JREFU Hotel Management & Consulting Co., Ltd. “Privacy Policy”

1.Basic Policy

JREFU Hotel Management & Consulting Co., Ltd. (hereinafter, the “Company”, “we”, “our” or “us”) hereby provides how the personal information of all stakeholders (customers, job applicants, our partners, etc.) using the services provided by the Company (hereinafter, the “Service”) shall be handled. The Company shall establish a system of personal information protection and work to adequately protect the personal information.

(1) Acquisition of Personal Information

The Company may acquire personal information set forth in this Privacy Policy to provide the Services, or to perform work necessary for the Company. The Company shall make clear the purpose of use and scope of personal information used by the Company, make available a help desk to which inquiries may be directed, and then collect personal information within the said purpose of use. If personal information is not provided appropriately, we may be unable to provide the Services, make inquiries, make notifications, etc. for customers.

(2) Restrictions on Using Personal Information Outside the Purpose of Use and/or Provision to a Third Party

The Company shall use personal information within the purpose of use, appoint a person responsible for personal information administration, establish a personal information protection system, administer personal information in the proper manner, and not provide or disclose personal information to any third party, unless there are special circumstances.

(3) Contracting the Handling of Personal Information

The Company ensures an appropriate management by the contractor through contractual obligations, upon contracting the handling of personal information to an external party so as to avoid leak and/or further provision of information.

(4) Rights of the Personal Information Provider (the individual)

The provider of personal information (hereinafter, the “Individual”) has the right to withdraw its consent for its personal information to be used by the Company at any time, even if consent for the use of personal information was previously given, provided that the withdrawal of such consent does not have a retroactive effect. Moreover, the Individual has the right to make reference to the Company, to request the Company for disclosure, delivery of reproduction, an addition or a revision, suspension of collection, processing or use of such information and deletion thereof, pursuant to applicable laws.

(5) Procedure for making the reference, disclosure, delivery of a reproduction, an addition, a revision, suspension of collection, processing or use of personal information, and deletion thereof

If the Individual wishes to initiate the process for making reference, disclosure, delivery of a reproduction, an addition, a revision, suspension of collection, processing or use of personal information, and deletion thereof, they are advised to contact the help desk designated by the Company and then the Company may respond promptly.

(6) Compliance with the Laws

The Company shall comply with pertinent laws and regulations on the protection of personal information held, and shall train Company employees on personal information protection, thoroughly notify employees of related policies, and work to increase company awareness of personal information protection.

(7) Maintaining and Improving Personal Information Protection

The Company shall periodically review and evaluate this Privacy Policy and the personal information protection system in place in order to maintain and improve the protection efforts undertaken in line with the above clauses.

(8) Personal Information in an External Links

The Company shall not be responsible for the protection of personal information, etc. from other operators or personal sites linked to this site.

2. What is Personal Information?

Personal information with respect to this Privacy Policy is defined as information pertaining to the living individual. Such information includes name, date of birth, and other information able to identify an individual. (Including “personal materials” defined by Article 2 Item 1 of the Personal Data Protection Act of the Republic of China.)

3. Acquisition and Purpose of Use of Personal Information

The Company collects the following types of personal information for each purposes below based on the Individual’s consent. The Company does not obtain personal information from any third parties. Personal information will be used by the Company for a period required for the intended purposes within the jurisdictions of the Republic of China (Taiwan) and Japan, provided that personal information will not be used outside the purpose of use without the consent of the Individual.

(1) Customer Personal Information

(a) Personal information to be obtained

Name, age, gender, date of birth, occupation, residence, telephone number, email address, nationality, passport number, and other information necessary for the purposes of use outlined below.

(b) Purpose of use

  • <1>Perform business for the Services (accommodation, restaurants, shopping, banquets, weddings, catering, etc.).
  • <2> Provide the Services such as online reservations and other ancillary ones.
  • <3> Respond to inquiries, document requests, etc.
  • <4> Notify necessary information related to the Services and announce information required for other business activities.
  • <5> Introduce details related to the Services, for those who have enabled communication by direct mail, email, LINE, and other such communication means.
  • <6> For rewards, promotional campaigns, etc.
  • <7> Understand the usage of the Services and analyze for the purpose of their quality improvement.
  • <8> Exercise the rights and/or perform obligations set forth in laws and regulations as well as accommodation terms and conditions.
  • <9> For the purpose of use made clear at the time of personal information acquisition.

