Data protection and data security are important issues when using online services, which is why it goes without saying that we treat your data confidentially and in accordance with legal requirements. This privacy policy is intended to inform users of our website how, to what extent and for what purpose we collect, process and use data.

By using our website, you consent to the collection and processing of your personal data in accordance with this privacy policy and applicable law.

In general, you can use our website without disclosing your personal data.

Some data you disclose yourself when registering for services, e.g. name, address and e-mail address. Other non-personal data is stored due to technical processes, e.g. IP address. You disclose further data insofar as you use certain services, e.g. when you order goods or services in the online store or when you contact us.

For certain services offered on our website, we rely on third-party providers. These third party providers will generally collect, use and disclose your personal data to the extent necessary for them to provide the relevant services to us. However, these third party providers have their own privacy policies over which we have no control. If you agree to Nishi's Terms of Use and Privacy Policy, we will assume that you also agree to the privacy policies of third-party providers.

Except where necessary to provide our services to you, we will not share your (personal) information unless we are required to do so by law.

The personal information collected will be used to provide you with the products or services you have requested, or for other purposes to which you have consented, unless otherwise provided by law.

When you click on links in our online store, they may lead to third-party websites. Nishi has no control over their design or content and assumes no responsibility for the accuracy, completeness, or content of the information provided there. Nishi is also not responsible for the privacy compliance of third party websites.

You have the right to access and amend all personal data stored in our system. If you wish to do so, please contact online@nishijapan.com.

We keep your personal data as long as it is necessary and required by law.

Nishi's website uses "cookies." Cookies are stored on your computer or mobile device when you use one of our web pages. They allow the recognition of the Internet browser to optimize the website and simplify its use. This data is not used to personally identify the visitor to this website.

Most browsers are set to accept cookies automatically. However, you can also deactivate the storage of cookies or set your browser to inform you when cookies are placed. We are happy to point out that if you choose not to accept cookies, you may not be able to use certain services.

Our website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

The provider of our website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

- Browser type and browser version

- Operating system used

- Referrer URL

- Host name of the accessing computer

- Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of illegal use.

If you send us inquiries via e-mail, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

Our website uses the "Google Analytics" service, which is offered by Google Inc. to analyze website usage by you as a user. The service uses "cookies", i.e. text files that are stored on your terminal device and enable data analysis. The information collected by the cookies (including your IP address) is usually transferred to a Google server in the USA and stored there. Google uses this information to evaluate the use of the website, to compile reports on website activity for website operators and to provide other services related to website activity and internet usage. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser. In this case, not all functions of this website can be fully used. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

IP anonymization is used on our website. The IP address of the user is shortened within the member states of the EU and the European Economic Area. This shortening eliminates the personal reference of your IP address. Under the terms of the data sharing agreement that we have concluded with Google Inc., the latter uses the information collected to evaluate website usage and website activity and provides services related to internet usage.

Our website uses the offer of Google Maps. This allows us to display interactive maps directly on the website and enable you to use the map function comfortably. By visiting the website, Google receives the information that you have called up the corresponding sub-page of our website. This happens regardless of whether Google provides a user account through which you are logged in or whether there is no user account. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment to your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right. For more information on the purpose and scope of data collection and processing by Google, as well as further information on your rights in this regard and settings options for protecting your privacy, please visit: https://policies.google.com.

Our website uses the reCAPTCHA service of Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland "Google"). The query is used to distinguish whether the input is made by a human or by automated, machine processing. The query includes the transmission of the IP address and possibly other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other data from Google. Your data may also be transferred to the USA in the process. For data transfers to the USA, there is an adequacy decision of the European Commission, the "Privacy Shield". Google participates in the "Privacy Shield" and has submitted to the requirements. By pressing the query, you consent to the processing of your data. The processing is based on Art. 6 (1) lit. a DSGVO with your consent. You can revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.

For more information about Google reCAPTCHA and the associated privacy policy, please visit: https://policies.google.com.

Our website uses external payment service providers through whose platforms users and we can make payment transactions.

Paypal (https://www.paypal.com)
Payrexx AG (https://www.payrexx.ch)
Stripe (https://stripe.com)

In the context of contract performance, we use the payment service providers on the basis of the Swiss Data Protection Ordinance and, where necessary, Art. 6 para. 1 lit. b. EU-DSGVO. In addition, we use external payment service providers on the basis of our legitimate interests under the Swiss Data Protection Ordinance and, where necessary, Art. 6 para. 1 lit. f. EU-DSGVO in order to offer our users effective and secure payment options.

The data processed by the payment service providers includes inventory data, such as name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, sum and recipient-related information. The information is required in order to carry out the transactions. However, the data entered is only processed by the payment service providers and stored with them. We, as the operator, do not receive any information about (bank) account or credit card, but only information to confirm (accept) or reject the payment. Under certain circumstances, the data is transmitted by the payment service providers to credit agencies. The purpose of this transmission is to verify identity and creditworthiness. In this regard, we refer to the terms and conditions and data protection notices of the payment service providers.

For payment transactions, the terms and conditions and privacy policy of the respective payment service providers apply, which can be accessed within the respective website or transaction applications. We also refer to these for the purpose of further information and assertion of revocation, information and other data subject rights.

We process the data of our customers in accordance with the data protection provisions of the Federal (Data Protection Act, DSG) and the EU-DSGVO in the context of ordering processes in our online store to enable them to select and order the selected products and services, as well as their payment and delivery or processing.

The processed data includes master data (inventory data), communication data, contract data, payment data and the data subjects of the processing include our customers, prospective customers and other business partners. The processing is carried out for the purpose of providing contractual services in the context of operating an online store, billing, delivery and customer service. In this context, we use session cookies, e.g. to store the shopping cart content, and permanent cookies, e.g. to store the login status.

The processing is based on Art. 6 para. 1 lit. b (execution of order transactions) and c (legally required archiving) DSGVO. In this context, the data marked as required are necessary for the justification and fulfillment of the contract. We disclose the data to third parties only in the context of delivery, payment or in the context of legal permissions and obligations. The data is only processed in third countries if this is necessary for the fulfillment of the contract (e.g. at the request of the customer for delivery or payment).

Users can optionally create a user account, in particular by viewing their orders. During the registration process, users are provided with the required mandatory information. User accounts are not public and cannot be indexed by search engines, e.g. Google. If users have terminated their user account, their data relating to the user account will be deleted, insofar as their retention is required for commercial or tax reasons in accordance with Art. 6 para. 1 lit. c DSGVO. Information in the customer account will be retained until its deletion with subsequent archiving in case of a legal obligation. It is the responsibility of the users to save their data in case of termination before the end of the contract.

We use technical security measures to protect your data from, among other things, inappropriate loss, misuse, access, disclosure, alteration or destruction. Please note, however, that data transmission over the Internet may be subject to security vulnerabilities. We can therefore not guarantee full protection against access by third parties.

We reserve the right to change this privacy policy at any time without notice. The current version published on our website will apply. You will be informed of all material changes on this website. If there are any inconsistencies between this Privacy Policy and Nishi's otherwise applicable contractual or business terms, the provisions of this Privacy Policy will prevail.

Responsible for this website and its data processing is:

Nishi Japan AG
Schaffhauserstrasse 120
8057 Zurich, Switzerland

+41 44 363 11 63

online@nishijapan.com

If you have any problems, questions or suggestions, please contact online@nishijapan.com.