1.Basic Policy
Sola Hotel, Inc. and related the company* (hereafter referred to as “the company”), recognize that protecting the privacy of our customers and their personal information (hereafter referred to collectively as “personal information”) is the basis of the Group’s business and one of the Group’s social responsibilities.
In order to responsibly protect our customers’ personal information, the Company has established the personal information protection policy set forth below.
The Company has established an in-house system and strategies for protecting personal information, which it is committed to implementing, maintaining, and continuously improving.
The Company’s personal information protection system and activities are designed to comply with all relevant legislation and in-house rules, and to be worthy of our customers’ confidence.
2.Obtaining personal information from customers
2-1. Obtaining personal information
In the course of providing services to our customers, the Company may obtain from customers such personal information as their name, address, and contact information.
When obtaining personal information from customers, only the necessary information is obtained, and the purpose and extent of the utilization of the information is clearly explained.
2-2. How information is obtained
Personal information is obtained by the following means in the course of customer transactions with the Company, related to Company facilities or products (such as accommodation, banquet, or bar/restaurant facilities, product sales, the provision/sale of amenities, the provision of services, and the holding of events) and other transactions (referred to hereafter as “transactions”).
(1) Directly from the customer
By telephone, in writing, from business cards, verbally, or over the Internet
(2) From a person duly authorized by the customer
Such authorized persons may include those authorized to make a reservation on behalf of a customer or to introduce a customer, travel agencies, and package tour companies.
(3) From published information
Newspapers, Internet, telephone books, publications, and other written materials.
2-3. Types of personal information obtained by the Company
The personal information obtained by the Company may include the following information: name, place of work, home/work address, email address, telephone number, fax number, date of birth, gender, customer requirements regarding guest rooms, leisure activities, and other services, information required to fulfill special requirements, and the customer’s previous/subsequent night’s accommodation if required by bylaws or ordinances.
2-4. Right to refuse to provide personal information
The Company does not compel customers to provide personal information.
At all times, the customer has the right to choose whether or not to provide personal information to the Company. However, in the event that a customer refuses to provide personal information such as his or her name, it may not be possible to provide certain services, such as making reservations.
2-5. Obtaining information from minors
The Company does not aim or intend to obtain personal information directly from minors.
In the event that a minor provides the Company with personal information about the minor or the minor’s family without the agreement of the minor’s parents, please contact a Company representative.
The Company will immediately cease use of the personal information and take any necessary action, including deletion of the personal information, in good faith.
However, if a minor wishes to use the facilities of the Company, and provides personal information about himself/herself for that purpose, the Company shall handle said personal information in accordance with this Privacy Policy.
3.Use of customer personal information
3-1. Purposes for which personal information is used
The Company uses a customer’s personal information only for the purpose(s) and within the scope made clear to the customer at the time the information is obtained.
The Company makes absolutely no use of personal information for other purposes or beyond the indicated scope.
3-2. Types of personal information obtained by the Company and purposes of use
In principle, the personal information obtained and held by the Company is used to provide customers with information and services in relation to:
(1) Making reservations and using Company facilities such as hotels, restaurants, and leisure facilities
(2) Ordering products
(3) Joining various Company membership organizations
The personal information is also used for: Providing various types of information and services from Company companies.
Providing services from the companies that are tailored to individual customer requirements
Providing information related to products and services provided by the Company and trustworthy third parties
Improving Company services on the basis of customer needs
Personal information is held for the abovementioned reasons. The provision of various types of information in the above cases is by such means as direct contact with the customer, direct mailings, or email.
When information is to be used for purposes other than the above, the purpose and limits of the proposed use are made clear to the customer prior to the acquisition or use of the personal information and is only obtained or used with the consent of the customer.
3-3. Use of cookies
Cookies are a widely used technology on the Internet for identifying a customer’s computer.
Company services may use information identifying the customer combined with information on pages browsed by the customer, which is collected using cookies. This information is used within the scope specified under “Purposes for which personal information is used”.
Customers can disable cookies by changing their browser settings, but this may result in an inability to access some or all of the services provided on the website.
