Last updated: September 19, 2018
This Hitachi Consulting Corporation (“HCC” also referred to below as “we”, “us”, and “our”) Privacy Statement applies to all personal data processed by Hitachi Consulting and its subsidiary companies.
This screen tells you everything you’ll need to know about How HCC Protects your Personal Data.
If you have any questions concerning data protection and privacy or you want to let us know about website and marketing permissions, please see how to Contact Us.
This Privacy Statement is effective 24th May 2018.
How HCC Protects your Personal Data
HCC protects your personal data through three important ways:
What personal data do we collect?
We collect personal data of our job applicants, suppliers, affiliates, partners, business contacts, clients and website users. We always provide appropriate notice of what personal data will be collected and how it will be used. Whatever happens, we’ll only process that personal data if we consider it to be fair and lawful to do so and will be transparent in how we do this.
The following are examples of information we may collect directly from you:
HCC doesn’t tend to collect personal data online about children under 13 or as defined by local legal requirements. In the unlikely event that HCC were to collect personal data of children HCC will comply with all applicable laws and regulations with respect to the processing of such data, including were applicable by gaining consent from the parent or guardian.
Monitoring or recording telephone calls, chats, and other interactions
Certain online transactions may involve you calling HCC or us calling you. They may also involve online chats. Please be aware that it is HCC’s general practice to monitor and in some cases, record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.
Visitors to our Offices
In order to ensure physical security of our offices we have certain security measures in place, including CCTV and building access controls.
HCC uses CCTV images for promoting security and safety of our staff and members of the public visiting our offices, including to help prevent and detect crime and support and defend legal claims. To this end HCC may disclose CCTV recordings to law enforcement agencies and authorized personnel from other HCC group of companies globally, as permitted by applicable data protection laws.
Our CCTV security cameras are located within our offices as well as at the entrance and exit points to our buildings. The images captured by CCTV are limited to HCC’s office demise, are securely stored and only accessed on a need to know basis (e.g. to investigate an incident). The CCTV recordings are overwritten after a short period, normally 30 days after being recorded, unless an issue arises that requires investigation e.g. unauthorized access to HCC’s business premises or a theft.
We display prominent signs in our offices where CCTV is in operation.
All visitors to HCC offices are required to sign in at reception so that we can identify visitors to our offices for security and health and safety reasons. We retain a record of visitors in accordance with our retention policy, following which such information is securely destroyed. Our visitor records are securely stored and only accessible on a need to know basis by our reception staff and internal security personnel, e.g. so that we have an up-to-date list of individuals present in our office in the event of a security or health and safety incident.
We offer our visitors free wifi connection for their mobile devises when on our business premises should they wish to use the service. HCC takes data protection and privacy very seriously and in accordance with our security policies and procedures we monitor traffic on our guest wifi networks using industry standard intrusion detection systems. This allows us to see limited information about a user’s network behaviors but will include being able to see at least the source and destination addresses the user is connecting to and from. We cannot inspect any encrypted web pages and therefore do not have access to any information (personal or otherwise) that the user might share via these web pages.
Will we share your personal data with outside parties?
For over 100 years, Hitachi has continued to do business based on its core values, including Wa, which includes Trust. The success of HCC depends on your trust and we don’t sell your personal data to any third-party. We may transfer personal data to our affiliates and business partners who may be located in other countries.
Before we do so, we take steps to ensure that your personal data will be adequately protected as required by relevant data protection laws and regulations in those territories as well as compliant with our internal Global Personal Data Protection Policy.
We sometimes rely on third-party service providers to perform a variety of business operations on our behalf. In doing so, we may need to share or disclose the personal data you’ve provided for a specific purpose.
Such purposes could include:
We provide our service providers with only the personal data they need to perform the services we request and we require that they protect this information and not use it for any other purpose.
What about special (sensitive) data?
We don’t generally seek to process special (sensitive) personal data through this website or otherwise. In limited circumstances where we do seek to process such data, we’ll do this in accordance with local data protection and privacy requirements.
If you choose to provide us with unsolicited special personal data, we’ll need to have your explicit consent to process this data in accordance with relevant laws as described in this Privacy Statement.
Special categories of personal data include:
What about data security?
HCC is committed to keeping personal data secure. We’ve implemented appropriate organizational and technical measures designed to protect personal data from loss, unauthorized access, misuse, alteration, disclosure or destruction, to maintain data accuracy, and to ensure the appropriate use of information. Only HCC personnel and its affiliates, business partners or third-party service providers who have a legitimate business purpose will have access to personal data. Such personnel have agreed to maintain the confidentiality of such information. HCC enforces data minimization standards across its operations globally.
Where will your personal data be processed?
