THE TOKYO PASS Privacy Policy
Our Privacy Policy was last updated on May 8, 2024
This Privacy Policy describes our policies and procedures on the collection, use, and disclosure of your information when you use the Service and tells you about your privacy rights and how the law protects you.
We use your personal data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.
THE TOKYO PASS is an app that offers unique experiences of Tokyo, including sightseeing and meeting the locals, freely exploring Tokyo’s museums, and savoring history, art, and pop culture while discovering the city.
Definitions
For the purposes of this Privacy Policy:
1.Definitions
1.1. “Controller” means an entity that determines the purposes and means of the Processing of Personal Data.
1.2. “Company” (referred to as either “the company”, “We”, “Us”, or “our” in this Agreement) refers to TANSEISHA Co., Ltd., Shinagawa Season Terrace 19F, 1-2-70 Konan, Minato-ku, Tokyo 108-8220, Japan.
1.3. “Cookies” are small files that are placed on your computer, mobile device, or any other device by a website, containing the details of your browsing history on that website among its many uses.
1.4. “Device” means any device that can access the Service such as a computer, a cell phone, or a digital tablet.
1.5. “Service Provider” means any natural or legal person who processes the data on behalf of the company. It refers to third-party companies or individuals employed by the company to facilitate the Service, to provide the Service on behalf of the company, to perform Services related to the Service, or to assist the company in analyzing how the Service is used.
1.6. “Usage Data” refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
1.7. “Data Protection Laws” means all data protection and privacy laws and regulations of the EU, EEA, and their member states, Switzerland, and the United Kingdom, applicable to the Processing of Personal Data.
1.8. “GDPR” means (a) the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), and (b) the United Kingdom General Data Protection Regulation.
1.9. “Processing” means any operation or set of operations that is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure, or destruction. “Process”, “Processes”, and “Processed” shall be interpreted accordingly.
1.10. “Processor” means a natural or legal person, public authority, agency, or any other body that Processes Personal Data on behalf of the Controller.
1.11. “Services” means any product or service provided by TANSEISHA Co., Ltd. pursuant to THE TOKYO PASS’s Terms of Use (“TOU”).
1.12. “You” means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
1.13. TANSEISHA as a Controller
acts as a Controller of Personal Data of its employees, contractors, candidates, affiliates, and other third parties that are not considered as a customer. We undertake to comply with legal requirements when Processing Personal Data as a Controller and implement appropriate technical and organizational measures to ensure a level of security of Personal Data as required under GDPR and applicable Data Protection Laws.
2. THE TOKYO PASS User Types (including Opt Out Options)
Much of this Privacy Policy is divided into sections based on the way you may interact with TANSEISHA. You are either a Website Visitor, a User, and/or a Business Partner (as defined below). Please determine what user type you are. For each user type, we’ve explained what information We collect and why, what cookies and other similar technologies We use, and how We share such information and your rights.
2.1. Site Visitors:
You are a Site Visitor when you visit our websites and webpages: www.mytokyopass.com
2.1.1. For Site Visitors in the European Territory, we have implemented a consent management platform (powered by OneTrust) on our Websites that provides you with the opportunity to consent, or not consent, to cookies and similar tracking technologies. Upon accessing our Websites, you will see a banner in the center of the page with information about the cookies We use. You may click the banner to reject any cookies (for example, performance cookies or targeting cookies) that are not strictly necessary cookies (as defined in the Cookie Table). By pressing “I Accept” on the banner, you are indicating your acceptance to cookies and similar tracking technologies. TANSEISHA’s lawful basis for Processing Personal Data of European Territory Website Visitors on our Websites is consent. You may withdraw your consent at any time by clicking this button: Cookies settings. In respect of all other sites, for Visitors not located in European Territories, We rely on our legitimate interest for Processing any Personal Data, however, this does not preclude non-European Territory Website Visitors from withdrawing consent at any time via our consent management platform.
2.2. Users: When you visit our Website and register your Personal Data in order to use our Services, you are a User.
When You create an account with Us, You must provide Us information that is accurate, complete, and current at all times. Failure to do so constitutes a breach of the Terms, which may result in immediate termination of Your account on Our Service.
You are responsible for safeguarding the password that You use to access the Service and for any activities or actions under Your password, whether Your password is with Our Service or a Third-Party Social Media Service.
You agree not to disclose Your password to any third party. You must notify Us immediately upon becoming aware of any breach of security or unauthorized use of Your account.
2.3. Business Partners: You are a Business Partner when you register (or email with THE TOKYO PASS) on behalf of the company you work for to use THE TOKYO PASS Services.
