Privacy Policy|ANA DUTY FREE SHOP
ANA DUTY FREE

Privacy Policy

About security

Enabling visitors to use the site securely
The Site is managed and operated as described below to enable visitors to use the site securely.
Secure Sockets Layer (SSL)

The Site's security certificate can be verified using the SECOM Passport for Web Services of SECOM Trust Systems Co., Ltd. In addition, all personal information and other information transmitted via the Site is protected using SSL encryption, so that visitors can use the Site with peace of mind.

About Secure Sockets Layer (SSL) technology

Regarding the Handling of personal information
We hereby assured that information provided by customers who registered is managed appropriately and will not be provided to third parties in any form that could be used to identify individuals. Even when customers' personal information is, with their consent, provided to third parties, such parties are required to manage it appropriately and securely to the same degree as the Company.

Description of policy on using cookies to collect information on Site use

About cookies

Cookies are files stored on users’ computers when they visit a webpage, used to exchange information between their browsers and the server regarding usage histories, information input, and other information. Site administrators can use cookies to modify the content displayed to individual users when they access the same webpages again. If a user permits the exchange of cookies in the browser settings, then websites may access cookies from the user's browser.

To protect users' privacy, browsers transmit data on cookies only to the individual websites that issued the cookies.

Cookie settings

Users may choose or change their browsers' cookie settings in various ways, such as setting them to accept all cookies, to reject all cookies, or to notify the user when a cookie has been received.Setting methods vary by browser. Check your browser’s Help menu concerning how to change cookie settings.

Please note that if a user chooses to reject all cookies, use of various Internet services may be restricted. For example, you may be unable to access services that require user authentication.

The Site’s uses of cookies

The Site uses cookies for the following purposes:

  1. (1) For login information for services for ANA Duty-Free Shop registered users
  2. (2) For information on pages personalized for customers
  3. (3) For homepage settings information
  4. (4) To transmit appropriate advertising to customers on other companies' websites based on the services they use on the site
  5. (5) To research the site's number of users and traffic

The Site may store and refer to cookies for Site services via third-party subcontractors entrusted with distributing advertising for Site services.

Privacy Policy

ANA Trading Duty Free Co., Ltd. (hereinafter referred to as the Company), considers the personal information entrusted to it by customers through the business of operating DUTY FREE shops, which is essential to the provision of services that will satisfy customers fully, to be important customer property entrusted to it, and it recognizes that protection of customer personal information is one of its social responsibilities.
The Company has established, and implements and maintains, the following policies on the protection of personal information.
Collection and use of personal information
The Company collects personal information only within the extent of clearly defined purposes of collection. The Company uses personal information within an extent that does not deviate from those purposes.
Management and protection of personal information
The Company manages personal information strictly and shall not disclose or provide personal data to any third party without the customer’s consent. It also takes appropriate preventive and corrective measures to prevent unauthorized access to, loss of, damage to, unauthorized alteration of, and leakage of personal information.
Applicable laws etc.
The Company complies strictly with laws, regulations, and other standards applicable to personal information.
Continuous improvement of structure and system for managing personal information protection
The Company shall make continual improvements to its structures and systems on management of protection of personal information.

Chapter1. Regarding the Handling of personal information

1. Introduction
This Privacy Policy explains how the Company handles the personal information received from customers. Please read this Privacy Policy carefully before providing personal information to the Company or using the services and products of the Company.
Chapter 1 of this Privacy Policy describes the overview of how the Company uses customers' personal information. Chapters 1, 2, and 3 describe information by region for customers located or residing in European Economic Area/United Kingdom, People's Republic of China, and the State of California (USA), respectively.
Other policies may apply to the services and products of the Company, details of which will be provided along with the terms of the relevant service.
2. Scope
This Privacy Policy applies when customers provide personal information to the Company or use the services and products of the Company.
3. Purposes of use of personal information

The Company uses customers' personal information for the following purposes.

