PRIVACY NOTICE

LEGAL

Nagase Singapore (Pte) Ltd (collectively, “NAS”, “we,” or “our”), are committed to safeguarding the privacy and confidentiality of the personal information we collect in the conduct of our business, operations and organizational activities

This Privacy Notice explains how we, gather, use, disclose, and protect personal data of all current and prospective individuals with whom we engage and interact with, including customers and prospective customers, suppliers, service providers, contractors, business partners, job applicants, visitors to our premises, and other individuals whose personal data we process.

We recognize the importance of and are committed to managing personal data responsibly and maintaining practices that are consistent with applicable legal and regulatory requirements. This Privacy Notice outlines the types of personal data we collect, how we collect it, the purposes for which we use it, the legal bases on which we rely, the parties with whom we may share it, and any cross-border transfers that may occur. It also describes the measures we take to safeguard personal data, how long we retain it, and the rights available to individuals, including how those rights may be exercised and how to contact us with questions or concerns.

We may update this Privacy Notice from time to time to reflect changes in our practices or applicable laws. The date of the most recent update is provided at the end of this Privacy Notice.

This Privacy Notice applies to Personal Data collected by NAS and does not extend to data gathered by third parties, including through external applications. It should be read together with any additional terms, disclaimers, or contractual provisions you have agreed to with NAS (if any) or supplementary notices (where required and as appropriate). We may provide you with privacy statements in addition to, or in place of, this Policy, as appropriate. Both the individual policies or Personal Data protection notices ("Individual Policies") established by each NAGASE Group company and this Policy may be applied. Individual Policies can be found on each NAGASE Group company’s website indicated at the end of this Policy.

In the event of any conflict between this Privacy Notice and the mandatory requirements of a particular jurisdiction, the relevant local laws and regulations will prevail, and this Privacy Notice will be interpreted or supplemented as necessary to ensure compliance.

Definitions

In this Privacy Notice, the following terms have the following meanings:

“Personal Data” means: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly from the information alone, or indirectly from that information together with other data that an organisation has or is likely to have access to. This includes an identifier such as a name, an identification number, location data, an online identifier.

“Sensitive Personal Data” refers to Personal Data that requires heightened safeguards because misuse could significantly impact an individual. Examples include government-issued identification numbers and financial or payment information.

“Processing” includes any operation performed on Personal Data, whether or not by automated means, such as collection, recording, arranging, storage, use, disclosure, transmission, cross-border transfer, erasure or destruction.

Where we engage third-party service providers to process Personal Data on our behalf,  we require them by contract to handle Personal Data only in accordance with our instructions, applicable laws, and appropriate security measures.

Data We Collect

We collect Personal Data through:
 

  • Direct interactions (e.g., business cards, meetings, forms, contracts, customer support)
  • Electronic communications and systems (e.g., email, websites, apps)
  • Business interactions with our clients, suppliers, service providers, contractors and business partners


We may also collect Personal Data from third-party sources, where permitted by law, such as:
 

  • business partners and industry contacts
  • publicly available databases
  • references and background check providers
  • professional networking platforms
  • event organisers or trade associations


These are the categories of Personal Data we collect, subject to local law:
 

  • Identity Information – name, country, employer number, user account data, date of birth, and gender
  • Contact Information – such as addresses, email, telephone numbers
  • Employment / Business Information – job title, employer, business role, business contact details
  • Financial Information – bank details and payment information (where necessary)
  • Technical and Usage Information – includes internet protocol (IP) address, date and time of your access, time zone setting and location, browser type and version, your device identifiers, your internet or wireless service provider, and other technology on the devices you use
  • Job Applicant Information – information submitted as part of the recruitment process, including resumes, application forms, work and education history, qualifications, professional certifications, skills, references and any other data you provide during the hiring process


The exact scope of data collected in a given country or context will depend on the applicable local laws and the nature of our interaction with you.

We generally do not collect Sensitive Personal Data unless permitted by law or necessary for business, legal, payment, or emergency purposes. In some cases, we may collect certain types of Sensitive Personal Data—such as bank account details —  from individual service providers or contractors to facilitate payments, reimbursements, or other legitimate transactional activities, in accordance with applicable legal requirements.

If you do not provide certain personal information, we may be unable to provide you with our products or services, respond to enquiries, or comply with legal obligations.

Accuracy of Personal Data

We take reasonable steps to ensure that Personal Data in our possession is accurate, complete, and up to date. We may request updates from you periodically and encourage you to inform us of any changes.

