1. Home
  2. Privacy Policy
Privacy Policy

Privacy Policy

Personal Information Protection Policy

Personal Information Protection Philosophy

Gurunavi Inc. (hereinafter referred to as “the Company,” or “we/us/our” as applicable) operates a business based on the provision of restaurant information and online reservation services, management and sales promotion support for restaurants, companies, and individual businesses, and promotional services such as advertisement distribution and marketing research, based on its desire to continue to provide new value to the world and contribute to the realization of a better society by exploring the potential of “food” and connecting all things through “food.”
In operating these business activities, we recognize that the dignity of the rights and interests of individuals and the appropriate protection of personal information are of utmost importance as well as being our social responsibility.
To accomplish this, we have established a “Personal Information Protection Management System” to ensure the proper handling of personal information in compliance with the Act on the Protection of Personal Information and other relevant laws and regulations, and in consideration of the content and scale of our business, and all employees will implement, continuously improve, and maintain this system in accordance with the Personal Information Protection Policy.

1. Handling of Personal Information

We will take organizational, human, physical, and technical security management measures to prevent leakage, loss, damage, misplacement, falsification, and unauthorized access to personal information, and will constantly endeavor to improve such measures.

2. Compliance with Laws, Ordinances, and Standards

We will comply with the laws, ordinances, policies, and other standards, customs and social rules in Japan and any other countries and regions.

3. Appropriate Measures for Personal Information Management

We will take organizational, human, physical and technical measures to securely manage personal information, endeavoring to prevent the leakage, destruction, damage, loss, falsification, or illegal access of personal information. We will constantly seek to improve in this area.

  • Organizational measures to securely manage personal information:
    We have appointed a supervisor for the handling of personal information, clarified the employees handling personal information and the scope of personal information handled by those employees, and established a system for reporting and contacting the supervisor in accordance with laws, regulations and internal rules in the event a violation or an indication thereof is found.
  • Human measures to securely manage personal information:
    We conduct education of employees on the protection of personal information to provide awareness of the importance of handling personal information. We also ensure employees comply with matters related to maintaining the confidentiality of personal information by stating these in internal rules and the written pledge made when joining the company.
  • Physical measures to securely manage personal information:
    We implement access control for employees in areas where personal information is handled. We take measures to prevent the theft or loss, etc. of equipment, electronic media and documents, etc. used to handle personal information.
  • Technical measures to securely manage personal information:
    We implement appropriate access controls to limit the scope of databases, etc. handling personal information. Information systems handling personal information are equipped with systems protecting them from unauthorized access and unauthorized software from outside.
  • Understanding of the external environment:
    When we handle personal data in a foreign country (such as when we store personal data in an external cloud service and the data center is located in a foreign country), we will implement security management measures based on an understanding of the system for the protection of personal information in that foreign country (please contact us using the details in “Contact for complaints and consultations regarding personal information” at the bottom of this page for the name of the foreign country and its system for the protection of personal information). When providing personal information to a third party in a foreign country that does not have a personal information protection system equivalent to that of Japan, we will obtain the consent of the individual to whom the information pertains. When obtaining consent, pursuant to laws and regulations, we will provide the individual with the name of the foreign country, and information on the system for protecting personal information in the foreign country and the measures taken by the third party to protect personal information.

4. Organized Activities for Personal Information Protection

  1. (1)We will designate a personal information management officer and an internal audit officer to establish the Personal Information Protection Management System, and give them responsibility and authority for its implementation and operation to conduct business.
  2. (2)Based on internal audits and inspections, we will improve our internal rules and operations.
  3. (3)This policy will be made available to the general public by posting it on the Company’s website.

5. Continuous Improvement

  1. (1)We will periodically review the “Personal Information Protection Management System” in order to establish, implement, maintain, and improve the appropriate protection of personal information.
  2. (2)We will endeavor to educate and enlighten employees on the protection of personal information so that they recognize the importance of the protection of personal information and properly manage and handle such information.
  3. (3)We may revise this policy based on customer feedback, in order to protect the personal information we have obtained, or to comply with revisions to laws, regulations and other norms. Any changes will be published on the Company’s website or elsewhere.

