privacy policy
- TOP
- privacy policy
Business establishments managed/operated by Fujiya Hotel Co., Ltd. (hereinafter called the “Establishments,” listed at the bottom) understand the social responsibility to protect the privacy and personal information of the customers.
In order to responsibly protect the personal information of the customers, the Establishments shall set a policy regarding the handling of the personal data (hereinafter called the “Personal Information”) in accordance with the General Data Protection Regulation (hereinafter called the “GDPR”) within this Privacy Policy, protect the Personal Information, and manage/use them appropriately.
The Establishments shall comply with laws, regulations, in-house rules, as well as other provisions pertaining to the Personal Information, and strive to earn the trust of the customers.
Please check the following policy regarding the handling of the information before receiving services from the Establishments.
Kindly note that the Establishments may not be able to offer services if you do not consent or withdraw your consent.
Please also be advised that the terms not particularly defined herein shall comply with and be construed as defined in the Japanese Law.
1. Acquisition of Customers' Personal Information
1-1. Regarding the Acquisition of Personal Information
The Establishments may acquire the Personal Information, such as name, address, and other contact information, from customers who receive services from them.
When acquiring the Personal Information from customers, the Establishments shall clearly state the purpose of acquisition as well as the scope of use to customers, and acquire it to the extent necessary after gaining their consent.
1-2. Regarding the Method of Acquisition
The Establishments shall acquire the Personal Information in the following manner when engaging in businesses relating to but not limited to the facilities and products (accommodation, banquets, wedding ceremony and reception, food and drink, sales of goods, as well as provision and sales of related products, provision of services, implementation of events, etc.).
- Acquire directly from customers
By phone, in writing, by receiving name cards, orally, through the Internet (includes the use of Cookies), etc. - Acquire from those duly-authorized by customers
Those who applied for services, those who introduced customers to the Establishments, travel agencies, business partners, agencies that accept package products, etc. - Acquire from information open to the public
Newspapers, the Internet, phone book, publications, and other written materials, etc.
1-3. Types of Personal Information the Establishments Acquire
The Personal Information that the Establishments acquire and retain include the following.
- Basic information of customers (address, name, gender, date of birth, nationality, e-mail address, phone number, fax number, mailing address, etc.)
- Additional information of customers (profession, workplace information (company name, address, phone number, department, title), wedding date, family information (name, relationship, date of birth), etc.)
- Payment information (credit card number, bank account information, mailing address for invoices, etc.)
- Information on the use of services (use of the facilities, items purchased, etc.)
- Information provided by customers (through e-mail, inquiry form on the website, fax, phone, letters, questionnaires, etc.)
- Information collected through the use of the security system (security camera, card key, etc.)
- Information automatically collected through the websites and applications of the Establishments (cookie, IP address, type of browser, date and time customers visited the websites, etc.)
- Information required in the registration form (address, name, profession, nationality, passport number, age, previous place of stay, destination, arrival date, departure date, guest room, etc.)
- Information required to cater to customers’ requests for guest rooms and leisure activities, special needs for assistance due to health conditions and other reasons, as well as likings, preferences and other lifestyle-related information.
- Information required by the government as well as laws, regulations, ordinances, and other rules
1-4. Regarding the Refusal to Provide Personal Information
Customers are not obliged to provide their Personal Information to the Establishments.
Customers have an invariable right to choose whether or not to provide their Personal Information to the Establishments.
However, if (1) Basic information of customers, (3) Payment information, and (8) Information required in the registration form stated in Aritlce 1-3 are not provided, the Establishments may not be able to offer some of the services.
For instance, they may decline requests for reservations and suspend the use of the services.
1-5. Acquisition of Personal Information
The Establishments do not intend or desire to acquire the Personal Information directly from minors or those who lack appropriate judgment capacity for some reason (hereinafter called the “Minors and Ineligible Individuals”).
Should the Minors and Ineligible Individuals provide the Personal Information of their family and other individuals to the Establishments without the consent of their guardians or legal representatives, please inform the Establishments.
The Establishments shall handle the matter in a cordial manner, including termination of their use of the services and disposal of the Personal Information.