  1. (1) For reservations, sales, shipping, and payment for products, and services offered in shops
  2. (2) For guidance, provision, and management of other services and products offered by the Company
  3. (3) All business operations incidental and related to (1) and (2) above
  4. (4) To conduct surveys concerning Company services adf products
  5. (5) To develop new services and products.
  6. (6) For announcements, operation, management, and provision of various types of information regarding events and promotional campaigns
  7. (7) For notification of services and products offered by the Company
  8. (8) For announcements, operation, management, and provision of various types of information regarding services, products, events, and promotional campaigns handled by ANA Group member companies, partner companies, and others
  9. (9) For responding to inquiries and requests
  10. *Personal information also may be used for the purposes identified under 7. "Joint use of personal information."
4. Obtaining personal information

The Company will obtain the following personal information by fair and appropriate means for the purpose of achieving the previously mentioned purposes.

  1. (1) Information on an individual, contact information, payment information, etc.
    The customer’s name, address, telephone number, fax number, email address, employment information (company name, department/section the customer belongs to, title, address, telephone number, fax number), mailing address, date of birth, passport information, payment information including details of payment methods, such as credit and debit cards.
  2. (2) Information concerning ANA Mileage Club members and the use of subject services
    ANA Mileage Club membership number, type of membership card, member service eligibility, region, miles, credit card number, credit card expiration date, record of credit card use and related information, whether a wheelchair or other arrangements are needed, flight reservation/cancellation information, boarding, and the use of services, as well as other information as needed
  3. (3) Contents of inquiries and opinions to the Company
    Contents of information, inquiries, requests, and opinions contained in communications with customers (including their cause and resolution), etc.
    *The Company may monitor, record, store, and use communications with customers (by phone, e-mail, etc.) in order to check any instructions given by customers, provide training, prevent any crime, and improve the quality of the Company's customer service.
  4. "(4) IT and system data that include the usage of the Company's website and mobile application
    Information on how customers used the Company's website and mobile application, including cookies and action logs on the website etc."
  5. Company will never obtain and use information of a sensitive nature to the customer (hereinafter, “sensitive information”), such as information on race, beliefs, social standing, history of illness, crime records, and history of having been afflicted by crime, unless required by laws and regulations or by the consent of the customer.
5. Choice by the customer
As a rule, Company obtains personal information by the volition of the customer. Customers may experience disadvantages if they refuse to provide their personal information, such as being unable to make use of the various services provided by Company, or being unable to receive campaign notices and other Company information because a part of the functions of Company’s system become inoperable and thereby unavailable. Please note that customers may change their contact information as well as their decision on whether or not they wish to receive email magazines at any time they wish, in a manner designated separately by Company.
6. Disclosure and provision to third parties

The Company shall not disclose or provide customer personal information to third parties except in the following cases. Also, customers’ personal information including sensitive information will not be disclosed or provided to third parties under any circumstances, unless allowed by laws and regulations or by consent of the customer.

Provision of information to joint users or business entrusted companies are not considered disclosure or provision to third parties.

  1. (1) When the customer has consented to such disclosure or provision in advance;
  2. (2) When its disclosure of provision is required by law or regulations;
  3. (3) When necessary for the purposes of protecting human life, health, or property, and it would be difficult to obtain the consent of the customer;
  4. (4) When it is necessary to cooperate in the performance of official duties by a national or local public agency or similar body, and obtaining the consent of the customer could impede the performance of such duties
  5. (5) When disclosing or providing information in a state in which it is not possible to identify individuals, such as information in the form of statistical data;
  6. (6) When providing information as a result of the succession of business due to a merger, company split, transfer or business, or otherwise
  7. (7) When providing information in accordance with the procedures based on laws and regulations under the condition that the following information is put into a state where customers themselves can easily check through the Company's website and that customers have not indicated their intention to refuse the provision of the information.
  1. 1) To set a third-party provision as a purpose of use
  2. 2) Categories of personal data provided to a third party
  3. 3) Means or methods of a third-party provision
  4. 4) To suspend a third-party provision upon the customer's request
  5. 5) Methods for receiving requests from customers
7. Subcontracting
In providing services and products to customers, the Company may entrust a part of its business operations to subcontractors to which personal information may be provided to the extent required to achieve the purposes of use. In such a case , the Company will implement the appropriate management and supervision of such subcontractors, including concluding agreements with such subcontractors on the handling of customers' personal information.
8. Joint use of personal information

The Company engages in the joint use of customers' personal information as described below.

