Personal Data Protection Policy We believe that it is our social responsibility to handle personal data. We will comply with the law related to personal data and establish and carry out the management system of personal data protection based on the following policy: We will not use/collect/disclose personal data beyond the scope of the use purpose written on "About handling personal data." We will take appropriate measures for illegal access, loss, breaking, alteration, and leakage of personal data. Also, we will continuously improve our security system to prevent leakage and to break it. We will comply with the law of personal data that is decided by the government. 4. We will adequately review our management system of personal data protection and improve it continuously. Based on the company's ("Customer") instruction (using our service) about personal data processing applied the General Data Protection Regulation 2016/679 (GDPR), we will comply with the GDPR as follows: In the section, the terms below are defined in each number. (1) 'Personal data' means any information relating to an identified or identifiable natural person. (2) 'Processing' means any operation or set of operations which are performed on personal data or sets of personal data, whether or not by automated means. (3) 'Controller' means the natural or legal person, public authority, agency, or other bodies which, alone or jointly with others. (4) 'Processor' means a natural or legal person, public authority, agency, or other bodies that process personal data on behalf of the controller. Regarding personal data processing, we will comply with the GDPR and related law and carry out data processing only instructed by the customer with a document. When we process personal data, based on the GDPR Article 28.3, we will comply with it: (1) The operator for processing personal data authorized by us shall accept confidentiality. (2) If we appoint other operators, we obtain customer's permission in a document in advance, and the operator shall take the same responsibility we have. (3) We will carry out technical and organized means for personal data protection stated on the GDPR Article 32. For more details of them, we will establish our manual of personal data protection. (4) After finishing our service period, we will delete or return all personal data collected to the customer upon request. (5) We will provide the necessary support as a processor so that the customer can fulfill the responsibility as a controller. We will disclose our policy and let operators know it and educate them to enhance the attention to personal data protection. If you have any questions, concerns, and claims about personal data and/or our policy, please contact our controller manager. (+81-52-262-8011) Established date: September 1, 2019 Final update: October 1, 2019 Abilive Co., Ltd. CEO Hiroaki Matoba About handling personal data We will execute the following items to control personal data strictly: Personal data will be adequately controlled according to our personal data protection manual or internal rule. We will use personal data for the following purpose: (1) Website developmentpreparation, development, and delivery (2) Booking engine operationreservation acceptance, contact about reservation, and operations management (3) Employee managementrecruitment, labor control We might outsource the operation with personal data to the 3rd party who fulfill our standards of data protection. We will select the outsourcing company according to our strict rule and supervise them. Also, we’ll not provide personal data to the 3rd party except for the outsourcing company. We will revise and disclose personal data if the individual agrees to do so. However, regarding personal data held as the contracting company, we will check with the assignor whether we can revise or disclose then or not. If you have any inquiry or complains about personal data, please contact as follows: <Contact information> Abilive Co., Ltd. Person in charge of supervision TEL. +81-52-262-8041 Name of certified personal data protection group and contact information of complaints Name of the certified personal data protection group: JIPDEC Contact information for complaints: Counseling room for complaints of personal data protection Address: Roppongi first bldgRoppongi 1-9-9Shibuya, Tokyo1060032 Japan Tel: 03-5860-75650120-700-779 Notification for using the site About cookies When users revisit the site, cookies would work for better usability and not for violating the user’s privacy. Also, it’s not for giving harmful effects to the user’s PC & mobile phone. We might collect information like the trend or pattern of the user’s behavior on the site. Gathering information will be analyzed by us (including our contact company), and we will use them to provide better services. Also, please do not worry about gathering information. We will treat it as private information like personal data. If you prefer not to be collected your data by cookies, you can change the setup of the browser to stop using the cookies. Warranty and liability limitation Using our site is under the user’s responsibility. Concerning the damage, we assume no responsibility whatsoever for any damage caused by the use of our site or information from links on our site. - If you have any questions about our site, please let us know from the inquiry form.