Loading...
MENU
  • Top
  • Privacy Policy

Privacy Policy

November 13, 2019

The Osaka Convention & Tourism Bureau, a public interest incorporated foundation (hereinafter referred to as "the Bureau"), recognizes the importance of protecting personal information in today's advanced information and communications society, and with the correct handling of personal information as its basic philosophy, strives to protect the privacy of users (hereinafter referred to as "Users") of the Bureau's services (hereinafter referred to as "the Bureau's Services") in accordance with the following policy (hereinafter referred to as "this Policy").

Our website (hereinafter referred to as the "Authority Site") and our application (hereinafter referred to as the "Authority Application") may contain links to external websites. When you use a linked website, the privacy policy of that linked website will apply. Please note that we are not responsible for how personal information is handled at the linked website. When sending personal information to an external website, please check the privacy policy of that website.

If you are a resident of the European Economic Area ("EEA"), please also see the attached Appendix to this Policy ("Appendix") which contains additional terms regarding our use of your personal information. If there is a conflict between any provision of this Appendix and the main body of this Policy, this Appendix will take precedence.

1. Compliance with Laws and Regulations The Agency will comply with the Act on the Protection of Personal Information (Act No. 57 of 2003) and related laws and regulations, as well as guidelines from relevant ministries and agencies.

2. Information We Collect from You For the purposes described in this Policy, we collect and use the following categories of personal information about you ("User Information"):

2.1 Information provided by Users We will collect the name, username, password (including authentication information when using external linkage functions), email address and other contact information provided to us when a User uses our Services, as well as User information included in surveys, complaints or questions.

2.2 Information we collect automatically: We collect details about your use of or browsing our Sites and Apps, and information obtained through cookies and other similar technologies, including IP addresses, domain names, browser information, operating system, traffic data, language preferences, country, location information, and information about how and when you use our Sites and Apps.

2.3 Information We Obtain from Third Parties We obtain information from other sources, for example, public databases, business partners, marketing service providers and social media.

3. Notification or public disclosure of the purpose of use When acquiring and using user information, the authorities will notify the individual of the purpose of use or publicly announce it, except as otherwise provided by law.

4. Purposes of Use and Legal Basis 4.1 We may collect and process User Information to pursue our legitimate interests, as detailed below.
(1) To ensure that content on our Sites or Apps is presented in the most effective manner for users.
(2) To notify you about changes to our services.
(3) To manage your account.
(4) To fulfill our obligations arising from any contract between you and us.
(5) To respond to users’ questions or inquiries.
(6) To inform users about our policies and terms.
(7) To improve safety and security, including by monitoring fraud and investigating suspected or potential illegal activities or violations of our policies or terms.
(8) For data analysis, research or audits.
(9) To provide, improve and develop our services.
(10) To carry out various procedures and communications related to applications for conferences, events, etc. hosted by us.
(11) To ensure the continuity of our business.

4.2 Subject to your prior express consent, we may collect and process your information for the following purposes:
(1) To provide information that may be of interest to users.
(2) To provide information about business activities, services or products sponsored by the Authority.
(3) To send newsletters and e-mail magazines issued by us.
(4) To conduct business analyses.
(5) To use jointly with partner companies that may provide information about products and services.
(6) For other purposes specified at the time the information is collected.

Furthermore, users can withdraw their consent at any time. However, the withdrawal of consent will not affect the lawfulness of the processing of user information based on consent before its withdrawal.

5. Provision of User Information to Third Parties Except as required by applicable laws and regulations, the Agency will not provide User Information to third parties without the prior consent of the individual.

6. Management of User Information The Agency will keep User Information accurate and up-to-date, and manage it safely, and will take necessary and appropriate safety management measures to protect User Information, such as preventing leakage, loss, damage, falsification, and unauthorized access. In addition, the Agency will appoint the General Affairs Department Director as the person responsible for personal information management, and will implement appropriate management of User Information.

7. Use of Cookies Cookies are small text files that are placed on your computer or mobile phone when you visit a website. Cookies are widely used to make websites work, or to make them work more efficiently. We also use cookies on our Sites and Apps. Cookies help our Sites and Apps to recognise your device and remember information about your use of our Services.

We use analytical tools such as Google Analytics to understand how users access and use our websites and apps. In addition, for effective advertising delivery, Google, Cyber ​​Communications Inc. (CCI), and other companies listed below use DMP technology to acquire cookie data on our websites and apps. Please see the links below for information on how each company collects and processes data.

DataCurrent
DataCurrent Privacy Policy ( https://www.datacurrent.co.jp/datapolicy/ )

Facebook
Facebook Data Policy ( https://www.facebook.com/privacy/explanation )
and Facebook Cookie Policy ( https://www.facebook.com/policies/cookies/ )

Instagram
Instagram Data Policy ( https://help.instagram.com/519522125107875 )

Baidu
Baidu Privacy Policy ( https://www.baidu.jp/privacy/ )

Vpon
Vpon Privacy Policy ( https://www.vpon.com/jp/privacy-policy/ )
and opt-out from Mobile Web Browser ( http://opt.vpadn.com/cookie/ )

8. How to manage cookies Most browsers allow you to manage cookie settings by changing the browser settings. In this case, if you consent to our use of cookies but later change your mind, you can delete cookies that have already been placed at any time through your browser settings and change your browser settings to block all or some cookies in the future. Please refer to the "Help" function of your browser for instructions on how to change your settings.

