Privacy Policy for AITRIOS™

Last Updated and Effective: [24.08.2023]

For a PDF version of this notice, please contact us in accordance with Section 11 below.

This privacy policy ("Privacy Policy") explains the information collected and processed when you use the following AITRIOS™ websites and/or services (https://www.aitrios.sony-semicon.com/en and https://developer.aitrios.sony-semicon.com/en, hereinafter together "AITRIOS" or "AITRIOS Websites"), whether accessed via computer, mobile device or other technology.

For the avoidance of doubt, for the purpose of this Privacy Policy, if you are in Canada or the United States of America, the controller of your Collected Data is Sony Electronics, Inc. If you are outside of Canada and the United States of America, the controller of your Collected Data is Sony Semiconductor Solutions Corporation.

Please note that, except for the Cookie Policy below, this Privacy Policy does not apply to our Registered Users which are subject to a separate privacy policy, which can be accessed here.

Please read this Privacy Policy carefully. In this Privacy Policy, Sony Electronics, Inc. and Sony Semiconductor Solutions Corporation are hereinafter referred to as “SONY”, “we” or “us”. “SONY Affiliates” mean Sony Group Corporation, which is the ultimate parent company of SONY and any company whose voting rights are directly or indirectly held in the majority by Sony Group Corporation. SONY and SONY Affiliates shall be collectively referred to as “SONY Group”.

Table of Contents

Article 1 What information do we obtain and process?

Article 2 How does SONY use the Collected Data?

Article 3 Who else has access to the Collected Data?

Article 4 Data retention

Article 5 Transfer of the Collected Data internationally

Article 6 Security

Article 7 Cookies and web beacons

Article 8 Children

Article 9 Your choices and rights

Article 10 Changes

Article 11 Contact information

Cookie Policy

Article 1 Use of cookies and web beacons

Article 2 Purpose of use of cookies and web beacons

Article 3 Method for Refusing Cookies and Similar Technology

Article 1 What information do we obtain and process?

We collect and process information or data as described below, some of which may be considered personal data (or its equivalent term) under applicable law in your jurisdiction (collectively, the “Collected Data”), in relation to your use of AITRIOS.

  1. Information you provide to us.

We collect information that you provide to us, such as:

  • Information you provide when you make an inquiry to Sony (the "Inquiries Information"):
    • your basic information (e.g. name, business phone number, email address, or country/region);
    • your company’s information and your professional information (e.g. company name, type of industry, category of business, name of the section you belong to, job position, occupation, company URL);
    • information related to the products you use or are interested in; and
  • any other information you choose to provide to us in connection with your use of AITRIOS that is not covered by the categories above as its processing cannot be anticipated at the moment (the “Communication Data”).
  1. Information we collect automatically.
  • When you browse the AITRIOS Website, we may collect web browsing, network or service usage data, such as browser type, internet service provider (ISP), IP address, referring/exit pages (including application names you use with your account ID), operating system, date/time stamp, and clickstream data (the “Website Usage Data”). In general, this information is collected using digital identifiers such as a device number, browser cookie or your IP address. These identifiers are used to distinguish the information provided by your browser or device from that of another user’s browser or device. Please see our Cookie policy below for further details.

Article 2 How does SONY use the Collected Data?

  1. To operate and provide the features/functions of AITRIOS and related services.
  • We use the Collected Data in order to operate and provide the features/ functions of AITRIOS and related services, such as to:
    • provide customer support and respond to your questions to us (e.g., through our customer services);
    • provide you with the AITRIOS services.
  • If you are located in the European Economic Area (“EEA”), the United Kingdom (“UK”) or Switzerland, please note that the legal bases we rely on for the processing of this data are as follows: legitimate interest to provide the features/functions of AITRIOS and related services.
  1. To optimize, improve and develop current and future products and services of SONY.
    • We use the Collected Data in order to optimize, improve and develop current and future products, services and related operations of SONY (including but not limited to AITRIOS) for example by analyzing your use of AITRIOS or by creating anonymous, aggregated statistics about the use of our websites, products, and services, in order to understand customers preferences regarding our website or products and propose better services based on those statistics.
    • If you are located in the EEA, UK or Switzerland, please note that we do not process your personal data for the purpose presented in this section.
  1. To conduct advertising, promotional, marketing and sales promotion activities.
    • We may use your Collected Data to send you information about our products, services, exhibitions, and events.
    • If you are located in the EEA, UK or Switzerland, the United States of America or Canada, please note that we do not process your personal data for the purpose presented in this section.
  2. To detect, prevent and manage potential security threats.
    • We use the Collected Data for security and legal compliance purposes (including the prevention and detection of fraud as well as authenticating and auditing users). This information may be passed to the police or to other appropriate authorities. If you are located in the EEA, UK or Switzerland, please note that the legal bases we rely on for the processing of this data are as follows: legitimate interest to protect you and our company, systems, employees and partners; legal obligation to cooperate with competent authorities.
  3. Anonymised and aggregate information.
    • We may aggregate and/or anonymise Collected Data in order to de-identify you and no longer link the information to you or your device. We use and share such anonymized data without restriction. The legal basis for anonymising and aggregating Collected Data are our overriding legitimate interest and the overriding legitimate interests of third parties to analyse usage, improve our services and/or to provide product insight to interested third parties.

