1. Basic policy

JR Hotel Group (hereinafter referred to as "JR Hotel Group") has established this privacy policy and the organizational system on the handling of the personal information of customers who receive services by member hotels of JR Hotel Group or use the website of JR Hotel Group (hereinafter referred to as "The Website") and strives for the appropriate protection of personal information.

(1) Acquisition of personal information

JJR Hotel Group acquires the following personal information for the purpose of providing services or business operations of JR Hotel Group. JR Hotel Group acquires personal information within the scope of its intended purposes of use and clearly explains purposes of use, the scope of utilization, and the inquiries office of JR Hotel Group, etc.

(2) Prohibition on the use of personal information beyond the intended purposes and the provision of personal information to third parties

JR Hotel Group uses personal information within the scope of its intended purposes of use, appoints a Personal Information Protection Manager and has established the organizational system for the protection of personal information. JR Hotel Group deals with personal information adequately and does not provide or disclose personal information to third parties without the consent of Persons Concerned or request by laws and regulations.

(3) Assigning of personal information

In case that JR Hotel Group entrusts all or part of personal information, JR Hotel Group prohibits entrusted persons from leaking or providing personal information to third parties by contract and supervises entrusted persons appropriately.

(4) The rights of Persons Concerned

The specific individuals identified by personal information (hereinafter referred to as "Person/s Concerned") have the right to withdraw their consent to the use of personal information at any time even if they had consented to the intended purposes before. In addition, Persons Concerned have the right to request JR-East Hotels for a utilization cease, disclosure etc. of the retained personal information pursuant to the provisions of applicable laws.

(5) Procedures of a utilization cease, disclosure etc. of personal information

In case that Persons Concerned request JR Hotel Group a utilization cease, disclosure etc. of the retained personal information, they shall contact the inquiries office specified by JR Hotel Group. JR Hotel Group shall respond as soon as reasonably possible.

(6) Observance of laws and regulations

JR Hotel Group observes applicable laws, regulations and standards, provides in-house education, informs employees of this privacy policy and strives for the improvement of understandings of employees on the handling of the retained personal information.

(7) The review and improvement of the system for the protection of personal information

JR Hotel Group will continuously evaluate and review this privacy policy and the systems for the protection of personal information. JR Hotel Group will maintain and improve the actions for the protection of the retained personal information.

(8) Handling personal information by link destinations

JR Hotel Group shall bear no responsibility with regard to the handling of personal information by other entities or individuals linked to The Website.

2. Definition of personal information

The term "personal information" in this privacy policy means information related to a living individual that can identify a specific individual by name, date of birth or other description contained in. (This includes the "personal information" defined by Article 2(1) of the Act on the Protection of Personal Information.)

3. Acquisition and purposes of use of personal information

JR Hotel Group acquires and uses the following personal information for the following intended purposes. JR Hotel Group does not use personal information beyond the scope of intended purposes of use without the consent of the Persons Concerned.

(1) Personal information of customers

1 Personal information acquired

Name, age, gender, date of birth, occupation, address, telephone number, email address, nationality, passport number and other information necessary for the following purposes of use.

2 Purposes of use

• <1>　For performing works required to provide services by member hotels of JR Hotel Group (accommodation, restaurants, shops, banquets, wedding receptions, catering).
• <2>　For offering on-line booking and other related businesses.
• <3>　For handling inquiries and requests, etc.
• <4>　For providing necessary information on the products, services, events and other related business activities of member hotels of JR Hotel Group.
• <5>　For providing information on the products, services and events of member hotels of JR-East Hotels to the customers who have consented to sending by direct mail, email and LINE, etc.
• <6>　For providing information on the products, services and events of member hotels of JR-East Hotels to the customers who have consented to sending by direct mail, email and LINE, etc.
• <7>　For grasping and analyzing state of usage of the products, services and events of member hotels of JR Hotel Group to improve their quality.
• <8>　For exercising rights and performing duties based on laws and the provisions of terms and conditions for accommodation.
• <9>　For other purposes of use indicated at the time of acquisition of personal information.

(2) Personal information of members of the "JR Hotel Members" organization.

1 Personal information acquired

Member number, password, name, age, gender, date of birth, address, telephone number, email address, employer information and history of providing and use of points, and other information necessary for the following purposes of use.

