Privacy Policy

Nara Hotel Co., Ltd. (hereinafter referred to as "The Company") has established this privacy policy and the organizational system on the handling of the personal information of all stakeholders (customers, job applicants, external business partners of The Company, etc.) who use the corporate website of The Company (hereinafter referred to as "The Website") and strives for the appropriate protection of personal information.

  • Acquisition of personal information
    The Company acquires the following personal information for the purpose of providing services or business operations of The Company. The Company acquires personal information within the scope of its intended purposes of use and clearly explains purposes of use, the scope of utilization, and the inquiries office of The Company, etc.
  • Prohibition on the use of personal information beyond the intended purposes and the provision of personal information to third parties
    The Company uses personal information within the scope of its intended purposes of use, appoints a Personal Information Protection Manager and has established the organizational system for the protection of personal information. The Company deals with personal information adequately and does not provide or disclose personal information to third parties without the consent of Persons Concerned or request by laws and regulations.
  • Assigning of personal information
    In case that The Company entrusts all or part of personal information, The Company prohibits entrusted persons from leaking or providing personal information to third parties by contract and supervises entrusted persons appropriately.
  • The rights of Persons Concerned
    The specific individuals identified by personal information (hereinafter referred to as "Person/s Concerned") have the right to withdraw their consent to the use of personal information at any time even if they had consented to the intended purposes before. In addition, Persons Concerned have the right to request The Company for a utilization cease, disclosure etc. of the retained personal information pursuant to the provisions of applicable laws.
  • Procedures of a utilization cease, disclosure etc. of personal information
    In case that Persons Concerned request The Company a utilization cease, disclosure etc. of the retained personal information, they shall contact the inquiries office specified by The Company. The Company shall respond as soon as reasonably possible.
  • Observance of laws and regulations
    The Company will continuously evaluate and review this privacy policy and the systems for the protection of personal information. The Company will maintain and improve the actions for the protection of the retained personal information.
  • The review and improvement of the system for the protection of personal information
    We will regularly evaluate and review this Privacy Policy and our personal information protection system, and maintain and improve our efforts and protection activities as described above.
  • Handling personal information by link destinations
    The Company shall bear no responsibility with regard to the handling of personal information by other entities or individuals linked to The Website.
  • Management of Personal Information
    ・In the event that a portion of the personal information obtained is managed in the database of a third-party service provider outside of Japan with whom we have a contractual relationship, we will implement security control measures based on our knowledge of the system for the protection of personal information in the country concerned.
    ・Unless otherwise stipulated by law, we will retain personal information to the extent necessary for the purpose of use and delete such personal information without delay after the retention period has passed.

  • The term "personal information" in this privacy policy means information related to a living individual that can identify a specific individual by name, date of birth or other description contained in. (This includes the "personal information" defined by Article 2(1) of the Act on the Protection of Personal Information.)

The Company acquires and uses the following personal information for the following intended purposes. The Company does not use personal information beyond the scope of intended purposes of use without the consent of the Persons Concerned.

  • Personal information of customers
    1. Personal information acquired
      Name, age, gender, date of birth, occupation, address, telephone number, email address, nationality, passport number and other information necessary for the following purposes of use.
    2. Purposes of use
      1. For performing works required to provide services at The Company (accommodation, restaurants, shops, banquets, wedding receptions, catering).
      2. For offering on-line booking and other related businesses.
      3. For handling inquiries and requests, etc.
      4. To notify you of necessary information regarding our products, services, events, and other business activities.
      5. To provide information on our products, services, and events to those who have given us permission to distribute such information by direct mail, e-mail, or LINE (Line).
      6. For offering prizes or campaigns.
      7. For grasping and analyzing state of usage of the products, services and events of The Company to improve their quality.
      8. For exercising rights and performing duties based on laws and the provisions of terms and conditions for accommodation.
      9. For other purposes of use indicated at the time of acquisition of personal information.
  • Personal information of applicants for employment
    1. Personal information to be obtained
      Necessary information such as name, age, gender, date of birth, address, telephone number, e-mail address, etc., within the scope of the following purposes of use.
    2. Purposes of use
      1. For performing works required for recruitment activities and the procedures and contracts of employment.
      2. For handling inquiries and requests, etc.
      3. For other purposes of use indicated at the time of acquisition of personal information.
  • Personal information of our partners
    1. Personal information to be obtained
      Business card information and other necessary information regarding our partners, within the scope of the following purposes of use.
    2. Purposes of use
      1. For concluding and performing contracts with external business partners of The Company and other works required.
      2. For handling inquiries and requests, etc.
      3. For other purposes of use indicated at the time of acquisition of personal information.
  • Personal information of members of the "JR Hotel Members" organization.
    1. Personal information acquired
      Member number, password, name, age, gender, date of birth, address, telephone number, email address, employer information and history of providing and use of points, and other information necessary for the following purposes of use.
    2. urposes of use
      1. For performing works required within the scope of the purposes of use set forth in 3(1)2 of this privacy policy.
      2. For performing works required for the operation of the "JR Hotel Members" organization (hereinafter referred to as "The Members' Organization") by The Company.
      3. For providing important information such as changes to the membership agreement, terms of service or benefits of The Members' Organization.
      4. For other purposes of use indicated at the time of acquisition of personal information.
    3. Other agreements of The Members' Organization
      Membership agreement of the "JR Hotel Members" organization
      Terms of service of the "JR Hotel Members" organization

