Pocket Concierge Privacy Policy

For your convenience, we have provided a translation of this page below. This translation is for informational purposes only, and the definitive version of this page is the Japanese version.

Pocket Concierge Co., Ltd. (hereinafter “the Company”) with regard to the services for dining provided by “Pocket Concierge”, a tool and a platform provided and operated by the Company, and American Express Company or its subsidiaries (hereinafter “the Service”), shall handle information regarding the Company’s users and registered restaurants (hereinafter “Customer Information”) in the manner prescribed below.

Article 1 (General Provisions)

  1. In order to protect Customer Information, the Company shall comply with the Act on the Protection of Personal Information, guidelines issued by government ministries and agencies, and other related laws.
  2. The “Pocket Concierge” Privacy Policy (hereinafter “this Policy”) shall apply to the Service (including other services provided by the Company that are incidental to the Service). In addition, where the handling of Customer Information is stipulated in privacy policies outside of this Policy on websites operated by the Company or in other personal information protection policies or terms of service relating to “Pocket Concierge”, these stipulations shall also be applied. However, where such stipulations conflict with this Policy, this Policy shall take priority.
  3. This Policy shall not apply to services related to the Service that are provided by parties other than the Company. For information about the handling of Customer Information by Outside Services, please refer to the separately stipulated privacy policies of the business/businesses providing the service in question.

Article 2 (Information to be obtained and methodologies, etc.)

  1. The Company, through the Service, shall obtain Customer Information, including personal information (as defined in the Act on the Protection of Personal Information, Article 2, Paragraph 1: hereinafter referred to as “Personal Information”), in the manner stipulated below.
    (1) Information provided by users
    a. Name, email address and telephone number
    b. Name, email address, gender, telephone number, date of birth and other information specified by the Company relating to the person(s) visiting the restaurant
    c. The credit card's brand information, the last four digits of the credit card number and the expiration date of the credit card
    (2) Information provided by registered restaurants (and representatives)
    a. Name of registered restaurant, Name, email address and telephone number, date of birth, address, information stated on identification documents with a photo, etc. and IP address of the representative
    b. Publicly available information contained in official gazettes and telephone directories, etc., and information notified by registered restaurants, etc. to the Company at the time of and after registration as a member
    (3) Information gathered by the Company when customers use the Service
    a. Information on usage circumstances
    b. Device information
    c. Log information and action history information
    d. Location information
    Note that although it is possible to change the settings of a Digital Device to halt the transmission of location information, doing so may prevent utilization of certain aspects of the Service.
    e. Cookies and anonymous IDs (ANIDs)
    In the course of providing the Service, “Cookies” and other such technologies may be utilized. “Cookies” are an industry-standard technology used by web servers to identify users' and registered restaurants' computers. Although “Cookies” enable identification of users' and registered restaurants' computers, they cannot be used to identify individual users and registered restaurants. Note that although it is possible to change the settings of a Digital Device to disable the Cookies function, doing so may prevent utilization of some or all aspects of the Service.
    f. Voice information derived from recorded phone calls
  2. The Company shall obtain Customer Information in a legitimate manner and shall not use deceitful or improper methods to obtain Customer Information. In addition, if the Company is to obtain Customer Information through methods other than through users' and registered restaurants' use of the Service, the Company shall notify the users and registered restaurants or publicize this action in advance.
  3. Users and registered restaurants are able to remove their account from the service via the account page at any time. Please be aware that any outstanding reservations or payments will need to be handled through fulfilment or cancellation of them before the system will allow account removal.

Article 3 (Purpose of Use)

