Rules & Policies

Privacy Policy

Objectives of Privacy Policy

GRANVISTA Hotels & Resorts Co., Ltd. (hereinafter referred to as “the Company”) as a company engaged in the hotel and resorts business, etc., has formulated this Basic Policy (Privacy Policy) with the understanding that the protection of the personal information of customers and trading partners, etc., is an important issue, and as the policy for the protection of the personal information of the Company; in the future, the Company shall adhere to this along with the separately prescribed Basic Policy on the Protection of Information (Information Security Policy), and shall endeavor to appropriately manage and handle personal information for the provision of better products and services, based on the following Basic Policy, etc.

Basic Policy on the Protection of Personal Information

  1. Compliance with Laws and Regulations Concerning Personal Information
    Personal information shall be handled appropriately, in compliance with laws concerning the protection of personal information, as well as industry standards, etc.
  2. Acquisition of Personal Information
    The Company shall acquire personal information by the following methods when engaged in a transaction relating to the facilities and products of the Company (accommodation, banquet, food and beverage, product sale, the provision or sale of other incidentals, the provision of services, the holding of events, etc.), a transaction with a business operator partnering with the Company, or other transaction.
    • Direct acquisition from the individual
      By telephone, in writing (includes electromagnetic record), by business card, in conversation, or via the internet, etc.
    • Acquisition from a party who has been granted legitimate authority by the individual
      Applicant for use, agent, travel agent, partner, or business operator that handles package products, etc.
    • Acquisition from a publication
      The internet, a newspaper, telephone directory, book, or other publication, etc.
    ·It should be noted that with the exception of where the Company has obtained the consent of the customer, where absolutely required for the provision of the Service, or where permitted by law, sensitive information of the customer, such as their race, creed, social status, and medical history, etc. (hereinafter referred to as "Sensitive Personal Information"), shall not be acquired.
  3. Legal Basis for the Use of Personal Information
    As a general rule, the legal basis for the use of personal information at the Company shall be the consent of the individual. The legal basis for the use of personal information in cases where the consent of the individual has not been obtained shall be the need for the performance of a contract with the individual, the need in order to perform procedures prior to the execution of a contract at the request of the individual, the need for legitimate interest sought by the Company or a third party, or the need for compliance with legal obligations that should be followed by the Company. The legitimate interest sought by the Company or a third party includes the increasing of operating income through marketing and service improvements, etc., as well as the improving of the convenience and security of the Company's website.
  4. Purpose of Use of Personal Information
    The Company shall use the acquired personal information within the range of the purpose of use set forth below. In addition, in the event of use beyond the range of the purpose of use, with the exception of where there are legal exceptions, this shall be performed upon obtaining the consent of the individual customer.
    • For communications, product orders and payments, settlement, and other matters concerning a transaction relating to the facilities and products of the Company (accommodation, banquet, food and beverage, product sale, the provision or sale of other incidentals, the provision of services, the holding of events, etc.), a transaction with a business operator partnering with the Company, or other transaction
    • For the management of member information at member organizations of the Company, as well as the provision of services to members
    • For responding to inquiries and requests, etc., made to the Company
    • For the issuance or mailing to the individual of information, advertisements, promotional materials, and questionnaires relating to the facilities operated by the Company, as well as the business, etc., of tenants (restaurants, stores, and help desks operated by business operators other than the Company that have opened a store or occupied a store with legitimate authority within premises or buildings owned or operated by the Company, and other business operators, etc.) and partners, by email, postal mail, courier service, telephone, fax, or other means.
    • For the improvement and development of services relating to the facilities and products of the Company, tenants, and partners, etc., as well as for ascertainment and analysis within the range that the individual is not identified in usage trend surveys and customer satisfaction surveys, etc.
    • In regard to the cookies, IP addresses, browser types, and access dates and times, etc., acquired on the websites of the Company and the facilities operated by the Company, for the provision of appropriate information on the website, the ensuring of security, the maintenance and management of the websites, and for statistical analysis on their usage status
    • For the creation, preparation, and storage of guest registers as prescribed by law, etc.
    • For use in other business incidental to the purpose of use described above or relating to the general provision of services of the Company
  5. Scope of Collection of Personal Information
    The Company requires the following information for the provision of services to the individual. In regard to the matters stated in the guest registers in particular, the Company is obligated by the law of Japan to create such records and store these for a period of three years. The hotel may be unable to provide accommodation services to a customer if this information is not provided.
    • Basic information on the customer, etc.
      Address, name, gender, date of birth, nationality, email address, telephone number, fax number, mailing address, etc.
    • Additional information on the customer, etc.
      Occupation, employer information (company name, address, telephone number, department, position), date of marriage, family information (names, relationships, dates of birth, etc.)
    • Payment information
      Credit card number, bank account information, invoice mailing address, and other data relating to payment
    • Information on services to be used
      Facility usage status, product purchase status, etc.
    • Content of communications
      Content of responses in emails, website forms, faxes, telephone memos, letters, and questionnaires, etc.
    • Information collected in relation to the security system
      Surveillance cameras, card keys, etc.
    • Information that is automatically collected on websites of facilities operated by the Company
      Cookies, IP addresses, browser types, access dates and times, etc.
    • Matters to be stated in the guest register
      Address, name, occupation, nationality, passport and visa information or other identification data relating to ID issued by a government, age, prior lodging, destination, arrival date and time, departure date and time, guest room name, etc.
    • Member number for various programs and information relating to this
  6. Joint Use of Personal Information
    The personal information acquired by the Company may be used within the scope of the purpose of use of Paragraph 4. The appropriate management and handling of personal information in such a case shall be secured by the Company's personal information protection manager.