(Scope of joint users of personal information)
ANA Group member companies
(Purposes of use by joint users)
  1. (1) To provide air transportation services; tours, hotels, and other travel services; and other products and services offered by the Company or the joint user company
  2. (2) To send direct mail, provide information on products and services, and conduct surveys by the Company or the joint user company
  3. (3) For use in sales analysis and other studies and research and in development of new products and services by the Company or the joint user company
  4. (4) To notify the company in charge and handover related information in response to inquiries, applications for use, or other contact from customers regarding products or services provided by the Company or the joint user company
  5. (5) To smoothly execute other appropriate transactions with customers by the Company or the joint user company
  6. (6) For purposes of ANA Group business administration and internal management
(Items of personal information subject to joint use)
ANA Mileage Club member number, customer name, address, telephone number, fax number, email address, employer (company name, section, position, address, telephone number, fax number), shipping address, type of membership card, member service eligibility, region, miles, credit card number, credit card expiration date, record of credit card use and related information, whether a wheelchair or other arrangements are needed, flight reservation/cancellation information, boarding and use of services, content of inquiries, records of use of websites, apps, and related information
(Party responsible for management of personal information)
ANA Holdings Inc.
9. Transfer to outside of Japan
If Company provides customers’ personal information to third party business operators outside of Japan, including subcontractors, Company will take necessary and appropriate measures in keeping with laws and regulations.
10. Management of personal information
The Company shall manage customers’ personal information properly with maximum care to prevent cases such as loss of, damage to, unauthorized alteration of, and leakage of such information and shall tale appropriate measures to maintain its accuracy and keep it up to date.
The Company ensures that the board members and employees are properly trained regarding appropriate handling to safeguard the security of information identifying individual customers. An appropriate retention period for personal information will be established in accordance with the purpose for which such information is used. After the purpose of the information has been achieved, Company will dispose of the information in question by appropriate methods.
11. Request regarding the handling of personal information

When the Company receives a request from a customer in a specified manner for the disclosure, correction, deletion, addition, cessation of the use, or erasure (hereinafter "Disclosure etc.") of the customer's personal information stored in a database held by the Company, the Company will handle the request according to laws and regulations as follows within a reasonable timeframe and scope, after confirming that the request was made by the customer themselves.

  1. (1) Requests for disclosure
    The Company will disclose the item or the purpose of use of personal information in accordance with the customer's request.
  2. (2) Requests for correction, partial deletion, or addition
    The Company will correct, delete, or add the contents of personal information to the extent appropriate and possible after due review of the contents of the request.
  3. (3) Requests for cessation of use or removal
    The Company shall, within the extent that is appropriate and feasible, cease the use of the items of personal information specified by the customer in accordance with the content of the request, or remove them if so requested.

Before requesting cessation of use or removal of personal information, note that doing so may make it impossible to provide services that had been available for use until then or other services as requested by the customer. Also, the Company may not be able to respond to such a request from the customer if doing so would markedly impede the Company's ordinary business operations or could violate the provisions of laws or regulations.

12. Submission of request for disclosure, etc.

The method of submitting requests for disclosure etc. or notification of the purposes of use of personal information received by the Company from customers and contact information for inquiries are as follows.

Request for disclosure etc.
(1) Contact information for inquiries
Please direct any inquiries regarding customer personal information to the contact point shown on the website used.
Requests for disclosure etc. shall be made through the method described below. Send such a request to the address below, after enclosing in the envelope the Company’s designated form, the necessary documents, the fee, and a return envelope.
(2) Where to send the necessary documents
282-0005 ANA Duty Free Shop Web Site Privacy Dept., ANA Trading Duty Free Co., Ltd.
5F, ANA Narita Sky Center, Narita International Airport, Narita, Chiba Prefecture, Japan
(3) Necessary documents to submit

To request disclosure, enter all necessary information on the following request form (A) and send it by post with the identification documents (B) enclosed. Note that a request for disclosure may not be responded to when the form is incomplete or there is a discrepancy in the necessary documents.
Download request form (A) from the Company website in PDF format.

