVERTISING – COMMUNICATION CODE’, always within the framework of the applicable Greek legislation. The organization is also responsible for the establishment and proper functioning of the crisis management committees. The Primary Committee (5 members) consists of representatives of EDEE and SDE (Hellenic Advertisers Association). The Secondary Committee (12 members) is complemented by representatives of the Μedia.

III) Hellenic Data Protection Authority (DPA). The Hellenic Data Protection Authority is a constitutionally established independent public authority, which has as its mission the supervision of the application of the General Data Protection Regulation (GDPR), national laws 4624/2019 and 3471/2006, as well as other regulations concerning the protection of the individual from the processing of personal data. The Hellenic DPA is competent to handle complaints and investigate, if deemed necessary in cooperation with supervisory authorities of other EU member states, cases of alleged violations of data protection law. Data Subjects, especially if Greece is their habitual residence or place of work, or the place of the alleged infringement, shall fill in all required fields in the appropriate form depending on the case/subject-matter of the complaint and attach any documents directly linked to the complaint. Data subjects have the right to assign non-profit bodies or organizations or unions or associations that legally operate, have statutory goals of general interest and operate in the field of protection of rights and freedoms of data subjects with regard to data protection, to submit a complaint, to the Hellenic DPA, on their behalf. (Website: https://www.dpa.gr/en/individuals/complaint-to-the-hellenic-dpa/).

Dentsu is represented by dentsu Hungary Kft. in Hungary, contact details:

Address: 1027 Budapest, Kacsa u. 15-23.

Phone number: +36 1 411 2200

Email: privacy.hungary@dentsu.com

Data we collect from other sources:

While we do not actively seek to collect the Personal Data of children or minors (as defined under the applicable law in your jurisdiction), however, if required, we will collect the Personal Data of children or minors based on consent from their parents and/or guardians.

Your Rights:

In addition to the rights listed above, you may also object where your Personal Data is used for automated decisions that result in legal consequences, or have a significant impact on you.

Additional Information:

As a supplement to the policy above, the processing of your Personal Data will be in accordance with Law No. 27 of 2022 concerning Personal Data Protection as may be amended from time to time and other implementing regulations that may be issued by the relevant government authorities from time to time.

This policy is made in the English and the Indonesian languages. In the event of any inconsistency between the English and the Indonesian language versions, then the English language version shall prevail and take precedence.

If you are an Israeli resident, by approving this privacy policy or by using the services on the website you provide consent to the processing of your personal data hereunder.

We note that you are not legally required to provide such consent, but without it, we will not be able to provide the services offered.

Local Controller: dentsu Italy

Italian DPO: Avv. Lapo Curini Galletti 

email: lapo.curinigalletti@dentsu.com

Notis Privasi Dalam Talian

Dentsu ialah sebuah kumpulan pengurusan media, kreatif dan pengalaman pelanggan global yang terdiri daripada pelbagai jenama. Kami membantu klien kami mempertingkatkan cara mereka mengiklan dan memasarkan, sama ada melalui cetakan, pos, e-mel atau dalam dunia digital. Kami percaya bahawa penggunaan data secara bertanggungjawab menyokong pertumbuhan perniagaan dan membina hubungan kukuh antara jenama dan pengguna. Sebagai sebuah perniagaan, kami komited untuk menghormati dan melindungi privasi semua individu yang kami berinteraksi dengannya. Kami juga komited untuk sentiasa bersikap telus dalam pengendalian dan pemprosesan Data Peribadi selaras dengan undang-undang privasi dan perlindungan data yang berkenaan.

Siapakah yang bertanggungjawab terhadap pemprosesan Data Peribadi anda?

Dentsu menjalankan perniagaan melalui anak syarikat dan sekutunya di seluruh dunia. Undang-undang privasi di sesetengah negara mengkehendaki adanya seorang Pengawal Data (iaitu entiti undang-undang yang menentukan tujuan pemprosesan Data Peribadi dan bagaimana maklumat tersebut diproses).

Bagi negara yang mempunyai peruntukan undang-undang sedemikian, syarikat dalam kumpulan dentsu yang bertindak sebagai Pengawal Data anda, dan yang bertanggungjawab terhadap pemprosesan Data Peribadi anda, ialah syarikat dentsu yang beroperasi di negara atau rantau anda, kecuali jika dentsu International atau mana-mana syarikat dentsu lain dikenal pasti secara khusus sebagai Pengawal Data bagi interaksi tertentu dengan anda. Syarikat dentsu yang berkenaan dirujuk dalam notis ini sebagai “kami”, “pihak kami” atau “kita”.

Sekiranya anda mempunyai sebarang pertanyaan atau tidak pasti siapakah Pengawal Data anda, sila rujuk maklumat tambahan yang disediakan untuk pasaran anda di bawah, atau hubungi kami di dpo@dentsu.com. Kami akan memastikan maklumat anda sampai kepada entiti yang betul.

Skop Notis Privasi Ini

Notis privasi ini menerangkan secara terperinci jenis Data Peribadi yang mungkin kami kumpul tentang anda apabila anda berinteraksi dengan kami melalui laman sesawang, pengalaman digital, pengurusan hubungan perniagaan, acara, aktiviti pemasaran B2B atau apabila anda melawat pejabat kami. Dengan menggunakan laman sesawang atau perkhidmatan kami dan memberikan Data Peribadi kepada kami, anda membenarkan pengumpulan, penggunaan dan pendedahan Data Peribadi anda untuk tujuan yang ditetapkan dalam notis privasi ini berdasarkan asas undang-undang yang digariskan di dalamnya.

• Jika anda seorang pekerja dentsu atau pemohon pekerjaan, sila rujuk Notis Privasi Pekerja kami.
• Jika anda menggunakan salah satu produk kami, sila rujuk notis privasi khusus produk tersebut (yang mungkin berbeza antara pasaran).
• Jika anda mencari maklumat mengenai kuki, sila rujuk Notis Kuki kami.

“Data Peribadi” bermaksud sebarang maklumat mengenai keadaan peribadi atau material seseorang individu yang dikenal pasti atau boleh dikenal pasti. Oleh itu, Data Peribadi anda termasuk semua data berkaitan anda yang membolehkan pengenalpastian, seperti nama, alamat, nombor telefon atau alamat e-mel anda.

Pengecualian

Notis Privasi ini tidak meliputi:

• Aktiviti pengiklanan yang kami jalankan untuk klien kami;
• Maklumat mengenai pekerja, kontraktor atau bakal pekerja kami;
• Maklumat mengenai kuki yang kami gunakan dan data yang diperoleh daripadanya;
• Maklumat yang dikumpul melalui produk yang kami sediakan sebagai sebahagian daripada aktiviti pemasaran, pengiklanan atau media (iaitu maklumat yang kami proses sebagai pemproses data ketika melaksanakan aktiviti tersebut bagi pihak klien kami).

Kesemua perkara di atas diliputi oleh notis privasi atau notis kuki yang berasingan, yang boleh didapati melalui laman sesawang pasaran masing-masing.

1. Data Peribadi yang Kami Mungkin Kumpulkan

Kami mungkin memproses Data Peribadi yang anda berikan secara langsung kepada kami, Data Peribadi yang kami kumpul melalui cara automatik, atau Data Peribadi yang kami peroleh daripada sumber lain. Anda tidak diwajibkan untuk memberikan sebarang Data Peribadi; namun, jika anda memilih untuk tidak berbuat demikian, kami mungkin tidak dapat menyediakan produk atau perkhidmatan kepada anda atau memberi respons terhadap permintaan anda.

Secara amnya, kami akan mengumpul Data Peribadi berkaitan anda dan/atau penggunaan perkhidmatan kami dengan cara berikut:

(A) Data Peribadi yang anda berikan kepada kami:

• Data hubungan – Kami mengumpul butiran hubungan apabila anda mendaftar untuk menerima amaran e-mel, menghadiri acara kami, melawat pejabat kami, bekerjasama dengan kami, memuat turun kandungan kami, melanggan surat berita kami, atau meminta kami memberi respons terhadap pertanyaan anda. Data Peribadi yang kami kumpulkan mungkin termasuk nama, alamat e-mel, nombor telefon, jawatan, dan lokasi tempat kerja anda.
• Data pemasaran dan komunikasi – Kami mengumpul Data Peribadi berhubung pilihan anda mengenai penerimaan maklumat pemasaran daripada kami dan keutamaan komunikasi anda (jika dibenarkan di bawah undang-undang privasi yang berkenaan).
• Data lokasi – Kami mungkin meminta anda menyatakan lokasi anda sebagai sebahagian daripada aktiviti pemasaran, atau apabila anda mendaftar acara atau mesyuarat. Perkara ini tidak akan dijejaki melalui peranti anda dan hanya terhad kepada maklumat yang anda kongsikan dengan kami.

(B) Data Peribadi yang kami kumpul melalui cara automatik:

• Data berkaitan penggunaan laman sesawang kami – Kami mengumpul Data Peribadi mengenai bagaimana anda menggunakan laman sesawang kami, termasuk halaman yang anda lawati, perkhidmatan atau maklumat yang anda cari, serta pautan dan kandungan yang anda akses.
• Data pemprofilan – Kami mungkin menggunakan Data Peribadi yang anda sediakan melalui penggunaan laman sesawang kami untuk memberikan kandungan yang relevan dan untuk memaklumkan strategi pemasaran kami. Aktiviti ini kadangkala dikenali sebagai “pemprofilan” – iaitu penggunaan kaedah automatik untuk menganalisis atau meramalkan pilihan, minat atau tingkah laku peribadi anda. Anda boleh membantah pemprofilan (di mana hak ini diiktiraf di bawah undang-undang privasi yang terpakai).
• Data teknikal – Kami mengumpul Data Peribadi mengenai peranti yang anda gunakan untuk mengakses laman sesawang kami serta maklumat berkaitan lain. Anda boleh mendapatkan maklumat lanjut mengenai kuki yang kami gunakan dan tujuan penggunaannya dalam Notis Kuki berasingan kami (boleh diakses di: https://www.dentsu.com/policies/cookies-notice).

(C) Data yang kami kumpul daripada sumber lain:

• Data daripada pihak ketiga – Kami mungkin mengumpul Data Peribadi tentang anda daripada pihak ketiga seperti penyedia analitik, rakan kongsi gabungan dan platform pihak ketiga seperti LinkedIn. Kami juga boleh mengumpul Data Peribadi apabila anda mendaftar dan/atau menghadiri acara yang kami anjurkan atau acara dengan rakan kongsi gabungan rasmi. Kami tidak membeli senarai Data Peribadi.

Kanak-kanak – Kami tidak secara aktif berusaha mengumpul Data Peribadi kanak-kanak atau individu bawah umur (seperti yang ditakrifkan oleh undang-undang berkenaan dalam bidang kuasa anda). Jika anda mempunyai sebarang kebimbangan mengenai privasi anak anda berhubung perkhidmatan kami, atau percaya bahawa anak anda mungkin telah memasukkan Data Peribadi ke laman sesawang kami, sila hubungi kami di dpo@dentsu.com. Kami akan memadamkan Data Peribadi tersebut daripada rekod kami dalam tempoh yang munasabah.

Data Peribadi Sensitif – Kami tidak secara sengaja mengumpul atau meminta Data Peribadi Sensitif sebagai sebahagian daripada aktiviti pemprosesan yang diliputi oleh notis privasi ini.

2. Bagaimana Kami Menggunakan Data Peribadi Ini

Kecuali jika dikehendaki oleh undang-undang, kami menggunakan dan memproses Data Peribadi yang kami kumpul tentang anda untuk tujuan berikut:

• Menjana prospek perniagaan;
• Menghantar surat berita dan maklumat berkaitan jenama serta perkhidmatan kami;
• Menguruskan hubungan kami dengan anda;
• Menyusun dan mengurus lawatan ke pejabat kami;
• Memastikan laman sesawang kami kekal relevan dan berguna;
• Memastikan laman sesawang kami sentiasa selamat;
• Memberi respons kepada pertanyaan dan maklum balas anda;
• Memberi respons serta mengurus permintaan hak subjek data;
• Menganalisis dan/atau menambah baik perkhidmatan kami;
• Mengesahkan identiti dan Data Peribadi anda;
• Menyelenggara dan mengemas kini rekod kami;
• Melindungi serta mempertahankan hak undang-undang kami / memberi respons terhadap aduan; dan
• Memudahkan pengambilalihan serta potensi pengambilalihan perniagaan kami, termasuk aktiviti integrasi perniagaan yang berkaitan.

Di bawah pelbagai undang-undang perlindungan data, kami dikehendaki memaklumkan kepada anda asas undang-undang bagi pemprosesan Data Peribadi anda. Dalam jadual di bawah (rujukan asal), kami menerangkan dengan lebih lanjut tujuan penggunaan Data Peribadi anda dan asas undang-undang yang digunapakai (jika dikehendaki di bawah undang-undang privasi berkenaan). Perlu diingat bahawa kami mungkin memproses Data Peribadi anda berdasarkan asas undang-undang yang berbeza bergantung kepada tujuan tertentu pemprosesan tersebut.

Di pasaran Asia Pasifik, kami lazimnya bergantung kepada persetujuan sebagai asas undang-undang selaras dengan kehendak undang-undang tempatan. Jika ini berlaku, kami akan secara jelas meminta persetujuan anda, dan anda mempunyai hak untuk menarik balik persetujuan anda pada bila-bila masa. Sebagai alternatif, kami mungkin bergantung kepada asas undang-undang lain seperti kepentingan yang sah, atau mana-mana asas undang-undang lain yang dibenarkan di bawah undang-undang privasi berkenaan berhubung aktiviti pemprosesan tertentu.

Aktiviti Pemprosesan	Jenis data yang digunakan	Asas undang-undang (jika berkenaan)
Mengatur dan menjalankan acara: Proses penghantaran jemputan, penerimaan pengesahan kehadiran, serta pengurusan kehadiran dalam acara dentsu.	Data hubungan, data yang kami kumpul daripada pihak lain, data lokasi.	Kepentingan yang sah
Menjana prospek perniagaan: Kami mungkin menggunakan Data Peribadi yang dikumpul daripada pelawat laman sesawang, peserta acara atau hubungan klien untuk mengenal pasti prospek berpotensi.	Data hubungan, data yang kami kumpul daripada pihak lain, Data Peribadi berkaitan penggunaan laman sesawang anda.	Kepentingan yang sah atau persetujuan (jika anda memberikannya secara jelas)
Menghantar surat berita dan maklumat berkaitan jenama dan perkhidmatan kami: Pengedaran kandungan komersial dentsu kepada pelanggan berpotensi, prospek, dan mana-mana individu yang melanggan untuk menerima bahan tersebut.	Data hubungan, data yang kami kumpul daripada pihak ketiga, data lokasi, data pemasaran dan komunikasi.	Persetujuan
Mengurus hubungan dengan anda: Pemprosesan butiran hubungan asas klien dan pembekal bagi tujuan pengurusan hubungan, akaun dan/atau projek.	Data hubungan, data lokasi, data pemasaran dan komunikasi, Data Peribadi teknikal.	Keperluan kontraktual
Mengatur dan mengurus lawatan ke pejabat kami: Proses memastikan rekod yang sesuai bagi semua pelawat ke pejabat, serta sebarang kemalangan atau insiden yang mungkin berlaku.	Data hubungan, data lokasi.	Kepentingan yang sah
Memastikan laman sesawang kekal relevan dan berguna: Kami menjalankan analisis statistik mengenai penggunaan laman sesawang anda (cth. untuk menambah baik laman sesawang, memperkenalkan ciri baharu).	Data Peribadi berkaitan penggunaan laman sesawang, Data Peribadi yang diproses melalui kaedah automatik, Data Peribadi teknikal.	Kepentingan yang sah (untuk mengkaji bagaimana klien menggunakan perkhidmatan dan berinteraksi dengan kandungan kami, membangunkan perkhidmatan, mengembangkan perniagaan, memaklumkan strategi pemasaran) di mana dibenarkan oleh undang-undang privasi yang terpakai
Memastikan laman sesawang sentiasa selamat: Proses melindungi daripada aktiviti berniat jahat dan menyekat capaian yang melanggar polisi. Termasuk penapisan web berasaskan awan dan hujung peranti.	Data Peribadi berkaitan penggunaan laman sesawang, Data Peribadi teknikal.	Kepentingan yang sah
Memberi respons kepada pertanyaan atau maklum balas anda: Memaklumkan anda mengenai sebarang perubahan terma dan syarat/polisi lain.	Semua Data Peribadi yang kami kumpulkan boleh relevan.	Kepentingan yang sah atau Keperluan kontraktual
Memberi respons serta mengurus permintaan hak subjek data: Contohnya permintaan akses data, permintaan pemadaman data, atau permintaan untuk berhenti daripada pemprosesan tertentu, seperti yang diwajibkan oleh undang-undang perlindungan data.	Semua Data Peribadi yang kami kumpulkan boleh relevan.	Kewajipan undang-undang
Menganalisis dan menambah baik perkhidmatan: Pemprosesan ini membolehkan kami menggunakan interaksi anda dengan kami untuk memastikan kami terus menyediakan perkhidmatan terbaik.	Data Peribadi berkaitan penggunaan laman sesawang anda, e-mel, nama, nombor telefon, nama syarikat, jawatan.	Kepentingan yang sah atau persetujuan (jika kuki digunakan)
Menyelenggara dan mengemas kini rekod: Kami perlu memastikan rekod yang dikemas kini untuk beroperasi secara berkesan sebagai sebuah perniagaan.	Data hubungan, data lokasi, data pemasaran dan komunikasi.	Kepentingan yang sah atau kewajipan undang-undang
Melindungi dan mempertahankan hak undang-undang / memberi respons kepada aduan: Termasuk aduan daripada pengawal selia atau individu berhubung amalan perlindungan Data Peribadi dentsu.	Semua Data Peribadi yang kami kumpulkan boleh relevan.	Kewajipan undang-undang atau kepentingan yang sah
Memudahkan pengambilalihan serta potensi pengambilalihan perniagaan kami, termasuk aktiviti integrasi perniagaan yang berkaitan.	Semua Data Peribadi yang kami kumpulkan boleh relevan.	Kepentingan yang sah

3. Tempoh Kami Menyimpan Data Peribadi Anda

Kami akan menyimpan Data Peribadi anda selama yang diperlukan bagi perkhidmatan berkenaan, selaras dengan kewajipan undang-undang kami. Selepas tempoh tersebut, Data Peribadi anda akan dipadamkan dengan selamat atau dianonimkan supaya boleh digunakan untuk tujuan analitik. Anda boleh meminta maklumat lanjut mengenai tempoh penyimpanan kami melalui butiran hubungan yang diberikan dalam notis privasi ini atau meminta agar data anda dipadamkan selaras dengan hak anda seperti yang dinyatakan di bawah.

4. Bagaimana Kami Melindungi Data Peribadi Anda

Kami mengekalkan perlindungan organisasi dan teknologi yang bersesuaian untuk membantu mencegah penggunaan tanpa kebenaran, capaian tidak sah, kehilangan secara tidak sengaja, pengubahan atau pemusnahan Data Peribadi sama ada dalam bentuk fizikal atau elektronik. Kami juga memastikan penyedia perkhidmatan dan/atau pihak ketiga luar yang diluluskan yang menyimpan atau memproses Data Peribadi bagi pihak kami melakukan perkara yang sama. Perlindungan yang digunakan, bergantung pada keadaan, termasuk tembok api (firewalls), ujian pencerobohan (penetration testing), imbasan kerentanan, penyulitan dan capaian terhad kepada sistem IT kami.

5. Perkongsian dan Pendedahan Maklumat

Setiap kali kami berkongsi Data Peribadi, capaian adalah dikawal berdasarkan prinsip “perlu tahu” (need-to-know), dan hanya diberikan jika perlu untuk menyediakan perkhidmatan yang diminta atau bagi membolehkan kami melaksanakan fungsi yang perlu atau sah.

Kami hanya akan memindahkan Data Peribadi anda ke luar pasaran di mana anda berada sekiranya kami berpuas hati bahawa tahap perlindungan yang mencukupi telah disediakan untuk melindungi integriti dan keselamatan mana-mana Data Peribadi yang sedang diproses, serta mematuhi undang-undang privasi dan perlindungan data yang berkenaan. Perkara ini mungkin dicapai melalui kontrak dengan syarikat penerima, atau kerana kami mengetahui bahawa bidang kuasa syarikat penerima tersebut mempunyai undang-undang perlindungan data yang lebih ketat.

Kami mengambil serius perlindungan data dalaman. Pekerja kami dan syarikat penyedia perkhidmatan yang dilantik oleh kami adalah tertakluk kepada kontrak untuk melindungi Data Peribadi dengan kerahsiaan sewajarnya serta mematuhi peraturan perlindungan data.

