HomeHOME West Japan Railway Company Privacy Policy

West Japan Railway Company Privacy Policy

Privacy Policy

1. West Japan Railway Company Group Privacy Policy

1.1. Basic Concept

The West Japan Railway Company Group (“JR-West Group”) aspires to promote the evolution of the ties between people, communities, and society, to inspire, and to shape the future. We hope to continue to create and provide new value to our customers and to society at large by utilizing the Group’s abundant and diverse data and translating this data into real-life experiences at stations, at retail outlets, and in the local community.

On the other hand, given that the handling of such data is intimately related to the management of important personal information of our customers, etc., we will not only comply with laws and regulations, but will also actively strive to take privacy into consideration and ensure transparency so that we can dispel any concerns of our customers, etc.

1.2 Handling of Personal Information

The JR-West Group will observe the following rules regarding the handling of personal information so that we may realize the ideals set forth in the preceding paragraph.

(1) Take privacy into consideration.
In utilizing the personal information of our customers, etc., we will prioritize the provision of value to each customer and the resolution of local challenges, and will not handle such information in a manner that may infringe on the privacy of individual customers, etc.

(2) Ensure transparency in our privacy protection initiatives.
When acquiring personal information, we will expressly indicate in advance the purposes for which such information will be used in an easy-to-understand manner so that our customers, etc. can understand these purposes.
We will respond to inquiries from customers, etc. regarding their personal information appropriately and in good faith.

(3) Ensure propriety in our collaborations with business partners.
We collaborate with business partners as necessary to continue to provide new value to our customers, etc. and to society. When using personal information with business partners in the course of such collaboration (including provision to third parties, joint use, outsourcing, etc.), we require that our counterparties comply with laws and regulations, and handle personal information in an appropriate manner that respects the privacy of our customers, etc. and other considerations.

(4) Carefully manage the personal information of our customers, etc.
We will use appropriate organizational, personnel, physical, and technological measures to protect the personal information entrusted to us from leakage, theft, falsification, and other such incidents.

Note: Please refer to the JR-West Group Information Security Policy for our policy to protect information assets including personal information.

The following pertains to public announcements, etc. made by JR-West on a standalone basis. For information on public announcements made by Group companies, please contact the specific Group company that made the announcement in question.

2. Public Announcements Based on Applicable Laws and Regulations Related to the Protection of Personal Information

We will make public the following matters concerning the personal information regarding our customers, etc. that we collect and retain, in accordance with applicable laws and regulations related to the protection of personal information.
(However, for matters involving Osaka General Hospital of West Japan Railway Company, please refer to “3 (7) Medical information at Osaka General Hospital of West Japan Railway Company.”)

(1) Manager of the handling of personal information

We assume sole responsibility for the handling of personal information of our customers, etc. For our contact point, refer to 3 (5) below.

(2) Personal information that we collect

The personal information that we obtain consists of personal information provided directly by customers, etc. in association with the provision of products, services, etc., personal information obtained automatically through the use of online services, etc. by customers, etc., and personal information otherwise obtained in a lawful manner, including cases where such personal information is obtained from third parties (e.g., Group companies and service providers).

Specifically, we obtain the following personal information regarding customers, etc.

(i) Information related to services, etc. that we provid

  • - Name, address, date of birth, email address, telephone number, gender, nationality, name of affiliated company, etc./affiliated educational institution, purchase and usage history, credit card/bank account/digital money information and any principal authentication information associated therewith, passport number, Member ID and password for our services, and Member ID of other companies related to the use of our services
  • - Images captured by cameras installed at our facilities
  • - Information prescribed in membership terms and conditions that we obtain in the course of our credit card business (Article 13 of the J-WEST Card Member Terms and ConditionsPDF)
  • - Other information provided by customers, etc. at the time of application for services (including information related to physical condition, illness, allergies, and health conditions obtained in association with the use of our services), etc.

(ii) Information required to carry out our business activities

  • - Client information (name, contact information, etc.), personal number required for payment reports, etc.
  • - Information provided during the recruitment process, etc.

(iii) Details of inquiries and opinions submitted to us

  • - Information contained in correspondence with customers, etc., details of inquiries and opinions, etc.

(iv) Information about telecommunication terminals and information obtained by using cookies, etc.

  • - Cookie information, information about activities on websites and other electronic networks, location information, device identification numbers, etc.

In addition, customers, etc. may be required to provide certain personal information when using our services. Customers etc. may refuse to provide personal information to us, but if they do so, restrictions may be imposed on the services we provide to them.

(3) Purposes of use

We will use the personal information of our customers, etc. for the following purposes. We will use personal information of our customers, etc. within the scope of the purposes of use notified or announced at the time when such information is collected, and will obtain consent from customers, etc. when using such information beyond the scope necessary to achieve such purposes of use.