  1. The Company shall handle Customer Information obtained through the Service in a legitimate manner within the scope of the purposes listed below. Customer Information will not be used beyond the scope of the purposes listed below without the consent of the users and registered restaurants.
    2. Purposes of use Details of purposes of use Information used
    Provision, maintenance, or enhancement of the Service for users ・For identification of users registering accounts for the Service and prevention of improper use of the Service
    ・For identification of person(s) visiting restaurants and provision of information and services related to food and beverages, and food served at restaurants
    ・For smooth provision, maintenance, and enhancement of the Service or fraud prevention
    ・For confirmation of eligibility for the use of the Service and other verification processes
    ・For necessary system operation for the implementation of the Service
    ・For determination of location of restaurants based on the current location information of users and registered restaurants, and utilization of this information to provide service that utilizes this information.     		・Name, email address and telephone number
    ・Name, email address, gender, telephone number, date of birth and other information required for the provision of services relating to the person(s) visiting the restaurant, etc.
    ・The credit card's brand information, the last four digits of the credit card number and the expiration date of the credit card
    ・Information on usage
    ・Location information
    ・Device information
    ・Log information and action history information
    ・Cookies
    ・Voice information derived from recorded phone calls
    Provision, maintenance, or enhancement of the Service for registered restaurants ・For identification of registered restaurants registering as a member of the Service and prevention of improper use of the Service
    ・For smooth provision, maintenance, and enhancement of the Service or fraud prevention.
    ・For operation of system that is necessary to provide the Service
    ・For determination of location of restaurants based on the current location information of users and registered restaurants, and utilization of this information to provide service that utilizes this information.
    		 ・Name, email address and telephone number, date of birth, address, information stated on identification documents with a photo, etc. and IP address of the representative of the registered restaurant
    ・Publicly available information contained in official gazettes and telephone directories, etc., and information notified by registered restaurants, etc. to the Company at the time of and after registration as a member
    ・Information on usage
    ・Location information
    ・Device information
    ・Log information and action history information
    ・Cookies
    ・Voice information derived from recorded phone calls
    Notification and response, etc. to users and registered restaurants ・For provision of information relating to the Service and response to inquiries etc.
    ・For notifications regarding new services relating to the Service or for provision of such services.
    ・For notifications regarding the terms of use of the Service; changes to this Policy; termination or suspension of the Service or contract cancelation; or other important notifications regarding the Service.     		・Name, email address, telephone number, date of birth, gender and other information, etc. required for the provision of services relating to the user
    ・Name of representatives, name, email address, telephone number and address of the registered restaurant
    ・Publicly available information contained in official gazettes and telephone directories, etc., and information notified by registered restaurants, etc. to the Company at the time of and after registration as a member
    ・Information obtained by the Company as a result of customer inquiries (including voice information derived from recorded phone calls)
    Dissemination of information regarding the business of the Company and American Express Company ・Dissemination of business information by mail, telephone or email, etc., regarding membership registration for the Service
    ・Sales and solicitation of financial instruments and services, etc. of American Express Company
    ・Market research, statistics creation, and product development     		・Name and email address of the user
    ・Name of representative, name, email address, telephone number and address of the registered restaurant
    ・Publicly available information contained in official gazettes and telephone directories, etc., and information notified by registered restaurants, etc. to the Company at the time of application for and after registration as a member restaurant
  2. Any personally identifiable information (PII) provided by users and registered restaurants will be treated with absolute sensitivity without exception.

Article 4 (Protection of Personal Information)

The Company shall appoint staff responsible for the handling of Personal Information, and shall establish a system to provide appropriate management of Personal Information that prevents fraudulent access to Personal Information, and loss, alteration, and leakage, etc. of Personal Information.

Article 5 (Provision to Third Parties)

  1. The Company shall not provide Customer Information that constitutes Personal Information to third parties, except in the cases below.
    (1) When the consent of applicable users or applicable registered restaurants is obtained
    (2) When required to do so in accordance with laws or regulations
    (3) When taking necessary measures in response to the actions of users or registered restaurants that, in the course of using the Service, engage or attempt to engage in actions that violate the terms of use such as harming the interests of others, or acting in a manner that runs counter to public order and morals
    (4) When it is necessary for the protection of a person's life, health, or assets, and receiving direct consent from the customer is difficult
    (5) When the Company is required to cooperate with government institutions or local authorities, or parties entrusted by them, and there is a possibility that receiving consent from the customer may interfere with the execution of such duties stipulated by laws and regulations
    (6) When business succession resulting from mergers, demergers, or business transfers, etc. occurs and involves the transfer of users' and registered restaurants' Personal Information
  2. Notwithstanding the preceding paragraph, the Company may provide personal information handled by the Company to third parties in the following cases:
    (1) Provision of user information to a third party:
    When providing to advertising agencies affiliated with the Company for provision of services affiliated with the Company’s services (hereinafter referred to as "Affiliated Services") (including qualification confirmation and other authentication procedures when using the service), or for delivery of advertisements tailored to the needs, interests, and concerns of users, analyses of effectiveness of applicable advertisements, market analyses, and other marketing activities.
    (2) Provision of registered store information to third parties: When providing to online payment companies affiliated with the Company for the purpose of providing online payment services.
    (3) In addition to the preceding paragraph, the Company shall, after having received the consent of users and registered restaurants, be able to provide Customer Information to businesses that provide Affiliated Services (hereinafter "Affiliated Companies")

Article 6 (Outsourcing of the Handling of Personal Information)

The Company may outsource to third parties the handling of all or part of the Personal Information received from users and registered restaurants (this refers to cases in which the management of data including Personal Information is outsourced, etc.). In such cases, the Company will sign non-disclosure agreements etc. in advance with the third party concerned, based on the content of this Policy. The Company will also carry out the supervision necessary to ensure that information safety is being managed appropriately by the third party concerned.