(2) Personal information of job applicants and employees

(a) Personal information to be obtained

Name, age, gender, date of birth, address, telephone number, email address, and other information necessary for the intended purposes outlined below.

(b) Purpose of use

  • <1>Perform agreements pertaining to employment selection and company entry procedures, or other business as required.
  • <2>Employee management (including secondment and transfer).
  • <3>Handle inquiries, document requests, and other such purposes.
  • <4>For various procedures and communication as required by law and/or for operation.
  • <5>For the purpose of use made clear at the time of personal information acquisition.

(3) Personal Information Belonging to Company Partners

(a) Collected personal information

Information necessary within the following purposes of use such as business cards and information related to our partners, etc.

(b) Purposes of use

  • <1>Execute or perform agreements with the Company’s partner and perform other necessary operation.
  • <2>Make announcements related to information about the Company and other information related to our business.
  • <3>Handle inquiries, document requests, and other such purposes.
  • <4>For the purpose of use made clear at the time of personal information acquisition.

4. Handling of Personal Information

(1) Appropriate management of personal information

The Company shall manage personal information as appropriate, take reasonable safety steps such as rational technical measures to prevent the unauthorized access to such information, loss, destruction, alteration, or breach of personal information, and make continuous efforts for revision and advancement of such measures.
Personal information kept by the Company shall, within the necessary scope of the purpose of use, work to maintain it accurate and up-to-date, limit access or handling by employees, and appropriately supervise employees that handle personal information.

The Company shall store obtained personal information on our database or the database of a third-party service provider that we contract.

The Company shall define a period of personal information to be stored within the necessary scope for the purpose of use, unless otherwise specified by law. When the storage period has expired, the Company shall delete stored personal information without delay.

(2) Safety Measures on the Internet

The Company shall use an online reservation system with the following technical safety measures. However, these measures do not ensure an entirely secure online environment.

(a) About SSL

The Website uses Secure Socket Layer (SSL) encryption technology on the personal information entry page so that the Individuals may enter personal information with peace of mind.
SSL encrypts entered data before sending it to registered computers on a network. (SSL is a technology that prevents third parties from intercepting or altering data as it is sent between a browser and WWW server via an encryption and verification process.)

(b) About Cracking Via Unauthorized Access

The Website is protected from external unauthorized access via a firewall and other security measures in an effort to maintain comprehensive data security.

5.Joint Use of Personal Information

The Website may share the following personal information between the Republic of China (Taiwan) and Japan within the scope required to achieve the purpose of use.
Moreover, if there are any separate rules set forth for handling of personal information, each party engaged in the joint use of information shall handle personal information in accordance with such rules.

(1)Joint use of personal information related to the Services (accommodation, restaurants, shops, banquets, weddings, catering, etc.)

(a)Scope of joint use

The corporate organization (“JR Hotel Member”) alliance members, JR Hotel Group Alliance members, JR East Japan Hotels Alliance Members, and Preferred Hotel Group Alliance members.

(b)Purpose of joint use

Provide Services (accommodation, restaurants, shops, banquets, weddings, catering, etc.), online reservations, and other related services.

(c)Items pertaining to joint use

Member number, password, name, age, gender, date of birth, address, telephone number, email address, details of employer, information related to the allocation of points, usage records, and other related information required within the above joint uses.

(2)Joint use of personal information related to the provision of services at all tenant businesses in hotels managed by the Company

(a)Scope of joint users

All tenant businesses in hotels managed by the Company

(b)Purpose of joint use

The provision of Services (accommodation, restaurants, shops, banquets, weddings, etc.) and other related services.

(c)Items pertaining to joint use

Name, age, gender, date of birth, address, telephone number, email address, and other related information required within the above joint uses .