Article 3 Who else has access to the Collected Data?

The Collected Data may be made available to SONY Affiliates and to other third parties as well as those you choose to share the Collected Data with, as further detailed below:

  1. SONY Affiliates

The Collected Data may be shared with and used by other SONY Affiliates to pursue the activities related to the purposes set out in this Privacy Policy.

  1. Service providers

SONY and SONY Affiliates may use service providers to process the Collected Data on our behalf for the purposes set out in this Privacy Policy (for example to host respective AITRIOS websites). Such service providers include, but are not limited to, IT service providers and data hosting providers. Where we engage service providers to process Collected Data on our behalf, such service providers may only process Collected Data in accordance with our written agreement with them in accordance with applicable data protection law. For further information in relation to such service providers please contact us in accordance with Article 11 below.

  1. Business transfer

In the event that SONY or a SONY Affiliate sells or transfers a portion or all of its business, the Collected Data may be transferred by SONY or such SONY Affiliate to the purchasing or acquiring entity as part of the transaction. In such case we rely on our or a third party’s overriding legitimate interest to sell existing business as a legal basis.

  1. Compliance with law and protection of SONY and others

SONY may disclose Collected Data to third parties including government authorities and law enforcement officials, and auditors and similar external consultants like lawyers and tax advisors if we believe in good faith that it is required by law, regulation or order, or if disclosure is reasonably necessary for us to protect or enforce the rights, property, safety or security of ourselves, you or others.

Article 4 Data retention

SONY will keep the Collected Data for as long as is necessary:

  • for the purposes detailed in Article 2,
  • to protect SONY and SONY Affiliates from legal claims;
  • to administer our business; or
  • to the extent permitted by applicable law, which may require us to hold the relevant Collected Data for specific periods.

We will take steps to anonymize or delete the data when it is no longer needed.

Article 5 Transfer of the Collected Data internationally

The Collected Data may be transferred in accordance with Section 1 and Section 2 to countries/regions outside your country/region of residence, including in particular Japan, in which the privacy laws may not be as comprehensive as those in your home country/region.

Where the Collected Data is transferred out of the EEA, UK or Switzerland, we will:

  • ensure that transfers to such country has been deemed adequate by the UK Government or European Commission or
  • adopt appropriate measures to ensure that your Collected Data will be adequately protected in those countries for instance by adopting the standard contractual clauses published by the European Commission or UK government or otherwise putting in place appropriate safeguards as required under applicable law.

Where the Collected Data is transferred from the EEA or UK to Japan, the adequate level of data protection is confirmed by the European Commission and UK government´s adequacy decision.

If you are located in Japan, please note that we may engage service providers in Japan, Sweden, India, Germany, and the United States of America to perform the service processing and analysis of your Collected Data (This includes cases where such service providers reconsign to a third party). Such service providers include SONY Affiliates, service providers and third- parties involved in transactions with you (and their subcontractors, etc.), as set forth in Paragraphs 1 through 3 of Article 3. We have confirmed that such service providers have established a system that complies with the standards set forth in Japanese Act on the Protection of Personal Information. An outline of the legal system concerning the protection of personal information in the relevant country/region is as follows. https://www.ppc.go.jp/enforcement/infoprovision/laws/

Article 6 Security

SONY Group undertakes reasonable security measures designed to protect against the unauthorized access, loss, misuse or alteration to/of the Collected Data. Although SONY Group strives to protect the Collected Data, SONY Group cannot guarantee or warrant complete security of any Collected Data transmitted to SONY Group through AITRIOS or that SONY Group stores on its systems or that is stored on systems of those third parties contemplated in Article 3.

