JAPANESE

Check-in

Check-out

Night

Adults

Personal Information Protection Policy & Data Protection Policy

UHM: Personal Information Protection Policy

The Company understands the appropriate protection of personal information to be an essential aspect of its business operations, and manages customer personal information with great care, in accordance with the Act on the Protection of Personal Information (Law No. 57 of 2003; the “Personal Information Protection Act”) and related laws and regulations.

  • Business Operator Name
    • UHM Co., Ltd. (Chiyoda-ku, Tokyo)
  • Definitions
    • ・Terms used in this Personal Information Protection Policy follow the definitions in the Personal Information Protection Act.
      ・For the purposes of this Personal Information Protection Policy, Nomura Real Estate Group means the corporate group comprising Nomura Real Estate Holdings, Inc. and its subsidiaries and affiliates.
  • Compliance with Related Laws, Regulations and Guidelines
    • The Company will comply with the Personal Information Protection Act, and related laws and regulations, and guidelines.
  • Acquiring etc. of Personal Information
    • The Company will acquire personal information in an appropriate manner in compliance with laws and regulations, will maintain personal data in accurate and up-to-date form within the scope necessary to achieve the purposes of use of such data, and will endeavor to delete such data without delay when use of the same is no longer necessary.
  • Use etc. of Personal Information
    • The Company will not use personal information outside the scope necessary to achieve the purposes of use.
      Except in the cases constituting exceptions under the Personal Information Protection Act, the Company will not provide personal data to third parties without the consent of the individual identified in such data.
      In cases where the handling of personal data is entrusted in whole or in part to a third party, the Company will provide necessary and appropriate supervision of the relevant service provider to ensure the security of such personal data.
  • Joint Use of Personal Data
    • There may be cases where, in order to ensure the provision of comprehensive services by Nomura Real Estate Group, the Company will use personal data jointly with companies belonging to Nomura Real Estate Group, in accordance with laws and regulations.
  • Security Measures for Personal Data
    • In order to prevent the divulgence, loss, destruction, unauthorized use and the like of personal data, the Company will take security measures that are necessary and appropriate depending on processing stage, e.g., acquiring, use, storage.
  • Disclosure, Correction, Discontinuation of Use etc. of Retained Personal Data
    • At the request of individuals identified in retained personal data, the Company will disclose, correct, discontinue the use of, or take other action in regard to such personal data, in accordance with laws and regulations and procedures set forth by the Company.
  • Formulation and Implementation of Rules on Handling of Personal Information etc.
    • To ensure that this Personal Information Protection Policy is carried out, the Company will formulate internal rules on the handling of personal information, will thoroughly disseminate such rules to its officers, employees and other related persons, and will thereupon implement the same. Further, the Company will have such rules be maintained continuously, and will improve the same as necessary.
  • Application and Revision of Personal Information Protection Policy
    • This Personal Information Protection Policy will apply from the date of its publication on the Company website. Further, if revision of this Personal Information Protection Policy is required under laws and regulations or the Company otherwise determines such revision to be necessary, the Personal Information Protection Policy may be revised without prior notice. The most recent policy will be published on the Company website.
  • Inquiries
    • Please submit all questions, opinions, complaints and the like concerning the Company’s handling of personal information via the inquiries page.

Purposes of Use of Customer Personal Information

UHM Co., Ltd. (the “Company”) will use customer personal information (name, address, date of birth, place of employment, annual income, telephone number, email address, and other personal information as set forth in the Personal Information Protection Act) for the following purposes.
“Customer” includes not only persons who currently or in the past have had contracts or transactions with the Company, but also persons who are likely to have such contracts or transactions with the Company in the future, and further includes, in cases where such persons are corporations, the persons in charge at such corporations.

