de-CH

SELECT LOCATION AND LANGUAGE

SHIMANO CONNECT LAB WEB APP DATA PROTECTION NOTICE

Last Updated: June 2024

1.Introduction and Scope

This Data Protection Notice (the "Notice") describes the data processing activities in connection with your use of the following web app developed and offered by Shimano Inc.

  • SHIMANO CONNECT Lab Web App (the "Web App")

Unless stated otherwise, the information provided herein applies to the Web App in general.

This Notice also informs you about the most relevant aspects of the arrangement concluded between the Shimano entities responsible for the data processing activities in connection with the Web App.

Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental economic, cultural or social identity of that natural person ("Personal Data").

Special categories of personal data include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation (also referred to as "Sensitive Data").

You can find more information about how we process the Personal Data of California consumers by reviewing the “Additional Disclosures for California Consumers” section of this Notice below.

2.Data controller

Shimano Inc. ("SIC")
3-77 Oimatsu-cho, Sakai-ku, Sakai City
Osaka 590-8577, Japan

together with

SHIMANO EUROPE B.V. ("SEU")
High Tech Campus 92, 5656 AG Eindhoven,
The Netherlands,

SHIMANO NORTH AMERICA HOLDING, INC. ("SNAH")
One Holland, Irvine, California 92618 U.S.A.

and

SHIMANO SALES CO., LTD. ("SSJ")
1-5-15 Chikukou-Shinmachi, Nishi-ku, Sakai-shi, Osaka, 592-8331, Japan

are the entities responsible for the processing of your Personal Data in relation to the Web App as joint data controllers (SIC, SEU, SNAH and SSJ together referred to hereinafter as "we", "our" or "us").

In derogation of the above, the controller(s) responsible for the processing of your Personal Data in relation to the Web App in

  • Australia, Taiwan, New Zealand, South Korea, Brazil, Indonesia, Thailand, Argentina, Chile, Colombia, Costa Rica, Guatemala, India, Malaysia, Mexico, Panama, Philippines, Singapore, Uruguay, Ecuador and Venezuela is SIC,
  • Switzerland, Isreal, Turkey , Andorra, Bosnia and Herzegovina, Monaco and Republic of South Africa are SIC and SEU, and
  • Canada are SIC and SNAH.

If you are from these countries, by referring to "we", "our" or "us" and by referring to SIC and/or SSJ and/or SNAH and/or SEU we only refer to the respective company or companies named above for the respective country.

You can contact each joint controller by postal mail at the address above.

3.Data Protection Officer

We have appointed a group Data Protection Officer ("DPO") to manage all matters related to data protection and privacy. If you have any questions regarding the processing of your Personal Data, please contact our DPO at privacy@shimano-eu.com.

4.Information we collect

The Web App offers you a variety of functionalities, services and features (the "Services") which require or allow you to provide us with Personal Data about you. Additionally, we automatically collect information about you, including Personal Data, upon download and installation of the Web App on your device.

4.1Information you provide to us

When using the Web App you have the option to enjoy our contents and Services which may require or allow you to provide us with Personal Data.

If certain information is required for us to be able to provide you with a specific service, we will mark it as such. Failure to provide us with the information results in the impossibility of providing you with the requested service.

  • User information: username (nickname), Shimano ID, login password (encrypted), gender, year and date of birth, place of residence (country/state/prefecture level), email address, and date of account creation, last login, last update, user image, authentication data for third party services
  • Settings: language, region, measuring unit (metric/yard), date/time format, private location, IP Address
  • Sensor device information: used sensor, sensor ID, type/manufacture
  • Bike ride log: (max./ave.) power, latitude/longitude of Sensor device, obtained elevation, elapsed/riding time, distance, (max./ave.) speed, (max./ave.) pedaling cadence, (max./ave.) pedaling vector and efficiency, ave. torque, heading, gear shifts, connected sensor device (name/type/manufacture/ID), health related information (max./ave. heart rate, body weight)
  • Any additional information you choose to provide (e.g. log-in details like usernames or email addresses used for third party services or devices by connecting the Web App to such third party services or devices, like Garmin, WAHOO)

4.2Information we automatically collect

When using the Web App and Services we automatically collect Personal Data as described below:

  • Web App usage log information: Log (information about your interactions with the Web App, including access, error logs and crash recovery logs, date/time stamps and clickstream data)

4.3Information we receive from other sources

As a general rule, we collect information directly from you. However, we also receive Personal Data about you from other sources in the following situations:

  • Social Media

You can register to the Web App by email address or by connecting with existing accounts on social media networks such as Facebook, Google and Apple.

If you choose to use a social media account to register to the Web App, we will process the data of your social media user account. This information varies depending on the settings of your social media account and can consist of the following: account name, location, gender, age, email address, etc. Please note that by logging in via your Social Media accounts the providers of the Social Media platform can receive certain information about the fact that you have created an account with the Web App.

  • Third party providers of cycle computers, power meters or similar devices

You can choose to connect your Web App account with those services provided by third parties that are indicated in the settings of your Web App account (e.g. Garmin, WAHOO). In order to activate the connection via your Web App settings you have to provide the log in information for your third party account as requested in the connection procedure. By activating the connection you agree that the information stored by these third parties are transferred to us, stored by us, and further processed by us to the extent the Web App’s functionalities are capable of processing this information (e.g. ride logs and information contained in them). For further information on the contents of the third party ride logs please refer to the data protection notice or the ride log descriptions provided by the third parties. You can prevent the data transfer to us by disconnecting the services from the Web App.

If you choose to connect the Web App with your third party service account, we will process information about your user account. This information can consist of the following: account name, email address. Please note that by connecting the Web App to your third party service account the respective third party service provider can receive information about the fact that you have linked your Web App to your account.

4.4Deidentified data

We may de-identify Personal Data so that it cannot be used to identify you and is no longer Personal Data. We will maintain and use this data only in deidentified form and will not attempt to re-identify the data.

4.5Cookies, similar technologies and tracking tools

The Web App uses cookies, similar technologies and tracking mechanisms to collect information.

Cookies are small text files stored on your device with a variety of purposes. You can manage and delete the cookies on your device in the corresponding device settings.

