PRIVACY POLICY & DATA PROTECTION POLICY POLICY

Personal information protection policy

Ⅰ Personal information protection policy

Nomura Real Estate Hotels Co., Ltd. (below, the Company) declares that it shall comply with laws related to protection of personal information and other codes and establish, implement, and maintain voluntary operations and rules in order to ensure appropriate handling of personal information used by the Company in running its business.

  1. The Company, in carrying out this declaration, shall formulate internal rules related to protection of personal information, implement them by making the Company's employees (including directors, employees with an employment relationship, dispatched employees, and others) and other related parties aware of the rules, and improving and maintaining the rules.
  2. The Company shall formulate internal rules on information system security management and implement appropriate information security measures, such as illicit access countermeasures and computer virus countermeasures, in order to prevent elimination, damage, revision, and leaks of personal information.
  3. The following points are fundamental rules on protection of personal information by the Company.
    1. Prohibition of illicit collection

      Collection of personal information shall take place through legal and fair methods and shall not be allowed using wrongful methods.

    2. Prohibition of use other than the main purpose

      Usage of personal information shall be restricted to the scope of the usage purpose and shall not be allowed for utilization beyond the purpose scope.

    3. Ensured safeness

      Handling of personal information shall be conducted safely and input/output, storage, transport, transmission, and disposal in a state that lacks security shall not be allowed.

    4. Prohibition of provision to a third party

      Personal information shall not be transferred to a third party beyond the scope of legal usage without a person's consent. In cases of consigning personal information to a third party as part of consigning business tasks or joint usage of personal information with a third party, a required contract shall be concluded with the subject third party and other legally necessary measures shall be taken.

    5. Respect for the person's rights

      The Company is aware of the rights of the person primarily covered by the personal information to request a halt to disclosure, revision, or use of the person's personal information and shall respond in accordance with procedures defined by laws in dealing with such requests from the person.

Ⅱ Items related to acquisition

The Company shall acquire personal information in the following manner when it conducts transactions related to its facilities and products (such as provision or sale of accommodations, banquet halls, food and drinks, products, and other related products), transactions with allied businesses (below, Alliance Partners), and other transactions (below, Transactions, etc.).

  1. Direct acquisition from the person

    Phone, document (including electromagnetic records), business card, orally, Internet, etc.

  2. Acquisition from a party with legitimate authority from the person

    Usage applicant, introducing party, travel agent, business partner, and package products and other reception businesses.

  3. Acquisition from disclosed information

    Newspapers, Internet, phone book, published materials, and other books.

Ⅲ Items related to the usage purpose

The Company shall use acquired personal information for the following purposes.

  1. Notifications, confirmations, and other contacts related to the transactions, etc., product delivery, fee payment and settlement, and other related items.
  2. Notifications and delivery by phone, facsimile, postal service, home delivery service, e-mail, or other means for the purpose of notification, advertisement, promotion, or questionnaire related to the Company's management and operations or an Alliance Partner's operations.
  3. Statistical compilation and analysts using a computer or other device for the purpose of understanding usage conditions, improvement, and development of facilities, products, and services of the Company and Alliance Partners.
  4. Usage by the Company for management of member information related to various member organizations and services for members.

Ⅳ Items related to consignments and joint usage

The Company shall implement measures to ensure safe management of personal information in consignments of all or a portion of business tasks through conclusion of a contract that includes an obligation to protect and supervise the confidentiality of personal information. There are also cases of joint usage of all or a portion of personal information within the usage purpose scope with related companies and other business operators.
When personal information is provided to consignment partners, the Company's group local entities, or other business operators in other countries, measures shall be taken to manage safety at the same level as Japan based on laws and other provisions. Scope of parties allowed in joint usage and usage purpose (the following contact point (V) shall reply to detailed inquiries)

  1. Accommodations, restaurants, and other package plans

    Use with business operators providing products and services within the hotel.

  2. Membership organization operations, etc.

    Use with business operators providing membership entry related procedures, data registration and management, point services, and other comprehensive services.

  3. Others

    Use with business operations or Alliance Partners that provide comprehensive services, such as business operators serving as agents in sending direct mail or other materials conducted periodically or irregularly.

Ⅴ Items related to disclosure, etc.

The Company shall manage personal information of the person in the most accurate and up-to-date state as possible. It shall disclose registered information if requested by the person. It shall also confirm the content and add to, change, revise, or halt use of registered information if requested because the content is inaccurate or some other reason.

*Please inquire to the various contact points for details on procedures related to requesting disclosure (necessary documents, reception method, person's identity confirmation method, fees, and others).
*Please refer to the section "handling of personal information on the hotel webpage" regarding personal information acquired by the webpage.

