Privacy Policy

1. Basic policy

Hotel Granvia Hiroshima Co., Ltd. (hereinafter referred to as "The Company") has established this privacy policy and organizational system for the handling of the personal information of all stakeholders (customers, job applicants, external business partners of The Company, etc.) who are related to the business of The Company or use the corporate website of The Company (hereinafter referred to as "The Website") and strives for the appropriate protection of personal information.

(1) Acquisition of personal information

The Company acquires the following personal information for the purpose of providing services or business operations of The Company. The Company acquires personal information within the scope of its intended purposes of use and clearly explains purposes of use, the scope of utilization, and the inquiries office of The Company, etc.

(2) Prohibition on the use of personal information beyond the intended purposes and the provision of personal information to third parties

The Company uses personal information within the scope of its intended purposes of use, appoints a Personal Information Protection Manager and has established the organizational system for the protection of personal information. The Company deals with personal information adequately and does not provide or disclose personal information to third parties without the consent of Persons Concerned or request by laws and regulations.

(3) Assigning of personal information

In case that The Company entrusts all or part of personal information, The Company prohibits entrusted persons from leaking or providing personal information to third parties by contract and supervises entrusted persons appropriately.

(4) The rights of Persons Concerned

The specific individuals identified by personal information (hereinafter referred to as "Person/s Concerned") have the right to withdraw their consent to the use of personal information at any time even if they had consented to the intended purposes before. In addition, Persons Concerned have the right to request The Company for a utilization cease, disclosure etc. of the retained personal information pursuant to the provisions of applicable laws.

(5) Procedures of a utilization cease, disclosure etc. of personal information

In case that Persons Concerned request The Company a utilization cease, disclosure etc. of the retained personal information, they shall contact the inquiries office specified by The Company. The Company shall respond as soon as reasonably possible.

(6) Observance of laws and regulations

The Company observes applicable laws, regulations and standards, provides in-house education, informs employees of this privacy policy and strives for the improvement of understandings of employees on the handling of the retained personal information.

(7) Maintenance and improvement of the system for the protection of personal information

The Company will continuously evaluate and review this privacy policy and the systems for the protection of personal information. The Company will maintain and improve the actions for the protection of the retained personal information.

(8) Handling personal information by link destinations

The Company shall bear no responsibility with regard to the handling of personal information by other entities or individuals linked to The Website.

(9) Management of personal information

・If any part of the acquired personal information is to be managed in the database of an overseas third party service provider contracting with The Members' Organization, The Members' Organization shall take security management measures based on the understanding of the relevant country's systems for personal information protection.
・The Company shall define the retention period for personal information within the scope of its intended purposes of use, and after the retention period, delete the relevant personal information without delay, unless otherwise required by laws and regulations.

2. Definition of personal information

The term "personal information" in this privacy policy means information related to a living individual that can identify a specific individual by name, date of birth or other description contained in. (This includes the "personal information" defined by Article 2(1) of the Act on the Protection of Personal Information.)

3. Acquisition and purposes of use of personal information

The Company acquires and uses the following personal information for the following intended purposes. The Company does not use personal information beyond the scope of intended purposes of use without the consent of the Persons Concerned.

(1) Personal information of customers

1 Personal information acquired

Name, age, gender, date of birth, occupation, address, telephone number, email address, nationality, passport number and other information necessary for the following purposes of use.

2 Purposes of use

  1. <1> For performing work required to provide services and products in The Company business (accommodation, restaurants, shops, banquets, wedding receptions, catering, etc.).
  2. <2> For providing services and products such as on-line booking reservations and sales, and other related businesses.
  3. <3> For handling inquiries and requests, etc.
  4. <4> For providing necessary information on the products, services, events and other related business activities of The Company.
  5. <5> For providing information on the products, services and events of The Company to the customers who have consented to sending by direct mail and email, etc.
  6. <6> For offering prizes or campaigns.
  7. <7> For grasping and analyzing state of usage of the products, services and events of The Company to improve their quality.
  8. <8> For exercising rights and performing duties based on laws and the provisions of terms and conditions for accommodation.
  9. <9> For other purposes of use indicated at the time of acquisition of personal information.

