Visit Kyotango provides many different kinds of services. When you make use of these services, we collect, use, and store your information accordingly.
What This Policy Covers
Visit Kyotango aims to provide you with a unique and personalized experience when you interact with our services.
Please only use the Services or the Membership Service after you have carefully read and understood this Policy and other applicable terms. In using the Services or the Membership Service, you represent that you understand the contents of this Policy, and that you consent to our collection, use, transfer and retention of information about you as described herein.
If you have any questions or inquiries regarding this Policy, please contact us using the information provided in Section 9 (“Contact Us”).
The Information We Collect
For the purposes stated in Section 3 (“Use and Retention of Your Information”), we collect information about you as described in this Section 2. This includes information that you give us directly, information about your use of the Services, and information received from third parties. All the personal information that we collect and use in accordance with this Policy is centrally managed and stored by Visit Kyotango.
- 2-1.Your log-in information:
- Your username and password
- Your name and email address
- 2-2.Information related to your use of the Membership Service and the Services:
- Information you give us in connection with your username, such as your gender, age, date of birth, telephone numbers, and address.
- Information relating to your use of the Services (including activities such as page viewing and comment posting), or to the transactions you make using the Services, such as purchases or subscriptions (including the payment methods you use)
- 2-3.Payment information and information used for personal identification:
- Information relating to payment settlements, such as credit card information, bank account information, and e-money related account information.
- Documents that we are required by law to collect in order to authenticate your identity (such as your driver’s license, health insurance certificate or certificate of residence), and the information included therein.
- 2-4.Device information and information obtained using Cookie Technologies:
When you use the Membership Service or the Services, interact with any content or advertising related to such services, or validate any cookies, web beacons, unique identifiers and other related technologies (collectively, the “Cookie Technologies”) that we employ, we automatically collect certain information about you and the device you are using.
Such information may include:
- Device ID or other information that allows us to identify the device you are using;
- Operating system and internet connection related information;
- Geo-location information;
- Referring URL;
- IP Address;
- URLs viewed and time stamp of time viewed
- Server log information other than the above
- Information related to products and services displayed and searched
- 2-5.Information we collect from other sources
During your use of the Membership Service and the Services, we may request, collect and store information about you from publicly available sources and third parties, such as your credit information and information necessary for fraud prevention and detection, as may be necessary from time to time and as permitted under applicable law. In addition, based on your separate consent, we may receive other personal information about you from third party sources.
Unless necessary for the purpose of providing you with the service in question or for another legally permissible reason, during your use of the Services or the Membership Service, we do not intentionally collect or use information of yours that may be considered sensitive, such as information relating to your race, religion, social status, medical or criminal history, or whether you were a victim of a crime (together, “Sensitive Information”). In the event that you voluntarily give your Sensitive Information to us, we will treat such information as information related to your use of the Membership Service and the Services (2-2) that has been provided to us with your express consent, and process it in accordance with this Policy.
Use and Retention of Your Information
We use the personal information that we collect to provide you with the single log-in function as part of the Services and the Membership Service, and advertising and marketing content in accordance with your interests and preferences; to conduct research and development, to respond to customer inquiries, and to prevent and mitigate fraudulent or illegal activities.
Specifically, we may use the information we collect about you for the purposes listed below:
- 3-1.To provide you with the Membership Service and the Services:
- To enable your use of the Membership Service and the Services
- For the provision of personalized services, content, and information related to the Membership Service and the Services
- 3-2.To provide you with advertisements, promotion and marketing content:
- To display or send to you advertising content, such as direct mail or email newsletters, with your consent, or via methods otherwise permitted under applicable law
- For the display, introduction, or advertisement of products and services offered by us and our third party partners on our websites or on other advertising media that we manage or operate
- 3-3.To undertake service improvement, research and development:
- To improve existing services and conduct R&D for the development of new services
- 3-4.To respond appropriately to customer inquiries:
- So that we may respond appropriately to customer inquiries, complaints, or requests in relation to our services and advertisements
- 3-5.To prevent and mitigate fraudulent or illegal activities:
- For the prevention, identification and investigation of scams, cyber-attacks, and other potentially illegal or fraudulent activities, or in relation to any other activities necessary to protect the legal rights of Visit Kyotango and/or the rights of third parties
We may retain information about you for as long as it is necessary to fulfill the purposes described above. In order to comply with our obligations under applicable law, collect fees owed, resolve disputes, enforce our legal rights, and to undertake any investigations necessitated by the foregoing, some of your information may be retained in our systems even after your account becomes closed.
Disclosure of Information about You
- 4-1.Disclosure to Sellers of Goods and Services
We provide your personal information to sellers and relevant service providers (each a “Merchant”), including those located outside of Japan, when you use the Services to purchase products, or to request transaction related services such as a booking confirmation (including offers to make transactions). In such cases, we only disclose your information to the extent necessary to effect the transaction.
Personal information provided for the purpose of effecting transactions between you and Merchants is managed by the Merchants. In addition to completing the transaction you have requested, Merchants may use your personal information for the purposes of providing you with information via email newsletters after the transaction, analyzing your purchases and use of their services, or for the improvement of their own business operations.
Please exercise caution when disclosing any information to the Merchants as any information which you disclose directly to the Merchants will not be governed by this Policy. Any such disclosure will be subject to the privacy notices that they provide.