3. Consent
By accessing our Services, you accept our Privacy Policy and TOU, and you consent to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy. In addition, by using our Services, you are accepting the policies and practices described in this Privacy Policy. Each time you visit our Website or use the mobile App or the Service, and any time you voluntarily provide Us with information, you agree that you are consenting to our collection, use, and disclosure of the information that you provide, and you are consenting to receive emails or otherwise be contacted, as described in this Privacy Policy. Whether or not you register or create an account with us, this Privacy Policy applies to all users of the Website, mobile App, and Services.
4. Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
4.1. We collect certain Personal Data (such as name, e-mail address, date of birth, age, nationality) provided by the customer through the registration form, by e-mail, or when the customer purchases a product or makes an inquiry. We collect your location data only if you are in Japan. Please note that if you object to providing Personal Data, you may be excluded from the Services provided by the Company.
4.2. When you use this Website or the App, the following data may be collected: your IP address, location, general preferences, settings, system specifications, and any other information. We shall always seek your permission before you share location data with us. Once We get access to your location, We will know which mobile Device you are using, and We can find nearby attractions that match your interests and share suitable attractions with you that are located nearby. If you no longer want to share location data with us, you can withdraw your consent at any time by changing the privacy settings on your Device or browser.
4.3. When you are using our Website or downloading our App, We may ask for information such as your name, e-mail address, date of birth, age, and nationality. We may also record information such as the types of Services you are interested in, usage patterns, information requested by you, and products you have purchased.
4.4. Usage Data
Usage Data is collected automatically when using the Service.
Usage Data may include information such as your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique Device identifiers, and other diagnostic data.
When you access the Service by or through a mobile Device, We may collect certain information automatically, including, but not limited to, the type of mobile Device you use, your mobile Device unique ID, the IP address of your mobile Device, your mobile operating system, the type of mobile Internet browser you use, unique Device identifiers, and other diagnostic data.
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile Device.
5. Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity on our Service and store certain information. Tracking technologies used are tags and scripts to collect and track information and to improve and analyze our Service. The technologies We use may include:
5.1. Cookies or Browser Cookies. A cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service. Unless you have adjusted your browser setting so that it will refuse Cookies, our Service may use Cookies.
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile Device when you go offline, while Session Cookies are deleted as soon as you close your web browser.
We use both Session and Persistent Cookies for the purposes set out below:
5.2. Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide you with Services available through the Website and to enable you to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the Services that you have asked for cannot be provided, and we only use these Cookies to provide you with those Services.
● Cookies Policy/Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
5.3. Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow Us to remember choices you make when you use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the Website.
5.4. Tracking and Performance Cookies
Type: Persistent Cookies
Administered by: Third-Parties
Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual Visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the Device you use to access the Website. We may also use these Cookies to test new pages, features, or functionality of the Website to see how our Users react to them.
For more information about the cookies We use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
6. Use of your Personal Data
Purpose and use of Personal Data
The company may use Personal Data for the following purposes:
6.1. Personal data will not be used for other purposes than described in this Privacy and Cookie Policy. We use Personal Data obtained through the Website and App only for the purposes mentioned below. We shall always obtain explicit consent from individuals in advance before collecting their Personal Data in connection with the purposes stated below.
(a) Making our Services available and the execution of related Services.
(b) Product sales and product management.
(c) Improving our Services, such as customer support.
(d) Communications and notifications regarding our products and Services.
(e) Conducting market research, such as questionnaires and surveys.
(f) Market analysis to develop and improve our products and Services.
(g) Creating statistical reports.
(h) Processing to anonymously processed information.
6.2. Purpose of data collection
Your Personal Data will be Processed for the following purposes by the Company.
(a) It will be used for marketing purposes.
(b) In order to help with the strategic development of the Services.
(c) To understand how our Website and App are being used.
6.3. Marketing and Communication
(a) As an integral part of the Services We provide, THE TOKYO PASS may occasionally send messages you may find useful via e-mail or through the App containing informational offers, promotions, discounts, events, new Services, information about related activities or attractions, and location-based information. Such communications may also be sent by SMS, WhatsApp, and any other available method or technology.
(b) These communications may include new or related Services We wish to send you from our third-party affiliate companies. If they contact you, We are not responsible for any agreements between you and them, and any Personal Data you provide is subject to that third-party affiliate company’s respective privacy policy.
(c) We have partnered with a number of third-party companies and organizations, such as ticket suppliers and attractions. We may share your Personal Data with them. Your Personal Data, including but not limited to your name, e-mail address, and phone number, is used to confirm or change your reservation with them.
(d) If you book an admission ticket through one of our business partners, they may obtain and use your Personal Data. In such cases, your information will fall under the privacy policy of that respective business partner.
