odakyu RESORTS株式会社 小田急リゾーツ

PRIVACY POLICY

We at Odakyu Resorts Co., Ltd. (“we”, “us”, “our” or “Odakyu Resorts”) value your privacy and are committed to taking care of your Personal Data, which is a responsibility that we take very seriously.

This Privacy Policy explains how we may use the Personal Data we collect when you visit our website[https://www.odakyu-hotel.co.jp/] (“Website”), inquire about our services, subscribe to our marketing communications, use our products and/ services such as making a booking with us, are a supplier or business partner. It also explains how we comply with EU legislation related to data protection (EU General Data Protection “GDPR”) and what your rights are under this legal framework. This Privacy Policy applies to the processing of data of natural person who are outside Japan.

Odakyu Resorts Co., Ltd is the data controller of the services offered through this website. Our registered office is at 2-7-25 Sakaechyo, Odawara-shi, Kanagawa, Japan.

1. What type of Personal Data do we collect from you?

Personal Data means any information relating to you which allows us to identify you, either directly from that data orbecause we combine that information with other data about you.

When you use our Website, including booking services and/products with us, subscribe to our marketing communications or interact with us in relation to our services and/products, you may provide us with your Personal Data, or we may obtain Personal Data about you.

We may process the following Personal Data:

  1. Contact details and personal identifiers: such as your name, address (private and/ billing), date of birth, gender, telephone number, email address, job title, company title, social networking IDs;
  2. Service and booking data: customer number, information on services used, contact history, information on terms of delivery/performance (including information on place of delivery/performance, packaging, etc.) and information on customs clearance, presence of invoice registration/registration, information on whether the email was open, information on services browsed and searched for, contract information;
  3. Transaction and payment data: credit card information/ account details, bank account details, relating to your bank account, credit/debit card details, payment and receipt details, information on tax burdens and tax calculations;
  4. Records of your interactions with us: such as inquiries you make, questions you have, or content of any other interactions with us;
  5. Internet information: including your use of and movements through our Website, the date and time of your visit or use of our Website, IP addresses, geolocation, device and OS information such as type and ID, browser type and ID, plug-ins, country of access, services browsed and searched, browsing history, URL of pages viewed, page referrer;
  6. Your marketing preferences: so that we know whether and how we should contact you. You can stop receiving our marketing communications at any time, free of charge, through the methods displayed as part of any communication such as the unsubscribe link in our emails. Or further information on this please see the section below on Direct Marketing.

2. Where do we collect your Personal Data from?

We will collect Personal Data from several sources. These include the following:

  1. Directly from you: when you use our Website, book our services and/ products, contact us by email or communicate with us directly in some other way.
  2. Our website: provides us with information about how you use it and the devices that you use to connect to our Website. Like many other websites, we use so-called “cookies”. Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our Website. If you have given your consent to our use of cookies, we do so to improve the use of our Website or analyze our Website. You can revoke your consent to our use of cookies any time. Please refer to our Cookie Consent Banner for more information on the cookies we use.

3. Why do we collect your Personal Data and on what legal basis?

The table below describes the main purposes for which we process your personal data, the categories of your information involved and our lawful basis for being able to do this.