Maklumat yang dikongsi dengan penyedia perkhidmatan pihak ketiga kami
Kami menggunakan pihak ketiga untuk melaksanakan fungsi perniagaan bagi pihak kami, seperti menghantar surat berita, menghoskan perkhidmatan dalam talian dan pengurusan hubungan pelanggan. Kami hanya akan mendedahkan maklumat yang perlu bagi membolehkan pihak ketiga tersebut menjalankan perkhidmatan mereka. Penyedia perkhidmatan kami tertakluk kepada kontrak untuk mematuhi arahan kami.

Kami juga mungkin berkongsi maklumat dengan pihak ketiga yang membantu kami dalam usaha pemasaran, termasuk platform media sosial, rangkaian pengiklanan dan syarikat teknologi iklan. Contohnya, kami mungkin berkongsi alamat e-mel atau maklumat hubungan lain dengan platform media sosial supaya mereka boleh menyampaikan iklan kami kepada anda di platform mereka. Data Peribadi yang diterima oleh rakan kongsi kami mungkin juga tertakluk kepada dasar privasi mereka sendiri dan alat yang mereka sediakan untuk anda mengurus bagaimana Data Peribadi digunakan untuk tujuan pengiklanan.

Pemindahan dalam kumpulan syarikat
Dentsu International ialah kumpulan media global yang terdiri daripada pelbagai syarikat. Oleh itu, dari semasa ke semasa kami mungkin mendedahkan Data Peribadi anda dalam kumpulan syarikat kami.

Apabila kami memindahkan Data Peribadi di antara syarikat kumpulan, pemindahan tersebut dilindungi melalui Perjanjian Pemindahan Data Intra-Kumpulan. Ini memberikan kami mekanisme untuk memindahkan Data Peribadi secara global apabila perlu.

Kami juga mungkin mendedahkan Data Peribadi kepada mana-mana pengganti perniagaan kami. Sebagai contoh, jika sebahagian daripada perniagaan kami dijual, senarai pelanggan kami boleh dipindahkan sebagai sebahagian daripada transaksi tersebut.

Maklumat yang dikongsi dengan pihak lain
Di mana diperlukan atau dibenarkan oleh undang-undang, Data Peribadi boleh diberikan kepada pihak lain seperti pengawal selia dan agensi penguatkuasaan undang-undang, contohnya sebagai respons terhadap perintah mahkamah, sapina, permintaan agensi penguatkuasaan, atau apabila kami percaya ia perlu untuk menyiasat, mencegah atau mengambil tindakan berhubung aktiviti haram, dan sebagaimana diwajibkan oleh undang-undang.

Anda boleh meminta maklumat lanjut mengenai langkah yang digunakan untuk pemindahan tersebut melalui butiran hubungan yang diberikan dalam Notis Privasi ini.

6. Hak Anda

Bergantung kepada undang-undang privasi yang terpakai di pasaran anda, anda mungkin mempunyai beberapa hak berhubung Data Peribadi anda, termasuk:

• Membantah pemprosesan Data Peribadi anda. Jika kami bergantung pada kepentingan yang sah (atau pihak ketiga), dan anda merasakan ia menjejaskan hak serta kebebasan asas anda, anda boleh membantah. Anda juga mempunyai hak untuk membantah jika Data Peribadi digunakan bagi tujuan pemasaran langsung atau pemprofilan.
• Mengakses Data Peribadi anda. Kami mungkin perlu memberikan maklumat yang kami simpan mengenai anda, termasuk salinan Data Peribadi dan tujuan pemprosesannya, kecuali jika terdapat pengecualian undang-undang. Bukti identiti diperlukan sebelum maklumat diberikan.
• Meminta penyediaan Data Peribadi anda kepada pihak ketiga. Anda boleh meminta kami memberikan Data Peribadi anda kepada anda atau pihak ketiga pilihan anda dalam format berstruktur, biasa digunakan, boleh dibaca mesin – hanya untuk Data Peribadi yang anda berikan kepada kami berdasarkan persetujuan atau kontrak.
• Meminta pemadaman Data Peribadi anda. Anda boleh meminta kami memadamkan data jika anda percaya ia tidak lagi diperlukan. Namun, kami mungkin perlu menyimpan data tertentu kerana undang-undang atau tujuan perniagaan yang sah.
• Meminta pembetulan atau kemas kini Data Peribadi. Hak ini membolehkan anda membetulkan Data Peribadi yang tidak lengkap atau tidak tepat.
• Meminta sekatan pemprosesan Data Peribadi anda. Dalam situasi tertentu, anda boleh meminta agar pemprosesan disekat. Data masih boleh disimpan tetapi tidak diproses semasa sekatan berkuat kuasa.
• Menarik balik persetujuan. Jika anda telah memberi persetujuan, anda boleh menarik balik pada bila-bila masa. Penarikan balik tidak menjejaskan kesahan pemprosesan yang telah berlaku sebelum itu atau hak kami untuk terus memproses di bawah undang-undang tanpa persetujuan.
• Membuat aduan. Jika anda tidak berpuas hati, anda boleh membuat aduan kepada pihak berkuasa perlindungan data tempatan.
• Mengecualikan diri daripada pemasaran. Anda boleh meminta kami menghentikan komunikasi pemasaran pada bila-bila masa melalui pautan “unsubscribe”.

Kami akan memberi respons dalam tempoh masa yang diwajibkan. Permintaan hanya akan dihormati jika identiti anda dapat disahkan.

Nota: Jika anda berada di pasaran yang tidak mengiktiraf hak-hak ini, kami berhak menolak permintaan tersebut.

7. Tanggungjawab Kami terhadap Data Peribadi yang Dikumpul melalui Pautan Laman Sesawang

Notis privasi ini hanya terpakai bagi Data Peribadi yang dikumpulkan oleh kami. Laman sesawang kami mungkin mengandungi pautan ke laman pihak ketiga, termasuk media sosial seperti Facebook, Twitter dan LinkedIn, atau laman entiti dentsu lain. Jika anda mengikuti pautan tersebut, penggunaan anda akan tertakluk kepada notis privasi pihak tersebut. Kami tidak mempunyai kawalan atau tanggungjawab terhadap Data Peribadi yang dikumpul oleh laman sesawang pihak ketiga.

8. Kemas Kini

Notis privasi ini mungkin dikemas kini dari semasa ke semasa bagi mencerminkan perubahan undang-undang, amalan terbaik, perubahan operasi kami, atau perubahan dalam cara kami mengurus Data Peribadi. Tarikh semakan terkini akan dipaparkan di bahagian atas halaman ini. Jika anda tidak bersetuju dengan perubahan tersebut, sila hentikan penggunaan perkhidmatan kami dan elakkan daripada berkongsi Data Peribadi dengan kami.

9. Hubungi Kami

Sekiranya anda mempunyai sebarang soalan mengenai notis privasi ini, pendekatan kami terhadap privasi atau ingin melaksanakan mana-mana hak yang dinyatakan, anda boleh menghubungi Pegawai Perlindungan Data (Data Protection Officer) kami melalui:

1. Alamat: Data Protection Officer, Dentsu International, Regent’s Place, 10 Triton Street, Regent’s Place, London, NW1 3BF
2. E-mel: DPO@dentsu.com
3. Atau menggunakan maklumat Pegawai Perlindungan Data tempatan anda yang disertakan dalam seksyen di bawah.

10. Maklumat Tambahan untuk Pasaran Tertentu

Kami menyediakan maklumat tambahan mengenai Pengawal Data dan Pegawai Perlindungan Data (jika berkenaan), serta dasar privasi, pengumpulan, dan penggunaan Data Peribadi subjek data dentsu yang berada di pasaran tertentu.

If you are a resident of México, in addition to the above, the provisions of this section will apply to you.  The entity responsible for the handling of your data will be dentsu.

In accordance with the Federal Law on Personal Data in Possession of Private Parties (“Data Law”), and the rights disclosed in section 6 “Your rights” you will have the right to access the data we hold and the details of their processing, as well as to rectify them if they are inaccurate or incomplete; cancel them under the terms of the Data Law or oppose the processing of these for specific purposes (ARCO Rights).

To exercise the ARCO Rights, you or your legal representative must make a free writing describing the reason and right you wish to exercise and send it scanned and signed to the Contacts set for in section 9, for attention and follow-up. it is important that you consider the following points when sending or delivering your request:

a) The request must indicate your full name, address and e-mail address in order to be able to communicate the response to your request.

b) Indicate the personal data with respect to which you are seeking to exercise any of the rights.

c) Attach any document or information that facilitates the location of your personal data.

d) Attach a copy of the official document that proves your identity.

e) If the request is processed through a legal representative, include the power of attorney stating the authority granted by you for this procedure, or a power of attorney with the signature of acceptance of the attorney-in-fact, in the presence of two witnesses, including the name, signature, address and a photocopy of the official identification of each of the signatories. In the case of rectification of data, attach the documentation that accredits such modification.

Under the assumptions established in article 34 of the Data Law, we may deny access to personal data, or to rectify or cancel it, or to grant opposition to its processing. Likewise, under the assumptions established in article 26 of the Data Law, we will not be obliged to cancel your personal data. We will respond to your request within a period not exceeding 20 days by the same means by which the request was made, by means of simple copies or electronically, as the case may be. 

In case the request is answered in an affirmative or appropriate manner, the requested changes will be made within a maximum period of 15 business days. In the event that access to your personal data is requested, we will inform you through the email in which we communicate our response to your request, the means by which access to your information will be provided if appropriate. We may extend the deadlines referred to in this paragraph, only once, for a period equal to the original, which will be informed to you.

To revoke your consent to the processing of your personal data, you must submit a request by sending an email to the contact info at section 9. The procedure described in the preceding paragraphs must be followed. 

 Not in all cases we will be able to respond to the request or conclude the processing of personal data immediately, since it is possible that due to some legal obligation we may need to continue processing the personal data. For more information about the exercise of ARCO rights or revocation of consent, please contact us.

 To limit the use or disclosure of your personal data, you must request it through a duly signed request, submitted electronically to us, requesting the limitation of the use or disclosure. However, if you limit the use or disclosure, we may not be able to provide you with the features and benefits to which you would otherwise have access.

Only you, or a person or business entity that you authorize to act on your behalf (an “Authorized Agent”), may make the requests set forth above. You may also make a request on behalf of your minor child.

Netherlands (dentsu)

Local Controller: Dentsu Netherlands BV

Moermanskkade 85, 1013BC Amsterdam, the Netherlands

KvK 33202665

Contact us: E-mail: dpo@dentsu.com

Local data protection authority:

Autoriteit Persoonsgegevens (AP) https://www.autoriteitpersoonsgegevens.nl/

Local data protection authority:

Autoriteit Persoonsgegevens (AP) https://www.autoriteitpersoonsgegevens.nl/

(a) Transfers

Some of our dentsu entities may be subject to privacy laws that do not provide the same level of protection as your local privacy laws. By providing Personal Data to us, you consent to the disclosure of your Personal Data to dentsu entities in such other jurisdictions.

Norway (dentsu)

Local Controller: Dentsu Norge AS

Kristian Augusts gate 23, 0164 Oslo, Norway

Reg. No. 927 445 875

Contact us: E-mail: dpo@dentsu.com

Local data protection authority: Datatilsynet

You will find Datatilsynet’s contact information at www.datatilsynet.no

(a) Your Rights

As a supplement to the rights mentioned above, you have the following rights under the Data Privacy Act of 2012 and its implementing rules and regulations:

(1) Right to Access. You may have the right to reasonable access to, upon demand, the following:

• Contents of your personal information that were processed;
• Sources from which personal information were obtained;
• Names and addresses of recipients of the personal data;
• Manner by which such data were processed;
• Reasons for the disclosure of the personal information to recipients, if any;
• Information on automated processes where the data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect the data subject;
• 
  
• The designation, name or identity, and address of the personal information controller.

(2) Right to Damages. You may have the right to be indemnified for any damages sustained due to such inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data, taking into account any violation of your rights and freedoms as data subject.

(3) Right to Lodge a Complaint. You may also have the right to lodge a complaint before the National Privacy Commission for any violation of your data privacy rights.

Below you will find the additional information required as per applicable data protection legislation.

(a) Items of Personal Information (as defined in the Personal Information Protection Act (PIPA)

(i) We process your personal information with your consent as described below:  

Purpose	Items of Personal Information to be collected	Period of Retention and Use
For the purpose of supporting business operations, including employee payroll, attendance records, bonuses and compensation, provision of gifts, and other tasks necessary for the overall operation of the company.	(Limited to employees) Name, Gender, Age, Educational Background, Department, Position, Title, Details of salary and compensation, Contact information, Training records, Email, Address, Marital status, Residential address, Nationality, Performance evaluation, Promotion, Retirement, Timesheet records, Attendance records	During employment and for three (3) years of termination of employment

(b) Provision of Personal Information to Third Parties

(i) We provide personal information to third parties with your consent as described below:

Recipient’s Name	Recipient’s Purpose of Use	Items of Personal Information to be Provided	Period of Retention and Use by Recipient
Korea Investment & Securities Co., Ltd. (02-3276-5689)	Enrolment, Maintenance, and payment of retirement pension	Name, employee ID, address, contact information, email address, date of hire, department, position, salary, etc.	During employment and for three (3) years of termination of employment
National Tax Service (02-397-1200)	Filing, payment, and deduction of income tax and other taxes; year-end tax settlement under the Income Tax Act	Name, contact information, salary, job category, date of hire/termination, workplace, dependent information	During employment and for five (5) years of termination of employment
National Pension Service (1355)	Enrolment, maintenance, payment, suspension, and withdrawal of National Health Insurance; payment of related premiums	Name, contact information, salary, job category, date of hire/termination, workplace, dependent information	Same as above
Shiftee (02-6261-5319)	Provision of management support services (e.g., HR)	Name, employee ID, address, contact information, email address, date of hire, department, position, attendance records, etc.	During employment and for three (3) years of termination of employment
National Health Insurance Service (1577-1000)	Enrollment, maintenance, payment, suspension, and withdrawal of National Health Insurance; payment of related premiums	Name, contact information, salary, job category, date of hire/termination, workplace, dependent information	Same as above
Korea Workers’ Compensation & Welfare Service (1588-0075)	Enrolment, maintenance, payment, suspension, and withdrawal of Industrial Accident Compensation Insurance; payment of related premiums	Same as above	Same as above
Employment Insurance Center (1588-0075)	Enrolment, maintenance, payment, suspension, and withdrawal of Employment Insurance; payment of related premiums	Name, contact information, salary, job category, date of hire/termination, workplace, dependent information, maternity and childcare leave records and related allowances	Same as above
Dentsu Holdings Korea Co., Ltd. (02-6005-0400)	Provision of management support services (accounting, tax, HR, general affairs, legal, IT, commercial, compliance, etc.)	Name, gender, age, educational background, department, position, title, details of salary and compensation, contact information, training records, email, address, marital status, residential address, nationality, performance evaluation, promotion, retirement, timesheet records, attendance records	Same as above
FirstIn Co., Ltd. (070-7119-8045)	Payroll management and management support services	Name, employee ID, address, contact information, email address, bank account number, date of hire, department, position, salary, dependent information	Same as above
Konkuk University Medical Center (1588-1533)	Provision of comprehensive health check-up services for employees	Name, contact information, gender, date of birth	Same as above
Ministry of Employment and Labor (1350)	Provision of data during workplace inspections and labor supervision	Name, employee ID, department, date of hire/termination, salary details	Same as above
Samjong KPMG (02-2112-0101)	Provision of data requested during regular audits	Name, employee ID, department, date of hire/termination, salary details	Same as above
Dentsu Asia Pacific Pte Ltd.	Provision of management support services (accounting, tax, HR, general affairs, legal, IT, commercial, compliance, etc.)	Name, gender, age, educational background, department, position, title, details of salary and compensation, contact information, training records, email, address, marital status, residential address, nationality, performance evaluation, promotion, retirement, timesheet records, attendance records	Same as above
Carat Media Taiwan Ltd.	Provision of management support services (accounting, tax, HR, general affairs, legal, IT, commercial, compliance, etc.)	Name, gender, age, educational background, department, position, title, details of salary and compensation, contact information, training records, email, address, marital status, residential address, nationality, performance evaluation, promotion, retirement	Same as above
Dentsu International Limited	Fulfillment of contracts with global clients (pitch, commercial, compliance, etc.) and provision of management support services	Name, department, position, title, salary, email, career history, timesheet records	Same as above
ISLAND	Internal secure browser disaster recovery, backup, and support	Name, department, position, title, email, server access records	Platform internal data: 60 days from the date of a security event Security event information: 12 months from the date of a security event Security incident information: 3 years from the date the incident is closed

(c) Delegation of Processing of Personal Information

We delegate the processing of personal information as described below:

Delegatee’s Name	Description of Delegated Services
TICOMMERCE CO., LTD.	Notification of prize winners for client campaigns, prize delivery, and tax payment processing
MOBILE E&M AD	Delivery for client event campaign
ALIGO	Corporate messaging service
O2communications	Prize delivery for client event and services
rootup	Operation and management of client dealer platform
KIJI Communications	Operation of client events and delivery of service prizes
NCreation	Same as above
Bluein marketing	Same as above

(d) Overseas Transfer of Personal Information

We transfer personal information overseas as described below. You may deny such overseas transfer by contacting us at the DataProtection.kr@dentsu.com. However, please note that if you deny such overseas transfer. However, refusal may result in being unable to receive support from the global headquarters.

Legal Basis	Recipient’ Name (Contact Information of Information Manager)	Country to which Personal Information to be Transferred	Date and Method of Transfer	Items of Personal Information to be Transferred	Purposes of Use by Recipients	Period of Retention and Use by Recipient
In accordance with Article 28-8(1)(1) of the Personal Information Protection Act, personal data may be provided to third parties located overseas upon obtaining the consent of employees.	Dentsu Asia Pacific Pte Ltd.	Singapore	Data is transmitted over the network whenever updates occur.	Name, gender, age, educational background, department, position, title, details of salary and compensation, contact information, training records, email, address, marital status, residential address, nationality, performance evaluation, promotion, retirement, timesheet records, attendance records	Provision of management support services (accounting, tax, HR, general affairs, legal, IT, commercial, compliance, etc.)	Same as above
Same as above	Carat Media Taiwan Ltd.	Taiwan	Same as above	Name, gender, age, educational background, department, position, title, details of salary and compensation, contact information, training records, email, address, marital status, residential address, nationality, performance evaluation, promotion, retirement	Provision of management support services (accounting, tax, HR, general affairs, legal, IT, commercial, compliance, etc.)	Same as above
Same as above	Dentsu International Limited	UK	Same as above	Name, department, position, title, salary, email, career history, timesheet records	Fulfillment of contracts with global clients (pitch, commercial, compliance, etc.) and provision of management support services	Same as above
Same as above	ISLAND	Germany	When using the company’s secure browser, data is transmitted via a dedicated network to remote locations.	Name, department, position, title, email, server access records	Internal secure browser disaster recovery, backup, and support	Platform internal data: 60 days from the date of a security event Security event information: 12 months from the date of a security event Security incident information: 3 years from the date the incident is closed

(e) Process and Method of Destruction of Personal Information

Where the purposes for which personal information was collected and used have been fulfilled or the retention period has expired, the personal information will be destroyed in an irreversible way, unless we are required to retain it for a longer period under applicable laws. Furthermore, we will take measures to store such personal information in a separate database or at a different place.

We destroy personal information as described below:

• Procedure: We will identify information for which there is a reason to destroy and destroy such information after receiving approval from our data protection officer.
• Method: Personal information stored in electronic files will be deleted in an irreversible way by using technical methods, and printed information will be destroyed by shredding or incinerating.

(f) Contact us

If you have any questions about this Privacy Notice and/or Addendum, our approach to privacy or you would like to exercise any of the rights mentioned in this Privacy Notice you can contact our Data Protection Officer in any of the following ways:

Name: Kyungjae Yu

Telephone: (+82) (0)2 6005 0500

Email: DataProtection.kr@dentsu.com

In case of inconsistencies between this section and the main Online Privacy Notice, this section shall prevail.

온라인 개인정보 처리방침

덴츠(Dentsu, 이하 ‘당사’)는 여러 브랜드로 이루어진 글로벌 미디어, 크리에이티브, CXM 그룹으로, 다양한 디지털 방식을 통해 고객이 광고 및 마케팅을 할 수 있도록 방안을 제시합니다. 덴츠는 책임있는 데이터 사용이 비즈니스의 성장을 돕고, 브랜드와 소비자 간의 강력한 관계를 구축한다고 믿습니다. 따라서 저희는 비즈니스를 수행함에 있어 당사와 상호작용하는 모든 개인의 개인정보를 존중하고, 보호하는 것을 중요시 여깁니다. 각 국가의 개인정보 보호 및 데이터 보호와 관련한 법을 준수하고, 개인정보를 투명하게 처리 및 관리하기 위해 노력을 기울이고 있습니다.

