Privacy Policy

Kikkoman group privacy policy for the European Economic Area. Please read this privacy policy carefully.


The protection of your personal data is of paramount importance to Kikkoman Corporation (the «Company») and our subsidiaries located in the European Economic Area (the «EEA») (together, the «Group of Companies» ). This Privacy Policy (the “Privacy Policy”) is therefore intended to inform you of how the companies of the Group of Companies, as data controller, collect and process the personal data that you provide to us. submit or disclose. We also act as data controller when we process your personal data received or obtained through third parties.
We invite you to read this Privacy Policy carefully. If you do not want us to use your personal data as set out in this Privacy Policy, please do not provide us with your personal data. You will note that, in this case, we may not be able to provide you with our services, you may not have access to certain features of the Website and/or may not be able to use them and your customer experience may be affected. be impacted.
If you have any questions or comments regarding this Privacy Policy, please contact us using the contact details below.


We always process your personal data on the basis of the legal basis required by the GDPR (Articles 6 and 7). In addition, we always process your sensitive personal data, for example, regarding your trade union membership, your religious denominations or your state of health, in accordance with the special rules set out in the GDPR (Articles 9 and 10).
We may collect and process your personal data for the purposes detailed below, which are necessary to be able to guarantee our legitimate interests and provide you with suitable services and products: to offer you products and services
to inform you of our policies and terms and conditions;
to promote safety and security, including by monitoring instances of fraud and investigating suspicious or potentially unlawful activity or violations of our policies or terms and conditions;
to manage our contractual relationship with you;
to provide, improve and develop our products, services and advertising;
to use personal information for purposes including, but not limited to, data analysis, research and verification;
to ensure business continuity;
to ensure that content from our site is presented to you in the most effective manner;
to notify you about changes to our service(s);
to manage your customer account;
Note that you have the right to revoke your consent at any time, without changing the lawfulness of the processing based on your consent before its revocation.
We process your data for these specific, express and legitimate purposes and do not process any other data contrary to these purposes. If we plan to process personal data originally collected for a specific purpose in order to achieve other objectives or purposes, we will ensure that you are aware of this. We keep your personal data for the period necessary to comply with our legal obligations, to provide an appropriate service and to support our commercial activities (Article 5 and 25 (2) GDPR).


For the purposes specified in this Privacy Policy, we process personal data obtained directly from you (when you decide to provide us with this data, namely when you contact us or when you complete forms available on the Website) or indirectly (data provided to us by a third party). We ensure that the personal data processed is suitable, relevant, and limited to the necessary uses, within the framework of the purposes for which they are processed.


We may share your personal data with the companies of the Group of Companies and with third parties, as provided for by the GDPR. When we share your data with a subcontractor, we put in place the useful legal framework to regulate this transfer and this processing (Articles 26, 28 and 29). In addition, when we share your data with a company located outside the EEA, we put in place the relevant legal framework, in accordance with the applicable requirements, in particular the Standard Contractual Clauses between, on the one hand, two data controllers (2004 /915/EC) and, on the other hand, a controller and a processor (2010/87/EU), as approved by the European Commission, in order to regulate these transfers (Articles 44 of the GDPR).

Service providers

We share your personal data with companies that provide services on our behalf, such as hosting, maintenance, support, email, marketing, verification, order processing, payment , data analysis, customer service, and conducting customer research and surveys.

Subsidiaries and operations affecting the company

We may share your personal data with all of the Company’s subsidiaries. In the event of a merger, restructuring, acquisition, joint venture, divestiture, demerger, transfer, sale or other disposition of all or part of our business, including in the context of data.ective or similar proceeding, we may transfer any or part of the personal data to the third party concerned.

Legal compliance and legal certainty

We may be required (by law, legal process, litigation and/or requests from the public and administrative authorities within or outside your country of residence) to disclose your personal data . We may also disclose your personal data if we determine that, for national security, law enforcement or other reasons of public importance, such disclosure is necessary or useful.
We may also disclose your personal data if we have a good faith belief that such disclosure is reasonably necessary to protect our rights and pursue the remedies available to us, enforce our terms and conditions, investigate fraud, or protect our operations or users.