(2) Personal information of job applicants

1 Personal information acquired

Name, age, gender, date of birth, address, telephone number, email address, and other information necessary for the following purposes of use.

2 Purposes of use

  1. <1> For performing work required for recruitment activities, the procedures and contracts of employment, and other required work.
  2. <2> For handling inquiries and requests, etc.
  3. <3> For other purposes of use indicated at the time of acquisition of personal information.

(3) Personal information of external business partners of The Company

1 Personal information acquired

Business card information and other information on external business partners of The Company necessary for the following purposes of use.

2 Purposes of use

  1. <1> For concluding and performing contracts with external business partners of The Company and other required work.
  2. <2> For handling inquiries and requests, etc.
  3. <3> For other purposes of use indicated at the time of acquisition of personal information.

(4) Personal information of members of the "JR Hotel Members" organization.

1 Personal information acquired

Member number, password, name, age, gender, date of birth, address, telephone number, email address, employer information and history of providing and use of points, and other information necessary for the following purposes of use.

2 Purposes of use

  1. <1> For performing works required within the scope of the purposes of use set forth in 3(1)2 of this privacy policy.
  2. <2> For performing works required for the operation of the "JR Hotel Members" organization (hereinafter referred to as "The Members' Organization") by The Company.
  3. <3> For providing important information such as changes to the membership agreement, terms of service or benefits of The Members' Organization.
  4. <4> For other purposes of use indicated at the time of acquisition of personal information.

3 Other agreements of The Members' Organization

Membership agreement of the "JR Hotel Members" organization

Terms of service of the "JR Hotel Members" organization

4. Handling of personal information and safety protection

(1)We assign a manager on each business that handles personal information.

(2)We take security measures to prevent unauthorized access to personal information, loss, destruction, falsification, or leakage of personal information.

(3)We establish rules and manuals regarding the handling of personal information, then widely disseminate them throughout the company and group companies, and provide guidance and supervision.

(4)We will properly select the outsourcing company and provide guidance and supervision to conduct appropriate management in the same way as we do in our company, when we outsource the processing of personal information to a third party.

  1. (5)Physical security management measures

    ・We take access control measures in areas where personal data is handled.
    ・We take measures to prevent theft or loss of devices, electronic media, documents, etc. used to handle or that may contain personal data, as well as measures to prevent the relevant individual from being identified easily from the personal data contained therein in case such devices, electronic media, etc. are carried around within or outside an office.
    1. (6)Technical security management measures

      ・We take access control measures to limit the scope of the persons handling personal information and the personal information database to be handled.
      ・We have introduced systems to protect information systems for handling personal data from external unauthorized access or illegal software, as well as measures against information leakage etc. that are necessary for communication containing personal data.

5. Sharing of personal information

The Company shares personal information within the scope of its intended purposes of use as follows.
When the sharing users have established policies for personal information, their policies shall be applied for their use.

(1) Sharing of personal information on the business of The Company(accommodation, restaurants, banquets, wedding receptions, catering, etc.)

1 Scope of the sharing users

• Member companies of The Members' Organization (*1), the JR Hotel Group (*2), and JR-West Hotels (*3).
 *1 Shown in Article 1 of the Terms of Service of the JR Hotel Members Organization
 *2 Including JR Hokkaido Hotels Co., Ltd., JR Shikoku Hotels Co., Ltd., and JR Kyushu Huis Ten Bosch Hotel Co., Ltd., in addition to *1
 *3 Included in *1
• JR West Via Inn Co., Ltd.