개인정보 처리 책임자

덴츠는 전 세계에 자회사 및 계열사를 통해 사업을 운영하고 있습니다. 일부 국가에서는 개인정보 보호법에 따라 개인정보 처리 목적과 방법을 결정하는 법적 주체(Controller)의 지정하여야 합니다. 해당 국가의 법이 이를 요구하는 경우, 귀하의 개인정보를 처리하는 주체는 귀하의 국가에서 운영 중인 덴츠가 됩니다. 단, 일부 특정 상황에서는 영국에 주소지를 두고 있는 덴츠 인터내셔널(dentsu international) 혹은 다른 덴츠 그룹사가 지정되는 경우도 있습니다. 본 공지에서 언급되는 ‘당사, 우리, 회사’는 귀하의 개인정보를 처리하는 해당 덴츠 그룹을 의미합니다.

만약 컨트롤러가 누구인지 확실하지 않거나, 이에 대한 문의가 있으신 경우, 아래의 각 국가 별 정보를 참고하시거나, dpo@dentsu.com으로 연락주시기 바랍니다. 귀하의 문의를 확인한 우, 담당자에게 전달될 수 있도록 조치하겠습니다.

본 개인정보 처리방침의 적용 범위

이 개인정보 처리방침은 다음과 같은 상황에서, 귀하가 당사 웹사이트를 이용하거나, 비즈니스 관계에 놓여있거나, 이벤트 및 B2B 마케팅 활동을 하는 등 덴츠와 상호작용할 때에 수집될 수 있는 개인정보의 종류와 그 처리방식에 대해 설명합니다. 당사 웹사이트 혹은 서비스를 이용하고 개인정보를 제공함으로, 귀하는 개인정보 보호 공지에 명시된 목적 및 법적 근거에 따라 귀하의 개인정보가 수집, 이용 및 공개되는 것에 동의하게 됩니다.

• 만약 덴츠 임직원 혹은 입사 지원자라면, 임직원 개인정보 처리방침을 참조하시기 바랍니다 (링크);
• 만약 덴츠의 제품을 이용 중인 경우, 해당 제품 혹은 각 마켓별로 제공되는 개별 개인정보 처리방침을 확인하시기 바랍니다.
• 쿠키에 관련한 정보는 별도의 공지를 통해 확인하실 수 있습니다 (링크).

“개인정보”란 식별되었거나 식별 가능한 개인 또는 물리적 상황에 관한 모든 정보를 의미합니다. 귀하의 이름, 주소, 전화번호, 이메일주소 등 식별할 수 있는 모든 정보가 이에 포함됩니다.  

본 공지의 적용 대상이 아닌 내용

본 공지는 다음 사항에는 적용되지 않습니다:

• 고객을 대신하여 수행하는 광고 활동;
• 임직원, 계약자 또는 구직자에 관한 정보;
• 쿠키 및 쿠키를 통해 수집되는 데이터에 관한 정보; 
• 고객을 대신하여 제공하는 마케팅, 광고, 매체를 통해 수집되는 정보 (즉, 고객을 대신해 데이터 처리자로 수행하는 활동과 관련한 정보)

위의 항목들은 각각 별도의 개인정보 처리방침 또는 쿠키와 관련한 공지에서 다루어지며, 각 국가 별 링크를 통해 확인하실 수 있습니다.

1. 수집할 수 있는 개인정보

당사는 귀하가 직접 제공한 개인정보, 자동화된 수단을 통해 수집한 개인정보, 또는 기타 출처 등으로부터 획득한 개인정보를 처리할 수 있습니다. 귀하가 개인정보를 반드시 제공해야 하는 것은 아니지만, 정보를 제공하지 않으실 경우 당사에서 제공하는 서비스 혹은 요청 응답에 제한이 있을 수 있습니다. 일반적으로, 당사는 다음과 같은 방식으로 귀하 및 귀하의 서비스 이용과 관련된 개인정보를 수집합니다.

(A) 귀하가 직접 제공하는 개인정보:

• 연락처 정보

이메일 알림 신청, 이벤트 참석, 당사 사무실 방문, 당사와의 협업, 콘텐츠 다운로드, 뉴스레터 구독, 문의사항에 대한 답변 요청 등을 하실 때에 연락처를 수집하고 있습니다. 수집하는 개인정보에는 이름, 이메일 주소, 전화번호, 직책, 근무지 등이 포함될 수 있습니다.  

• 마케팅 및 커뮤니케이션 관련 정보

적용되는 개인정보 보호법이 허용하는 범위 내에서, 당사는 귀하의 마케팅 정보 수신 여부 및 커뮤니케이션 선호도에 관한 개인정보를 수집합니다.

• 위치 정보

마케팅 활동의 일환으로, 또는 귀하가 이벤트 등록이나 회의 참석을 요청할 때, 귀하의 위치를 확인할 수 있습니다. 단, 이는 자동 추적되는 것이 아니라, 직접 제공할 경우에만 해당됩니다.

(B) 자동화된 수단을 통해 수집되는 개인정보

• 웹사이트 이용 관련 개인 정보

당사는 귀하의 웹사이트 이용 방식에 관한 개인정보를 수집합니다. 여기에는 방문 페이지, 검색 서비스 또는 정보, 접근 링크 및 콘텐츠와 관련된 정보가 포함됩니다.

• 프로파일링 정보

당사는 귀하가 웹사이트 이용 시 제공한 개인정보를 활용하여 관련성 높은 콘텐츠를 제공하고, 마케팅 전략을 개선할 수 있습니다. 이러한 활동은 때때로 ‘프로파일링’이라 불리며, 이는 자동화된 수단을 통해 개인정보를 분석하거나 예측하여 개인의 선호, 관심사 또는 행동을 파악하는 것을 의미합니다. 적용 가능한 개인정보 보호법에 따라, 귀하는 이러한 프로파일링 처리를 거부하거나 이의를 제기할 수 있습니다.

•  기술적 개인정보 

당사는 귀하가 웹사이트에 접근할 때 사용하는 기기와 관련한 정보 및 기타 관련 개인정보를 수집합니다. 당사가 사용하는 쿠키 및 그 사용 목적에 대한 자세한 내용은 별도의 쿠키 공지(https://www.dentsu.com/policies/cookies-notice)에서 확인하실 수 있습니다.

(C) 다른 출처로부터 수집하는 데이터:

• 제3자로부터 수집하는 데이터

당사는 제3자로부터 귀하에 관한 개인정보를 수집할 수 있습니다. 제3자에는 분석 서비스 업체, 제휴 파트너와 같은 외부 플랫폼이 포함될 수 있습니다. 또한, 귀하가 당사가 주관하거나 제휴 파트너로 참여하는 행사에 등록 혹은 참석하는 경우 해당 과정에서 개인정보 수집이 가능합니다. 단, 당사는 개인정보 목록을 구매하지 않습니다.

*또한, 어린이 또는 미성년자, 혹은 민감한 개인정보를 적극적으로 수집하려는 의도를 가지고 있지 않습니다. 이에 대한 자세한 내용은 아래를 참고하시기 바랍니다.

• 미성년자

당사는 귀하 관할 지역에서 적용되는 법률상의 어린이 혹은 미성년자의 개인정보를 의도적으로 수집하지 않습니다. 만일 귀하 자녀가 당사 서비스를 이용함에 있어 개인정보 보호에 대한 우려가 있으시거나, 웹사이트에 개인정보를 입력했다고 생각되시는 경우 dpo@dentsu.com으로 연락하여 주시기 바랍니다. 당사는 합리적 기간 내에 해당 개인 정보를 기록에서 삭제하겠습니다.

• 민감한 개인 정보

당사에서는 본 개인정보 처리방침에 따른 처리 활동 일환으로 귀하의 민감한 개인 정보를 의도적으로 수집하거나 요청하지 않습니다.

2.) 수집한 개인정보의 이용 방법

법에서 달리 요구하지 않는 한, 당사는 수집한 개인정보를 다음의 목적을 위해 사용 및 처리합니다:

• 신규 고객 발굴(리드 생성);
• 당사 브랜드 및 서비스 관련 뉴스레터 발송;
• 고객 관리;
• 고객의 당사 오피스 방문 일정 조율 및 관리
• 웹사이트 콘텐츠를 유용하고 관련성 있게 유지하기 위한 목적
• 웹사이트의 보안 유지
• 문의사항 및 피드백 대응을 위한 목적
• 정보주체 권리 요청에 대한 대응 및 관리
• 당사 서비스 분석 및 개선
• 요청사항 처리를 위한 신원 및 개인정보 확인
• 기록 유지 및 최신상태로의 관리
• 법적 권리 보호 및 불만사항에 대한 대응
• 비즈니스 인수 가능성 검토, 관련된 사업 인수 및 합병 활동 지원을 위한 목적

각 국가 별 개인정보 보호법에 따라, 당사는 귀하의 개인정보 처리에 대한 법적 근거를 안내할 의무가 있습니다. 아래 표에서는 당사가 귀하의 개인정보를 어떤 목적으로 이용하는지, 어떤 법적 근거에 의거하여 개인정보를 처리하는지에 대해 자세히 설명하고 있습니다. 또한, 당사는 개인정보의 구체적 처리 목적에 따라 서로 다른 법적 근거를 적용하여 개인정보를 처리할 수 있습니다.

아시아태평양(APAC) 지역에서는 일반적으로 현지 법률에 따른 동의를 개인정보 처리의 법적 근거로 삼고 있습니다. 이 경우, 당사는 귀하에게 명시적 동의를 요청하고, 귀하는 언제든 해당 동의를 철회할 수 있습니다. 다만 특정 경우에 따라, 아래 명시된 정당한 이익 또는 개인정보 보호법이 허용하는 합법적 근거에 한하여 특정 처리활동을 수행할 수도 있습니다.

처리 활동	사용하는 정보 유형	법적 근거(해당되는 경우)
행사 관리 및 운영: 당사에서 운영하는 행사에 대해 참석자 초청장 발송 및 수락 관리	연락처, 제3자로부터 수집한 정보, 위치 정보	합법적 이익
리드 창출: 웹사이트 방문자, 사용자, 행사 참가자, 고객 연락처로부터 수집한 데이터를 활용한 리드 창출	연락처, 제3자로부터 수집한 정보, 당사 웹사이트 사용 시 수집한 정보	합법적 이익 또는 동의(명시적으로 제공한 경우)
당사 뉴스레터 발송 및 브랜드 및 서비스 관련 정보 제공: 자체 콘텐츠를 고객, 리드 및 수신에 동의한 모든 사람에게 배포	연락처, 제3자로부터 수집한 정보, 위치 정보, 마케팅 및 커뮤니케이션 정보	동의
귀하와의 관계 관리: 계정 또는 프로젝트 등의 관리를 위해 고객과 공급업체 기본 연락처 정보 처리	연락처, 위치 정보, 마케팅 및 커뮤니케이션 정보, 기술적 데이터	계약 상 필요
사무실 방문에 대한 관리: 모든 사무실 방문객 및 발생 가능한 사고나 사건에 대한 적절한 기록 보관	연락처, 위치 정보	합법적 이익
당사 웹사이트 관련성 및 유용성 유지: 웹사이트 개선, 새로운 기능 및 자료 제공과 같은 업무 이행을 위해 웹사이트 사용에 대한 분석 수행	당사 웹사이트 이용 시 필요한 정보, 자동화 도구를 통해 처리된 개인정보, 기술적 정보	합법적 이익(클라이언트가 당사 서비스를 어떻게 이용하고 콘텐츠를 활용하는지 확인하기 위함)
당사 웹사이트 보안 유지: 악의적인 웹 활동으로부터 보호하고, 기업 정책 위반하는 웹사이트 접근의 차단을 위함. 클라우드 및 endpoint 필터링 서비스 사용	당사 웹사이트 이용 시 필요한 정보, 기술적 정보	합법적 이익
문의 및 피드백 대응: 제출한 문의사항 또는 의견에 대한 답변을 제공하고, 당사 이용약관 또는 기타 정책 변경사항을 안내하기 위한 목적	수집한 정보 중 모든 유관 정보	합법적 이익 또는 계약 상 필요
정보주체 권리 행사 요청 대응 및 관리: 개인정보보호 관련 법률에서 요구하는 바에 따라, 정보주체 접근 요청, 개인정보 삭제 요청, 특정 처리 유형에 대한 opt out(처리 거부)요청 등 정보주체 권리 행사에 대한 대응절차 등의 업무를 수행	수집한 정보 중 모든 유관 정보	법적 의무
서비스 분석 및 개선: 상호작용을 분석하여, 지속적으로 최상의 서비스를 제공할 수 있도록 개선하기 위한 목적	당사 웹사이트 사용 시 수집 정보, 이메일, 이름, 핸드폰번호, 회사 정보, 직함	쿠키가 사용되는 경우 합법적 이익 또는 동의
기록 유지 및 최신 상태로의 관리: 효과적이고 효율적인 비즈니스 운영을 위해, 관련 기록을 최신 상태로 유지해야 할 의무를 이해하기 위함	연락처, 위치 정보, 마케팅 및 커뮤니케이션 정보	합법적 이익 또는 법적 의무
법적 권리 보호 및 방어, 민원 대응: 규제기관 혹은 내부 고발자에 의해 제기된 개인정보 보호 관리 및 관행에 대한 컴플레인 대응	수집한 정보 중 모든 유관 정보	법적 의무 또는 합법적 이익
비즈니스 인수 및 매각 관련 절차 지원: 사업 인수합병 등에 관한 모든 비즈니스 활동	수집한 정보 중 모든 유관 정보	합법적 이익

3.) 개인정보 보유 기간  

당사는 법적 의무를 준수하면서, 해당 서비스 제공에 필요한 기간 동안 귀하의 개인정보를 보유합니다. 해당 기간이 경과한 이후에는, 귀하의 개인정보를 안전하게 삭제하거나 익명화하여 분석 목적으로만 사용할 수 있도록 처리합니다. 또한, 본 개인정보 보호공지에 명시된 연락처를 통해, 개인정보 보유 기간에 대한 추가 정보를 요청하거나, 아래 설명된 귀하의 권리에 따라 개인정보의 삭제를 요청하실 수도 있습니다.

4.) 개인정보 보호 방법  

당사는 개인정보가 무단으로 사용되거나 유출되는 것을 방지하고, 우발적 분실, 변경, 파기 등의 사고가 발생하지 않도록 하기 위해 적절한 조직적, 기술적 보호조치를 유지하고 있습니다. 이러한 보호조치는 개인정보가 물리적 형태이든 전자적 형태이든 동일하게 적용됩니다. 또한, 당사를 대신하여 개인정보를 보관하거나 처리하는 서비스 제공업체 및 승인된 제3자 역시 동등한 수준의 보안조치를 유지할 수 있도록 관리하고 있습니다. 상황에 따라 당사가 사용하는 보호조치에는 방화벽, 모의 침투 테스트, 취약성 점검, 암호화, IT 시스템 접근 제한 등이 포함됩니다.

5.) 정보의 공유 및 공개

당사는 개인정보를 공유할 때, 업무상 필요한 최소한의 범위로만 접근을 허용하고, 이는 귀하에게 요청한 서비스를 제공하거나, 필수적이거나 합법적 기능을 수행하기 위해서만 공유합니다.

당사는 귀하의 개인정보를 국외이전 할 때, 개인정보의 보호가 보장되는 적절한 보호 수준이 확보 되어야지만 이전을 허용하고 있습니다. 이러한 보호는 개인정보를 이전받는 곳과 계약을 체결하여 보호 수준을 명시하거나, 이전되는 국가의 법률이 귀하가 거주하고 있는 국가의 개인정보보호법보다 더 엄격한 개인정보 보호법을 적용하는 경우에 한하여 이루어집니다.

당사는 내부적으로 개인정보 보호를 매우 중요하게 다루며, 모든 임직원과 재위탁 업체에 계약상 개인정보의 비밀정보 유지 의무를 부과하여 보호법규를 준수하여 행동할 수 있도록 의무화하고 있습니다.

제3자 제공 시의 정보 공유

당사는 뉴스레터 발송, 웹사이트 운영, CRM 업무 수행 등을 위해 외부 서비스 제공자를 이용합니다. 이 때, 업무 수행에 필요한 최소한의 정보만 제공되며, 별도의 계약을 체결하여 당사 지침을 준수하도록 의무화하고 있습니다.

또한, 당사는 마케팅 활동을 지원하는 제3자(소셜 미디어 플랫폼, 광고 네트워크, 애드테크 기업)와 귀하의 이메일 주소 등의 정보를 해당 제3자와 공유하여 플랫폼 내에서 귀하에게 당사의 광고를 노출하는 방식 등을 운영하기 위해 제공할 수 있습니다. 이 경우에 파트너사가 수집한 개인정보는 각 파트너사의 개인정보 처리방침 및 귀하가 광고 목적으로 개인정보 이용을 관리할 수 있는 도구에 의해 추가적으로 관리될 수 있습니다.

그룹사 간 정보 이전

덴츠 그룹은 전 세계적으로 운영되는 광고 미디어 기업으로, 다수의 계열사로 구성되어 있습니다. 따라서, 당사는 필요에 따라 귀하의 개인정보를 그룹 내 다른 계열사에 공개할 수 있습니다.

그룹사 간 개인정보 이전은 그룹 내부 데이터 이전 계약을 통하여 보호됩니다. 이 계약은 당사가 필요한 경우, 전 세계적으로 개인정보를 안전하게 이전할 수 있는 체계를 제공합니다. 또한, 당사는 사업의 전부 또는 일부가 양도될 경우, 해당 거래의 일환으로 고객 명단 등 개인정보를 이전할 수 있습니다.

기타 제3자와의 정보 공유

법률에 따라 요구되거나 허용되는 경우, 당사는 개인정보를 기타 기관에 제공할 수 있습니다. 예를 들어, 법원 명령이나 소환장에 응하거나, 법 집행기관의 요청에 대응하기 위해 정보를 제공할 수 있습니다. 또는 불법행위 조사, 예방 또는 대응이 필요하다고 판단되는 경우에도 제공이 이루어질 수 있습니다. 이외 법률 상 요구되는 경우에도 개인정보를 제공할 수 있습니다.

또한, 본 내용에서 설명한 제3자로부터 당사가 개인정보를 수집할 수도 있습니다. 이러한 이전과 관련된 보호조치에 대한 추가 정보를 원하신다면, 본 개인정보 처리방침에 기재된 연락처를 통하여 문의하실 수 있습니다.

6.) 귀하의 권리

귀하가 속한 국가 또는 지역의 개인정보 보호법에 따라, 귀하는 다음과 같은 권리를 보유합니다:

• 개인정보 처리에 대한 이의 제기. 당사가 정당한 이익(또는 제3자의 이익)에 근거하여 개인정보를 처리하는 경우라 하더라도 귀하가 귀하의 기본적인 권리나 자유를 침해당한다고 느끼는 경우, 처리에 대한 이의를 제기할 수 있습니다. 또한 귀하는 귀하의 개인정보를 마케팅 혹은 프로파일링에 직접 사용하는 것에 대한 이의를 언제든 제기할 권리가 있습니다. 당사에서는 법적인 근거를 가지고 처리를 지속해야 하지 않는 한, 이의 제기에 따라 처리를 멈출 것입니다. 
• 개인정보를 열람할 권리. 귀하는 당사가 보유한 개인정보에 대한 정보(사본 포함)를 요청할 수 있습니다. 단, 법적으로 예외가 적용되는 경우는 제외되며, 당사는 개인정보 제공 전 귀하의 신원을 확인하기 위한 절차를 진행하고 절차를 진행합니다.
• 개인정보 이전 요청할 권리. 귀하는 본인이 제공한 개인정보를 정리되고, 일반적으로 사용되고, 기계 판독이 가능한 형태로 본인 또는 제3자에게 제공해 줄 것을 요청할 수 있습니다. 이 권리는 귀하가 당사에 정보를 제공한 경우이며, 당사가 귀하의 동의 또는 계약 이행을 근거로 개인정보를 처리하는 경우에 한하여 적용됩니다.
• 개인정보를 삭제 요청할 권리.  당사가 더 이상 귀하의 개인정보를 보유할 이유가 없다고 판단되는 경우, 귀하는 삭제를 요청할 수 있습니다. 단, 법령상 보존 의무 또는 정당한 사업상 목적이 있는 경우, 그 사유를 안내한 후 당사는 일정 정보를 보관할 수 있습니다.
• 개인정보 정정 또는 갱신을 요청할 권리. 귀하는 부정확하거나 불완전한 정보를 수정하도록 요청할 수 있습니다.
• 처리 제한을 요청할 권리. 일부 관할 지역에서는 특정 상황에서 개인정보 처리의 제한을 요청할 수 있습니다. 이 경우, 당사에서는 데이터를 계속 보관할 수 있지만, 제한 기간 동안에는 처리행위가 중단됩니다.  
• 동의를 철회할 권리. 귀하가 당사에 개인정보 처리에 대한 동의를 하신 경우, 언제든 그러한 동의를 철회하실 수 있습니다. 다만, 철회 이전에 수행된 처리의 적법성에는 영향을 미치지 않으며, 법적으로 동의 없이 처리가 허용된 경우에는 당사가 이를 계속할 수 있습니다. 마케팅 이메일의 경우, 메일 하단의 구독해지(unsubscribe)버튼을 클릭하여 언제든 수신을 거부할 수 있습니다.
• 문제를 제기할 권리. 당사는 귀하의 문제 제기를 해결하기 위해 최선을 다 할 것입니다. 그러나, 이러한 대응에 만족하지 못하거나, 직접적인 연락을 원하시는 경우, 귀하가 거주하는 지역의 개인정보보호 감독 기관에 문제를 제기할 수 있습니다. (예시: 영국 – ICO) 만약 어느 곳으로 요청해야 하는지 확인이 어려우신 경우, 아래 기재된 당사 연락처로 문의 주시기 바랍니다.
• 마케팅 수신 거부권. 귀하는 언제든 마케팅 수신을 거부할 수 있습니다. 이메일 하단의 구독해지 (unsubscribe) 링크를 통해 요청하시기 바랍니다. 단, 마케팅이 아닌 필수 안내(문의 응답, 계정 관련 알림 등)는 경우에 따라 지속될 수 있습니다.