The local storage allows data to be stored in your browser’s storage which may also remain stored after the browser has been closed.

a
The Web App uses strictly necessary cookies and local storage objects. Strictly necessary cookies or local storage objects are essential for the operation and use of our Web App. Without these cookies or local storage objects, we would not be able to offer you our Web App and Services. Therefore, you cannot opt out of them.
b
We use tracking tools to collect information about the users' behaviour and interactions with the Web App and Services, e.g. what features are most frequently used. The processing of Personal Data collected via these tools is based on the user's consent. You can withdraw your consent at any time with effect for the future. Please see Section 9 below for more information on how to exercise your rights.

The Web App uses the following cookies and local storage objects:

Name Duration Purpose Type

apiDomain_<apiKey>

12 Months

The shared domain API calls for all sites in a group should be sent to.

Persistent

gig_bootstrap_<apiKey>

12 Months

Internal cookie for the Web SDK

Persistent

gig_canary

1 year (only active ~3 days)

Indicates whether the client is using the canary version of the WebSDK.

Persistent

gig_canary_ver

1 year (only active ~3 days)

The version name of the WebSDK's canary version.

Persistent

_gig_llu

12 Months

Last login provider username for Login "Welcome back" screen.

Persistent

_gig_llp

12 Months

Last login provider name for Login "Welcome back" screen.

Persistent

gig_last_ver_<APIKey>

12 Months

Last time of verification of the session when the site is using the verifyLoginInterval property of global CONF in order to trigger reverification.

Persistent

gig_loginToken_<APIKey>

12 Months

Gigya's Single Sign On (SSO) group login token.

Persistent

gig_loginToken_<APIKey>_exp

12 Months

SSO expiration.

Persistent

gig_loginToken_<API_KEY>_revoked_tokens

12 Months

Revoked login tokens in an SSO group. In SSO scenarios, indicates to the Web SDK that the current token was revoked, so as to log the user out.

Persistent

gig_loginToken_<APIKey>_session

-

Indicates if the group login token session is still activated.

Session

gig_loginToken_<APIKey>_visited

12 Months

Used to keep track of visited sites within the same SSO group.

Persistent

gmid

12 Months

User cookie.

Persistent

hasGmid

13 Months

Internal cookie for the Web SDK

Persistent

ucid

13 Months

Unique computer identifier used for generating reports, and used by the Web SDK to get saved response.

Persistent

glt_<APIKey>

30 days

Login Token for authentication.

Persistent

accountInfo uid

Permanent
(Deleted on logout)

UID of the logged-in user

Persistent

accountInfo uidSignature

Permanent
(Deleted on logout)

Original signature received from client-side login operations

Persistent

accountInfo signatureTimestamp

Permanent
(Deleted on logout)

Original timestamp received from client-side login operations

Persistent

accountInfo profile age

Permanent
(Deleted on logout)

Used for user information settings on the settings screen and activity upload API requests

Persistent

accountInfo profile birthDay

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile birthMonth

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile birthYear

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile email

Permanent
(Deleted on logout)

Used in the user information settings on the configuration screen

Persistent

accountInfo profile firstName

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile gender

Permanent
(Deleted on logout)

Used in user information settings on the settings screen and in requests for the entry API and activity upload API

Persistent

accountInfo profile lastName

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile nickname

Permanent
(Deleted on logout)

Used in user information settings in the sidebar and settings screen

Persistent

accountInfo profile photoURL

Permanent
(Deleted on logout)

Used in the sidebar, user information settings on the settings screen, and user image settings dialog

Persistent

accountInfo profile profileURL

Permanent
(Deleted on logout)

-

Persistent

accountInfo profile thumbnailURL

Permanent
(Deleted on logout)

Used in the sidebar, user information settings on the settings screen, and user image settings dialog

Persistent

accountInfo profile timezone

Permanent
(Deleted on logout)

Time zone ID, used for date display

Persistent

accountInfo profile isConsentGrantedForSavingHealthInfo

Permanent
(Deleted on logout)

Consent status (body information storage).
Used in Activity Upload API requests, Weight Settings dialog, Max Heart Rate Settings, Resting Heart Rate Settings, Dashboard screen, Statistics Power Curve screen, and Settings screen external integration.

Persistent

accountInfo profile isConsentGrantedforUsingHealthInfo

Permanent
(Deleted on logout)

Consent status (analysis of physical information).

Persistent

accountInfo profile isConsentGrantedforAnalysing

Permanent
(Deleted on logout)

Consent status (usage analysis)

Persistent

accountInfo gigyaData bd place0 lv1

Permanent
(Deleted on logout)

Used in the user information settings on the configuration screen

Persistent

accountInfo gigyaData bd palce0 lv0

Permanent
(Deleted on logout)

Used in the user information settings on the configuration screen

Persistent

accountInfo gigyaData labFlag

Permanent
(Deleted on logout)

-

Persistent

accountInfo gigyaData labLoginControlFlag

Permanent
(Deleted on logout)

-

Persistent

accountInfo gigyaData lastLabFlagModified

Permanent
(Deleted on logout)

-

Persistent

accountInfo gigyaData lastSidFlagModified

Permanent
(Deleted on logout)

-

Persistent

accountInfo gigyaData sidFlag

Permanent
(Deleted on logout)

-

Persistent

accountInfo accessToken

Permanent
(Deleted on logout)

Access token
Used for each API call.

Persistent

accountInfo refreshToken

Permanent
(Deleted on logout)

Refresh Token
Used in case of 401 error.

Persistent

setting isAutoFtpUpdate

Permanent

Automatic FTP Update
Used in the Automatic FTP Update checkbox on the Settings page.

Persistent

setting restingHeartRate

Permanent

Resting heart rate (bpm)
Used to set the resting heart rate on the settings screen.

Persistent

setting maxHeartRate

Permanent

Maximum heart rate (bpm).
Used to set the maximum heart rate on the settings screen.

Persistent

setting language

Permanent

Language.
Used in the settings screen display settings, user information settings, and password reset link.

Persistent

setting distanceUnit

Permanent

Distance and speed units.
Used in the Activity List, Graph, Summary, and Section Control portions of the Analysis screen, Dashboard screen, Display Settings screen, Statistics Power Curve screen, and Calendar screen.

