Privacy Policy
Asahi UK Limited Privacy Policy
This website is operated by Asahi UK Limited, a member of the Asahi Group Holdings, Ltd. group of companies.
All references to ‘Asahi’, ‘our’, ‘us’ or ‘we’ within this policy are deemed to refer to either Asahi UK Limited or Asahi Group Holdings, Ltd., its subsidiaries, affiliates, and/or associates which provide services to us, as appropriate.
We value the privacy of those who provide personal data to us. This policy applies to our customers, personnel that work for our customers, website visitors, consumers, distributors, our suppliers (and potential suppliers), personnel of such suppliers and contractors. It describes:
- the data identifying you that we collect;
- how we use this data;
- the legal basis upon which we process it;
- with whom it is shared; and
- how it is stored.
This policy also describes other important topics relating to your data and its privacy.
Please read this privacy policy carefully to understand how we handle your personal data.
By accessing or browsing our website, contacting us on social media, working with or for us, offering your goods or services to us, using any of the goods and services that we provide to you or otherwise providing your data to us (including when entering competitions or when attending our events or breweries), you confirm that you have read and understood the entirety of this privacy policy.
The Policy is comprised of the following Sections:
- Data collection
- Use of data
- Legal basis for use of your personal data
- Cookies
- Disclosure of personal data
- Retention of personal data
- Your rights
- Marketing
- Transfers of data
- Security
- Third party websites
- Changes to our Privacy Policy
- Further questions or making a complaint
Data Collection
We may receive some data about you directly from you. However, we may also receive data about you from third parties such as your employer or recruitment agency, retailers where you are a customer, media agencies, market research companies, our suppliers, group companies, public websites, agencies (including booking agents) and public agencies (including customs officials), which we refer to as “Third Party Sources” throughout this policy.
We, or third parties on our behalf, may collect and use any of the following data about you and we refer to this as “personal data” throughout this policy:
- Personal data which you give us (or which we receive from Third Party Sources).
- Data about you:
- your name;
- your job title;
- company name;
- e-mail address;
- your telephone number;
- account information;
- your company’s address;
- your gender;
- your date of birth;
- data provided when you correspond with us;
- any updates to data provided to us; and
- if you attend our sites, CCTV footage.
- Data about you:
Use of Data
We, or our Third Party Sources acting on our behalf, collect, use and store the personal data listed above for the following reasons:
- Visiting our website or, if you are a consumer, using one of our software apps
- to allow you to access and use our website or the app (including to ensure you are of legal drinking age);
- to provide technical support;
- to provide you with the information and services that you request from us;
- to ensure the security of our services, our website and our app;
- to store information about your preferences, and to allow us to customise our website and the app according to your individual interests;
- to recognise you when you return to our website;
- if you are an app user, to recognise your location to enable the app to function by notifying you of bars nearby, to monitor app usage and beer consumption, to carry out market research and understand your preferences and experience at venues selling our products (such as a hotel, bar or restaurant);
- to enable you to participate in our competitions and promotions;
- to process orders which you place for goods or services from us; and
- for improvement and maintenance of our website and the app and preparing reports or compiling statistics in order to improve our goods and services. Such details will be anonymised as far as is reasonably possible and you will not be identifiable from the data collected.
- Receiving goods and services from you
- to enable us to receive and manage services from you (including supplier due diligence, payment and expense reporting and financial audits);
- for health and safety records and management;
- to assess your working capacity (for example, to assess whether you are under the influence of drugs or alcohol and thereby pose a danger to yourself and to others);
- to confirm information on CVs and performance reference checks, to assess you or your employer’s suitability to work for us; and
- for equal opportunities monitoring.
- Providing goods and services to you
- to provide relevant goods or services to you or your employer (including, to confirm and process orders, for administration of your account with us, customer loans, tax and export, billing and debt collection purposes and the collection of bottles (where applicable));
- to deal with any enquiries or issues you have about our goods and services, including any questions you may have about how we collect, store and use your personal data, or any requests made by you for a copy of the data we hold about you. If we do not have a contract with you, we may process your personal data for these purposes where it is in our legitimate interests for customer services purposes;
- to send you certain communications (including by email or post) about our goods and services such as service announcements and administrative messages (for example, setting out changes to our terms and conditions and keeping you informed about our fees and charges);
- to allow you to attend our events or participate in competitions and to send you photos that you have permitted us to take of you;
- for health and safety and quality assurance;
- to carry out statistical analysis and market research; and
- if you have consented or, otherwise, if it is in our legitimate interests, for business development and marketing purposes, to contact you (including by email or post) with information about our products and services which either you request, or which we feel will be of interest to you (including newsletters), but only where you have consented to this.
- For internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development, and to identify and implement business efficiencies.
- To comply with any procedures, laws and regulations which apply to us – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so.
- To establish, exercise or defend our legal rights – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so.
- If you visit one of our sites (including a brewery), for CCTV monitoring and ensuring the security of our staff and visitors, and our and their property.
- If you contact us on social media, to monitor your interactions with us and our brand online, where it is in our legitimate interests to do so for market research and for planning future marketing campaigns.