위에 열거된 귀하의 권리를 행사하려는 경우, 본인의 연락처 정보 및 요청사항을 구체적으로 기입하여야 하며, 당사는 신원 확인 절차를 거친 다음 요청을 처리합니다. 신원 확인 절차는 정보의 유형, 민감도 및 가치, 접근 또는 삭제로 인해 발생할 수 있는 피해 위험도에 따라 달라집니다. 일반적으로 귀하가 제공한 식별 정보와 당사가 보유 중인 개인정보를 대조하여 수행됩니다. 당사에서는 법적 기한 내에 응답할 것이며, 추가 시간이 필요한 경우, 그 사유와 소요 기간을 서면으로 안내 드립니다. 단, 이러한 권리가 법적으로 보장되지 않는 국가에서는 당사는 귀하의 요청을 거부할 수 있는 권리가 있음을 참고하여 주십시오.

7.) 웹사이트 링크를 통한 개인정보 수집에 대한 당사의 책임

이 개인정보 처리방침은 당사가 직접 수집한 개인정보에 한하여서 적용됩니다. 당사의 웹사이트에는 페이스북, 트위터, 링크드인 등 소셜 미디어를 포함한 외부 웹사이트로의 링크도 제공되어 있습니다. 다만 이러한 링크를 클릭하여 해당 페이지로 이동하는 경우, 해당 사이트의 개인정보 처리방침 및 이용약관이 적용되며, 귀하가 해당 웹사이트로 제공한 개인 정보에 대해서는 책임을 지지 않습니다.

8.) 개인정보 처리방침의 개정  

본 개인정보 처리방침은 법령의 개정, 업계의 사례, 당사 업무방식 또는 개인정보 처리방식의 변경사항에 따라 수시로 업데이트 될 수 있습니다. 최신 개정일은 본 페이지 상단에 표시되며, 만약 변경에 동의하지 않는 경우, 당사의 서비스 이용을 중단하시고, 개인정보 제공을 중지하셔야 합니다. 당사는 귀하가 최신 정보를 확인할 수 있도록 본 정책을 정기적으로 검토하시는 것을 권장 드립니다.

9.)  문의처

본 개인정보 처리방침, 개인정보의 처리 방법, 본 처리방침에 기재된 귀하의 권리 행사 등에 대해 문의사항이 있으신 경우, 아래와 같은 경로를 통해 문의하실 수 있습니다:

• 주소: Data Protection Officer, Dentsu International, Regent’s Place, 10 Triton Street, Regent’s Place, London, NW1 3BF
• 이메일: DPO@dentsu.com  
• 혹은 아래 각 국가별 파트에 기재된 지역 별 DPO를 통한 요청

10.) 특정 국가와 관련한 추가 정보  

당사는 특정 국가에 위차한 덴츠의 개인정보 처리자 및 데이터 보호 책임자(해당사항이 있는 경우), 개인정보 보호 및 수집에 대한 추가 정보를 아래와 같이 제공합니다.

Le informamos también de que nos encontramos adheridos al Código de Conducta de Protección de Datos en la Actividad Publicitaria de AUTOCONTROL, acreditado por la Agencia Española de Protección de Datos y, por tanto, que estamos vinculados a su sistema extrajudicial de tramitación de reclamaciones cuando las mismas estén relacionadas con protección de datos y publicidad. Si no has quedado conforme con la respuesta que hemos dado a tu solicitud, además de presentar una denuncia ante la Agencia Española de Protección de Datos, puedes formular una reclamación ante el Jurado de la Publicidad de AUTOCONTROL en el plazo no superior a un mes natural desde la finalización del proceso, contactando a través del siguiente correo electrónico: reclamaciones.pd@autocontrol.es.

Sweden (dentsu)

Local Controller: Dentsu Sweden AB

BOX 4125, 102 63 Stockholm

Reg. No. 556259-6733

Contact us: E-mail: dpo@dentsu.com

Local data protection authority: Integritetsskyddsmyndigheten

You will find Integritetsskyddsmyndigheten’s contact information at www.imy.se/

(a) Lawful Basis for Processing

The lawful basis for these processing activities are as follows:

Processing Activity	Types of data used	Lawful basis (where applicable)
To generate leads and distribute commercial content: We may use Personal Data collected from visitors to and users of our website(s), attendees of events, or client contacts to locate potential leads. The data is later used for the distribution of dentsu's own commercial content to potential customers, leads and prospects, and anyone else who has subscribed to receiving such collateral.	Contact data, data we collect from other parties, Personal Data relating to your use of our website(s).	Legitimate interests (if you represent the corporate entity) or consent (if you are visitor, user, attendee of events, or our individual client)
To send you newsletters and information relating to our brands and services: The distribution of dentsu's own commercial content to potential customers, leads and prospects, and anyone else who has subscribed to receiving such collateral.	Contact data, data we collect from third parties, location data, marketing and communications data.	Legitimate interests (if you represent the corporate entity) or consent (if you are potential customers, leads and prospects, or individual subscribers)

(b) How long will we keep your Personal Data 

We retain your Personal Data for as long as is required in order to fulfil the purpose specified in this Privacy Notice, and the Personal Data will be retained for a period not exceeding 10 (ten) years after the cessation of our relationship with you, or the last communication between us and you.

 We may retain your Personal Data longer than the above period, only as otherwise permitted or specified by the applicable law.

 (c) Contact us

If you have any inquiries in relation to your Personal Data, or you would like to exercise any of your data subject rights, you may contact the relevant dentsu organization at:

Entities	Address
Dentsu (Thailand) Ltd.	No. 968 U-Chu Liang Building 27th - 28th Floor, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500, Thailand
Amplifi (Thailand) Co., Ltd.	No. 968 U-Chu Liang Building 27th Floor, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500, Thailand
Carat (Thailand) Co., Ltd.	No. 968 U-Chu Liang Building 15th Floor, Unit A, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500, Thailand
Dentsu Consulting Group (Thailand) Co., Ltd.	No. 968 U-Chu Liang Building 15th Floor, Zone B, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500
Dentsu Solutions Group (Thailand) Co., Ltd.	No. 968 U-Chu Liang Building 15th Floor, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500
iProspect (Thailand) Co., Ltd.	No. 968 U-Chu Liang Building 15th Floor, Unit C, Rama 4 Road, Silom Sub-district, Bangrak District, Bangkok 10500, Thailand

Or contact our Data Protection Officer (DPO) at THDPO@dentsu.com.

นโยบายข้อมูลส่วนบุคคลออนไลน์

Dentsu เป็นกลุ่มธุรกิจด้านมีเดีย ครีเอทีฟ และการบริหารประสบการณ์ลูกค้าระดับโลก ประกอบด้วยหลายแบรนด์ เราช่วยให้ลูกค้าของเราพัฒนาปรับปรุงวิธีการโฆษณาและการทำการตลาด ไม่ว่าจะผ่านสื่อสิ่งพิมพ์ ไปรษณีย์ อีเมล หรือรูปแบบดิจิทัลอื่น เราเชื่อว่า การใช้ข้อมูลอย่างรับผิดชอบจะช่วยสนับสนุนการเติบโตทางธุรกิจและช่วยสร้างความสัมพันธ์ที่แข็งแกร่งระหว่างแบรนด์และผู้บริโภค ดังนั้นในฐานะองค์กร เรามุ่งมั่นที่จะเคารพและคุ้มครองความเป็นส่วนตัวของบุคคลทุกคนที่เรามีปฏิสัมพันธ์ด้วย เรามุ่งมั่นที่จะสร้างความโปร่งใสในการจัดการและประมวลผลข้อมูลส่วนบุคคล ตามกฎหมายคุ้มครองความเป็นส่วนตัวและการคุ้มครองข้อมูลส่วนบุคคลที่บังคับใช้อยู่เสมอ

ใครเป็นผู้รับผิดชอบในการประมวลผลข้อมูลส่วนบุคคลของคุณ?

dentsu ดำเนินธุรกิจผ่านบริษัทย่อยและบริษัทในเครือทั่วโลก กฎหมายความเป็นส่วนตัวในบางประเทศกำหนดให้ต้องมีการกำหนดระบุ “ผู้ควบคุมข้อมูลส่วนบุคคล” (นิติบุคคลที่กำหนดวัตถุประสงค์และวิธีการของการประมวลผลข้อมูลส่วนบุคคลนั้น)

ในประเทศที่กฎหมายความเป็นส่วนตัวบังคับใช้ในประเด็นนี้ บริษัทในเครือ dentsu ที่ทำหน้าที่เป็นผู้ควบคุมข้อมูลส่วนบุคคลของคุณ และรับผิดชอบการประมวลผลข้อมูลของคุณจะเป็นบริษัทในเครือ dentsu ที่ดำเนินธุรกิจในประเทศหรือภูมิภาคของคุณ เว้นแต่ dentsu International หรือบริษัทอื่นในเครือ dentsu จะระบุว่า ตนเป็นผู้ควบคุมข้อมูลส่วนบุคคลสำหรับการติดต่อเฉพาะเจาะจงบางส่วนที่มีกับคุณ บริษัทในเครือ dentsu ที่เกี่ยวข้องจะเรียกว่า “เรา” ในประกาศนี้

หากคุณมีคำถามหรือไม่แน่ใจว่าใครคือผู้ควบคุมข้อมูลส่วนบุคคลของคุณ โปรดดูข้อมูลเพิ่มเติมสำหรับตลาดของคุณด้านล่างหรือส่งอีเมลมาที่ dpo@dentsu.com และเราจะประสานให้รายละเอียดของคุณไปถึงนิติบุคคลที่ถูกต้อง

ประกาศความเป็นส่วนตัวนี้ครอบคลุมอะไรบ้าง

ประกาศฉบับนี้อธิบายโดยละเอียดถึงประเภทของข้อมูลส่วนบุคคลที่เราอาจเก็บรวบรวมเกี่ยวกับคุณเมื่อคุณติดต่อกับเราผ่านเว็บไซต์ ช่องทางดิจิทัล การบริหารความสัมพันธ์ทางธุรกิจ กิจกรรมอีเวนต์ กิจกรรมการตลาดแบบ B2B หรือเมื่อคุณมาเยี่ยมชมสำนักงานของเรา เมื่อคุณใช้เว็บไซต์หรือบริการของเราและให้ข้อมูลส่วนบุคคลแก่เรา เราจะถือว่า คุณอนุญาตให้เราจัดเก็บ ใช้ และเปิดเผยข้อมูลส่วนบุคคลของคุณเพื่อวัตถุประสงค์ตามที่กำหนดไว้ในประกาศนี้ โดยอาศัยฐานทางกฎหมายที่ระบุไว้ในประกาศนี้เข่นกัน ทั้งนี้

• หากคุณเป็นพนักงานหรือผู้สมัครงานของ dentsu โปรดดูประกาศความเป็นส่วนตัวสำหรับพนักงานที่นี่
• หากคุณใช้งานผลิตภัณฑ์ของเรา โปรดดูประกาศความเป็นส่วนตัวเฉพาะผลิตภัณฑ์ ซึ่งอาจแตกต่างกันไปตามแต่ละตลาด
• หากคุณต้องการทราบข้อมูลเกี่ยวกับคุกกี้ โปรดดูประกาศเกี่ยวกับคุกกี้ของเราที่นี่

“ข้อมูลส่วนบุคคล” หมายถึง ข้อมูลใดๆ เกี่ยวกับสถานะส่วนบุคคลหรือลักษณะสำคัญของบุคคลที่สามารถระบุตัวตนได้ ดังนั้น ข้อมูลส่วนบุคคลของคุณจึงอาจรวมถึง ข้อมูลทั้งหมดที่เกี่ยวข้องกับคุณซึ่งสามารถใช้ระบุตัวตนคุณได้ เช่น ชื่อ ที่อยู่ หมายเลขโทรศัพท์ หรือที่อยู่อีเมลของคุณ

อะไรที่ไม่ครอบคลุมในประกาศฉบับนี้

ประกาศความเป็นส่วนตัวนี้ไม่ครอบคลุม:

• กิจกรรมโฆษณาที่เราดำเนินการให้กับลูกค้า
• ข้อมูลเกี่ยวกับพนักงาน ผู้รับจ้าง หรือผู้ที่อาจมาเป็นพนักงานของเราในอนาคต
• ข้อมูลเกี่ยวกับคุกกี้ที่เราใช้และข้อมูลที่คุกกี้เก็บรวบรวม
• ข้อมูลที่รวบรวมผ่านผลิตภัณฑ์ที่เราให้บริการเป็นส่วนหนึ่งของกิจกรรมการตลาด โฆษณา หรือมีเดียของเรา (เช่น ข้อมูลที่เราประมวลผลในฐานะผู้ประมวลผลข้อมูลส่วนบุคคล ซึ่งเราดำเนินกิจกรรมดังกล่าวแทนลูกค้า)

ประเด็นข้างต้นจะครอบคลุมอยู่ในประกาศความเป็นส่วนตัว หรือประกาศคุกกี้แยกต่างหาก ซึ่งสามารถค้นหาได้ผ่านเว็บไซต์ที่เกี่ยวข้องของแต่ละตลาดที่ดำเนินธุรกิจและประมวลผลข้อมูลส่วนบุคคลดังกล่าวอยู่

1.   ข้อมูลส่วนบุคคลที่เราอาจเก็บรวบรวม

เราอาจประมวลผลข้อมูลส่วนบุคคลที่คุณให้โดยตรง รวมถึงข้อมูลส่วนบุคคลที่เรารวบรวมโดยรูปแบบอัตโนมัติ หรือข้อมูลส่วนบุคคลที่เราได้รับจากแหล่งอื่น คุณไม่จำเป็นต้องให้ข้อมูลส่วนบุคคลใดๆ แก่เรา แต่หากคุณเลือกที่จะไม่ให้ เราอาจไม่สามารถส่งมอบผลิตภัณฑ์หรือบริการของเราให้แก่คุณ หรือไม่สามารถดำเนินการคำขอของคุณได้ โดยทั่วไป เราจะเก็บรวบรวมข้อมูลส่วนบุคคลที่เกี่ยวข้องกับคุณและ/หรือการใช้บริการของคุณดังต่อไปนี้:

(A) ข้อมูลส่วนบุคคลที่คุณให้กับเรา:

• ข้อมูลการติดต่อ เรารวบรวมรายละเอียดการติดต่อของคุณ เมื่อคุณสมัครเพื่อรับอีเมลแจ้งเตือน เข้าร่วมกิจกรรมของเรา มาเยี่ยมชมสำนักงาน ทำงานร่วมกับเรา ดาวน์โหลดเนื้อหาที่เราจัดทำขึ้น สมัครรับจดหมายข่าว หรือเมื่อคุณขอให้เราตอบคำถาม ทั้งนี้ข้อมูลที่เราเก็บอาจรวมถึงชื่อ ที่อยู่อีเมล หมายเลขโทรศัพท์ ตำแหน่งงาน และสถานที่ทำงานของคุณ
• ข้อมูลการตลาดและการสื่อสาร เรารวบรวมข้อมูลส่วนบุคคลเกี่ยวกับความชอบในการรับข้อมูลการตลาดจากเราและความ ชอบในการสื่อสารของคุณ (เมื่อกฎหมายความเป็นส่วนตัวที่เกี่ยวข้องอนุญาต)
• ข้อมูลตำแหน่งที่ตั้ง เราอาจถามว่า คุณอยู่ที่ใดเพื่อวัตถุประสงค์ด้านการตลาดของเรา หรือเมื่อคุณลงทะเบียนเข้าร่วมกิจกรรมหรือขอเข้าพบ ข้อมูลนี้จะไม่ถูกติดตามผ่านอุปกรณ์ของคุณเลย และจะมีเพียงข้อมูลที่คุณแจ้งให้เราทราบเท่านั้น

(B) ข้อมูลส่วนบุคคลที่เรารวบรวมโดยอัตโนมัติ:

• ข้อมูลเกี่ยวกับการใช้งานเว็บไซต์ของเรา เรารวบรวมข้อมูลเกี่ยวกับวิธีที่คุณใช้เว็บไซต์ของเรา ซึ่งรวมถึงข้อมูลส่วนบุคคลเกี่ยวกับหน้าเว็บไซต์ที่คุณเข้าชม บริการหรือข้อมูลที่คุณค้นหา และลิงก์หรือเนื้อหาที่คุณเลือกเข้าถึง
• ข้อมูลการจัดทำโปรไฟล์ เราอาจใช้ข้อมูลส่วนบุคคลที่คุณให้ผ่านการใช้เว็บไซต์ของเราเพื่อมอบเนื้อหาที่เกี่ยวข้องแก่คุณและเพื่อกำหนดกลยุทธ์การตลาดของเรา กิจกรรมประเภทนี้เรียกว่า “การจัดทำโปรไฟล์” ซึ่งเป็นการใช้วิธีการอัตโนมัติในการประมวลผลข้อมูลส่วนบุคคลของคุณเพื่อวิเคราะห์หรือคาดการณ์ความชอบ ความสนใจ หรือพฤติกรรมของคุณ คุณสามารถคัดค้านการจัดทำโปรไฟล์ได้ (หากกฎหมายความเป็นส่วนตัวที่เกี่ยวข้องให้สิทธิ์)
• ข้อมูลทางเทคนิค เรารวบรวมข้อมูลส่วนบุคคลเกี่ยวกับอุปกรณ์ที่คุณใช้เข้าถึงเว็บไซต์ของเรา รวมถึงข้อมูลที่เกี่ยวข้องอื่นๆ คุณสามารถดูข้อมูลเพิ่มเติมเกี่ยวกับคุกกี้ที่เราใช้และวัตถุประสงค์ได้ในประกาศคุกกี้แยกต่างหาก (ที่ลิงก์: https://www.dentsu.com/policies/cookies-notice)

(C) ข้อมูลที่เรารวบรวมจากแหล่งอื่น:

• ข้อมูลที่เรารวบรวมจากบุคคลที่สาม เราอาจเก็บรวบรวมข้อมูลส่วนบุคคลเกี่ยวกับคุณจากบุคคลที่สาม เช่น ผู้ให้บริการวิเคราะห์ พันธมิตรทางธุรกิจ (Affiliates) และแพลตฟอร์มของบุคคลที่สาม เช่น LinkedIn เราอาจเก็บข้อมูลเมื่อคุณลงทะเบียนและ/หรือเข้าร่วมกิจกรรมที่เราจัดหรือที่เราเป็นพันธมิตรที่มีชื่อร่วม ทั้งนี้เราไม่ซื้อรายชื่อข้อมูลส่วนบุคคล

โปรดทราบว่าเราไม่ได้ตั้งเป้าหมายในการเก็บข้อมูลเกี่ยวกับเด็กหรือผู้เยาว์ หรือข้อมูลส่วนบุคคลที่มีความอ่อนไหวของผู้ใด ทั้งนี้โปรดดูรายละเอียดเพิ่มเติมด้านล่าง

