At Kamome Tourist Co., Ltd., we fully recognize that customers’ personal information is important private information. When handling personal information in our operations, we comply with relevant laws and internal regulations established for personal information protection. By maintaining an organizational structure and ensuring appropriate protection, we respect our customers and strive to meet their expectations and trust.

We specify the purpose of using personal information within the scope of our business activities and acquire, use, and provide personal information fairly and appropriately only to the extent necessary to achieve those purposes. We also take measures to prevent the use of acquired personal information for purposes other than those intended.

We comply with laws, national guidelines, other norms, and social order related to personal information and strive to ensure appropriate protection.

We recognize the risks of unauthorized access, loss, destruction, alteration, or leakage of personal information and implement reasonable security measures. If a problem occurs, we will take appropriate corrective action.

We appropriately respond to requests from individuals for disclosure, correction, suspension of use, or complaints regarding personal information handled by us.

We establish management rules and systems for personal information protection, thoroughly implement them across all employees, and regularly review them to promote continuous improvement.

Based on our “Privacy Policy,” we are committed to proper protection of personal information. Below is information on personal information acquired or retained by our company for business purposes.

Kamome Tourist Co., Ltd.
Representative Director: Sho Yamazoe
Address: Sunbright Twin, 10F South Wing, 2-46-1 Honcho, Nakano-ku, Tokyo 164-0012

The purposes of use of personal information handled in our business activities are as follows:

Other purposes are as individually specified in writing.

Complaints, consultations, and inquiries regarding personal information, including retained data, should be directed to the contact below.

None

We promptly respond to requests for disclosure of retained personal data (notification of purpose of use, disclosure, correction, addition or deletion, suspension of use, erasure, and suspension of provision to third parties). Requests will be handled within a reasonable period and scope after confirming that the requester is the individual concerned or their agent.

Details on the procedures and contact for disclosure requests are available upon inquiry.

In order to handle personal information appropriately, our company has established Personal Information Protection Regulations based on the Personal Information Protection Policy in compliance with JIS Q 15001, and operates a Personal Information Protection Management System. To ensure proper handling of personal information, we have implemented security measures from four perspectives: organizational, human, physical, and technical.
For details on specific security measures, please contact us via the inquiry desk below.

1. Information on the protection of personal information in foreign countries where third parties receiving customers’ personal information are located is as follows. (For specific country names, please refer to your itinerary or other relevant documents.)

(These are designated by the Personal Information Protection Commission of Japan as foreign countries with systems for protecting personal information that are recognized to provide a level of protection equivalent to that of Japan.)

Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Liechtenstein, Iceland, Norway, United Kingdom
(Reference: 2019 Personal Information Protection Commission Notice No.1 and No.5)

(Recognized by the European Commission as having adequate levels of data protection under GDPR.)
Argentina, Andorra, United Kingdom, Israel, Uruguay, Canada, Switzerland, New Zealand
(Reference: Personal Information Protection Commission website)

(These economies have laws that comply with the APEC Privacy Framework.)
United States, Mexico, Canada, Singapore, South Korea, Australia, Taiwan, Philippines
(Reference: Personal Information Protection Commission website)

(The OECD Privacy Guidelines set out eight basic principles: ① Collection Limitation, ② Data Quality, ③ Purpose Specification, ④ Use Limitation, ⑤ Security Safeguards, ⑥ Openness, ⑦ Individual Participation, and ⑧ Accountability.)
China
2. Where a third party located in any of the above countries or regions (1)–(4) receives customers’ personal information, such third parties have implemented measures to comply with all eight OECD Privacy Principles for the protection of personal information.
3. The Personal Information Protection Commission of Japan publishes certain information to help identify essential differences between the personal information protection systems of specific countries or regions and the Japanese Act on the Protection of Personal Information.
Please refer to “Survey on Personal Information Protection Systems in Foreign Countries” on their website.