Shimadzu Scientific Instruments (also referred to in this document as "SSI", “we”, “our” and “us”) recognizes the importance of personal information, and we consider it our obligation to properly protect personal information that we may acquire. Please read this Privacy Policy (“Policy”) carefully as it contains important information on who we are, how and why we collect, store, use, and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal information about you. When we do so we are subject to various laws in the United States and the General Data Protection Regulation which applies across the European Union (including in the United Kingdom), and we are responsible as “controller” of that personal information for the purposes of those laws.

Throughout the Policy, “personal information” refers to any information that identifies you (either alone or together with other information) as an individual or relates to an identifiable individual, such as name, address, email address, phone number, etc. This Policy covers the collection, treatment and use of personal information gathered by us from customers, suppliers and other entities with which we do business.

WE DO USE COOKIES in connection with the collection and use of personal information. For information on how we use cookies, see our Cookie Policy web page.

If you had consented to using cookies for our website and would like to opt-out of using cookies, then please click here to disable cookies for our website.

Please note that this Policy does not apply to third parties or their websites that you may access from our website. Such links are provided solely for your convenience. We do not control, and are not responsible for, what third parties do in connection with their websites or handle your personal information. You should exercise caution and consult the privacy policy on each third-party website for further information.

If you do not agree with this Policy in general, or any part of this Policy, you should not access our website. Therefore, please carefully review the Policy to ensure that you are aware of our policies and procedures.

Personal Information We Collect About You

We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you:

 Categories of Personal Information We Collect
Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers).
Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, physical characteristics or description, address, telephone number, education, employment, employment history, bank account number, credit card number or debit card number.
Characteristics of protected classifications under California or federal law.
Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies).
Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement).
Geolocation data.
Professional or employment-related information.
Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

This personal information is required to provide products and/or services to you. If you do not provide personal information we ask for, it may delay or prevent us from providing products and/or services to you.

How Your Personal Information is Collected

We collect most of this personal information directly from you—in person, by telephone, text or email and/or via our website. However, we may also collect information:

  • From publicly accessible sources (e.g., property records);
  • Directly from a third party (e.g., sanctions screening providers, credit reporting agencies, or customer due diligence providers);
  • From a third party with your consent;
  • From cookies on our website (See COOKIES POLICY); and
  • Via our IT systems, including: (a) Door entry systems; and (b) automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV access control systems, communications systems, email and instant messaging systems.

We may enhance or merge your personal information with data obtained from third parties for the same purposes for which we use your personal information that you provide to us.

How We Use Your Personal Information

It is in our legitimate interests to collect personal information so that we may be responsive to you, ensure that our products and operations function properly and to provide you with our services. Below we explain more specifically how we will use your personal information and our reasons for doing so:

  • To provide products and/or services to you;
  • To prevent and detect fraud against you or us;
  • Conducting checks to identify our customers and verify their identity, screening for financial and other sanctions or embargoes and other processing necessary to comply with professional, legal and regulatory obligations that apply to our business (e.g., under health and safety regulations);
  • Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies.
  • Ensuring business policies are adhered to (e.g., policies covering security and internet use);
  • Operational reasons such as improving efficiency, training and quality control;
  • Ensuring the confidentiality of commercially sensitive information;
  • Statistical analysis to help us manage our business (e.g., in relation to our financial performance, customer base, product range or other efficiency measures;
  • Preventing unauthorized access and modifications to systems;
  • Updating and enhancing customer records;
  • Statutory and regulatory obligations;
  • Ensuring safe working practices, staff administration and assessments;
  • Marketing our services to: (a) existing and former customers; (b) third parties who have previously expressed an interest in our services; and/or (c) third parties with whom we have had no previous dealings; and
  • External audits and quality checks.

The above does not apply to special category personal information, which we will only process with your explicit consent.

Marketing Communications

To the extent permitted by applicable laws, we may use your personal information to send you updates by email, telephone or post about our products and/or services, including exclusive offers, promotions or new products and/or services.

However, where consent is needed to engage in such activities, we will ask for this consent separately and clearly. You have the right to opt out of receiving promotional communications at any time by using the “unsubscribe” link in emails.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.

 

Website Tracking

 

We use the LinkedIn Insight Tag, which is a web analytics tool, to help us understand how users engage with our Website. Like many services, the LinkedIn Insight Tag tracks your movement through our site (i.e. the pages you have seen and the links you have clicked on) and helps us measure how you interact with the content that we provide. This information is used to compile reports and to help us improve our Website. The reports disclose website trends without identifying individual visitors. You can learn more about the LinkedIn Insight Tag by going to https://www.linkedin.com/help/lms/answer/a427660.

