Privacy Policy
Basic Policy on the Protection of Personal Information (Privacy Policy)
The corporate mission of Keio Travel Agency Co., Ltd. (hereinafter referred to as “Keio Travel”) is “to promote harmony with the local community, contribute to society, and be trusted by customers.” The objective of Keio Travel’s business is to provide services that satisfy the customers. The corporate mission of Keio Corporation, with which Keio Travel is affiliated, is “to be the most trusted leading company.”
In addition to striving to achieve its corporate mission, Keio Travel’s management believes that it is the company’s societal responsibility to protect its customers’ personal information. Keio Travel protects such information in accordance with the following Basic Policy on the Protection of Personal Information of Keio Corporation.
1.Keio Travel appropriately collects its customers’ personal information.
When Keio Travel requests its customers to submit their personal information, the company clearly states the purpose of use and utilizes such information only within the scope of the stated purposes.
2.Keio Travel manages all customers’ personal information properly and responsibly within the company’s personal information administrative structure.
3.Keio Travel takes action to prevent leakage, loss, and falsification of personal information, and takes the necessary safety measures accordingly.
4.Before providing customers’ personal information to third parties, Keio Travel obtains customers’ consent in advance, unless otherwise required by
laws, and properly provides only the minimum amount of information required.
5.Keio Travel has established company regulations regarding the protection and handling of personal information in accordance with the various laws
and regulations regarding personal information, and strives to observe them.
6.Keio Travel conducts employee training and audits company regulations to ensure that the company regulations regarding personal information are
being observed.
7.If customers request to have their personal information disclosed, Keio Travel will respond to their requests for disclosure, revision, suspension of use,
etc. within the reasonably possible scope.
Established on April 1, 2005
Keio Travel’s policy regarding personal information
Personal information we collect and retain
[Travel business]
Personal information includes a person’s name, telephone number, postal address, e-mail address, gender, birth date, etc., which are necessary for us to provide the relevant travel-related services.
[Insurance business]
Personal information includes a person’s name, telephone number, postal address, e-mail address, gender, birth date, etc., which are entered on application forms for insurance when entering into insurance contracts, etc.
[Others]
Personal information of employment and job opening applicants, employees, etc., as well as personal information of business partners, etc., obtained when exchanging business cards.
Proper and appropriate collection and use of personal information
We appropriately collect and use your personal information to the extent necessary for our business using proper means.
Purpose of the use of personal information
We utilize your personal information submitted when you apply to travel and/or for insurance policies as follows.
Any changes to the purpose of use are made within the scope reasonably considered relevant, and are notified in writing or announced on our website.
[Travel business]
Personal information is used, to the extent necessary, to contact you to arrange and receive accommodation, transportation and other services and provided to the relevant providers of the trip you have requested, and for insurance procedures to cover our liability under the travel contract and expenses in case of accidents. Personal information is also used to develop better travel products and to recommend travel product information to you. Personal information is also imperative when asking you for opinions, feedback, questionnaires, offering special privilege services, creating survey materials, sending e-mail newsletters, etc.
We may analyze and use the personal information and travel history, store the usage history and other data collected from you for the purpose of information dissemination, area strategy and policy considerations, and other purposes.
[Insurance business]
Personal information submitted by you, when we take on an insurance solicitation assignment on consignment from insurance companies, is used within the scope necessary to execute business required to offer non-life and life insurance, and the services associated with them. We have business relationships with multiple insurance companies, and may use your personal information obtained for one company to suggest products and services of other companies to you.
Insurance companies that we do business with
[Other]
Personal information provided by applicants for employment and job openings is used only to the extent necessary to verify the identity of the applicant, to contact the applicant, and for other recruitment and job offer activities. In addition, personal information concerning employees, etc., is used for employment-related and other business purposes.
We will use the personal information of business partners and other parties with whom we have exchanged business cards for the following purposes:
・ To notify, contact, and share information related to the performance of contracts, business negotiations, etc.
・ To manage business partners.
