eve autonomy, Inc. (Address: 3001-10 Kuno, Fukuroi-shi, Shizuoka Prefecture 437-0061, Japan; hereinafter referred to as “We”) believes that the appropriate handling and protection of personal information collected from users in the development of automated transport solutions and other related business activities is an important social responsibility. We will properly handle and protect any acquired personal information in accordance with this basic policy regarding the protection of personal information (hereinafter referred to as “this policy”).
1. Definition of “personal information” and “personal data”
（1）Personal information refers to information relating to a living individual and falling under any of the following categories. (a)Information that can identify a specific individual by name, date of birth, telephone number, e-mail address, or other description contained in the information (b)Information that cannot identify a specific individual by itself, but can be easily cross-checked with other information to identify a specific individual (c)Information that contains a personal identification code (Article 2, Paragraph 2 of the Act on the Protection of Personal Information (hereinafter referred to as the “Personal Information Protection Law”))
（2）Personal data refers to the personal information contained in personal information databases, etc. (Article 2, Paragraph 4 of the Personal Information Protection Law)
2. Purpose of acquisition and use of personal information
（2）In the event that it becomes necessary to use the personal information of a user for purposes other than those described in the preceding paragraph, except in any of the following cases, we will inform the user of the purpose of use and obtain prior consent of the user before using their information. (a) When it is necessary for the protection of the life, body, or property of an individual, and it is difficult to obtain the consent of the user (b) When it is notably necessary to improve public health or promote the healthy development of children, and it is difficult to obtain the consent of the user (c) When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either a national agency or local government to execute affairs stipulated by laws and regulations, and obtaining the user’s consent is likely to impede the execution of such affairs (d) When in accordance with laws and regulations
（3）Except for the cases listed in each item of Article 17, Paragraph 2 of the Personal Information Protection Law, we will not acquire any sensitive personal information (Article 2, Paragraph 3 of the Personal Information Protection Law) without obtaining prior consent of the user.
3. Provision to third parties
（1）In the following cases, we may provide the personal data of users to our contractors or other third parties (excluding third parties located in foreign countries; the same shall apply hereinafter in this paragraph). (a)When the user has given their consent(b)When disclosure of personal information is requested by a court, public prosecutor’s office, police, tax office, bar association, or other organization with equivalent authority (c)When disclosing personal information to a financial institution, credit card company, settlement agent, or other business entity that settles or acts on our behalf in order to pay fees or other amounts owed to us(d)When disclosing personal information to the successor of a business in the event of a merger, transfer of business, or other such event(e)When permitted under the Personal Information Protection Law or other laws and regulations(f)When otherwise separately prescribed for individual services provided by us
（2）In cases other than the above, we may disclose the user’s personal data (excluding sensitive personal information; the same shall apply hereinafter in this paragraph) within the following scope to third parties (excluding third parties located in foreign countries; the same shall apply hereinafter in this paragraph) after notifying the Personal Information Protection Commission.(a)Items of personal data to be provided to third parties pursuant to this paragraph: All personal information of the user, unless otherwise requested by the user(b)Method of provision to third parties pursuant to this paragraph: Paper, electronic data transmission, delivery in the form of external storage media, or server access(c) Method of requesting suspension of provision pursuant to this paragraph: When a user personally requests that we stop providing their personal information to third parties in accordance this paragraph, we will stop providing personal data that identifies the user to third parties without delay in accordance with laws and regulations. Contact the “eve autonomy Personal Data Disclosure Consultation Desk” listed below for information on how to request that we cease to provide personal data to third parties.
（3）eve autonomy may provide the personal data of users to third parties in foreign countries in any of the following cases. (a)When the user has given prior consent for the provision of their personal data to third parties in foreign countries(b)hen the personal data is provided to third parties in foreign countries that implement, in an appropriate and reasonable manner, measures for the handling of personal data in accordance with the provisions of Chapter 4, Section 1 of the Personal Information Protection Law, and we have been guaranteed the implementation of such measures (c)When the personal data is such that the individual user cannot be identified(d)When any of cases (a) through (d) under (2) of section 2 above applies
4. Joint use
We may jointly use personal information in accordance with the following:
（1）Scope of joint users (the following companies within our group) Yamaha Motor Co., Ltd. and TIER IV, Inc.
（2）Purpose of use by the parties using the information (a)To provide various services based on automated transport solutions(b)To conduct sales activities, provide after-sales service, and respond to inquiries and complaints related to (a) above(c)To provide personal information and personal data to third parties with an aim to achieve the above purposes of use
（3）Items of personal information to be jointly used: Name, date of birth, address, telephone number, e-mail address, company name, etc.
（4）Party responsible for the management of personal information: eve autonomy, Inc.
5. Implementation of security control measures
（1）We will properly manage personal information by implementing necessary and appropriate organizational, personnel, technical, and physical security control measures to prevent unauthorized access to personal information as well as the loss, tampering with, or leakage of personal information.
（2）We will enter into an outsourcing agreement that includes a confidentiality clause with our outsourcing partners, and will strive to ensure that the users’ personal information is handled and protected appropriately in order to prevent leakage, re-provision or disclosure to third parties, or use outside the scope of the purposes of use described in (1) of section 2 above.
6. Disclosure, correction, addition, deletion, suspension of use, elimination, and suspension of provision to third parties of personal information and personal data
If you wish to request disclosure of personal information and personal data, notification of purpose of use, corrections, suspension of use, suspension of provision to third parties, or blurring including anonymization, or if you have any questions about our handling of personal information, please contact us at the following:
[eve autonomy Personal Data Disclosure Consultation Desk]
E-mail address: firstname.lastname@example.org
（2） With respect to preventing leakage of personal information and ensuring accuracy and safety, except in cases where special procedures are stipulated by law, we will, in accordance with laws and regulations, disclose, correct, add, delete, stop using, erase, or stop providing to third parties the personal data of the user only after we conduct necessary investigations without delay and confirm that the request was made by the user themselves.
7. Updating this policy
We may change the contents of this policy from time to time as necessary. Since we will not contact users each time, refer to the latest version of this policy posted on our website for the most up-to-date information.