Article 7 (Joint Use of Information)

The Company may joint use the personal information of users and registered restaurants with our parent company, other group companies, Affiliated Companies, and other third parties to the extent necessary for the provision of the Service or Affiliated Services. In this case, we shall publicly announce in advance name of Affiliated Companies, purpose of information sharing, type of information to be shared, name and address of person responsible for management of such information, and in case of a corporation, name of representative of such corporation.

Article 8 (Data-Gathering Tools)

The following data-gathering tool is integrated into the Service in order to analyze how the Service is being utilized. Along with this, the Company may provide user or registered restaurant data to the provider of the data gathering tool below. The data gathering tool uses Cookies etc. to collect user or registered restaurant data that does not include personally identifiable information, and the data gathered shall be managed in accordance with the privacy policies and other regulations of the data-gathering tool provider.

Name: Adobe Analytics
Provider: Adobe Inc.
Privacy policy: https://www.adobe.com/privacy/policy.html

Article 9 (Safety Management Measures)

We have established a basic policy on the protection of personal information with respect to our compliance with the Act on the Protection of Personal Information and other relevant laws and regulations concerning the protection of personal information. In addition, the Company shall implement the following security control measures to prevent leakage, loss, or damage of personal information and to protect other personal information.
  1. The representative director of the Company shall be responsible for the management of customer information, and shall implement appropriate management and continuous improvement of customer information.
  2. Conduct self-verification of the status of handling of personal data and conduct an audit by a person independent of the department handling the personal data.
  3. Provide regular training to employees on the protection of personal information and information security.
  4. Place restrictions on and manage persons entering and leaving the Company building and our Company office, as well as manage equipment and electronic media, etc. that handle personal data.
  5. Implement access control to limit the scope of persons in charge and Personal Information databases etc. handled, and review access authority in the event of changes, etc. of the duties of the persons in charge.
  6. Implement security control measures based on an understanding of the system for the protection of personal information in each country where personal data is stored.

Article 10 (Disclosure and Correction of Customer Information)

We will respond to a request from you or your agent for disclosure, Revision (as defined below) or Discontinuance of Use (as defined below) of your personal information in the manner set out below. In this section, “Revision” means revision, addition and deletion of personal information and “Discontinuance of Use” means discontinuance of use, deletion and/or discontinuation of provision to any third party of the personal information.

    (1) Significant items of personal information for which you can make a disclosure request
    For users
      Name, email address and telephone number of the person(s) created reservation, and name, email address, gender, telephone number, date of birth and other information specified by the Company relating to the person(s) visiting the restaurant and for restaurants to provide optimal services relating to food and drinks.


    For restaurants
      Name, email address, telephone number, date of birth, address, information stated on identification documents with a photo, etc., IP address of the representative, publicly available information listed in places such as official journals or telephone directories, and information provided by registered restaurants, etc. to the Company at the time of and after its registration as a member.


    (2) Cases where we can refuse to disclose your personal information
    We will not disclose your personal information in any of the cases described below. If we refuse to disclose your personal information, we will notify you of the reason therefor.

    (i) We cannot verify your identity;
    (ii) We cannot verify the power of attorney of your agent if the request is made by your agent;
    (iii) Your application form, identity verification document or other similar document is incomplete;
    (iv) The item of information requested for disclosure does not fall under any of the items of disclosable personal information;
    (v) The disclosure is likely to harm your life, body, property or other right or interest, or that of any third party;
    (vi) The disclosure is likely to seriously impede the proper execution of our business; or The disclosure would result in a violation of any other laws or regulations.


    (3) Revision or Discontinuance of Use
    If you request us to conduct Revision of your personal information on the grounds that such information is incorrect or false, or if we are required to conduct Discontinuance of Use of your personal information pursuant to any laws or regulations, we will conduct an investigation on your request. If we confirm that the reason for your request is legitimate, we will comply with your request for Revision or Discontinuance of Use.

    (4) Parties qualified to request for disclosure
    (i) You;
    (ii) Your statutory agent; and
    (iii) Your appointed agent.