2 Purposes of use

• <1>　For performing works required within the scope of the purposes of use set forth in 3(1)2 of this privacy policy.
• <2>　For performing works required for the operation of the "JR Hotel Members" organization (hereinafter referred to as "The Members' Organization").
• <3>　For providing important information such as changes to the membership agreement, terms of service or benefits of The Members' Organization.
• <4>　For other purposes of use indicated at the time of acquisition of personal information.

3 Other agreements of The Members' Organization

Membership agreement of the "JR Hotel Members" organization
Terms of service of the "JR Hotel Members" organization

4. Handling of personal information

(1) Appropriate management of personal information

JR Hotel Group appropriately implements management of personal information, takes appropriate safety measures including reasonable technological measures to prevent unauthorized access, damage, falsification and leakage of personal information. JR Hotel Group continuously strives to maintain and enhance the management system of personal information. JR Hotel Group strives to keep the personal information accurate and up to date within the scope of purposes of use, limits the employees who can access or handle it and exercises appropriate supervision over them.

JR Hotel Group stores the personal information on the database of JR Hotel Group or third-party service providers that JR Hotel Group has concluded contracts with.

JR Hotel Group sets expiration dates for the storage of personal information within necessary period for purposes of use and deletes the personal information without delay after expiration dates unless otherwise specified in laws and regulations.

(2) Safety measures on the internet

JR Hotel Group implements the following safety technologies in the use of its on-line booking system though these do not guarantee a complete security environment.

1 SSL

JR Hotel Group uses SSL (Secure Sockets Layer) encryption technology on The Website where personal information is inputted. With SSL, data is transmitted to the registered computer through a network after being encrypted. (SSL is a technology that prevents theft or alteration of data by encryption and authentication in communication between the browser and the WWW server.)

2　Cracking by unauthorized access

JR Hotel Group installs a firewall to prevent unauthorized access from outside.

5. Sharing of personal information

JR Hotel Group shares personal information within the scope of its intended purposes of use as follows. When the sharing users have established policies for personal information, their policies shall be applied for their use.

(1) Sharing of personal information on the business of member hotels of JR Hotel Group (accommodation, restaurants, shops, banquets, wedding receptions, catering.)

1 Scope of the sharing users

Member companies of The Members' Organization, the JR Hotel Group and JR-East Hotels.

2 Purposes of sharing use

For providing services by member hotels of JR Hotel Group (accommodation, restaurants, shops, banquets, wedding receptions, catering) and offering on-line booking reservations, and other related businesses.

3 Categories of sharing Information

Member number, password, name, age, gender, date of birth, address, telephone number, email address, employer information and history of providing and use of points and other information necessary for the above purposes of sharing use.

4 Person responsible for personal information

Nippon Hotel Co., Ltd.

(2) Sharing of personal information for the service at all tenant shops in the hotels that member hotels of JR Hotel Group operate

1 Scope of the sharing users

All tenant shops in the hotels that member hotels of JR Hotel Group operate.

2 Purposes of sharing use

For providing services at JR Hotel Group (accommodation, restaurants, shops, banquets, wedding receptions, catering) and other related businesses.

3 Categories of sharing Information

Name, age, gender, date of birth, address, telephone number, email address, and other information necessary in the scope of above purposes of sharing use.

4 Person responsible for personal information

Nippon Hotel Co., Ltd.

6. Provision of personal information to third parties

JR Hotel Group does not provide personal information to third parties without obtaining the consent of Persons Concerned in advance except in cases set forth in the following categories.

(1) Cases where JR Hotel Group provides personal information to third parties

1　Cases based on laws and regulations

2　Cases where there is a need to protect a human life, body or fortune, and when it is difficult to obtain the consent of Persons Concerned

3　Cases where there is a special need to enhance public hygiene or promote fostering healthy children, and when it is difficult to obtain the consent of Persons Concerned

4　Cases where there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing public affairs, and when there is a possibility that obtaining the consent of the Persons Concerned would interfere with the performance of the said public affairs

5　Cases where disclosure or provision to a third party has been requested clearly by Persons Concerned。

(2) Disclaimer regarding provision to a third party

In the following cases, JR Hotel Group will bear no responsibility whatsoever with regard to the acquisition of personal information by third parties.