  • (i) Providing our merchandise and services, and managing various events, campaigns, etc.
  • (ii) Providing information on our merchandise and our services, and on the holding of various events, campaigns, etc.
  • (iii) Responding to inquiries, opinions, requests, etc. from customers, etc. related to our merchandise and our services, various events and campaigns, etc.
  • (iv) Prevention of accidents, safety checks, crime prevention measures, and security, such as by monitoring crowding conditions, etc.
  • (v) Facilitating quality improvement, refinement, research, development, and analysis*1 of our merchandise, services, safety measures, etc., and conducting questionnaire surveys for these purposes
  • (vi) Contacting customers, etc. to ensure their safety and prevent victimization by crimes, etc.
  • (vii) Taking action in case of lost articles
  • (viii) Managing administrative affairs related to our shares and servicing investors*2
  • (ix) Providing information related to recruitment and facilitating recruitment operations
  • (x) Taking action and conducting administrative affairs pursuant to the provisions of laws and regulations
  • (xi) Otherwise performing management and taking action required to carry out our business activities
  • *1 Includes analysis by obtaining purchase history, location information, and website browsing history of customers, etc.
  • *2 Includes the following actions taken with respect to shareholders:
    • - Exercise of rights and performance of obligations under the Companies Act and related laws and regulations, etc.
    • - Holding and recording general meetings of shareholders
    • - Providing various types of information and services such as shareholder benefits, etc. to our shareholders
    • - Sending questionnaires and other distributed materials to shareholders and implementing various measures, including promoting the exercise of shareholder voting rights
    • - Management of shareholders, including recording and preparation of shareholder data in accordance with various other laws, regulations, and related guidelines, etc.
    • - Researching and analyzing trends, etc. in the use by shareholders of various services we provide, and implementing various policies based on the results of such research and analysis

In addition to the purposes listed in (3), we may statistically process, utilize, or provide to other parties personal information collected from customers, etc. In such cases, the information utilized or provided will not include information that may individually identify the customers, etc.

(4) Provision of personal information to third parties and subcontractors, etc.

We may provide personal information of our customers, etc. to the following types of third parties and contractors, etc. with the consent of our customers, etc., or in accordance with applicable laws and regulations related to the protection of personal information.

  • (i) JR-West Group companies (subsidiaries and affiliates, etc., which are listed on our website and in our annual securities reports, etc.)
    Reference: https://www.westjr.co.jp/company/info/group/
  • (ii) Our business partners
  • (iii) Service providers (including IT service providers and marketing service providers)
  • (iv) Relevant authorities, public agencies, and local governments

(5) Handling of pseudonymized and anonymized information under the Act on the Protection of Personal Information of Japan

When creating pseudonymized information and anonymized information, we will do so in compliance with the Act on the Protection of Personal Information and related guidelines, etc., and will handle such information in an appropriate manner.

  • (i) When we create pseudonymized information, we will make a public announcement to that effect herePDF or provide notification by other means. In the event that such pseudonymized information is to be shared with other parties, we will make a public announcement to that effect herePDF.
  • (ii) When we create or provide anonymized information, we will make a public announcement to that effect herePDF.

(6) Shared use of personal information pursuant to the Act on the Protection of Personal Information of Japan

When creating pseudonymized information and anonymized information, we will do so in compliance with the Act on the Protection of Personal Information and related guidelines, etc., and will handle such information in an appropriate manner.

(i) Shared use of personal data related to WESTER member services

  • a. Personal data items subject to shared use
    • - Name, e-mail address, date of birth, gender, telephone number, address, WESTER ID, and WESTER service usage data
    • - Information pertaining to requests not to require DM, etc.
    • - Pseudonymized information created based on the above data and information in such a way that it cannot be used to identify an individual
  • b. Range of parties with whom data is shared
  • c. Purpose of use
    • - Provision of benefits and services from us and parties with whom data is shared to members*
    • - Surveys, research, and analysis of customer usage trends, etc.
    • - Provision of information on various events, services, etc. offered by us and parties with whom data is shared*
    • - Provision of information on various events, services, etc. at commercial facilities operated by us and parties with whom data is shared*
    • - Market research and product development based on the state of use of merchandise and services related to the commercial facilities operated by us and parties with whom data is shared
    • - Greater convenience by improving merchandise and services related to commercial facilities operated by us and parties with whom data is shared, and provision of information of particular interest and concern to members at the appropriate time*
    • - Various communications regarding merchandise, services, etc. purchased or used in commercial facilities operated by us and parties with whom data is shared.
    • - Responding to inquiries from customers
      * Includes providing guidance by analyzing information obtained from browsing history, purchase history, etc., to infer the attributes, interests, etc., of customers.
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(ii) Shared use of personal data related to the common point “WESPO”
(For WESPO members who joined prior to April 9, 2023 and who have not consented to the WESTER Privacy Policy and Our Basic Policy for the Handling of Personal Information, issued on or after March 7, 2023.)s

  • a. Personal data items subject to shared use
    • - Name, age, gender, address, date of birth, telephone number, e-mail address, membership number, etc.
    • - Information related to the use of WESPO membership cards, such as purchase history (date, location, monetary amount, number of points, etc.) at West Japan Railway Company and WESPO partners.
    • - Information regarding invalidation, withdrawal, loss, theft, etc. of WESPO membership cards
    • - Information pertaining to requests not to require DM, etc.
  • b. Range of parties with whom data is shared
  • c. Purpose of use
    • - Provision of benefits and services from us and WESPO partners to members
    • - Provision of information on various events, services, etc. at commercial facilities operated by us and WESPO partners
    • - Market research and product development based on the state of use of merchandise and services related to the commercial facilities operated by us and WESPO partners
    • - Greater convenience by improving merchandise and services related to commercial facilities operated by us and WESPO partners, and provision of information of particular interest and concern to members at the appropriate time
    • - Various communications regarding merchandise, services, etc. purchased or used in commercial facilities operated by us and WESPO partners
    • - Responding to inquiries from customers
    • - Other purposes of use comparable to the above purposes
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(iii) Shared use of personal data related to J-WEST Net member services (For J-WEST Net members who joined prior to March 6, 2023 and who have not consented to the WESTER Privacy Policy and Our Basic Policy for the Handling of Personal Information, issued on or after March 7, 2023.)