2 Purposes of sharing use

For providing services and products of The Company business (accommodation, restaurants, shops, banquets, wedding receptions, catering, etc.), services and products such as on-line booking reservations and sales, and other related businesses.

3 Categories of sharing Information

Member number, password, name, age, gender, date of birth, address, telephone number, email address, employer information and history of providing and use of points and other information necessary for the above purposes of sharing use.

4 Name of a person responsible

Hotel Granvia Hiroshima Co., Ltd.

(2) Sharing use of personal information related to the provision of services and products in all tenant shops in the hotels that The Company operates

1 Scope of the sharing users

All tenant shops in the hotels that The Company operates.

2 Purposes of sharing use

For providing services and products of The Company business (accommodation, restaurants, shops, banquets, wedding receptions, etc. ) and other related businesses.

3 Categories of sharing Information

Name, age, gender, date of birth, address, telephone number, email address, and other information necessary in the scope of above purposes of sharing use.

4 Name of a person responsible

Hotel Granvia Hiroshima Co., Ltd.

6. Provision of personal information to third parties

The Company does not provide personal information to third parties without obtaining the consent of Persons Concerned in advance except in cases set forth in the following categories.

(1) Cases where The Company provides personal information to third parties

1 Cases where disclosure or provision is requested based on laws and regulations

2 Cases where there is a need to protect a human life, body or fortune, and when it is difficult to obtain the consent of Persons Concerned

3 Cases where there is a special need to enhance public hygiene or promote fostering healthy children, and when it is difficult to obtain the consent of Persons Concerned

4 Cases where there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing public affairs, and when there is a possibility that obtaining the consent of the Persons Concerned would interfere with the performance of the said public affairs

5 Cases where disclosure or provision to a third party has been requested clearly by Persons Concerned

(2) Disclaimer regarding provision to a third party

In the following cases, The Company will bear no responsibility whatsoever with regard to the acquisition of personal information by third parties.

1 Cases where disclosure or provision is requested based on laws and regulations

2 Cases where personal information is disclosed to third parties by Persons Concerned

3 Cases where personal information is provided to or used on external websites linked to The Website by Persons Concerned

4 Cases where third parties obtain information that could identify an individual (password, etc.) for reasons not attributable to The Company

(3) Appropriate management and supervision over entrusted persons

In case of The Company entrusts the handling of personal information to third parties within the scope of intended purposes of use, The Company shall take appropriate consideration for the selection of entrusted persons, conclude a non-disclosure contract with them, guide them for the proper management of personal information and exercise appropriate supervision over them.

7. Transfer of personal information outside of the European Economic Area (EEA)

The Company may transfer the personal information of Persons Concerned who reside in the European Economic Area (EEA) to the terrain outside of the EEA and use within the scope of intended purposes of use. In these cases, The Company shall appropriately and strictly handle the personal information under applicable laws. Please see below for the handling of the personal data of persons who are in the EEA.

≪"Privacy Policy on the Handling of the Personal Data of Persons Who are in the EEA"≫

8. Rights of Persons Concerned

Persons Concerned have the right to demand actions such as the notification of the purposes of use, disclosure, correction, deletion, utilization cease, or ceasing of provision to third parties (hereinafter referred to as "Utilization cease, Disclosure, etc.") of the retained personal information pursuant to the provisions of applicable laws. Persons Concerned have the right to withdraw their consent to the use of personal information at any time even if they had consented to the intended purposes before.
Persons Concerned have the right to object to their local supervisory authorities with jurisdiction over the protection of personal information if they are dissatisfied with the handling of personal information by The Company.

9. Procedures of Utilization cease, Disclosure, etc.

In case that Persons Concerned request The Company for Utilization cease, Disclosure, etc., The Company shall respect the will of the Persons Concerned, confirm the identification of the Person Concerned and respond for the reasonable period pursuant to the provisions of applicable laws.