6. Complaints, Opinions, and Other Enquiries about Personal Information

We will appropriately and promptly respond within a reasonable period of time and to a reasonable extent to complaints, comments, and questions regarding personal information handled by us. Please contact us using the details in “Contact for complaints and consultations regarding personal information.”

Established: July 1, 2004
Last updated: July 16, 2024
Gurunavi, Inc.
Akio Sugihara, President, Representative Director

Handling of Personal Information

1. Obtaining Personal Information

1-1 Methods of obtaining personal information

We obtain personal information using the following methods.

  • - When we receive personal information directly from an individual orally or in writing, etc.
  • - When the information is automatically sent to us when an individual uses or views our services, etc. (products, advertisements, contents, etc.)
  • - When personal information is provided indirectly by a third party to which the individual has given consent.
  • - When publicly available personal information is obtained from publications, the Internet, etc.

1-2 Obtaining personal information by methods not easily recognizable by the individual

We may acquire web browsing and action history collected from cookies and other attribute information (IP addresses, identifiers, location information, etc.) and the results of analysis thereof from our services and data management platforms operated by third parties, and use this information in combination with customers’ personal data for purposes such as delivering advertisements, but it will be treated as personal information in this case.

2. Purpose of use of personal information

Category

Purpose of Utilization

Customers’ Personal Information

  • •To confirm the identity of an individual (including biometric authentication) when registering as a member or logging into services provided by the Company, and to provide services.

  • •To provide notifications and communications regarding our services by telephone, mail, e-mail, etc. (hereinafter referred to as “notifications” and “communications,” respectively), and to distribute email newsletters.

  • •To conduct questionnaire surveys that may include personal information in the responses, and to conduct sales activities such as proposing our services and products and providing notifications of events to persons who are listed in the responses

  • •To perform restaurant reservation and ordering procedures, management of reservation and order status, contacting customers, ascertaining the composition of customers, verifying the identity of customers upon arrival at restaurants, and provision of personal information to the restaurant for the provision of services.

  • •Providing our services, ascertaining and analyzing customers’ usage of our services by using customers’ visiting, purchase, page-view, and activity history (hereafter "history") or location information

  • •To create statistical data such that an individual cannot be identified based on their appearance and use this data to ascertain and analyze circumstances of customer visits and improve the quality of the Company Group’s services

  • •To deliver and provide information on recommendations, direct mailings, advertisements, etc., based on various types of history.

  • •To perform management and settlement of charges, points, coupons, etc. (personal information may be exchanged with mobile phone companies, credit card companies, etc.), to process refunds, and to provide notifications related to these.

  • •To provide information on seminars, exhibitions, campaigns, prize competitions, etc. (hereinafter referred to as “events”) that the Company sponsors or co-sponsors, to perform participation and application procedures, to conduct lotteries, to contact winners, etc., to monitor the status of participation, to conduct operation, management, and administration procedures, to record images, video and audio of events, to provide these to co-sponsors, to send prizes, and to provide to contractors when outsourcing the sending of prizes.

  • •Reporting customers’ feedback and requests to restaurants, wedding venues, commercial facilities, beauty salons, event promoters, hotels and the like, and product distributors

  • •To provide information on the services of other companies introduced by the Company, to act as an intermediary for applications, to manage the status of applications, and to contact applicants.

  • •To perform identity verification required for the implementation of our services, to confirm the validity of the documents necessary for identification, to perform information system usage procedures, to send various notices and goods, to conduct administrative processing such as billing, and to perform screening and auditing.

  • •To prepare reports on the sale and delivery of products and foodstuffs provided by the Company and its partner companies, organizations, producers, etc., and on the use of the products sent.