  • a. Personal data items subject to shared use
    • - Name, e-mail address, date of birth, gender, telephone number, address, J-WEST ID, and Club J-WEST service usage data
    • - Information pertaining to requests not to require DM, etc.
  • b. Range of parties with whom data is shared
    West Japan Railway Daily Service Net Company JR West Via Inn Hotels
  • c. Purpose of use
    • - Name, e-mail address, date of birth, gender, telephone number, address, J-WEST ID, and Club J-WEST service usage data
    • - Information pertaining to requests not to require DM, etc.
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(iv) Shared use of personal data related to tabiwa by WESTER services

  • a. Personal data items subject to shared use
    • - Name, email address, date of birth, gender, telephone number, postal code of residence, country of residence, WESTER ID, and usage status
  • b. Range of parties with whom data is shared
    tabiwa by WESTER partners (PDF format, 182 KB)PDF
  • c. Purpose of use
    • - Sharing ticket purchaser information and confirming with and contacting customers regarding their ticket purchases
    • - Responding to inquiries, opinions, and requests from customers in relation to the services, etc.
    • - Surveys, research, and analysis of customer usage trends, etc.
    • - Provision of information on various events, services, etc. offered by us and parties with whom data is shared
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(v) Shared use of personal data related to ICOCA usage history

  • a. Personal data items subject to shared use
    • - Usage history of ICOCA for transportation and purchases
    • - Data including ICOCA Card IDi(Usage data of WESTER services for SMART ICOCA users, linked WESTER data)
  • b. Range of parties with whom data is shared GiXo Ltd.
    Note: We have entered into a capital and business partnership with GiXo Ltd.
    JR-West Group companies (subsidiaries and affiliates, etc., which are listed on our website and in our annual securities reports, etc.)
    Reference: https://www.westjr.co.jp/company/info/group/ (Japanese only)
  • c. Purpose of use
    Surveys, research, and business analysis of customer usage trends, etc.
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(vi) Shared use of personal data related to children’s ICOCA and ICOCA commuter passes

  • a. Personal data items subject to shared use
    Name, date of birth, gender, telephone number
  • b. Range of parties with whom data is shared
    Other companies that sell ICOCA boarding passes (PDF format, 163 KB) PDF
  • c. Purpose of use
    Confirming the principal’s identity and making necessary contact in case of reissue of lost passes, etc.
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(vii) Shared use of personal data related to security camera video

  • a. Personal data items subject to shared use Video obtained with security cameras
  • b. Range of parties with whom data is shared
    Railway Technical Research Institute
  • c. Purpose of use
    Surveys and research of customer usage trends, etc. (measurement of passenger flow in a form that does not allow for identification of individuals, and verification of the accuracy of automatic measurement by AI)
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(viii) Shared use of personal data related to Rural Maas

  • a. Personal data items subject to shared use
    Name, email address, telephone number
  • b. Range of parties with whom data is shared
    Dennokotsu Inc.
    REA Inc.
    Zentan Bus Co., Ltd.
    Katsuta Kotsu Co., Ltd.
    Daiwa Taxi
  • c. Purpose of use
    • - Sharing reservation information and confirming with and contacting customers regarding their reservation information
    • - Responding to inquiries, opinions, and requests from customers in relation to the services, etc.
    • - Surveys, research, and analysis of customer usage trends, etc.
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(ix) Shared use of personal data related to +PLACE services

  • a. Personal data items subject to shared use
    Name, email address, date of birth, address, gender, occupation, telephone number, WESTER ID, reservation status, usage status, company name of corporate members
  • b. Range of parties with whom data is shared
    JR West Customer Relations Co., Ltd.
    JR West Real Estate & Development Company
  • c. Purpose of use
    • - Sharing reservation information related to bases and confirming with and contacting customers regarding reservations and use of bases
    • - Providing support for unlocking locks when entering and exiting bases
    • - Responding to inquiries, opinions, and requests from customers in relation to the services, etc.
    • - Surveys, research, and analysis of customer usage trends, etc.
    • - Provision of information on various events, services, etc. offered by us and parties with whom data is shared
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(x) Shared use of personal information related to train side camera video

  • a. Personal data items subject to shared use
    Video captured by cameras on the sides of 227 Series trains in the Hiroshima area
  • b. Range of parties with whom data is shared
    Hitachi, Ltd.
  • c. Purpose of use
    AI training and evaluation to detect safety-related events on the platform (e.g., customers coming into physical contact with rail cars) (Personal identification will not be performed.)
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(xi) Shared use of personal data related to ICOCA commuter passes (passes that include use of the JR West Miyajima Ferry)

  • a. Personal data items subject to shared use
    Name, date of birth, gender, telephone number
  • b. Range of parties with whom data is shared
    JR West Miyajima Ferry Co., Ltd.
  • c. Purpose of use
    Confirming the “Tax Exemption Certificate for Miyajima Visitor Tax” and “One-Year Temporary Certificate of Payment”
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(xii) Shared use of personal data related to stamp rallies and other excursion trip promotion services