• เด็ก เราไม่ได้มุ่งหวังจะเก็บข้อมูลส่วนบุคคลของเด็กหรือผู้เยาว์ (ตามนิยามที่กฎหมายในเขตอำนาจศาลของคุณกำหนด) หากคุณกังวลเกี่ยวกับความเป็นส่วนตัวของบุตรหลานของคุณในส่วนที่เกี่ยวข้องกับบริการของเรา หรือเชื่อว่าบุตรหลานของคุณอาจได้นำส่งข้อมูลส่วนบุคคลเข้าในเว็บไซต์ของเรา โปรดติดต่อเราได้ที่ dpo@dentsu.com เราจะลบข้อมูลส่วนบุคคลดังกล่าวออกจากบันทึกของเราในระยะเวลาอันสมควร
• ข้อมูลส่วนบุคคลที่มีความอ่อนไหว เราไม่ได้ตั้งใจเก็บรวบรวมหรือร้องขอข้อมูลส่วนบุคคลที่มีความอ่อนไหวในกิจกรรมการประมวลผลภายใต้ประกาศนี้

2.   เราใช้ข้อมูลส่วนบุคคลนี้อย่างไร

ยกเว้นในกรณีที่กฎหมายกำหนด เราใช้และประมวลผลข้อมูลส่วนบุคคลที่เรารวบรวมเกี่ยวกับคุณเพื่อวัตถุประสงค์ดังต่อไปนี้:

• สร้างโอกาสทางธุรกิจ (leads)
• ส่งจดหมายข่าวและข้อมูลที่เกี่ยวกับแบรนด์และบริการของเราให้แก่คุณ
• จัดการความสัมพันธ์ของเราและคุณ
• วางแผนและจัดการการที่คุณจะมาเยี่ยมชมสำนักงานของเรา
• ทำให้เว็บไซต์ของเราจะยังมีเนื้อหาที่ยังมีความเกี่ยวข้องและเป็นประโยชน์แก่คุณ
• ทำให้เว็บไซต์ของเรามีความปลอดภัย
• ตอบข้อซักถามและคำติชมของคุณ
• ตอบและจัดการคำขอใช้สิทธิของเจ้าของข้อมูลของคุณ
• วิเคราะห์และ/หรือปรับปรุงบริการของเรา
• ยืนยันตัวตนและตรวจสอบข้อมูลส่วนบุคคลของคุณ
• บันทึกและปรับปรุงบันทึกของเราให้ทันสมัย
• คุ้มครองและปกป้องสิทธิทางกฎหมายของเรา/ตอบข้อร้องเรียน และ
• อำนวยความสะดวกในการซื้อกิจการหรือการขายกิจการ รวมถึงกิจกรรมช่วงเปลี่ยนผ่านและบูรณาการทางธุรกิจที่เกี่ยวข้อง

ตามกฎหมายคุ้มครองข้อมูลส่วนบุคคลต่างๆ เราต้องแจ้งฐานทางกฎหมายสำหรับการประมวลผลข้อมูลส่วนบุคคลของคุณ ตารางด้านล่างอธิบายข้อมูลเพิ่มเติมเกี่ยวกับวัตถุประสงค์ในการใช้ข้อมูลส่วนบุคคลและฐานทางกฎหมายที่เราใช้ (เมื่อกฎหมายที่เกี่ยวข้องกำหนด) โปรดทราบว่า เราอาจประมวลผลข้อมูลของคุณตามฐานทางกฎหมายที่แตกต่างกันขึ้นอยู่กับวัตถุประสงค์เฉพาะที่เราใช้ข้อมูลส่วนบุคคลของคุณ

ในตลาดเอเชียแปซิฟิก เรามักอาศัย “ความยินยอม” เป็นฐานทางกฎหมายตามที่กฎหมายท้องถิ่นกำหนด ซึ่งในกรณีนี้เราจะขอความยินยอมจากคุณโดยชัดแจ้ง และคุณมีสิทธิถอนความยินยอมได้ทุกเมื่อ ทั้งนี้ เราอาจอาศัยฐานทางกฎหมายอื่น เช่น “ผลประโยชน์โดยชอบด้วยกฎหมาย” ตามที่ระบุไว้ด้านล่างในตารางนี้ หรือฐานทางกฎหมายอื่นตามที่กฎหมายอนุญาตสำหรับกิจกรรมเฉพาะ

กิจกรรมการประมวลผล	ประเภทข้อมูล	ฐานทางกฎหมาย
การจัดและดำเนินงานกิจกรรมอีเวนต์: ประมวลผลข้อมูลเพื่อส่งคำเชิญ รับการตอบรับ และบริหารการ เข้าร่วม อีเวนต์ของ dentsu	ข้อมูลการติดต่อ; ข้อมูลที่เรา รวบรวมจากบุคคลอื่น; ข้อมูล ตำแหน่งที่ตั้ง	ประโยชน์อันชอบด้วยกฎหมาย
การสร้างโอกาสทางธุรกิจ (leads): เราอาจใช้ข้อมูล ส่วนบุคคลที่เก็บจากผู้เยี่ยมชมและผู้ใช้เว็บไซต์ของเรา ผู้เข้าร่วมงาน อีเวนต์ หรือผู้ติดต่อของลูกค้า เพื่อค้นหาและสร้างโอกาสทางธุรกิจ	ข้อมูลการติดต่อ; ข้อมูลที่เรา รวบรวมจากบุคคลอื่น; ข้อมูล ส่วนบุคคลเกี่ยวกับการใช้งาน เว็บไซต์ของคุณ	ประโยชน์อันชอบด้วยกฎหมายหรือ ความยินยอม (หากคุณให้โดยชัดแจ้ง)
การส่งจดหมายข่าว และข้อมูลที่เกี่ยวกับแบรนด์ และ บริการของเรา: การนำส่งเนื้อหาเชิงพาณิชย์ของเรา ให้แก่เป้าหมายลูกค้าและผู้ที่สมัครรับข้อมูลดังกล่าว	ข้อมูลการติดต่อ; ข้อมูลที่เรา รวบรวมจากบุคคลที่สาม; ข้อมูล ตำแหน่งที่ตั้ง; ข้อมูลการตลาด และการสื่อสาร	ความยินยอม
การบริหารความสัมพันธ์กับคุณ: การประมวลผลข้อมูล ติดต่อพื้นฐานของลูกค้าและคู่ค้า เพื่อการบริหารความ สัมพันธ์ การบริหารบัญชี และ/หรือ โครงการ	ข้อมูลการติดต่อ; ข้อมูลตำแหน่ง ที่ตั้ง; ข้อมูลการตลาดและ การสื่อสาร; ข้อมูลทางเทคนิค	ความจำเป็นตามสัญญา
การวางแผน และจัดการการเยี่ยมชมสำนักงานของ เรา: การประมวลผลข้อมูลเพื่อรับประกันว่า เราได้จัดทำบันทึกผู้เยี่ยมชมที่สำนักงานของเรา และเหตุการณ์อุบัติ เหตุ /เหตุไม่คาดคิดที่อาจเกิดขึ้น	ข้อมูลการติดต่อ; ข้อมูลตำแหน่งที่ตั้ง	ประโยชน์อันชอบด้วยกฎหมาย
ทำให้เว็บไซต์ของเรามีความเกี่ยวข้อง และเป็นประ โยชน์: เราวิเคราะห์สถิติการที่คุณใช้งาน เว็บไซต์ของเรา เช่น เพื่อปรับปรุงเว็บไซต์ เสนอฟีเจอร์ และเนื้อหาใหม่	ข้อมูลส่วนบุคคลเกี่ยวกับการใช้งาน เว็บไซต์ของคุณ; ข้อมูลส่วนบุคคล ที่ประมวลผลโดยอัตโนมัติ; ข้อมูลทางเทคนิค	ประโยชน์อันชอบด้วย กฎหมาย (เพื่อศึกษาการ ใช้งาน เพื่อการพัฒนา บริการ เพื่อสร้างความเติบโตทางธุรกิจ และเพื่อกำหนดกลยุทธ์ การตลาด) กรณีที่กฎหมายคุ้มครองข้อมูลส่วนบุคคลกำหนดอนุญาตไว้
ทำให้เว็บไซต์ของเรามีความปลอดภัย: การประมวลผล ข้อมูลส่วนบุคคลนี้ดำเนินการ เพื่อป้องกันกิจกรรมที่เป็น อันตรายบนเว็บไซต์ และป้องกันการเข้าถึงเว็บไซต์ที่ ละเมิดนโยบายองค์กร รวมถึงบริการกรองเว็บผ่านCloud และ End-Point	ข้อมูลส่วนบุคคลเกี่ยวกับการใช้งานเว็บ ไซต์ของคุณ; ข้อมูลทางเทคนิค	ประโยชน์อันชอบด้วยกฎหมาย
ตอบข้อซักถามและคำติชมของคุณที่ให้แก่เรา: เพื่ออัป เดตคุณเกี่ยวกับการเปลี่ยนแปลงข้อกำหนด และเงื่อนไข /นโยบายอื่นของเรา	ข้อมูลส่วนบุคคลทั้งหมดที่เกี่ยวข้อง (ตามความเหมาะสม)	ประโยชน์อันชอบด้วยกฎหมาย หรือ ความจำเป็นตามสัญญา
ตอบและจัดการคำขอใช้สิทธิของเจ้าของข้อมูล: การประมวลผลข้อมูลส่วนบุคคล เพื่อตอบคำขอใช้สิทธิในฐานะเจ้าของข้อมูลส่วนบุคคลของคุณ เช่น สิทธิการขอเข้าถึง ลบ เลือกไม่รับการประมวลผลบางประเภท เป็นต้น ตามที่กฎหมายกำหนด	ข้อมูลส่วนบุคคลทั้งหมดที่เกี่ยวข้อง (ตามความเหมาะสม)	หน้าที่ตามกฎหมาย
วิเคราะห์และปรับปรุงบริการของเรา: การประมวลผลข้อมูลส่วนบุคคลนี้ ทำเพื่อให้เราสามารถใช้การติดต่อที่เรามีกับคุณ เพื่อนำมาปรับปรุงบริการของเราให้ดีที่สุด อย่างต่อเนื่อง	ข้อมูลส่วนบุคคลเกี่ยวกับการใช้ งานเว็บไซต์ของคุณ; อีเมล; ชื่อ; เบอร์โทรศัพท์; ชื่อบริษัท; ตำแหน่งงาน	ประโยชน์อันชอบด้วยกฎหมาย หรือ ความยินยอม เมื่อมีการใช้คุกกี้
บันทึกและปรับบันทึกของเราให้ทันสมัย: เราจำเป็น ต้องเก็บบันทึกที่เป็นปัจจุบัน เพื่อให้เราสามารถดำเนิน ธุรกิจได้อย่างมีประสิทธิภาพ	ข้อมูลการติดต่อ; ข้อมูลตำแหน่งที่ตั้ง; ข้อมูลการตลาดและการสื่อสาร	ประโยชน์อันชอบด้วยกฎหมาย หรือ หน้าที่ตามกฎหมาย
คุ้มครองและปกป้องสิทธิทางกฎหมายของเรา/ตอบ ข้อร้องเรียน: การประมวลผลข้อมูลส่วนบุคคลเกี่ยวกับข้อร้องเรียนที่มีการจัดส่งมาหาพวกเราจากหน่วยงาน กำกับดูแลและ/หรือบุคคลอื่น รวมถึงการแจ้งเบาะแส ที่เกี่ยวข้องกับแนวปฏิบัติการคุ้มครองข้อมูล	ข้อมูลส่วนบุคคลทั้งหมดที่เกี่ยวข้อง (ตามความเหมาะสม)	หน้าที่ตามกฎหมาย หรือ ประโยชน์อันชอบด้วยกฎหมาย
อำนวยความสะดวกในการซื้อกิจการหรือการขายกิจการของพวกเรา และ รวมถึงกิจกรรม ช่วงเปลี่ยนผ่าน และการบูรณาการทางธุรกิจที่เกี่ยวข้อง	ข้อมูลส่วนบุคคลทั้งหมดที่เกี่ยวข้อง (ตามความเหมาะสม)	ประโยชน์อันชอบด้วยกฎหมาย

3.   เราเก็บรักษาข้อมูลส่วนบุคคลของคุณไว้นานเท่าใด

เราจะเก็บรักษาข้อมูลส่วนบุคคลของคุณไว้ตราบเท่าที่จำเป็นสำหรับการให้บริการที่เกี่ยวข้อง โดยสอดคล้องตามหน้าที่ตามกฎหมายของเรา หลังจากนั้น ข้อมูลส่วนบุคคลของคุณจะถูกลบอย่างปลอดภัยหรือทำให้ไม่สามารถระบุตัวตนเพื่อใช้วิเคราะห์ คุณสามารถขอข้อมูลเพิ่มเติมเกี่ยวกับระยะเวลาการเก็บรักษา หรือร้องขอให้เราลบข้อมูลส่วนบุคคลของคุณตามสิทธิของคุณได้ผ่านช่องทางติดต่อในประกาศนี้

4.   เราคุ้มครองข้อมูลส่วนบุคคลของคุณอย่างไร

เราดำเนินมาตรการคุ้มครองเชิงองค์กรและเทคโนโลยีที่เหมาะสมเพื่อป้องกันการใช้งาน การเข้าถึงโดยไม่ได้รับอนุญาต หรือการสูญหาย เปลี่ยนแปลง หรือทำลายข้อมูลส่วนบุคคลโดยไม่ตั้งใจ ไม่ว่าข้อมูลดังกล่าวจะอยู่ในรูปแบบกายภาพหรืออิเล็กทรอนิกส์ นอกจากนี้เรายังพยายามให้ผู้ให้บริการและบุคคลภายนอกที่ได้รับอนุมัติ ซึ่งจัดเก็บหรือประมวลผลข้อมูลส่วนบุคคลแทนเราปฏิบัติตามมาตรการรักษาความปลอดภัยเดียวกันกับเรา ทั้งนี้มาตรการที่เราใช้ขึ้นอยู่กับสถานการณ์ ซึ่งอาจรวมถึงการใช้ไฟร์วอลล์ การทดสอบเจาะระบบ การประเมินช่องโหว่ การเข้ารหัสข้อมูล และการจำกัดการเข้าถึงระบบเทคโนโลยีสารสนเทศ

5.   การแบ่งปันและการเปิดเผยข้อมูล

เมื่อใดก็ตามที่เราแบ่งปันข้อมูลส่วนบุคคล การเข้าถึงข้อมูลดังกล่าวจะถูกควบคุมตามหลักจำเป็นต้องรู้ และให้เฉพาะเท่าที่จำเป็นเพื่อให้บริการตามที่คุณร้องขอหรือเพื่อให้เราสามารถดำเนินการที่จำเป็นหรือชอบด้วยกฎหมายได้เท่านั้น

เราจะโอนข้อมูลส่วนบุคคลของคุณออกนอกตลาดที่คุณอยู่ ก็ต่อเมื่อเรามั่นใจว่า ประเทศปลายทางมีระดับการคุ้มครองข้อมูลส่วนบุคคลที่เพียงพอ เพื่อปกป้องความถูกต้องและความปลอดภัยของข้อมูลส่วนบุคคลที่จะถูกส่งไปประมวลผล และการส่งออกนั้นต้องดำเนินการให้ถูกต้องตามกฎหมายความเป็นส่วนตัวและการคุ้มครองข้อมูลส่วนบุคคลที่บังคับใช้ กลกไกการคุ้มครองดังกล่าวอาจดำเนินการผ่านสัญญากับผู้รับข้อมูล หรือกลไกนั้นอาจเกิดจากการที่เรารู้อยู่แล้วว่า กฎหมายของประเทศผู้รับเข้มงวดยิ่งกว่าประเทศที่คุณอยู่

เราให้ความสำคัญอย่างยิ่งกับการคุ้มครองข้อมูลภายใน พนักงานและผู้ให้บริการของเราถูกผูกพันตามสัญญาให้รักษาความลับในข้อมูลส่วนบุคคลที่อาจเข้าถึง และต้องปฏิบัติตามกฎหมายคุ้มครองข้อมูลส่วนบุคคล

ข้อมูลที่แบ่งปันกับผู้ให้บริการภายนอกของเรา

เราใช้ผู้ให้บริการหลายรายเพื่อดำเนินหน้าที่ทางธุรกิจแทนเรา เช่น การส่งจดหมายข่าว การโฮสต์บริการออนไลน์ และการจัดการความสัมพันธ์ลูกค้า เราจะเปิดเผยเฉพาะข้อมูลส่วนบุคคลเท่าที่จำเป็นเพื่อให้บุคคลเหล่านั้นปฏิบัติงานได้เท่านั้น โดยผู้ให้บริการของเราอยู่ภายใต้เงื่อนไขสัญญาที่ต้องปฏิบัติตามคำสั่งของเรา

เราอาจแบ่งปันข้อมูลกับบุคคลที่สามที่ช่วยงานการตลาดของเรา รวมถึงแพลตฟอร์มโซเชียลมีเดีย เครือข่ายโฆษณา และบริษัทเทคโนโลยีที่ให้บริการการโฆษณา ตัวอย่างเช่น เราอาจแบ่งปันอีเมลหรือข้อมูลติดต่ออื่นกับแพลตฟอร์มโซเชียลเพื่อให้พวกเขาจัดแสดงโฆษณาของเราแก่คุณบนแพลตฟอร์มของพวกเขา ข้อมูลส่วนบุคคลที่ได้รับโดยพันธมิตรของเราอาจอยู่ภายใต้นโยบายความเป็นส่วนตัวและเครื่องมือจัดการการโฆษณาของพวกเขาที่ให้แก่คุณเอง

การโอนข้อมูลภายในกลุ่มบริษัท

Dentsu International เป็นกลุ่มบริษัทสื่อระดับโลกที่ประกอบด้วยหลายบริษัท ดังนั้น เราอาจเปิดเผยข้อมูลส่วนบุคคลของคุณภายในกลุ่มบริษัทของเราเป็นครั้งคราว

เมื่อเราถ่ายโอนข้อมูลส่วนบุคคลระหว่างบริษัทในเครือ เราคุ้มครองการโอนดังกล่าวด้วยสัญญาโอนย้ายข้อมูลภายในกลุ่ม (Intra-Group Data Transfer Agreement) เพื่อให้เรามีกลไกการโอนข้อมูลทั่วโลกเมื่อจำเป็นได้ทั่วโลก

เราอาจเปิดเผยข้อมูลส่วนบุคคลให้แก่ผู้สืบทอดสิทธิ์ทั้งหมดหรือบางส่วนของธุรกิจเรา เช่น หากธุรกิจส่วนหนึ่งถูกขาย เราอาจให้รายชื่อลูกค้าเป็นส่วนหนึ่งของธุรกรรมการขายนั้น

ข้อมูลที่แบ่งปันกับหน่วยงานอื่น

เมื่อกฎหมายกำหนดหรืออนุญาต ข้อมูลส่วนบุคคลอาจมีการส่งต่อเปิดเผยให้แก่หน่วยงานอื่น เช่น เปิดเผยให้แแก่หน่วยงานกำกับดูแลหรือบังคับใช้กฎหมาย เช่น เปิดเผยการตอบหมายศาล คำสั่งศาล คำขอของหน่วยงาน หรือเมื่อเราจำเป็นต้องสืบสวน ป้องกัน หรือดำเนินการเกี่ยวกับกิจกรรมที่ผิดกฎหมาย และตามที่กฎหมายกำหนด

เราอาจเก็บรวบรวมข้อมูลส่วนบุคคลจากคู่สัญญาที่กล่าวถึงในส่วนนี้ด้วย

คุณสามารถขอข้อมูลเพิ่มเติมเกี่ยวกับมาตรการที่ใช้สำหรับการโอนดังกล่าวผ่านช่องทางการติดต่อในประกาศนี้

6.   สิทธิของคุณ

ขึ้นอยู่กับกฎหมายความเป็นส่วนตัวที่บังคับใช้ในตลาดของคุณ คุณอาจมีสิทธิหลายประการเกี่ยวกับข้อมูลส่วนบุคคลของคุณ รวมถึง:

