Privacy Policy
Article 4 (Transfer of Personal Information Overseas)
The services utilized by the Company as described in the preceding article include providers located in foreign countries (such as Ireland, the United Kingdom, and the United States). Your personal information may be stored and processed on servers in these countries to the extent necessary for providing the services. The Company will endeavor to protect personal information by understanding each country's personal information protection system and selecting contractors that implement appropriate security measures.
Article 5 (Security Management Measures)
The Company shall implement necessary and appropriate measures to prevent the leakage, loss, or damage of personal information it handles, and to otherwise ensure the security management of personal information. The security management measures implemented by the Company include the following:
(1) Organizational Security Management Measures: Designate a person responsible for information management and clearly define the responsibilities and authority of employees.
(2) Personnel Security Measures: We will provide regular training to employees on the proper handling of personal information.
(3) Physical Security Measures: We will implement measures to manage areas where personal information is handled within our company and prevent theft of equipment and electronic media.
(4) Technical Security Measures: We will implement access controls to personal information, introduce mechanisms to prevent unauthorized access, and take measures such as data encryption.
Article 6 (Retention Period)
Based on the Hotel Business Act, we retain guest register information for three years from the date of stay. Other personal information will be promptly deleted once the period necessary to achieve the purpose of use has elapsed.
Article 7 (Customer Rights)
Customers may request disclosure, correction, addition, deletion, suspension of use, erasure, etc., of their personal information held by the Company, based on the provisions of the Personal Information Protection Act. Furthermore, if a customer resides within the European Economic Area (EEA), they have rights under the GDPR, including the right to data portability, the right to object, and the right to withdraw consent. To exercise these rights, please contact the contact point specified in Article 8.
Article 8 (Contact Point)
For any opinions, questions, complaints, or other inquiries regarding this Policy or the handling of personal information, please contact the following point of contact:
Personal Information Handling Contact: miyajima-tonbo-and@aisthisi.co.jp
Established September 2, 2025
Revised November 21, 2025
Aisthisi Corporation (hereinafter referred to as “the Company”) establishes the following Privacy Policy (hereinafter referred to as “this Policy”) regarding the handling of personal information of guests using the lodging facility “MIYAJIMA tonbo-AND” (hereinafter referred to as “the Guesthouse”) provided by the Company.
Article 1 (Personal Information Collected)
The Company collects the following personal information when guests use the Guesthouse.
1. Information obtained via reservation sites at the time of booking
When a guest completes a reservation for the Guesthouse through a reservation site such as Airbnb, the Company receives the following information from that reservation site:
(1) Account/Identity Verification Information: Full Name
(2) Payment Information: Payment Status (Payment processing is handled by the reservation site.)
(3) Reservation-related information: Stay period, number of guests
2. Information provided directly by guests via our system during self-check-in after reservation completion
(1) Guest register details: Full name, email address, phone number, address, nationality, passport number, gender, date of birth, guest's handwritten signature, occupation
(2) Identity Verification Information: Passport data (image), identity verification record captured via camera on the guest's device on the day of check-in
Note: Passport data (image) is not required for guests of Japanese nationality.
3. Information automatically collected from the Guesthouse during your stay
(1) Security Camera Records: For guest safety and security, video information is captured by security cameras installed in the following areas of the Guesthouse.
(2) Entry/Exit Logs: Information regarding the time of entry and exit using a PIN via the smart lock (RemoteLOCK) system.
Article 2 (Purpose of Use of Personal Information)
The Company will use the acquired personal information for the following purposes:
1. Management of accommodation reservations, provision of accommodation services, and billing for accommodation charges.
2. Creation, preparation, and storage of guest registers based on the Hotel Business Act.
3. Responding to inquiries and requests from guests.
4. Contacting guests in emergencies
5. Storing and contacting guests about lost items
6. Ensuring the safety and security of the Guesthouse (including security camera recordings)
7. Improving and enhancing the Guesthouse’s services
8. Creating statistical data in a form that does not identify individuals, related to the Guesthouse’s services
9. Other purposes incidental to the above purposes
Article 3 (Provision of Personal Information to Third Parties)
Except as permitted by law, we will not provide personal information to third parties without obtaining the customer's consent. However, to ensure the smooth provision of our services, we may provide personal information to the following contractors within the scope necessary to achieve the purpose of use. In such cases, we act as the controller under the GDPR, and the recipient business acts as the processor.