The hotel group managed by the Sotetsu Hotel Management Co., Ltd. (hereinafter the “Hotel Group”, referring to the hotels and hotel chains described in Exhibit 1) shall work constantly to treat and manage personal information appropriately in accordance with the following Policy by fully recognizing its importance and complying with laws and regulations concerning the protection of personal information.
We ask our customers from the European Economic Area (EEA) to also read the “Additional rules applicable to the handling of personal information of EEA residents” (Exhibit 2.)
1. Collection of personal information
The Hotel Group shall collect personal information for transactions relating to the hotel facilities and products (overnight stays, eating and drinking, parties, commodity sales, and provision of related products and services) and transactions with our business partners utilizing the following methods.
① Direct collection from customers
Phone conversations, documents (including electromagnetic records), business cards, verbal communication, Internet, etc.
② Collection from individuals who have been granted legitimate authority by a customer
Applicants for services, vendors, travel service providers, business partners, package product sellers, and other customer service providers
③ Collection from public sources
Internet and newspapers, telephone directories, books and printed materials
2. Purposes of use of personal information
The Hotel Group shall not use the personal information of its customers for any purpose other than the following unless such other use is required by law or regulation or such other purpose is presented separately.
① Transactions relating to the hotel facilities and products (overnight stays, parties, meals, commodity sales, and provision or sales of related products and services as well as event hosting), communications relating to transactions with our business partners and other transactions, shipping of products and payment/settlement of those costs, and matters relating to the above;
② Management of member information and provision of services to the members of the membership association
③ Response to inquires and requests received by the hotel
④ Creation, installation and preservation of a guest register as prescribed in laws and regulations, etc.
*The Hotel Group cannot provide services unless customers provide relevant personal information.
2) Purposes of use based on the consent of customers
① Notification and sending of information, advertisements, questionnaires, etc. relating to hotel facilities as well as sales activities of tenants and partner companies to customers via e-mail, postal mail, courier services, telephone, facsimile or other means.
② Understanding and analyzing the utilization of hotel facilities as well as the facilities and services of tenants and partner companies, etc., for the purpose of improvement, development and marketing of such services
③ To ensure appropriate provision of information and security on the hotel website, as well as statistical analysis related to the maintenance and management of the website, based on information such as cookies, IP addresses, types of browsers and date and time of access collected through the Hotel’s website.
*With the consent of the customers, the Hotel Group will use personal information for the above purposes of use in order to pursue legitimate interests. Customer’s consent may be withdrawn at any time.
3. Types of personal information
Personal information collected and retained by the Hotel Group shall include the following.
① Basic customer information (address, name, gender, date of birth, nationality, e-mail address, telephone number, facsimile number, and mailing address, etc.)
② Additional customer information (occupation, employment (company name, address, telephone number, department, title), wedding anniversary date, family information (names, relationships, birth dates, etc.)
③ Payment information (credit card number, bank account information, billing address, etc.)
④ Service usage information (facility usage history, product purchase history, etc.)
⑤ Communication details (e-mails, website form entry details, facsimile, telephone notes, letters, questionnaires, etc.)
⑥ Information collected via security systems (security cameras, card keys, etc.)
⑦ Information automatically collected at the hotel website (cookies, IP address, browser type, date and time of access, etc.)
⑧ Hotel register information (address, name, occupation, nationality, passport number, age, previous place stayed, travel destination, arrival time/date, room type, etc.)
4. Management of personal information
The Hotel Group shall strive to maintain accurate and up to date personal information to the extent it is necessary to achieve the purposes of use and shall take necessary and appropriate measures to prevent unauthorized disclosure, loss or damage of such personal information and ensure safe management of such information by appointing persons responsible for and in charge of information management. We will promptly delete any personal information that is no longer necessary.
5. Disclosure of personal information to third parties and joint use
1) Limitations on disclosure to third parties
The Hotel Group shall not disclose or transfer the personal information of any of our customers unless any of the following applies. If we use personal information jointly or transfer personal information due to business outsourcing, such joint use or transfer shall not be considered as disclosure or transfer to third parties.
(1) Disclosure or transfer is agreed to by the customer;
(2) Disclosure or transfer is required to the extent permitted by law;
(3) Disclosure or transfer is required for the purpose of protecting human life, preventing injury or protecting property and consent cannot be easily obtained from the customer;
(4) Disclosure or transfer is pursuant to cooperation with official administration of the national or local government and obtainment of the customer’s consent may prevent execution of such administration;
(5) Disclosure or transfer of statistical data (based on which the customer is not identifiable);
(6) Disclosure or transfer occurs in connection with a business succession including a merger, spin-off or business transfer;
(7) Disclosure or transfer of personal information to hotels outside of Japan that participate in SOTETSU HOTELS CLUB.
2. Joint use of personal information
The Hotel Group is constantly making group-wide efforts to improve our service level, in order to provide high value-added services to our customers. For this purpose, the Hotel Group will jointly use personal information within the scope mentioned below under strict management.
① Parties involved in joint use of personal information
The hotels and hotel chains listed in Exhibit 1.
② Personal information items subject to joint use
The same items described in “3. Types of personal information” in this Policy.
③ Purposes of use by the joint users
The same purposes described in “2. Purposes of use of personal information” in this Policy.
