Privacy Policy

Privacy Policy

NAA Retailing Corporation (hereinafter, the "Company") shall, while collecting, managing and using personal information in the course of carrying out its business activities, handle that personal information in accordance with the Privacy Policy (hereinafter, "This Policy").
Unless specifically provided for, the definitions for the terms used in This Policy shall be in accordance with the Act on the Protection of Personal Information (hereinafter, the "Privacy Act") and relevant laws and regulations.

1. Compliance with Statutes Concerning Handing of Personal Information

The Company undertakes to adhere strictly to the Privacy Act and relevant laws and regulations as well as This Policy when collecting, managing and using personal information in the course of carrying out its business activities.

2. Procedures for Safeguarding Personal Information

The Company will strive to ensure that personal information it holds is accurate and current, and will take all necessary and pertinent measures to safeguard that information through measures to prevent unauthorized access, loss, falsification and disclosure, etc.

We promptly dispose of customer personal information when it is no longer required, or when the retention period stipulated by law has elapsed.

3. Appropriate Supervision of Employees in Regard to Handling of Personal Information

When instructing its employees (executives, full-time employees, contract employees, part-time employees, temporary employees and all employees carrying out the business activities of the Company in the Company premises regardless of whether employed under contract or not) to handle personal information, the Company shall exercise all necessary and pertinent supervision of said employees to ensure that personal information is managed safely.
Further, the Company will provide regular education and instructions to all employees to ensure absolute protection of personal information.

4. Appropriate Supervision of Contractors in Regard to Handling of Personal Information

The Company outsources some activities to contractors. When outsourcing work to an external contractor, the Company will take the appropriate measures in selecting contractors, sign necessary contract agreements and instruct and supervise contractors appropriately in the handling of personal information.

5. Authorized Acquisition of Personal Information

When acquiring personal information, the Company shall do so appropriately and in accordance with the Privacy Act, relevant laws and regulations and This Policy. The Company shall also notify and publicize the purpose of use for the acquired personal information using the appropriate methods.

6. Purpose of Use of Personal Information

(1) The personal information we obtain is used for the following purposes and with the consent of the customer, client, or applicant (hereinafter “the Individual”). (Consent may be withdrawn at any time.) Should any purpose be subject to change, notification of that change will be included in This Policy.

① Personal information concerning a customer

  • For procedures related to sales
  • For product ordering (lay away or back ordered) or mail-order sales
  • For sending letters of appreciation, information regarding our shops or products or other customer contact
  • For shipping products to replace faulty products or to ship free gifts
  • To provide maintenance services for purchased products and items or to provide warranty procedures and services, etc.
  • To achieve the objectives of customer surveys
  • For the prevention of crime and disasters, checking service details and improving service quality, personal information includes recording of telephone conversations with customers, video footage in Company shops and use of telephone number display functions on telephones.
  • Based on information such as browsing histories and purchasing histories, policies regarding sales trends analysis and sales promotions can be formulated.
  • To answer inquiries
  • For other business activities related to those listed above.

② Personal information concerning suppliers

  • For negotiations or other business communication
  • For management of shop access and security in relation to supplier personnel
  • For procedures to provide access to airport facilities for supplier personnel
  • For negotiations and other business discussions, dispatching or receiving orders, payment of invoices and other contractual obligations and to request performance of contract, etc.
  • To answer inquiries
  • For other business activities related to those listed above.

③ Personal information concerning applicant

  • To notify or provide information, etc. concerning recruiting activities
  • To answer inquiries
  • For other business activities related to those listed above.

It may not be possible to achieve the above purposes unless personal information is provided.

(2) Notwithstanding the above, personal information may be used for other purposes in the following cases.

① Where required by law

② Where required for the protection of individuals and property when it is not possible to gain consent from the individual concerned

③ When especially required for reasons of public health or child welfare when it is not possible to gain consent from the individual concerned

④ When required for cooperation with government organizations, regional entities or their agents in carrying out tasks specified by laws and ordinances, where it is difficult to obtain the consent of the individual.

