1.Types of Personal Information We Collect

The types of Personal Information Our Company may collect and retain include.

• (1)Personal information received from the Customers.
  • ①Basic information(name, address, gender, date of birth, nationality, e-mail address, telephone number, passport number, etc.).
  • ②Ancillary information(anniversaries, preferences, allergies, etc.).
  • ③Payment information (credit card number, bank account number, etc.).
  • ④Facility service usage status (history of lodging, activity, shopping, etc.).
  • ⑤Details of communications (e-mails, website form entries, letters, etc.).
  • ⑥Information provided directly or indirectly by the Customers in connection with the provision of our services.
• (2)Personal Information of our business partners.
  • ①Name, cell phone number, position and other information of the person in charge.
  • ②Other information obtained due to need in order to conduct business.
• (3)Personal Information related to recruitment and job offer.
  • ①Information filled out in application forms.
  • ②Content of interviews, telephone calls, e-mails, etc. for the purpose of employment selection and hiring procedures.
• (4)Personal Information related to members of our Company including employees, directors and others.
  • ①In addition to the information in (3) above, information required to be obtained in accordance with laws and regulations on work and employment as well as Company regulations, such as bank accounts for salary remittance, health information, etc.
• (5)Information automatically collected by browsing our website.
  • ①Device information, log information, cookies, anonymous IDs, location information, IP addresses, etc.
• (6)Information automatically collected through security systems.
  • ①Images from security cameras, history of card key use, etc.

2.Purposes to Collect Personal Information

We will collect and use Personal Information within the scope of the following purposes. In the event that we intend to use Personal Information beyond the stipulated scope, we will obtain the prior consent of the individual in question before processing the information, except as otherwise provided by law.

• (1)Personal Information of the Customers.
  • ①To provide services and products to the Customers.
  • ②To confirm reservations and respond to inquiries from the Customers.
  • ③To fulfill contractual obligations to related parties (e.g., travel agencies) or outside vendors (e.g., credit card companies, airlines) in connection with travel arrangements.
  • ④To distribute invitations and e-mails regarding our products, events, etc.
  • ⑤To conduct sweepstakes and campaigns ,or send questionnaires for the purpose of improving services
  • ⑥To manage membership information and provide services to members of our membership program.
  • ⑦To deliver behaviorally targeted advertising using Internet ad-serving companies.
  • ⑧To understand usage conditions and analyze behavior for the purpose of improving, enhancing, and developing our product.
  • ⑨To respond to legal obligations, laws and ordinances, or notices and guidance from administrative authorities.
  • ⑩To respond to emergencies, accidents, disasters, etc.
  • ⑪For operations related to the above purposes
  • ⑫For other purposes of use separately specified at the time of collecting Personal Information.
• (2) Personal Information of our business partners.
  • ①To enter into and execute contracts with business partners for the purpose of providing services and products related to our business, and to carry out outsourcing and other necessary operations.
  • ②For other purposes of use separately specified at the time of collecting Personal Information.
• (3) Personal Information of job applicants.
  • ①To execute contracts related to employment screening and hiring procedures, and to perform other necessary tasks.
  • ②To respond to inquiries, requests for information materials, etc.
  • ③For other purposes of use separately specified at the time of collecting Personal Information.
• (4) Personal Information of members of our Company including employees, directors and others.
  • ①To calculate and pay salaries and related works
  • ②To manage the safety, personnel, labor, and welfare of members of our Company and to perform related tasks
  • ③For other purposes of use separately specified at the time of collecting Personal Information.

3.How We Collect Personal Information

We will collect Personal Information in the following ways. The Customers always have the rights to make choices about the provision of Personal Information. However, if you refuse to provide Personal Information, such as not revealing your name, you may not be able to use some of our services.

• (1) Directly from the Customers
  • We may collect Personal Information through telephone calls, written documents, business cards, verbal communication, websites, applications, and other means, when making reservations or using our group facilities, creating an account on our group facilities' website, responding to surveys, participating in drawings or sweepstakes, applying for or using services provided by our group facilities, or in connection with recruitment or business communications.
• (2) From the Customers’ devices and the Company’s networks
  • Our Company may collect Personal Information automatically through cookies and related technologies from the Customers’ devices when the Customers use the Company’s websites or other online contents of our group facilities
• (3) From companies which legitimate right has been conferred from the Customers
  • We may collect Personal Information from companies like the following, which the Customers have contracted in order to use our group facilities, and which have been selected by our group facilities.
    e.g., Travel agency used by the Customers or airlines as their means of transportation
    Credit card companies which the Customers use for payment, etc.
• (4) From publicly available information
  • We may collect Personal Information from newspapers, the Internet including social networking sites, telephone directories, publications, and other written materials.
• (5) When we ask for Personal Information from other sources than those listed above, we will clearly explain the purpose and content of the request and obtain the minimum necessary information.

