1. Compliance with Related Laws and Ordinances, Guidelines, etc. |
COMPANY recognizes the importance of privacy and ensures full compliance with the Privacy Laws. We make every effort to ensure proper use and protect your personal information. |
2. Collection, Use and Disclosure of Personal Information |
COMPANY obtains personal information only through fair and lawful means. We give a clear statement of how the personal information will be used. We do not use personal information beyond the intended use without consent of the customer. When disclosing personal information to a third party (including those inside or outside Japan), we will follow the procedure set forth by laws and regulations. |
3. Intended Use of Personal Information |
The personal information will be used for the following purposes.
- (1)To appropriately and smoothly perform the below-mentioned business activities, of which COMPANY is allowed to operate under the laws and the articles of incorporation (including businesses that will be allowed in the future), including collecting data, entering into contracts, enforcing transactions and communicating in emergency situations
- 1Hotels, traditional inns, restaurants, sports facilities, resort facilities, amusement facilities, spas, public baths, saunas, meeting rooms, wedding facilities, kiosks, parking management and operation outsourcing, as well as planning and operations consulting
- 2General passenger land transportation business
- 3Sales and procurement of alcohol, tobacco, foodstuffs, beverages, cosmetics, medical supplies, medical equipment, books, stationery, toys, daily goods, travel goods, tourist souvenirs, precious metals, ceramics, and glass goods, etc.
- 4Advertising agency and travel information services
- 5Sales of postal stamps and duty stamps
- 6Clothes rental
- 7Cloakroom services for holding travelers' goods
- 8Leasing, rental, and management of real estate
- 9Any and all businesses directly related to the preceding services
- (2)To introduce products or services of our related companies or alliance partners which are considered valuable for customers(*1)(*2)
- (3)For COMPANY or its related companies to conduct marketing activities, such as market research and analysis(*1)(*2)
- (4)For COMPANY or its related companies to conduct recruiting activities and receive temporary staff
- (5)To exercise legal rights or fulfill legal obligations
- (6)To identify your personal device and ensure that you, the user, can access the services of the COMPANY as smoothly as possible through information obtained from cookies and advertisement identification data (including attributes such as age, gender, occupation and residential area, and information that does not pinpoint personal identity, such as location information, behavior history, login information and IP address) (*1)(*2)
- (7)To provide the personal information to a third party to the extent required to accomplish the intended use mentioned in the preceding items 1 to 6
(*1)COMPANY analyzes information obtained from customers, such as their website browsing history, and may use such information to provide services and distribute advertising, etc. (*2)COMPANY may use information such as customers' browsing history obtained from third parties other than COMPANY by linking it to personal information already acquired on customers. In such cases, COMPANY will obtain prior consent from the customer and use the information within the scope of the purposes of use described above.
|
4. Disclosure of Personal Data to a Third Party |
COMPANY will not provide personal data it has received to a third party (including those inside or outside Japan) without obtaining the customer's consent in advance. However, this does not apply in cases it provides personal data to a third party (including those inside or outside Japan) due to any following item being necessary:
- (1)When COMPANY entrusts all or part of personal data handling within a scope necessary for achieving the intended use
- (2)When personal data is provided as a result of business succession in a merger or other such events
- (3)When determined necessary to preserve a person's life, physical wellbeing or financial assets and obtaining prior consent from the individual is deemed difficult or impossible
- (4)When determined particularly necessary to promote improvement of public health or the healthy development of youth and obtaining prior consent from the individual is deemed difficult or impossible
- (5)When determined necessary for cooperation in executing duties required by law as indicated by national institutions or local governments, or any person entrusted by these bodies and when obtaining prior consent from the customer would pose risk of interference in the execution of said duties
- (6)Where the third party is an academic research institution, etc. (meaning a university or other institution or organization engaged in academic research, or a person belonging to such institution or organization) and it is necessary to process said personal data for academic research purposes (including cases where such personal data is processed partly for academic research purposes, but excluding cases where there is a risk of unjustified infringement of the rights and/or interests of such individuals)
- (7)When determined necessary pursuant to the Privacy Laws or any other law or regulation
|
5.Personal Data Security Management Measures |
COMPANY will take necessary and appropriate data security management measures to prevent the leakage, loss, or damage of personal data provided. COMPANY will also ensure necessary and appropriate supervision over employees and contractors (including subcontractors, etc.) who process personal data. Personal Data Security Management Measures are prescribed separately in the "Personal Information Management Regulations," the main contents of which are as follows.
- (1)Formulation of a personal information protection policy
- ・ In order to ensure the proper processing of personal data, COMPANY has established this policy regarding "compliance with related laws and ordinances, guidelines, etc." and "contacts for handling questions and complaints."
