PRIVACY POLICY

PERSONAL INFORMATION PROTECTION POLICY

1. Purpose of Use of Personal Information and the Legal Basis for Use
(Guests’ personal information)
Palace Hotel Group (“PHG”) will use guests’ personal information, based on consent of the guests or where the use is necessary for the performance of a contract for the following purposes;
・ For responding to various inquiries and requests for various information on hotel services or properties
・ For acceptance of reservations for hotel and provision of hotel services
・ For acceptance of reservations for food and beverage outlets and provision of these services
・ For acceptance of reservations for banquets, functions or other services or products and provision of these services
・ For acceptance of reservations for personal training or other services or products and provision of fitness services
・ For delivery services of email newsletters
・ For responding to applications for our campaigns or answers to our surveys
・ For statistical operations such as grasp and calculation of your past usage for the purpose of improving our services
・ For improving our services in other areas

(Business partners’ personal information)
PHG will use business partners’ personal information, based on consent of the data subject or where the use is necessary for the performance of a contract for the following purposes;
・ For provision of our services for guests
・ For the performance of a contract between business partners and PHG
・ For responding to various inquiries from business partners
・ For informing business partners about the guidance of our products or services

2. Sharing Personal Information with or Disclosing Personal Information to Third Parties
We will never share your personal information with nor disclose it to third parties except when;
・ We disclose the information for use as stated in the above 1 of this Policy, to our outsourcing agents with whom PHG has concluded secrecy agreements.
・ We have your consent to disclose your personal information.
・ We receive legal request from such public institutions as courts or other law enforcement agencies.

As additional information, we outsource some system operations including management and storage of personal information to a United States company, and we have concluded a contract with the company regarding strict information security management. (The Personal Information Protection Commission in Japan reports that the United States is one of the countries with a certain level of personal information protection.)

3. Storage Period of Personal Information
In the event that the storage period stipulated by laws has expired or if the use is no longer necessary for the achievement of the use objectives described in the above 1, we will delete the personal information without delay.

4. Establishing and Maintaining Compliance Program
PHG is committed to establishing a compliance program that obligates its directors and employees including staff members from outsourcing personnel agents, etc. (“the employees”).

5. Appointment and Authorization of Personal Information Administrator
PHG appoints a Personal Information Administration Officer for each hotel who is in charge of PHG’s personal information protection. The authority of such Officer is to be clearly defined in the corporate organization and the Officer is to receive organizational support so that he or she may be able to properly manage the responsibility of personal information protection.

6. Establishing In-house Rules & Regulations
PHG establishes in-house rules and regulations to protect the privacy of personal information and establishes a clear policy for handling personal information. PHG notifies all the employees that their leakage of information and similar acts shall be subject to severe penalties.

7. Information Security Measures
PHG is determined to take necessary measures both for maintaining accurate and secure personal information and for preventing improper access to, loss, destruction, falsification and/or leakage of personal information.

8. Reviewing and Improving of Outsourcing System
PHG continues to review and improve its outsourcing procedures, in order to ensure the security of the privacy of personal information. In concluding contracts with outsourcing agents, PHG thoroughly reviews its outsourcing agents from the viewpoint of their qualification and capability to protect personal information.

9. Compliance with Laws and Regulations
PHG declares its strict compliance with the governmental laws, guidelines and standards concerning protection of personal information.

10. Intensified Education of the Employees
PHG educates all the employees who handle personal information so that they fully understand the importance of information security.

11. Reviewing and Improving of Internal Auditing Function
PHG continues to review and improve its internal auditing function by introducing an organizational mechanism to review whether the systems and procedures for protecting personal information are properly operated or not.

12. Disclosure, etc. of Retained Personal Data
If you or your attorney request us to disclose the retained personal data, PHG will respond to such requests without delay except as otherwise provided under the following cases;
・ Cases in which the disclosure, etc. is likely to harm the rights and interests, property, body or life of a person or a third party.
・ Cases in which the disclosure is likely to interfere with the proper execution of our businesses.
・ Cases in which the disclosure is violation of the law.

PHG will investigate and respond to following requests regarding retained personal data when;
・ You or your attorney request us to correct, add or delete such personal data because the contents are contrary to fact.
・ You or your attorney request us to disuse, erase or suspend the provision to a third party because such personal data is handled in violation of the law,such personal data is no longer necessary to use, or there is a risk that your rights and interests will be harmed.
・ You or your attorney lodge complaints, objections, etc.

You can withdraw your consent to the use of personal information at any time.

If you have any inquiries, please contact us at the following contact point;

Personal Information Administration Officer
Palace Hotel Co., Ltd.
1-1-1 Marunouchi, Chiyoda-ku, Tokyo, 100-0005, Japan
e-business@palacehotel.jp

A data subject can lodge complaints with the Personal Information Protection Committee and other supervisory authorities regarding the use of personal information.

April 2022
Palace Hotel Co., Ltd