However, please note that if the Minors and Ineligible Individuals wish to use the facilities of the Establishments, their Personal Information shall be retained in accordance with this policy, regardless of them being Minors and Ineligible Individuals, if they are deemed capable of making judgments.
1-6. Sensitive Information
The Establishments shall not obtain information other than the minimum information required to provide hotel services, such as sensitive information (racial/ethnic backgrounds, political orientation, religious/philosophical principles, information related to qualifications of labor union members, genetic data, biological data, health-related data, as well as information related to sex life/sexual preferences) and crime-related information of individuals, unless allowed by the GDPR.
2. Consent of Customers
2-1. Consent
As a general rule, the legal ground for the use of the Personal Information by the Establishments is the consent of customers.
The legal grounds for the use of the Personal Information without the consent of customers are the necessity to execute the contract made with those customers, the necessity to implement the procedures that cater to the requests made by those customers before concluding the contract, the necessity to pursue legitimate interests by the Establishments or third parties, and the necessity to conform to the legal obligations the Establishments must comply with.
The legitimate interests to be pursued by the Establishments or third parties include increased business profit and other benefits due to improved marketing and services as well as upgraded convenience and security of the Establishments’ websites.
2-2. Withdrawal of Consent
Customers can withdraw their consent to the use of their Personal Information any time.
The withdrawal of consent does not affect the legitimacy of the use of Personal Information based on the consent made before the withdrawal.
Customers can withdraw their consent by contacting the Establishments through the withdrawal form on their websites or by making an inquiry to the points of contact for Personal Information related matters.
Please find the “Request Form for Personal Information Related Matters” (PDF file) from here.
* Only Japanese format is available.
Adobe Reader is required to view PDF files.
3. The Use of Customers’ Personal Information
3-1. The Purposes of the Use of Personal Information
The Establishments shall use the Personal Information only within the scope of the purposes of use, and not in any way for purposes other than those stipulated in the following page, or for usages beyond the stipulated scope.
3-2. Types of Personal Information the Establishments Acquire and the Purposes of Its Use
The Personal Information acquired by the Establishments is used for the following purposes.
- For communication, shipment of products, payments and settlements, as well as matters related to the above associated with transactions concerning the facilities of the Establishments, such as hotels and restaurants, and products of the Establishments
- To offer membership services, and to manage various information on membership enrollment for entities including member organizations of our company and member information, etc.
- To respond to messages, such as inquiries and requests, made to the Establishments
- To announce and send information, such as notices, advertisements, and questionnaires, regarding the facilities, tenants, and business partners of the Establishments by email, post, courier, phone, fax, and other means of communication
- To Improve and develop services related to the facilities and tenants as well as products and facilities of business partners of the Establishments and to grasp and analyze status of the use of services for the purpose of marketing, etc.
- To create registration forms, keep them in stock, and preserve them as required by laws and regulations
- To cater to the requests and other needs of customers individually at the Establishments
- To improve services at the Establishments based on the needs of customers
Note that “various information” includes information provided face-to-face as well as by direct mail and e-mail.
When the Establishments intend to use the Personal Information for purposes other than above, they shall clearly state the purposes of use and the scope of use to customers prior to the acquisition and usage of such information. It will be acquired and used after gaining their consent.
3-3. Use of Cookies
“Cookies” are a standard technology on the Internet that identifies customers’ computers.
The Establishments use the information, which is collected by using cookies, associated with websites customers visited to provide appropriate information on the websites, ensure security, and analyze the statistics regarding the maintenance management and status of the use of websites, in addition to accomplishing purposes stated in the previous page, by combining it with other information, such as IP addresses that identify individual customers, types of browsers, and dates and times of visits.
Although cookies can be disabled by changing the settings, all or part of the services on the websites may become unavailable as a result, depending on the browser.
4. Provision and Sharing of the Personal Information to Third Parties
4-1. Provision to Third Parties and Limitation of Sharing
All or part of the Personal Information held by the Establishments shall be provided to or shared with third parties upon obtaining the consent of customers, excluding the cases where the GDPR allows them to do so without consent.
When providing and sharing the information, the Establishments shall select the third parties carefully and request them to manage it properly as they do in accordance with the GDPR.
4-2. Supervision of Trustees
In using the Personal Information of customers, the Establishments may entrust it to third parties within the scope of justifiable use.