4.Safety Management

In handling Personal Information, we will comply with the Act on Protection of Personal Information and other relevant legal standards and take the following measures.

• Necessary precautions and safety measures to prevent leakage, unauthorized access, loss, destruction, falsification, etc.
• Periodic improvement of the information management system.
• Establishment of a secure organizational structure.
• Establishment, ongoing review and improvement of internal regulations and specific rules for the handling of Personal Information.
• Regular education and training to ensure that all employees are familiar with its contents.
• Physical safety measures for equipment and facilities that handle Personal Information.
• Appropriate supervision of contractors to whom Personal Information is entrusted (e.g., Clear statement on safety management in the contract).
• ※SSL：Our websites use SSL (Secure Sockets Layer) as encryption technology. Personal Information and credit card numbers transmitted by the Customers are automatically encrypted by SSL, so that even if they are seen by a third party during transmission, the contents cannot be read. However, this does not guarantee a completely secure environment.

5.Disclosure and Provision to Third Party

We will not disclose or provide Personal Information of the Customers to third parties except in the following cases.

• When we have the consent of the person concerned.
• When used jointly with our group facilities for the purpose of use that we have clearly stated.
• When providing information to contractors within the scope of the stated purpose of use in order to provide services to the Customers.
• When providing information to third parties in the form of statistical information that does not identify individuals for the purpose of research and analysis of usage trends and improvement of the services provided.
• When we are requested to provide the information under laws and regulations.
• When it is necessary for the protection of a person's life, body, mind, property, or public health, and when it is difficult to obtain the consent of the Customers.
• When it is necessary to cooperate with a national or local government, or an individual or entity entrusted by those, in the execution of public affairs, and obtaining the consent of the person concerned is likely to impede the execution of such affairs.
• When the person concerned explicitly requests disclosure or provision of the information to third parties.
• When the right to manage Personal Information is transferred as a result of the succession of business due to a merger, etc.

6.Joint Use of Personal Information

We will share Personal Information of the Customers, as follows, subject to the necessary protection measures.

• (1) Scope of the joint use
  • Our group facilities
• (2) Purpose of joint use
  • Purposes stipulated in ”2. Purposes to Collect Personal Information”
• (3) Information subject to joint use
  • Types of Personal Information stipulated in ”1. Types of Personal Information We Collect”
• (4) Party responsible for the management of joint use
  • H.P.D. Corporation

7.Retention Period

We will retain Personal Information collected from the Customers as long as it is necessary for the purposes of use described in this policy. The specific retention period will be determined based on the purpose for which Personal Information is acquired and processed, the nature of Personal Information, and the legal or business necessity. After the retention period has elapsed, Personal Information will be erased or anonymized in a secure manner.

8.Use of Cookies

A cookie is a technology that stores access information to the Company's website in the computer or mobile device of the Customers. The Company's website uses cookies to analyze browsing and usage conditions and to provide appropriate information to the Customers. If you wish, you can stop or disable the cookie function of your browser, but some of the services on our website may not function properly. Please contact the provider of your browser or refer to the Cookie Policy for information on how to set up your browser.

9.Procedures for Disclosure, Correction, Suspension of Use, etc. of Personal Information

When a person or his/her proxy makes a request for disclosure, notification of purpose of use, correction or addition of content, partial deletion, suspension of use ,total deletion, disclosure of records of provision to third parties, or suspension of provision to third parties (hereinafter collectively referred to as " the Requests") regarding Personal Information held by us, the prescribed required documents should be submitted by sending documents (by registered mail ) to the Contact below, and we will promptly respond to your request within a reasonable period of time and to the extent necessary (a fee equivalent to the actual cost will be charged, depending on the details of the Requests). However, we may decline such requests in the following cases. if the Requests violate laws and regulations; if the Requests may harm the life, body, property, or other rights or interests of the person concerned or a third party; if the Requests may seriously impede the proper conduct of our business; if the relevant personal information does not exist; if the identity of the person making the Requests cannot be verified; or if the person making the Requests does not pay the prescribed fee.