We use Hubspot, which is a web analytics tool, to help us understand how users engage with our Website. Like many services, Hubspot tracks your movement through our site (i.e. the pages you have seen and the links you have clicked on) and helps us measure how you interact with the content that we provide. This information is used to compile reports and to help us improve our Website. The reports disclose website trends without identifying individual visitors. You can learn more about Hubspot’s practices by going to https://knowledge.hubspot.com/account/how-does-hubspot-track-visitors.

Demandbase

We use the Demandbase Tag, which is a web analytics tool, to help us understand how users engage with our Website and their interest in our products and services. Like many web services, the Demandbase Tag tracks your movement through our site (i.e. the pages you have seen and the links you have clicked on) and helps us measure how you interact with the content that we provide. This information is used to compile reports and to help us improve our Website, provide more targeted advertisement, and understand individual, location, and company level intent. You can learn more about the Demandbase and the Demandbase Tag by going to https://www.demandbase.com/privacy/ and https://trust.demandbase.com/.

Websights Messaging

Websights gathers IP information from visitors of your website and displays the information for your team only within the Websights dashboard in the platform. The IPs we gather are solely known company IPs and are associated only at a company level. We also do not collect IPs of individuals, such as consumers or specific data subjects.

Mouseflow

This website uses Mouseflow: a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback surveys, and similar features/functionality. Mouseflow may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), referrer, anonymized IP address, location (city/country), language, and similar meta data. Mouseflow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. If you'd like to opt-out, you can do so at https://mouseflow.com/opt-out. If you'd like to obtain a copy of your data, make a correction, or have it erased, please contact us first or, as a secondary option, contact Mouseflow at privacy@mouseflow.com.

For more information, see Mouseflow’s Privacy Policy at https://mouseflow.com/legal/company/privacy-policy/

For more information on Mouseflow and GDPR, visit https://mouseflow.com/legal/gdpr/.

For more information on Mouseflow and CCPA/VCDPA visit https://mouseflow.com/legal/ccpa.

 

Who We Share Your Personal Information With

We routinely share your personal information with:

  • Our affiliates, including our parent, Shimadzu Corp. and other subsidiaries of our parent.
  • Service providers we use to help deliver our products and/or services to you such as payment service providers, warehouses and delivery companies
  • External auditors
  • Our professional advisors

Please note that we only allow our service providers to handle your personal information if we are satisfied, they take appropriate measures to protect your personal information.

We may also disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

Personal Information We Sell for a Business Purpose

We have not sold and do not sell to third parties any personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you.

Where Your Personal Information is Held

Information may be held at our offices and those of our affiliates and related companies, our third-party agencies, service providers, representatives and agents as described above (See Above: Who We Share Your Personal Information With). Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal information when this occurs, see below: “Transferring Your Personal Information Out of the EEA”.

How Long Your Personal Information Will Be Kept

We will keep your personal information while you have an account with us or while we are providing products and/or services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • To respond to any questions, complaints or claims made by you or on your behalf;
  • To show that we treated you fairly; or
  • To keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of personal information.

Your Additional Rights Under the General Data Privacy Regulation (“GDPR”):

  • The right to be provided with a copy of your personal information (the right of access).
  • The right to require us to correct any mistakes in your personal information.
  • The right to require us to delete your personal information (in certain situations)
  • The right to require us to restrict processing of your personal information (in certain circumstances – e.g., if you contest the accuracy of the data).
  • The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit the data to a third party (in certain situations).

The Right to Object:

(a) at any time to your personal information being processed for direct marketing (including profiling) and be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you; and

(b) in certain other situations to our continued processing of your personal information (e.g., processing carried out for the purpose of our legitimate interests)

For further information on each of those rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner's Office (ICO) on individual rights under the General Data Protection Regulation.