As a global organization, HCC has global IT systems and personal data we process may be routed, stored or transferred internationally throughout our global organization in accordance with our Global Personal Data Protection Policy. This also covers any data processing undertaken by our suppliers, subsidiaries, business partners and business contacts.
For further details of our office locations by region and country, please click here.
We would like to inform you that the servers hosting our Website are located in the United States. If you submit personal data from outside of the United States, your information will be transferred to our servers in the United States.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features described to protect your personal data against unauthorized access.
Retention of your data
HCC does not retain all of the personal data that we receive. We’ll retain your personal data only for as long as absolutely necessary to fulfil the purposes for processing that personal data or until you request that we delete it (whichever earlier), unless such personal data is required to be retained in order to comply with legal requirements or other legitimate interests.
Your data protection rights
Depending on the laws of your country of residence, you may have the right to view, update or correct personal data submitted to HCC, or to receive notification of changes in the use of your information. When personal data is retained, HCC undertakes to make all reasonable efforts to maintain the accuracy of the personal data as submitted and verified by you. However, HCC does not assume responsibility for verifying the information you submit. When practicable and possible, if HCC is informed that any personal data that we have collected about you is no longer accurate, HCC will make appropriate corrections based on the updated information provided. Queries in this regard should be directed to HCC at DPO@hitachiconsulting.com.
If you are a European national and therefore subject to the protections of the General Data Protection Regulation (GDPR) you may invoke the following rights at any point during HCC’s processing your personal data:
If you wish to exercise any of your data protection rights, please contact HCC’s Data Protection Officer at DPO@hitachiconsulting.com, or by letter sent to the address below, or otherwise call +44 20 7842 7800:
Data Protection Officer
13-15 Bouverie Street
London UK, EC4Y 8DP
Questions and Complaints
Should you have a question or wish to make a complaint about the use of your personal data, you can complain directly to HCC’s Data Protection Officer (DPO) at DPO@hitachiconsulting.com or by letter to the address that corresponds to your region below. You also have a right to complain directly to the Supervisory Authority in your territory.
Europe, Middle East, and Africa
|Data Protection Officer
13-15 Bouverie Street
London UK, EC4Y 8DP
|Chief Legal Officer
123 N.Wacker Drive
Chicago, IL 60606
Data Compliance Officer
|Belgium||Commission de la Protection de law Vie Privée
|Bulgaria||Commission for Personal Data Protection||http://www.cpdp.bg/|
|Croatia||Croatian Personal Data Protection Agency||http://www.azop.hr/|
|Czech Republic||The Office for Personal Data Protection||http://www.uoou.cz/|
|Estonia||Estonian Data Protection Inspectorate||http://www.aki.ee/en/|
|France||Commission Nationale de I’Informatique et des Libertés (CNIL)||http://cnil.fr/|
|Germany||Der Bundesbeauftragte fϋr Datenschutz und die Informationsfreiheit||http://www.bfdi.bund.de/|
|Greece||Hellenic Data Protection Authority||http://www.dpa.gr/|
|Hungary||Data Protection Commissioner of Hungary||http://www.naih.hu/|
|Ireland||Data Protection Commissioner||http://www.dataprotection.ie/|
|Italy||Garante per la Protezione dei Dati Personali||http://www.garanteprivacy.it/|
|Latvia||Latvia Data Protection Supervisory Authority||http://www.dvi.gov.lv/|
|Lithuania||State Data Protection||http://www.ada.lt/|
|Luxembourg||Commission Nationale pour la Protection des Données||http://www.cnpd.lu/|
|Malta||Office of the Data Protection Commissioner||http://www.dataprotection.gov.mt/|
|The Netherlands||Autoriteit Persoonsgegevens||http://www.autoriteitpersoonsgegevens.nl/nl|
|Poland||The Bureau of the Inspector General for the Protection of Personal Data (GIODO)||http://www.giodo.gov.pl/|
|Portugal||Comissão Nacional de Protecção de Dados (CNPD)||http://www.cnpd.pt/|
|Romania||The National Supervisory Authority for Personal Data Processing||http://www.dataprotection.ro/|
|Slovakia||Office for Personal Data Protection of the Slovak Republic||http://www.dataprotection.gov.sk/|
|Spain||Agencia de Protección de Datos||https://www.agpd.es/|
|United Kingdom||Information Commissioner’s Office||https://www.ico.org.uk|
|Iceland||Icelandic Data Protection Agency||http://www.personuvernd.is/
|Liechtenstein||Data Protection Office||http://www.llv.li/#/116592/english|
|Switzerland||Data Protection and Information Commissioner of
|Canada||Privacy Commissioner of Canada||https://www.priv.gc.ca/|
|Guernsey||Data Protection Commissioner||https://www.gov.gg/|
|Hong Kong||Privacy Commissioner for Personal Data||https://www.pcpd.org.hk/|
|Isle of Man||Information Commissioner||https://www.gov.im/about-the-government/offices/isle-of-man-information-commissioner/|
|Israel||Israeli Law, Information and Technology Authority (ILITA)||http://www.justice.gov.il/en/|
|Japan||Government Information Protection Office||http://www.soumu.go.jp/english/|
|Jersey||Office of the Data Protection Commissioner||https://dataci.je/|
|New Zealand||Privacy Commissioner||https://www.privacy.org.nz|
|Taiwan||Bureau of Legal Affairs||http://www.moj.gov.tw/|
|Thailand||Official Information Commissioner’s Office||http://www.oic.thaigov.go.th/content_eng/default_eng.asp|
|United States||Federal Trade Commission||https://www.ftc.gov/|
California Civil Code Section 1798.83 permits certain users of this Website who are California residents to request certain information regarding our disclosures of personal data to third-parties for their direct marketing purposes. If you qualify to make such a request, please send an e-mail to DPO@hitachiconsulting.com or a letter to our Chief Legal Officer at HCC Corporation, 123 N. Wacker Drive, Suite 1200, Chicago, Illinois 60606.