Data Transfers

These disclosures may require the transfer of your personal data outside the European Union to Japan. This transfer may occur for purposes of management by the Company of the employees or of the activity. For each of these transfers, we take care to guarantee an appropriate level of protection of the data transferred, in accordance with the applicable requirements, in particular by subscribing to standard contractual clauses as defined under the terms of European Commission decisions 2001/497/EC, 2002/ 16/EC, 2004/915/EC and 2010/87/EU.
We will not use your personal data for online marketing purposes unless you have expressly consented to such use of your personal data. You can change your marketing preferences at any time by contacting us using the details set out below.


We keep records of all personal data processing, in accordance with the obligations specified in the GDPR (Article 30), whether as controller or as processor. In these records, we report all the information necessary to comply with the GDPR and to collaborate with the supervisory authorities, in accordance with the applicable requirements (Article 31).


We process your personal data in such a way as to guarantee its security, including through measures to protect against unauthorized or unlawful processing, accidental loss, destruction, or deterioration. We use appropriate technical or organizational measures to achieve this level of protection (Article 25 (1) and 32 GDPR).
We retain your personal information for as long as necessary to fulfil the purposes described in this Privacy Policy, except where a longer retention period is required or permitted by law.


In the event of a security breach resulting in accidental or unlawful destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, stored or processed, we have mechanisms and policies in place to identify and assess it without delay. Depending on the outcome of our assessment, we will make the required notifications to supervisory authorities and communications to data subjects, including you, where applicable (Articles 33 and 34 GDPR).


We have mechanisms and policies in place to identify data processing activities that may pose a high risk to your rights and freedoms (Article 35 GDPR). If a data processing activity is identified, we will assess it internally and either terminate it or ensure that the processing complies with the GDPR or that appropriate technical and organizational measures are in place to be able to continue this treatment.
In case of doubt, we will contact the relevant Data Protection Supervisory Authority for advice and recommendations (Article 36 GDPR).


You have the following rights regarding your personal data collected and processed by us.
Information about your processed data: You have the right to obtain from us all required information about our data processing activities that concern you (Articles 13 and 14 GDPR).
Access to personal data: You have the right to obtain confirmation from us as to whether or not personal data relating to you is being processed and, if so, to access personal data and certain information therein. related (Article 15 GDPR).
Rectification or erasure of personal data: You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay and to complete incomplete personal data (Article 15 GDPR). You also have the right to obtain from us the erasure of personal data concerning you, without undue delay, when certain legal conditions apply (Article 17 GDPR).
Limitation of the processing of personal data: You have the right to obtain from us the limitation of the processing of personal data, when certain legal conditions apply (Article 18 GDPR).
Opposition to the processing of personal data: You may be entitled to object, for reasons specific to your particular situation, at any time, to the processing of personal data concerning you, when certain legal conditions apply (Article 21 GDPR).
Portability of personal data: You may be entitled to receive your personal data in a structured, commonly used and machine-readable format and be entitled to transmit this data to another processor, without our doing so. obstacle, when certain legal conditions apply (Article 20 GDPR).
Not to be subject to automated decision-making: You may have the right not to be subject to automated decision-making (including profiling) based on the processing of your personal data, where these decisions produce legal or similar effects on you, where certain legal conditions apply (Article 22 GDPR).
If you intend to exercise these rights, please consult the contact section below. If you are not satisfied with the way we have handled a request or if you have a complaint about the way we process your personal data, you can lodge a complaint with a Data Protection Supervisory Authority.


Our products and services are intended for adult consumers. Therefore, we do not knowingly collect and process any information on minors under the age of sixteen (16). If we become aware that we have collected and processed personal data about a minor under the age of sixteen (16) or the equivalent minimum age depending on the relevant jurisdiction, we will take steps to delete this information as soon as possible. If you know that a minor under the age of sixteen (16) has provided us with personal data, please contact us immediately using the contact details set out below.


We may offer hypertext links from the Website to third party websites or Internet sources. We do not control and are not responsible for the privacy practices or content of third parties. Please read their privacy policies carefully to find out how they collect and process your personal data.


We may modify or update this Privacy Policy from time to time. Changes to this Privacy Policy are effective upon posting of the modified Privacy Policy, via the Services. If we make changes which we believe are significant, we will notify you via the Website, where possible, and seek your consent where appropriate.


For any question or request relating to this Privacy Policy, you can contact us via .