  • a. Personal data items subject to shared use
    User ID (ID that uniquely identifies the app), WESTER ID, WESTER app usage data, WESTER services usage data, ICOCA Card IDi, ICOCA Card usage data
  • b. Range of parties with whom data is shared
    JR-West Group companies (subsidiaries and affiliates, etc., which are listed on our website and in our annual securities reports, etc.)
    Reference: https://www.westjr.co.jp/company/info/group/ (Japanese only)
  • c. Purpose of use
    • - Responding to inquiries, opinions, and requests from customers in relation to the services, etc.
    • Surveys, research, and analysis of customer usage trends, etc. in relation to the services, etc.
    • - Provision of information on various events, services, etc. offered by us and parties with whom information is shared in relation to the ervices
  • d. Name of the entity responsible for managing personal data
    West Japan Railway Company

(7) Retention period

We will retain any collected personal information for the period necessary for the purpose for which it was collected. However, this does not apply if applicable laws and regulations require that personal information be retained for a longer period of time, in which case such personal information will be retained for the period of time required by the laws and regulations.

(8) Transfer of personal information to foreign countries

Personal information of customers, etc. may be transferred to third parties located outside of the countries/regions where the customers, etc. are resident. In cases where we transfer personal information to a third party located outside of the country or region where customers, etc. are resident, we will take one of the following measures to comply with applicable laws and regulations related to the protection of personal information.

  • (i) Obtain the consent of customers, etc.
  • (ii) Ensure that the destination country/region has been designated as a country/region that provides an adequate level of protection for the rights and freedoms that customers, etc. enjoy with respect to their personal information under applicable laws and regulations related to the protection of personal information.
  • (iii) Ensure that the third party has concluded an agreement with us for the transfer of personal information as required by applicable laws and regulations related to the protection of personal information.
  • (iv) Take other measures required to comply with applicable laws and regulations related to the protection of personal information.

In addition, customers, etc. may also inquire with the contact point indicated in 3 (5) below for further details on the protection afforded to personal information when it is transferred outside the country or region where the customer is resident.

(9) Protection of the personal information of minors

We will handle the personal information of minors appropriately in accordance with this Privacy Policy. If customers, etc. are minors and the consent of a party with parental authority is required by applicable laws and regulations related to the protection of personal information, we may ask for the consent of such person with parental authority. If we learn that we have unintentionally collected or received personal information of a minor without the consent required by applicable laws and regulations related to the protection of personal information, we will delete the personal information in question.

(10) Authorized personal information protection organizations

The name of the authorized personal information protection organization of which we are a member and the contact point for complaints and consultations are as follows.
Japan Consumer Credit Association
Telephone No. for consultations related to personal information
03-5645-3360

(11) Changes to the Privacy Policy, etc.

We reserve the right to change this Privacy Policy and our public statements related to personal information without notice, but will indicate the date when the updates were made at the bottom of each page.
Note: Please check at the bottom of each page for any changes to the Privacy Policy published for each service, etc.
(Except Saturdays, Sundays, national holidays, and December 29 through January 3.)

3. Requests for Disclosure, Etc., and Inquiries, Etc.

(1) Disclosures and notification of purpose of use

If customers, etc. want to request disclosure or notification of the purpose of use of their own information held by us (limited to “Retained Personal Information” under the Act on the Protection of Personal Information in Japan; the same applies hereinafter), we will respond within a reasonable period and scope after duly confirming that those making such requests are in fact the principals themselves.

(2) Corrections, additions, or deletions

If customers, etc. wish to have their own information corrected, added, or deleted, we will, after duly confirming that those making such requests are in fact the principals themselves, correct, add to, or delete the information within a reasonable period and scope provided the information is contrary to the facts.

(3) Suspension of use and erasure

If customers, etc. themselves wish for the use of their information held by us to be suspended or for such information to be erased, we will, after duly confirming that those making such requests are in fact the principals themselves, suspend the use of the information or erase the information within a reasonable period and scope.
Please understand that, as a result of such suspension of use or erasure, we may become unable to provide the services that you wish to receive. We ask for your kind cooperation. (We may not be able to respond to requests for suspension of use or erasure of personal information held in accordance with the relevant laws and regulations.)

(4) Action taken in cases of nondisclosure, etc.

Please note that we will not be able to disclose, etc. personal information in the following specified cases. If we decide not to disclose, etc. personal information, we will notify customers, etc. to that effect and provide the reason for the decision.

[Cases where Disclosure, Etc. Procedures Are Not Initiated]

  • (i) When those requesting disclosure cannot be confirmed to be the principals of the personal information.
  • (ii) When a request is made by a proxy and the authority of agency of such proxy cannot be verified.
  • (iii) When there are problems with the prescribed documents to be submitted.
  • (iv) When the prescribed fees have not been paid (refer to (6) below).
    (Only in cases of “disclosure” and “notification of purpose of use” of obtained personal information.)

[Cases where Not Disclosed]

  • (i) When the information for which disclosure is requested does not fall under “Retained Personal Information.”
  • (ii) When disclosure would pose a risk of harming the life, physical well-being, property, or other rights and benefits of the principals or third parties.
  • (iii) When disclosure would pose a risk of causing significant interference with the proper conducting of our business.
  • (iv) When disclosure would violate other laws and regulations.
  • (v) When separate procedures for disclosure are specified in the provisions of other laws and regulations.

