SHIMANO CONNECT Lab Web App Data Protection Notice
Last Updated: February 2025
1. Introduction and Scope
This Data Protection Notice (the "Notice") describes the data processing activities in connection with your use of the following web app developed and offered by Shimano Inc.
· SHIMANO CONNECT Lab Web App (the "Web App")
Unless stated otherwise, the information provided herein applies to the Web App in general.
This Notice also informs you about the most relevant aspects of the arrangement concluded between the Shimano entities responsible for the data processing activities in connection with the Web App.
Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental economic, cultural or social identity of that natural person ("Personal Data").
Special categories of personal data include data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation (also referred to as "Sensitive Data").
You can find more information about how we process the Personal Data of California consumers by reviewing the “Additional Disclosures for California Consumers” section of this Notice below.
2. Data controller
Shimano Inc. ("SIC")
3-77 Oimatsu-cho, Sakai-ku, Sakai City
Osaka 590-8577, Japan
together with
SHIMANO EUROPE B.V. ("SEU")
High Tech Campus 92, 5656 AG Eindhoven,
The Netherlands,
SHIMANO NORTH AMERICA HOLDING, INC. ("SNAH")
One Holland, Irvine, California 92618 U.S.A.
and
SHIMANO SALES CO., LTD. ("SSJ")
1-5-15 Chikukou-Shinmachi, Nishi-ku, Sakai-shi, Osaka, 592-8331, Japan
are the entities responsible for the processing of your Personal Data in relation to the Web App as joint data controllers (SIC, SEU, SNAH and SSJ together referred to hereinafter as "we", "our" or "us").
In derogation of the above, the controller(s) responsible for the processing of your Personal Data in relation to the Web App in
· Australia, Taiwan, New Zealand, South Korea, Brazil, Indonesia, Thailand Argentina, Chile, Colombia, Costa Rica, Guatemala, India, Malaysia, Mexico, Panama, Philippines, Singapore, Uruguay, Ecuador and Venezuela is SIC,
· Switzerland, Isreal, Turkey, Andorra, Bosnia and Herzegovina, Monaco and Republic of South Africa are SIC and SEU, and
· Canada are SIC and SNAH.
If you are from these countries, by referring to “we”, “our” or “us” and by referring to SIC and/or SSJ and/or SNAH and/or SEU we only refer to the respective company or companies named above for the respective country.
You can contact each joint controller by postal mail at the address above.
3. Data Protection Officer
We have appointed a group Data Protection Officer ("DPO") to manage all matters related to data protection and privacy. If you have any questions regarding the processing of your Personal Data, please contact our DPO at privacy@shimano-eu.com.
4. Information we collect
The Web App offers you a variety of functionalities, services and features (the "Services") which require or allow you to provide us with Personal Data about you. Additionally, we automatically collect information about you, including Personal Data, upon download and installation of the Web App on your device.
4.1 Information you provide to us
When using the Web App you have the option to enjoy our contents and Services which may require or allow you to provide us with Personal Data.
If certain information is required for us to be able to provide you with a specific service, we will mark it as such. Failure to provide us with the information results in the impossibility of providing you with the requested service.
· User information: username (nickname), Shimano ID, login password (encrypted), gender, year and date of birth, place of residence (country/state/prefecture level), email address, and date of account creation, last login, last update, user image, authentication data for third party services
· Settings: language, region, measuring unit (metric/yard), date/time format, private location, IP Address
· Sensor device information: used sensor, sensor ID, type/manufacture
· Bike ride log: (max./ave./left-right balance) power, latitude/longitude of Sensor device, obtained elevation, elapsed/riding time, distance, (max./ave.) speed, (max./ave.) pedaling cadence, (max./ave.) pedaling vector and efficiency, ave. torque, heading, gear shifts, connected sensor device (name/type/manufacture/ID), health related information (max./ave. heart rate, body weight), air temperature, power weight ratio “PWR” based on the (max./ave.) power and weight
· Any additional information you choose to provide (e.g. log-in details like usernames or email addresses used for third party services or devices by connecting the Web App to such third party services or devices, like Garmin, WAHOO)
4.2 Information we automatically collect
When using the Web App and Services we automatically collect Personal Data as described below:
· Web App usage log information: Log (information about your interactions with the Web App, including access, error logs and crash recovery logs, date/time stamps and clickstream data)
4.3 Information we receive from other sources
As a general rule, we collect information directly from you. However, we also receive Personal Data about you from other sources in the following situations:
· Social Media
You can register to the Web App by email address or by connecting with existing accounts on social media networks such as Facebook, Google and Apple.
If you choose to use a social media account to register to the Web App, we will process the data of your social media user account. This information varies depending on the settings of your social media account and can consist of the following: account name, location, gender, age, email address, etc. Please note that by logging in via your Social Media accounts the providers of the Social Media platform can receive certain information about the fact that you have created an account with the Web App.
· Third party providers of cycle computers, power meters or similar devices
You can choose to connect your Web App account with those services provided by third parties that are indicated in the settings of your Web App account (e.g. Garmin, WAHOO). In order to activate the connection via your Web App settings you have to provide the log in information for your third party account as requested in the connection procedure. By activating the connection you agree that the information stored by these third parties are transferred to us, stored by us, and further processed by us to the extent the Web App’s functionalities are capable of processing this information (e.g. ride logs and information contained in them). For further information on the contents of the third party ride logs please refer to the data protection notice or the ride log descriptions provided by the third parties. You can prevent the data transfer to us by disconnecting the services from the Web App.
If you choose to connect the Web App with your third party service account, we will process information about your user account. This information can consist of the following: account name, email address. Please note that by connecting the Web App to your third party service account the respective third party service provider can receive information about the fact that you have linked your Web App to your account.
