Within the Ishin Hotel Group (the “Company”), the Company observes and strictly implements the following in relation to individual information that it obtains:
Law relating to Protection of Individual Information (Law No. 57 of 2003)
Ordinance relating to Protection of Tokyo Metropolitan City Individual Information (Ordinance No. 113 of 21 December 1991)
“Requirements for compliance program on personal information protection” by the Japanese Industry Standards Committee (JIS Q 15001)
“Guidelines for Japanese Hotel Association Individual Information Protection” by the Japanese Hotel Association.
For this purpose the Company has produced a Compliance Program for individual information and protects individual information in accordance with it.
This Compliance Program for individual information is checked and revised once every year and efforts are made to regularly improve it. In addition to the regular checks, measures are promptly taken if any defect is found in the Compliance Program.
The specific policy of the Company in relation to the handling of individual information is as set out in 1 through 7 below as well as the various separate policies (the “Various Separate Policies”) set out at the end of this Individual Information Protection Policy.
As well as appointing two directors of the Company each respectively as Individual Information Protection Administrator and as Individual Information Protection Inspector, the person in charge of each respective business division is made an administrator for the handling of individual information and each person responsible for the work in each business area is required to protect individual information.
Certain personnel are appointed as Education Officer and Complaint Handling Officer and each respectively handles education/training within the company and complaints.
As well as making employees of the Company (including secondees and loaned personnel) strictly observe the Compliance Program in relation to individual information, if there is a violation of the program, or leak, loss or damage of individual information, the employees are required to promptly report the matter. The facts surrounding the matter are then confirmed and necessary measures are taken so that the matter is not repeated.
2. Matters requiring notice for consent
Notice of the following matters is given to the individual when consent of the individual in relation to the individual information is required:
The specific purpose of use of the individual information within the Company.
Whether or not entrustment to handle the individual information is made, and if entrustment is to be made, the nature and scope of the entrustment.
Whether disclosing the individual information to a third party is made, and if such disclosure is to be made, the identity of the third party, the contents of the individual information that is to be disclosed and method of disclosing the individual information.
Who to contact in relation to the handling of the individual information.
3. Obtaining individual information
When individual information is obtained directly from the individual the purpose of use of the information is previously disclosed and the information is obtained only after the individual’s consent is obtained.
When the Company receives an entrustment from a third party in relation to handling individual information, the Company does not use the information for purposes outside the scope of the entrustment agreement.
When receiving a supply of individual information from a third party, the Company confirms the purpose of use of the information and whether the individual has consented to the supply to the Company. If the individual’s consent has not been obtained, the Company does not accept the supply of information until the individual consents to the supply.
When obtaining individual information that has been made public, the Company will use this information for the publicly disclosed purposes of use in the Various Separate Policies and if the Company uses this information for a purpose outside the publicly disclosed purposes of use the Company will promptly give notice to the individual.
The Company uses individual information in accordance with the purpose of use. If the purpose of use changes, the Company obtains consent from the individual who is the subject of the information.
In relation to controlling safeguards against the risk of unauthorized outside access, the Company endeavors to prevent unauthorized access by third parties to individual information in response to the risk of individual information violations as prescribed in the Company’s “Information Security Basic Policy”.
Even within the Company, the scope of people who may use individual information is restricted to that which is necessary based on the type of their business area. The Company strives to have a system which prevents unnecessary use of individual information.
Measures are taken based on the risks and purpose of use of individual information in each area, including the sending and destruction of individual information.
The Company shares the use of individual information of customers among Ishin Hotels Group.
1.Items of individual data that have shared use:
Name, telephone number, email address, residential address, sex, date of birth, other special dates and company name
2.Purpose of use of shared users:
(i) Electronic distribution of the email magazine which provides information on products and services of the company that are thought to be of current or future benefit to customers.
(ii) Questionnaires and access log analysis to improve the Company’s home page, as well as its services and products.