  • •To send rewards for cooperation in market research and promotional measures implemented by the Company.

  • •Customer guidance and consulting via phone, email, or in person

  • •Customer management including personality and attribute information, etc. for building smooth relations with customers.

  • •To take records, record audio, and record video for the purpose of confirming accurate responses and actions, and improving response quality and service.

  • The following agency operations:
    -Registration, application, reservation, application management and other operations in all services
    -The sending of e-mails or messages over social media for promotional purposes
    -Applications and other procedures under government systems

  • •To contact customers regarding the delivery, installation, construction, initial setup, and delivery schedule arrangements for equipment provided in the Company’s services, and to provide such information to contractors when such work is outsourced.

  • •To provide guidebooks, member newsletters, VIP members-only information, etc., regarding the Company’s services.

  • •To contact customers regarding publication on the Company's website, social networking services, information magazines, etc., or interviews, to conduct interviews, or to conduct advertising, etc.

  • •To conduct surveys (including questionnaires, interviews, etc.) and analysis of the usage of and satisfaction with the Company’s services, to prepare statistical data that cannot identify specific individuals, and to use the prepared data for marketing, site production, development of new services, and improvement of the quality of the Company’s services.

  • •Corrections or deletions to information registered with the Company Group’s services

  • •To ensure the security of the Company’s services, to respond to incidents, accidents, or fraud, and to investigate, report and or contact customers in the event of such occurrences.

  • •To make contacts, conduct negotiations and conclude and perform contracts necessary in the course of business, to manage progress, sales, expenses, and other operations, to prepare various documents, and to provide information to persons in charge.

  • •To perform payment processing, preparation of payment records, and handling of the invoice system, taxation, etc.

  • •To make notifications and reports to public and administrative agencies such as government offices, and to law firms, etc.

Personal Information Obtained for Compliance with Laws and Ordinances

  • •To respond to and appropriately perform operations related to the exercise of rights, claims, etc. pursuant to contracts concerning the Company’s services and also laws and regulations.

  • •To achieve the purposes stipulated in the “Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures.”

Personal Information Obtained from Public Information Sources

  • •To conduct sales activities, such as proposals of the Company’s services and products, and information, etc. on events.

  • •To conduct transaction screening, credit management and checks.

Personal Information Obtained During Recruiting Activities

  • •To provide information on company information sessions, company information, and job openings, and to accept applications.

  • •To consider recruitment, contact candidates for recruitment interviews, and to conduct selection and analysis.

  • •To provide notification of recruitment results, to send recruitment-related documents, and to reimburse expenses.

  • •To provide information to contractors when outsourcing recruiting activities in whole or in part.

Information on employees

  • •To perform procedures for receiving new employees.

  • •To perform arrangement and management of goods and information systems, etc. required in the course of business.

  • •To perform personnel and labor management.

  • •To perform health management, and operations related to health and safety.

  • •To perform operations related to salary, bonus, pension, expense reimbursement, and accounting management.

  • •To perform operations related to tax, social insurance, labor insurance, and the shareholding association.

  • •To perform operations related to internal services and employee benefits.

  • •To contact other companies including business partners, affiliated companies, and secondment destinations, and to respond to requests for investigations.

  • •To make notifications and reports to public and administrative agencies such as government offices, and to law firms, etc.

  • •To perform public relations and sales activities, such as publication in public relations publications and in-house newsletters.

  • •To make contact, hold meetings, and emergency communications required in the course of business (including notifications of drills and sharing of their results).

  • •To perform communication on paper, e-mail, social media, etc. (including audio, images, video, etc.)

  • •To monitor and provide notification of the status when recruiting employees through employee referrals.

  • •To perform registration of biometric information (face, fingerprint information, etc.) in biometric authentication devices, confirmation of behavior, and demonstration experiments for the development of new services.

  • •To perform data analysis, etc. the execution of business, applications, management, records and improvement of efficiency.

