This Privacy Policy serves as notification to website visitors and data subjects on what, from whom, why, and how the Nanban Receivership collects personal data in support of its due diligence activities. This Policy sets forth the website privacy practices that the Receivership adheres to in compliance with applicable state, regional, and international privacy laws and data protection regulations. The intention is for this Policy to constitute a statement of the principles and guidelines to which the Receivership and its employees/contractors will adhere. For ease of navigation throughout the Privacy Policy, please select the link below that corresponds to the topic of interest.
Nanban Receivership and affiliated organizations (collectively referred to as “the Receivership”, “Nanban Receivership”, “we”, “us”, or “our”, and individually referred to as a “Nanban Receivership”) care about the privacy of the Receivership Entities, investors and creditors, other interested persons, and the public with whom it communicates, engages, or supports in the course of receivership proceedings. We are committed to protecting personal data that we collect, use, store or otherwise process in accordance with fair information practices and applicable data privacy laws. We use the word “you” or “your” to refer to anyone within the scope of this Privacy Policy (this “Policy”).
This Policy sets forth how we process (i.e., collect, use, store, transmit, protect, disclose, retain, and dispose of) your personal data and notify you of your privacy rights. Personal data means any information relating to an identified or identifiable natural person: one who can be identified (directly or indirectly) by reference to an identifier such as name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. As we are a Receivership that processes and transmits personal data from qualified Receivership Entities and individuals during normal, daily business operations, this Policy should be construed to comply with US statutory, regional, and international privacy laws and data protection regulations as applicable to the Nanban Receivership. Should any relevant laws contradict the terms and provisions of this Policy, then the standards of such applicable law shall apply (and the terms and provisions of this Policy shall be modified accordingly for the applicable jurisdiction/circumstance).
This Policy contains our data privacy commitments, including our policy on transfers of personal data and associated individual privacy rights hereto referred to as ‘data subject rights,’ with the aim of ensuring that your personal data is protected while processed by the Nanban Receivership with data received from around the world.
Personal data that we may collect, and process includes, but is not limited to:
Contact Information and Identifiers. Data fields may include first, middle, and last name, company or organizational name, job title, age and prefix, username, mailing address, telephone numbers, email address, or other addresses that allow us to send you Nanban Receivership messages, information, and registration information you provide on our website.
Relationship Information. Data fields may include the types of products and services which you provided to or received from Nanban Ventures, contact and contractual details, invoices, statements, billing and payment details, and demographic data.
Transactional Information. Data fields may include purchases, inquiries, customer account information, order and contract information, delivery details, billing and financial data, details for taxes, transaction and correspondence history, and information about how you use and interact with our website.
Creditor and Investor Information. Data fields may include any information an individual provides related to an employer identification number (EIN)/federal tax identification number, income, social security number (SSN), transaction details involving your financial product(s) or service(s), your consumer or customer account numbers, payment history, loan or deposit balances, and credit or debit card purchases.
Security and Compliance Information. Data fields may include details that help us to secure the Nanban Receivership interests, including information for conflict checks, fraud prevention and internal verification.
Internet or Other Electronic Network Activity Information. Data fields may include information automatically collected from our website and saved in our system log files, including the user’s Internet Protocol (IP) address, browser type, browser version, operating system, internet service provider, date and time of access, duration of visit, time of first/most recent visit, referral websites, and linked sites.
System and Event Information. Data fields may include IT system and application, network, hardware, and device information collected by products or services during their setup, configuration, and operation. This information may include product or service usage information and performance data. In some circumstances, this information may be personal data.
Employment Information. Data fields may include contact information of past Nanban employees, contractors, and vendors as part of the process of fulfilling the Receivership’s requirements.
Personal data relating to sensitive categories, such as race or ethnicity, religious or philosophical beliefs, political opinions, trade union membership, genetic data, biometric data, sexuality, or health information, is regarded as ‘sensitive personal data.’ Unless otherwise indicated under applicable law or an extenuating legal basis exists otherwise, the Receivership will process sensitive personal data only with the data subject’s express consent.
