Privacy
Last Updated: April 21, 2023
SoftBank Global Advisers and its affiliates (together, “we” or the “Company”) want you to be familiar with how we collect, use, disclose, or otherwise process personal information. We hold certain personal information as part of our interactions with you, such as when you visit our offices, send us an email, visit our website, or attend an event we are hosting. We also collect your information where you are involved in a company we interact with as part of our business operations or investment activities. We are what is known as a “data controller” or “data user” or its functional equivalent in respect of that information.
This data protection notice and privacy policy (the “Notice”) sets out the ways in which we have collected, used, disclosed, or otherwise processed personal information in the preceding 12 months and beyond as well as how we will collect, use, or otherwise process personal information in the future. This Notice is neither intended for our employees or other members of our staff.
We will communicate changes and updates to this Notice by posting an updated version of the Notice (with an updated date) on our website. Please note that we may update this Notice from time to time and, if we do, appropriate steps will be taken to bring material amendments to your attention.
Any questions about this Notice may be directed to sbia-data-requests@softbank.com.
What is personal information?
“Personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual, such as name, address, telephone number, email, IP address, education or professional background, and sensitive personal information.
What categories of personal information do we collect and from what sources?
The categories of personal information we collect depend on the nature of our relationship with you as well as your interactions with us. We may have collected any of the information in these categories about you in the past twelve months and may collect such information in future interactions.
Identifiers (e.g., name, alias, telephone number, postal address, e-mail address, signature, and photographs) – When, for example, you send us an e-mail, sign up for a Company event or newsletter, visit our offices and check in with our front desk (including signing a non-disclosure agreement). We need identifiers in order to give you access to our offices. If you do not provide it, you may not be permitted to access our offices.
For California residents, Cal. Civ. Code § 1798.80 Personal Information (which may overlap with other categories) (e.g., name, signature, physical characteristics or description, address, telephone number) – When, for example, you visit our offices, provide such details for our business interactions, etc.
Characteristics of Protected Classifications Under Certain Jurisdictional Laws (e.g., race, age, national origin, disability, sex, and veteran status) – Only if you choose to provide this information in connection with your relationship with us, for example, to support diversity and inclusion efforts, speak on panels, etc.
Commercial Information (e.g., offerings considered, obtained, purchased) – If you share such information with us during the course of our relationship.
Internet or other electronic network activity information (e.g., IP address, browser and device details, etc.) – When, for example, you send us an e-mail, use the Company’s network, including guest WiFi, visit our website, or interact with our office applications).
Geolocation data – When, for example, you visit our offices, participate at our events.
Audio, electronic, visual, or similar information (e.g., CCTV footage for security purposes; visual-audio recordings during meetings or events) – When, for example, you visit our offices, attend video conferences with Company staff, or participate in Company webinars or other meetings or events).
Professional or employment-related information (e.g., education, certifications, licenses, work experience and previous employers, professional memberships and affiliations) – When, for example, you give us your business card or other contact details, connect with us on social media or publicly post such information online, or otherwise provide your professional background in connection with our relationship.
Preferences (e.g., professional or personal interests, affinity groups, preferences regarding travel, hours, food for office visits or Company events, other details available on websites used for social media or networking purposes, etc.).
We may also receive personal information from:
Your employer, e.g., where we interact with them as part of our business operations or investment activities
Our vendors and service providers, e.g., where you are acting on their behalf or are otherwise involved in related communications and/or transactions
Our affiliated companies, so that we may better communicate with you or fulfil your requests
Third parties, e.g., business partners or professional organizations, where we interact with them as part of our business operations or investment activities
Public internet sources, e.g., social media, public profiles, and other online sources
Public records, e.g., credentialing and licensing organizations
Automated technologies on the Company’s electronic resources, for example, to track RSVPs, logins, or activity across our network or applications
Recording technologies installed by the Company, for example, CCTV in common areas of the Company’s facilities, voicemail technologies, webcams, audio-visual recording technologies, and bluetooth technologies
Where we collect your sensitive personal information (which, depending on the requirements set out in relevant applicable data protection law, may include for example, your state identification card, financial information, and sexual orientation), we will process it in accordance with the requirements of applicable data protection law (including obtaining express written consent, where required). We do not collect or process sensitive personal information or characteristics of protected classifications for the purpose of inferring characteristics about you.
For what purposes do we process personal information?
We process this personal information for the following purposes:
Providing the functionality of our website and other interactions with you and fulfilling your requests.
To provide the functionality of our website and related services;
To respond to your inquiries and fulfill your requests, when you contact us via one of our online forms, send us emails, ask us questions, request connections, or when you request other information about us; and
To send administrative information to you, such as changes to our terms, conditions, and policies
We will engage in these activities to manage our contractual relationship and/or to comply with a legal obligation.
Providing you with our newsletter and/or other marketing materials.
To send you marketing related emails, with information or news about the Company and its activities such as updates or upcoming events.