Purpose Personal Data used Lawful basis
So that we can provide our website to you Date and time of access, URL of the page viewed, referrer (the page viewed before the page was viewed) information, information on button/link presses, device, OS and browser information, IP address and location information We have a legitimate interest in our website working properly.
Ensuring IT support and network security Date and time of access, URL of the page viewed, referrer (the page viewed before the page was viewed) information, information on button/link presses, device, OS and browser information, IP address and location information We have a legitimate interest in ensuring our systems are secure.
To manage your bookings and provide services and/ products to you Name, address, telephone number, e-mail address, date of birth, information about your workplace, credit card information/account, information required for payment and transactions This is necessary to fulfil our contract with you.
To provide you with out food and beverage services Name, telephone number, e-mail address This is necessary to fulfil our contract with you.
To manage your private bath reservations Name, address, telephone number, e-mail address This is necessary to fulfil our contract with you.
To invoice you and receive payments from you Name, address, gender telephone number, e-mail address, date of birth, identification information of financial institutions, information on terms of delivery/performance, information on customer clearance, information on tax burdens and tax calculations, information on financing/payment/terms/bank accounts, payment information, presence of invoice registration/registration number This is necessary to fulfil our contract with you.
To claim and enforce claims Name, job title, company name, address, telephone number, e-mail address, social networking IDs, date of birth, customer number, contact details, history of use, bank account, contract information, information on solvency This is necessary to fulfil our contract with you.
Analysing the usage of our website Cookies, IP address, browser type, plug-ins, device type and ID, country of access, pages visited, services browsed and searched for browsing history, time spent on the website, website activity We only use your personal data for analytical purposes if you gave us your consent.
Optimizing ad delivery on our website Cookies, IP address, browser type, plug-ins, device type and ID, country of access, pages visited, services browsed and searched for browsing history, time spent on the website, website activity We only use your personal data for advertisement purposes if you gave us your consent.
Marketing services and/ products which may be of potential interest to you and offering promotions Name, address, email address, telephone number, information on whether the e-mail was opened or not and marketing preferences We have a legitimate interest to provide you with information about or products including those that are the same or similar to the ones you have inquired about.
If we cannot rely on legitimate interest as our lawful basis for processing, then we will obtain consent from you.
Provide you with our newsletter Name, address, email address, telephone number, information on whether the e-mail was opened or not and marketing preferences We only send you newsletters if you gave us your consent.
To deal with inquiries, and other communications from you Name, e-mail address and content of inquiry This is necessary to fulfil our contract with you.
For the purpose of complying with any legal and regulatory requirements Name, address, telephone number, e-mail address, date of birth, workplace information, credit card details/account details, job title, contact history, bank account, information on services used We have a legal obligation to comply with any legal or regulatory requirements.
Storage of records relating to you and also records relating to our business All the personal information we collect about you To be able to manage and fulfil our contract with you, we may have a legal and/or regulatory obligation to do so and we also have a legitimate interest to keep proper records.

Some of your Personal Data may be required due to legal, contractual, or other obligations. Failure to provide this data may impact our ability to fulfil our contract with you or comply with relevant legal obligations. For other Personal Data, whilst you may not be under an obligation to provide it to us, if you do not provide it, we may not be able to properly perform our services for you. Without your Personal Data, you may be unable to complete bookings or purchases on our Website.

Providing Personal Data for marketing and newsletters is optional. Refusal to provide this data has no negative consequences but means that we cannot offer personalised marketing messages or promotional offers. If you gave us your consent for marketing purposes, you can revoke your consent or object the processing at any time by following the information in section “Contact Information”.

4. Who we share your Personal Data with?

In order to operate our Website and provide you with the services and/ products you have booked we may need to share your Personal Data with third parties. This includes sharing your Personal Data with and companies engaged by us to manage our relationship with you and provide you the services described above.

We may share your personal data with the following recipients:

  1. Sub-contractors: such as our marketing and service technology providers, travel and accommodation booking services, hotel and hospitality services, restaurant and dining services, transportation services, retail services, e-commerce and review services, and other sub-contractors.
  2. Consultants and accountants: such as legal or tax consultants and accountants.
  3. Government and law enforcement agencies: where we are required to do so by law or to assist with their investigations or initiatives.

We do not disclose Personal Data to anyone else except as set out above unless we have your consent, or we are legally obliged to do so. These recipients will only process your Personal Data to perform tasks and duties on our behalf and in compliance with this Privacy Policy and governing data protection laws.

5. Direct Marketing

From time to time, we may contact you by email with information about services and/ products we believe you may be interested in.

Marketing emails and newsletters will only be sent to you based on the preferences you set when you, tell us that you wish to receive marketing related messages or when you have booked similar services and/ products with us previously.

You can opt out any time if you do not wish to receive any marketing messages by clicking on the unsubscribe link in any marketing email you receive to unsubscribe from future marketing communications.

6.International data transfers

In the course of our operations, it may be necessary to transfer your Personal Data to recipients located outside the European Union (EU) or the European Economic Area (EEA). These transfers may be to our, partners or service providers who are located in regions, such as the United States, Singapore or China with differing data protection laws than those in your country. When transferring your Personal Data internationally we implement appropriate safeguards to ensure the security and confidentiality of your data. These safeguards, when we cannot rely on an issued Adequacy Decision, may include for example Standard Contractual Clauses (SCCs) approved by the European Commission.