• สิทธิคัดค้านการประมวลผลข้อมูลส่วนบุคคลของคุณ หากเราพึ่งพาฐานประโยชน์อันชอบด้วยกฎหมาย (ของเรา/บุคคลที่สาม) และคุณเห็นว่า การดำเนินการดังกล่าวกระทบสิทธิและเสรีภาพพื้นฐานของคุณ คุณสามารถคัดค้านการประมวลผลได้ นอกจากนี้คุณยังมีสิทธิที่จะคัดค้านเมื่อข้อมูลส่วนบุคคลของคุณถูกใช้เพื่อการตลาดทางตรงหรือการจัดทำโปรไฟล์ โดยคุณสามารถคัดค้านได้ทุกเมื่อ และเราจะหยุดประมวลผลข้อมูลที่คุณคัดค้าน เว้นแต่เราจะแสดงเหตุผลอันชอบด้วยกฎหมายเพื่อดำเนินต่อไป
• สิทธิขอเข้าถึงข้อมูลส่วนบุคคลของคุณ เราอาจต้องให้ข้อมูลส่วนบุคคลที่เรามีเกี่ยวกับคุณเมื่อคุณร้องขอ รวมถึงให้คำอธิบายและสำเนาข้อมูลส่วนบุคคล และเหตุผลที่เราประมวลผล เว้นแต่มีข้อยกเว้นตามกฎหมาย ทั้งนี้เราจะขอให้คุณยืนยันตัวตนก่อนให้ข้อมูลส่วนบุคคลดังกล่าวให้แก่คุณ
• สิทธิขอให้จัดเตรียมข้อมูลให้บุคคลที่สาม คุณอาจขอให้เราจัดเตรียมข้อมูลส่วนบุคคลของคุณในรูปแบบที่มีโครงสร้าง ใช้กันทั่วไป และอ่านได้ด้วยเครื่อง เพื่อส่งให้แก่คุณหรือบุคคลที่สามที่คุณเลือก ทั้งนี้สิทธินี้ใช้ได้เฉพาะกับกรณีของข้อมูลที่คุณให้แก่เรา และเมื่อคุณได้ให้ความยินยอม หรือเราประมวลผลเพื่อปฏิบัติตามสัญญากับคุณ เท่านั้น
• สิทธิขอให้ลบข้อมูลส่วนบุคคลของคุณ คุณอาจขอให้เราลบข้อมูลส่วนบุคคลของคุณได้ เมื่อคุณเห็นว่า เราไม่จำเป็นต้องใช้ข้อมูลนั้นอีก โปรดทราบว่า เราอาจต้องเก็บรักษาข้อมูลบางอย่างตามกฎหมายและ/หรือเพื่อวัตถุประสงค์ทางธุรกิจที่ชอบด้วย กฎหมายของเรา แต่ในกรณีที่เราจะปฏิเสธการลบข้อมูลนั้น เราจะบอกให้คุณทราบ
• สิทธิขอแก้ไขหรืออัปเดตข้อมูลของคุณ เพื่อให้คุณดำเนินการปรับปรุงแก้ไขข้อมูลที่ไม่ครบถ้วนหรือไม่ถูกต้อง
• สิทธิขอจำกัดการประมวลผลข้อมูลของคุณ ในบางสถานการณ์และในบางประเทศ คุณสามารถขอจำกัดการประมวลผลได้ ซึ่งระหว่างที่ขอใช้สิทธิดังกล่าว เราอาจเก็บข้อมูลไว้ได้แต่จะจำกัดการประมวลผลข้อมูลส่วนบุคคลตามที่ร้องขอมานั้น
• สิทธิถอนความยินยอม หากคุณให้ความยินยอมในการประมวลผลข้อมูลส่วนบุคคลของคุณแก่เรา คุณสามารถถอนความยินยอมดังกล่าวได้ทุกเมื่อ ทั้งนี้การถอนความยินยอมนี้จะไม่กระทบความชอบด้วยกฎหมายของการประมวลผลที่ดำเนินการไปก่อนหน้านั้น หรือจะไม่กระทบต่อสิทธิของเราที่จะเก็บ ใช้ หรือเปิดเผยข้อมูลส่วนบุคคลของคุณตามที่กฎหมายอนุญาตให้ประมวลผลได้โดยไม่ต้องอาศัยความยินยอม หากคุณได้รับการสื่อสารการตลาดจากเรา คุณสามารถถอนความยินยอมได้โดยกดปุ่มยกเลิกการสมัครรับข้อมูลดังกล่าวในอีเมล
• สิทธิการร้องเรียน เราจะพยายามอย่างดีที่สุดเพื่อแก้ไขข้อร้องเรียน อย่างไรก็ดี หากคุณเห็นว่า เรื่องยังไม่คลี่คลาย หรือคุณต้องการติดต่อหน่วยงานกำกับโดยตรง คุณสามารถร้องเรียนต่อหน่วยงานคุ้มครองข้อมูลในท้องถิ่นของคุณได้ ยกตัวอย่างเช่น ในประเทศอังกฤษ หน่วยงานกำกับดูแลได้แก่ UK Information Commission’s Office และหากคุณต้องการทราบว่าใครคือหน่วยงานท้องถิ่น โปรดติดต่อเรา และเราจะให้ข้อมูลที่เกี่ยวข้องแก่คุณ
• สิทธิที่จะเลือกไม่รับข้อมูลการตลาด คุณอาจเลือกไม่รับการสื่อสารทางการตลาดจากเราได้ทุกเมื่อ โดยคุณสามารถใช้สิทธิขอให้หยุดการส่งข้อความดังกล่าวให้แก่คุณได้ทุกเวลาด้วยการคลิกลิงก์ “ยกเลิกการสมัคร” ที่ส่วนท้ายของข้อความ ทั้งนี้โปรดทราบว่า แม้คุณจะเลือกไม่รับ เราอาจยังส่งข้อมูลการสื่อสารอื่นที่ไม่ใช่การตลาด เช่น คำตอบต่อคำถามของคุณ หรือประกาศเกี่ยวกับบัญชีหรือความสัมพันธ์ของเราให้แก่คุณได้อยู่

หากคุณใช้สิทธิตามข้างต้น คำขอของคุณควรมีข้อมูลการติดต่อของคุณและอธิบายคำขอโดยละเอียดเพียงพอเพื่อให้เราสามารถเข้าใจ ประเมิน และตอบกลับได้อย่างเหมาะสม นอกจากนี้ คุณควรให้ข้อมูลที่เพียงพอเพื่อให้เราสามารถตรวจสอบยืนยันว่า คุณคือบุคคลที่เรารวบรวมข้อมูลส่วนบุคคลอยู่ (ซึ่งอาจรวมถึงข้อมูลที่ทำให้เราสามารถยืนยันข้อมูลระบุตัวตนที่เราอาจเก็บรักษาเพื่อยืนยันตัวตนของคุณอยู่)

เราจะตอบคำขอใช้สิทธิของคุณภายในกรอบเวลาที่กำหนด หากเราต้องใช้เวลามากขึ้น เราจะแจ้งเหตุผลและระยะเวลาที่ต้องการเป็นลายลักษณ์อักษร ทั้งนี้เพื่อคุ้มครองข้อมูลส่วนบุคคลของคุณ เราจะดำเนินการตามคำขอก็ต่อเมื่อเราได้ดำเนินการยืนยันตัวตนหรืออำนาจของคุณ และยืนยันได้ว่า ข้อมูลส่วนบุคคลที่เกี่ยวข้องเป็นของคุณ โดยวิธีการยืนยันตัวตนนี้จะขึ้นกับประเภท ความอ่อนไหว และคุณค่าของข้อมูล รวมทั้งความเสี่ยงที่สร้างอันตรายต่อคุณจากการเปิดเผยหรือการลบข้อมูลส่วนบุคคลที่อาจเกิดขึ้นจากการขอใช้สิทธิ โดยทั่วไปการยืนยันตัวตนจะดำเนินการด้วยการจับคู่ข้อมูลระบุตัวตนที่คุณให้มากับข้อมูลที่เรามีอยู่

โปรดทราบว่า หากคุณอยู่ในตลาดที่สิทธิเหล่านี้ไม่มีอยู่ เราขอสงวนสิทธิที่จะปฏิเสธคำขอของคุณ

7.   ความรับผิดชอบของเราเกี่ยวกับข้อมูลส่วนบุคคลที่เก็บผ่านลิงก์เว็บไซต์

ประกาศนี้จำกัดเฉพาะข้อมูลส่วนบุคคลที่เราเก็บเท่านั้น เรามีลิงก์ในเว็บไซต์ของเราไปยังเว็บไซต์ รวมถึงโซเชียลมีเดียอื่น เช่น Facebook, Twitter และ LinkedIn หรือเว็บไซต์ของบริษัท dentsu อื่นๆ หากคุณกดลิงก์ดังกล่าว การใช้งานเว็บไซต์เหล่านั้นจะถูกกำกับโดยประกาศผู้ใช้และประกาศความเป็นส่วนตัวของเว็บไซต์นั้น โดยแนวปฏิบัติด้านข้อมูลของพวกเขาอยู่นอกขอบเขตของประกาศนี้ นอกจากนี้ เราไม่รับผิดชอบ และไม่มีอำนาจควบคุมต่อข้อมูลส่วนบุคคลที่เก็บโดยเว็บไซต์บุคคลที่สามใดๆ และไม่สามารถรับผิดชอบต่อการคุ้มครองและความเป็นส่วนตัวของข้อมูลส่วนบุคคลใดๆ ที่คุณอาจให้ไว้ในเว็บไซต์ดังกล่าว

8.   การปรับปรุงประกาศ

ประกาศนี้อาจได้รับการอัปเดตเป็นครั้งคราวเพื่อให้สอดคล้องกับการเปลี่ยนแปลงทางกฎหมาย แนวปฏิบัติที่ดีที่สุด การเปลี่ยนแปลงงานที่เราทำ หรือการเปลี่ยนแปลงวิธีที่เราปฏิบัติต่อข้อมูลส่วนบุคคล ทั้งนี้วันที่แก้ไขประกาศล่าสุดจะปรากฏที่ด้านบนของหน้านี้ หากคุณไม่เห็นด้วยกับการเปลี่ยนแปลง โปรดหยุดใช้บริการของเรา และงดการแบ่งปันข้อมูลส่วนบุคคลของคุณกับเรา โดยคุณควรตรวจสอบประกาศนี้เป็นประจำเพื่อติดตามการปรับปรุงประกาศ

9.   ติดต่อเรา

หากคุณมีคำถามเกี่ยวกับประกาศนี้ แนวทางด้านความเป็นส่วนตัวของเรา หรือคุณต้องการใช้สิทธิใดๆ ที่กล่าวถึงในประกาศนี้ คุณสามารถติดต่อเจ้าหน้าที่คุ้มครองข้อมูลของเราได้ผ่าน:

• ที่อยู่: Data Protection Officer, Dentsu International, Regent's Place, 10 Triton Street, Regent's Place, London, NW1 3BF
• อีเมล: DPO@dentsu.com
• หรือใช้ข้อมูลของ DPO ท้องถิ่นของคุณตามที่ระบุไว้ในส่วนด้านล่าง

10. ข้อมูลเพิ่มเติมสำหรับบางประเทศ

เราจัดให้มีข้อมูลเพิ่มเติมเกี่ยวกับผู้ควบคุมข้อมูลส่วนบุคคล และเจ้าหน้าที่คุ้มครองข้อมูล (ตามที่เกี่ยวข้อง) การคุ้มครอง การเก็บรวบรวม และการใช้ข้อมูลส่วนบุคคลของเจ้าของข้อมูลที่อยู่ในบางประเทศที่ dentsu ดำเนินธุรกิจและประมวลผลข้อมูลส่วนบุคคลอยู่

ประเทศไทย

(A)  เราจะเก็บรักษาข้อมูลส่วนบุคคลของคุณไว้นานเพียงใด

เราจะเก็บรักษาข้อมูลส่วนบุคคลของคุณไว้ตราบเท่าที่จำเป็นเพื่อบรรลุวัตถุประสงค์ตามที่ระบุไว้ในประกาศความเป็นส่วนตัวนี้ และข้อมูลส่วนบุคคลจะถูกเก็บรักษาไว้ไม่เกิน 10 (สิบ) ปีนับจากการสิ้นสุดความสัมพันธ์ระหว่างเราและคุณ หรือการติดต่อครั้งสุดท้ายระหว่างเราและคุณ

เราอาจเก็บรักษาข้อมูลส่วนบุคคลของคุณไว้นานกว่าระยะเวลาข้างต้นได้ เฉพาะเมื่อกฎหมายที่ใช้บังคับอนุญาตหรือกำหนดไว้เท่านั้น

(B)  ติดต่อเรา หากคุณมีข้อซักถามเกี่ยวกับข้อมูลส่วนบุคคลของคุณ หรือคุณต้องการใช้สิทธิของเจ้าของข้อมูลส่วนบุคคล คุณสามารถติดต่อองค์กรที่เกี่ยวข้องของ dentsu ได้ที่:

บริษัท	ที่อยู่
บริษัท เดนท์สุ (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 27 - 28 ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท เดนท์สุ โฮลดิ้งส์ (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 27 - 28 ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท เดนท์สุ อีจิส เน็ตเวิร์ค (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 27 ยูนิตเอ ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท แอมพลิฟาย (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 27 ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท คาราท (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 15 ยูนิตเอ ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท เดนท์สุ คอนซัลติ้ง กรุ๊ป (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 15 ยูนิตบี ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500
บริษัท เดนท์สุ โซลูชั่นส์ กรุ๊ป (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 15 ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500
บริษัท ไอพรอสเพค (ประเทศไทย) จำกัด	968 อาคารอื้อจือเหลียง ชั้น 15 ยูนิตซี ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย
บริษัท บัฟฟี่เชร็ค โฮลดิ้ง จำกัด	968 อาคารอื้อจือเหลียง ชั้น 27 ยูนิตบี ถนนพระราม 4 แขวงสีลม เขตบางรัก กรุงเทพมหานคร 10500 ประเทศไทย

หรือท่านสามารถติดต่อเจ้าหน้าที่คุ้มครองข้อมูลส่วนบุคคลของเราได้ที่ THDPO@dentsu.com

(b) The Rights of the Data Subject
Under Article 11 of the Turkish Personal Data Protection Law numbered 6698 ("PDPL"), you, as a data subject, have the right to:
- Learn whether your personal data has been processed,
- Request information if your personal data has been processed,
- Learn the purposes of such processing of your personal data and whether processed data is being used in accordance with these purposes,
- Learn the third persons to whom your personal data has been transferred within or outside the country,
- Request correction in case the processing of your personal data is incomplete or inaccurate,
- Pursuant to the Article 7 of the PDPL, request the erasure or destruction of your personal data and request notifying to them to whom the personal data is transferred,
- Object to the occurrence of a result against you by analyzing the data processed solely through automated systems
- Request compensation if you suffered damages due to unlawful processing of your personal data.

You, as the data subject, may send an e-mail to dpo@dentsu.com (using your e-mail address previously provided to Dentsu or your registered e-mail address) to exercise the above rights. If the execution of the requests requires additional costs, such costs will be charged to you by Dentsu in accordance with the price list established by the Personal Data Protection Authority. The explanations of the data subject in the application form regarding your request for exercising the above-mentioned rights should be clear and comprehensible.

In case the application is made by the data subject directly, the application should contain their name, surname, Turkish ID number (passport number for foreigners), address (so that our response can be conveyed) and documents evidencing the identity.

In case the application is made by a third party who acts on behalf of the data subject, such person should be specifically authorized on this matter and should submit a document as a proof of representing their authority. In this case, the application should contain the names, surnames, Turkish ID numbers (passport numbers for foreign persons), addresses (so that our response can be conveyed) of both the applicant and the data subject and documents evidencing their identities.

Moreover, data subjects may send a request to exercise their right to complaint before the Personal Data Protection Authority with the contact information below:
Address  : Nasuh Akar Mah. Ziyabey Cad. 1407. Sok. No: 4 06520 Balgat - Çankaya / Ankara
Phone Number : +90312-216-5000
Website  : http://www.kvkk.gov.tr/

This U.S. Privacy Notice is effective as of 1 July 2025.

This U.S. Privacy Notice includes certain disclosures required under applicable U.S. privacy laws.  Please note that the rules implementing some of these laws are subject to change.  We are committed to continual compliance with these laws and will update our processes and this notice as the rules are updated and the law requires.

Data collected by us within the scope of this Privacy Notice is not incorporated into our data products. You can find privacy information for our products here.

U.S. state privacy laws, including The California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act, provides residents of their respective states with additional rights with respect to their Personal Data. Those rights are explained below in the “Your Privacy Rights” section.

In this U.S. Privacy Notice, the term “Personal Data” has the meaning ascribed to it under applicable U.S. privacy laws, and includes the term “Personal Information” as defined by the California Consumer Privacy Act of 2018, as amended.

Personal Data does not include de-identified or aggregate data or publicly available data.

1.) Information We May Collect

In addition to the information that we disclose in the “Personal Data that we may collect” section of our Privacy Notice, we also collect the following additional information in the U.S. as explained herein.  The type of information we collect will depend on the circumstances and the service you are using. Generally speaking, we will collect information relating to you and/or your use of our services in the following ways:

Contact data

We collect information when you enter into an agreement, contact us, or sign up for our marketing communications and newsletters. We also collect any Personal Data you provide if you post a comment, make a request, or complete a survey.

Commercial and Preference Information

We may collect information about our contact history with you and your other transactions and preferences. We may collect information about your job and title, details of your attendance at our events, and your interest in our services.

Location Information

We may infer a location based on your IP address. We may automatically collect your precise GPS location when you access the mobile version of our websites. We may also collect information about your general location, using your zip code or postcode and IP address.

Online Advertising

Our partners may also place cookies, pixel tags and similar technologies on many online services, including ours. They use these technologies to collect information about your activities on these services in order to allow us to deliver you more relevant advertising. For example, they may use the information they collect from their cookies on our services to identify which of our products and services you might be interested in and to recognize your device so they can show you relevant advertisements about our products while you are using our services and other online services. Additionally, we sometimes provide information we collect (such as email addresses) to service providers, who may “match” this information to cookies, mobile ad identifiers, and other proprietary IDs, in order to provide you with more relevant ads when you visit other online services.

You can learn about how to opt out of receiving personalized online advertisements from our advertising partners by following the instructions in the “Your Choices” and “Your Privacy Rights” sections below, and through our Cookies Notice.

Inferences

Using the other pieces of Personal Data collected about you, we may draw inferences about you, reflecting what we believe to be your preferences, characteristics, predispositions, and attitudes as well as attributes connected to your IP address.

Combining Information

We may combine information collected offline with information we collect online. Or we may combine information we get from another party with information we already have. We may also aggregate your information with other consumers’ information to understand preferences and trends over time. We also may combine information collected across devices, such as computers and mobile devices.

2.) How We Use This Information

Except where prohibited by law or court order we use your Personal Data to generate leads and for the following business purposes in the U.S.:

• to manage our relationship with you;
• to arrange and manage visits to our offices;
• to ensure our website(s) is kept relevant and useful;
• to ensure our website(s) remain secure;
• to respond to your enquiries and feedback;
• to respond to, and manage, data subject rights requests;
• to analyse and/or improve our services;
• to verify your identity and Personal Data;
• to maintain and update our records;
• to protect and defend our legal rights / respond to complaints;
• to facilitate acquisitions and potential acquisitions of or by our business, including any related transitional and business integration activities;
• to enable the download of our content;
• to send you newsletters and information relating to our brands and services;
• to recognize you across multiple touchpoints by creating a single record for you; 
• other purposes for which we seek your consent; and
• to protect us, our websites, customers, employees, and business partners from fraud or other malicious activity.

As noted above, in this U.S. Privacy Notice, the term “Personal Data” has the meaning ascribed to it under applicable U.S. laws, and includes the term “Personal Information” as defined by the California Consumer Privacy Act of 2018, as amended.

In the table below we set out further information about the purposes for which we use your Personal Data and the categories of third parties that we disclose, “sell,” or share the Personal Data.  The term “share” has the meanings ascribed to it under applicable U.S. privacy laws, including for “cross-context behavioral advertising” or “targeted advertising.”  The term “sell” has the meanings ascribed to it under applicable U.S. laws, meaning the sale of your Personal Data to an outside party for monetary or other valuable consideration, subject to certain exceptions.  In the second column, we also specify how such Personal Data is categorized under applicable U.S. privacy laws. For more information about the categories of Personal Data under applicable U.S. privacy laws, see the “Your Privacy Rights” section.