7. What Information We Process
We collects both “Personal Data” and “Non-Personal Data” about you and will Process this data for the duration of the Services, as described in the TOU.
7.1. At any time, you may log in and change this information. You may decline to provide Personal Data to the Services, however, some of the Personal Data We ask you to provide, for example, an email address, is mandatory for a Service. If you decline to provide it, We may not be able to provide that Service to you.
7.2. Please note, THE TOKYO PASS does not process or store your credit card information. Once you make a payment, your credit card information is transferred to our third-party payment processor GMO Payment Gateway, Inc. Please find their Privacy Statement here:
https://www.gmo-pg.com/corp/security/
7.3. We may combine Personal Data with other information We Process to customize informational content and enhance our ability to provide Services according to marketing preferences, restrictions or for advertising, targeting purposes, personalization of ads, or to develop and provide you with more relevant products and features in accordance with this Privacy Policy.
8. Transferring to Third-Party Companies
We will never sell, rent, or lease your Personal Data to a third party, but We may share collected information for the purposes described in this Privacy Policy with third parties that help THE TOKYO PASS provide, improve, promote, or support services that help with our business operations and assist in the delivery of our Services, or who perform Services for us, in order to prevent damage to our property or for safety reasons, for example, payment processors, hosting services, analytics, content delivery services, advertising partners, etc.
9. Your Rights
If you do not wish to receive information about our products and Services or those of other affiliated organizations necessary to perform our Services, you may opt-out from receiving such e-mails from us.
If you have any questions or concerns regarding your privacy and the protection of your Personal Data, if you do not want Us to use or keep your Personal Data after you have shared it with us, or if you have provided incorrect information to us, please send an e-mail to privacy@mytokyopass.com. We will then verify your identity, and fulfil your request, either by correcting or deleting your Personal Data.
10. Safety of Your Information
We take reasonable precautions, technical and organizational security measures to ensure a level of security appropriate to the risk, and follow industry best practices in order to protect your Personal Data from any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data, and to preserve the security and confidentiality of the data. However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by breach of such precautions. By using our Service, you acknowledge that you understand and agree to assume these risks.
10.1. Links to Other Websites
As part of the Service, We may provide links to or compatibility with other websites or applications. However, We are not responsible for the privacy practices employed by those websites or the information or content they contain. This Privacy Policy applies solely to information collected by Us through the Service. Therefore, this Privacy Policy does not apply to your use of a third-party website accessed by selecting a link via our Service. To the extent that you access or use the Service through or on another website or application, then the privacy policy of that other website or application will apply to your access or use of that site or application. We encourage our users to read the privacy statements of other websites before proceeding to use them.
11. Retention of your Personal Data
The company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if We are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
12. Other legal requirements
The company may disclose your Personal Data in the good faith belief that such action is necessary to:
● Comply with a legal obligation
● Protect and defend the rights or property of the company
● Prevent or investigate possible wrongdoing in connection with the Service
● Protect the personal safety of Users of the Service or the public
● Protect against legal liability
13. Security of Your Personal Data
The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
14. Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your activity on the service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics Javascript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy
15. Children and sensitive Data
15.1. Children
None of our Services are intentionally directed at children under 16. We do not knowingly collect Personal Data from anyone under 16 years of age. If We determine upon collection that a Website Visitor, a User, or a Business Partner is under 16, We will not use or maintain his/her Personal Data. If We become aware that We have unknowingly collected Personal Data from a child under the age of 16, We will make reasonable efforts to delete such information from our records.
15.2 Sensitive Data
We do not collect or receive any sensitive categories of Personal Data.
16. “Do Not Track” Disclosure
Some browsers transmit Do Not Track (DNT) signals to websites. Because there is no common.
understanding of how to interpret the DNT signal, TANSEISHA does not currently alter, change, or respond to DNT requests or signals from these browsers. We will continue to monitor industry activity in this area and reassess our DNT practices as necessary. In the meantime, you can use the range of other tools We provide to control data collection and use, including the ability to opt out of receiving personalized recommendations in the Users section.
17. How This Privacy Policy May Change
We may change this Privacy Policy from time to time. We will place a prominent notice that will be visible to you as a Website Visitor or Business Partner, but We do not have a means of advising Users of an update by way of notice. You should check back here periodically to see if the Privacy Policy has been updated as We will always show the date of the latest modification of the Privacy Policy at the top of the page so you can tell when it was last revised.
18. Contacting THE TOKYO PASS
If you would like to request access to the information. We hold about you, correct, modify, delete, or update Personal Data that you have provided to us, have any questions regarding this Privacy Policy or the practices of this Website, wish to withdraw your consent for the continued collection, would like to object to your Personal Data being used, or have any additional questions:
Please contact us at any time via email: privacy@mytokyopass.com