This website is operated by Asahi Europe Limited, a member of the Asahi Group Holdings, Ltd. group of companies.
All references to ‘Asahi’, ‘our’, ‘us’ or ‘we’ within this policy are deemed to refer to either Asahi Europe Limited or Asahi Group Holdings, Ltd., its subsidiaries, affiliates, and/or associates which provide services to us, as appropriate.
We value the privacy of those who provide personal data to us. This policy applies to our customers, personnel that work for our customers, website visitors, consumers, distributors, our suppliers (and potential suppliers), personnel of such suppliers and contractors. It describes:
the data identifying you that we collect;
how we use this data;
the legal basis upon which we process it;
with whom it is shared; and
how it is stored.
This policy also describes other important topics relating to your data and its privacy.
The Policy is comprised of the following Sections:
Section 1: Data collection
Section 2: Use of data
Section 3: Legal basis for use of your personal data
Section 4: Cookies
Section 5: Disclosure of personal data
Section 6: Retention of personal data
Section 7: Your rights
Section 8: Marketing
Section 9: Transfers of data
Section 10: Security
Section 11: Third party websites
Section 13: Further questions or making a complaint
1. Data collection
We may receive some data about you directly from you. However, we may also receive data about you from third parties such as your employer or recruitment agency, retailers where you are a customer, media agencies, market research companies, our suppliers, group companies, public websites, agencies (including booking agents) and public agencies (including customs officials), which we refer to as “Third Party Sources” throughout this policy.
We, or third parties on our behalf, may collect and use any of the following data about you and we refer to this as “personal data” throughout this policy:
1.1 Personal data which you give us (or which we receive from Third Party Sources). You or your employer or recruitment agency may give us personal data about yourself by using the online forms provided on our website, completing order forms, setting up an account with us, or by contacting us by phone, e-mail or other means. This includes, for example, when you or your employer provide your personal data to us in order to receive our services. You, or our Third Party Sources may also give us personal data about you when you are or it is offering or providing services to us.
The personal data which you give us (or which we receive from Third Party Sources) may include:
(a) Data about you:
(i) your name;
(ii) your job title;
(iii) company name;
(iv) e-mail address;
(v) your telephone number;
(vi) account information;
(vii) your company’s address;
(viii) your gender;
(ix) your date of birth;
(x) data provided when you correspond with us;
(xi) any updates to data provided to us; and
(xii) if you attend our sites, CCTV footage.
(b) Data about our website visitors and users of our software apps (where applicable):
(i) if you visit our website, your IP address;
(ii) your user name;
(iii) your age;
(iv) your behaviour on our website (for example, the pages that you click on) or on our software app;
(v) payment details;
(vi) order history; and
(vii) if you are a user of a mobile application, your location data so that we can help you to locate our products and services and, if you are a service provider, so that we can monitor the effectiveness and efficiency of any services that you provide to us.
(c) Data about the goods or services we provide to you:
(i) data needed to provide goods or services to you (including data on account opening forms, details of your order, order history, payment details, delivery address, delivery requirements and restrictions, trade references and tax information);
(ii) the name you give us for personalised products;
(iii) customer services data; and
(iv) customer relationship management and marketing data.
(d) Data about services that we receive from you or your employer (including breweries, bars, wholesalers, restaurants, media contacts, transport suppliers, warehouses, fulfilment centres, technical support equipment providers and engineers, brand ambassadors and other contractors):
(i) your website;
(ii) your photo and video footage if you are a collaborator or brand ambassador, or a potential collaborator or brand ambassador;
(iii) CVs, pitch and tender data; and white paper data;
(iv) supplier due diligence data (for example for wholesalers of alcohol);
(v) work contact data (phone number, postal address, mailing address, email address);
(vi) proof of identification and address;
(vii) visa or work permit documentation;
(viii) emergency contact data;
(ix) work place accident data and medical or health data (relevant to your work for us and/or provided by you to Asahi, for example, medical assessments);
(x) work hours (overtime and shift work, hours worked and department standard hours);
(xi) details of compensation, expense claims and bank details;
(xii) drug and alcohol testing and health assessment data;
(xiii) court, tribunal and inquiry proceedings; and
(xiv) data required to access company systems and applications (such as system ID).