• (1)Mailing address for documents
  • Send To:

    Accounting,Renaissance Okinawa Resort
    H.P.D. Corporation
    3425-2 Yamada, Onna-son, Kunigami-gun, Okinawa, Japan,〒904-0416
    ※Contact for inquiries：
    E-mail privacy@hpd-c.co.jp
    tel：098-965-0707

• (2) Required documents
  ■When the person concerned makes the Requests
  • Application Form
  • dentification documents
  • A:Copy of one of the following
    Driver's License
    Passport
    Individual Number Card (front side only)
    Disability Certificate
    Residence Card
    Special Permanent Resident Certificate
  • B:Copies of any two of the following, if you do not have the documents listed in A above,
    Any Health Insurance Card (within expiration date)
    Any Pension Book (within expiration date)
    Transcript or Extract of Family Register (within 30 days of issue /original only)
    Certificate of Residence (within 30 days of issue /original only)
    Certificate of Seal Registration (within 30 days of issue /original only)
  • If you wish to receive a reply by mail, postal stamps for the equivalent amount of return postage
    ※Please inquire in advance about the amount.
  ■When a proxy makes the Requests
  • Application Form
  • Documents to certify the person concerned and the proxy (A or B above)　
  • (If the proxy is a legal representative)
    Documents proving the qualification of the legal representative, such as a copy of the family register (within 30 days of issue)
  • (If the proxy is an arbitrary proxy)
  • Letter of Proxy
  • If you wish to receive a reply by mail, postal stamps for the equivalent amount of return postage
    ※Please inquire in advance about the amount.
• (3)How we reply
  • We will send the documents by postal mail (ID confirmation delivery service) or E-mail to the address for response indicated on the Application Form.
    ※Please set up your domain for @hpd-c.co.jp in advance so that you can receive emails from us.
• (4)Notes
  • In the event that there are any deficiencies in the description, identification documents, fees, etc., we will notify the applicant of such deficiencies to “Your Contact from Us" indicated on the Application Form. However, if no second request is made within 2 weeks of the notification, the Requests will be deemed invalid. In such cases, the documents, fees and other submission which have been once received will not be returned, but we will dispose them appropriately.
  • All costs related to disclosure and other requests, including printing and photocopying costs of necessary documents, acquisition costs of identification documents, and postage costs, etc., shall be borne by the requesting party.
  • Personal Information obtained by us in response to a request for disclosure and other requests, will be used only to the extent necessary for the procedures. Documents to be submitted will not be returned. We will dispose of them appropriately.
  • Please note that we are not responsible for any problems that may occur as a result of the disclosure of retained personal data in response to this request.

10.Pseudonymized Personal Information

(1)When we create pseudonymized personal information which is the information about an individual obtained by processing personal information so that the individual cannot be identified unless it is cross-checked with other information, we will process the information appropriately in accordance with the standards set forth in the Act on Protection of Personal Information and related laws and regulations.

(2)We will handle pseudonymized personal information to the extent necessary for the purposes of use listed in "2.Purposes to Collect Personal Information " and "6. Joint Use of Personal Information“ in the policy. If we change the purpose of use and use it for other purposes, we will publicly announce the changed purpose of use.

(3)We will not verify pseudonymized personal information with other information for the purpose of identifying the individual to whom the information pertains. In addition, we will not provide such information to a third party, except in the case of joint use among our group facilities.

(4)When we create pseudonymized personal information or obtain pseudonymized personal information as well as deleted information which is related to pseudonymized personal information, we will take security control measures for such information in accordance with laws and regulations, in addition to the provisions of the policy "4.Safety Management”.

11.Anonymized Personal Information

(1)When creating anonymized processed information, which is the processed information that cannot be identified as a specific individual and be recovered, we will process the information appropriately in accordance with the standards set forth in the Act on Protection of Personal Information and related laws and regulations.

(2)We will not verify anonymized processed information with other information for the purpose of identifying the individual to whom the information pertains. In addition, when we create anonymized processed information, we will publicly disclose the items of personal information contained in such anonymized processed information. When providing anonymized processed information to a third party, we will clearly state that the information is such information.