- If we use your photograph or video footage from an event, to amplify the event to a broader audience and for internal presentation purposes, where it is in our legitimate interests for marketing and business development purposes or where we have your consent.
- If you are a user of our maintenance tracker app, CM/SpinApp, to identify your location when you are providing maintenance services on our draft beer equipment and where it is in our legitimate interests to manage the service requirements of customers.
- If you are a journalist, where it is in our legitimate interests to contact you to invite you to write a news article about our products and services; to invite you to events, send you promotional material and for press releases.
Legal basis for use of your personal data
- We consider that the legal bases for using your personal data as set out in this privacy policy are as follows:
- our use of your personal data is necessary to perform our obligations under any contract with you (for example, to fulfil and order which you place with us, to comply with the terms of use of our website or software app which you accept by browsing our website or by downloading our software app and/or to comply with our contract to provide services to or receive services from you or your employer); or
- our use of your personal data is necessary for complying with our legal obligations (for example, providing information to HMRC); or
- where neither (a) nor (b) apply, use of your personal data is necessary for our legitimate interests or the legitimate interests of others (for example, to ensure the security of our website or our mobile app). Our legitimate interests are to:
- run, grow and develop our business;
- operate our website and our mobile app;
- select appropriately skilled and qualified suppliers;
- ensure a safe working environment for our staff and visitors;
- marketing, market research and business development;
- provide goods and services to our customers, make and receive payment, provide customer services and to know the customer that we are providing services to;
- place, track and ensure fulfilment of orders with our suppliers; and
- for internal group administrative purposes, as described in section 5.1 below.
- We may use your special categories of data where you have provided your consent (which you may withdraw at any time after giving it, as described below).
- In the future, other use of other personal data may be subject to your consent (which can be withdrawn at any time after giving it, as described below). Where this is the case, that need for consent will be identified in this privacy policy.
- If we rely on your consent for us to use your personal data in a particular way, but you later change your mind, you may withdraw your consent by contacting us at data.request@asahibeer.eu and we will stop doing so. However, if you withdraw your consent, this may impact the ability for you to be able to provide services to us (for example, if those services require health assessments that involve use of your special categories of data) or for us to provide services to you.
Cookies
- Some pages on our website and mobile apps use cookies, which are small files placed on your internet browser when you visit our website, mobile apps or use our apps. We use cookies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences.
- Where we use cookies on our website, you may block these at any time. To do so, you can activate the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website or to use all the functionality provided through our website.
- We use some or all of the following types of cookies and similar tools on the Websites:
Strictly Necessary
These cookies are used to ensure the website functions correctly. No personally identifiable information is stored.
Website Analytics
We use analytical cookies to measure usage and traffic on the website.
Marketing & Tracking
Sometimes we use Google and Facebook cookies to track users interacting with our services on this website, and elsewhere online. This data is not used for targeted advertising.
Overview of all cookies and similar tools that we use on the Websites, together with the respective storing period and description of their function can be found in the following table:
Name of the cookies, Type of the cookies, Expiration of the cookie, Description of the function of the cookies
- csrftoken, Necessary, 1 year, This cookie is associated with Django web development platform for python. Used to help protect the website against Cross-Site Request Forgery attacks.
- asahi_territory, Functional, Session, This cookie is used by the website for storing the location selected by the user.
- django_language, Functional, Session, This cookie is used by the website for storing the language for the user (inferred from the location selected)
- sessionid, Functional, 14 days, This cookie is used to identify a user session.
- _ga, Website analytics (Google Analytics), 2 years, The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
- _gid, Website analytics (Google Analytics), 1 day, Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
- _gat_gtag_UA_*, Website analytics (Google Analytics), 1 minute, Google Analytics sets this cookie to store a unique user ID.
- _ga_*, Website analytics (Google Analytics), 2 years, Google Analytics sets this cookie to store and count page views.
Disclosure of personal data
- We may share your personal data with any company that is a member of our group which includes our ultimate parent company based in Japan where it is in our legitimate interests to do so for internal administrative purposes (for example, ensuring consistent and coherent delivery of services to our customers, corporate strategy, compliance, auditing and monitoring, research and development and quality assurance). We may also share your personal data with our group where they provide products and services to us, such as information technology systems.
- We will share your personal data with the following categories of third parties:
- our service providers and sub-contractors, including but not limited to payment processors, suppliers of technical and support services, insurers, logistic providers, and cloud service providers;
- your employer or recruitment agency;
- retailers, where you are a customer;
- public agencies (including customs officials);
- occupational health assessment providers and medical professionals undertaking drug and alcohol testing (where applicable);
- companies that assist us in our marketing, advertising and promotional activities; and
- analytics and search engine providers that assist us in the improvement and optimisation of our website and our software apps.
Any third parties with whom we share your personal data are limited (by law and by contract) in their ability to use your personal data for any purpose other than to provide services for us. We will always ensure that any third parties with whom we share your personal data are subject to privacy and security obligations consistent with this privacy policy and applicable laws.
