Privacy Policy

StayList Inc. (hereinafter, "the Company") takes the importance of protecting personal information seriously, and in addition to abiding by the terms of Japan's Act on the Protection of Personal Information (hereinafter, the "Act on the Protection of Personal Information"), shall adhere to the terms of the below privacy policy (hereinafter, the "Privacy Policy") to appropriately handle and store such information. In addition, unless otherwise designated in the Privacy Policy, the definitions of the terminology in the Privacy Policy shall be as designated in the Act on the Protection of Personal Information.

1. Definition of Personal Information

In the Privacy Policy, the meaning of "Personal Information" shall be personal information as defined in Article 2, Paragraph 1 of the Act on the Protection of Personal Information.

2. Purposes of the Use of Personal Information

The Company shall use personal information for the following purposes.
(1) To send notification emails related to the Service
(2) To reply to inquiries received

3. Revisions to the Purposes of the Use of Personal Information

The Company may revise the purposes for which it uses personal information within a scope that is determined to be relevant and reasonable, and in the event that such revisions are made, the Company shall notify or make public such revisions to the individuals designated by such personal information (hereinafter, "Designated Individuals").

4. Limitations on the Use of Public Information

The Company shall not handle Personal Information outside of the scope necessary for the achievement of the purposes of the use of personal information without the permission of Designated Individuals, except in cases where allowed by the Act on the Protection of Personal Information or other laws and regulations. However, the following cases shall be considered exceptions to this limitation.
(1) Cases with a relevant legal requirement or exemption
(2) Cases in which doing so is necessary to protect a person's life, bodily integrity or assets and it is not feasible to acquire permission from Designated Individuals
(3) Cases in which doing so is particularly necessary in order to promote public health or the healthy development of children and it is not feasible to acquire permission from Designated Individuals
(4) Cases in which a governmental organization, a local government or an organization authorized by such government requests cooperation so that a legal task can be executed and there is concern that gaining consent from Designated Individuals may hinder execution of the particular legal task

5. Fair and Reasonable Collection of Personal Information

5.1. The Company shall collect personal information in a fair and reasonable way and shall not collect such information under false pretenses or through inappropriate methods.
5.2. Except in the following cases, the Company shall not acquire Special Care-Required Personal Information (as defined in Article 2, Paragraph 3 of the Act on the Protection of Personal Information) without obtaining the prior consent of Designated Individuals.
(1) Cases in which such acquisition falls under any item of Article 4
(2) Cases in which such Special Care-Required Personal Information has been made public by a Designated Individual, a government organization, a local government, a person set forth in any items of Article 76, Paragraph 1 of the Act on the Protection of Personal Information or other persons designated in the rules of the Personal Information Protection Commission
(3) Cases in which the Company acquires Special Care-Required Personal Information which can be clearly recognized from a Designated Individual's appearance visually or via photography
(4) Cases in which the Company acquires Special Care-Required Personal Information in a manner which does not fall under "provision to a third party" pursuant to Article 7.
5.3. When the Company receives Personal Information from a third party, the Company shall check the following matters pursuant to the rules of the Personal Information Protection Commission, except where such provision of the Personal Information by the third party falls under any of the items listed in Article 4 or is done in a manner which does not fall under "provision to a third party" as designated in Article 7, Paragraph 1.
(1) The name and address of the third party and, if the third party is a corporate body, the name of its representative, and if such third party is a non-corporate body having appointed a representative or administrator, the third party's representative or administrator
(2) The circumstances under which such personal information was acquired by the third party

6. Secure Management of Personal Information

The Company shall provide necessary and appropriate supervision of its employees in order to securely manage personal information to mitigate risks such as the loss, damage, modification and leaking of personal information. Further, when subcontracting all or part of the handling of personal information, the same necessary and appropriate supervision shall be performed to enable secure management of the personal information by the subcontractors.