[Cases where Notification of Purpose of Use Is Not Provided]

  • (i) When the information for which notification is requested does not fall under “Retained Personal Information.”
  • (ii) When the purposes of use are clear.
  • (iii) When such notification would pose a risk of harming the life, physical well-being, property, or other rights and benefits of the principals or third parties.
  • (iv) When such notification would pose a risk of harming our rights or legitimate interests.
  • (v) When we are required to cooperate with a national agency or a local public body in the performance of its affairs as specified in laws and regulations, and such notification would pose a risk of causing interference with the performance of such affairs.

[Cases where Corrections, Additions, or Deletions Are Not Made]

  • (i) When the information for which corrections, additions, or deletions are requested does not fall under “Retained Personal Information.”
  • (ii) When the details of the “Retained Personal Information” are factual.
  • (iii) When separate procedures for corrections, additions, or deletions are specified in the provisions of other laws and regulations.
  • (iv) When corrections, additions, or deletions are not required in view of the purposes of use.

[Cases where Suspension of Use or Erasure Are Not Carried Out]

  • (i) When the information for which suspension of use or erasure is requested does not fall under “Retained Personal Information.”
  • (ii) When the information is handled within the scope necessary to achieve a purpose of use specified in advance (including cases in which such handling exceeds the limit necessary to rectify an infringement).
  • (iii) When the information has been obtained and used with means that are proper (including cases in which such handling exceeds the limit necessary to rectify an infringement).
  • (iv) When suspension of use or erasure is difficult due to the substantial costs involved or other difficulties, and alternative measures necessary to protect the rights and interests of the principal are taken.

[Cases Where Provision to Third Parties Is not Suspended]

  • (i) When the information for which suspension of provision to third parties is requested does not fall under “Retained Personal Information.”
  • (ii) When the information for which suspension of provision to third parties is requested is being provided with the prior consent of the principal.
  • (iii) When the information for which suspension of provision to third parties is requested is provided pursuant to laws and regulations.
  • (iv) When the provision of personal information to a third party is necessary for the protection of the life, physical well-being, or property of an individual, and it is difficult to obtain consent for such provision from the principal.
  • (v) When the provision of personal information to a third party is necessary to improve public health or promote the sound development of children, and it is difficult to obtain consent for such provision from the principal.
  • (vi) When we are required to cooperate with a national agency, a local public body, or a contractor thereof in the performance of its affairs as specified in laws and regulations by providing personal information to a third party, and obtaining the consent of the principal would pose a risk of causing interference with the performance of such affairs.
  • (vii) When the third party is an academic research institution, etc., and it is necessary for that third party to handle the relevant personal information for academic research purposes (excluding cases where there is a risk of unreasonable infringement on the rights and interests of the individual customers, etc.).
  • (viii) When suspension of provision to third parties is difficult due to the substantial costs involved or other difficulties, and alternative measures necessary to protect the rights and interests of the principal are taken.

(5) Contact points

If you contact us at the contact point below, we will provide you with information on the procedures necessary for customers, etc. to exercise their legal rights under the applicable laws and regulations related to the protection of personal information.

[Personal Information Inquiry Desk]
Telephone number: 0570‐00‐8691
Hours: 9:00 a.m. to 5:00 p.m.
(Except Saturdays, Sundays, national holidays, and December 29 through January 3.)
Click here for the online inquiries form. Link Destination: West Japan Railway Company — Inquiries, Opinions, and Requests (jr-odekake.net)
Please note that we do not accept in-person direct requests at stations or other locations.

[Examples of Typical Inquiries Received]

  • (i) Disclosure of usage history of registered ICOCA (children’s ICOCA, ICOCA commuter pass, SMART ICOCA, SMART ICOCA commuter pass) and purchase history of commuter passes
  • (ii) We do not accept requests to disclose the usage history of unregistered ICOCA or to disclose the usage history of registered ICOCA for boarding and disembarking within the section covered by a commuter pass.
  • (iii) Disclosure of usage history of WESTER members and deletion of information on members who have already canceled their membership

You may also contact our Data Protection Officer (DPO) using the contact information below.
DPO email address: west_japan_railway_dpo@westjr.co.jp

(6) How we accept requests pursuant to the Act on the Protection of Personal Information of Japan

  • (i) Please download the “Application Form for Disclosure, Etc. of Retained Personal Information” below and fill in the required information.
  • (ii) Please send the completed application form, documents verifying the identity of the customer, and stamps equivalent to the handling fee (¥774 for documents, ¥810 for CD-R) to the address to which the application form should be sent.
    • Note: If you do not submit the set of documents required for disclosure within 3 months, we will send the set of application documents, etc. that we have received up to that point back to you.
    • Note: The disclosure procedure will be initiated when we have received all documents, etc. submitted in association with a request for disclosure, etc., upon their arrival at the address specified by us as the address to which the application form should be sent.
  • (iii) We will send notification of disclosure, etc. by postal mail (by mail delivery restricted to receipt by the principal).
    • Note: If such mail cannot be received by the principal to which delivery has been restricted within 6 months, we will dispose of the mail.
    • Note: Please understand that we cannot honor requests of disclosure, etc. that are not made by this method (including direct in-person requests made at stations, etc.).
    • Note: This method is a method for making a request in accordance with the Act on the Protection of Personal Information of Japan. Legal rights under applicable laws and regulations related to the protection of personal information other than the Act on the Protection of Personal Information of Japan may be exercised by contacting us as described in (5) above.
    • Note: If you have any questions, please contact the Personal Information Inquiry Desk (telephone number: 0570-00-8691) for personalized help.
      Guide to Procedures (PDF format, 207 KB)PDF
      Application Form for Disclosure, Etc. of Retained Personal Information (PDF format, 188 KB) PDF
      Power of Attorney (PDF format, 82 KB)PDF

(7) Medical information at Osaka General Hospital of West Japan Railway Company

For information on the handling of medical information at Osaka General Hospital of West Japan Railway Company, please refer to the Privacy Policy (https://www.jrosakahosp.jp/hospital/greeting/ (Japanese only)) posted on the hospital’s website.