    ·Data items subject to joint use
    Granvillage customer number, member services eligibility, name, date of birth, gender, address, telephone number, fax number, email address, workplace (company name, department, position, address, telephone number, fax number), mailing address, hotel at which the customer holds membership, usage history

    ·The Company and the Granvista Group
    Scope of parties to engage in joint use

    The Granvista Group refers to the facilities that are stated on the corporate site below.

    ·Parties with responsibility for the management of personal information
    The Company

  7. Regarding the joint use of personal information with third parties, and the outsourcing of business to third parties
    The personal information acquired by the Company shall be used within the scope of the purpose of use of Paragraph 4. Furthermore, even in the case of personal information being jointly used with a third party such as an affiliated company of the Company, or the handling of personal information being outsourced to a third party such as external company, the appropriate management and handling of personal information shall be secured by the Company's personal information protection manager.
  8. Disclosure and Provision of Personal Information to Third Parties
    The Company, with the exception of where any of the following are applicable, shall not disclose personal information of the individual to a third party.
    • If the consent of the individual has been obtained
    • If disclosure or provision is required by law
    • If it is necessary in order to protect the life, body, or property of an individual, and it is difficult to obtain the consent of the individual
    • If it is particularly necessary for the improvement of public health or the promotion of the sound development of children, and it is difficult to obtain the consent of the individual
    • If it is necessary to cooperate with the performance of business prescribed by a national government organization, a local government organization, or a party contracted by such an organization, and the obtaining of the consent of the individual may cause hindrance to the performance of such business
  9. Secure Management of Personal Information
    The Company shall take the necessary and appropriate safety management measures in order to secure the accuracy and safety of the personal information, to keep it up to date, and in order to prevent loss, tampering, leakage, or unauthorized access, etc., to the personal information. In addition, the Company shall conduct appropriate monitoring on contractors.
  10. Filing of Complaints to a Regulatory Agency
    The individual may file complaints to a regulatory agency, such as the national government, local government, or international organization, etc., concerning the handling of the personal information of the Company, in accordance with the law.
  11. Transfer of Personal Information to Third Country, Etc.
    The Company, for the performance of a contract with the individual, or for the performance of procedures at the request of the individual prior to the execution of a contract, shall transfer personal information acquired outside of Japan to Japan. The Company, shall handle the personal information of the Individual through the use of the appropriate security and confidentiality measures.
  12. Presence of Automated Decisions, Such as Profiling
    The Company shall not make any decisions based only on the automated handling of personal information, such as profiling.
  13. Personal Information Storage Period
    The Company shall store personal information for the period required to achieve the purpose of its use, and after the storage period, shall take measures to delete or anonymize the personal information by a safe method, and within a reasonable period of time.
    It should be noted in regard to the matters to be stated in the guest register, that the storage period obligated by the law of Japan is three years.
    • Customer, Etc., Basic Information
    • Customer, Etc., Additional Information
    • Payment Information
    • Service Usage Information
    • Communication Content
    • Information collected in relation to the security system
    • Information that is automatically collected on the website of the Company and websites of facilities operated by the Company
    • Matters to be stated in the guest register          Three years from the final transaction
    • Other Information
  14. Personal Information at Link Destinations
    The Company shall not bear responsibility for the protection of personal information on websites linked to from the websites of the Company and the Granvista Group, or on other websites.
  15. Contact Point for Inquiries Concerning Personal Information
    The Company shall manage the personal information of the individual so that it is as accurate and up to date as possible. Requests from the individual for the disclosure of content, revision, or suspension of use, etc., of personal information, as well as inquiries relating to personal information may be directed to the Personal Information Inquiry Help Desk.

    Help Desk for requests for the disclosure of personal data held by the Company and the Granvista Group
    2-3-4, Uchi-Kanda, Chiyoda-ku, Tokyo, 101-0047
    GRANVISTA Hotels & Resorts Co., Ltd. Sales & Marketing Department
    Personal Information Inquiry Help Desk
    E-mail: m-privacy@granvista.co.jp

Internet safety measures

GRANVISTA makes every effort to ensure information security on its website. SSL (Secure Sockets Layer) encryption is used to protect the transmission of personal information so that customers can make online reservations, inquiries and the like with peace of mind. SSL is a security technology for communication between browsers and web servers, and is based on encryption and authentication. With SSL, even in the event that a third party intercepts a data transmission, the content cannot be read or tampered with. However, due to the nature of the Internet, the use of SSL does not guarantee complete security.

This website is certified with a server certificate from Cybertrust Japan Co., Ltd. All communication on SSL pages is encrypted to protect user privacy.

Amendments to the privacy policy, posting on website

This Basic Policy (Privacy Policy) may be amended in conjunction with the amendment and abolition of laws, changes in social norms, and for other reasons. In addition, this Basic Policy (Privacy Policy) shall be posted on the Company's website, and shall also be posted in the event of the content being amended, etc., in the future.

(August 5, 2019 Amendment)
President
GRANVISTA Hotels & Resorts Co., Ltd.

Granvista Group Facilities List

Hokkaido

Sapporo Grand Hotel
Sapporo Park Hotel
Hotel Yumoto Noboribetsu
Tomakomai Golf Resort 72

Kanto

Ginza Grand Hotel
Hotel Intergate Tokyo Kyobashi
Kamogawa Sea World
Kamogawa Sea World Hotel
Sano Highway Restaurant

Tokai-Chubu-Hokuriku

Hotel Intergate Kanazawa
Ashigara Highway Restaurant
Atami Beach Line

Kinki

Hotel Intergate Kyoto Shijo Shinmachi
Hotel the Lutheran
Shiraraso Grand Hotel
Otsu Highway Restaurant

Chugoku

Hotel Intergate Hiroshima

Kyushu

Kumamoto Hotel Castle

Return to the top of the page