Where we require Personal Data to comply with legal obligations or to perform a contract, the provision of such data is mandatory. If the required Personal Data is not provided, we may be unable to provide certain products or services, enter into a contract, or complete the requested transaction.

Legal Basis for Processing Personal Data

We process Personal Data only where permitted under the laws of the countries in which we operate. Depending on the jurisdiction and the context of our interaction with you — including where you are a prospective customer, supplier, service provider, contractor, job applicant or other business partner — we may rely on one or more of the following legal bases:
 

  • Consent
    We obtain your consent where required by local law, including for certain types of Sensitive Personal Data (only where relevant and necessary), or where you voluntarily provide information during enquiries, meetings, business discussions, or requests for information. Consent may be express or implied, unless explicit consent is mandated in the country of collection.

    You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. Upon receiving a withdrawal request, we will cease processing your Personal Data for the purposes for which consent was provided, unless another legal basis applies. Please contact us at the details provided in “Contact Us” below.

  • Contractual Necessity
    We process Personal Data when necessary to perform a contract with you or to take steps at your request before entering into a contract. This includes engaging in general business discussions, preparing proposals, quotations, or other materials needed to evaluate or formalize a potential commercial relationship. This basis applies across all jurisdictions.

  • Legal or Regulatory Obligations
    Processing may be required to comply with legal, regulatory, audit, or reporting obligations applicable in the relevant jurisdiction.

  • Legitimate Interests
    In jurisdictions that permit it, we may rely on legitimate business interests and your interests, and fundamental rights do not override those interests.  These interests include assessing potential business opportunities, responding to enquiries, managing leads, conducting due diligence, evaluating suitability for collaboration such as securing systems and managing relationships.

As country law requirements vary, the specific legal basis we rely on may differ depending on the type of data involved, the purpose of processing, and the applicable laws in each country. We will always ensure that our processing complies with the relevant local legal requirements.

Purposes for Processing Personal Data

We process Personal Data for the following purposes, as permitted or required by applicable local laws:
 

  • Business Relationship Management
    Managing and developing business relationships; facilitating enquiries, meetings, general business discussions, and other interactions necessary to maintain or explore business relationships.

  • Service Delivery
    Sending and receiving samples, price quotations, products; providing, operating, and improving our products and services; fulfilling orders and requests; delivering customer support; and addressing issues, complaints, or service-related difficulties.

  • Marketing and Communications
    We may use Personal Data to support our marketing and sales activities, including sending information about our products, services, promotions, trade programs, incentives, events, surveys, obtaining feedback, technical updates, and other initiatives relevant to your organisation or role. We may also conduct related outreach activities—such as business briefings, product demonstrations, and partner engagement communications.

    Local marketing consent requirements differ across the countries in which we operate, and we will comply with the specific legal obligations applicable in each jurisdiction. Where required by law, we will not send you marketing communications without your prior consent.

    You may withdraw your consent or opt out of receiving marketing communication from us at any time, and we will respect your choices unless another lawful basis permits continued processing.  Please use the unsubscribe mechanism provided or contact us using the details below. We will not charge you for making an opt-out request.

  • Business Operations
    Performing internal administrative functions, including finance, accounting, and other operational activities necessary to support and manage our business.

  • Regulatory and Legal Compliance
    Complying with obligations under applicable laws and regulations, including tax and financial reporting; responding to regulators, tax authorities, and law enforcement; performing due diligence and compliance checks; and supporting investigations or legal proceedings.

  • Security and Fraud Prevention
    Protecting the security, confidentiality, and integrity of our systems, facilities, data, and operations; detecting, preventing, and investigating fraud, cyber threats, unauthorized access, misuse, or other illegal or harmful activities.

  • Employment Purpose
    We collect your applicant data for the purpose of making employment decisions and to manage and support the recruitment process. Where permitted, we may also use your information to consider you for future opportunities and may not immediately delete your information if you are unsuccessful for the role you applied for, unless you inform us otherwise.

No Sale of Personal Data

We do not sell, lease, or otherwise exchange Personal Data for monetary or other valuable consideration. Personal Data is shared only as described in this Privacy Notice.

Disclosure of Your Personal Data and International Transfers

As a multinational organisation, we may store or process Personal Data on shared systems, common platforms, or cloud-based solutions that are accessible to our subsidiaries and affiliates in other countries. Accordingly, your Personal Data may be transferred to and accessed from jurisdictions outside your home country, which may have different data protection laws and requirements.