1　Cases where personal information is disclosed to an accommodation facility by Persons Concerned (if Persons Concerned discloses personal information of companions at the time of reservation, it is assumed that the consent of those companions is obtained at the responsibility of the Person Concerned)

2　Cases where personal information is disclosed to third parties by Persons Concerned

3　Cases where personal information is provided to or used on external websites linked to The Website by Persons Concerned

4　Cases where third parties obtain information that could identify an individual (password, etc.) for reasons not attributable to JR Hotel Group

(3) Appropriate management and supervision over entrusted persons

In case of JR Hotel Group entrusts the handling of personal information to third parties within the scope of intended purposes of use, JR Hotel Group shall take appropriate consideration for the selection of entrusted persons, conclude a non-disclosure contract with them, guide them for the proper management of personal information and exercise appropriate supervision over them.

7. Transfer of personal information outside of the European Economic Area (EEA)

JR Hotel Group may transfer the personal information of Persons Concerned who reside in the European Economic Area (EEA) to the terrain outside of the EEA and use within the scope of intended purposes of use. In these cases, JR Hotel Group shall appropriately and strictly handle the personal information under applicable laws.

8. Rights of Persons Concerned

Persons Concerned have the right to demand actions such as the notification of the purposes of use, disclosure, correction, deletion, utilization cease, or ceasing of provision to third parties (hereinafter referred to as "Utilization cease, Disclosure, etc.") of the retained personal information pursuant to the provisions of applicable laws. Persons Concerned have the right to withdraw their consent to the use of personal information at any time even if they had consented to the intended purposes before. Persons Concerned have the right to object to their local supervisory authorities with jurisdiction over the protection of personal information if they are dissatisfied with the handling of personal information by JR Hotel Group.

9. Procedures of Utilization cease, Disclosure, etc.

In case that Persons Concerned request JR Hotel Group for Utilization cease, Disclosure, etc., JR Hotel Group shall respect the will of the Persons Concerned, confirm the identification of the Person Concerned and respond for the reasonable period pursuant to the provisions of applicable laws.

However, JR Hotel Group may refuse said request:
・where there is a possibility of violating the laws or regulations,
・where there is a possibility of harming third party’s life, body, fortune or other rights and interests,
・where there is a possibility of interfering with JR Hotel Group implementing its business,
・where the said personal information does not exist,
・where JR Hotel Group cannot confirm the identification of the Persons Concerned,
・and where Persons Concerned do not pay the prescribed fee.

When Persons Concerned request Utilization cease, Disclosure, etc., please contact the personal information inquiries office below.

(2) Purpose of use of personal information acquired due to requests for Utilization cease, Disclosure, etc.

[Personal information inquiries office]
Address:
1-11-1 Nishiikebukuro, Toshima-ku, Tokyo 171-0021
Personal Information Inquiries Office, Nippon Hotel Co., Ltd.
email address: cpo@nihonhotel.com
Office hours: 10.00 - 17.00 (excluding weekends and public holidays)

(2) Purpose of use of personal information acquired due to requests for Utilization cease, Disclosure.etc

JR Hotel Group will use personal information acquired due to requests for Utilization cease, Disclosure, etc. within the scope of purposes required for the procedures for Utilization cease, Disclosure, etc. JR Hotel Group will appropriately dispose of the documents submitted in the procedures for Utilization cease, Disclosure, etc.

10. Protection of the personal information of minors

JR Hotel Group handles the personal information of minors appropriately in accordance with this privacy policy. When Persons Concerned is minor, JR Hotel Group may require the consent of persons in parental authority for acquiring the personal information. If Persons Concerned is less than 13 years of age, JR Hotel Group shall require the consent of persons in parental authority and give special consideration to the handling of their personal information.

11. Use of cookies

The Website may use cookies to improve the information and services provided and to offer comfortable use of The Website.For details, please refer to the"Cookie policy"of The Website.

12. Handling of access logs

The Website may acquire access logs to improve the use of The Website and to analyze statistical data. JR Hotel Group does not disclose access logs to third parties unless otherwise provided by laws and regulations. If you refuse to send access logs, you may not use The Website properly.

13. Revision of this privacy policy

JR Hotel Group will revise this privacy policy to respond to changes in related laws, regulations or the social environment, etc. JR Hotel Group will post the revised privacy policy on The Website.

14. Personal information inquiries office

Please contact the personal information inquiries office below when you have any inquiries about this privacy policy.

Personal Information Inquiries Office, Nippon Hotel Co., Ltd.
Address: 1-6-1 Nishiikebukuro, Toshima-ku, Tokyo 171-8505
email address: cpo@nihonhotel.com
Office hours: 10.00 - 17.00 (excluding weekends and public holidays)
Personal Information Protection Manager: General Manager, General Affairs Division, Nippon Hotel Co., Ltd.