The Nanban Receivership is dedicated to the responsible handling of sensitive personal data. We limit the use and disclosure of such information for the purposes of enabling the Receivership’s activities as directed by the court. If required by applicable law, permission to process your sensitive personal data will be obtained separately from non-sensitive personal data consent requests, and will clearly outline the purposes of processing, the necessity of such processing, and its impact on data subject rights. For sharing of information that uses sensitive data, we will adhere to special safeguards and legal bases stipulated by applicable law, which may include your right to limit the sharing of your personal data or our obligation to re-obtain your consent. If obtaining a license is a requirement under applicable law for processing necessary sensitive data, Nanban Receivership will promptly secure the necessary license to ensure compliance.
Nanban Receivership adheres to one or more of the following legal bases for processing personal data:
Consent: The individual has given clear consent for the processing.
Contract: The processing is necessary for a contract or because the individual has asked for specific steps.
Legal obligation: The processing is necessary to comply with the law.
Vital interests: The processing is necessary to protect someone's life.
Public task: The processing is necessary for the public’s interest or official functions.
Legitimate interests: The processing is necessary for the legitimate interests of the Nanban Receivership.
Personal data will be processed in a fair and lawful manner. Personal data will be collected for specific and legitimate purposes and not further processed in a way incompatible with those purposes. In certain cases, additional consent from individuals may be required. The Receivership processes personal data for legitimate business reasons, such as the management and administration of financial and business information, customers, consumers, vendors, and suppliers or to pursue compliance with legal requirements.
The Receivership processes personal data commensurate with the following guidelines:
A. Only relevant data — no more than the need for the purpose — is collected and used.
B. Only current, complete, and accurate data to the extent provided and necessary is maintained.
C. Data will not be processed or retained in an identifiable format beyond what is necessary to
achieve the purpose for which it is collected.
Process Inquiries. To manage the receipt of, and to respond to, inquiries made by Receivership Entities, investors and creditors, other interested persons, and the public made through the Nanban Receivership website which serves as the Receiver’s primary form of communication to all.
Security and Fraud Prevention. To protect data subjects, employees, and Nanban Receivership, prevent fraud, and ensure the security of our websites, networks, systems, and premises.
Power Our Services. To manage our everyday business needs, such as data collection, communications, providing Receivership updates, document management, website administration, website functionality, website optimization, fulfillment, governance, audit, reporting and legal compliance.
Regulatory Compliance. To comply with applicable federal, state, regional and international laws and the expectations set forth by the court for the Receivership’s activities.
Third Parties: We may use third parties to provide or perform services and functions on our behalf. We may make personal data available to these third parties to perform these services and functions. Any processing of that personal data will be per our instructions and compatible with the original purposes. We conduct third party security reviews to ensure third parties to whom we entrust personal data offer adequate protection. Whenever the Receivership relies on such third parties that may have access to personal data, we establish contractual arrangements with them to ensure they provide sufficient technical and organizational measures to protect the security and confidentiality of the personal data.
As Required by Law: We may also make personal data concerning data subjects available to public or judicial authorities, law enforcement personnel and agencies as required by law, including to meet national security or law enforcement requirements, and to US agencies and courts. Where permitted by law, we may also disclose such information to third parties (including legal counsel) when necessary for the establishment, exercise or defense of legal claims or to otherwise enforce our rights, protect our property or the rights, property or safety of others, or as needed to support external audit, compliance and governance functions.
The Nanban Receivership does not “sell” or “share” your personal data as defined by applicable international, state, and regional laws, such as the European Union General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the Texas Data Privacy and Security Act (TDPSA).
This Privacy Policy serves as a Privacy Notice to all data subjects about why and how we collect and process their personal data. This notice includes transparent and clear information on the use of personal data, including the purposes for which personal data is processed. Consistent with applicable legal requirements, this notice includes any other information to assure that processing is fair such as the identity of the Nanban Receivership proposing to use the personal data, any other recipients of such data, and the rights and practical means for such data subjects to contact us or exercise their rights. In accordance with applicable laws, if the method or purpose of processing the personal data is changed, a notice will be provided to the data subject, along with a request and/or option to re-obtain consent, opt-out of processing, or restrict the processing of the changed data.