3-4. Stopping the use of personal information
Customers who wish to stop, entirely or partially, the use of personal information obtained and held by the Company, such as to stop the distribution of information via direct mail or email. All such requests will be conscientiously complied with.
4.Provision to third parties and joint use of personal information
4-1. Limits to provision of information to third parties and joint use of information
Except in the following cases, the Company does not provide or disclose customer personal information to third parties or engage in the joint use of this information without the consent of the customer.
(1) Cases in which such disclosure or use is required by law
(2) In exceptional circumstances, to cooperate with governmental or administrative bodies
(3) In the subcontracting of Company work, within the scope of proper use
4-2.In all other cases in which a customer’s personal information is to be disclosed to a third party or jointly used, in whole or in part, prior consent from the customer is obtained.
In such cases, the Company exercises due care in the selection of the third parties that will receive or jointly use the information, and the Company requires that all such parties comply with the relevant laws and regulations and exercise appropriate management of the information, as the Company does.
4-3. Monitoring of subcontractors
In using the customer’s personal information, the Company may entrust said personal information to third parties, within the approved scope of use.
The Company supervises said third parties’ use of the personal information as necessary and appropriate to ensure that such third parties manage the personal information in strict accordance with the same standards as the Company.
The Company and said third parties conclude agreements stipulating careful management and supervision of the secrecy of the personal information, to ensure strict safety of the personal information. Moreover, the Company and said third parties may collaborate in the use of the personal information, within the stated scope.
4-4. Scope and purposes of joint use of personal information
As a rule, if personal information is shared with third parties for the purpose of joint use, the joint use relates to the following:
(1) Making reservations and using Company facilities such as hotels, restaurants, and leisure facilities
(2) Ordering products
(3) Joint use with companies providing comprehensive services related to joining membership organizations, recording and managing data, and managing point-based services
(4) Joint use with companies providing comprehensive services
In addition, the information may include customer requirements regarding hotel rooms, leisure activities, and other services, as well as information to allow the Company to meet special needs (such as health conditions requiring special measures at hotels), and lifestyle information such as information on customer hobbies and interests.
5.Handling of personal information
5-1. Maintenance of accurate personal information
The Company employs appropriate measures to ensure that customer personal information is kept accurate and up-to-date.
5-2.Disclosure, correction, and disposal of personal information
In order to facilitate customer requests to check, correct, or dispose of the customer’s own personal information held by the Company, the Company has established the Sola Hotel Personal Information Center to respond efficiently and in the required scope.
In such cases, the Company takes appropriate measures, such as asking for any information as may be useful in identifying the customer’s data.
6.Secure management of personal information
6-1. Compliance with relevant legislation, regulations, and guidelines
The Company complies with the “Act on the Protection of Personal Information” as well as other relevant laws, regulations, and industry guidelines
6-2. Security measures
The Company makes every effort to protect customer personal information with preventive and security measures to protect against unauthorized access, loss, destruction, tampering, and leaks.
6-3. Organizational system
The Company has an organizational system in place for the protection of personal information within the Company, which includes a Personal Information Protection Officer for the Company as a whole and a Personal Information Management Officer for each division.
The system also includes an audit department for the implementation of internal audits.
6-4. In-house rules for the handling and management of personal information
The Company has established rules for the handling of personal information, to ensure that standards for the appropriate acquisition, maintenance, use, and disposal of personal information are established and adhered to.
The Company has also defined a code of conduct and concrete rules for the activities of those handling personal information, to prevent unauthorized access, loss, destruction, tampering and leaking of personal information.
6-5. In-house training
The Company implements staff training in relation to the protection of personal information and works to protect personal information by ensuring that the content of the training is thoroughly understood throughout the Company.
6-6. Continuous review of in-house rules relating to the handling and management of personal information
The Company continually reviews and improves its rules for the handling of personal information and the organizational system for implementing those rules, to ensure that their implementation continues to be effective and appropriate.
7.Revision and publication of this policy
This Personal Information Protection Policy is subject to revision at any time to respond to revisions and changes in related laws and regulations and to social needs related to personal information. Any revisions are published on this website without delay and the most recent revision date is clearly shown.