④ Persons responsible for the management of jointly-used personal information
Sotetsu Hotel Management CO., LTD.
6. Collection and use of customers’ histories of visits to and activity on this website
The Hotel Group is placing behavioral targeting advertising *1 and retargeting advertising *2 on specific websites by using programs provided by third-party providers such as ad serving operators.
- *1 Behavioral targeting advertising is a method of distributing advertisements that suit the interests of each user based on his/her search history and website browsing information.
- *2 Retargeting advertising is a method of distributing advertisements to users who have previously visited the website.
Third-party providers such as ad serving operators may collect and use the cookie information *3, etc. of customers who visit our website.
- *3 Cookies refers to a mechanism by which the usage history and input record transmitted between the browser and the server is saved in a text file on the customer’s computer when he or she browses a web page. The cookies configuration varies according to the browser, so please check it by visiting the “Help” menu of the browser you are using.
Cookies information, etc. collected by third-party companies such as ad serving operators shall be handled in accordance with such third-party companies’ privacy policies.
・*Opt-out is the process by which a customer can prevent information about him/her from being identified as specific to a certain browser, by opting out of (refusing) cookies.
7. Disclosure of personal information
The Hotel Group shall promptly respond to the following requests made by the customers themselves, unless prohibited by law, after confirming the identity of the customer and in accordance with the rules of the Hotel Group.
① Purpose of use of personal information
② Disclosure of personal information
③ Correction, addition or deletion of the contents of personal information
(*In the event that the details of the personal information are not factual.)
④ Suspension of use or deletion of personal information
(*In the event that the personal information is disclosed to a third party in a manner that violates the provisions of law.)
⑤ Suspension of disclosure of personal information to a third party
(*In the event that the personal information is disclosed to a third party in a manner that violates the provisions of law.)
9. Inquiries concerning Member’s personal information may be directed to the following:
Business Management Division, Planning Department, Sotetsu Hotel Management CO., LTD.
(Sotetsu Headquarters building 2F) 2-9-14 Kitasaiwai, Nishi-ku, Yokohama, Kanagawa 220-0004 Japan
Phone: 045-319-2566 (Open 9:00 - 18:00, closed on Saturdays, Sundays, and year-end/new year holidays)
The “Hotel Group” in this policy shall mean the following hotels and hotel chains.
- Sotetsu Grand Fresa, Sotetsu Fresa Inn
- THE POCKET HOTEL BY SOTETSU
- Sunroute Hotel Chain
(The generic name of the hotels operated by Sotetsu Hotel Management CO., LTD. or under the franchise or partner agreement with Sotetsu Hotel Management CO., LTD.)
Additional rules applicable to the handling of personal information of EEA residents
1. Handling of personal information
2. Legal basis
The fundamental legal basis underlying the use of personal information by the Hotel Group shall be the customer’s consent. The legal basis for use of personal information without the consent of our customers shall be the necessity to perform an agreement with a customer, the necessity to implement procedures as requested by our customers before executing an agreement, the necessity to pursue legitimate interests sought by the Hotel Group or a third party, or the necessity of the Hotel Group to comply with legal obligations. Legitimate interests sought by the Hotel Group or by a third party refers to an increase in operating profit through marketing and service improvements as well as the improvement of the convenience and security of the Hotel website.
3. Transfer of personal information to a third country
The Hotel Group may transfer personal information collected in a country other than Japan to Japan or any third country (including countries for which the EU has not yet made an adequacy decision) for the purpose of performing an agreement with our customers or implementing procedures as requested by our customers before executing an agreement. When the Hotel Group transfers customers’ personal information to any third country, we will handle customers’ personal information by implementing appropriate security and confidentiality measures.
4. Retention period
5. Customer rights
① Right of the customer to access his or her own personal information
The right to access personal information or attached information if the Hotel Group confirms that the customer's information is being used.
② Right to correct personal information
The right of the customer to correct inaccurate personal information.
③ Right to delete personal information
The right of the customer to delete personal information under certain conditions.
④ Right to limit the use of personal information
The right of the customer to limit the use of personal information under certain conditions.
⑤ Right to file complaints about use of personal information
The right of the customer to file complaints about the use of personal information based on the legitimate interests sought by the Hotel Group or a third party.
⑥ Right of data portability
The right of the customer to receive the personal data provided to the Hotel Group in a structured, commonly used and machine-readable format and to transfer the personal data to any business operator without interference from the Hotel Group.
6. Withdrawal of consent
7. Filing of complaints to authorities
Our customers may file complaints about the treatment of personal information by the Hotel Group with the authorities of the country, region or international organization in accordance with applicable law.
8. Personal information required for hotel stay
The Hotel Group requires the following information in order to provide accommodation services to its customers. In particular, items that must be recorded in a hotel register must be retained for three years under Japanese law. In some cases, the Hotel Group may not be able to provide accommodation services to customers who do not provide this information.
① Basic information (such as name and telephone number)
② Items that must be recorded in the hotel register (Name, address, occupation, nationality, passport no, gender, age, etc.)
9. Personal information of children
If a person under the age of 16 provides personal information, such provision shall be made with the consent of a parent or guardian.
10. Automated decision making such as profiling
The Hotel Group shall not rely solely on automated processes such as profiling of personal information when making decisions.