- 4-2.Disclosure to Other Third Parties
In addition to the disclosures described above, we may also disclose your personal information to certain trusted third party service providers, including those located outside of Japan, where necessary to carry out our business operations.
Please be assured that we will only disclose your personal information in compliance with applicable law, and with the appropriate management and supervision of the relevant third parties.
On occasion, judicial or regulatory authorities may request access to or disclosure of information about you for law enforcement purposes. Such requests typically pertain to criminal investigations or other legal proceedings. Where they are necessary and legitimate, we will respond to such requests in accordance with our internal policies and applicable law.
Additionally, in cases where it is necessary to prevent and mitigate fraudulent or illegal activities (3-5), or to protect life, body, or property, we may disclose your personal information or to a third party.
We will not use or disclose your information for purposes not set forth in this Policy without informing you and taking any necessary steps in advance as required under applicable law. Regardless of the purpose, we will not sell or rent information about you to a third party without your express consent.
As a principle, you will have a choice whether to provide information to us. However, where you have a choice and decide not to provide us with certain information, you may not be able to make use or take advantage of all of the features of the Membership Service or the Services. You may also be unable to receive certain information that may otherwise benefit you, such as notifications of campaigns or promotions.
You can change your preferences for receiving promotional email and your preferred contact methods at any time by following the relevant instructions on our websites.
Accessing Your Information
If you would like to access your information in written form, or through a means other than your Account management page, please contact us via the method described in Section 9 (“Contact Us”). Fees may apply. In some cases, depending on the nature of the information and how it is stored, it may not be possible for us to fulfill your request.
Security and International Transfers
We are committed to handing your personal information in accordance with high security standards and in compliance with applicable law. We do so in order to prevent unauthorized access or unauthorized disclosure of your information, to maintain the accuracy of such information and, when necessary, to ensure its proper destruction. When collecting or transferring your personal information, we employ data encryption technology, and restrict access only to those persons who require it to fulfil their job responsibilities. We conduct periodic reviews of our practices to ensure that our safeguards are properly implemented and remain state of the art.
Because of the global nature of our business, the information that we collect from you may be transferred to countries whose data protection laws are not as comprehensive as those from where you are based. When we transfer personal information overseas, we put in place adequate measures.
In order to maintain the security of your Account it is essential that you take adequate measures to protect your password. You should not use the same password that you use for other services, and you should never share your password with anyone. Please treat any email or other communication requesting your password as unauthorized and suspicious and forward the communication to us, using the contact method provided in Section 9 (“Contact Us”).
If you do share your password with a third party for any reason, including when the third party has promised to provide you additional services such as account aggregation, the third party will have access to your Account and your personal information. In such cases, to the extent that the liability is not attributable to us, we are not liable for any losses or damages that you may incur as a result of activities that take place on your Account. If you believe someone else has obtained unauthorized access to your password, please change it and contact us immediately.
From time to time, in order to comply with changes in applicable laws or for legitimate business purposes, we may make changes to this Policy. Any changes we make will be displayed on this page. Please check back from time to time to ensure that you have read the most recent version of this Policy.
If you have any questions or concerns regarding the contents of this Policy or other aspects of how your personal information is handled, please contact us. we will respond without undue delay to you. Please note that when contacting us, we may ask you for certain information so that we can verify your identity and respond to your request appropriately.
(1)to fulfil our contractual obligations to you, for example to provide the Membership Service and the Services, which includes services for you and a Merchant to arrange a commercial transaction;
(2)to comply with our legal obligations, for example obtaining proof of your identity to enable us to meet our anti-money laundering obligations; and
(3)to meet our legitimate interests, for example to understand how you use the Membership Services and the Services and to improve them and to provide tailored marketing messages to you via certain channels. Our legitimate interests to process your personal information consist of our missions and desires to provide you with a unique and personalized experience.
Additionally, we may ask you to give us your consent to collect and use certain types of personal information, for example, when we would like to send you e-mail marketing messages and process Sensitive Information. If we ask for your consent to process your personal information, we will ensure that you may withdraw your consent at any time.
We will keep your personal information necessary for fulfil our contractual obligations for as long as we have a relationship with you, and for a period of 10 years thereafter. Other information, such as Device information and information obtained using Cookie Technologies, will used and retained at maximum for 2 years after the collection. We will only retain your personal information after this time if we are required to do so to comply with the law, or if there are outstanding claims or complaints that will reasonably require your personal information to be retained.
(1)Merchants, service providers and business partners;
(2)Law enforcement agencies, courts, regulators and government authorities; and
Because we operate as part of a global business, the recipients referred to above may be located outside the jurisdiction in which you are located (or in which we provide the services). See the Section 4 (“Disclosure of Information about You”) above for more information.
In relation to Sections 5 (“Your Choices”) and 6 (“Updating Your Information”), you may be granted the additional rights under the GDPR, including the followings:
(1)The right to erase your personal information;
(2)The right to restrict our use of your personal information;
(3)The right to object to our use of your personal information; and
(4)The right to receive your personal information in a usable electronic format and transmit it to a third party (right to data portability).
If you would like to discuss or exercise such rights, please contact us via the method described in Section 9 (“Contact Us”). However, please note that your rights of privacy or personal data will not be absolute rights so we may not be responsible for accepting your requests when the law permits us not to do so.