Purpose/Activity	Types of Personal Data that may be processed	Categories of third parties to which we may disclose this Personal Data for a business purpose	Categories of third parties to which this Personal Data may be ”shared” or “sold” for advertising/analytical purposes
To generate leads: We may use Personal Data collected from visitors to and users of our website(s), attendees of events, or client contacts to locate potential leads.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	Business partners and marketing companies.
To arrange and run events: The process by which invitations are sent to, acceptances are received from and attendance at dentsu events, are managed.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share.
To send you information about our services: To send you information which you have requested e.g. newsletters or publications in accordance with your specified preferences	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities;	We do not sell/share
To improve and develop our website:   We conduct statistical analysis on your usage of the website e.g. to enable us to improve our website, offer new features and material etc.	(a) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To respond to any inquiries or feedback that you send us To update you with any changes to our terms and conditions/other policies	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To manage our relationship with you: To provide you with services and for the purpose of relationship, account, and/or project management.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To protect this website, our company, our employees, and our users from malicious attacks, hacking, fraud, or other illegal or unauthorized activity	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) Technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To analyze and improve our services:  To deliver relevant content to you, and measure or understand the effectiveness of the content we serve to you.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	Business partners and marketing companies.
To maintain and update our records: we are required to keep up to date records to ensure we can operate efficiently and effectively as a business.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To protect and defend our legal rights/respond to complaints:  This process allows us to share information with other third parties, such as regulator and law enforcement agencies	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Third-party service providers; Entities due to corporate mergers or restructuring; Other parties as required by law or to prevent or investigate illegal activities	We do not sell/share
To facilitate acquisitions and potential acquisitions of or by our business, including any related transitional and business integration activities.	(a) Name (b) Email address (c) Phone number (c) Social media account handles (d) Mailing address (e) General location (Identifiers: Personal Data; professional or employment related information)  (f) Commercial and Preference Information (responses to surveys, details of your attendance at our events, interest in our services, information about our contact history with you and your other transactions and preferences) (g) technical and usage (identifiers: Personal Data, such as IP address, device identifiers, internet or other similar network activity) (h) Location information (identifiers: precise geolocation, general location using zip code or postal code and IP address) (i) Inferences (using other pieces of Personal Data collected about you and attributes connected to your IP address)	Entities due to corporate mergers or restructuring	We do not sell/share

We may use Personal Data to create deidentified or aggregated data which does not identify you or any other individual. We may use and disclose this anonymous or aggregated data as we choose.

3.) Information Sharing and Disclosing

Information shared with our business partners and marketing companies

We might share information with third parties who help us with our marketing efforts, including social media platforms, advertising networks, and ad tech companies. For example, we may share email addresses or other Contact Information with social media platforms so they can serve our advertising to you on their platform. Personal Data received by our partners may also be subject to their privacy policies.

Information shared with other parties as required by law or to prevent or investigate illegal activities

Where required or permitted by law, Personal Data may be provided to others, such as regulator and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or take action regarding illegal activities or to protect us, our websites, customers, employees, and business partners from fraud or other malicious activity, and as otherwise required by law. We might share your Personal Data in order to enforce our agreements and to protect our rights and/or the rights of others. We might share your Personal Data when we are investigating potential fraud. This might include fraud we think has happened during a promotion. Where we have a legal requirement to do so, if you are the winner of a sweepstakes or contest, we may also share your certain Contact Information with anyone entitled to request a winner’s list.

We may use and share Personal Data as otherwise disclosed to you from time to time when collecting your Personal Data or as otherwise permitted by law. 

4.) Your Choices

You have certain choices about how we use your information. 

You can control cookies and tracking tools. To learn more about your choices related to cookies, please see our Cookie Notice. 

You may choose not to receive marketing communications from us. You can ask us to stop such messages at any time by clicking on the “unsubscribe” link at the bottom of the message.  Please note that even if you choose not to receive marketing communications from us, you still may receive non-marketing communications, such as responses to your inquiries or notices regarding your account or our relationship with you.

Your Privacy Rights

U.S. state privacy laws, including the California Consumer Privacy Act (“CCPA”), as amended, provides residents of their respective states with additional rights with respect to their Personal Data.

Depending on where you live and what you are asking us to do, we may or may not be obligated to comply with your request, and/or the time required to complete a request may vary.  Based on how we collect and utilize your Personal Data, you may have the following rights:

• Right to Access – You have the right to request that we provide you with a copy of the specific pieces of Personal Data we collected about you.
• Right to Delete – You have the right to request that we delete your Personal Data that we maintain about you, subject to certain exceptions.
  • If you were known by another name or lived at another address, we may not be able to locate all information which relates to you if you do not include it in the form below. Please provide as much information as possible so that we can try to identify all records which relate to you.  We may keep certain Personal Data in accordance with our legal obligations and rights, such as keeping sufficient information about you to recognize that you have made a Personal Data request and to keep a record of that request.
  • However, if we lawfully receive your Personal Data after fulfilling your deletion request, that new information may be included in future data products unless/until you submit a new deletion request. However, if one of our clients separately has your Personal Data and they provide it to us, along with specific instructions on how we are to use it on their behalf, you may still receive their advertising. (We do not add our clients’ data to our own data products unless allowed to by our clients)
• Right to Opt-Out of Targeted Advertising – You have the right to request that we not include your data for any targeted advertising we conduct.
  • Your choices do NOT affect marketing that is not based on your Personal Data. For example, you may still receive advertising based on the content and predicted audience of the website you are browsing. This is known as “contextual advertising” and will not stop in response to your requests.
• Right to Correct – You have the right to request that we correct inaccurate Personal Data that we maintain about you, subject to certain exceptions.
• Right to Limit Use of Sensitive Personal Data – You have the right to request that we do not process or share your sensitive Personal Data.
• Right to Opt-Out of Profiling – You have the right to request that we not process your information for profiling.
• Right to Non-Discrimination – You have the right to not receive discriminatory treatment for the exercise of your privacy rights.
• Do Not Sell/Share My Info – You can request that Merkle does not sell or share your Personal Data that we have in our products by clicking Your Privacy Choices. For purposes of our Product Privacy Notice, “sell” means the sale of your Personal Data in our products to an outside party for monetary or other valuable consideration, subject to certain exceptions set forth in applicable U.S. privacy laws. For purposes of our Product Privacy Notice, “share” means the targeting of advertising to you based on that your Personal Data obtained from your activity across websites in our products, subject to certain exceptions set forth in applicable U.S. privacy laws. Any opt-out of cookie-based tracking for advertising purposes is specific to the device, website, and browser you are using, and is deleted whenever you clear your browser’s cache.
  • If you request an opt-out of the sale or share of your Personal Data, we will stop including your information in the data products we give to our clients.

For non-product related requests or any business to business (B2B) data subject requests, please call us at (+1) (877) 570-5939 (toll-free in the US) or e-mail us at Americas.DPO@dentsu.com. For any employment related requests, you can make these requests online by reviewing the respective Employee, Job Candidates and Job Leavers Privacy Notice for your region. 

We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. Note that for purposes of these requests under this Privacy Notice, Personal Data does not include information we have collected as a service provider to our clients. Finally, please note that we are required by California Civil Code section 1798.105(d) to keep a record of your request. Only you, or a person or business entity that you authorize to act on your behalf (an “Authorized Agent”), may make the requests set forth above. You may also make a request on behalf of your minor child.  For California residents, Authorized Agents may be an entity that is registered with the California Secretary of State or a person.

The request should include your contact information and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. In addition, you should provide sufficient information (including information that reasonably enables us verify the identifying information we currently maintain about you) that allows us to reasonably verify that you are the person about whom we collected the Personal Data or an authorized representative.

We will respond to consumer requests in a reasonably timely manner. If we require extra time to respond, we will inform you of the reason and extension period in writing. In order to protect the security of your Personal Data, we will not honor a request if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. The method used to verify your identity will depend on the type, sensitivity and value of the information, including the risk of harm to you posed by any authorized access or deletion. Generally speaking, verification will be performed by matching the identifying information provided by you to the Personal Data that we already have. 

Any disclosures we provide for California residents will only cover the 12-month period preceding our receipt of your request (and will not be made more than twice in a 12-month period). If we cannot comply with a request, or cannot fully comply with a request, the response we provide will also explain the reasons we cannot comply. If we deny your request in whole or in part, you may have the right to appeal the decision. In such circumstances, we will provide you with information regarding the appeals process.

Merkle Specific Privacy Choices

You may have the following additional choices related to how Merkle uses your information.

Opting Out of Merkle Interest Based Advertising

We enable users to opt-out from certain uses of information in a digital environment. If you want to opt-out from our Merkle solutions from the browser you are currently using, click here and our systems will attempt to place an opt-out cookie on your computer. 

We and other third party companies collect and receive information from across a variety of websites and mobile applications you visit or use over time in order to infer your interests and deliver relevant advertising to the browsers and devices you may use, including across associated devices. This type of advertising is known as interest-based advertising. You may visit http://www.aboutads.info/choices/ to learn more about this activity and opt out of our and many of our partners collection and use of data for that purpose.

You may also visit http://www.aboutads.info/choices/ to have the option of opting out of many of our partners. Please note that if you clear cookies from your browser, you may need to renew your opt-out choice. The mobile operating systems (e.g., Android and iOS) have their own opt-out mechanisms that apply IBA in mobile app environments. To exercise this opt-out, please visit the privacy settings of your Android or iOS device and select “limit ad tracking” (Apple iOS) or “opt-out of interest based ads” (Android).

Please note that if you clear cookies from your browser or reset your device identifier, you may need to renew your opt-out choice. You will also continue to receive advertising after an opt-out, but those advertisements may be less relevant to your interests. If you use multiple browsers or devices you will need to exercise your choices on those browsers or devices as well.

Opting Out of Direct Mail and Telemarketing

Responsible marketing companies respect your choice to not receive direct mail advertising. We use Direct Marketing Association (DMA) resources to suppress the names and addresses of individuals who have notified the DMA that they do not want to receive advertising by mail.

If you would like to opt out of direct mail advertising, send your complete name and address to: DMA Mail Preference Service P.O. Box 643 Carmel, NY 10512

Responsible marketing companies respect your choice to not receive telemarketing calls. We use DMA resources to suppress the phone numbers of individuals who have notified the DMA that they do not want to receive telemarketing calls.

If you would like to opt out of telemarketing calls, send your complete name, address and telephone number to: DMA Telephone Preference Service P.O. Box 1559 Carmel.

Email Marketing Preferences

If you wish to update your email marketing preferences or unsubscribe, from Merkle communications, you can also do so by visiting this page.

If you reside in California, you may have the right to ask us one time each year if we have shared Personal Data with third parties for their direct marketing purposes. To make a request, please send us an email, or write to us at the address listed below. Indicate in your letter that you are a California resident making a “Shine the Light” inquiry.

5.) Children

This website is not intended for children. We do not actively seek to collect Personal Data about children. If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered Personal Data onto our website, please contact us at Americas.DPO@dentsu.com. We will delete such Personal Data from our records or seek verifiable parental or legal guardian consent to retain such information within a reasonable time.

6.) Data Broker

Merkle is a registered data broker under California, Oregon, Texas, and Vermont.  To conduct business in Texas, a data broker must register with the Texas Secretary of State (Texas SOS).  Information about data broker registrants is available on the Texas SOS website.

Merkle Incorporated is registered with the Oregon Secretary of State.

7.) Contact Us

If you have any questions about this Privacy Notice or our approach to privacy, you can contact our Data Protection Officer in any of the following ways:

Address: 
Americas Privacy Office
Dentsu International
150 E 42nd Street

New York, NY 10017

Telephone:
(+1) (877) 570-5939 (U.S. toll-free)

Or by email at: Americas.DPO@dentsu.com

Thông Báo Quyền Riêng Tư Trực Tuyến  

dentsu là một tập đoàn toàn cầu về truyền thông, sáng tạo và quản trị trải nghiệm khách hàng, gồm nhiều thương hiệu. Chúng tôi giúp khách hàng cải thiện cách họ quảng cáo và tiếp thị, dù là qua ấn phẩm, thư tín, thư điện tử hay trong môi trường kỹ thuật số. Chúng tôi tin rằng việc sử dụng dữ liệu một cách có trách nhiệm sẽ hỗ trợ tăng trưởng kinh doanh và gầy dựng mối quan hệ bền vững giữa thương hiệu và người tiêu dùng. Là một doanh nghiệp, chúng tôi cam kết tôn trọng và bảo vệ quyền riêng tư của mọi cá nhân mà chúng tôi tương tác. Chúng tôi cam kết luôn minh bạch trong việc xử lý và xử lý Dữ Liệu Cá Nhân phù hợp với các luật về quyền riêng tư và bảo vệ dữ liệu hiện hành.

Ai chịu trách nhiệm xử lý Dữ Liệu Cá Nhân của bạn?

dentsu hoạt động thông qua các công ty con và công ty liên kết trên toàn thế giới. Luật về quyền riêng tư tại một số quốc gia yêu cầu xác định một “Bên Kiểm Soát” (pháp nhân xác định mục đích và cách thức xử lý Dữ Liệu Cá Nhân).

Khi các luật về quyền riêng tư tại quốc gia của bạn yêu cầu, công ty trong nhóm dentsu hoạt động tại quốc gia hoặc khu vực của bạn sẽ là Bên Kiểm Soát Dữ Liệu Cá Nhân của bạn và chịu trách nhiệm xử lý dữ liệu đó, trừ khi Dentsu International hoặc một công ty dentsu khác tự xác định là Bên Kiểm Soát trong một tương tác cụ thể với bạn. Công ty dentsu liên quan được gọi là “chúng tôi” trong thông báo này.

Nếu bạn có bất kỳ câu hỏi nào hoặc không chắc ai là Bên Kiểm Soát, vui lòng xem thông tin bổ sung cho thị trường của bạn bên dưới hoặc liên hệ với chúng tôi tại dpo@dentsu.com và chúng tôi sẽ đảm bảo thông tin của bạn đến đúng công ty.

Nội dung của Thông Báo Quyền Riêng Tư này

Thông Báo này giải thích chi tiết các loại Dữ Liệu Cá Nhân chúng tôi có thể thu thập về bạn khi bạn tương tác với chúng tôi thông qua trang web, trải nghiệm kỹ thuật số, quản trị quan hệ kinh doanh, sự kiện, hoạt động tiếp thị B2B hoặc khi bạn đến thăm văn phòng của chúng tôi. Bằng việc sử dụng trang web hoặc dịch vụ của chúng tôi và cung cấp Dữ Liệu Cá Nhân của bạn cho chúng tôi, bạn cho phép chúng tôi thu thập, sử dụng và tiết lộ Dữ Liệu Cá Nhân của bạn cho các mục đích được nêu trong thông báo này dựa trên cơ sở pháp lý phù hợp được trình bày tại đây.

• Nếu bạn là nhân viên hoặc ứng viên của dentsu, vui lòng xem Thông Báo Quyền Riêng Tư Dành Cho Nhân Viên tại đây.
• Nếu bạn đang sử dụng một trong các sản phẩm của chúng tôi, hãy tham khảo các thông báo quyền riêng tư dành riêng cho sản phẩm (có thể khác nhau theo từng thị trường).
• Nếu bạn tìm kiếm thông tin về cookie, hãy xem Thông Báo Cookie tại đây.

“Dữ Liệu Cá Nhân” là bất kỳ thông tin nào về cá nhân hoặc các hoàn cảnh cụ thể của một cá nhân đã được xác định hoặc có thể xác định. Dữ Liệu Cá Nhân của bạn bao gồm mọi dữ liệu liên quan đến bạn có thể dùng để định danh, như tên, địa chỉ, số điện thoại hoặc địa chỉ thư điện tử của bạn.

Những nội dung không bao gồm

Thông Báo Quyền Riêng Tư này không bao gồm:

• các hoạt động quảng cáo chúng tôi thực hiện cho khách hàng;
• thông tin về nhân viên, nhà thầu hoặc nhân viên tiềm năng của chúng tôi;
• thông tin về cookie chúng tôi sử dụng và dữ liệu chúng ghi nhận;
• thông tin thu thập thông qua các sản phẩm chúng tôi cung cấp trong khuôn khổ hoạt động tiếp thị, quảng cáo hoặc truyền thông (tức là thông tin chúng tôi xử lý với vai trò là bên xử lý dữ liệu khi thực hiện bất kỳ hoạt động tiếp thị, quảng cáo hoặc truyền thông thay mặt khách hàng).

Các nội dung trên được quy định trong các thông báo quyền riêng tư riêng hoặc thông báo cookie tương ứng trên trang của từng thị trường.

1. Dữ Liệu Cá Nhân chúng tôi có thể thu thập

Chúng tôi có thể xử lý Dữ Liệu Cá Nhân do bạn trực tiếp cung cấp, dữ liệu thu thập tự động, hoặc dữ liệu thu được từ các nguồn khác. Bạn không bắt buộc phải cung cấp Dữ Liệu Cá Nhân; tuy nhiên, nếu không cung cấp, chúng tôi có thể không thể cung cấp sản phẩm/dịch vụ hoặc phản hồi yêu cầu của bạn. Nhìn chung, chúng tôi thu thập Dữ Liệu Cá Nhân liên quan đến bạn và/hoặc việc bạn sử dụng dịch vụ theo các cách sau:

(A) Dữ Liệu Cá Nhân bạn cung cấp:

• Dữ liệu liên hệ:

Chúng tôi thu thập thông tin liên hệ khi bạn đăng ký nhận thông báo email, tham dự sự kiện, đến thăm văn phòng, hợp tác, tải nội dung, đăng ký nhận bản tin hoặc yêu cầu chúng tôi phản hồi thắc mắc. Dữ Liệu Cá Nhân có thể gồm tên, địa chỉ thư điện tử, số điện thoại, chức danh và nơi làm việc.

• Dữ liệu tiếp thị và truyền thông:

Chúng tôi thu thập Dữ Liệu Cá Nhân về sở thích của bạn liên quan đến việc nhận thông tin tiếp thị và các tùy chọn liên lạc (khi pháp luật về quyền riêng tư cho phép).

• Dữ Liệu Vị Trí:

Chúng tôi có thể hỏi vị trí của bạn trong hoạt động tiếp thị, khi bạn đăng ký sự kiện hoặc yêu cầu tham dự cuộc họp. Dữ liệu này không được theo dõi qua thiết bị của bạn mà chỉ dựa trên thông tin bạn cung cấp.

(B) Dữ Liệu Cá Nhân thu thập qua phương tiện tự động:

• Dữ Liệu Cá Nhân liên quan đến việc bạn sử dụng trang web:

Chúng tôi thu thập Dữ Liệu Cá Nhân về cách bạn sử dụng trang web, gồm các trang bạn truy cập, dịch vụ hoặc thông tin bạn tìm kiếm, các liên kết và nội dung bạn chọn.

• Dữ liệu lập hồ sơ:

Chúng tôi có thể sử dụng Dữ Liệu Cá Nhân bạn cung cấp thông qua việc sử dụng trang web để cung cấp nội dung phù hợp và định hướng chiến lược tiếp thị. Hoạt động này đôi khi được gọi là “lập hồ sơ” – sử dụng phương tiện tự động để xử lý Dữ Liệu Cá Nhân để phân tích hoặc dự đoán sở thích, mối quan tâm hoặc hành vi của bạn. Bạn có thể phản đối việc lập hồ sơ (khi pháp luật về quyền riêng tư cho phép).

• Dữ Liệu Cá Nhân kỹ thuật:

Chúng tôi thu thập Dữ Liệu Cá Nhân về thiết bị bạn dùng để truy cập trang web và các thông tin liên quan khác. Bạn có thể xem thêm thông tin về cookie và mục đích sử dụng trong Thông báo Cookie (tại: https://www.dentsu.com/policies/cookies-notice).

(C) Dữ liệu thu thập từ nguồn khác:

• Dữ liệu từ bên thứ ba:

Chúng tôi có thể thu thập Dữ Liệu Cá Nhân về bạn từ các bên thứ ba như nhà cung cấp phân tích, đối tác liên kết, nền tảng bên thứ ba như LinkedIn. Chúng tôi cũng có thể thu thập dữ liệu khi bạn đăng ký/tham dự sự kiện do chúng tôi tổ chức hoặc đồng tổ chức. Chúng tôi không mua danh sách Dữ Liệu Cá Nhân.

Lưu ý, chúng tôi không chủ động tìm cách thu thập thông tin về trẻ em hoặc Dữ Liệu Cá Nhân nhạy cảm của bất kỳ ai. Chi tiết như sau:

• Trẻ em:

Chúng tôi không chủ động thu thập Dữ Liệu Cá Nhân của trẻ em hoặc người chưa thành niên (theo luật áp dụng tại quốc gia của bạn). Nếu bạn lo ngại về quyền riêng tư của con mình liên quan đến dịch vụ của chúng tôi, hoặc tin rằng con bạn đã nhập Dữ Liệu Cá Nhân trên trang web, hãy liên hệ với chúng tôi tại dpo@dentsu.com. Chúng tôi sẽ xóa Dữ Liệu Cá Nhân đó khỏi hồ sơ trong thời hạn hợp lý.

• Dữ Liệu Cá Nhân nhạy cảm:

Chúng tôi không cố ý thu thập hay yêu cầu dữ liệu nhạy cảm trong các hoạt động được quy định trong thông báo này.