(3)When creating anonymized processed information, in order to prevent the leakage of information related to deleted information, personal identification codes, and processing methods from personal information used to create anonymized processed information, we will take measures for safety management in accordance with laws and regulations, in addition to the provisions of the policy "4.Safety Management”.

12.Handling of Personal Information on Third Party Websites or Applications

While we take the utmost care in handling Personal Information on our website in accordance with this policy, we assume no responsibility for the handling of personal information by third party websites or applications posted on our website. The Customers should check the terms and conditions regarding personal information on such websites or applications before using them.

13.Revision of Privacy Policy

We may revise this policy without prior notice in response to changes in related laws and regulations or the social environment. If you would like to check the latest information, visit our websites. Please note that the Company will not be held responsible for any problems arising from failure to check our websites.

14.Business Contact for Consultations or Inquiries Concerning Personal Information

If you have any questions or concerns about the personal information we handle, please contact us at the following address.

• • Accounting, Renaissance Okinawa Resort
    H.P.D. Corporation
    3425-2 Yamada, Onna-son, Kunigami-gun, Okinawa, Japan, 〒904-0416
    E-mail：privacy@hpd-c.co.jp　
    Phone：098-965-0707

1.What is Cookie

Cookies are small text files that are stored in your browser when you visit a website. This allows the website to remember information about the user's visits and activities. Cookies and related technologies are used to distinguish between each visitor, to optimize the display of the website according to the visitor's device and browser settings, and to use the recorded past browsing history to provide information and deliver advertisements tailored to the interests of the Customers.

2. Type and Purpose of Cookies

The website uses three types of cookies.

• • Essential cookies:
    These cookies are essential to the basic functionality and security features of our websites. When the users visit our websites, the cookies are always available and are running without the visitors’ consent.
    Specifically, they support the following functions.
  • Maintain user login status
  • Manage Shopping Cart
  • Save security settings
  • Assist with page navigation

• • Analytical cookies:
    These cookies enable us to understand how our websites are being used. We use the cookies to grasp site usage status, such as the number of visitors on each page, how many pages they navigate in a single visit, and whether there are any errors, so that we can continually improve our websites. For this purpose, we adopt Google Analytics. The information collected, recorded, and analyzed by Google Analytics is processed anonymously and does not contain any information that identifies you as an individual. However, the information may be used for the distribution of advertisements and other purposes.

• • Marketing cookies:
    These cookies are set by external advertising distribution service providers and are used to record site access information, attribute information at the time of login and other information, and to distribute advertisements based on the interests of the Customers. These cookies do not directly store Personal Information, but if you are a registered user of Google, Meta, Yahoo or other providers, your website browsing history may be managed in a way that is linked to your registered information with these companies. The information created by the cookies will be handled in accordance with the regulations of the external advertising service providers. You may block these cookies, in which case you will be presented with not- targeted and more general advertisements. The information collected by the cookies will be handled in accordance with the privacy policy and other regulations of the external advertising distribution service providers.

3.How to set cookies

The Customers can choose whether or not to store cookies on their devices. It is possible to set your browser to disable cookies, but you may not be able to use certain features of our websites or some pages may not display properly.

• (1)How to set it in each browser
  • Settings are required for all browsers on the device used (computer, tablet, smartphone, etc.). Links to commonly used browsers are listed below. The procedure varies for each browser, so please check the instructions for the browser you are using.
  • Internet Explorer™： https://support.microsoft.com/en-us/windows/manage-cookies-in-microsoft-edge-view-allow-block-delete-and-use-168dab11-0753-043d-7c16-ede5947fc64d
  • Safari™： https://privacy.lycorp.co.jp/en/glossary/cookies.html
  • Google Chrome™: https://policies.google.com/technologies/cookies?hl=en#managing-cookies
  • Firefox™: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
  • Opera™: https://help.opera.com/en/latest/web-preferences/
• (2)How to set it in Cookie Settings window
  • You can also select your preferences in the Cookie Settings window of our websites, but only with respect to "Essential Cookies", which cannot be disabled in this window. Please check the respective URLs listed in "(1) How to set it in each browser " and make the changes from your device.

4.Revisions to this Policy

It may be revised in response to changes in laws and regulations, social conditions, etc. Any changes to the Cookie Policy will be effective upon posting of the revised content on the Company's websites.