⑤ In the case of private data being provided to academic research institutes, etc., when it is necessary for said academic research institutes, etc. to handle said private data for the purpose of academic research (hereafter referred to as Academic Research Purpose) (including the handling of part of said data for Academic Research Purpose, other than cases where private rights and profits are infringed upon unfairly.)

7. Anonymous Processed Information

(1) In accordance with the relevant laws and regulations, the company will continue to process personal information in such a way as to ensure that individuals cannot be identified and that information cannot be restored (hereinafter referred to as "Anonymized Processed Information"). The items included in Anonymized Processed Information are as follows.

  • Nationality
  • Age
  • Sex
  • Date of departure
  • Flight name
  • Destination and transit point
  • Purchase date
  • Time of purchase
  • Category of item purchased
  • Item purchased
  • Shop
  • Price of purchase
  • Purchase quantity

(2) Purposes for use of Anonymous Processed Information

  • To analyze sales trends, stimulate sales and for other marketing reasons

(3) How to Create Anonymized Processed Information

  • Deletion of descriptions that can identify specific individuals
  • Deletion of personal identification codes
  • Deletion of codes that interconnect data
  • Deletion of unique descriptions, etc.
  • Other measures based on the nature of personal information databases, etc.

(4) Prohibition of collation of Anonymous Processed Information

  • The company does not identify individuals by comparing Anonymized Processed Information with other data.

(5) Provision of Anonymous Processed Information

  • The company will clearly identify the Anonymized Processed Information that has been created, copy it into electronic data, encrypt the data file, protect it with a password, etc., and ensure security before sending. We will continue to provide third parties with data.

8. Pseudonymous Data

(1) Following applicable regulations, in order to ensure that a Customer is not identified through matching with other data, there will be a continuation of creation and use of manufactured private data (hereafter referred to as Pseudonymous Data).

(2) Purpose of Pseudonymous Data

Pseudonymous Data will be analyzed for Customer attribution and usage status and will be used to aid service planning, development, improvement, etc., and in order to create statistical materials.

(3) How to Create Pseudonymous Data

When we create Pseudonymous Data, unless it is compared with other data, individual identification cannot be made. And in order to achieve this, individual Pseudonymous Data will be created in accordance with the standards of the Personal Information Protection Commission.

(4) Security Control Measures

When we create Pseudonymous Information or acquire Pseudonymous Information or deleted information that is related to said Pseudonymous Information (this pertains to deleted descriptions and personal identification codes deleted from personal information used in the creation of Pseudonymized Information using methods referred to in the previous article), as a necessary step to ensure the prevention of leakage of deleted information, we will follow the regulations of the Personal Information Protection Commission and we will take measures for the security management of deleted information, etc.

(5) Prohibition of Personal Information to Third Parties

In accordance with the law, etc., we will not provide personal data such as Pseudonymized Information (other than that which corresponds to Personal Information) to Third Parties.

(6) Prohibition of Matching

With regard to the handling of Pseudonymous Information, Pseudonymous Information will not be used to match with other data in order to identify the individual related to the personal information used in the creation of Pseudonymous Information.

(7) Elimination of Deleted Information, etc.

When it is not necessary for us to use Pseudonymous Information personal data and deleted information, we will strive to delete said personal data and deleted information without delay.

(8) We will strive to undertake appropriate measures necessary in the security management of Pseudonymous Information and will undertake the necessary measures in order to secure the appropriate handling of complaints regarding the creation of Pseudonymous Information and other services and will strive to disclose the details of said measures.

9. Principle of Minimization Concerning Acquisition and Use of Personal Information

Personal information acquired and used by the Company will be limited to the minimal amount necessary to achieve the purposes of use by the Company.

10. Provision of Personal Data to Third Parties

(1) Personal data may be provided as long as necessary to third parties by telephone, fax, email or post, in the process of achieving the purpose for which that data is obtained, in the following cases.