9. Disclosure, correction, suspension of use, and deletion of user information If a user requests the disclosure, correction, suspension of use, or deletion of user information, the authorities will respond promptly in accordance with the law.

10. Formulation and Implementation of Personal Information Protection Regulations In order to implement this policy, the Agency will formulate a personal information protection compliance program, thoroughly familiarize its members with the program through training and education, and continually improve it to maintain the program in the best possible condition.

11. Contact point for inquiries regarding this policy Please contact the following point of contact for inquiries regarding this policy.
〒542-0081 4-4-21 Minamisenba, Chuo-ku, Osaka
Osaka Convention & Tourism Bureau, Public Interest Incorporated Foundation, General Affairs Division (Tel) 06-6282-5906 (Fax) 06-6282-5915
Reception hours: 9:00am to 5:30pm

12. Changes to this Policy We may change our services in the future, which may result in changes to this Policy. If we change this Policy, we will update the last change date below.

Supplementary Provisions This Privacy Policy was last updated on July 24, 2019.


Attachment

Processing of information of EEA residents

This Appendix, "Handling of EEA Resident User Information," describes how we collect and process User Information protected by the General Data Protection Regulation No. 2016/679 (hereinafter referred to as "GDPR"). We collect and process User Information in accordance with the GDPR and other applicable laws and regulations. In the event of any inconsistency between this Appendix and any provision of this Policy, this Appendix shall take precedence.

1. Name and address of the controller The Company is the controller of User information under the GDPR, unless otherwise specified.
Name: Osaka Convention & Tourism Bureau, Public Interest Incorporated Foundation Address: 4-4-21 Minamisenba, Chuo-ku, Osaka
Phone number: +81-6-6282-5906
Email: [email protected]
Website: https://osaka-info.jp

2. Complaint to a Supervisory Authority You have the right to lodge a complaint at any time with a supervisory authority in the Member State of your habitual residence, your place of work or the place where the alleged infringement of the GDPR occurred. Please see the following link for information about supervisory authorities.
https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
However, we would appreciate it if you would contact us in advance so that we have an opportunity to deal with your complaint before you lodge it with a supervisory authority.

3. Sharing of User Information We may share User Information with the following third parties in accordance with applicable law:

(1) Service Providers We may outsource all or part of the processing of User Information to companies that provide various services on our behalf, such as hosting, maintenance, support services, email services, marketing, auditing, payment processing, data analysis and the provision of customer service.

(2) Business Partners. Your information may be transferred to, stored and processed by business partners that work with us to offer products, services or advertisements or assist us in marketing to you, with your prior consent.

(3) Affiliates and Business Combinations We may share User Information with our affiliates or transfer User Information to the relevant third party in the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, sale or disposition of all or a portion of our business (including in connection with any bankruptcy or similar proceedings).

(4) Compliance with Laws and Regulations, etc. We may be required to disclose User Information by law, legal procedure, litigation, or at the request of a public or governmental authority. We may also disclose User Information if we determine that disclosure is necessary or appropriate for purposes of national security, law enforcement, or other issues of public importance.

(5) Remedies, etc. We may also disclose User Information if we have a good faith belief that disclosure is reasonably necessary to protect our rights or pursue available remedies, enforce our Terms of Use, investigate fraud, or protect our operations or users.

4. Your rights Under the GDPR, you have the following rights. If you wish to assert any of these rights, please contact us using the details provided in this Policy.

(1) Right to information Users have the right to obtain from us information about the data processing activities of our authorities that concern them.

(2) Right of access You have the right to confirmation as to whether or not we are processing your information and, where that is the case, to access that information. You may also request a copy of the information we process.

(3) Right to rectification You may request us to correct any inaccurate user information. You may also request us to complete any inaccurate user information.

(4) Right to erasure (right to be forgotten)
In certain cases, users may request that authorities delete user information relating to them without undue delay.

(5) Right to restrict processing: You may, in certain cases, request that authorities restrict the processing of your information.

(6) Obligation to notify about correction, erasure, and restriction of processing of user information We will notify recipients to whom the data has been disclosed of the correction, erasure, or restriction of processing of user information made in accordance with (3) to (5) above, unless it is clearly impossible or would involve a disproportionate burden. We will also provide information about the recipients upon request by the user.

(7) Right to data portability Users have the right, in certain cases, to receive their personal information in a structured, commonly used and machine-readable format and to transmit such information to another controller.

(8) Right to object You can object to the processing of your information for the purposes of the legitimate interests pursued by authorities or a third party. Furthermore, where your information is processed for direct marketing purposes, you can object at any time to the processing of your information for such marketing.

(9) Right not to be subjected to automated processing, including profiling. Users have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or a similarly significantly affected effect.

5. Cross-border data transfers Authorities may transfer User Information from the EEA to Japan or other countries. When transferring User Information from the EEA to outside the EEA, certain additional measures may be required to protect such User Information. However, some countries outside the EEA, including Japan, have been recognized by the European Commission as having sufficient data protection ("adequacy decision") https://ec.europa.eu/info/law/law-topic/data-protection_en , and no additional safeguards are required for transfers to these countries. When transferring to countries that have not received such a decision, authorities will provide an appropriate level of protection as required by law.

6. Retention period for user information We will retain user information for a period of three years unless a longer retention period is required or permitted by law.

7. Children's Information We do not knowingly collect or process User Information about children under the age of 16. If we discover that we have directly collected or processed User Information about a child under the age of 16 or under the same minimum age as GDPR, which varies by EU Member State law, we will take steps to delete the information as soon as possible.