- We will also disclose your personal data to third parties:
- where it is in our legitimate interests to do so to run, grow and develop our business:
- if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if substantially all of Asahi’s or any of its affiliates’ assets are acquired by a third party, in which case personal data held by Asahi will be one of the transferred assets;
- where it is in our legitimate interests to do so to run, grow and develop our business:
- We may also disclose and use anonymised, aggregated reporting and statistics about users of our website and apps or our goods and services and from interactions with us and our brands on social media for the purpose of internal reporting or reporting to our group or other third parties, and for our marketing and promotion purposes. None of these anonymised, aggregated reports or statistics will enable our users to be personally identified.
- Save as expressly detailed above, we will never share, sell or rent any of your personal data to any third party without notifying you and, where necessary, obtaining your consent. If you have given your consent for us to use your personal data in a particular way, but later change your mind, you should contact us and we will stop doing so.
Retention of personal data
We keep your personal data for no longer than necessary for the purposes for which the personal data is processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
Your rights
- You have certain rights in relation to your personal data. If you would like further information in relation to these or would like to exercise any of them, please contact us by email at data.request@asahibeer.eu at any time. You have the right to request that we:
- provide access to any personal data we hold about you;
- update any of your personal data which is out of date or incorrect;
- delete any personal data which we are holding about you;
- restrict the way that we process your personal data;
- prevent the processing of your personal data for direct-marketing purposes;
- provide, or not provide, your personal data to a third party provider of services;
- provide you with a copy of any personal data which we hold about you; or
- consider any valid objections which you have to our use of your personal data.
- We will consider all such requests and provide our response within a reasonable period (and in any event any time period required by applicable law). Please note, however, that certain personal data may be exempt from such requests in certain circumstances.
- If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
Marketing
- We may collect and use your personal data for undertaking marketing by email, software app, telephone and post.
- We may send you certain marketing communications (including electronic marketing communications to existing customers) if it is in our legitimate interests to do so for marketing and business development purposes.
- However, we will always obtain your consent to direct marketing communications where we are required to do so by law and if we intend to disclose your personal data to any third party for such marketing.
- If you wish to stop receiving marketing communications, you can contact us by email at data.request@asahibeer.eu at any time.
Transfers of personal data
- The personal data may be used, stored and/or accessed by staff operating outside the EEA working for us, other members of our group or Third Party Sources. This may be for the purposes listed in section 2 above, the provision of our services to you or your employer, the receipt of services from you or any of our Third Party Sources, the processing of transactions and/or the provision of support services. Further details on to whom your personal data may be disclosed are set out in section 5 above.
- If we provide any personal data about you to any such non-EEA members of our group or Third Party Sources, we will take appropriate measures to ensure that the recipient protects your personal data adequately in accordance with this Privacy Policy. These measures include, but are not limited to:
- in the case of US based entities, entering into European Commission approved standard contractual arrangements with them, or ensuring they have signed up to the EU-US Privacy Shield (see further https://www.privacyshield.gov/welcome); or
- in the case of entities based in other countries outside the EEA (including Japan), entering into European Commission approved standard contractual arrangements with them.
- Further details on the steps we take to protect your personal data, in these cases is available from us on request by contacting us by email at data.request@asahibeer.eu at any time.
Security
- Asahi is committed to protecting personal data from loss, misuse, disclosure, alteration, unauthorised access, unavailability and destruction and takes all reasonable precautions to safeguard the confidentiality of personal data, including through use of appropriate organisational and technical measures. Organisational measures include physical access controls to our premises, staff training and locking physical files in filing cabinets. Technical measures include use of encryption, passwords for access to our systems and use of anti-virus software.
- In the course of provision of your personal data to us, your personal data may be transferred over the internet. Although we make every effort to protect the personal data which you provide to us, the transmission of information over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to our website and that any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access to it.
- Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Third party websites
Our website, mobile apps and social media pages may, from time to time, contain links to websites operated by third parties including partner networks and our group companies. Please note that this privacy policy only applies to the personal data that we collect through our website, apps and social media pages or which we receive from Third Party Sources, and we cannot be responsible for personal data about you that is collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal data to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third party websites or third party terms and conditions or policies.
Changes to our privacy policy
We may update our privacy policy from time to time. Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by post or email. Please check back frequently to see any updates or changes to our privacy policy. By continuing to use the services and our website, or to offer and/or provide services to us you are confirming that you have read and understood the latest version of our privacy policy.
Further questions or making a complaint
- If you have any queries or complaints about our collection, use or storage of your personal data, or if you wish to exercise any of your rights in relation to your personal data, please contact data.request@asahibeer.eu. We will investigate and attempt to resolve any such complaint or dispute regarding the use or disclosure of your personal data
- You may also make a complaint to the data protection authority in the European Union country where we are based or where we process personal data that relates to offering goods or service to you in the European Union. If you are unsure which data protection authority to contact, please contact data.request@asahibeer.eu who will advise you. Alternatively you may seek a remedy through local courts if you believe your rights have been breached.
The practices described in this privacy policy statement are current personal data protection policies, as of 1 January 2018.