Ⅵ Changes in handling content

Content in this notification may change without advance notice due to legal revisions or eliminations, changes in societal norms, or other reasons.

Handling of Personal Information on the NOHGA HOTEL Webpage

Nomura Real Estate Hotels Co., Ltd. (NOHGA HOTEL; below, the Company) recognizes the importance of and shall carefully handle information that can identify the customer (below, personal information) using the webpage that the Company operates.
The Company's webpage may request entry and transmission of the customer's personal information in provision of services. Information received through the Company's webpage shall be rigorously managed in accordance with the "notification on handling of personal information by Nomura Real Estate Hotels Co., Ltd. (NOHGA HOTEL)."
Content presented on the subject page constitutes the fundamental policy of handling personal information on the Company's webpage. Additional points on handling of personal information by individual provided services may be given. In such case, these points shall be separately displayed in the usage rules of individual service notifications and should also be reviewed.

Ⅰ Requests for provision of personal information

The Company shall request input and transmission of customer personal information in the following cases on the webpage.

  1. Lodging reservations
  2. Restaurant usage requests
  3. Requests of various materials
  4. Replies to questionnaires
  5. Others (the Company shall give clear notification of the purpose, content, and handling of personal information if it receives a customer's personal information in a case other than above-mentioned services)

Ⅱ Usage purpose for personal information

Personal information received from the customer shall only be used in the following cases on the Company's webpage. It is not used in ways other than the purpose for which personal information is provided by the customer.

  1. Need for the Company to contact the customer for some reason
  2. Analysis aimed at improvement of the Company's webpage or the Company's services and products (even if this is done, the analysis only conducts statistical processing and there is no use to identify individual customers)
  3. Request for consent or disclosure from the customer

Ⅲ Scope of collecting personal information

Personal information received by the Company from customers shall only be the minimum information needed in service provision and provision of other information is not a requirement for service provision. (Items covered by minimum required information from customers shall be clearly indicated, such as with a mark.)

Ⅳ Preservation of personal information

Personal information received from customers shall only be preserved as a record of the provision of requested service and shall be deleted after passage of a certain period.

Ⅴ Provision and disclosure of personal information

Personal information received from customers shall be handled carefully and not disclosed to third parties other than in the following cases.

  1. 「Ⅰ.」Business consignment partner with a confidentiality obligation related to I. or system maintenance and management
  2. Case of consent from the customer
  3. Case of a request based on laws

Ⅵ Safety measures

  1. To ensure the safety of personal information, the Company shall implement rational safety measures from the standpoint of management and operation and systems to prevent illicit access and loss, destruction, revisions, and leaks.
  2. Information collection on the webpage
    Information collection on the webpage shall not be used for any purposes besides statistical processing to enhance service quality and surveys to discover the source of illicit access or other problems.

Ⅶ Personal information for link destinations

The Company's webpage offers links to the websites of other companies and organizations for the purpose of provision of useful information and services to customers. The Company does not bear any responsibility for personal information collection and handling by the websites of link destinations. Customers should make their own judgments in use of these websites.

Ⅷ Changes in the content of the "handling of personal information by Nomura Real Estate Hotels Co., Ltd.'s (NOHGA HOTEL) website"

Notification shall be given on the Company's website in the case of changes in content on the subject page.

Ⅸ Inquiries

Inquiries on the handling of personal information on the NOHGA HOTEL website

Nomura Real Estate Hotels Co., Ltd.
NOHGA HOTEL AKIHABARA TOKYO
〒101-0021
3-10-11 Sotokanda,Chiyoda-ku, Tokyo 110-0021
+81 3 6206-0569

Handling of Personal Information on the NOHGA HOTEL News@mail

While handling of customer personal information from the Company's webpage adheres to the policies presented in "handling of personal information from the NOHGA HOTEL website," use of the NOHGA HOTEL NEWS LETTER requires registration of customer information, including personal information. As additional items in handling personal information, the Company therefore has defined the NOHGA HOTEL NEWS LETTER usage rules and defined the following handling policy. Please read the policy and give your consent.

Ⅰ Registration of customer information

Use of the NOHGA HOTEL NEWS LETTER requires registration of customer information, including personal information. Information received from the registration (below, registered information) shall be carefully managed in accordance with the policy defined for "handling of personal information from the NOHGA HOTEL website" and the following policy (additional items).

Ⅱ Purpose of registering information

Information received by the registration shall be utilized in accordance with "handling of personal information from the website" and only for provision of the NOHGA HOTEL NEWS LETTER service.
However, there might be case of use in selection of provided product information that is useful to the customer based on the registered customer information and webpage usage.