4.4 Deidentified data
We may de-identify Personal Data so that it cannot be used to identify you and is no longer Personal Data. We will maintain and use this data only in deidentified form and will not attempt to re-identify the data.
4.5 Cookies, similar technologies and tracking tools
The Web App uses cookies, similar technologies and tracking mechanisms to collect information.
Cookies are small text files stored on your device with a variety of purposes. You can manage and delete the cookies on your device in the corresponding device settings.
The local storage allows data to be stored in your browser’s storage which may also remain stored after the browser has been closed.
(b) We use tracking tools to collect information about the users' behavior and interactions with the Web App and Services, e.g. what features are most frequently used. The processing of Personal Data collected via these tools is based on the user's consent. You can withdraw your consent at any time with effect for the future. Please see Section 9 below for more information on how to exercise your rights.
(c) You can find a list of all the strictly necessary cookies, local storage objects and tracking tools which we use in our Web App in Attachment 2.
(d) Information about the use of Google Analytics:
General information: The Web App uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. (parent company: Google LLC, USA). Google Analytics uses cookies. If you have given your consent (Art. 6 (1)(a) GDPR), Google stores cookies (see the cookies listed in Attachment 2 (b)) on your end device to enable the analysis of your use of the Web App. This provides us with various usage data (so-called “events”), such as the number of users, session statistics, approximate location, browser information, device information and page views, as well as with a UserID which allows us to analyze users’ use across our apps.
The information generated by the cookie about the use of the Web App is transmitted to Google servers and deleted there after the approximate location of the user has been determined.
We have concluded a data processing agreement with Google for the use of Google Analytics. When configuring Google Analytics, care was also taken to ensure that Google acts as a processor and may not use the data for its own purposes. However, data may be transferred by Google to third parties if Google is legally obliged to do so.
You can find more information on how Google handles user data in Google Analytics here. You can find an overview of data protection at Google here. Google's privacy policy can be found at the following link: https://policies.google.com/privacy.
Purpose and legal basis: Google will use the data on our behalf to analyse the use of the Web App and to compile reports on its use for us. We analyse and use the data solely on the basis of statistical and aggregated information. In particular, this information helps us to better understand how users use the Web App, where users come from, which pages they visit and how long users remain on our website. This enables us to improve our website and functionalities and make our offering more interesting for you as a user. The legal basis for the use of Google Analytics is your consent (Art. 6 (1)(a) GDPR). By accepting the corresponding cookies, you also consent to the processing of your personal data in this regard. You can revoke your consent at any time with effect for the future by de-selecting your consent to Shimano’s analysis of your Web App usage via our “Account management/Terms and consents” settings (https://id.shimano.com/connect-lab/account_and_consents).
Recipients / transfer to third countries: When using Google Analytics, it cannot be ruled out that Google LLC in the USA may also have access to the stored data. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from the EU to the USA. To find out more about the recipients of your data, the third countries concerned and the measures we have taken to protect your data, including the possibility of obtaining a copy of the measures, please contact our DPO.
Specific user rights: You can prevent tracking by Google Analytics by allowing only necessary cookies in the “ Account management/Terms and consents “ settings (https://id.shimano.com/connect-lab/account_and_consents).
You can also permanently prevent the collection of your data by installing the following browser plug-in: https://tools.google.com/dlpage/gaoptout.
5. Purposes and legal bases
We process your Personal Data only for specified, explicit and legitimate purposes and provided that we have a legal basis to rely on. Your Personal Data will not be processed for any purpose other than the one they were originally collected, unless the new purpose is compatible with the initial one or in the event you give us your consent.
We have summarized the purposes for which we process your Personal Data and the legal bases we justify the processing with in the list below:
· User identification:
We use your Personal Data to verify your identity when registering and logging into the Web App.
The processing of your Personal Data for this purpose is necessary for the performance of the contract concluded with you for the use of the Web App, see Art. 6 (1)(b) General Data Protection Regulation ("GDPR").
· Use of the Web App and the Services:
The Web App operates and the Services are provided on the basis of the user profile you have created. We use your Personal Data to manage your sensor device information and ride log associated with your user account. Our aim is to offer you a seamless experience by enabling you to access your data from any place and any device. We base the processing of your Personal Data for the above purposes on the performance of a contract to which you are party, see Art. 6 (1)(b) GDPR.
When configuring your user profile, you can choose to submit more information than the strictly required to provide you with the Services. The provision of optional information to complete your user profile enables you to benefit from a more personalized experience on the Web App. Some of the Services may also enable you to provide us with health related data (heart rate and weight information).
We rely on your consent to process any Personal Data you have freely chosen to provide us with (see Art. 6 (1)(a) GDPR) or which are health related (see Art. 9 (2)(a) GDPR). In case you withdraw your consent, for example, by updating your user profile, we will stop processing your Personal Data for this purpose.
· Communication with you:
We use your Personal Data to contact you (i) in order to provide you with information about the Apps and their functionalities for the purpose of providing you with the Services, (ii) to send you information about similar products and/or services, (iii) upon your request or consent (for example, to obtain feedback from you in order to improve our products, services and/or marketing).
We base the processing of your Personal Data on your consent, as well as on the performance of a contract to which you are party and our legitimate interests to provide customer support, and to provide you with product and/or service information, see Art. 6 (1)(a), (b) and (f) GDPR.
· Product development and quality improvement:
We process your Personal Data (specifically, your bike ride log information including your health related data) for product development and quality improvement purposes, e.g. to detect and analyze problems in our products, to carry out predictive maintenance and calculate the necessary product replacement timing, to develop and introduce new products and test their compatibility, etc.
We base the processing of the bike ride log on our legitimate interests to improve the quality of our products and services, for product development research and to expand and grow as a business, see Art. 6 (1)(f) GDPR. We base the processing of health related information on your consent, see Art. 9 (2)(a) GDPR. In case you withdraw your consent, we will stop processing these Personal Data for this purpose.