  • When prior consent of the individual has been obtained
  • Where incoming feedback, request or inquiry requires a response from a third party and the details are relayed to that party by NAA Retailing Corporation.
  • Where required by law
  • Where required for the protection of an individual or property and where it is not possible to gain consent from the individual concerned.
  • When especially required for reasons of public health or child welfare and it is not possible to gain consent from the individual concerned.
  • When required for cooperation with government organizations, regional entities or their agents in carrying out tasks specified by laws and ordinances, and where obtaining the consent of the individual would present a hindrance to the aforementioned.
  • This pertains to the provision of personal data to academic research institutions and in cases when said academic research institutions to use said personal data for academic research purposes. (this includes cases where said personal data is treated partly for academic research purposes, but excludes when there is undue hinderance to individual rights and profits)

11.Transfer of Personal Data to Third Countries

We may transfer personal data to third countries to achieve the purpose of use. In such cases, we will not transfer that data without the consent of the Individual.

12. Personal Information

When it is assumed that a third party acquires personal information (meaning the personal information of a living individual that does not correspond to personal information, Pseudonymous information and Anonymized Information) as personal data, personal information will not be provided to said third party without adhering to Personal Information Protection Commission regulations beforehand.

13. Regarding Cookies

Some pages that we provide use Cookies. Please refer to our Site Policy (here) for further details.

14. Chief Administrator

The Company shall appoint a chief administrator in charge of personal information and will provide and manage an infrastructure to protect personal information.

15. Points of Contact for Inquiries and Complaints Concerning the Handling of Personal Information

For complaints or inquiries related to the Company's handling of personal information, please contact the office shown below.
Complaints concerning the handling of personal information may also be brought before the Personal Information Protection Commission or other overseeing organization.

Personal Information Handling Manager, General Affairs Section, General Affairs Department, NAA Retailing Corporation
OP2005, South Operation Center 2F, Narita International Airport, Narita, Chiba 282-0004, Japan
soumu@fasola.jp

16. Continuous Improvement

In order to put the abovementioned items into practice, the Company will undertake reviews and improvements in addition to conducting ongoing studies.
* Please go here to see the policy for this website.

Disclosure in accordance with the Act on the Protection of Personal Information

1. Disclosure of Personal Information Held by the Company

(1) The Company retains personal information for the purposes listed below. This information includes, name, address, age, date of birth, nationality, sex, telephone number, fax number, email address, occupational information(regarding your company), purchase date, passport information, security surveillance images, date of departure, terminal used, airline used, flight number, transit point, destination, object of purchase, driving license number and vehicle registration number, etc.

① Personal information concerning a customer

  • For procedures related to sales
  • For product ordering (lay away or back ordered) or mail-order sales
  • For sending letters of appreciation, information regarding our shops or products or other customer contact
  • For shipping products to replace faulty products or to ship free gifts
  • To provide maintenance services for purchases products and items or to provide warranty procedures and services, etc.
  • To achieve the objectives of customer surveys
  • For the prevention of crime and disasters, checking service details and improving service quality, personal information includes recording of telephone conversations with customers, video footage in Company shops and use of telephone number display functions on telephones.
  • Based on information such as browsing histories and purchasing histories, policies regarding sales trends analysis and sales promotions can be formulated
  • To answer inquiries
  • For other business activities related to those listed above.

② Personal information concerning suppliers

  • For negotiations or other business communication
  • For management of shop access and security in relation to supplier personnel
  • For procedures to provide access to airport facilities for supplier personnel
  • For negotiations and other business discussions, dispatching or receiving orders, payment of invoices and other contractual obligations and to request performance of contract, etc.
  • To answer inquiries
  • For other business activities related to those listed above.

③ Personal information concerning applicant

  • To notify or provide information, etc. concerning recruiting activities
  • To answer inquiries
  • For other business activities related to those listed above.