For purposes of responding to or fulfilling a data subject’s privacy rights request, if applicable law requires, a notification shall be made to data subjects communicating the status of their completed data subject rights request. (Details on Data Subject Privacy Rights and Privacy Rights Requests are outlined in the next section titled Your Privacy Rights). If further ruled by applicable law, a notice to data subjects with required information and in a required format will be provided if a data transfer of any kind occurs. If we do not provide notice at the time of collection, transfer, or change, we will do so as soon as possible thereafter, except if there is an exemption under applicable law that applies.
To the extent of applicable law, you may exercise the following Data Subject Privacy Rights without constraint, at reasonable intervals, and without excessive delay or expense:
Right to access your personal data.
Right to request erasure of your personal data.
Right to rectify or update your inaccurate or out-of-date personal data.
Right to restrict or object to processing as it applies to your personal data.
Right to restrict or object to processing as it applies to your sensitive personal data.
Right to restrict or object to automated decision-making.
If previously granted authorization, the right of relatives to make requests on behalf of deceased, incapacitated, or data subject with other impairments.
Right to data portability.
Right to know all data collected about you.
Right to say no to the sale or sharing of your information (opt-out).
Right to be informed of what categories of data will be collected about you prior to its collection.
Right to know the categories of third parties with whom your data is shared.
Right to know the categories of sources of information from which your data was acquired.
Right to know the business or commercial purpose of collecting your information.
Right to be informed of any changes in the processing purpose and method, categories of information collected, or third parties with whom your personal data is shared.
Right to lodge a complaint with a supervisory authority.
To submit a request to exercise any of these rights, please contact our Data Privacy Office via email at: dataprivacy@grayreed.com. Please include “Data Privacy for Nanban Receivership” in the email subject line. Nanban Receivership will not discriminate against you for exercising your data subject rights.
Upon submission of a data subject’s Privacy Rights Request, we will authenticate your identity by requesting information such as your name, email address, or other contact details, along with the Nanban Venture relationship details and office in which you established a business relationship. In accordance with the applicable country, regional or state privacy law in which the relationship was established, you may have the right to designate an authorized agent or another person to submit a request on your behalf. To designate an authorized agent or another person to exercise your rights and preferences, please provide your authorized agent with a signed, written permission confirming that they have been authorized by you.
We will respond to your requests submitted by way of US postal mail or by email (both options provided under How to Contact Us) within the timeframe stipulated by the applicable regulation in which you established a relationship with the Receivership. If more time is required to complete your request, we will notify you of the delay, reasons for the delay, and actions you can take as a result of the delay.
If your request is denied, you may appeal the decision by using one of the specified contact methods stated above. Please enclose a copy of or otherwise specifically reference the decision you want to appeal. We will respond to your appeal in accordance with applicable law.
By providing personal data to us, you understand and agree to the collection, processing, international transfer, and use of such information as set forth in this Privacy Policy. Where required by applicable law we will ask your explicit consent. We do not use your personal data for marketing purposes. You may object to the use of your personal data with the understanding that it may impact the outcome of services provides to you, or withdraw any consent previously granted for a specific purpose, free of charge, following the directions contained in an email or by contacting the Receivership with your privacy concerns through one of the contact methods stated throughout this Policy.
Nanban Receivership respects your rights under the law regarding automated decision-making. Nanban Receivership does not currently process personal data pursuant to an automated decision-making function. If we determine a need to process your personal data pursuant to such function, Nanban Receivership will use appropriate measures for safeguarding the legitimate interests of data subjects regarding such personal data.
We will retain your personal data as long as necessary to achieve the purpose for which it was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law. If we wish to process your data beyond that point of time, we will ask for your consent for such activity.
Our websites are not directed at children 18 years of age or younger and we do not use our websites to knowingly solicit personal data from children. If we learn that a child has provided personal data through one of our websites, we will remove that information from our systems.
The Nanban Receivership website collects information via the email links within the site. You have complete control over what information you choose to share within the email communication. No other processing activities have been activated on this website.