We will engage in this activity with your consent or where we have a legitimate interest.
Managing our business operations.
Facilitate, manage, and protect our business operations and investment activities
Enable the Company to comply with contractual obligations
Facilitate communication, interaction, and collaboration
Ensure our premises and confidential information are kept secure
Conduct data analysis, for example, to improve the efficiency of our business operations and services and identify opportunities to develop our business
Engage in Company marketing, promotion, sponsorship, and event planning
Conduct audits to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements
Respond to and manage litigation, investigations, inspections, complaints, or claims involving the Company, and other legal disputes and inquiries, and to meet legal and regulatory requirements
In connection with a corporate transaction, sale, or assignment of assets, merger, divestiture, or other changes of control or financial status of the Company or any of its subsidiaries or affiliates
We engage in these activities to manage our contractual relationship, to comply with a legal obligation, and/or based on our legitimate interest.
Monitoring, Security, and Compliance.
Maintain security of staff and visitors and communicate incidents to ensure safety, including in the event of an emergency
Identify, monitor for, and mitigate against compliance risks, high-risk events and behaviors, and contravention of the Company’s policies and procedures
Monitor and protect the Company’s internal networks, electronic communications, endpoint assets, applications, and business data
Protect the safety and security of the Company’s facilities, including controlling access to secure facilities and preventing illicit activity
Administer the Company’s whistleblower hotline
Report suspected criminal conduct to law enforcement and cooperate in investigations
Help the Company comply with legal, regulatory, and reporting requirements applicable to its operations and investment activities
Exercise the Company’s rights under applicable law and to support any claim, defense, or declaration in a case or before a jurisdictional and/or administrative authority, arbitration, or mediation panel
We engage in these activities as necessary or appropriate to manage our contractual relationship, to comply with a legal obligation, and/or based on our legitimate interest.
We may aggregate and/or anonymize personal information so that it will no longer be considered personal information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.
California Residents: At times, the Company converts personal information into de-identified information using reasonable measures to ensure that the deidentified information cannot be associated with the individual (“Deidentified Information”). The Company maintains Deidentified Information in a deidentified form and does not attempt to reidentify it, except that the Company may attempt to reidentify the information solely for the purpose of determining whether its deidentification processes ensure that the information cannot be associated with the individual. The Company prohibits vendors, by contract, from attempting to reidentify the Company’s Deidentified Information.
With whom do we share personal information?
From time to time, we may have a legitimate business need to disclose personal information for one of the purposes listed above to one or more of the categories of recipients listed below. In that event, we disclose personal information and/or sensitive personal information only to the minimum extent necessary to achieve the purpose of the disclosure and only if the disclosure is permitted by applicable laws.
For the purposes set out above, we may share personal information with:
Service providers:
We disclose personal information to trusted service providers, professional advisers, consultants, suppliers, and contractors to assist us in meeting our business purposes (e.g., business operations, legal and compliance, etc.).
Service providers include providers of website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, communications, email delivery, auditing, and other services, as well as auditors, administrative service providers, law firms, other professional advisers
We disclose your personal information to such providers subject to written contracts in compliance with applicable law.
Affiliated companies:
We disclose personal information to certain of our affiliates within the SoftBank Group for the purposes described in this Notice and applicable law.
Business partners:
We may disclose personal information to a business partner in relation to a training, webinar, conference, or corporate event in which you will be participating.
We will not provide your personal information to external organisations for their own marketing purposes unless we seek your explicit consent before doing so.
Public:
By using our website or interacting with us online, you may elect to disclose personal information on message boards, chat, profile pages, blogs, and other services to which you are able to post information and content (including, without limitation, our social media pages). Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
Legal Obligations and Rights:
We may be required to disclose personal information in a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
We may disclose personal information when we believe disclosure is necessary to comply with the law or to protect the rights, property, or safety of the Company, our workforce, or others.
Corporate Transactions:
We may disclose personal information to a third party in connection with any proposed or actual corporate merger, joint venture, assignment, transfer, consolidation, bankruptcy, the sale of all, or substantially all, of our membership interests and/or assets or other corporate change.
We may otherwise collect, use, and/or disclose personal information with your consent. If we collect, use, or disclose your personal information based on your consent, you may withdraw your consent at any time.
California Residents: The following list details which categories of personal information we may disclose, as well as which categories of personal information we have disclosed in the preceding 12 months.
Identifiers and Cal. Civ. Code § 1798.80 Personal Information – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights, Corporate Transactions.
Characteristics of Protected Classifications Under Certain Jurisdictional Laws (provided on voluntary basis) – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights.
Commercial Information – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights, Corporate Transactions.
Internet or other electronic network activity information – To Service providers; Affiliated companies; Legal Obligations and Rights, Corporate Transactions.
Geolocation data – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights, Corporate Transactions.
Audio, electronic, visual, or similar information – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights, Corporate Transactions.