Article 7 Cookies and web beacons

AITRIOS use industry-wide technologies, such as “cookies” and “web beacons”, to collect information about the use of our websites and email communications. For instance, these technologies may tell us which visitors clicked on key elements (such as links or graphics) on a website or email and recognize your browser the next time you visit AITRIOS. More information about our use of cookies and web beacons can be found in our Cookie Policy below. Please note as mentioned in Article 2 above, currently we are using such technologies only to the extent necessary to be able to provide you with AITRIOS. Hence with regards to cookies and web beacons we or third parties do not collect and process your personal data for any other purposes.

Article 8 Children

We are committed to respecting children's privacy and do not offer AITRIOS or the AITRIOS Website as a product or service to children. AITRIOS is intended for a general audience is not directed to users under the age of 18 or equivalent legal age in their province, territory or country/region.

If you are a parent or guardian and suspect that a child has provided us with personal data please contact us as indicated below in section 11.

Article 9 Your choices and rights

You have certain rights in relation the use of the Collected Data about you. For instance, you can request access to, and amendment/deletion of, the Collected Data we hold about you. We may decline to process requests which are extremely unreasonable/impractical or not required by law, for instance if it is considered necessary in order to detect, prevent and manage security threats or other prohibited activities, and/or protect or enforce the rights, property, safety or security of ourselves or others.

1. Privacy Rights for EEA, UK or Swiss Residents.

If you are located in the EEA, UK or Switzerland, you have the right to submit the following requests under certain conditions of the European data protection laws with regard to your Collected Data:

  • to request access (including a copy of) your Collected Data;
  • to update, correct or delete the processing or restrict (stop any active) processing of your Collected Data;
  • to obtain the Collected Data in a commonly used, machine readable format, and to ask us to share (port) your Collected Data to another controller.
  • In addition, you can object to the processing of your Collected Data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
  • Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to our processing your data, this will not affect any processing which has already taken place at that time. To withdraw your consent for cookies please see our Cookies Policy below.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

We hope that we can assist with queries or concerns you may have about our use of your Collected Data – please see the Contact Information section below for further details. However, you also have the right to complain to a supervisory authority for data protection in the country/region where you live, where you work, or where you consider that a breach of data protection has occurred.

The relevant local supervisory for the EEA may be located on the website of the European Data Protection Board, accessible at https://edpb.europa.eu/about-edpb/about-edpb/members_en#member, and for the UK to the website of the Information Commissioner’s Office, accessible at https://ico.org.uk/global/contact-us. You may under certain circumstances also seek a remedy through local courts, if you believe your rights have been breached.

2. California Notice at Collection.

In addition to the information provided above regarding the categories, sources, uses, and sharing of personal data we collect, we are providing the following additional information to California residents consistent with the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and associated regulations (“CCPA”).

a) Personal Data we collect & purposes for collection.

The following chart describes our practices with regard to the collection and use of your personal data. The categories we use to describe the information are those listed in the CCPA. Certain personal data may fall into multiple categories, and in some circumstances, how we use and the information within each category will vary.

Categories of Personal Data Collected

Business or Commercial Purposes for Collection of Personal Data

Categories of Sources from Which Personal Data Was Collected

Categories of Personal Data Collected

Identifiers

Examples: name, business phone number, address, email

Business or Commercial Purposes for Collection of Personal Data

  • Operate and provide our product and services
  • Communicate with you
  • Optimize, improve and develop our products and services
  • Detect, prevent, and manage potential security threats
  • Legal and compliance purposes

Categories of Sources from Which Personal Data Was Collected

  • Directly from you
  • From third parties


Categories of Personal Data Collected

Personal Data categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

Examples: Address, business telephone number 


Business or Commercial Purposes for Collection of Personal Data

  • Operate and provide our product and services
  • Communicate with you
  • Optimize, improve and develop our products and services
  • Detect, prevent, and manage potential security threats
  • Legal and compliance purposes

Categories of Sources from Which Personal Data Was Collected

  • Directly from you
  • From third parties

Categories of Personal Data Collected

Internet or Other Electronic Network Activity

Examples: computer and connection information, browser type, operating system, page views, traffic to and from the websites, other standard weblog information 

Business or Commercial Purposes for Collection of Personal Data

  • Operate and provide our product and services
  • Communicate with you
  • Optimize, improve and develop our products and services
  • Detect, prevent, and manage potential security threats
  • Legal and compliance purposes