We further aggregate user data collected in our database in order to provide data analysis services (e.g. regarding model usage, gender ratio, average speed/distance/bike time, firmware status) to manufacturers of bikes or bike components. By way of data aggregation, all Personal Data is anonymized before it is transmitted to the respective recipient so that it is not possible for the manufacturer to directly or indirectly identify you.
For this purpose, we rely on our legitimate interests to provide the added services to our cooperation partners and on the legitimate interests of our cooperation partners to be able to analyze model usage, see Art. 6 (1)(f) GDPR.
· Web App user measurement and usage analysis for product development and quality improvement:
We analyze the performance of the Web App and Services, the users’ content and the users’ handling of the Web App and Services in order to understand how users interact with the Web App and Services and improve them accordingly and to develop and introduce new products and test their compatibility, etc.
We rely on your consent to process your Personal Data for this purpose, see Art. 6 (1)(a) GDPR. In case you withdraw your consent, we will stop processing your Personal Data for this purpose.
· Detect and avoid misuse of the Web App:
We analyze technical data gathered via the Web App to detect and avoid misuse thereof, for example, by a breach of the terms of use of the software license agreement.
We base the processing of your Personal Data on the performance of a contract to which you are party, as well as on our legitimate interests in prosecuting any misuse of the Web App which could affect Shimano and could have legal consequences, see Art. 6 (1)(b) and (f) GDPR.
Where the above purposes require or involve the processing of Sensitive Data, we will ask for your express consent, as required by law, see Art. 9 (2)(a) GDPR.
6. Recipients of Personal Data
We share your Personal Data with the following recipients:
· Other group companies and distributors. Given the international footprint of our business, our group companies work closely together. To be able to do so, we share data, including Personal Data, within the group. This means that your Personal Data is shared with other group companies and distributors. You can find a list of all the group companies and distributors with whom we share your Personal Data in Attachment 1.
· Service providers acting on our behalf. We engage service providers to assist us in our daily business such as IT support and maintenance providers, web server providers, and analytics providers. All service providers are legally and contractually required to respect and comply with applicable data protection legislation. Our service providers include:
o Amazon Web Service, Inc. (“AWS”), 410 Terry Avenue North, Seattle, WA 98109-5210, USA (cloud service provider acting as sub-processor);
o SAP, Dietmar-Hopp-Allee 16, 69190 Walldorf, Germany (data processor; provider of customer relations and identity management services); and
o NSW Inc., 31-11 Sakuragaokacho, Shibuya City, Tokyo 150-8577, Japan (data processor; development and maintenance provider)
o Sonix Co., Ltd., 7-9-5, Nishigotanda, Shinagawa-ku, Tokyo, 141-0031 Japan (data processor; development and maintenance provider)
o Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (data processor; analytics provider)
· Third-party apps. Our Web App allows you to automatically or manually share your bike ride log information with other third-party applications. Please note that we do not share any information with third-party providers unless the user so requests. If you turn on automatic forwarding the ride logs will be automatically sent to the third-party app accounts when the ride log is uploaded to Shimano’s servers. You can deactivate the automatic forwarding at any time with effect for the future. Please note that the data protection notices provided by the third-party app providers for the respective apps apply for any processing of your Personal Data by the third-party apps after the transfer. The third-party apps you may share your data with are:
o Strava
o Training Peaks
The transfer of your Personal Data to recipients located in third countries outside of the European Economic Area ("EEA") is subject to the provisions set out in Section 7 below ("international data transfers").
7. International data transfers
All data collected via the Web App will be stored centrally in the European Union ("EU)" region of AWS and SAP. As (joint) data controller, SIC has access to these databases. Accordingly, your Personal Data will be transferred and/or disclosed to recipients located outside of the EEA in Japan which has been recognized by the European Commission in its adequacy decision (Commission Implementing Decision 2019/419 of 23 January 2019) as providing for an adequate level of data protection. AWS is located in the USA. The data transfer to AWS is based on the EU-US-Data Protection Framework which is an adequacy decision by the EU Commission determining that the USA provide an adequate level of data protection. In addition, standard contractual clauses for the transfer of personal data to processors established in third countries have been concluded. A copy of the clauses can be requested from the data processing officer.
8. Retention periods
We will not process your Personal Data longer than necessary for the purpose for which it was originally collected.
Subject to statutory retention periods, we will delete your Personal Data:
· in the event of inactivity of your user profile for a period of 5 years; and/or
· when you delete your user profile by using the functionality in the account management settings in the Web App.
9. Your rights
Under applicable data protection law, you have certain rights with regard to the processing of your Personal Data by us:
· Right of access to your Personal Data;
· Right to rectification of inaccurate or incomplete Personal Data;
· Right to erasure of your Personal Data;
· Right to restriction of processing;
· Right to data portability, when the processing of your Personal Data is based on your consent or on a contract, and the processing is carried out by automated means;
· Right to withdraw consent with effect for the future
· Right to lodge a complaint with a supervisory authority; and
· Right to object to the processing of your Personal Data on grounds relating to your particular situation, and right to object to the processing of your Personal Data for direct marketing purposes.
U.S. residents may also contact us to appeal any decision we make relating to requests to exercise your rights. To appeal a decision, please contact us using the contact details above.
10. Joint controllership agreement
SIC, SSJ, SNAH and SEU jointly determine the purposes and the means of the processing of your Personal Data in connection with the Web App as described in Section 2 above. Consequently, as required by law, SIC, SSJ, SNAH and SEU have entered into a joint controllership agreement for personal data of users located in the EEA pursuant to Art. 26 GDPR. SIC, SSJ, SNAH and SEU will coordinate and cooperate with each other in order to comply with their data protection obligations, to observe your rights and to process your request and reply to any of your inquiries.