Persistent

setting altitudeUnit

Permanent

Units of Elevation.
Used in the Activity List, Graph and Summary of Analysis screen, Dashboard, Display Settings screen, Statistics Power Curve screen, and Calendar screen.

Persistent

setting weightUnit

Permanent

Weight Units.
Used in activity list, settings screen display settings and weight settings, analysis screen, dashboard graph, statistical power curve screen, and calendar screen.

Persistent

setting temperatureUnit

Permanent

Temperature Units.
Activity List, Analysis Screen Summary, Setup Screen Display Settings, Statistics Power Curve Screen, and Calendar Screen.

Persistent

setting dateFormat

Permanent

Date display format.
Used for maintenance announcements, dashboard graphs, settings screen display settings and FTP settings, statistical power curve screen, and date display.

Persistent

setting timeFormat

Permanent

Time display format.
Used for activity list, maintenance announcements, weight and FTP settings dialogs on the settings screen, and date display.

Persistent

setting linksGarmin

Permanent

Garmin linkage status.
Used in web linkage settings on the settings screen.

Persistent

setting linksWahoo

Permanent

Wahoo linkage status.
Used in web linkage settings on the settings screen.

Persistent

setting linksStrava

Permanent

STRAVA integration status.
Used in the Activity Share dialog, Activity Upload dialog, and Web Linkage settings in the Settings screen.

Persistent

setting linksTrainingpeaks

Permanent

TrainingPeaks integration status.
Used in the Activity Share dialog, Activity Upload dialog, and Web Linkage settings in the Settings screen.

Persistent

setting wahooUserName

Permanent

Wahoo User Name.
Used in web linkage settings on the configuration screen.

Persistent

setting stravaUserName

Permanent

STRAVA user name.
Used in web linkage settings on the configuration screen.

Persistent

setting trainingpeaksUserName

Permanent

TrainingPeaks username.
Used in web linkage settings on the configuration screen.

Persistent

setting isAutoShare

Permanent

Automatic activation of links for sharing.
Used in web linkage settings on the configuration screen.

Persistent

setting isAutoStravaUpload

Permanent

STRAVA automatic transfer availability.
Used in the Activity Upload dialog and in the Web Linkage settings on the Settings screen.

Persistent

setting isAutoTrainingpeaksUpload

Permanent

TrainingPeaks automatic transfer or not.
Used in the Activity Upload dialog and in the Web Linkage settings on the Settings screen.

Persistent

setting dashSection

Permanent

Dashboard section (weekly/monthly).
Used in dashboard settings on the settings screen and in dashboard graphs.

Persistent

setting dashItem1Id

Permanent

Dashboard Item 1 Parameter ID.
Used in dashboard settings on the settings screen and in dashboard graphs.

Persistent

setting dashItem2Id

Permanent

Dashboard Item 2 Parameter ID.
Used in dashboard settings on the settings screen and in dashboard graphs.

Persistent

setting dashTab1Id

Permanent

Dashboard Tab 1 Activity Category ID.
Used in dashboard settings on the settings screen, dashboard tab view.

Persistent

setting dashTab2Id

Permanent

Dashboard Tab 2 Activity Category ID.
Used in dashboard settings on the settings screen, dashboard tab view.

Persistent

setting dashTab3Id

Permanent

Dashboard Tab 3 Activity Category ID.
Used in dashboard settings on the settings screen, dashboard tab view.

Persistent

setting dashTab4Id

Permanent

Dashboard Tab 4 Activity Category ID.
Used in dashboard settings on the settings screen, dashboard tab view.

Persistent

activityCategories id

Permanent

Used in Activity List screen, Edit Activity dialog, Dashboard Settings in Settings screen, and Dashboard tab view

Persistent

activityCategories nameCode

Permanent

Used in Activity List screen, Edit Activity dialog, Dashboard Settings in Settings screen, and Dashboard tab view

Persistent

activityListSettings id

Permanent

Used in the activity list screen

Persistent

activityListSettings parameterId

Permanent

Used in the activity list screen

Persistent

activityListSettings isVisible

Permanent

Used in the activity list screen

Persistent

activityListSettings sortOrder

Permanent

Used in the activity list screen

Persistent

activityListParameters id

Permanent

Data for activity items that can be changed in the pull-down

Persistent

activityListParameters nameCode

Permanent

Used in the Activity List screen and in the Activity List settings on the Settings screen.

Persistent

activityListParameters unitType

Permanent

Data for activity items that can be changed in the pull-down

Persistent

activityListParameters unit

Permanent

Used in the Activity List screen and in the Activity List settings on the Settings screen.

Persistent

dashboardParameters id

Permanent

Used in dashboard graphs

Persistent

dashboardParameters nameCode

Permanent

Used in dashboard graphs

Persistent

dashboardParameters unitType

Permanent

Used in dashboard graphs

Persistent

dashboardParameters unit

Permanent

Used in dashboard graphs

Persistent

needsShowGraphOperationTutorial

Permanent

Should the graph manipulation tutorial be shown
Used in graphs on the analysis screen.

Persistent

needsShowStandingButtonTutorial

Permanent

Should a standing button tutorial be shown or
Used in the analysis screen.

Persistent

sectionControlSize

Permanent

Size of the section control section of the analysis screen

Persistent

powerCurveActivityGroups value

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

powerCurveActivityGroups type

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

powerCurveActivityGroups label

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

powerCurveActivityGroups beginDate

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

powerCurveActivityGroups endDate

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

powerCurveActivityGroups sortOrder

Permanent

Statistics screen and Power Curve display target activity group selection status

Persistent

maxPowerIntervals

Permanent

Interval selection state of statistics screen and maximum power display

Persistent

isMobile

Permanent

Used in header button

Persistent

windowSize height

Permanent

-

Persistent

windowSize width

Permanent

Used in analysis screens, dashboard screens, statistics screens, sidebars, and dialog buttons

Persistent

pastLoginUsers uid

Permanent

Stores up to 10 user IDs that have logged in in the past.
Displays initial login dialog when logging in with a uid not in the list

Persistent

pastLoginUsers StatisticsWindowsStats index

Permanent

Index of the corresponding window

Persistent

pastLoginUsers StatisticsWindowsStats params parameterGroupId

Permanent

Parameter group ID

Persistent

pastLoginUsers StatisticsWindowsStats params activityGroup

Permanent

Activity group

Persistent

pastLoginUsers StatisticsWindowsStats params customActivityGroupSelected

Permanent

Custom activity group selection state

Persistent

pastLoginUsers StatisticsWindowsStats params Interval

Permanent

Interval

Persistent

pastLoginUsers StatisticsWindowsStats params selectIntervals

Permanent

Selectable display intervals

Persistent

pastLoginUsers StatisticsWindowsStats selectedGraphIndex

Permanent

Indicators for selected graphs

Persistent

5.Purposes and legal bases

We process your Personal Data only for specified, explicit and legitimate purposes and provided that we have a legal basis to rely on. Your Personal Data will not be processed for any purpose other than the one they were originally collected, unless the new purpose is compatible with the initial one or in the event you give us your consent.