The Establishments shall require trustees to strictly manage the Personal Information with the same level of care as they do, and exercise necessary and appropriate supervision.
By concluding a contract regarding matters that must be stated in the articles of incorporation, as stipulated by the GDPR, the information will be used under the safe management measures for Personal Information.
4-3. The Range of Personal Information to be Shared and Its Purposes of Use
The Establishments may share the Personal Information with one another or other entities within the scope of the purposes of use among them. As a general rule, the Personal Information they share include the following.
- Basic information of customers (address, name, gender, date of birth, nationality, e-mail address, phone number, fax number, mailing address, etc.)
- Additional information of customers (profession, workplace information (company name, address, phone number, department, title), wedding date, family information (name, relationship, date of birth), etc.)
- Payment information (credit card number, bank account information, mailing address for invoices, etc.)
- Information on the use of services (use of the facilities, items purchased, etc.)
- Information provided by customers (through e-mail, inquiry form on the website, fax, phone, letters, questionnaires, etc.)
- Information collected through the use of the security system (security camera, card key, etc.)
- Information automatically collected through the websites of the Establishments (cookie, IP address, type of browser, date and time customers visited the websites, etc.)
- Information required in the registration form (address, name, profession, nationality, passport number, age, previous place of stay, destination, arrival date, departure date, guest room, etc.)
- Information required to cater to customers’ requests for guest rooms and leisure activities, special needs for assistance due to health conditions and other reasons, as well as likings, preferences and other lifestyle-related information.
- Information required by the government as well as laws, regulations, ordinances, and other rules
4-4. Entities the Information Above is Entrusted to and Shared with
- Entities that are entrusted with all or part of the operation concerning the handling of Personal Information
- Business partners and trustees entrusted with the operation that provides products and services to customers, including accommodation, food and drink, wedding services, leisure activities, and massage
- Companies that manage and operate the Establishments’ facilities, equipment, and systems, subcontractors, and tenants of the Establishments’ facilities
- Travel agencies, entities engaged in tourism business, event-planning companies, in-house agents, carriers, and other related businesses
- Entities and professionals who provide specialized advice on management, operational management, etc.
- Business contacts, partners, and brokers associated with the Establishments
- Entities that the Establishments share the Personal Information with, in the event it is shared
- Business establishments managed/operated by Fujiya Hotel Co., Ltd.
- Entities that the Establishments provide the Personal Information to, in the event it is provided in accordance with the laws and regulations
5. Regarding the Personal Information and the Handling of Such Information
5-1. Retention of Accurate Personal Information
The Establishments take appropriate measures to keep the Personal Information of the customers accurate and up-to-date.
5-2. Retention Period of Personal Information
The Establishments retain the Personal Information for a limited period of time required to achieve the purposes of its use, and dispose of or anonymize the Personal Information in a safe manner within a reasonable period of time after such retention period has passed.
5-3. Automated Processing
The Establishments shall not make decisions based solely on automated processing of the Personal Information, such as profiling.
5-4. Customers’ Rights to Personal Information
Customers have the following rights against the Establishments, based on the GDPR and other privacy regulations.
Customers are able to exercise these rights by contacting the Establishments through the inquiry form on the websites or by making an inquiry to the points of contact for Personal Information related matters.
In the event these rights are exercised, the Establishments shall process the Personal Information as requested by customers after verifying their identity, generally within a month after receiving requests, unless they fall within the exception stipulated by the GDPR and other privacy regulations.
- Right to Access Personal Information
The right to check if one’s own Personal Information is used, and access such information along with its accompanying information, in the event it is used - Right to Correct Personal Information
The right to correct one’s own incorrect Personal Information - Right to Delete Personal Information
The right to have one’s own Personal Information deleted in certain circumstances - Right to Restrict the Use of Personal Information
The right to have one’s own Personal Information restricted to be used in certain circumstances - Right to Object to the Use of Personal Information
The right to object to the use of one’s own Personal Information based on the legitimate interests pursued by the Establishments or third parties - Right to Data Portability
The right to receive one’s own Personal Information provided to the Establishments in a structured, commonly-used, and machine-readable format, and transfer such information to another administrator without the interference of the Establishments
Please find the “Request Form for Personal Information Related Matters” (PDF file) from here.