The hours of operation of the dedicated contact point for inquiries are as follows, but inquiries will be handled at other times as well.

Osaka General Hospital of West Japan Railway Company
1-2-22 Matsuzaki-cho, Abeno-ku, Osaka 545-0053, Japan
Telephone number: 06-6628-2221 (Main)
Dedicated contact point hours: 1:00 p.m. to 3:00 p.m.

4. Handling of Personal Information of Foreign Customers

4.1. For Customers, Etc. in the EEA/UK

This section applies to customers, etc. in the EEA and the UK. This section supplements 2 to 3 above and supersedes any provisions that conflict with 2 to 3 above.

(1) Legal bases
We will handle the personal information of our customers, etc. pursuant to the legal bases set forth below.

  • (i) Contracts
    When it is necessary for us to handle the personal information of our customers, etc., in order to fulfill a contract concluded with our customers, etc.
  • (ii) Statutory obligations
    When we are required to comply with statutory obligations.
  • (iii) Legitimate interests
    When handling the personal information of our customers, etc. is necessary to serve our legitimate interests or those of a third party (e.g., to improve or ensure the safety of our services or to conduct recruitment activities), and the interests and fundamental rights of our customers, etc. do not take precedence over the aforementioned interests.
  • (iv) Consent
    When customers, etc. have given their consent for us to handle their personal information.

The legal bases upon which we are reliant for each of the purposes for which we use the personal information described in Section 2 (3) above are as follows.

  • (i) Providing our merchandise and services, and managing various events, campaigns, etc.
    Contracts and legitimate interests
  • (ii) Providing information on our merchandise and our services, and on the holding of various events, campaigns, etc.
    Legitimate interests and consent
  • (iii) Responding to inquiries, opinions, requests, etc. from customers, etc. related to our merchandise and our services, various events and campaigns, etc.
    Legitimate interests
  • (iv) Prevention of accidents, safety checks, crime prevention measures, and security, such as by monitoring crowding conditions, etc.
    Legitimate interests
  • (v) Facilitating quality improvement, refinement, research, development, and analysis* of our merchandise, services, safety measures, etc., and conducting questionnaire surveys for these purposes
    Legitimate interests and consent
  • (vi) Contacting customers, etc. to ensure their safety and prevent victimization by crimes, etc.
    Legitimate interests
  • (vii) Taking action in case of lost articles
    Legitimate interests
  • (viii) Managing administrative affairs related to our shares and servicing investors
    Statutory obligations and legitimate interests
  • (ix) Providing information related to recruitment and facilitating recruitment operations
    Contracts and legitimate interests
  • (x) Taking action and conducting administrative affairs pursuant to the provisions of laws and regulations
    Statutory obligations and legitimate interests
  • (xi) Otherwise performing management and taking action required to carry out our business activities
    Contracts, legitimate interests, and consent
    * Includes analysis by obtaining purchase history, location information, and website browsing history of customers, etc.

(2) Rights of customers, etc.
Customers, etc. are entitled to the following legal rights with respect to the personal information that we retain related to our customers, etc.

  • (i) The right to obtain information regarding the handling of personal information pertaining to customers, etc., and the right to access personal information related to customers, etc., that we have retained
  • (ii) The right to request that we correct any inaccurate or incomplete personal information of customers, etc.
  • (iii) The right to request that we erase the personal information of customers, etc. under certain circumstances
  • (iv) The right to request that we impose restrictions on our handling of personal information under certain circumstances
  • (v) The right to raise objections with regard to our handling of the personal information of customers, etc.
  • (vi) The right to receive personal information in a structured, commonly-used, and machine-readable format, and the right to request that we transfer such personal information directly to a third party to the extent that it is technically feasible
  • (vii) The right to withdraw consent at any time if the handling of personal information of customers, etc. is carried out pursuant to such consent (however, withdrawal of consent does not affect the legality of any handling of personal information that has taken place prior to such withdrawal of consent)

Customers, etc. may exercise their rights by contacting our contact point indicated in 3 (5) above. If customers, etc. believe that we have violated their rights, they may file a complaint with the data protection authority.

(3) Transfer of personal information to areas outside of the EEA or the UK
Personal information of customers etc. may be transferred to third parties located outside of the EEA or the UK. In cases where we transfer personal information to a third party located outside of the EEA or the UK, we will take action to ensure one of the following.

  • (i) The destination country/region has been designated by the European Commission or the UK government as a country/region that provides an adequate level of protection for the rights and freedoms to which customers, etc. are entitled with respect to their personal information.
  • (ii) The third party has concluded with us a standard data protection agreement that has been approved by the European Commission or the UK government.

Customers, etc. may also inquire with our contact point indicated in 3 (5) above for further details on the protection afforded to personal information when it is transferred outside of the EEA or the UK.

(4) EU/UK agents
The contact points for our agents in the EU and UK are as follows.