- (2)Maintenance of rules for the processing of personal data
- ・COMPANY has established "Personal Information Management Regulations" for each step of the process, including acquisition, use, storage, provision, deletion/disposal, etc. of personal data, including how such information is to be processed, who is responsible/in charge of such information, and their duties, etc.
- (3)Systemic data security management measures
- ・In addition to appointing specific employees to assume responsibility for the processing of personal data, the scope of personal data has been clarified, and a reporting and communication system has been established in the event that an actual or suspected violation of the "Act on the Protection of Personal Information" or the "Personal Information Management Regulations" is detected.
- ・COMPANY regularly undertakes internal checks on the status of personal data processing measures.
- (4)Human data security management measures
- ・Regular training is provided to employees on points to remember when processing personal data.
- ・Employees are bound by confidentiality agreements on (the processing of) personal data.
- (5)Physical data security management measures
- ・In areas where personal data is processed, COMPANY implements access control for employees, restricts the equipment they may bring in, and implements other measures to prevent unauthorized persons from viewing personal data.
- ・ COMPANY takes measures to prevent the theft or loss of equipment, electronic media and documents that contain personal data, and takes steps to ensure that personal data is not easily revealed when such equipment, electronic media, etc. are being transported.
- (6)Technological data security management measures
- ・Access restrictions have been put in place to limit the scope of responsible personnel and that of the personal information databases, etc. they use.
- ・COMPANY has introduced mechanisms to protect information systems that process personal data from unauthorized external access and/or (the use of) unauthorized software.
- (7)Monitoring of the external environment
- ・When personal data is processed in a foreign country, COMPANY will implement security management measures based on our understanding of the systems for protection of personal information in that foreign country. For more information about the specific countries in which COMPANY processes personal data, please contact us via the information provided in Section 10.
|
6. Sharing of Personal Data |
COMPANY may share the provided personal data as described below:
- (1)Personal data
Your name, workplace/organization (company name, division, title, etc.), mailing address, phone number, email address, etc.
- (2)Parties receiving the personal data
Related companies of COMPANY
- (3)Purpose of sharing
For the intended use mentioned in the preceding section 3.
- (4)Responsible party related to the sharing of the personal data
- ・Name KARAKSA HOTELS TOKYO Corporation
- ・Address 1-1-1 Akasaka, Minato-ku, Tokyo 107-0052, Japan
- ・Name of representative Ryosuke Sato, President, Representative Director
|
7. Outsourcing of Personal Data Processing |
When outsourcing personal data handling, COMPANY exercises necessary and reasonable control and supervision with the outsourcee in accordance with the Personal Information Protection Law. |
8. Information Regarding Personal Data |
It is required under the Privacy Laws to give the following information related to the personal data we possess.
- (1)Name of the entity handling the personal information
- ・Name KARAKSA HOTELS TOKYO Corporation
- ・Address 1-1-1 Akasaka, Minato-ku, Tokyo 107-0052, Japan
- ・Name of representative Ryosuke Sato, President, Representative Director
- (2)Purposes of use of all personal data
Purposes are specified in 3. Intended Use of Personal Information.
- (3)Procedures for responding to requests for notification of purpose of use, disclosure, correction, suspension of use, deletion, disclosure of records on provision (of data) to third parties, etc.
To the extent permitted under the Act on the Protection of Personal Information, customers may request COMPANY to notify them of the purpose of use of retained personal data, or to disclose, correct, suspend use, delete, or disclose records of such data's provision to third parties through the following procedures. The request procedures are as outlined below:
- A. The request shall be sent via postal mail to the address shown in 10. Contact.
- B. If requesting a disclosure, 400-yen postage stamps are required as a fee.
- C. Please use the format we provide.
- D. Please provide a form of identification. We need it to confirm your identity or to confirm whether you are an official representative.
- (4)Making claims
Please contact us. The address and phone are shown in 10. Contact.
|
9. Site Usage Statistics Acquisition |
COMPANY uses the data analysis service Google Analytics for the purpose of examining its site usage statistics.
Google Analytics mainly uses cookies stored on users’ computers to collect traffic data. COMPANY does not acquire any data that would enable COMPANY to identify specific users through Google Analytics.
Google Analytics gathers statistical data that does not pinpoint the user directly, and the data gathered is managed under Google’s privacy policy.
To view Google’s privacy policy, please see the page below: https://policies.google.com/privacy
|
10. Contact |
If you have any opinion or question related to our handling of personal information or if you have to make a request related to the personal information, please contact us:
- KARAKSA HOTELS TOKYO Corporation
- 1-1-1 Akasaka, Minato-ku, Tokyo 107-0052, Japan
- CONTACT
|
11. Further Improvements |
COMPANY will continue to make further improvements to our privacy policy in order to protect the personal information we possess. |