④ Specific personal information

  • To provide such information limited to the parameters prescribed in Article 9 of the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures, to government offices stipulated in Article 19-2 of the same Act.

(2) The Company holding the information is as below.
NAA Retailing Corporation
1-1, Furugome-aza, Furugome, Narita City, Chiba Prefecture
President & CEO MATSUZAWA Hiroshi

2. Request to Disclose Personal Data Held

On receiving a written request, the Company may disclose personal data in its possession providing that it has confirmed the identity of the person from a copy of that person's residence certificate and has determined that disclosure is appropriate based on the following classifications.

(1) Disclosure of personal information to the individual

Any individual can request disclosure of their personal data in the possession of the Company. However, where any of the following circumstances prevail, the Company may refuse to disclose personal data in whole or in part.

① Where disclosure might harm the life, body, property, or other rights or interests of the person or a third party
② Where disclosure might substantially hinder the ability of the Company to carry out its business activities properly
③ Where there is a violation of other laws and regulations

(2) Amendments, etc. to personal data held

Should the individual believe that personal data concerning them in the possession of the Company is inaccurate, that individual may request amendments, additions or deletions (hereinafter, "Amendment"). However, should the Company find no errors in the data as a result of promptly carrying out the necessary investigations or, should the Company deem that an Amendment is not required for the purposes of its use, it will not be obliged to carry out the Amendment.

(3) Termination of use of personal data held, etc.

In the case where the Customer's retained personal data has gone beyond the necessary scope to achieve the purpose of use, in the case of promotion of legal violations and undue behavior, or when there is the risk that handling has been achieved through provocative means; when data has been acquired through deception or other unfair means; in the case of the data no longer being necessary; in the case of major leakage, etc., of the Customer's identified personal data corresponding to Article 26; in the case of infringement on the rights and fair profits of the Customer; or in the case of data that has been provided to a Third Party without fair reason and without the Customer's agreement, it is possible for the Customer to request the termination or deletion (hereafter referred to as Termination of Use) of said personal data. However, in the case of exorbitant costs being involved in Termination of Use or in the case of difficulties incurred in the Termination of Use, Termination of Use will not be conducted and alternative measures will not be undertaken.

(4) Disclosure to the Customer about the provision of personal data to a Third Party or records received about the provision of data from a Third Party

The Customer can request the disclosure of information regarding the provision of personal data to a Third Party or records received about the provision of data from a Third Party (hereafter referred to as Third Party Provision and Records).
However, as is set out below, there may be cases where all the Third Party Provisions and Records of personal data or part of the personal data may not be disclosed.
① When there is a risk of harm to individual and third party lives, health, property and other rights and profits
② When there is risk of considerable hinderance in the carrying out of appropriate operations
③ When laws are violated

(5) Procedures for disclosure, etc.

When the Customer seeks the disclosure of individual data, revision, termination of use, and Third Party Provisions and Records, please contact the disclosure destination below according to our established format. At the same time, please submit documents of identification. We will attend to the delivery of documents and other necessary methods. (We have released the Purpose of Use of Personal Data and cannot accommodate individual notices).

[Submission of disclosure Requests]

Personal Information Handling Manager, General Affairs Section, General Affairs Department, NAA Retailing Corporation
OP2005, South Operation Center 2F, Narita International Airport, Narita, Chiba 282-0004, Japan
soumu@fasola.jp

[Procedure for Disclosure, etc.]

List of Documents to be Submitted
① Written request for disclosure, etc. of personal information (Please use the form prescribed by the Company)
② Identification documentation (copy (original) of the individual's residency certificate), copy of driving license, copy of passport or copy of health insurance card
③ Self-addressed return envelope (the address must be the same as that on the documentation submitted for identification purposes)
④ When the request is submitted by a representative, written authorization of proxy right (copy of family register, etc. if submitted by a legal representative, letter of attorney if submitted by an agent)

Costs Associated with Disclosure
The sum of 500 yen (excluding tax) is payable for each disclosure request. Payment by postal money order is requested.