(Last Updated: [October 1, 2020])
Royal Park Hotel Co., Ltd. (the “Company”) is aware that information that could identify an individual customer of the Company (“Personal Information”) is valuable information, and has therefore established regulations on information management in order to handle Personal Information with the utmost care. Please review the Company’s basic policy on the handling of Personal Information set forth below.
I. Collection of Personal Information
The Company collects Personal Information only to the extent appropriate and necessary to conduct the Company’s business using the methods set forth below.
1. Direct collection from customers: Collection via telephone, orally, in writing (including electronic records), from business cards, online (including information that is input when using websites of hotels managed and operated by the Company and information input when performing member registration), and so on. The information we collect from you is likely to include your name, telephone or fax number, nationality, address, email address (including social media IDs and the like associated with email addresses), age, gender, date of birth, anniversary date, employer information, requests, and use history.
2. Collection from third parties duly authorized by customers: Collection from third parties such as users, potential users, referral agencies, travel trade professionals, and business partners. The information we collect from such third parties is likely to include your name, telephone or fax number, nationality, address, email address (including social media IDs and the like associated with email addresses), age, gender, date of birth, anniversary date, employer information, requests, and use history.
3. Collection from publicly available sources: Collection from newspapers, online, telephone directories, books, and other such sources. The information we collect from such publicly available sources is likely to include your name, telephone or fax number, nationality, address, email address (including social media IDs and the like associated with email addresses), age, gender, date of birth, anniversary date, employer information, requests, and use history.
4. Collection from businesses engaged in the management and operation of the hotels that use the Company’s trademarks under license from the Company (referred to collectively with hotels managed and operated by the Company as “Royal Park Hotels Group Hotels”): Personal Information will be collected by the relevant businesses and shared by means of shared use of Personal Information, as specified in the privacy policies of these businesses. The information we collect from such businesses is likely to include your name, membership registration number, telephone or fax number, nationality, passport number, address, email address (including social media IDs and the like associated with email addresses), age, gender, date of birth, anniversary date, employer information, requests, and use history.
II. Purposes of Use of Personal Information
The Company uses Personal Information for the following purposes.
1. To provide services through the operation of hotel facilities such as accommodation, dining, and banquet space.
2. To provide information regarding its facilities, products, services, and so on.
3. To facilitate customer surveys and the like presented by the Company intended to improve the Company’s services.
4. To provide various information and services in relation to its membership program provided by the Company.
5. To respond to other matters ancillary or related to its operations when use is within the scope of the intended use specified at the time that the Personal Information was acquired.
III. Shared Use of Personal Information
In order to add high levels of value to the services provided to customers, the Company shares Personal Information as set forth below under strict controls and with appropriate security measures in place.
1. Joint users of Personal Information: Businesses engaged in the management and operation of Royal Park Hotels Group Hotels, including guest service providers.
2. Purposes of Shared Use:
3. Personal Information subject to shared use: your name, membership registration number, telephone or fax number, nationality, passport number, address, email address (including social media IDs and the like associated with email addresses), age, gender, date of birth, anniversary date, employer information, requests, and use history.
4. Administrator of Personal Information subject to shared use: Royal Park Hotels and Resorts Co., Ltd.
IV. Provision of Personal Information to Third Parties
Except in the following cases, the Company shall not provide or disclose Personal Information to third parties. Subject to the requirements specified in Articles X and XI, the Company may disclose Personal Information to cloud service providers as long as such cloud service providers are precluded from using the Personal Information provided.
1. When you consent.
2. When the disclosure is based on laws and regulations.
3. When there is a need to protect a human life, body or fortune, and when it is difficult to obtain your consent.
4. When there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and when there is a possibility that obtaining your consent would interfere with the performance of the said affairs.
V. Contact Information regarding Personal Information (Responsible Division)
Personal Information Enquiry Counter, Royal Park Hotel Co., Ltd.
Address: 2-1-1 Nihonbashi-Kakigara-cho, Chuo-ku, Tokyo 103-8520, JAPAN
Inquiries will be accepted by mail to the above address. The Company will respond to your inquiry in writing several days later (a separate processing fee may be required in some instances). Please note that depending on the nature of the inquiry, you may be requested to come to the Company’s offices to confirm your identity.
VI. Protection of Personal Information
The Company has established the Information Management Committee to manage Personal Information as it strives to protect Personal Information from unauthorized access. The Information Management Committee has implemented, and will continue to oversee, the following matters.
VII. Internal Systems
The Company has implemented security measures to ensure that its employees carry out comprehensive protection of your Personal Information, and to appropriately monitor outside contractors and others.
VIII. Personal Information on Third-Party Linked Sites
In order to provide more useful information and services to you, the Company’s websites contain links to the websites of third parties (other companies and organizations). The Company assumes no responsibility regarding the collection and handling of Personal Information by such linked third-party websites.
X. Handling of Personal Information of EEA residents
In addition to Articles I-IX above, the provisions in this Article X and Article XI below shall apply to the handling of Personal Information of persons in the European Economic Area (EEA) that is subject to the General Data Protection Regulation (REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL). If any provision of these Articles X and XI conflicts with the provisions of Articles I-IX above, the provisions of Articles X and XI shall prevail.
1. Legal basis for processing: The Company will process and use Personal Information to manage its contractual relationship with you, to pursue a legitimate interest, and/or to comply with a legal obligation.
It will be necessary for the Company to use your Personal Information to complete a booking you have made with us. For example, we will need to use information such as your contact details and payment information to provide you with the stay and/or restaurant booking you have requested and paid for.
Alternatively, we may collect and use your Personal Information where you have given your specific consent to us doing so.
2. Collection of access data: In addition to the information specified in Article I, we automatically collect data related to you when you visit our websites. This data that we obtain from you when you visit us (“access data”) includes access logs, web beacons (also known as pixel tags), cookies, etc. For more information about how we use your access data, please see Article XI below.
3. Disclosure of your Personal Information to recipients： We may share your Personal Information with businesses engaged in the management and operation of Royal Park Hotels Group Hotels for the purpose described in “III Shared Use of Personal Information”. We may also share your Personal Information with internet service providers, cloud service providers, guest service providers, etc. Most of these recipients are located in Japan. We will ensure an adequate level of protection of your Personal Information when they are disclosed to a recipient located outside the EEA.
4. Transfer of your Personal Information: Your Personal Information may be transferred to and stored by the Company and our service providers in countries outside the country in which you are located and outside the EEA. The Company operates businesses in multiple jurisdictions, some of which are not located in the EEA, such as Japan, China and the USA. Where we transfer your Personal Information outside the EEA, we will ensure that:
You can obtain more detailed information about the protection given to your Personal Information when it is transferred outside the EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Information) by contacting us in accordance with the contact information provided above.
Retention of Your Personal Information: The Company will keep your information for as long as we need it for the purpose it is being processed for. For example, where you book a stay with us we will keep the information related to your booking, so we can fulfill the specific travel arrangements you have made and after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the booking. The information may also be retained so that we can continue to improve your experience with us and to ensure that you receive any loyalty rewards which are due to you.
We will actively review the information we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business or customer need for it to be retained.
5. Your Data Protection Rights: Under certain circumstances prescribed by law, you have the right to:
If you want to exercise any of these rights listed above, please send an email to firstname.lastname@example.org
You also have the right to lodge a complaint with the competent data protection authority if you think that any of your rights have been infringed by the Company.
XI. Use of Access Data
1. The Company collects and uses the following types of access data from visitors to our websites and users of our services.
2. The following third-party providers may have access to the access data collected by us.
President and Chief Privacy Officer
Royal Park Hotel Co., Ltd.