In addition, third-party service providers engaged by us may have access to Personal Data where necessary to perform services for us. These may include providers of cloud hosting, data storage, IT support, cybersecurity services, logistics and distribution partners, payment processors, professional advisers, event and business travel managers and other operational support services. Such third-party service providers are required to handle Personal Data in accordance with applicable legal obligations and with appropriate safeguards in place.

We will ensure that any cross-border transfers or third-party access comply with applicable legal requirements, including implementing contractual or technical measures to protect your Personal Data. Access to your Personal Data by our subsidiaries, affiliates, and authorised service providers is restricted to those who need it to perform their roles and for the purposes described in this Privacy Notice.

In the European Economic Area ("EEA"), NAS has entered into data transfer agreements with group companies with which it shares Personal Data to ensure an adequate level of protection of Personal Data.

If NAS takes part in a merger, acquisition, joint venture, restructuring, or sale of all or part of its business, Personal Data may be shared with parties involved in the transaction and with their professional advisers, to the extent necessary for review and completion of the proposed transaction. Where required, these parties will be subject to confidentiality or data protection obligations. Should a transaction proceed, Personal Data may be transferred to the successor entity and will continue to be handled in line with this Privacy Notice unless we inform you otherwise.

Retention of Personal Data

We retain Personal Data for as long as necessary to for the following purposes:
 

  • fulfil the purposes for which it was collected
  • comply with applicable legal, regulatory, accounting, or reporting requirements
  • establish, exercise, or defend legal claims

Where applicable, we may also consider factors such as internal policies, industry standards, the nature and sensitivity of the Personal Data, and the potential risk of harm from unauthorised use or disclosure. When Personal Data is no longer required, we will take reasonable steps to securely delete, de-identify, anonymise, or otherwise dispose of it in accordance with applicable laws.

Rights of Individuals

Your rights depend on the laws of the country whose law applies to the processing. Not all rights described below apply in every country or in every circumstance. They may include:  Right of access – to know whether we hold Personal Data about you and obtain a copy;  Right to correction/rectification – to correct inaccurate or incomplete Personal Data; Right to deletion / erasure;  Right to withdraw consent – withdrawal however does not affect past lawful processing;  Right to object or restrict processing;  Right to data portability;  Right not to be subject solely to automated decision-making.

You can exercise your rights using the contact details in the “Contact Us” section. We may need to verify your identity and are permitted, in some cases, to charge a reasonable fee (e.g., for repeated or manifestly unfounded access requests).

Some of these rights are available only in certain countries and may be subject to conditions, limitations, or exceptions under local legislation. We will assess and respond to all rights requests in accordance with applicable legal requirements.

We maintain appropriate administrative, technical, and physical safeguards to protect your Personal Data collected by us against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of your Personal Data in our possession. 

However, no method of transmission over the Internet or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us due to technological limitations or factors beyond our control. It is also not possible to guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

We maintain procedures for identifying, investigating, and responding to suspected Personal Data breaches. Where required under applicable laws, we will notify the relevant data protection authority and affected individuals of a breach within the prescribed timelines. 

If you believe your Personal Data has been compromised, please contact us using the contact details in the “Contact Us” section.

If you wish to escalate a concern about how we handle your Personal Data, you may lodge a complaint with the data protection authority that has jurisdiction in your country.

Automated Decision-Making and Use of AI

We do not use Personal Data to make decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you within the meaning of applicable data protection laws.

Where we use automation or AI tools - such as generating contact or communication recommendations – these tools are used only to assist our internal processes. They do not determine outcomes independently, and they do not have any legal or material impact on your rights, obligations, or access to our services. All such activities involve human oversight, and final decisions are made by authorized personnel.

Cookies and Tracking Technologies

Our websites, portals, and digital platforms may use cookies, web beacons, and similar tracking technologies to support functionality, enhance user experience, and analyse usage. You may adjust your browser settings to refuse or manage cookies, although doing so may affect certain features of our services.

Data Controller

NAS that initially collects your Personal Data, or with which you have a business, contractual, or employment relationship, is the data controller responsible for determining the purposes and means of processing your Personal Data under applicable laws.

CONTACT US

If you wish to exercise your rights that are referred to in this Privacy Notice or have any questions or concerns about this Privacy Notice or our privacy practices, please contact us at the following:
https://www.nagase.co.jp/english/contact/

Alternatively, you may contact us in writing at:
Nagase Singapore (Pte) Ltd 
300 Beach Road #38-03 The Concourse 
Singapore 199555

 

Last updated: 27 April 2026