7. Provision to Third Parties

7.1. The Company shall not provide personal information to any third party without the prior consent of the relevant Principal, except where such provision falls under any item designated in Article 4. Notwithstanding this provision, however, the following cases shall not be regarded as "provision to a third party."
(1) Cases in which personal information is provided to a third party for the purpose of outsourcing the handling of personal information within the scope necessary for the achievement of the purposes of use
(2) Cases where personal information is provided as a result of the succession of business in a merger or otherwise
7.2. Notwithstanding Article 7, Paragraph 1, except in cases set forth in each item of Article 4, in cases where the Company provides personal information to any third party (excluding a person having a system conforming to standards prescribed by the rules of the Personal Information Protection Commission pursuant to Article 24 of the Act on the Protection of Personal Information) in any foreign country (excluding those prescribed by the rules of the Personal Information Protection Commission pursuant to Article 24 of the Act on the Protection of Personal Information), the Company shall obtain a Designated Individuals' prior consent regarding the provision of the data to the third party in the foreign country.
7.3. When the Company provides personal data to a third party, the Company shall create and maintain a record of the provision in accordance with the provisions of Article 25 of the Act on the Protection of Personal Information.
7.4. When the Company receives personal data from a third party, the Company shall make the confirmation required by Article 26 of the Act on the Protection of Personal Information and shall create and maintain a record of such confirmation.

8. Disclosure of Personal Information

Upon receiving a request from a Designated Individual to disclose Personal Information in accordance with the Act on the Protection of Personal Information, the Company shall, after confirming that the request originated from the Designated Individual in question, disclose this information to the Designated Individual without delay (or, where such Personal Information does not exist, the Company shall submit notification to this effect.) However, this shall not apply in cases where the Company bears no responsibility for such disclosure based on the Act on the Protection of Personal Information or other laws and regulations.

9. Amendment of Personal Information

When requested to make amendments, additions to or deletions from Personal Information (hereinafter, "Amendments etc.") in accordance with the Act on the Protection of Personal Information due to the inaccuracy of such information, the Company shall, after confirming that the request originated from the Designated Individual in question, promptly conduct the required investigation within the range necessary for achieving the purposes of use and, based on the results thereof, perform the Amendments etc. to the Personal information and notify the Designated Individual of this fact. (When it is determined that Amendments etc. should not be made, the Designated Individual shall be notified of this fact.) However, this shall not apply in cases where the Company bears no responsibility for disclosure based on the Act on the Protection of Personal Information or other laws and regulations.

10. Stoppage of Use Etc. of Personal Information

When the Company is requested to implement a stoppage of the use of or deletion (hereinafter, "Stoppage of Use etc.") of the Personal Information of a Designated Individual in accordance with the Act on the Protection of Personal Information for the reason that such information is being handled outside of the designated range of use or has been obtained by falsehood or other inappropriate means or is requested to implement the stoppage of the provision of Personal Information to a Third Party (hereinafter, "Stoppage of Provision") in accordance with the Act on the Protection of Personal Information for the reason that such information is being provided without the consent of the Designated Individual, and the Company determines that such reason exists, the Company shall, after confirming that the request originated from the Designated Individual in question, promptly implement the Stoppage of Use etc. or Stoppage of Provision of the Personal Information and notify the Designated Individual of this fact. However, this shall not apply in cases where the Company bears no responsibility for such Stoppage of Use etc. or Stoppage of Provision based on the Act on the Protection of Personal Information or other laws and regulations.

11. Use of Cookies and Other Technology

Services provided by the Company use Cookies and other similar technologies. These technologies are useful for understanding the usage status of the services, thus contributing to the improvement of the services. Users who wish to disable cookies may do so by changing the settings of their web browsers. However, after disabling cookies, users may no longer be able to use some services.

12. Inquiries

Please direct any applications for disclosure, opinions, questions, complaints or other inquiries related to the handling of Personal Information to the following contact point.
E-mail:company@stay-list.com

13. Continuous Improvement

The Company shall conduct appropriate reviews of the operating situation in regard to the handling of Personal Information and strive to make continuous improvements thereto, and when necessary, the Company may revise the Privacy Policy.
Enacted January 31st, 2019