  • In order to engage in the following conduct in relation to contracts/transactions involving the Company.
    • Preparations/negotiations for execution of contracts and carrying out of transactions.
    • Execution/performance of contracts and carrying out of transactions.
    • Carrying out of various procedures before and after contracts/transactions.
    • Delivery/communication of various introductions relating to contracts/transactions.
    • Provision of various types of information and services relating to contracts/transactions.
    • Various administrative processes relating to contracts/transactions.
  • In order to engage in sales activities in regard to the Company business, including delivery of materials, provision of information, introduction of/solicitation for products and services, announcement of events, collection of questionnaires, whether by postal service, email, telephone, door-to-door solicitation, or other method.
  • In order to engage in activities such as analysis of customer/market trends, survey analysis for product development etc., and preparation of statistical information.
  • In order to provide to third parties, with customer consent or pursuant to laws and regulations, within the scope necessary to achieve the foregoing purposes of use.

Purposes of Use of Officer/Employee Personal Information

UHM Co., Ltd. (the “Company”) will use officer/employee personal information (name, address, date of birth, annual income, telephone number, email address, and other personal information as set forth in the Personal Information Protection Act) for the following purposes.
“Officer/employee” includes the Company’s officers and employees (general employees, clerical employees, residential sales employees, CS staff, consultants, supervisors, expert positions, active positions, support positions, part-time employees ), temporary employees, and employees seconded to the Company, as well as those who held the foregoing position in the past and applicants for hire.

  • In order to engage in the following conduct at the Company.
    • Operations relating to personnel and labor management.
    • Operations relating to occupational health and healthcare.
    • Operations relating to determination of, payment of, or deductions from, salaries, bonuses or the like.
    • Operations relating to benefits.
    • Operations relating to social insurance.
    • Other operations.
  • In order to provide to third parties, with officer/employee consent or pursuant to laws and regulations, within the scope necessary to achieve the foregoing purposes of use.

Joint Use of Personal Information

UHM (the “Company”) may jointly use customer information obtained by the Company as follows, in accordance with the provisions of laws and regulations.
“Customer” includes not only persons who currently have or in the past have had contracts or transactions with the Company, but also persons who are likely to have such contracts or transactions with the Company in the future, and further includes, in cases where such persons are corporations, the persons in charge at such corporations.

  • Joint Use for Corporate Transactions
    • Items of Personal Data Subject to Joint Use
      Customer’s corporate name/department name, name/title of customer’s responsible person, and dates/particulars of in-person meetings with customer in the case customer is a corporation.
    • Scope of Joint Users
      Companies belonging to Nomura Real Estate Group.
    • Purposes of Use by Joint Users
      Enabling Nomura Real Estate Group as a whole to provide services and other business activities for the Company’s customers, and strengthening relationships with customers in the case customer is a corporation.
    • Party Responsible for Management of Personal Data UHM Co., Ltd.

UHM Co., Ltd – Data Protection Policy

UHM Co., Ltd (“UHM”, “us”, “we”, “our”) attaches great importance to the protection of privacy. Therefore, we hereby implement and maintain the Data Protection Policy.
The Data Protection Policy commits to protect the information about all individuals located in the EU/EEA (referred to as “personal data”), both when they reserve rooms at our HOTEL NIWA TOKYO (the “Hotel”) via our website or otherwise and as hotel guests and to only process it in accordance with the provisions below.

As part of our commitment to protect your personal data, this Data Protection Policy explains:

  • which personal data we collect and process about you;
  • why and how UHM collects and processes your personal data, for how long and on which legal basis;
  • who has access to your personal data and where;
  • our role as the legal entity deciding about the processing of your personal data (referred to as “controller”); and
  • what your rights and our obligations are in relation to such processing.
1. What type of personal data do we collect and process?

We collect and process the following personal data about you:

  • identification information (e.g. name, gender, company name, email address, home/company address, fixed and mobile phone number, date and place of birth, picture, nationality, passport and visa information);
  • the information relating to your booking for and stay at the Hotel (e.g. dates of arrival and departure, number of guests and affiliations, goods and services ordered during your stay, any special requests, observations about your service preferences including room and vacation preferences and more generally, any communications you have with us);
  • the payment information (e.g. payment method, credit card number and account details);
  • any information necessary to fulfil special requests (e.g. dietary requirements, health condition for which specific accommodation needs to be arranged, shuttle reservation);
  • any marketing related information (e.g. results of surveys, information included in answers to our promotional offers); and
  • any information provided by third parties with whom we do business such as travel agents or booking intermediaries (e.g. the time and location of order).