6.Provision of Personal Information to a Third Party

The Company will not provide personal information to any third party without the consent of the Individual, except in the following cases.

(1)Cases in which information is provided to a third party

  • (a)Cases in which disclosure or provision of information is required by law.
  • (b)Cases in which it is required to protect an individual’s life, body, or property, and it is difficult to obtain the Individual’s consent.
  • (c)Cases in which it is required to advance public health or the safe raising of a child and it is difficult to obtain the Individual’s consent.
  • (d)Cases in which cooperation is required for a national or local government body to conduct required public work, and the acquisition of the Individual’s consent poses the risk of hindrance to the work.
  • (e)Cases defined by this Privacy Policy.
  • (f)Cases in which the Individual clearly requests that such information be disclosed or provided to a third party.

(2)Exemptions from liabilities pertaining to provision for third party

The Company is exempted from any and all liabilities related to the provision of personal information to third parties under the following cases:

  • (a)Cases in which personal information is revealed to an accommodation facility, etc. under the Individual’s consent (For cases in which the Individual reveals information such as companion information when the Individual makes an accommodation reservation, it is the responsibility of the Individual to obtain the consent of the companion.).
  • (b)Cases in which the Individual itself reveals personal information to a third party.
  • (c)Cases in which the Individual provides personal information or such personal information is used in an external website linked to the Website.
  • (d)Cases in which a third party obtains information that allows for the identification of an individual without any reasons attributable to the Company (passwords, etc.).

(3)Appropriate management and supervision of contracted third parties

The Company may contract the handling of personal information within the necessary scope of the purpose of use without obtaining the Individual’s consent. In such cases, the Company shall consider the selection of the contracted party, shall execute an agreement regarding the confidentiality between the Company and the contracted party, and shall appropriately supervise contracted parties as well as provide instruction on appropriate personal information management.

7.Transfer of Personal Information Outside the European Economic Area (EEA) and United Kingdom(UK)

Within the required scope of the purposes of use, the Company will transfer and use individual personal information located within the European Economic Area (EEA) and UK to a location outside the EEA and UK on which no adequacy decision is made by the European Commission. In such cases, the Company shall implement appropriate safeguards by executing with the transferee the standard data protection clauses approved by the European Commission . If the Individual wishes to receive a copy of documentation related to these safeguards, please inquire using the contact details in Clause 14. at the end of this privacy policy.

8.Rights of the Provider (Individual) of Personal Information

The Individual has the right to make reference, to request disclosure, delivery of a reproduction, an addition or a revision, suspension of collection, processing, and/or use of personal information, and deletion thereof (hereinafter, “Suspension of Use and Disclosure, etc.”) as set forth in applicable laws and regulations. Moreover, the Individual has the right to withdraw consent even if previous consent to the purpose of use has been given, provided that withdrawal of consent is not retroactive.

[For residents in EEA and UK]
In relation to the EU General Data Protection Regulation (“GDPR”) and UK GDPR, the Individual has certain rights including followings with respect to the personal information held by the Company about the Individual.

  • the right to obtain from us all the information regarding our data processing activities that the Individual concern.
    ・the right to obtain from us confirmation as to whether personal information concerning the Individual are being processed, and, if so, then access to the personal information and certain related information.
    ・the right to rectify or delete personal information, or restrict or object to processing of personal information under certain conditions.
    ・the right to receive personal information concerning the Individual and to transfer that information to another controller.
    *No automated decision-making is conducted within the processing of personal information by our company.
  • The Individual may lodge a complaint in relation to processing of the personal information with the Data Protection Supervisory Authority of the member states of the European Union where the Individual resides or works, or alleged infringement occurs.

    9.Procedure for Suspension of Use and Disclosure, etc. of Personal Information

    The Company, upon receiving a request for Suspension of Use and Disclosure, etc. pertaining to stored personal information, shall respect the intention of the Individual. The Company shall take steps, upon confirming the identity of the requesting Individual, within a reasonable period and within the scope set forth under relevant laws and regulations.