5.Business Contact

• • Accounting, Renaissance Okinawa Resort
    H.P.D. Corporation
    3425-2 Yamada, Onna-son, Kunigami-gun, Okinawa, Japan, 〒904-0416
    Phone：098-965-0707
    E-mail：privacy@hpd-c.co.jp　

1.Controller of personal data

This website is operated by HPD Corporation Yamanaka Branch, 1-14-3 Yamanaka-onsen Higashi-machi, Kaga-shi, Ishikawa 922-0114, Japan (“we”, “us”, “our” or “YMN“).
You can contact us via e-mail to: privacy@hpd-c.co.jp

2.Purpose

This document outlines the specific information that we are obligated to provide to data subjects in the EU, EEA and UK under the General Data Protection Regulation ((EU) 2016/679 GDPR) established by the EU, and the United Kingdom General Data Protection Regulation (UK GDPR). These regulations specify the rights of data subjects and the protocols for managing personal data.

3.Scope of this privacy policy

This document covers our processing of your personal data on our website https://kagari-kisshotei.com/.

4.Contact information of representatives

5.Legal grounds of our processing

We will only process your personal data if there is a legal basis to do so. Under GDPR/UK GDPR, there are three legal bases that we use.

• (1) Consent (Art. 6 (1) a) GDPR/UK GDPR)
  • If consent is freely provided by you, we are allowed to process your personal data only for the purpose for which the consent was given.
• (2) Contractual obligation (Art. 6 (1) b) GDPR/UK GDPR)
  • If we have a contract with you, we will need to store and use some information about you. The same is true if we take necessary steps at your request prior to entering into a contract.
• (3) Legitimate interest (Art. 6 (1) f) GDPR/UK GDPR)
  • Legitimate interest allows us to process personal data if it is necessary for our legitimate interests and your interests or fundamental rights and freedoms do not outweigh our interest. We will inform below if we do such processing and what interests we pursue.

6.Use of this website

When you visit our website, the servers automatically save server log file information sent by your browser. This information includes.

• Content data
  • Any text you enter or files you upload
• Usage data
  • Websites visited
  • Date and time of your request
• Metadata
  • Your IP-address
  • Your computers time zone
  • Your computers date and time
  • The website you requested
  • Which website you came from
  • Information about your browser (version, language, fonts installed)
  • Information about your operating system (version, language)
  • Potentially other information your browser sends via the HTTP protocol

Temporary storage of the IP-address by the system is necessary to display website content on your device. The information is used exclusively to maintain the technical operation of the servers and the network and ensure its security. The legal basis is our legitimate interest to provide the website in a secure manner(Article 6 (1) f) GDPR/UK GDPR). We automatically delete all server-logs within 5 days. We store the logs for this time to see suspicious activities in our server and protect our infrastructure from outside attacks such as DDoS. We use an external hosting provider to serve the website. The provider receives and stores the content data, usage data and metadata on our behalf. We use following external hosting providers.

• (1) Cloudflare
  • We use Cloudflare as our CDN-provider to load some pictures and elements of this website. The CDN-provider will receive usage data and metadata of your visit. By using a CDN, we can more efficiently provide you with the information you requested and keep our website secure. The legal basis for this use is our legitimate interest (Article 6 (1) f) GDPR/UK GDPR).
  • Cloudflare is a service offered by Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. You can review their privacy policy here: https://www.cloudflare.com/privacypolicy
• (2) isDelivr
  • We use isDelivr as our CDN-provider to load some pictures and elements of this website. The CDN-provider will receive usage data and metadata of your visit. By using a CDN, we can more efficiently provide you with the information you requested and keep our website secure. The legal basis for this use is our legitimate interest (Article 6 (1) f) GDPR/UK GDPR).
  • isDelivr is a service offered by isDelivr Inc. For more information on how they process your data, please refer to their privacy policy: https://www.jsdelivr.com/terms/privacy-policy.
• (3) GStatic Google Static Content
  • We use GStatic Google Static Content as our CDN-provider to load certain static elements of this website, such as fonts and scripts. The CDN-provider will receive usage data and metadata of your visit. By using a CDN, we can more efficiently provide you with the information you requested and enhance the website's performance. The legal basis for this use is our legitimate interest (Article 6 (1) f) GDPR/UK GDPR).
  • GStatic Google Static Content is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. You can find details about their data processing in their privacy policy: https://policies.google.com/privacy?hl=en

7.Cookies on this website

Cookies are small text files that any website can write into your browser. Cookies may be set by ourselves (first party cookies), or by third parties. If we set a cookie in your browser, other websites cannot read it. If other third parties set a cookie in your browser, any other website which uses the same third party can read the information stored in these cookies. This allows for tracking functionality across websites. If we use third party cookies, we will always ask for your consent before placing these cookies. Below you can see a list of first party cookies which we set.