    (5) Point of contact for disclosure requests
    Please contact from below link for a request for disclosure, revision or discontinuance of use or any other inquiry. We kindly request that you make a disclosure request by completing our designated application form (please request a copy of our designated application form by calling the point of contact mentioned above) and mailing it to us with the supporting documents attached.

    The point of contact is set out in the following webpage:
    Contact

    (6) Documents to be submitted
    (i) Our designated application form
    You | O
    Your Statutory agent | O
    Your appointed agent | O

    (ii) Document to verify the identity of your agent or yourself*1
    You | O
    Your Statutory agent | O
    Your appointed agent | O

    (iii) Document to certify the power of attorney*2
    You | -
    Your Statutory agent | O
    Your appointed agent | O

    *1 Document to verify the identity of your agent or yourself

    You must submit any of the following documents as a document to verify the identity of your agent or yourself (limited to those documents that have not expired yet or those issued no earlier than three months ago). You must submit either (i) a copy of the document listed as photo ID below or (ii) copies of two or more types of the documents listed as ID without a photo below.
      Photo ID
      Driver's license、Certificate of driving history、Passport、Basic resident registry card with a photo、Special permanent resident certificate、Crew member's pocket ledger、 My Number Card (front side only*) *You do not need to submit a copy of the backside of the card where your My Number is stated. (Notification cards are not acceptable.), Other certificates issued by a public organization.

      ID without a photo

      Health insurance card, Proof of national pension, Proof of employees' pension, Certified copy of your family register (or abridged family register) (original copy issued by a public organization no earlier than three months ago), Resident record (original copy issued by a public organization no earlier than three months ago), Certificate of seal registration (original copy issued by a public organization no earlier than three months ago with the registered seal affixed in the margin), Other certificates issued by a public organization

    If you submit a copy of a document that includes your My Number, basic pension number, place of your registered domicile or insurance number and code or number of the insured, etc., please black out or redact those numbers or inf ormation so that they are unreadable. If your Health insurance card has a QR code, please black it out so that it is unreadable.

    *2 Document to certify the power of attorney

    For statutory agents, the document to certify the power of attorney must be:
    - One of the documents listed below.
    - Limited to those issued no earlier than three months ago.
    - Documents listed below that are marked with * are acceptable only if they are original copies issued by a public organization.
    - If your agent submits a copy of a document that includes the place of your registered domicile or that of your agent, please black it out and redact the same so that it is unreadable.


    Person who has parental authority

    Certified copy of your family register* or your resident record*

    Guardian of a minor

    Certified copy of your family register*, court decision on appointment or certificate of registration of guardianship*

    Guardian of an adult

    Court decision on appointment or certificate of registration of guardianship*

    For appointed agents, the document to certify the power of attorney must be:
    - Our designated letter of attorney (Please affix your signature and registered seal to the letter and attach a certificate of seal registration. If your appointed agent is a lawyer or certified judicial scrivener, please indicate his/her registration or certification number.)

    (7) Fees
    We will not charge any f ees. We will publicly announce any change to the fees in advance.

    (8)Method of providing our reply
    Your statutory agent or yourself
    In general, a disclosure report will be made in writing, and will be sent by mail to the requester of the disclosure. For security reasons, files can also be sent by email when the software/applications that we specified are available.

    Your appointed agent
    In principle, a disclosure report will be sent to the person who is a party to the agreement via the above methods, to the address and/or e-mail address that the person has notified to us in advance. (If there is no e-mail address that has been notified to us in advance, the person must notify us of the e-mail address before applying for the disclosure request.).

Article 11 (Alterations to this Policy)

  1. The Company shall review its handling of Customer Information as necessary and strive to make continuous enhancements. This Policy may therefore be altered as necessary.
  2. When an alteration is made to this Policy, the details of the alteration shall be announced in an easily understood manner through the Service or on websites operated by the Company etc. Note however that when an alteration is made that legally requires the consent of users and registered restaurants, the Company shall obtain the consent of users and registered restaurants through methods prescribed separately by the Company.

Article 12 (Inquiries)

Please send any opinions, questions, and complaints regarding the Company's handling of Customer Information as well as other inquiries regarding the handling of Customer Information to the email address below.

Personal Information Management Inquiries Desk
Kei Tokado, Representative
Address: 1-1 Toranomon 4-chome, Minato-ku, Tokyo 105-6920
Email: info-pocketconcierge@aexp.com
Pocket Concierge Inc.

Established: June 22, 2016
Amended: May 25, 2018
Amended: May 29, 2019
Amended: July 7, 2021
Amended: December 28, 2021
Amended: March 31, 2022
Amended: September 27, 2022
Amended: December 27, 2022

TOP