  • Formulation of basic policy
    In order to ensure the proper handling of personal data, we have established a basic policy regarding "compliance with relevant laws, regulations, guidelines, etc." and "contact for handling questions and complaints.
  • Discipline over the handling of personal data
    The Company has established rules for the handling of personal data, including handling methods, responsible persons and persons in charge, and their duties.
  • Safety management measures for the organization
    • In addition to appointing a person responsible for the handling of personal data, the Company clarifies the personnel who handle personal data and the scope of personal data handled by such personnel, and establishes a system for reporting to the person responsible in the event that the Company becomes aware of facts or signs of violation of laws or handling regulations.
    • The Company conducts periodic self-inspections of the status of personal data handling.
  • Human security management measures
    • Regular training is provided to employees on points to keep in mind regarding the handling of personal data.
    • Matters concerning confidentiality of personal data are stated in employment regulations, etc.
  • Physical security management measures
    • The Company implements access control in areas where personal data is handled.
    • We have taken measures to prevent theft or loss of equipment, electronic media, and documents that handle personal data, and have implemented measures to prevent personal data from being easily discovered when such equipment, electronic media, etc. are carried, including within the business site.
  • Technical security management measures
    Access control is implemented to limit the scope of persons in charge and the personal information databases, etc. handled.
    • In addition to implementing mechanisms to protect information systems that handle personal data from unauthorized external access or unauthorized software, the Company implements measures to prevent information leaks, etc. necessary for communications, etc., containing personal data.

The Company shares personal information within the scope of its intended purposes of use as follows. When the sharing users have established policies for personal information, their policies shall be applied for their use.

  • Joint use of personal information related to our business (lodging, restaurants and stores, banquets and weddings, catering, etc.)
    1. Scope of joint users
      • Each member company of this membership organization ("JR Hotel Members") (*1), each member company of JR Hotel Group (*2), and each member company of JR West Hotels (*3).
        ※1:Stipulated in Article 1 of the "JR Hotel Members" Terms of Service
        ※2:In addition to *1, JR Hokkaido Hotels, JR Shikoku Hotels, JR Kyushu Huistenbosch Hotel Co.
        ※3:Included in *1
      • JR West Japan Via Inn Co.
    2. Purpose of joint use
      To provide services and products in our business (lodging, restaurants/shops, banquets/weddings, catering, etc.), to provide services and products including online reservations and sales, and to respond to other related matters.
    3. Items to be shared
      Necessary information within the scope of the above purposes of shared use, such as membership number, password, name, age, gender, date of birth, address, telephone number, e-mail address, workplace information, and information related to point allocation and usage history.
    4. Person responsible for management of personal information
      Nara Hotel Co.
  • Joint use of personal information related to the provision of services and products at all tenant stores in the hotels operated by the Company
    1. Scope of joint users
      All tenant stores in hotels operated by the Company
    2. Purpose of joint use
      To provide services and products in our business (accommodations, restaurants and stores, banquets and weddings, etc.) and for other related correspondence.
    3. Categories of sharing Information
      Name, age, gender, date of birth, address, telephone number, email address, and other information necessary in the scope of above purposes of sharing use.
    4. Name of a person responsible
      Nara Hotel Co., Ltd.

The Company does not provide personal information to third parties without obtaining the consent of Persons Concerned in advance except in cases set forth in the following categories.

  • Cases where The Company provides personal information to third parties
    1. ases based on laws and regulations
    2. Cases where there is a need to protect a human life, body or fortune, and when it is difficult to obtain the consent of Persons Concerned
    3. Cases where there is a special need to enhance public hygiene or promote fostering healthy children, and when it is difficult to obtain the consent of Persons Concerned
    4. Cases where there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing public affairs, and when there is a possibility that obtaining the consent of the Persons Concerned would interfere with the performance of the said public affairs
    5. Cases where disclosure or provision to a third party has been requested clearly by Persons Concerned
  • Disclaimer regarding provision to a third party
    In the following cases, The Company will bear no responsibility whatsoever with regard to the acquisition of personal information by third parties.
    1. Cases where personal information is disclosed to third parties by Persons Concerned 1 Cases where personal information is disclosed to an accommodation facility by Persons Concerned (if Persons Concerned discloses personal information of companions at the time of reservation, it is assumed that the consent of those companions is obtained at the responsibility of the Person Concerned)
    2. Cases where personal information is disclosed to third parties by Persons Concerned
    3. Cases where personal information is provided to or used on external websites linked to The Website by Persons Concerned
    4. Cases where third parties obtain information that could identify an individual (password, etc.) for reasons not attributable to The Company
  • Appropriate management and supervision over entrusted persons
    In case of The Company entrusts the handling of personal information to third parties within the scope of intended purposes of use, The Company shall take appropriate consideration for the selection of entrusted persons, conclude a non-disclosure contract with them, guide them for the proper management of personal information and exercise appropriate supervision over them.