We have summarized the purposes for which we process your Personal Data and the legal bases we justify the processing with in the list below:

  • User identification:

    We use your Personal Data to verify your identity when registering and logging into the Web App.

    The processing of your Personal Data for this purpose is necessary for the performance of the contract concluded with you for the use of the Web App, see Art. 6 (1)(b) General Data Protection Regulation ("GDPR").

  • Use of the Web App and the Services:

    The Web App operates and the Services are provided on the basis of the user profile you have created. We use your Personal Data to manage your sensor device information and ride log associated with your user account. Our aim is to offer you a seamless experience by enabling you to access your data from any place and any device. We base the processing of your Personal Data for the above purposes on the performance of a contract to which you are party, see Art. 6 (1)(b) GDPR.

    When configuring your user profile, you can choose to submit more information than the strictly required to provide you with the Services. The provision of optional information to complete your user profile enables you to benefit from a more personalized experience on the Web App. Some of the Services may also enable you to provide us with health related data (heart rate and weight information).

    We rely on your consent to process any Personal Data you have freely chosen to provide us with (see Art. 6 (1)(a) GDPR) or which are health related (see Art. 9 (2)(a) GDPR). In case you withdraw your consent, for example, by updating your user profile, we will stop processing your Personal Data for this purpose.

  • Communication with you:

    We use your Personal Data to contact you (i) in order to provide you with information about the Apps and their functionalities for the purpose of providing you with the Services, (ii) to send you information about similar products and/or services, (iii) upon your request or consent (for example, to obtain feedback from you in order to improve our products, services and/or marketing).

    We base the processing of your Personal Data on your consent, as well as on the performance of a contract to which you are party and our legitimate interests to provide customer support, and to provide you with product and/or service information, see Art. 6 (1)(a), (b) and (f) GDPR.

  • Product development and quality improvement:

    We process your Personal Data (specifically, your bike ride log information including your health related data) for product development and quality improvement purposes, e.g. to detect and analyze problems in our products, to carry out predictive maintenance and calculate the necessary product replacement timing, to develop and introduce new products and test their compatibility, etc.

    We base the processing of the bike ride log on our legitimate interests to improve the quality of our products and services, for product development research and to expand and grow as a business, see Art. 6 (1)(f) GDPR. We base the processing of health related information on your consent, see Art. 9 (2)(a) GDPR. In case you withdraw your consent, we will stop processing these Personal Data for this purpose.

    We further aggregate user data collected in our database in order to provide data analysis services (e.g. regarding model usage, gender ratio, average speed/distance/bike time, firmware status) to manufacturers of bikes or bike components. By way of data aggregation, all Personal Data is anonymized before it is transmitted to the respective recipient so that it is not possible for the manufacturer to directly or indirectly identify you.

    For this purpose, we rely on our legitimate interests to provide the added services to our cooperation partners and on the legitimate interests of our cooperation partners to be able to analyze model usage, see Art. 6 (1)(f) GDPR.

  • Web App user measurement and usage analysis for product development and quality improvement:

    We analyze the performance of the Web App and Services, the users’ content and the users’ handling of the Web App and Services in order to understand how users interact with the Web App and Services and improve them accordingly and to develop and introduce new products and test their compatibility, etc.

    We rely on your consent to process your Personal Data for this purpose, see Art. 6 (1)(a) GDPR. In case you withdraw your consent, we will stop processing your Personal Data for this purpose.

  • Detect and avoid misuse of the Web App:

    We analyze technical data gathered via the Web App to detect and avoid misuse thereof, for example, by a breach of the terms of use of the software license agreement.

    We base the processing of your Personal Data on the performance of a contract to which you are party, as well as on our legitimate interests in prosecuting any misuse of the Web App which could affect Shimano and could have legal consequences, see Art. 6 (1)(b) and (f) GDPR.

Where the above purposes require or involve the processing of Sensitive Data, we will ask for your express consent, as required by law, see Art. 9 (2)(a) GDPR.

6.Recipients of Personal Data

We share your Personal Data with the following recipients:

  • Other group companies and distributors. Given the international footprint of our business, our group companies work closely together. To be able to do so, we share data, including Personal Data, within the group. This means that your Personal Data is shared with other group companies and distributors. You can find a list of all the group companies and distributors with whom we share your Personal Data as attached.
  • Service providers acting on our behalf. We engage service providers to assist us in our daily business such as IT support and maintenance providers, web server providers. All service providers are legally and contractually required to respect and comply with applicable data protection legislation. Our service providers include:
    • Amazon Web Service, Inc. (“AWS”), 410 Terry Avenue North, Seattle, WA 98109-5210, USA (cloud service provider acting as sub-processor);
    • SAP, Dietmar-Hopp-Allee 16, 69190 Walldorf, Germany (data processor; provider of customer relations and identity management services); and
    • NSW Inc., 31-11 Sakuragaokacho, Shibuya City, Tokyo 150-8577, Japan (data processor; development and maintenance provider)
    • Sonix Co., Ltd., 7-9-5, Nishigotanda, Shinagawa-ku, Tokyo, 141-0031 Japan (data processor; development and maintenance provider)
  • Third-party apps. Our Web App allows you to automatically or manually share your bike ride log information with other third-party applications. Please note that we do not share any information with third-party providers unless the user so requests. If you turn on automatic forwarding the ride logs will be automatically sent to the third-party app accounts when the ride log is uploaded to Shimano’s servers. You can deactivate the automatic forwarding at any time with effect for the future. Please note that the data protection notices provided by the third-party app providers for the respective apps apply for any processing of your Personal Data by the third-party apps after the transfer. The third-party apps you may share your data with are:
    • Strava
    • Training Peaks

The transfer of your Personal Data to recipients located in third countries outside of the European Economic Area ("EEA") is subject to the provisions set out in Section 7 below ("international data transfers").