Through our website, we also collect and process:

  • electronic identification data (e.g. user account and password, device identifier and IP address);
  • technical information collected by cookies (e.g. type and version of browser and operating system, the type of device connected, information regarding the pages visited, the information researched, the time spent on our website, the time when and area/country from which the website is accessed, the number of users on the website at any given time, the ratio of users leaving the website without conducting a registration and other statistics regarding the browsing experience on our website); and
  • information regarding your preferences on our website.

This information may either be directly provided by you, by the legal entity for whom you work (e.g. if your employer reserve a room for you) or by a third party making the reservation for you (e.g. your local travel agent or online travel agents).
To the extent authorised by law, we may also process so-called sensitive data, such as health related data stemming from dietary or disability related requirements. UHM will only do so as strictly required to satisfy your specific request and only with your prior consent. In such case, the data will be accessed and processed solely under the responsibility of a representative of UHM who is subject to a statutory or contractual obligation of confidentiality.
Whenever personal data about you is collected (e.g. through the use of a standard form on our website), we will indicate whether the provision of such data is mandatory (e.g. with an asterisk) and the consequences of your refusal to provide the requested personal data.

2. On which legal basis and for which purposes do we process personal data?
2-1. Legal basis for the processing

We only process your personal data provided:

  • such processing is necessary to comply with our legal or regulatory obligations; or
  • such processing is necessary to perform our contractual obligations towards you or to take pre-contractual steps at your request; or
  • we have obtained your prior consent; or
  • such processing is necessary to protect your vital interest; or
  • such processing is necessary for the legitimate interest of UHM to the extent it is not overridden by your own interest or fundamental rights and freedom.
    In relation to the processing of your personal data, our legitimate interests are:
    • to benefit from cost-effective services (e.g. using platforms operated by third party suppliers);
    • to prevent fraud or criminal activity, misuses of our website as well as the security of our IT systems, architecture and networks; and
    • to meet our corporate and social responsibility objectives.
2-2. Purposes of the processing of your personal data

We process your personal data for specific purposes and only to the extent relevant to achieve these purposes. In particular, we process your personal data for the following purposes.

  • to manage our customers;
  • to implement tasks in relation to your reservation and the corresponding preparation of your stay at the Hotel and provide you with a better or more personalized level of services;
  • to provide and charge for hotel accommodation and other goods and services and facilitate services on your behalf, such as restaurant and transportation services;
  • to fulfil contractual obligations to you or anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers or your employer) and vendors (e.g. credit card companies, airline operators and third party loyalty programs);
  • to provide for the safety and security of staff, guests and other visitors;
  • to manage our IT resources, such as infrastructure management & business continuity;
  • to manage our archiving and records;
  • to track our activities (measuring sales, number of calls, visits to our website, etc.);
  • to improve the browsing experience on our website;
  • for invoicing purposes;
  • to improve our existing services (or those under development) by means of customer and non-customer surveys, statistics and testing;
  • to preserve our economic interests;
  • to reply to any official request from a public or judicial authority in compliance with legal requirements;
  • more generally, to comply with our legal, accounting and tax obligations in relation to your reservation and stay at the Hotel;
  • to periodically send promotional emails about our products, special offers and information which you may find interesting, using the email address which you have provided (if any); and
  • to carry out mergers and acquisitions and other investments or divestments involving UHM or the Hotel.
3. Who has access to personal data and with whom are they shared?
3-1. Within our group

We may transfer personal data to affiliated companies of UHM. Such affiliated companies may either act as another independent controller or process your personal data on our behalf and upon our request (thereby acting as processor). In all cases, the personal data will be processed only for the purposes set out in Section 2.2.

3-2. Outside our group

We may also transfer personal data to third parties, acting as processors, to achieve the purposes listed in Section 2.2 on our behalf, to the extent they need it to carry out the instructions we have given to them. We do not transfer personal data to these third parties for commercial use.
Such third parties include our (IT) systems, cloud service, data centre and database providers, website providers and consultants relevant to our business activities.
As processors, these third parties must enter into an agreement with us to process your personal data prior to having access to your personal data.