  • •To conduct auditing, crime prevention, fraud prevention, etc. (including video and online monitoring, etc.).

  • •To obtain and use information on dependents of the individual to the extent necessary to achieve these purposes of use.

Information on former employees

  • •To perform resignation procedures, and to send and receive documents related to resignation.

  • •To comply with labor-related laws and regulations.

  • •To make contact required in the course of administrative procedures and make emergency contact.

Information on shareholders and investors

  • •To send business reports, rewards for responding to questionnaires, and other distribution materials, etc.

  • •To implement disclosure, provide notifications, exchange information, and implement questionnaires, etc.

  • •Responding to shareholders exercising their rights

  • •Management of shareholders in accordance with relevant laws and ordinances

  • •Provision of personal information for exercise of rights and performance of obligations in accordance with the Companies Act

  • •To perform analysis of shareholder composition and attributes, and participation in information sessions, etc.

Enquiry

  • •To respond to inquiries received, perform analysis and improve service.

  • •To take records and record telephone calls, etc., as necessary to ensure accurate responses.

3. Provision of personal information

3-1 Provision of personal information

When providing personal information, we take measures to avoid providing personal information to any third party (including third parties located in the foreign countries) without the individual’s consent except in the following cases:

  1. (1)Cases in which the provision of personal information is required by laws and ordinances
  2. (2)Cases in which the provision of personal information is necessary for the protection of the life, body or property of an individual, and for which your consent is difficult to obtain
  3. (3)Cases in which the provision of personal information is particularly necessary for improving public health or promoting the sound development of children, and it is difficult to obtain your consent
  4. (4)Cases in which the provision of personal information is necessary for cooperating with a state organ or a local government, or those entrusted by the state organ or local government in executing the affairs prescribed by laws and ordinances, and in which obtaining your consent is likely to impede the execution of such affairs
  5. (5)Cases in which we entrust the handling of personal data in whole or in part within the scope necessary for the achievement of the specified purpose of utilization
  6. (6)Cases in which we provide personal data as a result of succeeding to a business due to a merger or other event, and the acquirer uses such personal data within the scope of the purpose of utilization before the succession
  7. (7)Cases in which personal data is jointly used between the Company Group and a specific entity or individual, and in advance we notify, or make readily available to, you the following matters, or similar details of equal or greater scope
    • •Joint use of personal data
    • •Purpose of utilization of an entity or individual using personal data
    • •Items of personal data to be jointly used
    • •Name or company name responsible for the management of personal data
    • •Scope of entities or individuals jointly using personal data
    • •Method of obtainment

3-2 Provision of information of officers and shareholders of corporations and other entities

We may provide information regarding the officers and shareholders of corporations or other organizations that is included in the information of such corporation or other organization and that has already been disclosed or publicly announced under laws and ordinances or by such person or such corporation or other organization, after obtaining the person’s consent and notifying the person of the purpose of utilization.

3-3 Supervision of contractors

When we entrust the performance of services involving the handling personal information, we execute an agreement with the contractor regarding personal information protection, and exercise appropriate supervision or other control over the contractor to ensure the prevention of leakage, destruction, damage, loss, falsification, or illegal access of personal information or other divulgement of personal information.

4. Activity History, Attribute Information, and Advertisement Delivery by a Third Party

4-1 Delivery of advertisements using cookies

  1. (1)We use cookies (including similar technologies) to provide information that is easily accessible by, and more valuable to, customers. Cookies allow data to be temporarily saved on a computer or other device used by a customer when accessing a website. Using cookies enables us to acquire and save in the Company’s server the customer’s activity history on the Company’s websites (including, but not limited to, URLs and content accessed and the order of access), and attribute information that cannot be used to identify an individual such as age and sex, occupation, area of residence, history of store visits, and location information (and that which an individual cannot be identified by a combination thereof).
    (2)We use advertisement delivery services provided by third parties. When doing so, such third parties may obtain and use information about visits to our site and activity history by means of cookies, etc. The cookie information, etc. obtained by such third parties will be handled in accordance with the privacy policies of such third parties.
    List of cookies used for activity history, attribute information, and advertisement delivery services provided by third parties

4-2 Delivery of advertisements provided by third-party advertisers

In order to provide appropriate advertising to customers, Gurunavi Inc. irreversibly transforms part of the personal information it possesses (e-mail addresses, etc.) into data that cannot be used to identify individuals, performs matching with third-party advertisers and delivers advertisements based on the results.