(A) The Company’s designated request form
Request for Disclosure etc. of Personal Data
(B) Documents for confirming the requester’s identify as the individual concerned by the personal information or his or her representative
(For a request by the individual concerned by the personal information)
  • Copies of two of the following: a driver’s license, health insurance card, pension booklet, passport, basic resident register card with a face photo, residence card or special permanent resident certificate, physical disability certificate, certificate of registered seal, Individual Number Card (front page only)
(For a requested by a legal representative [parent or guardian])
  • Documents proving that the representative is a legal representative of the user (such as a family register or certificate of residence)
  • Proof of identification of the legal representative (copies of two of the following: a driver’s license, health insurance card, pension booklet, passport, basic residents’ registry card with photo)
(For a request by an authorized representative of the individual concerned by the personal information)
  • A letter of attorney from the user (with the registered seal of the user affixed on the request form for disclosure etc. of the "Retained Personal Data")
  • A seal-registration certificate of the individual concerned
  • Proof of identification of the authorized representative (copies of two of the following: a driver’s license, health insurance card, pension booklet, passport, basic resident register card with a face photo, residence card or special permanent resident certificate, physical disability certificate, certificate of registered seal, Individual Number Card (front page only)
(4) Fee
Customers are required to pay 500 yen for each request for Disclosure etc. Please enclose postal stamps equivalent to the fee when making a request.
(5) Timing of disclosure
The personal information requested shall be sent to the requester by postal mail after receiving and verifying the request form for disclosure.
(6) Other matters
It may take some time before a request for correction, partial deletion, addition, cessation of use, full deletion, etc. is reflected in all services. Please note that in such a case, the timing of reflecting such a request may vary slightly from the timing announced by the Company.
13. Amendments to the Privacy Policy
The Company may amend this Privacy Policy. In such a case, the amended Policy will be posted on the Company website. Please check the content of the amended Policy closely.

Chapter 2. Regarding the Handling of personal information of EEA and UK Residents

1. Introduction

Chapter 1 explains regarding the handling of personal information of customers in the European Economic Area (countries in this Area are hereinafter collectively the "EEA") and/or the United Kingdom (hereinafter the "UK") in accordance with EU General Data Protection Regulation 2016/679 (hereinafter "GDPR") and the UK Data Protection Act (hereinafter "DPA 2018"), and other national and international data protection and privacy laws and regulations of the EEA and/or the UK (hereinafter collectively "Data Protection Laws"). Please note that the UK's laws are similar to those in the EEA, and customers from both jurisdictions have very similar rights. Therefore, references to the GDPR in this chapter shall also be read as references to the corresponding UK law.

When a customer under the age of 16 uses the Company's services and others, a customer is required to obtain the guardian's consent or permission to the consent to such use. A customer who uses the Company's services or inputs data on behalf of the data subject shall apply for regarding the handling of personal information by the Company with the consent of the data subject.

In the event that any provisions of this chapter contradict those of Chapter 1, the provisions of this chapter shall prevail.

2. Controller of personal information
The controller of customers personal information shall be the Company. The Company protects personal information that is collected and used by controllers (who make decisions on the method and purpose of the handling of customers personal information) and processors (who act on the controller's written instruction) pursuant to Data Protection Laws.
3.Legal grounds for processing personal information

The Company protects customers personal information by processing such information only to the extent necessary for specific purposes (as set forth in Article 2. (Purposes of use of personal information) of Chapter 2 of this Privacy Policy) pursuant to Data Protection Laws.
The Company processes customers' personal information based on any of the following legal grounds.

  1. (1) When a customer consents to the processing (Article 6 (1)(a) of GDPR)
    Consent will usually only be applied for promotional and marketing related processing, or in some cases, for processing in relation to sensitive personal data.
  2. (2) When processing is necessary in order to perform or take steps to enter into a contract (Article 6 (1)(b) of GDPR)
    This becomes grounds for processing customers' information that is essential to providing services by the Company, including information on customer's identity, contact, payment, and travelling.
  3. (3) When the Company needs to process the information to comply with legal obligations (Article 6 (1)(c) of GDPR)
    This includes sharing personal information with customs, immigration authorities, law enforcement, as well as legal obligations towards customers and the Company's employees.
  4. (4) When the information is required to protect the vital interests of customers or third parties ((Article 6 (1)(d) of GDPR), for example in the event of a medical emergency.
  5. (5) When the processing of personal data is necessary for the legitimate interests of the Company or third parties and these interests are not overridden by customers' rights under Data Protection Laws (Article 6 (1)(f) of GDPR)
    This includes the use of personal information necessary to operate the Company's business and to maintain, develop, and improve the Company's products and services and provide the best possible customer experience.
4. Request Regarding the Handling of personal information

Data Protection Laws allow customers to have the following legal rights.