However, The Company may refuse said request:
- where there is a possibility of violating the laws or regulations,
- where there is a possibility of harming third party’s life, body, fortune or other rights and interests,
- where there is a possibility of significantly interfering with The Company implementing its business,
- where the said personal information does not exist,
- where The Company cannot confirm the identification of the Persons Concerned,
- and where Persons Concerned do not pay the prescribed fee.

When Persons Concerned request Utilization cease, Disclosure, etc., please contact the personal information inquiries office below.

(1) Personal information inquiries office

[Personal information inquiries office]
Address:
1-5 Matsubara-cho Minami-ku
Hiroshima, 732-0822 Japan
Personal Information Inquiries Office, Hotel Granvia Hiroshima Co., Ltd.

(2) Purpose of use of personal information acquired due to requests for Utilization cease, Disclosure, etc.

The Company will use personal information acquired due to requests for Utilization cease, Disclosure, etc. within the scope of purposes required for the procedures for Utilization cease, Disclosure, etc. The Company will appropriately dispose of the documents submitted in the procedures for Utilization cease, Disclosure, etc.

10. Protection of the personal information of minors

The Company handles the personal information of minors appropriately in accordance with this privacy policy. When Persons Concerned is minor, The Company may require the consent of persons in parental authority for acquiring the personal information. If Persons Concerned is less than 13 years of age, The Company shall require the consent of persons in parental authority and give special consideration to the handling of their personal information.

11. Use of cookies

The Website may use cookies to improve the information and services provided and to offer comfortable use of The Website.
For details, please refer to the "Cookie policy" of The Website.

12. Acquisition of access logs

The Website may acquire access logs to improve the use of The Website and to generate statistical data. The Company does not disclose access logs to third parties unless otherwise required by laws and regulations. If you refuse to send access logs, The Website may not function properly.

13. Revision of this privacy policy

The Company will revise and improve this privacy policy to respond to changes in related laws, regulations, the social environment, etc. The Company will post the revised privacy policy on The Website.

14. Personal information inquiries office

Please contact the personal information inquiries office below when you have any inquiries about this privacy policy.
Personal Information Inquiries Office, Hotel Granvia Hiroshima Co., Ltd.
1-5 Matsubara-cho Minami-ku Hiroshima, 732-0822 Japan -
To contact us about inquiries, please fill in the inquiry form here
hours: 9.00 - 18.00 (excluding weekends and public holidays)
Personal Information Protection Manager: General Manager, General Affairs Division, Hotel Granvia Hiroshima Co., Ltd.


Updated: December 21, 2022

Privacy Policy on the Handling of the Personal Data of Persons Who are in the EEA

Hotel Granvia Hiroshima Co., Ltd. values your privacy and is committed to protecting your personal data in accordance with applicable privacy laws. This Privacy Policy (the “Privacy Policy on the Handling of the Personal Data of Persons Who are in the EEA”) is aiming to confirm to handle personal data located in EEA legally and appropriately.

1. What personal data is collected about you?

Certain activities on our Site require the collection of your personal data. The categories of personal data we may collect and process include:

  • - contact information that assists us in communicating with you, including your name, age, mailing address, nationality, telephone numbers, email address and occupation etc. you provide on our website
  • - As needed, credit card information etc. to provide the service requested by our customers

2. How and for which purposes does Hotel Granvia Hiroshima Co., Ltd. use the personal data that has been collected?

We uses your personal data collected on the Site to:

  • - manage our customer relationship, including interacting with you, fulfilling your orders and requests
  • - send you from time to time information on products and services, promotions etc., subject to your consent where required
  • - research and analyze the use trend of customer

3. Legal Grounds

We may collect and process your personal data based on the following legal grounds:

  • - your consent
  • - performing a contract with you
  • - addressing legal obligations
  • - protecting public interests, performing the public authority for the public interests
  • - protecting our customers’ important interests
  • - or based on the legitimate interests of Hotel Granvia Hiroshima Co., Ltd., which are our usual business activities.

