RESERVATIONS
JP|EN
JP|EN

PRIVACY POLICY

I. Privacy Policy

TONES OSAKA (hereinafter referred to as "we”, “us”, or “our”) hereby declares that we will comply with laws and regulations, as well as other standards related to the protection of personal data, to ensure the proper handling of personal data used in our business operations. We will establish, implement, and maintain a voluntary framework and rules. To implement this declaration, we will establish internal regulations regarding the protection of personal data, ensure that all of our employees (including officers, employees under employment contracts, and temporary staff) and other relevant parties are informed of and comply with these regulations, and continuously work to improve and maintain them. To prevent the loss, damage, alteration, or leakage of personal data, we will establish internal regulations concerning the security management of information systems and implement appropriate information security measures, such as countermeasures against unauthorized access and computer viruses. We uphold the following fundamental principles for the protection of personal data:

1. Prohibition of Unlawful Collection

When collecting personal data, we shall do so by lawful and fair means, strictly prohibiting any collection through improper or unlawful methods.

2. Prohibition of Use for Purposes Other Than Specified

When using personal data, we shall handle it strictly within the scope of the specified purposes and prohibit its use beyond this scope.

3. Ensuring Security

When handling personal data, we shall prioritize security management and prohibit the input, storage, transportation, transmission, or disposal of personal data in conditions where security cannot be assured.

4. Prohibition of Disclosure to Third Parties

We strictly prohibit providing personal data to third parties without the customer's consent, except within the scope permitted by law. When entrusting personal data to third parties as part of outsourced operations or sharing personal data with third parties for joint use, we will enter into the necessary agreements with such parties and take all other legally required measures to ensure proper handling of the data.

5. Respect for Individual Rights

We recognize that customers, as the subjects of their personal data, have the right to request the disclosure, correction, or suspension of use of their personal data. We will respond to such requests from customers in accordance with the procedures prescribed by applicable laws and regulations.

Ⅱ. Security Management Measures

  1. Formulation of Basic Policies
    To ensure the proper handling of personal data, we have established this basic policy, which includes “adherence to relevant laws, regulations, and guidelines” and establishing a “contact point for inquiries and complaint resolution.” Additionally, we have developed personal data protection regulations that outline the handling methods, manager, personnel in charge, and their respective duties at each stage, including acquisition, use, storage, provision, deletion, and disposal.
  2. Organizational Security Management Measures
    We have appointed a person responsible for managing the handling of personal data and have clearly defined the scope of personal data handled by employees who deal with such information. Additionally, we have established a reporting and communication system to inform the responsible person in the event of any facts or indications of violations of laws or personal data protection regulations. Furthermore, we conduct regular self-inspections regarding the handling of personal data and implement audits by other departments or external parties to ensure compliance.
  3. Human Security Management Measures
    Matters related to the confidentiality of personal data are included in the employment regulations, and we provide regular training to employees on key considerations regarding the handling of personal data.
  4. Physical Security Management Measures
    In areas where personal data is handled, we manage the entry and exit of employees and restrict the devices that can be brought into these areas. Additionally, we implement measures to prevent unauthorized individuals from accessing or viewing personal data. We implement measures to prevent the theft or loss of devices, electronic media, and documents that contain personal data. Additionally, when transporting such devices or media, including within the office, we ensure that personal data cannot be easily identified or accessed.
  5. Technical Security Management Measures
    We implement access controls to restrict access to authorized personnel and limit the scope of personal data databases they can handle. Additionally, we have implemented systems to protect information systems that handle personal data from unauthorized access or malicious software originating from external sources.

Ⅲ. Matters Related to Data Acquisition

When acquiring personal data, we clearly state the purpose of use and acquire the information with the customer’s consent. This is done through lawful and fair means, within the scope necessary to achieve the stated purpose. If it becomes necessary to use personal data beyond the initially stated purpose, we will notify the customer and obtain their consent before proceeding.
Additionally, we do not offer products or services targeted at children and do not intentionally collect personal data from children. For individuals under the age of 18, we handle personal data only after obtaining both the individual's and their parent’s or guardian’s consent.

Ⅳ. Matters Related to Purpose of Use

We use the personal data we collect for the following purposes:

  • ・Providing services to customers.
  • ・Communicating with customers for purposes such as confirming reservation details.
  • ・Shipping products, processing payments, and other transaction-related guidance and confirmations.
  • ・Providing information, advertisements, promotions, or conducting surveys related to the business operations of our company and our partners.
  • ・Understanding the usage of facilities, products, and services offered by our company and partners, as well as improving and developing them.
  • ・Enhancing our website, services, and products.
  • ・Performing tasks incidental or related to the purposes mentioned above.
  • ・Complying with laws, regulations, or guidance and directives from administrative authorities.

Ⅴ. Provision to Third Parties

We do not provide or disclose any personal data we hold to third parties without the customer's consent, except as permitted by law.

Ⅵ. Matters Related to Outsourcing

Within the scope necessary to achieve the purposes of use outlined in Section IV, we may outsource all or part of our operations. In such cases, we will properly manage and supervise the outsourcing parties, including entering into contracts that specify confidentiality obligations and ensure the appropriate handling of personal data.

Ⅶ. Matters Related to Usage

We may use the personal data we hold within the scope necessary to achieve the purposes outlined in Section IV. Personal data shared for joint use will be managed responsibly by our personal data protection manager. For further details or inquiries, please contact the office listed in Section IX.

Items of Personal Data Subject to Joint Use

The following types of personal data may be shared for joint use:
・Address
・Name
・Company name
・Phone number
・Email address
・Credit card information
・Flight information
・Other information necessary for providing services to customers

Purpose of Use by Outsourcing Parties

  • 1. Security for our hotel premises
  • 2. Limousine reservations
  • 3. Room cleaning services
  • 4. Billing and settlement
  • 5. Reservation management
  • 6. Other tasks incidental or related to the purposes mentioned above

Personal Data Protection Manager

Ⅷ. Handling of Personal Data on Our Website

On our website, personal data provided by customers is stored solely as a record of the services they have requested. After a certain period, this information is deleted. As part of our safety measures, we take the following steps to protect personal data:

To ensure the safety of personal data, we implement reasonable security measures from both operational and system perspectives to prevent unauthorized access, loss, destruction, alteration, or leakage of data. For the transmission and reception of personal data between our website and customers over the internet, we utilize SSL (Secure Sockets Layer) encryption to ensure secure communication. On our website, we collect information through the use of cookies (a technology that stores usage history and other data exchanged via the web in the customer’s browser) and access logs recording visits to our website. This information is used solely for statistical analysis to improve the operation and services of our website and for investigating the causes of unauthorized access. It will not be used for any other purposes. If you do not wish to accept cookies, you can adjust your internet browser settings to refuse them.

Ⅸ. Contact Point for Inquiries Regarding Personal Data

For inquiries regarding personal data, please send email to the following address:
@

Ⅹ. Updates to the Handling of Personal Data

The content of this policy is subject to change without prior notice due to amendments to laws and regulations, changes in social norms, or other reasons.

TONES OSAKA

RESERVATIONS