Ⅲ Deletion of registered information by Nomura Real Estate Hotels Co., Ltd. (NOHGA HOTEL)

Registered information may be deleted in a case when e-mail cannot be sent because of a change in information from what was registered by the customer or registration mistakes.
Please provide an update using the above-mentioned method as quickly as possible when the registered information changes.

Nomura Real Estate Hotels, Co. Ltd - Data Protection Policy

Nomura Real Estate Hotels, Co. Ltd ("NREHTL", "us", "we", "our") attaches great importance to the protection of privacy.
Therefore, we hereby implement and maintain the Data Protection Policy.
The Data Protection Policy commits to protect the information about all individuals located in the EU/EEA (referred to as "personal data"), both when they reserve rooms at
our Nohga Hotel (the "Hotel") via our website or otherwise and as hotel guests and to only process it in accordance with the provisions below.

As part of our commitment to protect your personal data, this Data Protection Policy explains:

  • which personal data we collect and process about you;
  • why and how NREHTL collects and processes your personal data, for how long and on which legal basis;
  • who has access to your personal data and where;
  • our role as the legal entity deciding about the processing of your personal data (referred to as "controller"); and
  • what your rights and our obligations are in relation to such processing.

Ⅰ What type of personal data do we collect and process?

We collect and process the following personal data about you:

  • identification information
    (e.g. name, gender, company name, email address, home/company address, fixed and mobile phone number, date and place of birth, picture, nationality, passport and visa information);
  • the information relating to your booking for and stay at the Hotel
    (e.g. dates of arrival and departure, number of guests and affiliations, goods and services ordered during your stay, any special requests,
    observations about your service preferences including room and vacation preferences and more generally, any communications you have with us);
  • the payment information (e.g. payment method, credit card number and account details);
  • any information necessary to fulfil special requests (e.g. dietary requirements, health condition for which specific accommodation needs to be arranged, shuttle reservation);
  • any marketing related information (e.g. results of surveys, information included in answers to our promotional offers); and

any information provided by third parties with whom we do business such as travel agents or booking intermediaries (e.g. the time and location of order).
Through our website, we also collect and process:

  • electronic identification data (e.g. user account and password, device identifier and IP address);
  • technical information collected by cookies
    (e.g. type and version of browser and operating system, the type of device connected, information regarding the pages visited, the information researched,
    the time spent on our website, the time when and area / country from which the website is accessed, the number of users on the website at any given time, the ratio of users leaving the website without
    conducting a registration and other statistics regarding the browsing experience on our website); and
  • information regarding your preferences on our website.
  • This information may either be directly provided by you, by the legal entity for whom you work
    (e.g. if your employer reserve a room for you) or by a third party making the reservation for you (e.g. your local travel agent or online travel agents such as Booking.com or Expedia).
  • To the extent authorised by law, we may also process so-called sensitive data,
    such as health related data stemming from dietary or disability related requirements.
    NREHTL will only do so as strictly required to satisfy your specific request and only with your prior consent.
    In such case, the data will be accessed and processed solely under the responsibility of a representative of NREHTL who is subject to a statutory or contractual obligation of confidentiality.
    Whenever personal data about you is collected (e.g. through the use of a standard form on our website),
    we will indicate whether the provision of such data is mandatory (e.g. with an asterisk) and the consequences of your refusal to provide the requested personal data.

Ⅱ which legal basis and for which purposes do we process personal data?

  • Legal basis for the processing

    We only process your personal data provided:

    • such processing is necessary to comply with our legal or regulatory obligations; or
    • such processing is necessary to perform our contractual obligations towards you or to take pre-contractual steps at your request; or
    • we have obtained your prior consent; or
    • such processing is necessary to protect your vital interest; or
    • such processing is necessary for the legitimate interest of NREHTL to the extent it is not overridden by your own interest or fundamental rights and freedom.

      In relation to the processing of your personal data, our legitimate interests are:

      • to benefit from cost-effective services (e.g. using platforms operated by third party suppliers);
      • to prevent fraud or criminal activity, misuses of our website as well as the security of our IT systems, architecture and networks; and
      • to meet our corporate and social responsibility objectives.
  • Purposes of the processing of your personal data

    We process your personal data for specific purposes and only to the extent relevant to achieve these purposes. In particular, we process your personal data for the following purposes.