4. With whom may your personal data be shared?

Hotel Granvia Hiroshima Co., Ltd.will share your personal data only with the following business partners and third parties:

Hotel Granvia Hiroshima Co., Ltd.sometimes uses third parties, such as IT service providers, to perform tasks on its behalf and may need to share your personal information with them for the purpose described in the above paragraph 2. Any processing of that personal data will be on our instructions and compatible with the original purposes.

As required by law, Hotel Granvia Hiroshima Co., Ltd. may disclose your personal data to law enforcement officials, in order to comply with legal requirements, court orders, government or law enforcement agency requests, including to meet national security or law enforcement requirements, and including to agencies and courts in the countries where we operate.

5. The kind of security measures that are in place to protect your personal data

  • - We apply technical, physical and organizational measures that are designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful forms of processing.
  • - Access to personal data is restricted to authorized recipients on a need-to know basis. We also maintain a data security practice that is proportionate to the risks associated with the processing of your personal data. The practice is continuously adapted to protect personal data, taking into account industry-accepted practices.
  • - Hotel Granvia Hiroshima Co., Ltd. is not responsible for the safety of your personal data transmitted to the websites of any other companies that may be linked to this Site. Visitors to any such websites should refer to such websites’ privacy policies and practices.

6. Your rights regarding your personal data

You have the right to:

  • - Right of access by the data subject (GDPR Article 15);
  • - Right to rectification (GDPR Article 16);
  • - Right to erasure ('right to be forgotten') (GDPR Article 17);
  • - Right to restriction of processing (GDPR Article 18);
  • - Right to data portability (GDPR Article 20);
  • - Right to object (GDPR Article 21);
  • - Automated individual decision-making, including profiling (Article 22);

7. Access

By accessing and using the Site, you understand and agree to the collection, processing, international transfer and use of your personal data as set forth in this Privacy Policy.

Where required by law, we will ask your explicit consent. You may always object to the use of your personal data for direct marketing purposes or withdraw any consent previously granted for a specific purpose by clicking on relevant links on our websites, following the directions contained in an email or by contacting us at the email address described in the below paragraph 11.

8. Retention

We may retain your personal data no longer than necessary for the purposes for which they were collected or as required by applicable law.

9. Cookie

As is the case with many websites, our Site may use cookies and other automated information collection means, subject to your consent where required. Cookies are information about you from our website that is stored on your browser or hard drive. Cookies save you time because you do not need to manually re-enter the information stored on your hard drive. Cookies also help us upgrade our website by showing when and how users use our website. You can set your browser to notify you when a cookie is sent or refuse cookies altogether, but certain features of our website might not work without cookies.

10. Changes to this Policy

As this Privacy Policy can be modified at any moment without prior notice, we will update the updated date at the bottom of this policy when we change this policy, so please refer to it on a regular basis.

11. Contact

If you request the right to be performed described in the above paragraph 6 or if you have any inquiries about this privacy policy and the protection/processing of the personal data, please contact the below.
Regarding the personal data provided for the inquiries, we will use them only to respond to the inquiries etc.


[contact]
【EU/UK representative】
You may contact our EU/UK representative using the contact details below.
EU Representative
DP-Dock GmbH
Address: Ballindamm 39, 20095 Hamburg, Germany
Website: http://www.dp-dock.com
E-mail Address: hotel-granvia-hiroshima@gdpr-rep.com

UK Representative
DP Data Protection Services UK Ltd.
Address:16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom
Website: http://www.dp-dock.com
E-mail Address: hotel-granvia-hiroshima@gdpr-rep.com

12. Supplementary Provision

These terms are translated from the original Japanese. The original Japanese version takes precedence over this English translation.


Updated: April 1, 2024
Updated: April 1, 2021

Hotel Granvia Hiroshima Co., Ltd.
President, Representative Director, and Executive Officer: Masayoshi Shimada