The following table shows a list of third party cookies we use.

8.Third Parties

On our websites, we may embed tools and contents loaded from the servers of third party service providers. Examples of this may be graphics, videos, social-media buttons, or other functionalities. Whenever you access a website which embeds such contents, your IP-address will be transmitted to these third parties. Occasionally these tools might include so called web beacons, invisible graphics that are used to gather further statistics. If you notice any such web beacon, please notify us and we will strive to remove it from our websites. Some third-party contents will also set cookies in your browser to store certain information on your usage of the tools and contents. Occasionally, the third party might connect your information gathered on our websites to other information they have collected in order to build a profile on you.

9.Purpose of our processing

Personal data processed by us, its purpose of use, legal basis and retention periods are as follows.

• (1) Online reservation
  • Processing activities: Receiving and managing lodging reservations
  • Information to be handled: Name, Sex, Telephone number, Email address, Address, Payment information, Membership information
  • Legal basis: GDPR/UK GDPR Art. 6 (1) b)
  • Retention period: 10 years
• (2) Newsletter
  • Processing activities: Sending commercial or promotional message
  • Information to be handled: Name, Email address
  • Legal basis: GDPR/UK GDPR Art. 6 (1) a)
  • Recipients Category: Newsletter service provider
  • Retention period: Until consent is withdrawn

10.Social Media

We operate social media pages for the purpose of self-marketing and promotion of our products. We are present on Facebook, Instagram and YouTube. When you visit our sites, the platforms will collect data about your behavior and interests and might provide us with an anonymized analysis of our user groups and interactions. We have no influence over the creation and display of these analyses and cannot stop the collection or processing of your data for this matter. We might receive the following data, separated into categories of users;

• Total number of visits
• Interactions with our posts
• Comments
• Proportion of male and female visitors
• Origin of the visit
• Clicks on certain contents such as maps or contact information
• Reach of our posts

If you directly interact with our content (such as “Liking” or “Reposing” it), we will be able to directly identify you. Should you wish to restrict this linking of your account and our social media page, please use the functionality offered on each platform to unfollow us. We use these data and our presence on social media to present ourselves in a modern way to a large audience. The usage of this data, as well as the operation of the page is based on our legitimate interest for efficient, effective and interactive promotion acc. to Art. 6 (1) f) of GDPR/UK GDPR. Furthermore, the platforms might use your data for their own purposes for market research and advertisement. Cookies might be stored on your computer, which will analyze our usage behavior. Other information on your devices, internet connection and more can be collected and connected to your account. The platforms might create a profile on you, even if you are not logged in or have no account. These profiles can be used to show you targeted advertisement on different platforms. In some cases, your data will be processed outside of the European Union. Specifically a data transfer to the US cannot be ruled out. For these cases, we have concluded Standard Contractual Clauses (SCCs) approved by the European Commission with the platform operators. You have the right to enforce your rights regarding our social media pages and the Page-Insights at any time against us or the platform. However, we advise you that in any case, the platform will deal with the request. Should you have any questions, you may contact us via the contact details mentioned above. Further information on the platforms.

11.Transfer of personal data to third countries

In order to fulfill the contract with the customer or to carry out the procedure according to the request of the customer prior to the conclusion of the contract,we may transfer personal data to a third country (including those countries where the adequate level of data protection have not been qualified). We shall use appropriate security and confidentiality measures in accordance with this Privacy Policy and laws when transferring customer’s personal data.

12.Retention periods of personal data

We will generally delete your personal data as soon as we no longer require it for the purposes for which we collected it. If any legal obligation stops us from deleting your information for a certain time, we will stop access to this information, store it securely and delete it after our legal obligation has ended.

13.Your right

At any time you can exercise your rights by contacting us or representatives directly. Please be aware that we might ask for some sort of verification of identity in order to safeguard other data subjects. These verification will be made as non-intrusive as possible. You have the following rights.

• (1) Right of access
• (2) Right to rectification and erasure
• (3) Right to restriction of processing
• (4) Right to data portability
• (5) Right to withdraw your consent