* Only Japanese format is available.
Adobe Reader is required to view PDF files.
5-5. Lodging of Complaint to Supervisory Authority
Customers are able to lodge a complaint with the supervisory authority of the country, region, international organization, or any other entities concerning the handling of Personal Information by the Establishments, in accordance with the GDPR and other privacy regulations.
6. Transfer of Personal Information to a Third Country or Other Entities
The Establishments may transfer the Personal Information they obtained within the EU to other countries in order to fulfill the contract they entered into with customers the information belongs to, or implement procedures that would cater to the requests made by those customers prior to closing contracts.
When transferring the Personal Information to a country not deemed to have an adequate level of protection by the European Commission, the Establishments shall transfer it lawfully by incorporating the Standard Data Protection Clauses.
7. Safe Management and other measures for Personal Information
7-1. Compliance to Related Laws and Guidelines
The Establishments comply with the GDPR as well as other related laws, industry guidelines, and other norms.
7-2. Safe Management Measures
The Establishments strictly manage customers’ Personal Information and strive to implement preventive measures against unauthorized access, loss, destruction, falsification, leak, and other undesirable events, as well as safety measures.
7-3. Organizational Structure
The Establishments have taken measures, including the appointment of Personal Information Protection Managers within our company, to consolidate an organizational structure that protects Personal Information.
They have also established an office of internal audit as a part of the internal auditing system.
7-4. Internal Regulations Concerning the Handling and Management of Personal Information
The Establishments have set rules for the handling of the Personal Information and set appropriate standards for acquisition, retainment, utilization, and disposal of the Personal Information, to ensure these are safely operated.
A code of conduct and specific rules have also been set to prevent unauthorized access to the Personal Information as well as loss, destruction, falsification, leak, and other undesirable events of such information.
7-5. In-House Training
The Establishments strive to protect the Personal Information by providing educational trainings concerning the protection of the Personal Information to the employees, and familiarizing them with it.
7-6. Continuous Re-examination of Internal Regulations Concerning Handling and Management of Personal Information
The Establishments re-examine and improve the regulations concerning the handling of the Personal Information and the organizational structure that actually handles them in order to manage them effectively and appropriately on a continuous basis.
8. Modification and Disclosure of this Privacy Policy
This Privacy Policy may be modified as needed to respond to revisions and changes of related laws and regulations as well as the social needs concerning the Personal Information.
In such cases, the Establishments shall disclose the modified Privacy Policy on the websites without delay, and clearly state the latest revision date of the said Policy.
9. A Point of Contact for Inquiries and Opinions
The Establishments have set up a point of contact to respond to inquiries and comments from customers concerning the Personal Information that the Establishments acquired and retain.
After verifying the identities of the inquiring customers or those making inquiries on behalf of customers, the Establishments shall cordially handle the matters within a reasonable and necessary scope.
Please note that it may take several days to reply depending on the content of inquiries and opinions.
Unfortunately, they can only accept inquiries in Japanese.
Announcements regarding this matter and replies to inquiries are provided only in Japanese as well.
[Point of Contact for Matters Concerning Personal Information] Please make inquiries to the following for matters concerning Personal Information.
Office in Charge | General Headquarters, Fujiya Hotel Co., Ltd. |
---|---|
Address | 359 Miyanoshita, Hakone-machi, Ashigarashimo-gun, Kanagawa, 250-0404, Japan |
Phone | 0460-82-0677 (Available Hours: 9:00 AM - 6:00 PM) |
soumu@fujiyahotel.co.jp |
Revised on November 1, 2021
Established on September 1, 2020
The following is a list of the Establishments.
- General Headquarters
- Fujiya Hotel
- Sengoku Golf Course
- Yumoto Fujiya Hotel
- Hakone Hotel
- Hakone Ekiden Museum
- Fuji-View Hotel
- Fruit Park Fujiya Hotel
- Osaka Fujiya Hotel
- Fusion Dining F
- Other facilities managed by Fujiya Hotel (Villa Motosu, Restaurant Sumire-tei, Restaurant Ayame-tei, Ibaraki Golf Club Restaurant)