7.International data transfers

All data collected via the Web App will be stored centrally in the European Union ("EU)" region of AWS and SAP. As (joint) data controller, SIC has access to these databases. Accordingly, your Personal Data will be transferred and/or disclosed to recipients located outside of the EEA in Japan which has been recognized by the European Commission in its adequacy decision (Commission Implementing Decision 2019/419 of 23 January 2019) as providing for an adequate level of data protection. AWS is located in the USA. The data transfer to AWS is based on the EU-US-Data Protection Framework which is an adequacy decision by the EU Commission determining that the USA provide an adequate level of data protection. In addition, standard contractual clauses for the transfer of personal data to processors established in third countries have been concluded. A copy of the clauses can be requested from the data processing officer.

8.Retention periods

We will not process your Personal Data longer than necessary for the purpose for which it was originally collected.

Subject to statutory retention periods, we will delete your Personal Data:

  • in the event of inactivity of your user profile for a period of 5 years; and/or
  • when you delete your user profile by using the functionality in the account management settings in the Web App.

9.Your rights

Under applicable data protection law, you have certain rights with regard to the processing of your Personal Data by us:

  • Right of access to your Personal Data;
  • Right to rectification of inaccurate or incomplete Personal Data;
  • Right to erasure of your Personal Data;
  • Right to restriction of processing;
  • Right to data portability, when the processing of your Personal Data is based on your consent or on a contract, and the processing is carried out by automated means;
  • Right to withdraw consent with effect for the future
  • Right to lodge a complaint with a supervisory authority; and
  • Right to object to the processing of your Personal Data on grounds relating to your particular situation, and right to object to the processing of your Personal Data for direct marketing purposes.

U.S. residents may also contact us to appeal any decision we make relating to requests to exercise your rights. To appeal a decision, please contact us using the contact details above.

10.Joint controllership agreement

SIC, SSJ, SNAH and SEU jointly determine the purposes and the means of the processing of your Personal Data in connection with the Web App as described in Section 2 above. Consequently, as required by law, SIC, SSJ, SNAH and SEU have entered into a joint controllership agreement for personal data of users located in the EEA pursuant to Art. 26 GDPR. SIC, SSJ, SNAH and SEU will coordinate and cooperate with each other in order to comply with their data protection obligations, to observe your rights and to process your request and reply to any of your inquiries.

SEU is the designated point of contact for the Web App users requesting to exercise their rights under Section 9 above. If you want to do so, or in case you have questions regarding them, please contact SEU by phone at +31-40-2612222 or by email at privacy@shimano-eu.com. In addition, If you are located in the EU, please note that in addition to your designated point of contact, you may also contact SIC, SNAH and SSJ to exercise your rights.

11.Data security

We have implemented standard industry practices internally and with our service providers to maintain the security of your Personal Data depending on its sensitivity and to avoid disclosure of such Personal Data unpermitted under this Notice.

12.Third-party links and websites

Our Services offer you the possibility of accessing third party content, such as websites, apps and online services. Please note that we are not responsible for the data processing activities of these third parties. We encourage you to read the data protection notices of any third party website, app or online service you connect with.

13.Children

We do not knowingly process Personal Data from individuals under the age of 16 without parental or guardian consent. If you are the parent or the guardian of a child and you believe that we have processed Personal Data about him or her, please contact our DPO using the contact details described above in Section 3.

14.Miscellaneous

This Notice may be revised from time to time to reflect and comply with changes in applicable legislation. We will inform you about any updates in an appropriate manner, e.g. via email or a message in the Web App. The date of the last update is available at the top of this Notice.

Attachment

Andorra

  • SHIMANO IBERIA, S.L.
  • Avenida Doctor Severo Ochoa 34, 28100 Alcobendas, Madrid, Spain
  • Phone: +34 91 902 25 86
  • E-mail: info.iberia@shimano-eu.com

Argentina

  • SHIMANO ARGENTINA SAU
  • ESTADOS UNIDOS 20 PISO 5 CABA, C1101AAB Argentina
  • TEL: 0800-345-2423

Australia

  • SHIMANO AUSTRALIA CYCLING PTY. LTD. 2 Wurrook Circuit,
  • Caringbah, NSW, 2229, Australia
  • Tel.: +61-2-9526-7799
  • Fax.: +61-2-9526-7622
  • Web: https://bike.shimano.com/en-AU/home.html

Austria

  • Thalinger Lange GmbH
  • Schubertstraße 12
  • A-4600 Wels, Austria
  • Tel.: +43 7242 497 - 0
  • Fax: +43 7242 497 - 248
  • E-Mail: mail@thalinger-lange.com
  • Web: www.thalinger-lange.com

Belgium

  • Shimano Belgium N.V.
  • Zandvoortstraat 21, 2800 Mechelen, Belgium
  • Phone: +32-15-209480 / Fax: +32-15-209410

Bosnia and Herzegovina

  • SBM-EUROTRADE TRGOVINA DOO
  • Istocna Obilaznica 4, 37000 Krusevac
  • Phone: +381 37 310 1669
  • E-mail: info@sbm-eurotrade.com

Brazil

  • Shimano Latin America
  • Alameda Santos, 415 – 6º andar – Cj 61
  • Cerqueira César, São Paulo - SP, 01419-000
  • Brazil
  • Email: contato@shimano.com.br

Bulgaria

  • BG-Eurotrade Ltd.
  • Iztochna Tangenta Str., Nr. 102
  • District Slatina, 1592 Sofia
  • Bulgaria
  • Phone: (+3592) 418 3615
  • Fax:(+3592) 4167690

Canada

  • SHIMANO CANADA LTD.427 Pido Road Peterborough, Ontario
  • K9J 6X7 Canada
  • Tel.: +1-705-745-3232
  • Fax.: +1-705-745-1949