Categories of Sources from Which Personal Data Was Collected

  • Automatically when you use our services

Categories of Personal Data Collected

Professional or employment related information

Examples: Employer name, job title

Business or Commercial Purposes for Collection of Personal Data

  • Operate and provide our product and services
  • Communicate with you
  • Optimize, improve and develop our products and services
  • Detect, prevent, and manage potential security threats
  • Legal and compliance purposes

Categories of Sources from Which Personal Data Was Collected

  • Directly from you
  • From third parties

Categories of Personal Data Collected

Inferences Drawn from Other Information and Consumer Characteristics

Examples: demographics (e.g., gender, age, region, profession or job title)

Business or Commercial Purposes for Collection of Personal Data

  • Operate and provide our product and services
  • Communicate with you
  • Optimize, improve and develop our products and services
  • Detect, prevent, and manage potential security threats
  • Legal and compliance purposes



Categories of Sources from Which Personal Data Was Collected

  • We create when you use our services
  • From third parties

b) Disclosure of Personal Data.

California law also requires us to provide you with information regarding the parties to whom we disclose your information for a business purpose.

Any category of personal data listed above may be disclosed for a business purpose to service providers and contractors, which are companies or individuals that we engage to conduct activities on our behalf. Service providers and contractors are restricted from using personal data for any purpose not related to our engagement.

We are not required to list disclosures that are infrequent or that are not considered sales under the law. Please see “Who Else Has Access to Collected Data” above for more information about how we share your information.

Under the CCPA, a business “sells” personal data when it discloses personal data to a company for monetary or other benefit or “shares” personal data for cross-context behavioral advertising. We do not sell or share personal data collected in connection with the AITRIOS services, therefore we do not offer the right to opt-out of the sale or sharing of personal data.

c) Data retention

We retain all categories of personal data described in this California Privacy Notice for as long as it is reasonably necessary for the purposes outlined in this California Privacy Notice, considering the time period reasonably necessary to: provide the goods or services you request; exercise the choices and rights you have requested; comply with our contractual obligations; comply with applicable legal, regulatory, or other obligations; including litigation holds and agency regulations. Except as noted differently specific pages or apps, we retain your personal data while you have an account with us, or while you are using our products or services or continuing to interact with us.

d) Exercising Your California Consumer Rights

Subject to certain exceptions, as a California resident, you may have the following rights to request: (i) access to your personal data that we maintain; (ii) deletion of your personal data; and (iii) correction of any inaccurate CA Personal Data that we may hold about you. To submit a request to access, delete or correct your data, please use for form available at the following link:

https://privacyportal.onetrust.com/webform/ae4501a4-318f-4210-bddc-9a8bc984c5a6/e006e4a8-bd41-4340-b9d9-863c15a2532e or call us at 1-833-681-9900. We may request additional information to verify your identity or to confirm your request. To the extent that you elect to designate an authorized agent to submit a request on your behalf, you must provide your agent with a valid power of attorney or written permission to act for you. We will take steps to verify the identity of the agent and the agent’s authority to submit your request.

You have the right to opt out of our sale or sharing of your personal data to third parties. As noted above, we do not sell or share personal data.

You have the right to request that we limit use of your sensitive personal information to certain purposes allowed by law. We do not use or disclose sensitive personal data except for the purposes permitted pursuant to CCPA. Therefore, we do not offer this right.

We will not discriminate against you based solely upon you exercising your rights under CCPA.

Article 10 Changes

SONY may revise this Privacy Policy at any time by posting the new Privacy Policy here. You are advised to consult the posted Privacy Policy regularly for any changes.

Article 11 Contact information

If you have any questions or concerns about this Privacy Policy or our use of the Collected Data, please reach out to us via the following contacts:

  1. If you are in the EEA or Switzerland.

Sony Semiconductor Solutions Corporation is the controller for the Collected Data. SONY’s address is 4-14-1 Asahi-cho, Atsugi-shi, Kanagawa, 243-0014, JAPAN. You may contact us at https://developer.aitrios.sony-semicon.com/en/contact-us-en/.

Our representative in the EEA and Switzerland is Sony Europe BV, a Dutch company, whose business address is Taurusavenue 16, 2132LS Hoofddorp, the Netherlands. You can contact our representative in the EEA and Switzerland by emailing: privacyoffice.SEU@sony.com. You can also get in touch by writing to Sony Europe BV at the address above or at The Privacy Office c/o Sony Europe Legal Department, The Heights, Brooklands, Weybridge, Surrey KT13 0XW, The United Kingdom, or you can contact your local Sony company at http://www.sony.eu.