3.Name(s) of personnel responsible
for the control of shared individual information:
President and Chief Executive Officer
If the Company entrusts the handling of individual information to a third party, the Company selects a third party entrustee who can satisfy sufficient individual information protection standards. The Company further enters into a privacy protection agreement with the entrustee which stipulates whether or not the entrustee may re-entrust the personal information, specifies the responsibilities of the parties if a problem arises and contains provisions on the return/destruction of the individual information at the time of completion of the agreement. The Company also performs appropriate administration and monitoring of the entrustee.
6. Disclosure to third parties
If the Company discloses individual information that it administers to a third party, this is done with the consent of the individual. The individual’s consent is obtained at the time the individual information is obtained from the individual or prior to disclosing the individual information to the third party. The following are exceptions to this practice.
Where the disclosure is made in accordance with the law.
Where it is necessary to protect a person’s life, body or property and obtaining the consent of the individual is difficult.
Where it is especially necessary to improve public hygiene or improve the healthy rearing of children and, in addition, obtaining the consent of the individual is difficult.
Where it is necessary to co-operate in performing administrative duties in accordance with the law of the national government or local public bodies and, in addition, there is a risk that obtaining the consent of the individual would impede the administrative duty.
Determining whether these exceptions apply falls under the responsibility of the Individual Information Protection Administrator.
7. Release, correction and destruction of individual information
The Company responds to requests from the individual release, correct or destroy the individual information in accordance with the rules set out in the Various Separate Policies or prior notices to the individual. The method of accepting disclosure requests, method of Company response, time period for responding to requests, fees etc is set out in the Various Separate Policies or prior notices to the individual.
If you have any questions on the Company’s Individual Information Protection Policy, Various Separate Policies or any other aspect of the handling of individual information, please contact the Company/division person in charge of individual information protection in the Company’s Business Development Head Division (the details are set out below):
Telephone : 03-5733-7733
9:30 – 18:00 (Weekdays)
Facsimile : 03-5733-7734
Available 24 hours
What are Cookies?
A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your computer’s hard disk so that the website can recognise you when you revisit and remember certain information about you. This can include which pages you have visited, choices you have made from menus, any specific information you have entered into forms and the time and date of your visit.
Types of Cookies
There are two main types of cookies:
- Session cookies: these are temporary cookies that expire at the end of a browser session; that is, when you leave the site. Session cookies allow the website to recognise you as you navigate between pages during a single browser session and allow you to use the website most efficiently. For example, session cookies enable a website to remember that a user has placed items in an online shopping basket.
- Persistent cookies: in contrast to session cookies, persistent cookies are stored on your equipment between browsing sessions until expiry or deletion. They therefore enable the website to “recognise” you on your return, remember your preferences, and tailor services to you.
In addition to session cookies and persistent cookies, there may be other cookies which are set by the website which you have chosen to visit, such as this website, in order to provide us or third parties with information.
We currently use, and may use in the future, cookies on our website. Cookies allow us to provide a customized experience. This is a common practice on most commercial websites.
By accessing our website, you agree that we can place cookies in your device. These cookies include domain information that is used to maintain aggregate website data and aids us to learn about the online behaviour of our guests, including how often they visit our website and their click-through behaviour on our website. This information is used to improve our website’s content and navigation for our guests and to personalize our guests’ online experience.
We use session cookies to help us maintain security and verify your details whilst you use the website as you navigate from page to page, which enables you to avoid having to re-enter your details each time you enter a new page. We use persistent cookies to collect and compile anonymous, aggregated information for statistical and evaluation purposes to help us understand how users use the website and help us improve the structure of our website.
Refusing Cookies on this site
Most browsers are initially set to accept cookies. However, you have the ability to disable cookies if you wish, generally through changing your internet software browsing settings. It may also be possible to configure your browser settings to enable acceptance of specific cookies or to notify you each time a new cookie is about to be stored on your computer enabling you to decide whether to accept or reject the cookie.
Ishin Hotels Group K.K. President and Chief Executive Officer
Enacted :1st April 2005