Chile

  • Andes Industrial Ltda
  • Santa Elena #1511 – Santiago
  • Santiago, 8360349
  • Phone: (+56) 2 2650-3100

Colombia

  • HA Bicicletas S.A
  • Calle 14 Nº 52 A - 187
  • Medellin, 050023
  • Phone: (+57) 4 285-5040
  • Email: servicioalcliente@habicicletas.com

Costa Rica

  • Ciclo San Nicolas S.A.
  • Av. 10 entre calles 4 y 6 o de la Bomba la Castellana
  • 125 mts Este - San José, 10103
  • Phone: (+506) 2521-6090
  • Email: info@ciclosannicolas.com

Croatia

  • CS-Eurotrade d.o.o.
  • CKZ 135
  • 8270 Krsko
  • Slovenia
  • Phone: 386-7-4902500
  • Fax: 386-7-4902549

Cyprus

  • Eurotrade Ltd.
  • Ag. Vassilios
  • 26504 Patras
  • Greece
  • Phone: +30 2610 911 4 50
  • E-mail: info@eurotrade.com.gr
  • URL: www.bikesworld.gr

Czech Republic

  • Paul Lange Ostrava s.r.o.
  • Sabinova 2
  • CZ-72100 Ostrava-Svinov, Czech Republic
  • Tel.: +420 596 634 608
  • Fax: +420 596 780-995
  • E-Mail: info@paul-lange.cz
  • Web: www.paul-lange.cz

Denmark

  • Shimano Nordic Denmark
  • Forbindelsesvej 4
  • 2100 København Ø
  • Denmark
  • Phone: +4569911660
  • E-mail: infodk@shimano-eu.com
  • URL: www.shimano-nordic.dk

Ecuador

  • Águila Importaciones S.A.
  • Panamericana Norte y Luis H. Gordillo
  • Atuntaqui, 100214
  • (+593) 6 2530066 / +593 6 2530085
  • (+593) 997291777
  • aguilaimportaciones@gmail.com
  • URL: aguilaimportaciones.com/

Estonia

  • Shimano Polska Sp. z.o.o.
  • Ul. Gutenberga 9
  • 62-023 Żerniki
  • Poland
  • Phone:+48 61-62 52 100 / 106
  • E-mail: infopoland@shimano-eu.com
  • URL: www.shimano-polska.com

Finland

  • Shimano Nordic OY
  • Teknobulevardi 3-5, 01530 Vantaa, Finland
  • Phone: +35-8201-550800 / Fax: +35-8201-55080

France

  • Shimano France S.A.S..
  • Zone Actiparc, 777 Rue Commios, 62223 St.-Laurent-Blangy
  • Cedex, France
  • Phone: +33-321-732525

Germany

  • Paul Lange & Co. OHG
  • Hofener Straße 114
  • D-70372 Stuttgart
  • Germany
  • Tel.: +49 711 2588 - 02
  • Fax: +49 711 2588 - 305
  • E-Mail: info@paul-lange.de
  • Web: www.paul-lange.de

Greece

  • Eurotrade Ltd.
  • Ag. Vassilios
  • 26504 Patras
  • Greece
  • Phone: +30 2610 911 450
  • E-mail: info@eurotrade.com.gr
  • URL: www.bikesworld.gr

Guatemala

  • Bicimania
  • Calzada la paz 18-40 zona 5 ofibodegas centro 5
  • bodega 123 Bicimania .
  • Phone: (+502) 23367763

Hungary

  • Paul Lange Hungary Kft.
  • Központi út 28-32
  • H-1211 Budapest, Hungary
  • Tel.: +36 (1) 445-0371
  • Fax: +36 (1) 445-0676
  • E-Mail: info@paul-lange.hu
  • Web: www.paul-lange.hu

Iceland

  • Shimano Nordic AB
  • Edsbrogatan 1F
  • 752 28 Uppsala
  • Sweden
  • Phone: +46-18-56-16-00
  • Fax: +46-18-50-03-95
  • Email: infose@shimano-eu.com
  • URL: www.shimano-nordic.com

India

  • Shimano South Asia Pvt. Ltd.
  • No. 19, Kumarakrupa Road, Bangalore, Bangalore, Karnataka, India, 560001
  • Phone: +91-80-4125-3331
  • E-mail: sales@ssa.shimano.com.sg

Indonesia

  • PT. Rodalink Indo Tama
  • Jl. Jawa No. 393, Desa Wadungasih, Kec. Buduran, Kab. Sidoarjo, Jawa Timur, Indonesia
  • Phone: +62 31 8963951
  • Email: shimano.cvr@prolind-group.com

Ireland

  • Madison
  • Roebuck Way, Knowlhill, Milton Keynes, Buckinghamshire, MK5 8HL, United Kingdom Phone: +44 (0)1908 326032
  • Fax: 0800 1300 599
  • URL: www.madison.co.uk

Isreal

  • DAA SPORT & TECHNOLOGY LTD
  • Ci’im Industrial Park, Building D7, Poleg Industrial Area, Netanya 4250501, Israel
  • Phone:+972-(0)9-865-6960
  • Email: info@daa.co.il

Italy

  • Shimano Italy Bicycle Components SRL.
  • Strada Statale del Sempione 197, 20016 Pero - Milano (IT), Italy
  • Phone: +39 02 38592097 / Fax: +39-0331-936955

Japan

  • シマノセールス株式会社(大阪府堺市)
  • 〒592-8331 堺市西区築港新町1-5-15
  • (代表) Phone: 072-243-2820 / Fax: 072-243-2830

Latvia

  • Shimano Polska Sp. z o.o.
  • Ul. Gutenberga 9
  • 62-023 Żerniki
  • Poland
  • Phone: +48 61-62 52 100 / 106
  • E-mail: infopoland@shimano-eu.com
  • URL: www.shimano-polska.com

Lithuania

  • Shimano Polska Sp. z o.o.
  • Ul. Gutenberga 9
  • 62-023 Żerniki
  • Poland
  • Phone: +48 61-62 52 100 / 106
  • E-mail: infopoland@shimano-eu.com
  • URL: www.shimano-polska.com