SEU is the designated point of contact for the Web App users requesting to exercise their rights under Section 9 above. If you want to do so, or in case you have questions regarding them, please contact SEU by phone at +31-40-2612222 or by email at privacy@shimano-eu.com. In addition, If you are located in the EU, please note that in addition to your designated point of contact, you may also contact SIC, SNAH and SSJ to exercise your rights.
11. Data security
We have implemented standard industry practices internally and with our service providers to maintain the security of your Personal Data depending on its sensitivity and to avoid disclosure of such Personal Data unpermitted under this Notice.
12. Third-party links and websites
Our Services offer you the possibility of accessing third party content, such as websites, apps and online services. Please note that we are not responsible for the data processing activities of these third parties. We encourage you to read the data protection notices of any third party website, app or online service you connect with.
13. Children
We do not knowingly process Personal Data from individuals under the age of 16 without parental or guardian consent. If you are the parent or the guardian of a child and you believe that we have processed Personal Data about him or her, please contact our DPO using the contact details described above in Section 3.
14. Miscellaneous
This
Notice may be revised from time to time to reflect and comply with changes in
applicable legislation. We will inform you about any updates in an appropriate
manner, e.g. via email or a message in the Web App. The date of the last update
is available at the top of this Notice.
Attachment 1
Andorra |
SHIMANO IBERIA, S.L. Avenida Doctor Severo Ochoa 34, 28100 Alcobendas, Madrid, Spain Phone: +34 91 902 25 86 E-mail: info.iberia@shimano-eu.com |
Argentina |
SHIMANO ARGENTINA SAU ESTADOS UNIDOS 20 PISO 5 CABA, C1101AAB Argentina TEL: 0800-345-2423 |
SHIMANO AUSTRALIA CYCLING PTY. LTD. 2 Wurrook Circuit, Caringbah, NSW, 2229, Australia Tel.: +61-2-9526-7799 Fax.: +61-2-9526-7622 Web: https://bike.shimano.com/en-AU/home.html |
|
Austria |
Thalinger
Lange GmbH |
Belgium |
Shimano
Belgium N.V. |
Bosnia and Herzegovina |
SBM-EUROTRADE TRGOVINA DOO Istocna Obilaznica 4, 37000 Krusevac Phone: +381 37 310 1669 E-mail: info@sbm-eurotrade.com |
Brazil |
Shimano Latin America Alameda Santos, 415 – 6º andar – Cj 61 Cerqueira César, São Paulo - SP, 01419-000 Brazil Email: contato@shimano.com.br |
BG-Eurotrade
Ltd. |
|
Canada |
SHIMANO CANADA LTD.427 Pido Road Peterborough, Ontario K9J 6X7 Canada Tel.: +1-705-745-3232 Fax.: +1-705-745-1949 |
Chile |
Andes Industrial Ltda Santa Elena #1511 – Santiago Santiago, 8360349 Phone: (+56) 2 2650-3100 |
Colombia |
HA Bicicletas S.A Calle 14 Nº 52 A - 187 Medellin, 050023 Phone: (+57) 4 285-5040 Email: servicioalcliente@habicicletas.com |
Costa Rica |
Ciclo San Nicolas S.A. Av. 10 entre calles 4 y 6 o de la Bomba la Castellana 125 mts Este - San José, 10103 Phone: (+506) 2521-6090 Email: info@ciclosannicolas.com |
Croatia |
CS-Eurotrade
d.o.o. |
Cyprus |
Eurotrade
Ltd. |
Czech Republic |
Paul Lange Ostrava
s.r.o. |
Denmark |
Shimano
Nordic Denmark |
Ecuador |
Águila Importaciones S.A. Panamericana Norte y Luis H. Gordillo Atuntaqui, 100214 (+593) 6 2530066 / +593 6 2530085 (+593) 997291777 aguilaimportaciones@gmail.com URL: aguilaimportaciones.com/ |
Estonia |
Shimano
Polska Sp. z.o.o. |
Finland |
Shimano
Nordic OY |
France |
Shimano
France S.A.S.. |
Germany |
Paul
Lange & Co. OHG |
Greece |
Eurotrade
Ltd. |
Guatemala |
Bicimania Calzada la paz 18-40 zona 5 ofibodegas centro 5 bodega 123 Bicimania . Phone: (+502) 23367763 |
Hungary |
Paul
Lange Hungary Kft. |
Iceland |
Shimano
Nordic AB |
India |
Shimano South Asia Pvt. Ltd. No. 19, Kumarakrupa Road, Bangalore, Bangalore, Karnataka, India, 560001 Phone: +91-80-4125-3331 E-mail: sales@ssa.shimano.com.sg |
Indonesia |
PT. Rodalink Indo Tama Jl. Jawa No. 393, Desa Wadungasih, Kec. Buduran, Kab. Sidoarjo, Jawa Timur, Indonesia Phone: +62 31 8963951 Email: shimano.cvr@prolind-group.com |
Ireland |
Madison Roebuck Way, Knowlhill, Milton Keynes, Buckinghamshire, MK5 8HL, United Kingdom Phone: +44 (0)1908 326032 Fax: 0800 1300 599 URL: www.madison.co.uk |
Isreal |
DAA SPORT & TECHNOLOGY LTD Ci’im Industrial Park, Building D7, Poleg Industrial Area, Netanya 4250501, Israel Phone:+972-(0)9-865-6960 Email: info@daa.co.il |
Italy |
Shimano
Italy Bicycle Components SRL. |
Japan |
シマノセールス株式会社(大阪府堺市) Phone: 072-243-2820 / Fax: 072-243-2830 |
Latvia |
Shimano
Polska Sp. z o.o. |
Lithuania |
Shimano
Polska Sp. z o.o. |
Luxembourg |
Shimano
Belgium N.V. |
Malaysia |
Bike Science Sdn Bhd No. 29 & 31, Jalan TPP 5/17,Taman Perindustrian Puchong,section 5, 47100 Puchong,Selangor, Malaysia. Phone: +603-8061-0222 Fax: +603-8062-4855 E-mail: lerun@lerun.com.my |
Malta |
Shimano
Italy Bicycle component SRL |
Mexico |
Shimano Latin America Alameda Santos, 415 – 6º andar – Cj 61 Cerqueira César, São Paulo - SP, 01419-000 Brazil Email: contato@shimano.com.br |
Monaco |
SHIMANO FRANCE S.A.S. Zone Actiparc, 777 Rue Commios, 62223 St.-Laurent-Blangy Cedex, France Phone: +33 (0)321 732525 E-mail: contact-france@shimano-eu.com |
Netherlands |
Shimano
Benelux B.V. |
New Zealand |
SHIMANO NEW ZEALAND LIMITED79 Apollo Drive, Albany, North Shore City 0632 Auckland, New Zealand Tel.: +64-9-478-1969 Fax.: +64-9-479-6288 Web:https://bike.shimano.com/en-NZ/home.html |
Norway |
Shimano
Nordic AS |
Panama |
Comercial Rali, S.A. Av. Balvoa, Edficio Sky Business, Planta Baja Republica de Panamá, 080807 Phone: (+507) 223-8054 Email: info@ralistoreonline.com |