  1. If you are in the UK.

Sony Semiconductor Solutions Corporation is the controller for the Collected Data. SONY’s address is 4-14-1 Asahi-cho, Atsugi-shi, Kanagawa, 243-0014, JAPAN. You may contact us at https://developer.aitrios.sony-semicon.com/en/contact-us-en/.

Our representative in the UK is Sony Europe BV, a Dutch company, whose UK branch has its business address in The Privacy Office, The Heights, Brooklands, Weybridge, Surrey KT13 0XW, The United Kingdom. You can contact our representative in the UK by emailing: privacyoffice.SEU@sony.com. You can also get in touch by writing to The Privacy Office c/o Sony Europe Legal Depart-ment, The Heights, Brooklands, Weybridge, Surrey KT13 0XW, The United Kingdom, or you can contact your local Sony company at http://www.sony.eu.

  1. If you are in the United States of America or Canada.

Sony Electronics Inc. is the controller for the Collected Data. Please contact us by email at privacy@am.sony.com. You may also contact us at Sony Electronics Inc., 16535 Via Esprillo, San Diego, CA 92127.

If you are in Canada, our local representative is Sony of Canada Ltd., 2235 Sheppard Avenue East, Suite 700 Toronto, ON M2J 5B5.

Cookie Policy

Article 1 Use of cookies and web beacons

AITRIOS use industry-wide technologies, such as “cookies” and “web beacons”, to collect information about the use of our websites and email communications. For instance, these technologies may tell us which visitors clicked on key elements (such as links or graphics) on a website or email and recognize your browser the next time you visit AITRIOS.

Article 2 Purpose of use of cookies and web beacons

Currently we are using such technologies only to the extent necessary to be able to provide you with AITRIOS. Hence with regards to cookies and web beacons we or third parties do not collect and process your personal data for any other purposes.

Article 3 Method for Refusing Cookies and Similar Technology

  1. Method for refusing all cookies.

Cookies on your device will remain on the device until you delete it or until the fixed expiration period has elapsed. Almost all browsers are set to automatically accept cookies by default; however, you may disable cookies by changing the browser settings. It should be noted that, if cookies are disabled, some AITRIOS functions may become unavailable, and some pages may no longer display correctly, so please bear this in mind. For example, you may encounter inconveniences such as being unable to log in and access your AITRIOS account.

Please refer to the following URLs for information on the most common browsers, and how to change cookie settings.




Apple Safari


https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac


Google Chrome


https://support.google.com/chrome/answer/95647?visit_id=637985578481482993-2048181811&p=cpn_cookies&hl=en&rd=1


Microsoft Edge


https://support.microsoft.com/en-us/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd


Microsoft Internet Explorer


https://support.microsoft.com/en-us/topic/how-to-delete-cookie-files-in-internet-explorer-bca9446f-d873-78de-77ba-d42645fa52fc


Mozilla Firefox


https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=ja&redirectslug=Cookies

  1. Method for refusing specific cookies.

The method for stopping the provision of information through such cookies is stated on each of the following URLs. However, if you would like to delete all such cookie information, please be aware that you may be subject to restrictions in the use of the products and services provided by each company.





Adobe Systems

Incorporated


URL: 

http://www.adobe.com/jp/privacy/policy.html


URL:

http://www.adobe.com/jp/privacy/opt-out.html


Google Inc.


URL: 

http://www.google.com/intl/ja/policies/privacy/


URL: 

https://support.google.com/analytics/answer/181881?hl=ja&ref_topic=2919631


Salesforce.com, Inc.


URL:

https://www.salesforce.com/company/privacy/


URL:

https://www.salesforce.com/eu/company/privacy/(EU)


Treasure Data, Inc.


URL:

https://www.treasuredata.co.jp/privacy/policy-2/ (Japanese only)


URL:

https://www.treasuredata.com/privacy/

  1. Method for refusing beacons.

As web beacons using JavaScript tags are the same as any other content request included in a web page, you cannot opt out or refuse them. However, you can generally disable web beacons in email messages by not downloading images contained in message you receive, this method is dependent on the function of your email software, and it will not necessarily be the case that beacons are always disabled.

*AITRIOS and AITRIOS logos are the registered trademarks or trademarks of Sony Group Corporation or its affiliated companies.