  1. (1) Request for disclosure
    The customer may request copies of the customer's personal information held by the Company and details of how the Company processes it.
  2. (2) Request for correction or updating
    The Company will correct or update the customer's personal information wherever possible after due review of the request.
  3. (3) Request for deletion
    The customer may request that the Company delete the whole or part of the customer's personal information held by the Company. The Company will consider the request and delete the information where the information is no longer required, or the law does not permit the Company to continue to retain it.
  4. (4) Transferring personal information
    The customer may request a copy of the customer's personal information in a structured, common, machine-readable format. The transfer of personal information only applies to personal information that the Company obtains from the customer and processes on the basis of the customer's consent or in order to perform a contract and that is processed by automated means.
  5. (5) Objecting to processing
    The customer may make an objection to processing aiming for the legitimate interests of the Company or a third party or for direct marketing. The Company will cease processing the customer's information unless the Company can demonstrate compelling legitimate grounds for such processing that override the customer's interests. The Company will cease the processing if the customer's objection is to direct marketing.
  6. (6) Restrictions on the method for using personal information
    The customer may restrict the use of the customer's personal information by the Company under certain circumstances. Where this applies, any processing of the customer's personal information (other than storing it) is carried out legitimately only when the customer's consent is obtained, or when the processing is required for legal claims, protecting certain rights, or important public interest.
  7. (7) Right to withdraw consent
    If the processing of the customer's personal information is based on consent, the customer has the right to withdraw the consent at any time. Please note that the above right is not absolute and does not apply in every situation. There are also legal exemptions that apply to some situations. In such case, the request may be refused. If a request is refused, the Company will inform the customer of reasons therefor when the Company responds. Records of requests made to the Company will be retained so that the Company may ensure that the Company complies with legal obligations.
  1. 1) Making a request or objection
    The customer may exercise the customer's rights free of charge (in the case of an unreasonable, excessive, or repeated request, the Company may charge a fee or refuse the request). The method set forth in Article 12 of Chapter 1 (Submission of request for Disclosure etc. and the contact information for inquiries) shall apply to the method for submitting the request under this Article.
  2. 2) Responding to a request
    The Company will, after receiving the request, verify and respond to the request. The Company may, as necessary, ask for identification or the proof of authority to submit a request (if the customer is making a request on behalf of a third party). If the request is particularly complex or the customer has made a number of requests, it may take longer to provide a detailed response. Please also bear in mind that there are exceptions to the right above and some situations where the customer is unable to exercise the right.
    If the customer is not satisfied with the Company's response to the customer's request or if the customer thinks the customer's personal information has been mishandled, then the customer has the right to complain to a supervisory authority. Please refer to Article 9 of this Chapter 2 (Lodging a complaint with an authority) for further details.
5. Data sharing necessary to provide products and services

The Company's products and services are provided in cooperation with other companies and organizations and may share personal information with these third parties in order to carry out business operations. These third parties include:

  1. (1) ANA Group member companies
  2. (2) Organizations with which the Company is legally required to share personal information
    Government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
  3. (3) Service Providers
    Subcontractors handling ANA flights, airports, and airlines that form partnerships with the Company, various service providers, companies with whom the Company has a marketing partnership, etc.
    When the Company entrusts any service provider with processing data, the service provider processes the data pursuant to a contract that meets the requirements of applicable Data Protection Laws.
6. Marketing communications
The Company distributes marketing information from time to time to provide interested customers with news and details of products and services. The Company distributes the information only when the recipient has consented to receive marketing information or when the recipient is a customer who purchased any product or service from the Company and did not select opt-out from marketing though the customer had an opportunity to opt-out.
7. Where personal information is stored and transferred

The Company is located in Japan, and many of the service providers and other organizations with whom the Company shares customers' personal information are located in jurisdictions outside the EEA and the UK. Japan has been recognized by the European Commission as providing adequate protection for personal information.

When transferring personal information to third parties, the Company will comply with the requirements of Data Protection Laws, including the adequacy decision between Japan and EU and related Japanese laws and regulations. However, please note that in countries outside the EEA and the UK, customers' personal information is not necessarily protected by national laws. If the customer would like more information regarding where the customer's personal information is stored and transferred, please contact the contact information for inquiries set forth in Article 12 of Chapter 1 (Submission of request for Disclosure etc. and the contact information for inquiries).