  • (i) EU agent
    Name: DP-Dock GmbH
    Address: Ballindamm 39, 20095 Hamburg, Germany
    Email address: jr-west@gdpr-rep.com
  • (ii) UK agent
    Name: DP Data Protection Services UK Ltd.
    Address: 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom
    Email address: jr-west@gdpr-rep.com

4.2. For Customers, Etc. in the USA

This section applies to customers, etc. in the USA. This section supplements 2 to 3 above and supersedes any provisions that conflict with 2 to 3 above.

For Customers, Etc. in All States

  • (1) Disclosure of personal information
    We process and disclose all types of personal information as described in 2 (2) above. For information on the types of third parties to which we disclose the personal information of our customers, etc., please refer to 2 (4) above.
  • (2) Sale of personal information and targeted advertising
    The disclosure of personal information of customers, etc. to third parties by us does not constitute a sale of personal information under the laws and regulations that are applicable to our company. Moreover, we do not process the personal information of customers, etc. to facilitate targeted advertising.
  • (3) Profiling and sensitive personal information
    We do not process the personal information of customers, etc. for the purpose of profiling for use as a basis for making decisions that would have legal or similarly material repercussions.
    The personal information that we process may include sensitive personal information as defined by applicable laws and regulations.
  • (4) Rights of customers, etc.
    Customers, etc. are entitled to the following rights to the extent permitted under applicable laws and regulations.
    • (i) The right to confirm whether we are processing personal information related to customers, etc., and to request access to such personal information (if necessary, in a portable and readily accessible format)
    • (ii) The right to request the deletion of personal information related to customers, etc.
    • (iii) The right to correct inaccuracies in the personal information of customers, etc. held by us
    • (iv) The right to object to the processing of personal information for the purpose of facilitating targeted advertising and sale.

To exercise these rights, please contact us via the contact point provided in 3 (5) above.
We will respond to requests in accordance with any applicable laws and regulations, taking into consideration the type and sensitivity of the personal information that is the subject of the request, after confirming that the party making the request is the principal of the personal information in question. We may ask customers, etc. to submit additional personal information in order to verify the identity of our customers, etc. and to protect them from fraudulent requests.
In the event that the requests of customers, etc. are denied, the customers, etc. in question may be granted the right to lodge an appeal with us in accordance with applicable laws and regulations.

  • (5) Refusal of tracking
    Some web browsers allow customers, etc. to configure browser settings to disallow tracking by sending a Do Not Track (DNT) request header to the websites they visit to disallow tracking of their activities. Since no uniform technical standard has been developed for tracking denial settings, we do not currently support DNT requests.

For Customers, Etc. in California (Supplemental Items Related to the California Consumer Privacy Act)
Date of final update: [8/1/2024]

Customers, etc. who are California “consumers” as defined under the California Consumer Privacy Act of 2018 (hereinafter referred to as the “CCPA”), as amended by the California Privacy Rights Act of 2020, are subject to these supplementary provisions related to the CCPA (hereinafter referred to as the “CCPA Supplementary Provisions”).