Philippines |
Neo Zigma Cycle Corporation 39 Kapiligan Street, Brgy. Dona Imelda, Quezon City, Philippines E-mail: inquiry@zigma-sales.com |
Poland |
Shimano
Polska Sp. z o.o |
Portugal |
Sociedade
Comercial do Vouga Lda. 3750-720 Recardães Portugal |
Romania |
ROM-Eurotrade
S.R.L |
Singapore |
SHIMANO (SINGAPORE) PTE. LTD. 11 Bulim Walk, Singapore 648105 Phone: +65-6265-4777 Fax: +65-6265-1575 E-mail: sales@shimano.com.sg |
Slovakia |
Paul
Lange Oslany s.r.o. |
Slovenia |
CS-Eurotrade
d.o.o. |
Republic of South Africa |
COOLHEAT CYCLE AGENCIES (PTY) LTD. 57 Lake Road Longmeadow Business, Estate North extension no.7 Edenvale, 1609, P.O.Box 2984, Edenvale, 1610 Phone: +27 (0) 11 608 2003 |
South Korea |
NANUX NETWORKS INC. 33-4, Tekeunobaelli-ro, Jillye-myeo 50875 Gimhae-si,Gyeongsangnam-d South Korea Email: mhkim@nanux.net |
Spain |
SHIMANO IBERIA, S.L. Avenida Doctor Severo Ochoa 34, 28100 Alcobendas, Madrid, Spain Tel: +34 91 902 25 86 |
Sweden |
Shimano
Nordic AB |
Switzerland |
FUCHS-MOVESA AG Hübelacherstrasse 7, CH-5242 Lupfig, Switzerland Tel.: +41 56 464 46 46 E-Mail: info@fuchs-movesa.ch Web:http://www.fuchs-movesa.ch/ |
Taiwan |
SHIMANO (TAIWAN) CO.,LTD. 4F-3, Grand Asia Plaza, 138 Zhongming S.Road, Taichung, 40361 Taiwan Phone: +886-4-2319-5318 / Fax: +886-4-2319-4020
Sunstar Taiwan Ent. Co., LTD 39-1, 37th Road, Taichung Industrial Park, Taichung, Taiwan Phone: +886-4-2359-6199 |
Thailand |
Hah Hong Co., Ltd 1 Yukol 2 Rd, Wat Thepsirin, Pom Prap Sattru Phai, Bangkok 10100 Email: sales@hahhong.com |
Turkey |
SHIMANO BISIKLET PARCA VE EKIPMANLARI SATIS SERVIS TICARET ANONIM SIRKETI Şair Eşref Bulv. ĺsmet Kaptan Mah. Osman Şahin ĺş Mrk. No:4 K:7 D.:71, Çankaya - Konak / Izmir, Turkey 35210 Phone: +90 232 402 93 93 Fax: +90 232 484 07 40 Email: infosbtk@shimano-eu.com |
United Kingdom |
Madison |
United States of America |
Shimano North America Bicycle, Inc. One
Holland, Irvine, California 92618 U.S.A. |
Uruguay |
Villa Agreste SA Juan Benito Blanco 975 Montevideo - 11113 Phone: +598 27091549 Email: montevideo@global-cycle.com |
Venezuela |
Invebica C.A. Av.64 N° L-8 (Zona Industrial Castillito) San Diego - Carabobo Venezuela Phone: +58-2418716105 Email: ventas@kamikaze.com.ve |
(a) The Web App uses the following strictly necessary cookies and local storage objects:
Name |
Duration |
Purpose |
Type |
apiDomain_<apiKey> |
12 Months |
The shared domain API calls for all sites in a group should be sent to. |
Persistent |
gig_bootstrap_<apiKey> |
12 Months |
Internal cookie for the Web SDK |
Persistent |
gig_canary |
1 year (only active ~3 days) |
Indicates whether the client is using the canary version of the WebSDK. |
Persistent |
gig_canary_ver |
1 year (only active ~3 days) |
The version name of the WebSDK's canary version. |
Persistent |
_gig_llu |
12 Months |
Last login provider username for Login "Welcome back" screen. |
Persistent |
_gig_llp |
12 Months |
Last login provider name for Login "Welcome back" screen. |
Persistent |
gig_last_ver_<APIKey> |
12 Months |
Last time of verification of the session when the site is using the verifyLoginInterval property of global CONF in order to trigger reverification. |
Persistent |
gig_loginToken_<APIKey> |
12 Months |
Gigya's Single Sign On (SSO) group login token. |
Persistent |
gig_loginToken_<APIKey>_exp |
12 Months |
SSO expiration. |
Persistent |
gig_loginToken_<API_KEY>_revoked_tokens |
12 Months |
Revoked login tokens in an SSO group. In SSO scenarios, indicates to the Web SDK that the current token was revoked, so as to log the user out. |
Persistent |
gig_loginToken_<APIKey>_session |
- |
Indicates if the group login token session is still activated. |
Session |
gig_loginToken_<APIKey>_visited |
12 Months |
Used to keep track of visited sites within the same SSO group. |
Persistent |
gmid |
12 Months |
User cookie. |
Persistent |
hasGmid |
13 Months |
Internal cookie for the Web SDK |
Persistent |
ucid |
13 Months |
Unique computer identifier used for generating reports, and used by the Web SDK to get saved response. |
Persistent |
glt_<APIKey> |
30 days |
Login Token for authentication. |
Persistent |
accountInfo uid |
Permanent (Deleted on logout) |
UID of the logged-in user |
Persistent |
accountInfo uidSignature |
Permanent (Deleted on logout) |
Original signature received from client-side login operations |
Persistent |
accountInfo signatureTimestamp |
Permanent (Deleted on logout) |
Original timestamp received from client-side login operations |
Persistent |
accountInfo profile age |
Permanent (Deleted on logout) |
Used for user information settings on the settings screen and activity upload API requests |
Persistent |
accountInfo profile birthDay |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile birthMonth |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile birthYear |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile email |
Permanent (Deleted on logout) |
Used in the user information settings on the configuration screen |
Persistent |
accountInfo profile firstName |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile gender |
Permanent (Deleted on logout) |
Used in user information settings on the settings screen and in requests for the entry API and activity upload API |
Persistent |
accountInfo profile lastName |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile nickname |
Permanent (Deleted on logout) |
Used in user information settings in the sidebar and settings screen |
Persistent |
accountInfo profile photoURL |
Permanent (Deleted on logout) |