This website is administered by HCC on behalf of itself and each HCC local operating company.
Your privacy on HCC’s websites
The primary purpose of HCC’s website is to provide a resource and a key communication channel for providing information about our solutions and services. We want you to feel secure when visiting our website and we are committed to protecting your privacy when you do so.
What information do we gather?
HCC collects information at its websites in two ways:
We may process and collect the following personal data:
How do we use information that we need to collect from HCC websites?
We use personal data to provide you with information you request, process online job applications, and for other purposes which we would describe to you at the point where it’s collected or which will be obvious to you.
We analyze your IP and browser information to determine what’s most effective about our website, to help us identify ways to improve it and make it more effective. Please see the Cookies section below for more information.
Links to Third-Party Websites and Social Media
HCC websites may include links to third-party sites. HCC assumes no responsibility for the information practices of websites to which our site provides links, nor does HCC endorse or make any representation about such third-party sites or any information, software, or other products, services or material found there, or any results that may be obtained from using them. When you link to another website, HCC's privacy practices and the terms and conditions of this Privacy Statement no longer apply. You should review each site's privacy and security policies to determine such practices and whether you wish to disclose personally identifiable information on them.
Social Networks and Third-Party Plug-ins
HCC websites may include plugins from social networks or other third-parties. An example of a plugin is the Facebook "Like" button. Where legally permitted, these plugins may communicate with and send information to the party that provided the plugin, even if you don’t click on the plugin. This information may include your IP address, information about your browser and device, and the address of the web page you’re visiting on our site.
Social Network and Third-Party Login
HCC websites may allow you to log in using a social network or other third-party account. An example of a third-party login is "Log in with Facebook." Logging into one of our sites with your social network or other third-party account may allow us to gather information that you give us permission to access from that social network or third-party. The login feature may also transfer information to the social network or third-party, such as your username and password, to authenticate you.
We analyze your IP and browser information to determine what’s most effective about our website, to help us identify ways to improve it and eventually to determine how we can tailor our website to make it a more positive and relevant user experience for you.
A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as a tag that identifies your computer.
While cookies are often only used to measure website usage (such as number of visitors and duration of visit) and effectiveness (such as topics visitors are most interested in) and to allow for ease of navigation or use and, as such, are not associated with any personal data, they are also used at times to personalize a known visitor's experience to a website by being associated with profile information or user preferences.
Over time this information provides valuable insight to help improve the user experience.
Cookies are typically categorized as "session" cookies or "persistent" cookies. Session cookies help you navigate through the HCC website efficiently, keeping track of your progression from page to page so that you’re not asked for information you’ve already provided during the current visit. Session cookies are stored in temporary memory of your device and erased when the web browser is closed.
In contrast, persistent cookies, store user preferences for current and successive visits. They are written on your device's hard disk, and are still valid when you restart your browser. We use persistent cookies, for example, to record your choice of language and country location when visiting a HCC website.