8. Retention period for personal information

The Company shall retain personal information until the purposes of use are achieved. It has established specific retention periods for personal information as described below.
For other personal information, the Company determines an appropriate retention period according to the nature of the information and the purpose of the retention thereof taking into account legal and accounting requirements, business necessity, and other factors.

  1. (1) ANA Duty Free Shop duty-free item reservation site member information
    Until completion of procedures for cessation of use or deletion requested through the four methods described below for information provided when using the ANA Duty Free Shop duty-free item reservation site
  2. (2) Other personal information
    The period necessary for the purposes of use consented to by the customer
9. Lodging a complaint with an authority

Customers have the right to lodge a complaint on the processing of their personal data with the data protection authority having jurisdiction over their residence. Please use the following URL to contact the authority having jurisdiction over your residence

EEA residents: Please contact the customer's national supervisory authority,
details of which can be found on the website of European Date Protection Board (https://edpb.europa.eu/about-edpb/board/members_en).

UK residents: Please contact the Information Commissioner-edpb/boa(www.ico.org.uk)

10. The contact information of Controller of personal data and data protection officer

Controller of personal data:ANA Trading Duty Free Co., Ltd.
5F, ANA Narita Sky Center, Narita International Airport, Narita, Chiba Prefecture, Japan data protection officer:ml_notice_adf-pp@anadf.com

Chapter 3. Regarding the Handling of personal information of residents of China at the Company

In addition to Chapter 1, the provisions of Chapter 3 shall apply to regarding the handling of personal information of customers residing in the People's Republic of China (hereinafter “China”) pursuant to the China Cybersecurity Law and related legislation. In the event that any provisions of this chapter contradict those of Chapter 1, the provisions of this chapter shall prevail.
1. Introduction
When a customer under the age of 18 uses the Company's services, the customer is required to obtain the guardian's consent or permission to the consent to such use. A customer who uses the Company's services or inputs data on behalf of the data subject shall apply for regarding the handling of personal information by the Company with the consent of the data subject.
2. Retention period for personal information

The Company will retains the customer's personal information until the purposes of use is achieved. In particular, Company sets the retention period for personal information as follows.

  1. (1) Membership information of the ANA DUTY FREE SHOP Duty Free Reservation Site
    For information provided when using the ANA Duty-Free Shop Duty-Free Reservation Site, until cessation of use or removal has been requested as described under 4 below and the related procedures are complete.
  2. (2) Other Personal Information
    Period necessary for the agreed purposes of use
3. Technology and measure to protect customers’ personal information
(1) Company takes security measures to protect customers’ personal information from leakage, loss or damage. Specifically, Company takes the following measures to protect customers' personal information.
  • Company develops website with https and sets SSL encryption to secure important customers' data (credit card information, etc.) communication between the customers' web browser and the server.
  • Company uses encryption technology for protecting personal information.
  • Company sets access control for protecting unauthorized person from accessing personal information.
  • In order to raise employee awareness of the importance of protecting personal information, Company provides education and training on security and privacy protection.
(2) Company will take all reasonable and practicable steps to ensure that no irrelevant personal information is collected. Company will only retain customers’ personal information for the period of time required to achieve the purposes stated in this Privacy Policy, unless an extension of the retention period is required or permitted by law.
(3) In the event of personal information being at risk, Company will promptly inform customers of the relevant circumstances of the incident in accordance with the requirements of laws and regulations and report the regulatory authorities.
4. Request regarding the handling of personal information

In addition to the provisions under Chapter 1 Article 9 (Requests for Disclosure and Inquiries), the Company will respond to requests concerning personal information in its possession for customers residing in the People's Republic of China as described below within the period and extent reasonable and in accordance with applicable laws and regulations. It will confirm the identity of the requester before responding to such a request.