Third-party advertisers do not use this information for any purpose other than delivery of advertisements.
You can choose to enable or disable “behavioral targeting advertising” for these advertisements by third-party advertisers.

  1. (1)Google customer matching The “customer matching” provided by Google is used to customize the display of advertising and content on Gurunavi’s products and services that you see on Google’s services for you and to improve convenience. Some personal information (e-mail address, etc.) is shared with Google for this purpose, and only used for the purpose of displaying Gurunavi’s advertisements on Google’s services. Please refer to Google’s advertising help page for information on the “customer matching” system and the limited handling of data by Google.
    Google (How to disable advertising)
     *Japanese page only
  2. (2)Yahoo! JAPAN data import function Gurunavi uses the “data import function” provided by Yahoo! JAPAN to display advertisements on Yahoo! JAPAN and Yahoo! JAPAN partner sites according to usage of Gurunavi services. Please refer to the help page for the data import function for information on the “data import function” system and the limited handling of data by Yahoo! JAPAN and Yahoo! JAPAN partner sites.
    Yahoo! JAPAN (How to disable advertising)
     *Japanese page only
  3. (3)Facebook customer audience Gurunavi uses the “customer audience” provided by Facebook to display advertisements on Facebook services according to usage of Gurunavi services. Please refer to Facebook’s customer audience help page for information on the “customer audience” system and the limited handling of data by Facebook.
    Facebook (How to disable advertising)
     *Japanese page only

5. Transfers out of the European Economic Area (EEA) and the United Kingdom

When customers residing in the EEA (EU member states, Iceland, Norway and Liechtenstein) and the United Kingdom use services provided by the Company, we may receive and handle transfers to countries outside the EEA and the United Kingdom (mainly Japan) from other business operators, etc.

In such cases, the same rights of the data subject as under the GDPR (EU General Data Protection Regulation) may not be recognized in countries outside the EEA and the UK. However, we will comply with the “Act on the Protection of Personal Information” of Japan and the “Supplementary Rules under the Act on the Protection of Personal Information for the Handling of Personal Data Transferred from the EU and the United Kingdom based on an Adequacy Decision” and ensure necessary measures for the protection of personal information.

6. Disclosure, etc. of Personal Information

6-1 Disclosure, etc. of retained personal data handled by the Company

  1. (1)You may request the Company Group to notify you of the purpose of utilization of, disclose, correct, add or delete the content of, discontinue its utilization of, erase, or discontinue its provision to a third party of, the retained personal data handled by the Company Group ("disclosure, etc.") pursuant to the Act on the Protection of Personal Information.
  2. (2)When requesting notification of the purpose of utilization and disclosure, you are required to pay handling fees. (For handling fees, please refer to the "Fee and payment method for request for disclosure, etc.")
  3. (3)You are required to pay all of the printing costs, costs of obtaining documents for identity verification, mailing costs and other costs.
  4. (4)Request documents must be in the format prescribed by the Company. No other format will be accepted.
  5. (5)Disclosure of all or part of the personal data held pertaining to a request may be withheld in any of the following cases. If a decision is made to withhold disclosure, notification will be provided with the reason.
    • •If there is a risk of harming life, body, property or other interests due to disclosure
    • •If there is a risk of significantly impeding the appropriate execution of the Company’s business due to disclosure
    • •If disclosure constitutes a violation of laws and regulations
    • •If it cannot be confirmed that the request for disclosure is from the individual to whom the information pertains
    • •If the Company is otherwise allowed to reject the request pursuant to applicable laws
  6. (6)We will properly handle personal information acquired at the time of your request to the extent necessary for such request. Please understand that we do not return documents or other materials submitted (including documents for identity verification).