Where required, we may also transfer your personal data to:

  • any third party to whom we contractually assign or novate any of our rights or obligations related to the processing of your personal data; and
  • any national or international public or judicial authority, where we are required to do so by applicable law or regulation or at their request, in compliance with law.

both categories of recipients above acting as controllers.

3-3. Transfers outside the European Economic Area

The personal data transferred within or outside our group, as set out in Sections 3.1 and 3.2, will be processed in countries outside the European Economic Area ("EEA") (i.e. the EU Member States plus Iceland, Liechtenstein and Norway). In particular, your personal data will be transferred to Japan and may be transferred to other countries where the recipients listed above in Sections 3.1 and 3.2 are located.

If your personal data is transferred outside the EEA to a country that has not been recognised by the EU Commission as offering an adequate level of protection for personal data, we will put in place the legally required safeguards or rely on the relevant legal derogations to ensure such transfer is carried out in compliance with the applicable law.

Such safeguards may include the entry into the standard contractual clauses as approved by the EU Commission prior to such transfer to ensure the required level of protection for the transferred personal data.

You may request additional information in this respect and obtain a copy of the relevant safeguard by exercising your rights as set out below.

4. How long do we store your data?

We will only retain your personal data for as long as necessary to fulfil the purpose for which it was collected and to comply with our legal and regulatory obligations, after which your personal data will be promptly removed from our systems. Notwithstanding the above, whenever your personal data is processed in the context of a dispute, it will not be deleted until (i) an amicable settlement has been reached, (ii) a decision in last resort has been rendered and enforced or (iii) the claim becomes time barred.

5. In addition, we will hold your personal data collected in the framework of our website operation for a period of four years following your visit to our website. How do we use cookies on our website ?

Cookies are small text files that are sent to your computer when you visit our website. We use cookies for the purposes set out above and in accordance with this policy.
We use third-party analytics cookies (i.e. cookies tracking our website’s statistics) for the purposes of identifying and recording which pages of the website you access, collecting the information detailed in Section 1 and improving your browsing experience on the website.
We do not use cookies to track individuals or identify them. Personal data generated through cookies are collected in a pseudonymised form and subject to your right to object to such data processing, as set out below.
Data collected through cookies will remain on our system for maximum of four years from the last use of the website by a given user and will be removed from the system thereafter.
Please note that you can modify your browser settings so that it notifies you when cookies are sent to it. If you do not want to receive cookies, you can also refuse cookies altogether by activating the relevant settings on your browser. Finally, you can also delete cookies that have already been set. Please note however that blocking cookies may affect certain features of the website or your browsing experience.
For more information as to how to manage cookies on your device, please consult the Help function of your browser or visit http://www.aboutcookies.org, which contains comprehensive information on how to manage cookies on a wide variety of browsers (link is external).

6. What are your rights and how can you exercise them?
6-1. Your rights

Within the limits and under the conditions set forth in the law, you have the following rights:

  • to access your personal data as processed by us and obtain a copy thereof;
  • to request any correction or update thereof;
  • to request the erasure of your personal data;
  • to request the restriction of the processing of your personal data;
  • to withdraw your consent where UHM based its processing of your personal data on your consent (without such withdrawal affecting the lawfulness of prior processing);
  • to object to the processing of your personal data;

to request the portability of your personal data (i.e. to obtain the personal data you have provided to UHM in a structured, commonly used and machine-readable format and/or to request the transmission of such personal data to a third party, subject to compliance with your own confidentiality obligations).

6-2. Exercising your rights

To exercise the above rights, you may send a request by email to info@hotelniwa.jp, with a scan/copy of your identity card or passport for identification purpose. We will respond in compliance with applicable law.
If you are not satisfied with how UHM processes your personal data, please let us know and we will investigate your concern.
You also have the right to make a complaint to the competent data protection authority.

7. Update of this Policy

This policy may be subject to amendments. Any future changes or additions to the processing of your personal data as described in this policy will be communicated to you through an appropriate channel, depending on how we normally communicate with you.