2. Cách chúng tôi sử dụng Dữ Liệu Cá Nhân

Trừ khi pháp luật yêu cầu khác, chúng tôi sử dụng và xử lý Dữ Liệu Cá Nhân thu thập từ bạn cho các mục đích sau:

• tạo khách hàng tiềm năng;
• gửi bản tin và thông tin liên quan đến thương hiệu, dịch vụ của chúng tôi;
• quản lý quan hệ với bạn;
• sắp xếp và quản lý các chuyến thăm văn phòng;
• đảm bảo trang web phù hợp và hữu ích;
• đảm bảo an ninh cho trang web;
• phản hồi thắc mắc và ý kiến phản hồi;
• phản hồi và quản lý các yêu cầu thực thi quyền dữ liệu;
• phân tích và/hoặc cải thiện dịch vụ;
• xác minh danh tính và Dữ Liệu Cá Nhân của bạn;
• duy trì và cập nhật hồ sơ;
• bảo vệ và bảo vệ quyền lợi pháp lý/giải quyết khiếu nại;
• hỗ trợ hoạt động mua bán, sáp nhập hoặc tiềm năng mua bán, sáp nhập của doanh nghiệp, bao gồm các hoạt động chuyển giao và tích hợp kinh doanh liên quan.

Theo các luật bảo vệ dữ liệu khác nhau, chúng tôi cần thông báo cho bạn về cơ sở pháp lý cho từng hoạt động xử lý. Dưới đây là tóm lược về hoạt động xử lý, loại dữ liệu sử dụng và cơ sở pháp lý áp dụng (tùy thị trường và hoạt động). Xin lưu ý rằng chúng tôi có thể xử lý dữ liệu cá nhân của bạn cho các mục đích pháp lý khác nhau tùy thuộc vào mục đích cụ thể mà chúng tôi sử dụng dữ liệu của bạn.

Tại nhiều thị trường khu vực Châu Á – Thái Bình Dương, chúng tôi thường dựa trên sự đồng ý là cơ sở pháp lý theo yêu cầu của pháp luật quốc gia; Trong trường hợp này, chúng tôi sẽ yêu cầu bạn đồng ý một cách rõ ràng và bạn có thể rút lại sự đồng ý của mình bất cứ lúc nào. Ngoài ra, chúng tôi có thể dựa vào các cơ sở pháp lý khác, chẳng hạn như lợi ích hợp pháp, như được liệt kê dưới đây, hoặc bất kỳ cơ sở pháp lý nào khác được phép theo luật về quyền riêng tư hiện hành liên quan đến hoạt động xử lý cụ thể.

Hoạt động xử lý	Loại dữ liệu được sử dụng	Cơ sở pháp lý (nếu có)
Tổ chức và điều hành các sự kiện: quy trình gửi lời mời, nhận được chấp nhận và tham dự các sự kiện của dentsu được quản lý.	Dữ liệu liên hệ, dữ liệu chúng tôi thu thập từ các bên khác, dữ liệu vị trí.	Lợi ích hợp pháp
Tạo khách hàng tiềm năng: chúng tôi có thể sử dụng Dữ Liệu Cá Nhân được thu thập từ khách truy cập và người dùng (các) trang web của chúng tôi, người tham dự sự kiện hoặc liên hệ khách hàng để xác định khách hàng tiềm năng.	Dữ liệu liên hệ, dữ liệu chúng tôi thu thập từ các bên khác, Dữ Liệu Cá Nhân liên quan đến việc bạn sử dụng (các) trang web của chúng tôi.	Lợi ích hợp pháp hoặc Đồng ý (khi bạn cung cấp rõ ràng)
Gửi bản tin và thông tin về thương hiệu/dịch vụ: phân phối nội dung thương mại của dentsu tới khách hàng, đầu mối, người đăng ký.	Dữ liệu liên hệ, dữ liệu chúng tôi thu thập từ bên thứ ba, dữ liệu vị trí, dữ liệu tiếp thị và truyền thông.	Đồng ý
Quản lý mối quan hệ của chúng tôi với bạn: xử lý các chi tiết liên hệ cơ bản của khách hàng và nhà cung cấp cho mục đích quan hệ, tài khoản và/hoặc quản lý dự án.	Dữ liệu liên hệ, dữ liệu vị trí, dữ liệu tiếp thị và truyền thông, Dữ Liệu Cá Nhân kỹ thuật	Sự cần thiết trong hợp đồng
Sắp xếp và quản lý các chuyến thăm văn phòng: lưu hồ sơ phù hợp về khách đến và các sự cố có thể xảy ra.	Dữ liệu liên hệ, dữ liệu vị trí	Lợi ích hợp pháp
Để đảm bảo (các) trang web của chúng tôi luôn phù hợp và hữu ích: chúng tôi tiến hành phân tích thống kê về việc bạn sử dụng (các) trang web của chúng tôi, ví dụ: để cho phép chúng tôi cải thiện (các) trang web của mình, cung cấp các tính năng và tài liệu mới.	Dữ Liệu Cá Nhân liên quan đến việc bạn sử dụng (các) trang web của chúng tôi, Dữ Liệu Cá Nhân được xử lý thông qua các phương tiện tự động, Dữ Liệu Cá Nhân kỹ thuật.	Lợi ích hợp pháp (nghiên cứu cách khách hàng sử dụng dịch vụ, tương tác nội dung, phát triển dịch vụ, phát triển kinh doanh, định hướng tiếp thị) khi luật cho phép.
Đảm bảo (các) trang web của chúng tôi luôn an toàn: quá trình này chống lại hoạt động web độc hại và chặn quyền truy cập vào (các) trang web của chúng tôi vi phạm chính sách doanh nghiệp. Dịch vụ lọc web đám mây và điểm cuối.	Dữ Liệu Cá Nhân liên quan đến việc bạn sử dụng (các) trang web của chúng tôi, Dữ Liệu Cá Nhân kỹ thuật.	Lợi ích hợp pháp
Phản hồi thắc mắc/ý kiến: cập nhật thay đổi điều khoản/chính sách.	Tất cả Dữ Liệu Cá Nhân chúng tôi thu thập có thể có liên quan.	Lợi ích hợp pháp hoặc cần thiết cho hợp đồng
Phản hồi và quản lý các yêu cầu về quyền của chủ thể dữ liệu: quá trình phản hồi các yêu cầu về quyền của chủ thể dữ liệu như yêu cầu truy cập của chủ thể dữ liệu, yêu cầu xóa dữ liệu, yêu cầu chọn không tham gia loại xử lý cụ thể và các loại khác, theo yêu cầu pháp lý theo luật bảo vệ dữ liệu có liên quan.	Tất cả Dữ Liệu Cá Nhân chúng tôi thu thập có thể có liên quan.	Nghĩa vụ pháp lý.
Phân tích và cải thiện dịch vụ: tận dụng tương tác để nâng cao chất lượng.	Dữ Liệu Cá Nhân liên quan đến việc bạn sử dụng (các) trang web, email, tên, điện thoại, tên công ty, chức danh công việc của chúng tôi.	Lợi ích hợp pháp hoặc Đồng ý khi dùng cookie
Để duy trì và cập nhật hồ sơ của mình: chúng tôi được yêu cầu cập nhật hồ sơ để đảm bảo chúng tôi có thể hoạt động hiệu quả và hiệu quả với tư cách là một doanh nghiệp.	Dữ liệu liên hệ, dữ liệu vị trí, dữ liệu tiếp thị và truyền thông.	Lợi ích hợp pháp hoặc nghĩa vụ pháp lý
Bảo vệ quyền lợi pháp lý/giải quyết khiếu nại: xử lý khiếu nại từ cơ quan quản lý/cá nhân, tố giác liên quan đến quản lý dữ liệu.	Tất cả Dữ Liệu Cá Nhân chúng tôi thu thập có thể có liên quan.	Nghĩa vụ pháp lý hoặc Lợi ích hợp pháp
Để tạo điều kiện thuận lợi cho việc mua lại và mua lại tiềm năng của doanh nghiệp của chúng tôi, bao gồm bất kỳ hoạt động chuyển tiếp và tích hợp kinh doanh nào có liên quan.	Tất cả Dữ Liệu Cá Nhân chúng tôi thu thập có thể có liên quan.	Lợi ích hợp pháp

3. Thời gian lưu giữ Dữ Liệu Cá Nhân

Chúng tôi sẽ lưu giữ Dữ Liệu Cá Nhân của bạn trong thời gian cần thiết cho dịch vụ liên quan, phù hợp nghĩa vụ pháp lý. Sau thời hạn này, Dữ Liệu Cá Nhân sẽ được xóa an toàn hoặc ẩn danh để sử dụng cho mục đích phân tích. Bạn có thể yêu cầu thêm thông tin về thời hạn lưu giữ qua các thông tin liên hệ trong thông báo này, hoặc yêu cầu xóa dữ liệu theo các quyền được nêu dưới đây.

4. Cách chúng tôi bảo mật Dữ Liệu Cá Nhân

Chúng tôi duy trì các biện pháp bảo vệ tổ chức và công nghệ phù hợp để chống sử dụng trái phép, truy cập trái phép hoặc mất mát, thay đổi, phá hủy dữ liệu một cách tình cờ, dù ở dạng vật lý hay điện tử. Chúng tôi cũng yêu cầu các nhà cung cấp dịch vụ và bên thứ ba được phê duyệt lưu trữ/xử lý dữ liệu thay mặt chúng tôi tuân thủ tương tự. Tùy trường hợp, các biện pháp có thể gồm tường lửa, kiểm thử xâm nhập, quét lỗ hổng, mã hóa, và kiểm soát truy cập hệ thống CNTT.

5. Chia sẻ và tiết lộ thông tin

Bất cứ khi nào chia sẻ Dữ Liệu Cá Nhân, quyền truy cập được kiểm soát theo nhu cầu cần biết và chỉ cung cấp khi cần để thực hiện dịch vụ bạn yêu cầu hoặc để chúng tôi thực hiện các chức năng cần thiết/hợp pháp.

Chúng tôi chỉ chuyển Dữ Liệu Cá Nhân ra ngoài thị trường nơi bạn đang ở khi đảm bảo có mức bảo vệ đầy đủ về tính toàn vẹn và an ninh dữ liệu, phù hợp luật bảo vệ dữ liệu áp dụng. Điều này có thể dựa trên hợp đồng với bên nhận hoặc vì nơi đặt bên nhận có luật bảo vệ dữ liệu nghiêm ngặt hơn nơi dữ liệu được thu thập/nhận.

Chúng tôi rất coi trọng bảo vệ dữ liệu nội bộ. Nhân viên và các công ty dịch vụ do chúng tôi thuê đều bị ràng buộc bằng hợp đồng về bảo mật và tuân thủ quy định bảo vệ dữ liệu.

Thông tin chia sẻ với nhà cung cấp dịch vụ bên thứ ba

Chúng tôi sử dụng nhiều bên thứ ba để thực hiện các chức năng kinh doanh như gửi bản tin, lưu trữ dịch vụ trực tuyến và quản trị quan hệ khách hàng. Chúng tôi chỉ tiết lộ thông tin cần thiết để họ thực hiện dịch vụ, và họ phải tuân thủ chỉ dẫn của chúng tôi theo hợp đồng. Chúng tôi có thể chia sẻ thông tin với các bên hỗ trợ hoạt động tiếp thị, gồm nền tảng mạng xã hội, mạng quảng cáo, công ty công nghệ quảng cáo. Ví dụ, chúng tôi có thể chia sẻ email hoặc thông tin liên hệ với nền tảng mạng xã hội để họ hiển thị quảng cáo của chúng tôi cho bạn. Dữ liệu nhận được bởi đối tác có thể chịu sự điều chỉnh của chính sách quyền riêng tư và công cụ họ cung cấp để bạn quản lý việc sử dụng dữ liệu cho mục đích quảng cáo.

Chuyển giao trong nội bộ tập đoàn:

Dentsu International là một tập đoàn truyền thông hoạt động toàn cầu gồm nhiều công ty. Do đó, đôi khi chúng tôi có thể tiết lộ Dữ Liệu Cá Nhân trong nội bộ tập đoàn. Khi chuyển dữ liệu giữa các công ty trong nhóm, chúng tôi sử dụng Thỏa thuận Chuyển giao Dữ liệu Nội bộ nhằm tạo cơ chế chuyển dữ liệu toàn cầu khi cần. Chúng tôi cũng có thể tiết lộ Dữ Liệu Cá Nhân cho bất kỳ đơn vị kế thừa nào của toàn bộ hoặc một phần hoạt động kinh doanh, ví dụ khi bán một phần doanh nghiệp, danh sách khách hàng có thể được chuyển giao.

Thông tin chia sẻ với các bên khác:

Khi pháp luật yêu cầu hoặc cho phép, Dữ Liệu Cá Nhân có thể được cung cấp cho các bên như cơ quan quản lý, thực thi pháp luật, ví dụ theo lệnh tòa, trát đòi, yêu cầu của cơ quan chức năng, hoặc khi chúng tôi tin cần điều tra, ngăn chặn, xử lý hoạt động bất hợp pháp, và các trường hợp pháp luật khác yêu cầu.

Chúng tôi cũng có thể thu thập Dữ Liệu Cá Nhân từ các bên nêu trong mục này.

Bạn có thể yêu cầu thêm thông tin về biện pháp áp dụng cho các chuyển giao như vậy qua thông tin liên hệ trong Thông báo này.

6. Quyền của bạn

Tùy theo luật quyền riêng tư tại thị trường của bạn, bạn có thể có một số quyền đối với Dữ Liệu Cá Nhân, bao gồm:

• Phản đối việc chúng tôi xử lý Dữ Liệu Cá Nhân của bạn. Khi chúng tôi dựa trên lợi ích hợp pháp (của chúng tôi hoặc bên thứ ba) và bạn cho rằng điều đó ảnh hưởng đến quyền và tự do cơ bản của mình, bạn có thể phản đối. Bạn cũng có quyền phản đối khi Dữ Liệu Cá Nhân của bạn được dùng cho tiếp thị trực tiếp hoặc lập hồ sơ. Bạn có thể phản đối bất cứ lúc nào và chúng tôi sẽ dừng xử lý dữ liệu bị phản đối, trừ khi chúng tôi chứng minh có căn cứ hợp pháp thuyết phục để tiếp tục.
• Truy cập Dữ Liệu Cá Nhân của bạn. Theo yêu cầu, chúng tôi có thể phải cung cấp thông tin chúng tôi nắm giữ về bạn, gồm mô tả, bản sao Dữ Liệu Cá Nhân và lý do xử lý, trừ khi có ngoại lệ hợp pháp. Chúng tôi sẽ yêu cầu bạn xác minh danh tính trước khi cung cấp.
• Yêu cầu cung cấp Dữ Liệu Cá Nhân của bạn cho bên thứ ba. Bạn có thể yêu cầu chúng tôi cung cấp cho bạn hoặc bên thứ ba mà bạn đã chọn, Dữ Liệu Cá Nhân của bạn ở định dạng có cấu trúc, thường được sử dụng, có thể đọc được bằng máy. Quyền này chỉ áp dụng cho Dữ Liệu Cá Nhân mà bạn đã cung cấp cho chúng tôi; và nếu bạn đã đồng ý cho chúng tôi sử dụng hoặc khi chúng tôi sử dụng Dữ Liệu Cá Nhân để thực hiện hợp đồng với bạn.
• Yêu cầu xóa Dữ Liệu Cá Nhân của bạn.  Bạn có thể yêu cầu xóa khi cho rằng chúng tôi không còn cần dữ liệu. Lưu ý, chúng tôi có thể phải giữ lại một số dữ liệu theo luật và/hoặc vì mục đích kinh doanh hợp pháp; khi đó, chúng tôi sẽ thông báo cho bạn.
• Yêu cầu chỉnh sửa hoặc cập nhật Dữ Liệu Cá Nhân của bạn. Bạn có thể yêu cầu sửa các dữ liệu chưa đầy đủ hoặc không chính xác.
• Yêu cầu hạn chế xử lý Dữ Liệu Cá Nhân của bạn. Trong một số tình huống và tại một số khu vực pháp lý, bạn có thể yêu cầu hạn chế xử lý. Khi đó, chúng tôi có thể tiếp tục lưu trữ nhưng hạn chế xử lý trong thời gian hạn chế có hiệu lực.
• Rút lại sự đồng ý. Khi bạn đã đồng ý cho việc xử lý, bạn có thể rút lại bất cứ lúc nào. Việc rút lại không ảnh hưởng tính hợp pháp của xử lý trước thời điểm rút và không ảnh hưởng quyền của chúng tôi tiếp tục thu thập, sử dụng, tiết lộ Dữ Liệu Cá Nhân khi pháp luật cho phép mà không cần đồng ý. Nếu bạn nhận thông tin tiếp thị từ chúng tôi, bạn có thể rút lại bằng cách nhấn hủy đăng ký trong email.
• Khiếu nại. Chúng tôi sẽ nỗ lực giải quyết mọi khiếu nại. Tuy nhiên, nếu bạn thấy chưa được giải quyết hoặc muốn liên hệ trực tiếp, bạn có thể khiếu nại tới cơ quan bảo vệ dữ liệu địa phương. Ví dụ tại Vương quốc Anh, cơ quan có thẩm quyền là ICO. Nếu bạn cần biết cơ quan địa phương của mình là ai, hãy liên hệ chúng tôi để được cung cấp thông tin.
• Từ chối nhận tiếp thị. Bạn có thể chọn không nhận thông tin tiếp thị từ chúng tôi. Bạn có thể yêu cầu dừng bất kỳ lúc nào bằng cách nhấp “hủy đăng ký” ở cuối thông điệp. Lưu ý, ngay cả khi bạn từ chối tiếp thị, bạn vẫn có thể nhận thông điệp phi tiếp thị, như phản hồi thắc mắc hoặc thông báo về tài khoản hay quan hệ của chúng tôi với bạn.

Khi bạn thực hiện các quyền trên, yêu cầu cần bao gồm thông tin liên hệ và mô tả đủ chi tiết để chúng tôi hiểu, đánh giá và phản hồi. Bạn cũng cần cung cấp thông tin để chúng tôi có thể xác minh hợp lý rằng bạn là người mà chúng tôi đã thu thập Dữ Liệu Cá Nhân (bao gồm thông tin giúp đối chiếu với dữ liệu chúng tôi đang lưu).

Chúng tôi sẽ phản hồi trong thời hạn luật định; nếu cần thêm thời gian, chúng tôi sẽ thông báo lý do và thời gian cần thêm bằng văn bản. Để bảo vệ Dữ Liệu Cá Nhân, chúng tôi chỉ chấp nhận yêu cầu khi xác minh được danh tính hoặc thẩm quyền của bạn và xác nhận dữ liệu liên quan đến bạn. Phương pháp xác minh tùy thuộc loại, độ nhạy và giá trị thông tin, cũng như rủi ro gây hại nếu có truy cập hoặc xóa. Thông thường, xác minh dựa trên việc đối chiếu thông tin định danh bạn cung cấp với dữ liệu chúng tôi có.

Lưu ý, nếu bạn ở thị trường không có các quyền này, chúng tôi có quyền từ chối yêu cầu.

7. Trách nhiệm của chúng tôi đối với Dữ Liệu Cá Nhân thu thập qua liên kết trang web

Thông báo này chỉ áp dụng cho Dữ Liệu Cá Nhân do chúng tôi thu thập. Chúng tôi có cung cấp liên kết trên trang web tới các trang khác, bao gồm mạng xã hội như Facebook, Twitter, LinkedIn, hoặc các trang của thực thể dentsu khác. Khi bạn truy cập các liên kết này, việc bạn sử dụng sẽ chịu sự điều chỉnh của điều khoản sử dụng và thông báo quyền riêng tư áp dụng của trang đó vì thực tiễn dữ liệu của họ nằm ngoài phạm vi thông báo này. Chúng tôi không thể chịu trách nhiệm hay kiểm soát Dữ Liệu Cá Nhân được thu thập bởi bất kỳ trang web bên thứ ba nào, cũng như không chịu trách nhiệm bảo vệ quyền riêng tư đối với bất kỳ thông tin nào bạn cung cấp trên các trang đó.

8. Cập nhật

Thông Báo Quyền Riêng Tư này có thể được cập nhật theo thời gian để tuân thủ các thay đổi pháp luật, thông lệ tốt, thay đổi hoạt động của chúng tôi hoặc cách chúng tôi xử lý Dữ Liệu Cá Nhân. Ngày sửa đổi gần nhất sẽ hiển thị ở đầu trang. Nếu bạn không đồng ý với thay đổi, vui lòng ngừng sử dụng dịch vụ của chúng tôi và không chia sẻ Dữ Liệu Cá Nhân cho chúng tôi. Bạn nên thường xuyên kiểm tra để cập nhật.

9. Liên hệ

Nếu bạn có bất kỳ câu hỏi nào về thông báo này, cách tiếp cận quyền riêng tư của chúng tôi, hoặc muốn thực hiện các quyền nêu trên, bạn có thể liên hệ Nhân sự Bảo vệ Dữ liệu (DPO) theo các cách sau:

• Địa chỉ: Data Protection Officer, Dentsu International, Regent's Place, 10 Triton Street, Regent's Place, London, NW1 3BF
• Email: DPO@dentsu.com
• Hoặc sử dụng thông tin của DPO tại địa phương được nêu trong phần bên dưới (nếu có).