Used in the sidebar, user information settings on the settings screen, and user image settings dialog |
Persistent |
accountInfo profile profileURL |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo profile thumbnailURL |
Permanent (Deleted on logout) |
Used in the sidebar, user information settings on the settings screen, and user image settings dialog |
Persistent |
accountInfo profile timezone |
Permanent (Deleted on logout) |
Time zone ID, used for date display |
Persistent |
accountInfo profile isConsentGrantedForSavingHealthInfo |
Permanent (Deleted on logout) |
Consent status (body information storage). Used in Activity Upload API requests, Weight Settings dialog, Max Heart Rate Settings, Resting Heart Rate Settings, Dashboard screen, Statistics Power Curve screen, and Settings screen external integration. |
Persistent |
accountInfo profile isConsentGrantedforUsingHealthInfo |
Permanent (Deleted on logout) |
Consent status (analysis of physical information). |
Persistent |
accountInfo profile isConsentGrantedforAnalysing |
Permanent (Deleted on logout) |
Consent status (usage analysis) |
Persistent |
accountInfo gigyaData bd place0 lv1 |
Permanent (Deleted on logout) |
Used in the user information settings on the configuration screen |
Persistent |
accountInfo gigyaData bd palce0 lv0 |
Permanent (Deleted on logout) |
Used in the user information settings on the configuration screen |
Persistent |
accountInfo gigyaData labFlag |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo gigyaData labLoginControlFlag |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo gigyaData lastLabFlagModified |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo gigyaData lastSidFlagModified |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo gigyaData sidFlag |
Permanent (Deleted on logout) |
- |
Persistent |
accountInfo accessToken |
Permanent (Deleted on logout) |
Access token Used for each API call. |
Persistent |
accountInfo refreshToken |
Permanent (Deleted on logout) |
Refresh Token Used in case of 401 error. |
Persistent |
setting isAutoFtpUpdate |
Permanent |
Automatic FTP Update Used in the Automatic FTP Update checkbox on the Settings page. |
Persistent |
setting restingHeartRate |
Permanent |
Resting heart rate (bpm) Used to set the resting heart rate on the settings screen. |
Persistent |
setting maxHeartRate |
Permanent |
Maximum heart rate (bpm). Used to set the maximum heart rate on the settings screen. |
Persistent |
setting language |
Permanent |
Language. Used in the settings screen display settings, user information settings, and password reset link. |
Persistent |
setting distanceUnit |
Permanent |
Distance and speed units. Used in the Activity List, Graph, Summary, and Section Control portions of the Analysis screen, Dashboard screen, Display Settings screen, Statistics Power Curve screen, and Calendar screen. |
Persistent |
setting altitudeUnit |
Permanent |
Units of Elevation. Used in the Activity List, Graph and Summary of Analysis screen, Dashboard, Display Settings screen, Statistics Power Curve screen, and Calendar screen. |
Persistent |
setting weightUnit |
Permanent |
Weight Units. Used in activity list, settings screen display settings and weight settings, analysis screen, dashboard graph, statistical power curve screen, and calendar screen. |
Persistent |
setting temperatureUnit |
Permanent |
Temperature Units. Activity List, Analysis Screen Summary, Setup Screen Display Settings, Statistics Power Curve Screen, and Calendar Screen. |
Persistent |
setting dateFormat |
Permanent |
Date display format. Used for maintenance announcements, dashboard graphs, settings screen display settings and FTP settings, statistical power curve screen, and date display. |
Persistent |
setting timeFormat |
Permanent |
Time display format. Used for activity list, maintenance announcements, weight and FTP settings dialogs on the settings screen, and date display. |
Persistent |
setting linksGarmin |
Permanent |
Garmin linkage status. Used in web linkage settings on the settings screen. |
Persistent |
setting linksWahoo |
Permanent |
Wahoo linkage status. Used in web linkage settings on the settings screen. |
Persistent |
setting linksStrava |
Permanent |
STRAVA integration status. Used in the Activity Share dialog, Activity Upload dialog, and Web Linkage settings in the Settings screen. |
Persistent |
setting linksTrainingpeaks |
Permanent |
TrainingPeaks integration status. Used in the Activity Share dialog, Activity Upload dialog, and Web Linkage settings in the Settings screen. |
Persistent |
setting wahooUserName |
Permanent |
Wahoo User Name. Used in web linkage settings on the configuration screen. |
Persistent |
setting stravaUserName |
Permanent |
STRAVA user name. Used in web linkage settings on the configuration screen. |
Persistent |
setting trainingpeaksUserName |
Permanent |
TrainingPeaks username. Used in web linkage settings on the configuration screen. |
Persistent |
setting isAutoShare |
Permanent |
Automatic activation of links for sharing. Used in web linkage settings on the configuration screen. |
Persistent |
setting isAutoStravaUpload |
Permanent |
STRAVA automatic transfer availability. Used in the Activity Upload dialog and in the Web Linkage settings on the Settings screen. |
Persistent |
setting isAutoTrainingpeaksUpload |
Permanent |
TrainingPeaks automatic transfer or not. Used in the Activity Upload dialog and in the Web Linkage settings on the Settings screen. |
Persistent |
setting dashSection |
Permanent |
Dashboard section (weekly/monthly). Used in dashboard settings on the settings screen and in dashboard graphs. |