(e) If you use our photo booth at one of our breweries or events, your photo and the photo timestamp.
(f) If you choose to use social media in order to contact us or find out about our products or services, your profile data (including your preferences and interactions with us on Facebook, Instagram and Twitter) and data which you post on message boards which are relevant to our business.
(g) If you attend our events, your photograph and event video footage (we will also give you notice of this at the event).
Some of the personal data that we collect about you or which you or third parties (including your employer or recruitment agency) provides to us about you may be special categories of data. Special categories of data include data about your physical and mental health.
Please note that we need certain types of personal data so that we can provide services to you or so you, or our Third Party Sources, can provide services to us. If you do not provide us with such personal data, or if you ask us to delete it, you may no longer be able to access our goods and services or provide goods and services to us.
1.2 Personal data we collect about you or that we obtain from our Third Party Sources.
(a) Each time you visit our website we may automatically collect any of the following data:
(i) technical data, including the Internet protocol (IP) address used to connect your computer to the internet, domain name and country which requests data, the files requested, browser type and version, browser plug-in types and versions, operating system and platform;
(ii) data about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), time and length of visits to certain pages, page interaction data (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and data provided when requesting further service or downloads.
(b) If you contact us on social media, we will collect certain data about you from your social media page and through your interactions with us or with data about our products and services.
(c) If you are a journalist or work for an institution/trade association in our industry, we may collect data about you from public sources.
(d) If you are a customer or a supplier (or a potential customer or supplier) or work for one of them (including as a consultant), we may obtain data about you from your company’s website.
(e) If you are working for us or visiting one of our sites (for example, a brewery) we may also collect personal data about you on CCTV.
2. Use of data
We, or our Third Party Sources acting on our behalf, collect, use and store the personal data listed above for the following reasons:
2.1 Visiting our website or, if you are a consumer, using one of our software apps
(a) to allow you to access and use our website or the app (including to ensure you are of legal drinking age);
(b) to provide technical support;
(c) to provide you with the information and services that you request from us;
(d) to ensure the security of our services, our website and our app;
(e) to store information about your preferences, and to allow us to customise our website and the app according to your individual interests;
(f) to recognise you when you return to our website;
(g) if you are an app user, to recognise your location to enable the app to function by notifying you of bars nearby, to monitor app usage and beer consumption, to carry out market research and understand your preferences and experience at venues selling our products (such as a hotel, bar or restaurant);
(h) to enable you to participate in our competitions and promotions;
(i) to process orders which you place for goods or services from us; and
(j) for improvement and maintenance of our website and the app and preparing reports or compiling statistics in order to improve our goods and services. Such details will be anonymised as far as is reasonably possible and you will not be identifiable from the data collected.
2.2 Receiving goods and services from you
(a) to enable us to receive and manage services from you (including supplier due diligence, payment and expense reporting and financial audits);
(b) for health and safety records and management;
(c) to assess your working capacity (for example, to assess whether you are under the influence of drugs or alcohol and thereby pose a danger to yourself and to others);
(d) to confirm information on CVs and performance reference checks, to assess you or your employer’s suitability to work for us; and
(e) for equal opportunities monitoring.
2.3 Providing goods and services to you
(a) to provide relevant goods or services to you or your employer (including, to confirm and process orders, for administration of your account with us, customer loans, tax and export, billing and debt collection purposes and the collection of bottles (where applicable));
(b) to deal with any enquiries or issues you have about our goods and services, including any questions you may have about how we collect, store and use your personal data, or any requests made by you for a copy of the data we hold about you. If we do not have a contract with you, we may process your personal data for these purposes where it is in our legitimate interests for customer services purposes;
(c) to send you certain communications (including by email or post) about our goods and services such as service announcements and administrative messages (for example, setting out changes to our terms and conditions and keeping you informed about our fees and charges);
(d) to allow you to attend our events or participate in competitions and to send you photos that you have permitted us to take of you;
(e) for health and safety and quality assurance;
(f) to carry out statistical analysis and market research; and
(g) if you have consented or, otherwise, if it is in our legitimate interests, for business development and marketing purposes, to contact you (including by email or post) with information about our products and services which either you request, or which we feel will be of interest to you (including newsletters), but only where you have consented to this.