  1. (1) Request for withdrawal of consent
    Personal information will be deleted or suspended in accordance with the customer’s request, wherever possible and appropriate, after due review of the request.
    However, please note that such requests may prevent customers from being provided with services that they had utilized, or may impede the provision of services in accordance with their wishes.
  2. (2) Methods for submission of requests
    Customers may submit requests by following methods.
  1. 1) Please contact to the following.
    Contact email address:ml_notice_adf-pp@anadf.com
    To apply, download the Application for Disclosure, fill it out, and send the disclosure application form and necessary documents attached to an email.
  2. 2) Required documents

    1. ①Application forms
      Form requesting disclosure(PDF format / 200KB)
    2. ・Identification documents
    [For the individual]
    • ①Copies of two from the following: passport, health insurance certificate, basic resident registration card with photo, Chinese ID, or other official document
    [For a representative (Both①and②below are required)]
    • ①Letter of trust (legal representatives must provide a certifying document)
    • ②Documents to identify the representative (copies of two from the following: passport, health insurance certificate, basic resident registration card with photo, Chinese ID, or other official document)
  3. 3) Contact Us
    Japan +81-476-34-8615 (Please make a collect call.)
5. Transfers

The company may provide customers’ personal information to joint users of personal information or outside contractors to be processed by such third parties when using personal information jointly with or subcontracting operations to them, to implement the purposes of use specified above. Third parties to whom Company will disclose the personal information of the customers include those located outside China (including Japan), the customers shall be deemed as having consented to the following matters by consenting to the Privacy Policy:

  1. (1) In the case that the country which the third party is located outside China does not have the same data protection laws as China, many of the rights provided in China to the data subjects will not necessarily be provided.
  2. (2) The customers’ personal information may be provided for the purposes specified above to the subsidiaries and affiliates of ANA group companies or third parties outside China.
6. Change of purposes of use of personal data
In the case of a change to the purposes of use of personal information, Company will announce the revised Privacy Policy in advance on the Company website (https://www.anadf.com) and the Company will use personal information in accordance with the new purposes of personal information after obtaining consent from customers.
7. Basic information of Controller of personal information
ANA Trading Duty Free Co., Ltd.
5F, ANA Narita Sky Center, Narita International Airport, Narita, Chiba Prefecture, Japan

Chapter 4. Regarding the Handling of personal information of California residents at the Company

In addition to Chapter 1, the provisions of Chapter 4 shall apply to regarding the handling of personal information of customers residing in California, United States of America pursuant to the California Consumer Privacy Act of 2018 (hereinafter the "CCPA"). In the event that any provisions of this chapter contradict those of Chapter 1, the provisions of this chapter shall prevail.
The terms used in Chapter 4 are based on the definitions provided in the CCPA. Especially, the term "Sale" means the Company's selling, lending, releasing, disclosing disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a customer's personal information to another business operator or a third party in exchange for monetary or other valuable consideration. However, if the Company concludes an appropriate agreement with another business operator or a third party concerning regarding the handling of personal information, activities mentioned above are not regarded as "Sale" under the CCPA.
1. Acquisition of personal information
Personal information likely to be collected in the future or collected in the preceding 12 months by the Company is as defined below. The Company will acquire such personal information directly from customers for purposes as provided in Article 3 (Purposes of use of personal information) of Chapter 1.
Category of personal information to be collected Example of personal information
Identifiers
(Name, symbol, etc. used to uniquely identify a particular subject)
The customer's name, address, telephone number, fax number, mailing address, email address, passport information, ANA Mileage Club membership number, etc.
Additional data subject to the California Customer Records Statute
(All categories of personal information set forth in Cal.Civ.Code Sec.1798.80(e))
The customer's physical and medical information related to boarding, credit card number, payment information including details of credit/debit card and other payment methods, etc.
Characteristics of classifications protected under California or federal law The customer's dietary restrictions, etc.
Commercial information The type of customer's ANA Mileage Club membership card, membership service status, membership area, mileage status, credit card expiration date, usage history of the credit card and related information, need for a wheelchair or other special arrangements, flight reservation and cancellation information, usage history of flights and services, details of travel plans and arrangements including flights with ANA and other airlines, accommodations, and other transportation arrangements, information contained in correspondence with customers, contents of inquiries, requests and opinions, etc.
Information on activities through the Internet or other electronic networks Information on how the customer used the Company's website and mobile application including cookies and action logs on the website, etc.
Information on occupation or employment The customer's employment information (company name, department/section the customer belongs to, title, address, telephone number, fax number), etc.
2. Sharing of personal information
  1. (1) Sale of personal information
    The Company will not sell customers' personal information (including personal information concerning minors) to third parties, and has not sold such personal information in the past 12 months.
  2. (2) Disclosure of personal information for business purposes
    The categories of customers' personal information that the Company has disclosed in the past 12 months for business purposes and the categories of third parties to which such personal information has been disclosed are as follows.
Category of personal information to be collected Example of personal information Third party to which personal information has been disclosed in the past 12 months
Identifiers
(Name, symbol, etc. used to uniquely identify a particular subject)
The customer's name, address, telephone number, fax number, mailing address, email address, passport information, ANA Mileage Club membership number, etc. ANA Group member companies, subcontractors handling ANA flights, airports, and airlines that form partnerships with the Company, various service providers, companies with whom the Company has a marketing partnership, government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
Additional data subject to the California Customer Records Statute
(All categories of personal information set forth in Cal.Civ.Code Sec.1798.80(e))
The customer's physical and medical information related to boarding, credit card number, payment information including details of credit/debit card and other payment methods, etc. ANA Group member companies, subcontractors handling ANA flights, airports, and airlines that form partnerships with the Company, various service providers, companies with whom the Company has a marketing partnership, government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
Characteristics of classifications protected under California or federal law The customer's dietary restrictions, etc. ANA Group companies and subcontractors handling ANA flights
Commercial information The type of the customer's ANA Mileage Club membership card, membership service status, membership area, mileage status, credit card expiration date, usage history of the credit card and related information, need for a wheelchair or other special arrangements, flight reservation and cancellation information, usage history of flights and services, details of travel plans and arrangements including flights with ANA and other airlines, accommodations, and other transportation arrangements, information contained in correspondence with customers, contents of inquiries, requests and opinions, etc. ANA Group member companies, subcontractors handling ANA flights, airports and airlines that form partnerships with the Company, various service providers, companies with whom the Company has a marketing partnership, government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
Information on activities through the Internet or other electronic networks Information on how the customer used the Company's website and mobile application including cookies and action logs on the website, etc. ANA Group member companies, various service providers, companies with whom the Company has a marketing partnership, government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
Information on occupation or employment The customer's employment information (company name, department/section the customer belongs to, title, address, telephone number, fax number), etc. ANA Group member companies, various service providers, companies with whom the Company has a marketing partnership, government organizations, regulatory and law enforcement authorities, courts, customs, immigration authorities, third-party organizations, etc.
3. Request regarding the handling of personal information