Persistent |
setting dashItem1Id |
Permanent |
Dashboard Item 1 Parameter ID. Used in dashboard settings on the settings screen and in dashboard graphs. |
Persistent |
setting dashItem2Id |
Permanent |
Dashboard Item 2 Parameter ID. Used in dashboard settings on the settings screen and in dashboard graphs. |
Persistent |
setting dashTab1Id |
Permanent |
Dashboard Tab 1 Activity Category ID. Used in dashboard settings on the settings screen, dashboard tab view. |
Persistent |
setting dashTab2Id |
Permanent |
Dashboard Tab 2 Activity Category ID. Used in dashboard settings on the settings screen, dashboard tab view. |
Persistent |
setting dashTab3Id |
Permanent |
Dashboard Tab 3 Activity Category ID. Used in dashboard settings on the settings screen, dashboard tab view. |
Persistent |
setting dashTab4Id |
Permanent |
Dashboard Tab 4 Activity Category ID. Used in dashboard settings on the settings screen, dashboard tab view. |
Persistent |
activityCategories id |
Permanent |
Used in Activity List screen, Edit Activity dialog, Dashboard Settings in Settings screen, and Dashboard tab view |
Persistent |
activityCategories nameCode |
Permanent |
Used in Activity List screen, Edit Activity dialog, Dashboard Settings in Settings screen, and Dashboard tab view |
Persistent |
activityListSettings id |
Permanent |
Used in the activity list screen |
Persistent |
activityListSettings parameterId |
Permanent |
Used in the activity list screen |
Persistent |
activityListSettings isVisible |
Permanent |
Used in the activity list screen |
Persistent |
activityListSettings sortOrder |
Permanent |
Used in the activity list screen |
Persistent |
activityListParameters id |
Permanent |
Data for activity items that can be changed in the pull-down |
Persistent |
activityListParameters nameCode |
Permanent |
Used in the Activity List screen and in the Activity List settings on the Settings screen. |
Persistent |
activityListParameters unitType |
Permanent |
Data for activity items that can be changed in the pull-down |
Persistent |
activityListParameters unit |
Permanent |
Used in the Activity List screen and in the Activity List settings on the Settings screen. |
Persistent |
dashboardParameters id |
Permanent |
Used in dashboard graphs |
Persistent |
dashboardParameters nameCode |
Permanent |
Used in dashboard graphs |
Persistent |
dashboardParameters unitType |
Permanent |
Used in dashboard graphs |
Persistent |
dashboardParameters unit |
Permanent |
Used in dashboard graphs |
Persistent |
needsShowGraphOperationTutorial |
Permanent |
Should the graph manipulation tutorial be shown Used in graphs on the analysis screen. |
Persistent |
needsShowStandingButtonTutorial |
Permanent |
Should a standing button tutorial be shown or Used in the analysis screen. |
Persistent |
sectionControlSize |
Permanent |
Size of the section control section of the analysis screen |
Persistent |
powerCurveActivityGroups value |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
powerCurveActivityGroups type |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
powerCurveActivityGroups label |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
powerCurveActivityGroups beginDate |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
powerCurveActivityGroups endDate |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
powerCurveActivityGroups sortOrder |
Permanent |
Statistics screen and Power Curve display target activity group selection status |
Persistent |
maxPowerIntervals |
Permanent |
Interval selection state of statistics screen and maximum power display |
Persistent |
isMobile |
Permanent |
Used in header button |
Persistent |
windowSize height |
Permanent |
- |
Persistent |
windowSize width |
Permanent |
Used in analysis screens, dashboard screens, statistics screens, sidebars, and dialog buttons |
Persistent |
pastLoginUsers uid |
Permanent |
Stores up to 10 user IDs that have logged in in the past. Displays initial login dialog when logging in with a uid not in the list |
Persistent |
pastLoginUsers StatisticsWindowsStats index |
Permanent |
Index of the corresponding window |
Persistent |
pastLoginUsers StatisticsWindowsStats params parameterGroupId |
Permanent |
Parameter group ID |
Persistent |
pastLoginUsers StatisticsWindowsStats params activityGroup |
Permanent |
Activity group |
Persistent |
pastLoginUsers StatisticsWindowsStats params customActivityGroupSelected |
Permanent |
Custom activity group selection state |
Persistent |
pastLoginUsers StatisticsWindowsStats params Interval |
Permanent |
Interval |
Persistent |
pastLoginUsers StatisticsWindowsStats params selectIntervals |
Permanent |
Selectable display intervals |
Persistent |
pastLoginUsers StatisticsWindowsStats selectedGraphIndex |
Permanent |
Indicators for selected graphs |
Persistent |
(b) The Web App uses the following analytical cookies as a tracking tool:
Name |
Duration |
Purpose |
Type |
_ga |
2 year |
Used to differentiate among users in GoogleAnalytics. |
Persistent |
_ga_<container-id> |
2 year |
Used to maintain session status in GoogleAnalytics. |
Persistent |
gtag.js |
Permanent |
To enable the use of GoogleAnalytics. |
Persistent |
Additional Disclosures for California Consumers
These disclosures describe how we collect, use, process, and disclose Personal Data of California consumers in the context of the Web App and Services (as defined above), as well as the rights you may have under California law. These disclosures are intended to supplement the Data Protection Notice with information required by California law.