Handling of personal information shared within the Keio Group
We may jointly use personal information obtained through the exchange of business cards with our business partners, etc., as described below.
(1) Types of personal information to be jointly used
The name, company name, address, zip code, telephone number, e-mail address, and other information on a business card.
(2) Scope of joint use
Within Keio Group companies (For details of each company, please refer to the following website.)
https://www.keio.co.jp/group/index.html
(3) Purposes of joint use
・ To notify, contact, and share information related to the “Purpose of the use of personal information [Other]” described above.
・ To introduce and provide information on products and services handled by Keio Group companies.
(4) Party responsible for management of joint use
Keio Corporation (For address and name of representative, please refer to the following website.)
https://www.keio.co.jp/company/corporate/summary/index.html
Provision of personal information to third parties
Except when otherwise provided by law, we provide personal information to third parties (accommodation/transportation agencies, service providers, insurance companies, etc.) to the extent necessary to achieve the purpose of the contract with the customer. When you apply, we will ask for your prior consent to provide your personal information.
Transfer of personal information to third parties located in foreign countries
(1)We may transfer your personal information to third parties for the purpose of arranging travel services provided by a transportation or
accommodation agency, etc. for the trip you have applied for, after informing you of the countries or regions where your personal information
will be provided, etc. In this case, the flow is as follows.
・ Destination countries or regions
We will inform customers orally, by means of brochures, travel condition-related documents, bulletin board messages, etc.,
or electromagnetic means such as on our website or by e-mail.
・ Systems for the protection of personal information in the countries or regions concerned and measures taken by third parties
to protect personal information
Please refer to the attachment below.
(2) We may transfer personal information to outsourcing companies, etc. in foreign countries after taking measures such as
entering into contracts with the outsourcing companies, etc. that require the outsourcing companies, etc. to take appropriate
measures for the protection of personal information.
Safety management measures
We take the following measures to prevent leakage, loss, or damage of personal information and to otherwise manage personal data appropriately. We will also review and improve these safety management measures as appropriate.
(1) Formulation of the basic policy
・The basic policy has been established to ensure the appropriate handling of personal information and to provide
a point of contact for questions and complaints.
(2)Establishment of disciplinary regulations concerning the handling of personal information
・Personal information protection regulations have been established regarding the collection, use, storage, provision,
deletion and disposal of personal information, including handling methods, responsible persons/persons in charge and their duties.
(3)Organizational safety management measures
・Appointment of a person in charge of personal information handling practices
・Clarification of employees who handle personal information and the scope of personal information handled by such employees
・Establishment of a reporting and communication system in the event that facts or signs of the violation of laws or internal rules are detected.
・Implementation of periodic self-inspections of the status of personal information handling
(4)Human safety management measures
・Implementation of periodic training of employees on points to keep in mind regarding the handling of personal information
・Inclusion of confidentiality matters regarding personal information in employment regulations
(5)Physical safety management measures
・Implementation of measures to prevent theft or loss of equipment, electronic media and documents involved in personal information,
as well as measures to prevent access to personal information by unauthorized persons
・Implementation of measures to ensure that personal information is not easily revealed when equipment, electronic media, etc.
that handle personal information are moved, including within the business site
(6) Technical safety management measures
・Implementation of access control to limit the persons in charge of personal information and the scope of personal information to be handled
・Introduction of mechanisms to protect information systems that handle personal information from unauthorized external access or
exposure to unauthorized software
(7) Understanding the outside circumstances
・When personal information is handled outside Japan, safety management measures are implemented based on the understanding
of the system for the protection of personal information in that country.
Procedures for disclosure, revision, suspension of use, etc. of personal information
If you wish to make a request to disclose, correct, add or delete your personal information, or suspend the use of your personal information, please contact the following Inquiries Desk. We will promptly respond to such requests upon confirming the identity of the individual(s) making the request. If all or part of your request cannot be complied with, we will explain it to you.
We will respond to you by the method (data/paper) designated by you after we have received your identification documents. If you wish to receive a written response, a fee will be charged.