Luxembourg

  • Shimano Belgium N.V.
  • Zandvoortstraat 21, 2800 Mechelen, Belgium
  • Phone: +32-15-209480 / Fax: +32-15-209410

Malaysia

  • Bike Science Sdn Bhd
  • No. 29 & 31, Jalan TPP 5/17,Taman Perindustrian Puchong,section 5, 47100 Puchong,Selangor, Malaysia.
  • Phone: +603-8061-0222
  • Fax: +603-8062-4855
  • E-mail: lerun@lerun.com.my

Malta

  • Shimano Italy Bicycle component SRL
  • Strada Statale del Sempione 197, 20016 Pero - Milano (IT), Italy
  • Phone: +39 02 38592097
  • Fax: +39 0331 936955
  • E-mail: bikeinfo.shimanoitaly@shimano-eu.com

Mexico

  • Shimano Latin America
  • Alameda Santos, 415 – 6º andar – Cj 61
  • Cerqueira César, São Paulo - SP, 01419-000
  • Brazil
  • Email: contato@shimano.com.br

Monaco

  • SHIMANO FRANCE S.A.S.
  • Zone Actiparc, 777 Rue Commios, 62223 St.-Laurent-Blangy Cedex, France
  • Phone: +33 (0)321 732525
  • E-mail: contact-france@shimano-eu.com

Netherlands

  • Shimano Benelux B.V.
  • Industrieweg 24, 8071 CT Nunspeet, the Netherlands
  • Phone: +31 341 272 222/ Fax: +31-341-272291

New Zealand

  • SHIMANO NEW ZEALAND LIMITED79 Apollo Drive, Albany, North Shore City 0632 Auckland, New ZealandTel.: +64-9-478-1969
  • Fax.: +64-9-479-6288
  • Web:https://bike.shimano.com/en-NZ/home.html

Norway

  • Shimano Nordic AS
  • Vakåsveien 7, 1395 Hvalstad, Norway
  • Phone: +47-66-77-80-10 / Fax: +47-66-77-80-11

Panama

  • Comercial Rali, S.A.
  • Av. Balvoa, Edficio Sky Business, Planta Baja
  • Republica de Panamá, 080807
  • Phone: (+507) 223-8054
  • Email: info@ralistoreonline.com

Philippines

  • Neo Zigma Cycle Corporation
  • 39 Kapiligan Street, Brgy. Dona Imelda, Quezon City, Philippines
  • E-mail: inquiry@zigma-sales.com

Poland

  • Shimano Polska Sp. z o.o
  • Ul. Jana Gutenberga, 62-023 Żerniki, Poland
  • Phone: +48-61-62-52-100

Portugal

  • Sociedade Comercial do Vouga Lda.
  • Rua da Fonte Nova, 1840 Variante Recardães Barrô 1840
  • 3750-720 Recardães
  • Portugal
  • Phone: +351 234 601500
  • Fax: +351 234 601159
  • E-mail: geral@scvouga.pt

Romania

  • ROM-Eurotrade S.R.L
  • Bucharest west Industrial park
  • Equest logistic Center
  • Strada DE 287/1, Building E2, Unit A1-A2
  • 077096, Judetul Ilfov
  • Romania
  • Phone: +40.21.350.5624
  • Fax: +40.21.350.5457
  • E-mail: info@rom-eurotrade.ro

Singapore

  • SHIMANO (SINGAPORE) PTE. LTD.
  • 11 Bulim Walk, Singapore 648105
  • Phone: +65-6265-4777
  • Fax: +65-6265-1575
  • E-mail: sales@shimano.com.sg

Slovakia

  • Paul Lange Oslany s.r.o.
  • Mierová 854/37
  • SK-97247 Oslany, Slovakia
  • Tel.: +421 465 492 344
  • Fax: +421 465 491 056
  • E-Mail: office@paul-lange-oslany.sk
  • Web: www.paul-lange.sk

Slovenia

  • CS-Eurotrade d.o.o.
  • CKZ 135
  • 8270 Krsko
  • Slovenia
  • Phone: 386-7-4902500
  • Fax: 386-7-4902549
  • Email: info@cs-eurotrade.com

Republic of South Africa

  • COOLHEAT CYCLE AGENCIES (PTY) LTD.
  • 57 Lake Road Longmeadow Business, Estate North extension no.7 Edenvale, 1609, P.O.Box 2984, Edenvale, 1610
  • Phone: +27 (0) 11 608 2003

South Korea

  • NANUX NETWORKS INC.
  • 33-4, Tekeunobaelli-ro, Jillye-myeo
  • 50875 Gimhae-si,Gyeongsangnam-d
  • South Korea
  • Email: mhkim@nanux.net

Spain

  • SHIMANO IBERIA, S.L.
  • Avenida Doctor Severo Ochoa 34, 28100 Alcobendas, Madrid, Spain
  • Tel: +34 91 902 25 86

Sweden

  • Shimano Nordic AB
  • Edsbrogatan 1F, 75228 Uppsala, Sweden
  • Phone: +46-18-56-16-00 / Fax: +46-18-50-03-95

Switzerland

  • FUCHS-MOVESA AG
  • Hübelacherstrasse 7, CH-5242 Lupfig, SwitzerlandTel.: +41 56 464 46 46
  • E-Mail: info@fuchs-movesa.ch
  • Web:http://www.fuchs-movesa.ch/

Taiwan

  • SHIMANO (TAIWAN) CO.,LTD.
  • 4F-3, Grand Asia Plaza, 138 Zhongming S.Road, Taichung, 40361 Taiwan
  • Phone: +886-4-2319-5318 / Fax: +886-4-2319-4020
  • Sunstar Taiwan Ent. Co., LTD
  • 39-1, 37th Road, Taichung Industrial Park, Taichung, Taiwan
  • Phone: +886-4-2359-6199

Thailand

  • Hah Hong Co., Ltd
  • 1 Yukol 2 Rd, Wat Thepsirin, Pom Prap Sattru Phai, Bangkok 10100
  • Email: sales@hahhong.com