The Company may transfer the personal information of Persons Concerned who reside in the European Economic Area (EEA) to the terrain outside of the EEA and use within the scope of intended purposes of use. In these cases, The Company shall appropriately and strictly handle the personal information under applicable laws. Please see below for the handling of the personal data of persons who are in the EEA.

Privacy Policy on the Handling of the Personal Data of Persons Who are in the EEA

You have the right to request that we notify you of the purpose of use, disclose, correct, delete, or cease use of your personal information, or cease providing your personal information to a third party (hereinafter referred to as "cease use, disclosure, etc.") in accordance with the applicable laws and regulations, etc. The individual has the right to request the Company to stop using the personal information (hereinafter referred to as "suspension of use, disclosure, etc."). In addition, you have the right to revoke your consent at any time, even if you have consented to the purpose of use.

When we receive a request to cease use or disclose personal information in our possession, we will respect the wishes of the individual and respond to the request within a reasonable period of time and to the extent required by law, after confirming the identity of the requestor. However, we may decline such requests if the request violates laws and regulations, if it may harm the life, body, or property of a third party, if it may seriously impede the proper execution of our business, if the relevant personal information does not exist, if the identity of the requestor cannot be verified, or if the requestor does not pay the prescribed fee. To request suspension of use or disclosure of personal information, please fill out the prescribed application form, enclose the documents necessary to verify the identity of the person in question and his/her representative (hereinafter referred to as "identification documents") and the administrative fee, and send the application by registered mail to the Personal Information Inquiry Desk below. Please note that we will not be able to respond to requests that do not follow this procedure (including requests made in person).

  • Request from the person in question If the person to whom the personal information pertains wishes to make a request, please submit the application form with the person's signature and seal and enclose identification documents by registered mail to the Personal Information Inquiry Desk below.
    • Application form
      ・Request Form for Disclosure of Retained Personal Data
    • Identification documents
      Enclosed is a photocopy of one of the following
    • Driver's license
    • A copy of the abstract of the family register (address, name, and other necessary information only)
    • Copy of residence certificate (only required information such as address, name, etc.)
    • Certificate of Insurance Coverage for various types of insurance
    • Certificate of long-term care insurance
    • Pension book
    • Certificate of pension
    • Passport
  • Requests from persons other than the person in question If the request is made by a representative of the principal, please enclose the following documents in addition to the application form (signed and sealed by the representative) and identification documents for the principal and the representative, and send the application by registered mail to the Personal Information Inquiry Desk below.
    • Necessary documents
      Enclosed is one of the following
    • Power of Attorney , certificate of registration of the person's seal stamped on the power of attorney (within 3 months of the date of issuance of the power of attorney)
    • A copy of the official gazette or a copy of the family court's decision notice (for guardians only)
  • Administration fee
    For notification or disclosure of the purpose of use of personal information, an administration fee of 729 yen for a written application and 765 yen for a CD-R application will be charged per case. Please enclose stamps for the fee with the application documents.
  • Personal Information Inquiry Desk
    【Personal Information Inquiry Desk】
    Address: 630-8301
    1096 Takahata-cho, Nara City, Nara Prefecture
    General Affairs and Planning Department, Nara Hotel Co.
  • How to be notified of the results of your request Notification will be sent to the person who made the request (name and address or e-mail address of the requestor as stated in the application for disclosure, etc.) by mail (personal delivery service) or e-mail. In the event that the suspension of use or disclosure is not made, the reason for the refusal will be included in the notice. Please note that it may take a few days to complete the notification.
  • Purpose of use of personal information obtained through requests for suspension of use, disclosure, etc. Personal information obtained in response to a request for cessation of use, disclosure, etc. will be used only to the extent necessary for the procedures for cessation of use, disclosure, etc. In addition, the submitted documents will be properly disposed of.

The Company handles the personal information of minors appropriately in accordance with this privacy policy. When Persons Concerned is minor, The Company may require the consent of persons in parental authority for acquiring the personal information. If Persons Concerned is less than 13 years of age, The Company shall require the consent of persons in parental authority and give special consideration to the handling of their personal information.

The Website may use cookies to improve the information and services provided and to offer comfortable use of The Website. For details, please refer to the "Cookie policy" of The Website.

The Website may acquire access logs to improve the use of The Website and to analyze statistical data. The Company does not disclose access logs to third parties unless otherwise provided by laws and regulations. If you refuse to send access logs, you may not use The Website properly.

The Company will revise this privacy policy to respond to changes in related laws, regulations or the social environment, etc. The Company will post the revised privacy policy on The Website.

If you have any questions regarding this Privacy Policy, please contact us at
Nara Hotel Corporation Inquiries about personal information Address: 1096 Takahata-cho, Nara City, Nara Prefecture, 630-8301
E-mail address: info-soumu@narahotel.co.jp
Hours: 9:30 a.m. to 5:30 p.m. (except Saturdays, Sundays, national holidays and year-end and New Year's holidays 12/29 to 1/3)
Personal Information Management Manager: General Manager of General Affairs and Planning Department, Nara Hotel Co.

December 21, 2022 Revised