6-2 Fee and payment method for request for Disclosure, Etc

In the case of request for disclosure and request for notification of the purpose of utilization:

  1. (1)Fee: 500 yen (including tax) per request.
    (2)Payment method: Please enclose postage stamps worth 500 yen with the request form.

  • * Cost for replying in writing by simplified registered mail. We will provide separate notification in the event fees are required for disclosure by means other than mail.

    * If the cost of simplified registered mail or the simplified registered mail system is changed, the fee for requests for disclosure, etc. will be changed accordingly.

    * If the payment is either less than the specified fee amount or not enclosed, we will notify you thereof, and return all the submitted documents. You will be requested to resubmit the documents.

    * Please understand that we do not accept requests made in person by visiting our company.

6-3 Procedures for request

  1. (1)Please use the inquiry form to request disclosure, etc. We will follow up by providing information on the procedure. If sending by mail, please download or print out the “Request form designated by the Company” indicated below.
    (2)After filling out the relevant items in the form, and affixing your signature and seal, please enclose the “documents for identity verification” and mail them to the Company’s “Personal Information Enquiry Desk.” If a request is made by an agent on your behalf, the address, signature and seal of the agent are required in addition to your address and name.
    1. 1)Request form designated by the Company
      Request for disclosure, correction or deletion of personal information
      [201KB, in Japanese]

      * If we are not able to proceed with the procedures because the necessary items are incomplete or flaws, etc. are contained in the request form, we will notify you thereof using the contact details indicated in the request form. Please understand that if we do not receive a resubmission of the documents (including undelivered mail) within 2 weeks from such notification, we will deem that you have not requested disclosure, etc.

    2. 2)Documents for identity verification

      Please enclose copies of any two of the following. Please make sure that the copies clearly show your name and address.

      • •Valid driver's license (copies of both sides are required)
      • •Valid passport
      • •Copy of residence certificate (only relevant entries such as address and name, which do not include your domicile of origin or personal identification number)
      • •Certificate of insured person of an insurance (excluding medical records)

      Notes

      • •If the present address is different from the address recorded with the Company due to a change of residence, etc., please submit a copy of the residence certificate (not including your personal identification number) showing the history of change of residence.
      • •If we are unable to verify your identity for reasons such as the documents for identification documents not being enclosed or the identification documents containing unclear sections, we will notify you thereof, and return all the submitted documents. You are requested to resubmit the documents.
      • •If an agent delegated by you makes a request for disclosure, etc., we will confirm that he or she is your agent by the power of attorney to which your registered seal is attached and your certificate of seal impression, and the agent's document for identity verification, and if your statutory agent makes a request for Disclosure, Etc., we will confirm that he or she is your statutory agent by the statutory agent’s document for identity verification and a document certifying the relationship between the statutory agent and you.
    (3)Once we verify the identity, we will appropriately and promptly make a response within a reasonable period of time and to the reasonable extent.

Name of the Personal Information Manager

CISO(Chief Information Security Officer)

Complaints, Opinions, and Other Enquiries about Personal Information

Please contact us using the dedicated contact form or the following links:

  • ※Click here for enquiries regarding our handling of personal information.

  • ※Click here for enquiries regarding activity history and contextual information.

  • ※Please contact the following address for enquiries regarding the personal information we have obtained.

Personal Information Enquiry Desk:

Gurunavi, Inc.

Hibiya Mitsui Bldg. 11F, 1-1-2 Yurakucho, Chiyoda-ku, Tokyo 100-0006
Complaint and Consultation Desk Manager at Personal Information Enquiry Desk

Click here to make an enquiry.

Established: July 1, 2004
Last updated: July 16, 2024