HANKYU TRAVEL INTERNATIONAL CO,LTD.

GDPR Compliant Privacy Statement

1. Principles of processing personal data

Hankyu Travel International Co., Ltd. (the “Company”) shall process personal data in accordance with the following principles.

The Company shall:
Process personal data lawfully, fairly and in a transparent manner in relation to a data subject.
Process personal data only to the extent necessary for achieving the purposes specified in advance.
Store personal data for the period necessary for achieving the purposes.
Maintain personal data accurately and kept up to date to the extent necessary for the purposes.
Process personal data by implementing appropriate technical and organisational measures.

2. The purposes of personal data processing

The purposes of processing the personal data processed by the Company are as follows:
For personal data of the general public and persons from business counterparties
  • ( 1) Contacting the general public and persons from business counterparties
  • ( 2 ) Making arrangements for the tour services provided by transportation and accommodation facilities for the tour you have applied for ,as well as for you to receive such services
  • ( 3 ) Making various procedures for the tour
  • ( 4 ) Fulfilling our responsibilities under the contact and making insurance procedures to secure expenses in the event of an accident
  • ( 5 ) Providing you with information on our company’s and our affiliated companies’ products
  • ( 6 ) Obtaining your opinions and impressions after participation in a tour
  • ( 7 ) Requesting your cooperation with questionnaires
  • ( 8 ) Providing special services
  • ( 9 ) Producing statistical data
  • (10) Using “cookies”,“IP address”,“browser type”and“access date and time”etc. restrictively, in the smooth administration of the service that our website provides, as well as using it as reference
  • (11) Providing personal data to a third party for achieving one or more of the purposes (1) through (10) above
For personal data of employees of the Company and the Company’s group
  • ( 1 ) Engaging in work management, employee welfare, and health and safety
  • ( 2 ) Providing education and training
  • ( 3 ) Communication and notifications
  • ( 4 ) Providing personal data to a third party for achieving one or more of the purposes (1) through (3) above

3. Legal basis of processing personal data

The Company shall process personal data based on one of the following legal bases
The processing is necessary to perform the obligations under the contract with the data subject.
The processing is necessary to secure legitimate interests pursued by the Company.

4. Providing personal data to a third party

We provide the personal data to a third party as a part of the processing of personal data based on the legal basis.
The provision is as follows:
・Transportation agencies
・Accommodation facilities
・Other arrangement suppliers of travel service
If the Company transfers personal data from the territory of European Economic Area (EEA) to outside the EEA, it shall implement safeguards required under applicable laws and regulations.

5. Obtaining personal data from a third party

The descriptions and source of personal data that the Company obtains from a third party are specified as follows:
Personal data to be obtained from a third party: Name , Age , Sex
Source of personal data: Travel agencies of European Economic Area (EEA)

6. Taking actions on the rights of data subjects

The Company shall take appropriate actions on the data subject’s requests on the processing of personal data concerning him or her in accordance with applicable laws and regulations. The requests of the data subject shall include:
Access to the personal data
Rectification or erasure of the personal data
Restriction on the processing of the personal data
Lodging a complaint against the processing of the personal data The data subject may lodge a complaint with the supervisory authority.
Data portability of the personal data
Withdrawal of consent on the processing of the personal data
Contest against the processing of the personal data

7. Safeguards for the protection of personal data

The Company shall implement appropriate, necessary measures including measures against, including but not limited to, illegal access, computer viruses to prevent incidents such as loss, destruction, manipulation or leakage of personal data. The Company shall also provide appropriate, necessary supervision over its employees, contracted processors, etc. to ensure the protection of personal data.

8. Inquiry contacts

Hankyu Travel International Co., Ltd.
CSR & Compliance promotion section
phone number : 06-4795-5709
e-mail address:csr@hei.hankyu.co.jp