NOE CORPORATION (“the Company”) shall handle the personal information obtained from its customers (“EEA Personal Data”) by a legal, fair, and transparent means. The Company shall also securely manage the EEA Personal Data and take protective measures to prevent a leak, loss, or corruption thereof.
The main categories of the EEA Personal Data that the Company acquired from customers when they apply for travel plans, the purposes of use, and storage period thereof are specified below.
The Company shall handle the EEA Personal Data only when the Company obtains the customer’s consent for handling it, including for the purposes of use, and when any of the following situations applies.
※1 When preceding Paragraph 1-(2) applies. For example, when the Company notifies the customer’s data, including the customer’s address, to the transportation or accommodation agency, in the event of receiving an application for a travel plan and making arrangements with the transportation or accommodation agency specified by the customer, or when the Company undertakes the procedures (such as, obtaining a visa) necessary for the customer’s travel plan;
※2 For example, when the Company complies with a data disclosure order from a government body pursuant to a law or regulation;
※3 For example, when providing the customer’s data to a related agency, such as the police or a hospital, is required, in the event the customer’s life is seriously threatened due to accidents or other situations during the customer’s travel; or
The Company shall obtain a customer’s prior consent to undertake the procedures regarding the customer’s travel plan. Furthermore, the Company shall acquire, use, and transfer a customer’s EEA Personal Data in special categories (such as, a customer’s health condition and physical features), within the scope of fulfilling the purpose of the customer’s travel plan. The Company will not handle this EEA Personal Data for a purpose other than the indicated purpose of use.
The Company shall develop, appropriately implement, and manage its structure to conform with the standards set forth in the General Data Protection Regulation (GDPR) regarding EEA Data, when it transfers the EEA Personal Data to outside the EEA (including relocation).
The Company shall implement technical, physical, organizational, and personal security management measures to prevent a leak, loss, or corruption of the EEA Personal Data and otherwise to manage other EEA Personal Data securely, in order to manage its customers’ EEA Personal Data appropriately.
The Company might provide its EEA Personal Data acquired from customers to a third party to the extent necessary to execute or perform the below-listed agreements depending on the types of services.
In this event, the Company shall send the EEA Personal Data and other information regarding the customer’s name, passport number, and expected flight number by an electronic or other means.
The Company might contract part of its business externally to provide the customer better services under the Company’s business operations. In this event, the Company shall examine the contractor’s handling conditions, including its secure management measures. Thereafter, the Company shall choose a suitable contractor, determine matters necessary to prevent a leak of the customer’s EEA Personal Data through measures, such as suitable management and confidentiality obligations in an agreement or other similar document, and make the contractor manage the EEA Personal Data appropriately.
In this event, the Company shall transmit its customers’ EEA Personal Data and other information necessary for the contracted services by an electronic or other means.
The Company shall comply with the applicable laws, rules, and regulations regarding its customers’ EEA Personal Data, and shall appropriately review and improve its above-described initiatives. Moreover, the Company might cooperate with an EEA Personal Data announcement based on providing materials during a police investigation or a request from relevant bodies in relation to the occurrence of incidents or other situations.
A customer has the following rights with respect to the customer’s own EEA Personal Data.
The Company would respond to a customer’s request within a reasonable scope, after verifying the customer is the identified person, if the customer desired to examine or revise the customer’s own EEA Personal Data in the above situations.
A customer uses the Company’s website at the customer’s own responsibility.
NOE CORPORATION is not liable in any way for any damages arising due to the use of any information acquired from the Company’s website or other webpages linked by the Company’s website, unless the operating company for the relevant services is liable therefor.
The Company’s website can be accessed from all over the world. However, the guidelines and other standards set forth in Japanese laws and by Japan shall apply to both the customers accessing the Company’s website and NOE CORPORATION regarding the use of the Company’s website, regardless if a discrepancy exists with the laws of the country where the Company’s website is accessed.
The Company’s website is operated under the management by NOE CORPORATION.
The Company nominates the following person to be the Data Protection Officer for the EEA Personal Data. The details are below.
Data Protection Officer for EEA Personal Data: Manager of the Corporate Planning Office
Contact: telephone number +81-3-3254-7601
The below Help Desk accepts customers’ inquiries regarding the EEA Personal Data.
Corporate Planning Office
Sumitomo Fudosan Kanda Building No. 2, 15F
1-23-1, Kandasuda-cho, Chiyoda-ku Tokyo, 101-0041
Tel: +81-3-3254-7601 (hours of operation: 9:00-18:00*(Japan time))
Inquiries received on Saturdays, Sundays, national holidays, and during the year-end and new-year period will be handled the following business day.
■Consents for EU Personal Data acquisition (Request form for travel)
■Applications/reports including disclosure of EU Personal Data
(These application forms are accepted only by post.)