    However, if such action constitutes a violation of law, poses a risk to the life, body, or property of a third party, significantly interferes with appropriate conduct on the part of the Company, if the information in question does not exist, if the identity of requesting Individual cannot be verified, or if the requesting Individual has not paid the prescribed processing fees, then the Company may deny such requests.

    Upon making a request for Suspension of Use and Disclosure, etc. of personal information, please fill out the required request form, provide documents necessary to identify the Individual and any agent acting on behalf of the Individual (hereinafter, “Identity Verification Document(s)”), and apply by sending these documents sealed in an envelope along with the processing fee by registered mail to the help desk below. Requests that do not follow this procedure will not be accepted (including requests made in-person).

    (1) Requests from the individual

    If a request is made by the Individual to whom the personal information belongs, the request form with a signature and seal by the Individual shall be enclosed in an envelope along with the Identity Verification Document, then shall be sent by the registered mail to the help desk below.


    (2)Requests from those other than the Individual

    If a request is made on behalf of the Individual by an agent, the following documents should be sealed in an envelope along with the request form (with a signature and seal by the agent), Identity Verification Document for the Individual and agent, then shall be sent to the help desk below by the registered mail.

    • •Required documents
      Any of the following documents to be enclosed:
      power of attorney [PDF], registered certificate of the personal seal of the Individual who affixed a seal on the power of attorney (within 3 months of issuance of the power of attorney)

    (3)Processing Fees

    A request for notifications or disclosures of the purpose of use may be accepted at processing fee of NTD 200 per request. Please enclose the processing fee with the application form as a postal note.

    (4)Personal Information Help Desk

    【Personal Information Help Desk】
     Location: No. 133, Sec.3, Nanjing E. Rd., Zhongshan Dist., Taipei City, 10487, Taiwan (R.O.C.)
     JREFU Hotel Management & Consulting Co., Ltd. Main Office

    (5)Notification Process for Request Results

    Requesting Individuals shall receive notification in writing by mail (such as mail which only the designated recipient may receive) at their indicated addresses (names and addresses indicated on the request form for disclosure, etc.). If the request made falls under any cases where Suspension of Use and Disclosure, etc. is not accepted, the reason will be included in the notification. Please understand that it may take certain period of time to return a notification.

    (6)Purpose of Use for Personal Information Obtained via the Request for Suspension of Use and Disclosure, etc. of Personal Information

    Personal information obtained via the request for Suspension of Use and Disclosure, etc. of personal information will only be used as necessary and within the scope and period required for the procedure for Suspension of Use and Disclosure, etc. The submitted documents will be appropriately disposed of.

    10.Protection of the Personal Information of Minors

    The Company shall appropriately handle the personal information of minors according to this Privacy Policy. For personal information belonging to minors, it may be necessary to confirm whether the statutory agent of the Individual consents pertaining to the personal information to be provided. If an Individual is under the age of 20, special consideration will be given to the handling of such personal information, including prior clarification to provide personal information upon obtaining statutory agent’s consent for sure.

    11.Use of Cookies

    This Website utilizes cookies in order to fully provide information, services, and optimal use of the Website.「Cookies Policy」For more information, please refer to the

    12.Acquisition of Access Logs

    This site obtains access logs to improve usability and generate statistical data. The Company shall not disclose such access logs to any third party unless otherwise required to by law. If the transmission of access logs is rejected, the Website may not operate properly.

    13.Revision of this Privacy Policy

    The Company will notify users upon revision, enhancement, or other changes to the Privacy Policy on the Website following changes to laws and/or social conditions.

    14.Help desk for inquiries on personal information

    Contact the following location for inquiries regarding this Privacy Policy.

    JREFU Hotel Management & Consulting Co., Ltd. Personal Information Inquiry Help Desk
    Address: No. 133, Sec.3, Nanjing E. Rd., Zhongshan Dist., Taipei City, 10487, Taiwan (R.O.C.)
    Email: info@metropolitan.tw
    Business Hours (Taipei Standard Time): 10:00 - 17:00 (closed on weekends and holidays under Taiwanese laws)
    Personal Information Manager: JREFU Hotel Management & Consulting Co., Ltd. General Human Resource Manager’s Office

    2021.August 6th update