While HCC websites at this time don’t recognize automated browser signals regarding tracking mechanisms, such as "do not track" instructions, you can generally express your privacy preferences regarding the use of most cookies and similar technologies through your web browser. Look under the heading "Tools" (or similar heading) in your particular browser for information about controlling cookies. You can set your browser in most instances to notify you before you receive a cookie, giving you the chance to decide whether to accept it or not. You can also generally set your browser to turn off cookies.
|Cookies||Source||Desription||Details on Privacy and Opt-Out Options|
|_ga, _gat, _gid||Google Analytics||We use Google Analytics cookies to understand how users arrive on our website(s) and how they engage with us on the website. We use Google tracking cookies to understand if users complete certain actions on our website(s) after having seen or clicked through one of our adverts served via Google. Based on the content users engage with on our website(s), Google is able to deliver targeted adverts across other Google partner websites.||https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage|
|ELOQUA, ELQSTATUS||Eloqua||We use Eloqua cookies to track user activities on our website(s) and on Eloqua landing pages. These cookies are set in order to remember preferences (like form field values) when a visitor returns to the site.||https://docs.oracle.com/cloud/latest/marketingcs_gs/OMCAA/Help/EloquaAsynchronousTrackingScripts/EloquaTrackingParameters.htm|
|AMCV_###@AdobeOrg, s_cc, s_fid, s_invisit, s_lv, s_lv_s, s_nr, s_ppv, s_ppvl, s_sq, s_vi, s_vnum, SC_LINKS||Adobe Analytics||We use Adobe Analytics cookies to understand how users arrive on our website(s) and how they engage with us on the website. The data is used to improve the customer experience. Adobe Analytics is also used in combination with third-party cookies to understand the content with which users have engaged on our website(s), so that targeted content may subsequently be delivered to users.||https://marketing.adobe.com/resources/help/en_US/whitepapers/cookies/index.html?f=cookies_analytics|
|demdex, dpm||Audience Manager||We use Audience Manager cookies to help identify a user across domains and identify opportunities to improve the customer experience. The demdex cookie is set in the third-party, demdex.net domain in the browser. This domain is separate from the site currently visited by a user.||https://marketing.adobe.com/resources/help/en_US/mcvid/mcvid_cookies.html|
|tuuid, tuuid_last_update,iuuid, rlas3, rtn1-z||Demandbase||We use Demandbase cookies to attribute supplemental data to better understand who our users are and identify opportunities to improve the customer journey on the website.||https://www.demandbase.com/cookies/|
|IDE, PREF, VISITOR_INFO1_LIVE, YSC||YouTube||We use YouTube cookies to understand how users interact with our content and to improve the customer experience. We embed videos or insert links to videos from YouTube on our website(s). As a result, when users visit a page with content embedded from or linked to YouTube, YouTube cookies may be used.||https://support.google.com/youtube/answer/32050?co=GENIE.Platform%3DiOS&hl=en&oco=1|
Sources of Marketing Data
Much of the personal data we collect and use for marketing purposes relates to individual employees of our clients and other companies with which we have an existing business relationship. We may also obtain contact information from public sources, including content made public at social media websites, to make an initial contact with a relevant individual at a client or other company.
We send commercial e-mail to individuals at our client or other companies with whom we want to develop or maintain a business relationship in accordance with applicable marketing laws. Our targeted e-mail messages typically include web beacons, cookies, and similar technologies that allow us to know whether you open, read, or delete the message, and links you may click.
When you click a link in a marketing e-mail you receive from HCC, we’ll also use a cookie to log what pages you view and what content you download from our websites, even if you’re not registered at or signed into our site.
Targeted e-mails from HCC may include additional data privacy information, as required by applicable laws.
Customer Relationship Management (CRM) Databases
Like many global companies, HCC uses customer relationship management (CRM) database technology to manage and track our marketing efforts.
Our CRM databases include personal data belonging to individuals at our clients and other companies with whom we already have a business relationship or want to develop one.
The personal data used for these purposes includes relevant business information, such as:
If you wish to be excluded from our CRM databases, please use the Contact Us form.
Combining and Analyzing Personal Data
As already described, we may combine data from publicly available sources and from our different e-mail, website and personal interactions with you (this includes information collected across our different websites such as our careers and corporate sites and information collected when you sign-up or log on to our sites or connect to our sites using your social media credentials (such as Linked-In and Xing).
We combine this data to better assess your experience with HCC and to perform the other activities described throughout our Privacy Statement.
Your Data Protection Rights
You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilizing opt-out mechanisms in e-mails we send to you.
You can also exercise the right to discontinue marketing communications to you, or to have your personal data removed from our CRM databases at any time by using our Contact Us form.
In such cases, we’ll retain minimum personal data to note that you opted out in order to avoid contacting you again.
If you use HCC’s online career resources, we collect personal data that you submit to the website and use it for recruiting-related purposes.
More information about how your personal data will be used by HCC will be provided as part of our recruitment process.
Data privacy query/rights/complaints
Please email DPO@hitachiconsulting.com if:
Website/marketing permissions and general queries about HCC
Please email firstname.lastname@example.org if:
For further details of our office locations by region and country, please click here.