Personal Data We Collect
California law requires that we describe the Personal Data we collect about California consumers, including by identifying specific categories of data. We collect Personal Data directly from consumers, automatically when consumers use the Web App and Services, and from other sources (such as from social networks, when you use a social media account to register to SHIMANO ID). As we describe in more detail above in the “Information We Collect” section of this Notice, we have collected the following categories of Personal Data in the past 12 months in the context of the Web App:
o Identifiers (e.g., username and login password, Shimano ID, home address, email address, IP address, authentication data for third party services)
o Demographics (e.g., gender, birthday)
o Commercial Information (e.g., bike information such as nickname, components information (serial number, name and Universally Unique Identifier of wireless unit))
o Biometric Information (e.g., bike ride log information such as pedaling cadence)
o Internet Activity (e.g., bike ride log (power, location of sensor device, obtained elevation, elapsed/riding, time, distance, speed, pedaling cadence, pedaling vector and efficiency, ave. torque, heading, gear shifts, connected sensor details), Web App usage log information (information about your interactions with the Web App, including error and crash recovery logs, date/time stamps, clickstream data))
o Sensitive Data (e.g., health data such as heart rate and weight data; precise geolocation data)
For information about our business or commercial purpose(s) for collecting, or possibly sharing, your Personal Data, please refer to the “Purposes and Legal Bases” section of the Notice above.
How We Disclose Personal Data
We may disclose your Personal Data to third parties as described in the “Recipients of Personal Data” section of the Notice above. We do not "sell" or "share" Personal Data as those terms are defined under California law. California law also requires that we provide you with information about certain disclosures of Personal Data to third parties, where the disclosures are made for “business purposes”, such as disclosures to service providers. We disclose the following types of Personal Data for our business purposes:
Category of Personal Data |
Recipient |
Identifiers |
Other group companies and distributors IT support and maintenance providers Web server providers Analytics providers |
Health data |
Other group companies and distributors IT support and maintenance providers |
Demographics |
Other group companies and distributors IT support and maintenance providers Web server providers |
Commercial Information |
Other group companies and distributors IT support and maintenance providers |
Biometric Information |
Other group companies and distributors IT support and maintenance providers |
Internet Activity |
Other group companies and distributors IT support and maintenance providers Analytics providers |
Location Data |
Other group companies and distributors IT support and maintenance providers |
California Rights
California law grants certain rights to California consumers. These include the rights to:
· Access specific pieces of Personal Data (“Right to Access”)
· Learn about how we process and share Personal Data (“Right to Know”)
· Correct inaccurate or incomplete Personal Data ("Right to Correct")
· Request deletion of Personal Data we collected from you (“Right to Request Deletion”)
· Opt out of “sales” and "sharing" of Personal Data, as defined under California law
· Restrict certain uses and disclosures of Personal Data that is considered sensitive personal information under California law
· Not to be denied goods or services for exercising these rights
To exercise the Right to Access, Right to Know, Right to Correct or Right to Request Deletion: please contact us at privacy@shimano-eu.com or +1-800-423-2420. Only you or a person that you authorize to act on your behalf may make a request related to your Personal Data. A request to exercise any of these rights must (1) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Data (or an authorized representative of that person); and (2) describe your request with sufficient detail that allows us to understand, evaluate, and respond to your request. We will verify your identity by sending email to your registered email address and confirming reply from your email address. In certain cases, we may need to ask for more information. We may not be able to respond to your request or provide you with the information you requested if we are unable to verify your identity (or establish the authority of an authorized agent acting on your behalf). Authorized agents wishing to exercise rights on behalf of a California consumer should submit requests to privacy@shimano-eu.com along with a copy of the consumer’s signed authorization designating you as their agent. If you do not have an account with SHIMANO, while you may contact us at privacy@shimano-eu.com with questions or concerns, we may not be able to respond to requests to exercise your rights under California law, including the right to know or delete your Personal Data. Because we only collect limited data about individuals without an account, we are unable to verify requests from non-accountholders to the standard required by California law.
Additionally, under California Civil Code Section 1798.83, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal data that a business has disclosed to third parties during the immediately preceding calendar year for the third parties’ direct marketing purposes and (b) the names and addresses of such third parties. To exercise this right, please contact us at privacy@shimano-eu.com.
Contact Us
If you have any questions regarding the processing of your Personal Data, please contact us at privacy@shimano-eu.com.