  • (1) Acquisition, use, and disclosure of personal information
    • (i) Type, purpose, source, and retention period of personal information that is to be acquired or has been acquired: The types of personal information (as listed in the CCPA) that we will acquire, or that we have acquired during the 12-month period prior to the effective date of the CCPA Supplementary Provisions are as follows.
      • a. Identifiers: Name, address, date of birth, email address, telephone number, gender, nationality, name of affiliated company, etc./affiliated educational institution, Member ID of other companies related to usage incidental to our services, and terminal identification number
      • b. Other personal information: Information contained in correspondence with customers, etc., and details of inquiries and opinions
      • c. Protected characteristic classification: Information concerning physical body of principals
      • d. Commercial information: Purchase and usage history
      • e. Information about Internet and other electronic network activity: Cookie information and information about activity on websites and other electronic networks
      • f. Audio, electronic, visual, temperature, olfactory, or similar information: Images captured by cameras installed at our facilities
      • g. Information related to occupation or employment: Information provided during the recruitment process
      • h. Sensitive personal information: Passport number, Member ID and password for our services, credit card/bank account/digital money information and any principal authentication information associated therewith, high-precision location information, and information related to illness/allergies/health conditions
      Business or Commercial Purposes
      The business or commercial purposes for which personal information is acquired, used, or disclosed are as described in 2 (3) above.
      Types of Sources from which Personal Information is Obtained
      The following is a list of the types of sources of personal information acquired during the 12-month period prior to the effective date of the CCPA Supplementary Provisions.
      • a. Acquired directly from customers.
      • b. Acquired from a third party such as a Group company or service provider, etc.
      • c. Acquired passively through internet activities of customers, etc.
      Retention Period
      The period for which personal information is retained is as indicated in 2 (7) above.
    • (ii) Disclosure of personal information
      • a. Selling and sharing of personal information
        We do not sell or share personal information, including personal information of consumers under the age of 16, to any third party, nor do we share such information with any third party for the purpose of facilitating cross-contextual behavioral advertising, and have not sold or shared such information in the 12 months prior to the effective date of the CCPA Supplementary Provisions.
      • b. Disclosure of personal information for business purposes
        The following table provides (i) the types of personal information (as listed in the CCPA) that we have disclosed for business purposes during the 12-month period prior to the effective date of the CCPA Supplementary Provisions, and (ii) the types of third parties to whom we have disclosed personal information for business purposes during the 12-month period prior to the effective date of the CCPA Supplementary Provisions.
Types of Personal Information Disclosed Specific Examples Third Parties to Whom Personal Information Has Been Disclosed in the Past 12 Months
Identifiers Name, address, date of birth, email address, telephone number, gender, nationality, name of affiliated company, etc./affiliated educational institution, Member ID of other companies related to usage incidental to our services, and terminal identification number Group companies, business partners, service providers
Other personal information Information contained in correspondence with customers, etc., details of inquiries and opinions Group companies, business partners, service providers
Protected characteristic classifications Information concerning physical body of principals Group companies, business partners, service providers
Commercial information Purchase and usage history Group companies, business partners, service providers
Audio, electronic, visual, temperature, olfactory, or similar information Images captured by cameras installed at our facilities Business partners
Sensitive personal information Passport number, Member ID and password for our services, credit card/bank account/digital money information and any principal authentication information associated therewith, high-precision location information, and information related to illness/allergies/health conditions Group companies, business partners, service providers
  • (2) Rights and requests of customers, etc.
    If customers, etc. are California consumers, such customers, etc. are entitled to the following rights with respect to their personal information.
    • (i) Access: Customers, etc. have the right to request that we disclose to them, twice within a 12-month period, any and all personal information of the customers, etc. in question that we have acquired, used, and disclosed during the 12-month period prior to such request by the customers, etc.
    • (ii) Deletion: Customers, etc. have the right to request that we delete certain personal information that we have acquired from the customers, etc. in question.
    • (iii) Correction: Customers, etc. have the right to request that we correct any incorrect personal information related to the customers, etc. in question held by us.
    How to Submit a Request
    To request access, deletion, or correction, please contact us via the contact point provided in 3 (5) above. Request Confirmation
    To protect the privacy of our customers, etc. and to maintain security, we will take measures to verify the identity of our customers, etc. before granting them access to their personal information or responding to their requests for deletion or correction.
    When customers, etc. make a request, they must provide us with sufficient information to enable us to reasonably verify that they are the principal of the personal information we have collected, as well as sufficient details related to their request to enable us to properly assess and respond to their request. If we are unable to verify the identity of customers, etc. because they fail to provide such information, we may deny the requests of the customers, etc. in question.
    If customers, etc. use an authorized agent to request access, deletion, or correction on their behalf, we may require such agent to submit documentation that proves that the customers, etc. in question have given such agent signed authorization to make such requests. We may also require customers, etc. to (i) verify their own identity directly with us, or (ii) confirm directly with us that the customers, etc. in question have authorized such agent to submit the request.
    Additional Information
    We do not sell or share personal information of our customers, etc. to or with third parties, and therefore do not respond to opt-out preference signals from Global Privacy Control.
    Moreover, since we do not use or disclose the sensitive personal information of customers, etc. for any purpose other than the specified purposes set forth in the CCPA, such personal information is not covered by rights to limit sensitive personal information. Even if customers, etc. exercise any rights under the CCPA, such customers, etc. have the right not to be treated in a discriminatory manner by us as a result of exercising their rights.
  • (3) Changes to the CCPA Supplementary Provisions
    We may change the CCPA Supplementary Provisions as we deem appropriate. The “Date of final update” located at the top of this page indicates the date on which the CCPA Supplementary Provisions were last updated. Changes to the CCPA Supplementary Provisions will become effective when we post the revised CCPA Supplementary Provisions.
    We will post a conspicuous notice on the site to inform customers, etc. of any material changes to the CCPA Supplementary Provisions and indicate the date on which these CCPA Supplementary Provisions were last updated.
  • (4) Contact point
    If you have any questions or concerns regarding the CCPA Supplementary Provisions or our privacy practices, please contact us at the contact point provided in 3 (5) above.

4.3. For Customers, Etc. in the People’s Republic of China

This section applies to customers, etc. in the People’s Republic of China. This section supplements 2 to 3 above and supersedes any provisions that conflict with 2 to 3 above.

  • (1) How personal information is handled
    We collect, store, use, process, disseminate, provide, disclose, delete, and otherwise handle personal information.
  • (2) Sensitive personal information
    We handle bank accounts, principal identification information and passwords, purchase and usage history, electronic payment information, information related to diseases/allergies/health conditions, passport numbers, cookie information/information about activity on websites and other electronic networks, and high-precision location information as sensitive personal information. The necessity of handling sensitive personal information and the implications thereof with regard to the rights and interests of individuals are as follows.
    Necessity of Handling
    The handling of sensitive personal information is considered necessary for the provision of our merchandise and services, and for the operation of various events and campaigns, etc., or to improve quality, make enhancements, and conduct research/development/analysis related to our merchandise, services, and safety measures, etc.
    Impact on Rights and Interests
    Sensitive personal information is managed under appropriate security control measures, and the potential for its leakage, etc. to affect the rights and interests of individuals is limited.
  • (3) Provision of personal information
    We will provide personal information to the following third parties located outside of the People’s Republic of China.
    • - Name of third parties
      The third parties listed in 2 (4) above
    • - Contact information of third parties
      Please contact us via the contact point provided in 3 (5) above.
    • - Purpose of handling of personal information by third parties
      The purposes described in 2 (3) above
    • - How third parties handle personal information
      The handling methods described in (1) above
    • - Types of personal information
      The personal information listed in 2 (2) above
    • - Methods and procedures for executing rights stipulated in the Personal Information Protection Law of the People’s Republic of China in relations with third parties
      Please contact us via the contact point provided in 3 (5) above.

Updated: August 1, 2024