2.4 For internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development, and to identify and implement business efficiencies.
2.5 To comply with any procedures, laws and regulations which apply to us – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so.
2.6 To establish, exercise or defend our legal rights – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so.
2.7 If you visit one of our sites (including a brewery), for CCTV monitoring and ensuring the security of our staff and visitors, and our and their property.
2.8 If you contact us on social media, to monitor your interactions with us and our brand online, where it is in our legitimate interests to do so for market research and for planning future marketing campaigns.
2.9 If we use your photograph or video footage from an event, to amplify the event to a broader audience and for internal presentation purposes, where it is in our legitimate interests for marketing and business development purposes or where we have your consent.
2.10 If you are a user of our maintenance tracker app, CM/SpinApp, to identify your location when you are providing maintenance services on our draft beer equipment and where it is in our legitimate interests to manage the service requirements of customers.
2.11 If you are a journalist, where it is in our legitimate interests to contact you to invite you to write a news article about our products and services; to invite you to events, send you promotional material and for press releases.
3. Legal basis for use of your personal data
(b) our use of your personal data is necessary for complying with our legal obligations (for example, providing information to HMRC); or
(c) where neither (a) nor (b) apply, use of your personal data is necessary for our legitimate interests or the legitimate interests of others (for example, to ensure the security of our website or our mobile app). Our legitimate interests are to:
(i) run, grow and develop our business;
(ii) operate our website and our mobile app;
(iii) select appropriately skilled and qualified suppliers;
(iv) ensure a safe working environment for our staff and visitors;
(v) marketing, market research and business development;
(vi) provide goods and services to our customers, make and receive payment, provide customer services and to know the customer that we are providing services to;
(vii) place, track and ensure fulfilment of orders with our suppliers; and
(viii) for internal group administrative purposes, as described in section 5.1 below.
3.2 We may use your special categories of data where you have provided your consent (which you may withdraw at any time after giving it, as described below).
3.4 If we rely on your consent for us to use your personal data in a particular way, but you later change your mind, you may withdraw your consent by contacting us at email@example.com and we will stop doing so. However, if you withdraw your consent, this may impact the ability for you to be able to provide services to us (for example, if those services require health assessments that involve use of your special categories of data) or for us to provide services to you.
5. Disclosure of personal data
5.1 We may share your personal data with any company that is a member of our group which includes our ultimate parent company based in Japan where it is in our legitimate interests to do so for internal administrative purposes (for example, ensuring consistent and coherent delivery of services to our customers, corporate strategy, compliance, auditing and monitoring, research and development and quality assurance). We may also share your personal data with our group where they provide products and services to us, such as information technology systems.
5.2 We will share your personal data with the following categories of third parties:
(a) our service providers and sub-contractors, including but not limited to payment processors, suppliers of technical and support services, insurers, logistic providers, and cloud service providers;
(b) your employer or recruitment agency;
(c) retailers, where you are a customer;
(d) public agencies (including customs officials);
(e) occupational health assessment providers and medical professionals undertaking drug and alcohol testing (where applicable);
(f) companies that assist us in our marketing, advertising and promotional activities; and
(g) analytics and search engine providers that assist us in the improvement and optimisation of our website and our software apps.
5.3 We will also disclose your personal data to third parties:
(a) where it is in our legitimate interests to do so to run, grow and develop our business:
(i) if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
(ii) if substantially all of Asahi’s or any of its affiliates’ assets are acquired by a third party, in which case personal data held by Asahi will be one of the transferred assets;
(b) if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
(c) in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
(d) to protect the rights, property, or safety of Asahi, our staff, our customers or other persons. This may include exchanging personal data with other organisations for the purposes of fraud protection and credit risk reduction.