Nanban Receivership does not engage in any financial incentive programs and therefore does not seek opt-in consent from data subjects for financial incentive programs.
We may provide links to third parties' websites (“linked sites”) from our websites. Linked sites are not necessarily reviewed, controlled, or examined by us. Each linked site may have its own terms of use and privacy notice, and users must be familiar and comply with all such terms when using linked sites. We are not responsible for the policies and practices of any linked site, or any additional links contained in them, and we encourage users to read these linked sites’ terms and notices prior to using them. When placing a link, we carefully check the linked site to determine that it does not contain obviously illegal content—if we subsequently become aware that the linked site contains illegal content, we will promptly remove the link.
Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user visits a website, cookies can be placed locally on the user’s device. This cookie contains a character string, which is a unique identification code of the browser that will be recognized each time a user visits the website. Our website does not use cookies or any other analytic tools, such as Google Analytics.
The Nanban Receivership website maintains information security policies, procedures, and safeguard controls that are proportionate to the risks associated with its data processing activities. We implement the appropriate administrative, technical, physical, and organizational safeguards to reduce the risk of accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data. Our technical measures include encryption, firewalls, regular software updates, intrusion detection/prevention systems, restricted access to authorized users on a need-to-know basis, and multi-factor authentication. Physically, we ensure security through surveillance systems and restricted access to data centers and server rooms. Organizationally, we prioritize data security through employee training on privacy best practices, handling of personal data, incident response plans, and third-party security practices. The program is continuously adapted to mitigate operational risks and protect personal data.
In the event of a data breach or incident of unauthorized access, collection, processing, or similar unjustified disclosure of personal data, we are committed to promptly implementing reasonable risk mitigation measures. We will notify affected data subjects of the breach and, if necessary, inform the relevant authorities, as required under applicable laws.
In the normal course of business operations, the Receivership may share, or transfer in-country personal data deemed necessary for the purposes for which it was collected. These sharing practices may include in-country transfers with the appropriate operational team or department to meet the Receivership's legal, regulatory, or contractual obligations. During these data-sharing activities, the Receivership adheres to established data privacy policies, standard operating procedures, and guidance to assure the appropriate use limitations, lawful bases, access controls, and information security safeguards for the protection of personal data.
We have established procedures to assure that personal data transferred will be managed in conformity with this Policy, irrespective of the applicable regulations. When relying on third parties, we uphold procedures to safeguard personal data and ensure compliance with the relevant laws governing the transferred data. In places where personal data is disclosed to third parties outside the jurisdiction of its origin, we implement measures to assure the transferred personal data receives sufficient protection, often through contractual clauses in accordance with applicable data protection rules.
The Receivership maintains an inventory of its IT systems and applications that collect, use, access, share, transmit, process, retain, store, transfer, and dispose of personal data. We ensure this information is reviewed and updated routinely to reflect any change to the Receivership’s processing activities.
The Receivership will only use personal data in accordance with the applicable data protection law. This includes laws that may relate to the processing of personal data. If such applicable law requires greater protection of personal data than is set forth in this Policy, the Receivership will adhere to the requirements of such law.
We will cooperate with the relevant data protection authorities and will respond to requests and questions about compliance with applicable data privacy laws and this Policy. The Receivership will also consider the advice of data protection authorities with competent jurisdiction on data protection or privacy law issues that may affect this Policy. Moreover, the Receivership will comply with any formal decision on the application and interpretation of this Policy by a data protection authority with competent jurisdiction that is final and to which no further appeal is possible.
If you would like to communicate with us regarding privacy issues or have questions, comments, or complaints, please contact us via:
E-mail: dataprivacy@grayreed.com
{Please include “Data Privacy for Nanban Receivership” in the email subject line.}
Or in writing at:
c/o The Nanban Receivership
1300 Post Oak Blvd. Suite 2000
Houston, TX 77041
United States of America
We reserve the right to change, modify, and update this Privacy Policy at any time. Please check periodically to ensure that you have reviewed the most current notice.
This Privacy Policy was last updated October 1, 2024.