Transferring Your Personal Information Out of the EEA

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), including, but not limited to, Japan, the United States of America, Canada , Mexico, Guatemala, Honduras, Nicaragua, Belize, Panama, El Salvador, Colombia , Ecuador, Venezuela ( not now due to the sanctions), Haiti, Dominican Republic, Trinidad and Tobago, Guyana, Suriname, Caymans, Brazil, Uruguay, Switzerland, Russia, Dubai, Turkey, Republic of South Africa Singapore, Malaysia, India, Philippines, Vietnam, Australia, China, and Korea. It may also be processed by staff operating outside the EEA who work for us or other entities acting as data processors processing data on behalf of us. This includes staff engaged in, among other things, the fulfillment of your request or order and the provision of support services. For intra-group data transfers, we have implemented international data transfer agreements on the basis of EU Standard Contractual Clauses in order to provide appropriate and suitable safeguards for personal data being transferred to countries outside the EEA where an adequate level of protection is not already guaranteed. For transfers to third party processors we have implemented different safeguards such as EU Standard Contractual Clauses or certification under the EU-US Privacy Shield, as the case may be. Switzerland and Uruguay are recognized by the European Commission as providing adequate protection of personal data and in such case transfers of personal data do not require additional safeguards. To obtain a copy of the relevant safeguards, please contact us at privacy@shimadzu.com. We will take all steps reasonably necessary to ensure that your data is treated securely and subject to appropriate safeguards in accordance with this policy and applicable legislation.

How to Contact Us

Please contact us by post, email or telephone if you have any questions. Our contact details are shown below:

Shimadzu Scientific Instruments, Inc.
7102 Riverwood
Drive Columbia, MD 21046
U.S.A.
privacy@shimadzu.com
Phone Number: 1-800-477-1227
Fax Number: 410-381-1222

Designated Shimadzu Group Union Representative:
Shimadzu Europa GmbH,
Albert-Hahn Str. 6-10, 47269 Duisburg, Germany

FOR CALIFORNIA RESIDENTS

We Do Not Sell Your Personal Information

The California Consumer Privacy Act (“CCPA”) requires us to disclose whether we sell your personal information. WE DO NOT SELL YOUR PERSONAL INFORMATION.

Your additional Rights under the California Consumer Protection Act (“CCPA”): The CCPA provides Californians with Right to know about personal information we collect about you. You have the right to know:

  • The categories of personal information we have collected about you;
  • The categories of sources from which the personal information is collected;
  • Our business or commercial purpose for collecting or selling personal information;
  • The categories of third parties with whom we share personal information, if any; and
  • The specific pieces of personal information we have collected about you.

EXCEPTIONS

We are not required to:

(a) retain any personal information about you that was collected for a single one-time transaction, if, in the ordinary course of business, that information about you is not retained

(b) reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information

(c) provide the personal information to you more than twice in a 12 month period

Right to Deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

  • Delete your personal information from our records; and
  • Direct any service providers to delete your personal information from their records.

EXCEPTIONS

Please note that we may not delete your personal information if is necessary to:

(a) Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us

(b) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity

(c) Debug to identify and repair errors that impair existing intended functionality

(d) Exercise free speech, ensure the right of another consumer to exercise their right of free speech, or exercise another right provided by law

(e) Comply with the California Electronic Communications Privacy Act

(f) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent

(g) Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us

(h) Comply with an existing legal obligation

(i) Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information

Protection Against Discrimination

You have the right not to be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

  • Deny goods or services to you
  • Charge different prices or rates for good or services, including through the use of discounts or other benefits or imposing penalties
  • Provide a different level or quality of goods or services
  • Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services

EXCEPTIONS

Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to us by your personal information.

You Have the Right to Opt Out of Sales

As noted above, WE DO NOT SELL YOUR PERSONAL INFORMATION, so we do not have an opt-out.

Keeping Your Personal Information Secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to Exercise Your Rights

If you would like to exercise any of your rights as described in this Policy, please:

  • Request in writing to Shimadzu Scientific Instruments ATTN: Legal Department 7102 Riverwood Drive, Columbia, MD 21046 U.S.A.
  • Call us, toll-free, at 1-800-477-1227; or
  • Email us at privacy@shimadzu.com.

Please note that as set forth above you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.

If you choose to contact directly by email, phone, or in writing you will need to provide us with:

  • Enough information to identify you (e.g., your full name, address and customer or matter reference number)
  • Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill, making sure to redact any confidential information such as your credit card number and account number)
  • A description of what right you want to exercise and the information to which the request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or is someone authorized to act on such person’s behalf.

Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

Children Under The Age of 16

Our Website is not intended for children under 16 years of age, and we do not knowingly collect or use any personal data from children under the age of 16. No one under the age of 16 may provide any information to or on the website. If we learn we have collected or received personal data from a child under the age of 16, we will delete that information. If you believe we might have any information from or about a child under the age of 16, please contact us at privacy@shimadzu.com.

Changes to This Privacy Notice

This privacy notice was published on 12/08/2022 and last updated on 04/21/2023. We may change this privacy notice from time to time–when we do, we will inform you via our website.