Date Last Updated: March 12, 2021

DENSO CORPORATION (the “Company”) shall comply with Japanese Act on the

Protection of Personal Information, the law of the EU concerning the protection of Personal

Data including the GDPR and other related laws, ordinances and guidelines and

appropriately handle the Personal Data obtained from the user as follows for the protection

of the Personal Data.

If you are an individual in the European Economic Area (EAA, comprising the European

Union member states as well as Iceland, Liechtenstein and Norway), please read

Addendum for Individuals in EEA for additional information.

If you are a California “consumer” within the meaning of the California Consumer Privacy

Act of 2018, as amended by the California Privacy Rights Act of 2020, please read

Addendum for California Consumer Privacy Act for additional information.

1. Personal Data to Be Processed

The Company shall process (meaning any operation or set of operations which is

performed upon personal data or sets of personal data, whether or not by automated

means, and such operation means acquisition, recording, organization, structuring, storage,

rectification, alteration, recovery, retrieval, consultation, use, disclosure by transmission,

dissemination or otherwise making available, alignment, combination, restriction, erasure or

destruction; hereinafter the same) the Personal Data of the user that you give us through

the service, including but not limited to the following information.

User ID, Nickname, Location information of user (including during background operation),

Use log of NaviCon and NaviBridge application (including location and time of use), and

History of access to Company’s server (including time, IP address and Cookie)

Since it is necessary for the Company to receive such information from the user to provide

the user with the service, the user who cannot provide such information may not use the

service.

2. Legal Basis for and Purpose of Processing Personal Data

We will process your personal data on the following legal bases unless such data

processing would conflict with applicable laws and regulations:

i. Contract. When we need to process your personal data to perform a contract

we enter into with you.

ii. Legal Obligation. When we need to comply with a legal obligation.

iii. Legitimate Interests. When the processing of your personal data is necessary

for the fulfilment of legitimate interests pursued by us or a third party and your

interests and fundamental rights do not override those interests.

iv. Consent. When you have given consent for us to process your personal data.

However, even if we obtain consent from you, we may process your personal

data based on other legal grounds. The withdrawal of your consent shall not

affect the lawfulness of processing performed based on the consent before

your withdrawal.

We use the personal data that we hold about you for the following purposes. We will

only use your personal data to the extent that it is necessary to do so to fulfil the

purposes described below.

i. To provide merchandise or services that you request (based on contract or

legitimate interests)

ii. To improve our merchandise or services we provide to you (based on contract

or legitimate interests)

iii. To provide information and communications; to conduct questionnaires relating

to products, services, various events, campaigns, and similar matters (based

on legitimate interests)

iv. To conduct sales analysis, investigations, and research; to develop new

services and products (based on legitimate interests)

v. To conduct web analytics (see our Cookie Policy)

vi. To ensure compliance with legal obligations (such as record keeping

obligations), export control and customs, compliance screening obligations (to

prevent white-collar or money laundering crimes), and our policies or industry

standards (based on legal obligation or legitimate interests)

vii. To solve disputes, enforce our contractual agreements and to establish,

exercise or defend legal claims (based on legal obligation or legitimate

interests).

You may experience disadvantages if you refuse to provide your personal data, such

as being unable to make use of some of our services.

The Company shall keep the Personal Data of the user as long as it is necessary to provide

the user with the service but promptly erase it if it is no longer necessary.

3. Provision to Third Party

The Company shall provide the companies which the Company entrusts to develop and

operate the service to and ties up with to provide the service or new related service with the

Personal Data of the user for the purpose of accomplishing the purposes of use specified

above.

4. Ensuring of Accuracy

The Company shall endeavor to keep the Personal Data up to date and if it is inaccurate or

insufficient, rectify it.

5. Security

To prevent unauthorized access to Personal Data or divulgence of Personal Data, the

Company evaluates and determines the risk of breach of the Personal Data privacy in a

comprehensive manner after taking into account the category of Personal Data, degree of

sensitivity, influence including economic and mental damage to the user when the Personal

Data privacy is breached, and takes personnel, organizational and technical safety

management measures that are necessary and appropriate according to the risk of breach

of Personal Data privacy, set the process to inspect and correct such safety management

measures as necessary and makes ceaseless efforts to improve security.

6. Access to Personal Data, Rectification, Erasure, Restriction on Processing, Right

of Data Portability

The user may request the Company make the Personal Data concerning the user retained

by the Company available to the user, rectify or restrict the processing of such information

or take procedures for data portability within the scope which is recognized by the laws and

regulations of each county and region. Further, the user shall have the right to raise an

objection to the Company or data protection authority governing the location where the user

resides with respect to the processing of the Personal Data related to the user within the

scope which is recognized by the laws and regulations of each county and region. If the

user requires the procedures for exercising various types of rights granted to the user with

respect to the Personal Data, please contact us at the following e-mail address.

navicon@jp.denso.com

7. Amendment to Privacy Policy

The Company may amend the privacy policy at any time. If the Company amends this

8. Company’s Policy for Children

The Company makes sure to obtain the consent of a guardian when obtaining Personal

Data from the user under 16 years of age. The Company shall request the user under 16

years of age ask his/her guardian to give consent after his/her guardian has confirmed the

details of the privacy policy without fail, but shall not request the user himself/herself give

consent, before using the service. Further, if a guardian or other person finds the user

under the age of 16 who consents to the privacy policy and uses the service without

obtaining the confirmation and consent of his/her guardian, please notify the Company at

the following contact point.

9. Inquiries

If the user has any matter for consultation or question with respect to the privacy policy or

the processing of the Personal Data by the Company, or request with respect to the access

to, rectification or erasure of the Personal Data, restriction on processing or right of data

portability, please contact the Company at the following website.

navicon@jp.denso.com

10. Administrator and Representative

The Company determines the purposes of use and method of processing of the Personal

Data of the user. The contact information of the Company is as follows.

DENSO CORPORATION

1-1, Showa-cho, Kariya, Aichi, Japan

navicon@jp.denso.com