5.4 We may also disclose and use anonymised, aggregated reporting and statistics about users of our website and apps or our goods and services and from interactions with us and our brands on social media for the purpose of internal reporting or reporting to our group or other third parties, and for our marketing and promotion purposes. None of these anonymised, aggregated reports or statistics will enable our users to be personally identified.
5.5 Save as expressly detailed above, we will never share, sell or rent any of your personal data to any third party without notifying you and, where necessary, obtaining your consent. If you have given your consent for us to use your personal data in a particular way, but later change your mind, you should contact us and we will stop doing so.
6. Retention of personal data
We keep your personal data for no longer than necessary for the purposes for which the personal data is processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
7. Your rights
7.1 You have certain rights in relation to your personal data. If you would like further information in relation to these or would like to exercise any of them, please contact us by email at firstname.lastname@example.org at any time. You have the right to request that we:
(a) provide access to any personal data we hold about you;
(b) update any of your personal data which is out of date or incorrect;
(c) delete any personal data which we are holding about you;
(d) restrict the way that we process your personal data;
(e) prevent the processing of your personal data for direct-marketing purposes;
(f) provide, or not provide, your personal data to a third party provider of services;
(g) provide you with a copy of any personal data which we hold about you; or
(h) consider any valid objections which you have to our use of your personal data.
7.2 We will consider all such requests and provide our response within a reasonable period (and in any event any time period required by applicable law). Please note, however, that certain personal data may be exempt from such requests in certain circumstances.
7.3 If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.
8.1 We may collect and use your personal data for undertaking marketing by email, software app, telephone and post.
8.2 We may send you certain marketing communications (including electronic marketing communications to existing customers) if it is in our legitimate interests to do so for marketing and business development purposes.
8.3 However, we will always obtain your consent to direct marketing communications where we are required to do so by law and if we intend to disclose your personal data to any third party for such marketing.
8.4 If you wish to stop receiving marketing communications, you can contact us by email at email@example.com at any time.
9. Transfers of personal data
9.1 The personal data may be used, stored and/or accessed by staff operating outside the EEA working for us, other members of our group or Third Party Sources. This may be for the purposes listed in section 1.2(e) above, the provision of our services to you or your employer, the receipt of services from you or any of our Third Party Sources, the processing of transactions and/or the provision of support services. Further details on to whom your personal data may be disclosed are set out in section 5 above.
(a) in the case of US based entities, entering into European Commission approved standard contractual arrangements with them, or ensuring they have signed up to the EU-US Privacy Shield (see further https://www.privacyshield.gov/welcome); or
(b) in the case of entities based in other countries outside the EEA (including Japan), entering into European Commission approved standard contractual arrangements with them.
9.3 Further details on the steps we take to protect your personal data, in these cases is available from us on request by contacting us by email at firstname.lastname@example.org at any time.
10.1 Asahi is committed to protecting personal data from loss, misuse, disclosure, alteration, unauthorised access, unavailability and destruction and takes all reasonable precautions to safeguard the confidentiality of personal data, including through use of appropriate organisational and technical measures. Organisational measures include physical access controls to our premises, staff training and locking physical files in filing cabinets. Technical measures include use of encryption, passwords for access to our systems and use of anti-virus software.
10.2 In the course of provision of your personal data to us, your personal data may be transferred over the internet. Although we make every effort to protect the personal data which you provide to us, the transmission of information over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to our website and that any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access to it.
10.3 Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
11. Third party websites
13. Further questions or making a complaint
13.1 If you have any queries or complaints about our collection, use or storage of your personal data, or if you wish to exercise any of your rights in relation to your personal data, please contact email@example.com. We will investigate and attempt to resolve any such complaint or dispute regarding the use or disclosure of your personal data
13.2 You may also make a complaint to the data protection authority in the European Union country where we are based or where we process personal data that relates to offering goods or service to you in the European Union. If you are unsure which data protection authority to contact, please contact firstname.lastname@example.org who will advise you. Alternatively you may seek a remedy through local courts if you believe your rights have been breached.