7. How long do we keep Personal Data for?

Generally, we will retain your Personal Data for as long as we need it for the purposes for which it was collected. The duration for which we retain your Personal Data will differ depending on the type of information and the reason why we collected it from you. However, in some cases Personal Data may be retained on a long term basis: for example, Personal Data that we need to retain for legal purposes will normally be retained in accordance with usual hospitality practices and regulatory requirements.

In addition, we may be allowed to retain Personal Data whenever you have given consent to such processing (e.g. subscription to our newsletter), as long as such consent is not withdrawn.

8. Data security

We take the security of your information very seriously and only handle Personal Data as permitted by data protection regulations. We use a variety of technical and organizational measures to help protect your Personal Data from unauthorized access, disclosure, modification, loss or destruction in accordance with applicable data protection laws. When handling Personal Data, our employees are obliged to comply with the regulations of the EU GDPR.

9. Your rights in relation to your Personal Data

You have the following rights in relation to your Personal Data:

  1. Right of Access — you have the right to be informed about how we are using your Personal Data and the right to access that data that we hold about you.
  2. Right to Erasure or "Right to be Forgotten" — you have the right to ask us to delete your Personal Data provided that there are no valid grounds for us to keep it, for example we may have to keep some or all of the Personal Data to comply with legal obligation or in respect of any legal claims.
  3. Right to Data Portability — you have the right to receive the Personal Data you have provided to us in a digital format or in certain circumstances and where technically feasible the right to ask us to transmit the data to another organization.
  4. Right of Rectification — you have the right to ask us to amend the Personal Data that we hold about you where believe it is inaccurate or incomplete.
  5. Right to Object — in certain circumstances, you have the right to object to the processing of your Personal Data and to ask us to block, erase and restrict our use of your personal data.
  6. Automated Decision Making — we may process your Personal Data by solely automated means (without human intervention), including for profiling. Where such processing may have a legal or similarly significant effect on you, you have the right not to remain subject to any decisions based on such automatic processing, except as otherwise provided by law. You have the right to understand when and how automated decisions are made about you, and the factors involved and you have the right to challenge these decisions, request human intervention, express your point of view, and seek a review of the decision.
  7. Right to Withdraw Consent or Right of Opposition — if you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
  8. Right of Limitation — you have the right to request the limitation of the Processing of your Personal Data, in the form of: (i) suspension of Processing or (ii) limitation of the scope of Processing to certain categories of Personal Data or purposes of Processing.
  9. Right to complain — you have the right to complain to the supervisory authority, in addition to us. For contact details of the EU data protection authority, please see here:  https://edpb.europa.eu/about-edpb/about-edpb/members_en

The period for handling a request is 30 days unless it is a particularly complex request.

Once our specified retention period has expired, we shall delete the relevant Personal Data. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of such retention period.

10. Processing data in relation to children

Odakyu Resorts does not knowingly collect Personal Data from individuals who are not legally permitted to use our services without obtaining parental consent. If it comes to our attention that we have collected or processed Personal Data from such a person, we may delete this information without notice.

11. Changes to our data protection provisions

We may need to make changes to this Privacy Policy to ensure that it complies with current legal requirements or to implement changes to the services detailed in the Privacy Policy, e.g., when introducing new services and products. In this case, your future visits to our Website will be subject to the updated Privacy Policy.

If you have additional questions regarding the processing of your Personal Data, please feel free to contact us directly, either by email at somu@odakyu-hotel.co.jp or via mail to Odakyu Resorts Co., Ltd, 2-7-25 Sakaetyo, Odawara-shi, Kanagawa, Japan.

12. Contact Information

  1. 1. General
    If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, or your choices and rights regarding such use please do not hesitate to contact us by:

    Email : somu@odakyu-hotel.co.jp
    Postal Address: 2-7-25 Sakaetyo, Odawara-shi, Kanagawa, Japan

    2. Data Subject Requests from EU Data Subjects according to the GDPR
    We value your Data Subject Rights under EU GDPR and have therefore appointed Cabinet W AVOCATS as representative according to Art 27 EU GDPR.

    Postali Address : 57 rue de Rivoli-75001 Paris
    TEL 01.56.81.17.70
This Policy was last updated: November 1, 2024