Customer residing in California have the following rights concerning their own personal information

  1. (1) Access right
    Customers have the right to make a request to the Company for the disclosure of the following information regarding their personal information acquired, used, and disclosed by the Company within 12 months before the date of the request (hereinafter "Access Right") up to twice in 12 months.
    • The category of the customer's personal information collected by the Company
    • The source of the acquisition of such personal information
    • Business or commercial purposes for the acquisition of such personal information
    • The category of a third party with which such personal information has been shared
    • The customer's specific personal information acquired by the Company
    • The category of the customer's personal information disclosed by the Company for a business purpose
    • The category of third parties to which each category of such personal information has been disclosed
  1. (2) Deletion right
    Customers have the right to make a request to the Company for the deletion of certain personal information acquired from customers by the Company (hereinafter "Deletion Right").
  2. When exercising the Access Right or Deletion Right, please contact the Company through the following contact information. The Company will handle requests from customers within the time frame and scope provided in the relevant laws and regulations. Before accepting a request from a customer, the Company will verify the identification of the customer as stated below.
  1. 1) Methods for submission of requests
    Contact email address:ml_notice_adf-pp@anadf.com
    Tell: +81-476-34-8615 (Please make a collect call.)
  2. 2) Required documents

    1. ①Application forms
      Form requesting disclosure(PDF format / 200KB)
    2. ・Identification documents
    [For the individual]
    • ①Copies of two from the following: driver’s license, passport, health insurance certificate, basic resident registration card with photo, Social Security Card, Green Card, California State ID Card, or other official document
    [For a representative (Both①and②below are required)]
    • ① Letter of trust (legal representatives must provide a certifying document)
    • ② Documents to identify the representative (copies of two from the following: driver’s license, passport, health insurance certificate, basic resident registration card with photo, Social Security Card, Green Card, California State ID Card, or other official document)

In principle, the Company will not treat customers who have submitted such requests in a discriminatory manner, such as changing the content of services. However, please note that deleting personal information may prevent customers from being provided with services that have been available to customers or may impede the provision of services that meet customer needs.Revised: March 31 2021