    • to manage our customers;
    • to implement tasks in relation to your reservation and the corresponding preparation of your stay at the Hotel and provide you with a better or more personalized level of services;
    • to provide and charge for hotel accommodation and other goods and services and facilitate services on your behalf, such as restaurant and transportation services;
    • to fulfil contractual obligations to you or anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers or your employer)
      and vendors (e.g. credit card companies, airline operators and third party loyalty programs);
    • to provide for the safety and security of staff, guests and other visitors;
    • to manage our IT resources, such as infrastructure management & business continuity;
    • to manage our archiving and records;
    • to track our activities (measuring sales, number of calls, visits to our website, etc.);
    • to improve the browsing experience on our website;
    • for invoicing purposes;
    • to improve our existing services (or those under development) by means of customer and non-customer surveys, statistics and testing;
    • to preserve our economic interests;
    • to reply to any official request from a public or judicial authority in compliance with legal requirements;
    • more generally, to comply with our legal, accounting and tax obligations in relation to your reservation and stay at the Hotel;
    • to periodically send promotional emails about our products, special offers and information which you may find interesting, using the email address which you have provided (if any); and
    • to carry out mergers and acquisitions and other investments or divestments involving NREHTL or the Hotel.

Ⅲ Who has access to personal data and with whom are they shared?

  1. Within our group

    We may transfer personal data to affiliated companies of NREHTL.

    Such affiliated companies may either act as another independent controller or process your personal data on our behalf and upon our request (thereby acting as processor).

    In all cases, the personal data will be processed only for the purposes set out in Section 2.2.

  2. Outside our group

    We may also transfer personal data to third parties, acting as processors, to achieve the purposes listed in Section 2.2 on our behalf, to the extent they need it to carry out the instructions

    we have given to them. We do not transfer personal data to these third parties for commercial use.

    Such third parties include our (IT) systems, cloud service, data centre and database providers, website providers and consultants relevant to our business activities.

    As processors, these third parties must enter into an agreement with us to process your personal data prior to having access to your personal data.

    Where required, we may also transfer your personal data to:

    • any third party to whom we contractually assign or novate any of our rights or obligations related to the processing of your personal data; and
    • any national or international public or judicial authority, where we are required to do so by applicable law or regulation or at their request, in compliance with law

    both categories of recipients above acting as controllers.

  3. Transfers outside the European Economic Area

    The personal data transferred within or outside our group, as set out in Sections 3.1 and 3.2, will be processed in countries outside the European Economic Area ("EEA") (i.e. the EU Member States plus Iceland, Liechtenstein and Norway).

    In particular, your personal data will be transferred to Japan and may be transferred to other countries where the recipients listed above in Sections 3.1 and 3.2 are located.

    If your personal data is transferred outside the EEA to a country that has not been recognised by the EU Commission as offering an adequate level of protection for personal data,

    we will put in place the legally required safeguards or rely on the relevant legal derogations to ensure such transfer is carried out in compliance with the applicable law.

    Such safeguards may include the entry into the standard contractual clauses as approved by the EU Commission prior to such transfer to ensure the required level of protection for the transferred personal data.

    You may request additional information in this respect and obtain a copy of the relevant safeguard by exercising your rights as set out below.

Ⅳ How long do we store your data?

We will only retain your personal data for as long as necessary to fulfil the purpose for which it was collected and to comply with our legal and regulatory obligations, after which your personal data
will be promptly removed from our systems. Notwithstanding the above, whenever your personal data is processed in the context of a dispute,
it will not be deleted until (i) an amicable settlement has been reached, (ii) a decision in last resort has been rendered and enforced or (iii) the claim becomes time barred.

In addition, we will hold your personal data collected in the framework of our website operation for a period of three years following your visit to our website. How do we use cookies on our website ?

Ⅴ Cookies are small text files that are sent to your computer when you visit our website. We use cookies for the purposes set out above and in accordance with this policy.

We use third-party analytics cookies (i.e. cookies tracking our website's statistics) for the purposes of identifying and recording which pages of the website you access,
collecting the information detailed in Section 1 and improving your browsing experience on the website.

We do not use cookies to track individuals or identify them. Personal data generated through cookies are collected in a pseudonymised form and subject to your right to object to such data processing, as set out below.

Data collected through cookies will remain on our system for maximum of three years from the last use of the website by a given user and will be removed from the system thereafter.

Please note that you can modify your browser settings so that it notifies you when cookies are sent to it. If you do not want to receive cookies, you can also refuse cookies altogether by activating the relevant settings on your browser.

Finally, you can also delete cookies that have already been set. Please note however that blocking cookies may affect certain features of the website or your browsing experience.

For more information as to how to manage cookies on your device, please consult the Help function of your browser or visithttp://www.aboutcookies.org,which contains comprehensive information on how to manage cookies on a wide variety of browsers (link is external).

Ⅵ What are your rights and how can you exercise them?