About our website
Cookie policy
We use cookie technology to make our website more convenient for our customers. Cookies allow the website to identify your computer, but they do not collect any personally identifiable information such as your name, address, telephone number, or e-mail address. You may set your browser to refuse cookies or to display a warning when cookies are received.
We use Google Analytics provided by Google LLC and use cookies to analyze the site access.
For more information about Google Analytics cookie information collection and information handling, as well as the privacy policy of the services provided by Google, please refer to the following websites. Please use the Google Analytics Opt-out Browser Add-on if you wish to choose how your information is collected.
Google Analytics Terms of Service
https://www.google.com/analytics/terms/jp.html
Google Privacy policy
https://policies.google.com/privacy?hl=ja
Google Analytics Opt-out Browser Add-on
General Data Protection Regulation (GDPR) of the EU
The General Data Protection Regulation (GDPR) of the EU is described on the following page of our website.
Others
To further improve our efforts to protect personal information, or to respond to changes in laws, regulations and other guidelines, we may change our privacy policy or procedures for disclosure, etc., without prior notice.
Inquiries Desk
2-37-3 Sekido, Tama-shi, Tokyo 206-0011
Keio Travel Agency Co., Ltd.
Travel business: Supervisory Section, Travel Business Division
Phone: 050-8885-8210, E-mail:plan@keio-kanko.co.jp
Insurance business: Business Plan Section, Insurance Business Division
Phone: 050-8885-8212, E-mail:hoken1@keio-kanko.co.jp
Other: General Affairs Personnel Section, Administration Division
Phone: 042-375-7211, E-mail:soumu1@keio-kanko.co.jp
Business hours: 9:30–18:00 (excluding Saturdays, Sundays, holidays, year-end and New Year’s holidays)
June 21, 2024
Hiroyuki Kondo,
President-Director, Keio Travel Agency Co., Ltd.
2-37-3 Sekido, Tama-shi, Tokyo
Attachment
Systems for Personal Information Protection in Foreign Countries
When we provide your personal information to third parties in foreign countries for the purpose of making travel arrangements, etc., the information concerning the protection of personal information in those foreign countries is as follows (for specific country names, please refer to the travel itinerary, etc.).
(1) Countries subject to the GDPR (General Data Protection Regulation of the EU) and the United Kingdom
(designated by the Personal Data Protection Commission as foreign countries with privacy policies that offer the same level of protection as Japan)
Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Liechtenstein, Iceland, Norway, U.K.
(Reference: Personal Data Protection Commission Notification No. 1 and No. 5 of 2019)
(2) Countries/regions that have been certified as adequate in accordance with Article 45 of the GDPR
(recognized by the European Commission as those with an adequate level of data protection in accordance with the GDPR)
Argentina, Andorra, U.K., Israel, Uruguay, Canada, Switzerland, New Zealand
(Reference: https://www.ppc.go.jp/enforcement/infoprovision/laws/GDPR/)
(3) Member countries/regions of the APEC CBPR system (those with laws and regulations that comply with the APEC Privacy Framework).
U.S.A., Mexico, Canada, Singapore, Korea, Australia, Taiwan, Philippines
(Reference: https://www.ppc.go.jp/enforcement/cooperation/international_conference/)
(4) Countries that comply with all of the eight principles of the OECD Guidelines on the Protection of Privacy and Transborder
Flows of Personal Data (these guidelines are based on the following eight principles: 1) collection limitation principle,
2) data quality principle, 3) purpose specification principle, 4) use limitation principle, 5) security safeguard principle,
6) openness principle, 7) individual participation principle, and 8) accountability principle.)
China
When we provide your personal information to third parties in foreign countries as described in (1) through (4) above, all such third parties have taken measures to protect your personal information that correspond to the eight principles of the OECD guidelines.
Systems for the protection of personal information in certain countries or regions are available on the website of the Personal Information Protection Commission. Please refer to the Survey of Systems for Personal Information Protection in Foreign Countries on the website.
(Reference: https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/)