Professional or employment-related information – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights, Corporate Transactions.
Preferences – To Service providers; Affiliated companies; Business partners; the Public; Legal Obligations and Rights.
We do not sell your personal information nor disclose your personal information for cross-context behavioral advertising (which is considered “sharing” under California privacy law).
Transfers of personal information overseas
For the purposes set out above and any directly related purposes, we may transfer certain of your personal information outside of your country, including to SoftBank Group companies and the third parties described above. This may include transfers to: the United Kingdom, the United States, and Japan.
Where we transfer your personal information (including sensitive personal information) overseas, we will take appropriate steps to ensure it is adequately protected as required under the applicable data protection law, including by entering into appropriate data transfer agreements with the recipients of your personal information where possible.
If we are required to transfer your sensitive personal data or information to the persons set out above, we will do so in accordance with applicable data protection law (including obtaining express written consent, where required).
How long do we retain personal information?
We will take reasonable steps to ensure that the personal information collected and used is reliable for its intended use and is accurate and complete for carrying out the purposes described in this Notice. We will retain Personal Information for the period necessary to fulfil the purposes outlined in this Notice unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods are:
As long as we have an ongoing relationship with you or your employer;
As required by a legal obligation to which we are subject (for example, certain laws require us to keep records for a certain period of time before we can delete them); and
As advisable in light of our legal position (such as in regard of applicable statutes of limitations, litigation, or regulatory investigations).
Your rights in relation to the personal information we process about you
You may have certain rights under applicable data protection legislation in your country in relation to the personal information about you that we process. For example:
Right to know what personal information is processed
Right to access to your personal information
Right to object to the processing of your personal information
Where we have obtained your consent to process your personal information, the right to withdraw that consent
Right to have your personal information rectified
Right to have your personal information erased
Right to request that your personal information is only used for restricted purposes
Right to inform us that you do not wish to receive marketing information
(in some circumstances) Right to require certain of your personal information to be transferred to you or a third party
To the extent Brazil’s General Data Protection Law (Lei Geral de Proteção de Dados or LGPD) covers your Personal Information, you have certain rights as specified in Article 18 of the LGPD:
Confirmation as to the existence of the processing of your Personal Information
Access to your Personal Information
Correction of incomplete, inaccurate, or out-of-date Personal Information
Anonymization, blocking, or deletion of Personal Information that is unnecessary, excessive, or being processed in noncompliance with the LGPD
Portability of your Personal information to another service or product provider, by means of your express request, pursuant with applicable regulations, and subject to commercial and industrial secrets
Deletion of Personal Information processed with your consent, except in certain situations as provided by the LGPD
Information about public and private entities with whom we have shared Personal Information
Information about the possibility of denying consent and the consequences of such denial
Revocation of your consent as provided by the LGPD
We review and verify requests to protect your personal information. We apply non-discriminatory principles in actioning data protection rights requests, in accordance with applicable data protection laws and principles.
You can seek to exercise your data protection rights (where applicable) by contacting the Compliance team at sbia-data-requests@softbank.com or call 1 (800) 209-3191.
California Residents: Verification Process. To verify your identity when you make a request to know, correct, or delete your personal information, we will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may need to request additional personal information from you, such as mailing address, telephone number and/or email address, in order to verify your identity and protect against fraudulent requests. If you make a deletion request, we may ask you to verify your request before we delete your Personal Information. If we cannot verify your identity based on the above, we may ask you for additional verification information. If we do so, we will not use that information for any purpose other than verification. If we cannot verify your identity to a sufficient level of certainty to respond to your request, we will let you know promptly and explain why we cannot verify your identity. Authorized Agents. If an authorized agent submits on your behalf a request to know, correct or delete, the authorized agent must submit with the request either (a) a power of attorney, signed by you, that is valid under California law; or (b) another document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you or your authorized agent to follow the applicable process described above for verifying your identity.
Security
We seek to use reasonable organizational, technical, and administrative measures to protect personal information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Questions or complaints” section below.
Other individuals’ personal information
If you intend to provide us with personal information (including any sensitive personal information if applicable) about other individuals, you must ensure that such individuals are aware of the matters in this Notice and agree that such personal data may be provided to us and processed as described herein.
Questions or Complaints
If you have any questions or complaints regarding our processing of your personal information, in the first instance, please contact the Compliance team at sbia-data-requests@softbank.com or call 1 (800) 209-3191.
Please also contact us at the email address above if you have a disability and require an alternative format of this notice.
Complaints regarding our collection and processing of your personal information may also be made directly to the data protection regulator in your jurisdiction (where available):
In Brazil, you may lodge a complaint with the Brazilian data protection authority if an alleged infringement of applicable data protection law occurs (https://www.gov.br/anpd/pt-br).
In California, you may contact the California Privacy Protection Agency (https://cppa.ca.gov/) and the California Attorney General (https://oag.ca.gov/contact/consumer-complaint-against-business-or-company).