  1. Your rights

    Within the limits and under the conditions set forth in the law, you have the following rights:

    • to access your personal data as processed by us and obtain a copy thereof;
    • to request any correction or update thereof;
    • to request the erasure of your personal data;
    • to request the restriction of the processing of your personal data;
    • to withdraw your consent where NREHTL based its processing of your personal data on your consent (without such withdrawal affecting the lawfulness of prior processing);
    • to object to the processing of your personal data;
      to request the portability of your personal data (i.e. to obtain the personal data you have provided to NREHTL in a structured, commonly used and machine-readable
      format and/or to request the transmission of such personal data to a third party, subject to compliance with your own confidentiality obligations).
  2. Exercising your rights

    上To exercise the above rights, you may send a request by email to Privacy@nohgahotel.com, with a scan/copy of your identity card or passport for identification purpose.

    We will respond in compliance with applicable law. If you are not satisfied with how NREHTL processes your personal data, please let us know and we will investigate your concern.

    You also have the right to make a complaint to the competent data protection authority.

Ⅶ Update of this Policy

This policy may be subject to amendments. Any future changes or additions to the processing of your personal data as described in this policy will be communicated to you through an appropriate channel,
depending on how we normally communicate with you.

NOHGA HOTEL Social Media Policy

Nomura Real Estate Hotels Co., Ltd. (NOHGA HOTEL; below the Company) has defined the following rules for permanent or temporary establishment and use of the Company's official account (below, official account) on social media (media created for the purpose of users transmitting information on the Internet, including Facebook, Twitter, and YouTube). Items defined in these rules shall apply to the Company's official account and users of related services (below, users).

Ⅰ Operating policy

  1. The Company understands that information transmitted over social media is disclosed to an undefined large number of people and that information cannot be completely deleted since it has been sent. It hence shall transmit information in a cautionary manner.
  2. The Company shall listen to comments from users and strive to act responsibly.
  3. Besides various laws and this policy, the Company's employees (including directors, employees with an employment relationship, dispatched employees, and others) shall comply with privacy policies and internal rules on social media usage defined separately by the Company.
  4. The Company does not reply to content sent by users as a general rule. Depending on the content, however, it may reply through the official account or direct reply to the user if deemed necessary by the Company.

Ⅱ Usage purpose

The purpose shall be sharing information with customers and invigorating business activities through transmission of the Company's sales promotion information and information on various episodes.

Ⅲ Content of transmissions from the Company

Content transmitted by the Company through the official account shall be restricted to sales promotion information on the Company's related products, services, events, and other promotions, historical episodes, and general items related to sales promotions (such as local traditions and events). Company information, financial information, and other official announcements shall be transmitted on the "company information page" of the Company's website and through news releases.

Ⅳ Transmission prohibited items for the Company and users

The Company prohibits transmission of the following transmission prohibited items on the official account and shall delete the transmitted content at the Company's discretion in cases of transmissions by users that represent transmission prohibited items.

  1. Content that infringes upon the human rights or privacy of users or the Company's employees
  2. Content that infringes upon the rights or property of the Company, users, or third parties or is slanderous
  3. Other content that the Company deems to be inappropriate for posting

Ⅴ Exemption items

  1. The Company may interrupt or suspend operation of the official account or change information without prior notice.
  2. The Company does not bear any responsibility, regardless of the reason, for damages caused by use of or inability to use the official account or any damages caused by interruption or suspension of operations or changes in information.

Ⅵ Agreed jurisdiction

The Tokyo District Court shall be the exclusive court of jurisdiction for the first hearing related to any conflicts arising from social media usage.

Ⅶ Company's official social media accounts

Facebook page
Instagram

Ⅷ Inquiries

Inquiries on the handling of personal information on the NOHGA HOTEL website

Nomura Real Estate Hotels Co., Ltd.
NOHGA HOTEL AKIHABARA TOKYO
3-10-11 Sotokanda,Chiyoda-ku, Tokyo 110-0021
+81 3 6206-0569

Request to Customers Regarding Use of the Company's Official Social Media

Transmission and submission content

  1. Information transmissions on the Company's official social media accounts do not guarantee that it is an official announcement or opinion. Please refer to the Company's webpage or NOHGA HOTEL NEWS LETTER.
  2. The Company shall delete transmission content at its own discretion in cases of transmissions that come under the following transmission prohibited items.
    1. Content that infringes upon the human rights or privacy of users or the Company's employees
    2. Content that infringes upon the rights or property of the Company, users, or third parties or is slanderous
    3. Other content that the Company deems to be inappropriate for posting

Response to replies and inquiries

As a general rule, the Company does not respond to inquiries and replies over social media.