Turkey

  • SHIMANO BISIKLET PARCA VE EKIPMANLARI SATIS SERVIS TICARET ANONIM SIRKETI
  • Şair Eşref Bulv. ĺsmet Kaptan Mah. Osman Şahin ĺş Mrk. No:4 K:7 D.:71, Çankaya - Konak / Izmir, Turkey 35210
  • Phone: +90 232 402 93 93
  • Fax: +90 232 484 07 40
  • Email: infosbtk@shimano-eu.com

United Kingdom

  • Madison
  • Roebuck Way, Knowlhill, Milton Keynes, Buckinghamshire, MK5 8HL, United Kingdom
  • Phone: +44 (0)1908 326000
  • Fax: 0800 1300 599
  • URL: www.madison.co.uk

United States of America

  • Shimano North America Bicycle, Inc.
  • One Holland, Irvine, California 92618 U.S.A.
  • Phone: +1-949-951-5003 / Fax: +1-949-768-0920

Uruguay

  • Villa Agreste SA
  • Juan Benito Blanco 975
  • Montevideo - 11113
  • Phone: +598 27091549
  • Email: montevideo@global-cycle.com

Venezuela

  • Invebica C.A.
  • Av.64 N° L-8 (Zona Industrial Castillito)
  • San Diego - Carabobo
  • Venezuela
  • Phone: +58-2418716105
  • Email: ventas@kamikaze.com.ve

Additional Disclosures for California Consumers

These disclosures describe how we collect, use, process, and disclose Personal Data of California consumers in the context of the Web App and Services (as defined above), as well as the rights you may have under California law. These disclosures are intended to supplement the Data Protection Notice with information required by California law.

Personal Data We Collect

California law requires that we describe the Personal Data we collect about California consumers, including by identifying specific categories of data. We collect Personal Data directly from consumers, automatically when consumers use the Web App and Services, and from other sources (such as from social networks, when you use a social media account to register to SHIMANO ID). As we describe in more detail above in the “Information We Collect” section of this Notice, we have collected the following categories of Personal Data in the past 12 months in the context of the Web App:

  • Identifiers (e.g., username and login password, Shimano ID, home address, email address, IP address, authentication data for third party services)
  • Demographics (e.g., gender, birthday)
  • Commercial Information (e.g., bike information such as nickname, components information (serial number, name and Universally Unique Identifier of wireless unit))
  • Biometric Information (e.g., bike ride log information such as pedaling cadence)
  • Internet Activity (e.g., bike ride log (power, location of sensor device, obtained elevation, elapsed/riding, time, distance, speed, pedaling cadence, pedaling vector and efficiency, ave. torque, heading, gear shifts, connected sensor details), Web App usage log information (information about your interactions with the Web App, including error and crash recovery logs, date/time stamps, clickstream data))
  • Sensitive Data (e.g., health data such as heart rate and weight data; precise geolocation data)

For information about our business or commercial purpose(s) for collecting, or possibly sharing, your Personal Data, please refer to the “Purposes and Legal Bases” section of the Notice above.

How We Disclose Personal Data

We may disclose your Personal Data to third parties as described in the “Recipients of Personal Data” section of the Notice above. We do not "sell" or "share" Personal Data as those terms are defined under California law. California law also requires that we provide you with information about certain disclosures of Personal Data to third parties, where the disclosures are made for “business purposes”, such as disclosures to service providers. We disclose the following types of Personal Data for our business purposes:

Category of Personal Data Recipient

Identifiers

  • Other group companies and distributors
  • IT support and maintenance providers
  • Web server providers

Health data

  • Other group companies and distributors
  • IT support and maintenance providers

Demographics

  • Other group companies and distributors
  • IT support and maintenance providers
  • Web server providers

Commercial Information

  • Other group companies and distributors
  • IT support and maintenance providers

Biometric Information

  • Other group companies and distributors
  • IT support and maintenance providers

Internet Activity

  • Other group companies and distributors
  • IT support and maintenance providers

Location Data

  • Other group companies and distributors
  • IT support and maintenance providers

California Rights

California law grants certain rights to California consumers. These include the rights to:

  • Access specific pieces of Personal Data (“Right to Access”)
  • Learn about how we process and share Personal Data (“Right to Know”)
  • Correct inaccurate or incomplete Personal Data ("Right to Correct")
  • Request deletion of Personal Data we collected from you (“Right to Request Deletion”)
  • Opt out of “sales” and "sharing" of Personal Data, as defined under California law
  • Restrict certain uses and disclosures of Personal Data that is considered sensitive personal information under California law
  • Not to be denied goods or services for exercising these rights

To exercise the Right to Access, Right to Know, Right to Correct or Right to Request Deletion: please contact us at privacy@shimano-eu.com or +1-800-423-2420. Only you or a person that you authorize to act on your behalf may make a request related to your Personal Data. A request to exercise any of these rights must (1) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Data (or an authorized representative of that person); and (2) describe your request with sufficient detail that allows us to understand, evaluate, and respond to your request. We will verify your identity by sending email to your registered email address and confirming reply from your email address. In certain cases, we may need to ask for more information. We may not be able to respond to your request or provide you with the information you requested if we are unable to verify your identity (or establish the authority of an authorized agent acting on your behalf). Authorized agents wishing to exercise rights on behalf of a California consumer should submit requests to privacy@shimano-eu.com along with a copy of the consumer’s signed authorization designating you as their agent. If you do not have an account with SHIMANO, while you may contact us at privacy@shimano-eu.com with questions or concerns, we may not be able to respond to requests to exercise your rights under California law, including the right to know or delete your Personal Data. Because we only collect limited data about individuals without an account, we are unable to verify requests from non-accountholders to the standard required by California law.

Additionally, under California Civil Code Section 1798.83, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal data that a business has disclosed to third parties during the immediately preceding calendar year for the third parties’ direct marketing purposes and (b) the names and addresses of such third parties. To exercise this right, please contact us at privacy@shimano-eu.com.

Contact Us

If you have any questions regarding the processing of your Personal Data, please contact us at privacy@shimano-eu.com.

ABOUT US

SUPPORT

FIND PRODUCTS

STAY CONNECTED

de-CH

THIS WEBSITE USES COOKIES TO IMPROVE YOUR USER EXPERIENCE.
Click "I agree" or any link to accept these cookies. To learn more about how we use cookies, read our privacy policy.