Privacy policy

Privacy policy
(for customers residing in the EU)

SHOCHIKU Co., Ltd. (the “Company”) will collect and handle, pursuant to this Privacy Policy (this “Policy”), the personal data of customers residing in the EU member states and Ireland, Lichtenstein and Norway who have executed an EEA Treaty (collectively, the “EU”).

1. Contact Information

The contact information of the Company is as follows:

  • Address: Togeki Bldg., 4-1-1 Tsukiji, Chuo-ku, Tokyo
  • Inquiry form: please click here

2. Types of Personal Data

The Company will collect and handle the following personal data in relation to its provision of services:

  • Information that can identify the person and contact information
    Including, for example, name, address, telephone number and email address
  • Information regarding the person’s attributes
    Including, for example, gender and date of birth
  • Information regarding payment
    Including, for example, credit card information
  • Information regarding the use of services
    Including, for example, ticket purchase history and website access history

3. Purpose of Use and Legal Basis for Handling of Data

The Company will handle the personal data for the following purposes of use:

  • For legitimate interests that will be required by the Company when the Company engages in business (including the following purposes of use):
    (a) To statistically process the customer’s personal data, and use or provide the processed data; and
    (b) Carry out questionnaires regarding the Company’s services and related services.
  • To comply with obligations under an agreement or to perform the procedures relating to an agreement (including the following purposes of use):
    (a) Administrative matters relating to an invoice to the customer who has purchased a ticket;
    (b) Management and support of matters regarding the sales of tickets; and
    (c) Delivery of prizes if there are products that have been won.
  • To handle personal information in the event the customer gives consent (including the following purposes of use):
    (a) Notices regarding film, theater and various campaigns (where your consent is required in accordance with applicable law); and
    (b) Provision of email magazine distribution services (where your consent is required in accordance with applicable law).
  • For purposes set forth in the laws and regulations (including the following purposes of use):
    (a) For use in the event there is a need to maintain or acquire personal information to fulfill a legal obligation borne by the Company; and
    (b) When responding to requests of the government or investigative agencies.

4. Recipients of Personal Data

The Company will provide and handle the customer’s personal data to the following businesses:

  • The Company’s parent company and subsidiaries and companies belonging to affiliates (the “Shochiku Group Companies”) The Company will jointly use between each of the Shochiku Group Companies the personal data described above for the aforementioned purposes of use with the Company as the manager of the joint use. Please refer to the List of Group Companies for the Shochiku Group Companies.
  • Service providers that will be the Company’s subcontractors The Company will subcontract the handling of personal data after executing memorandums of understanding concerning the entrustment of the handling of personal data with service providers. Service providers include, for example, IT infrastructure service providers, customer management service providers, web hosting vendors, and security service providers.

5. Sources for Acquisition of Personal Data

The Company may collect other personal data directly from the customer, but in certain instances, the Company may collect personal data by receiving personal data from the Shochiku Group Companies or ticket sales subcontracted vendors.

6. Transfer to Third Country Businesses

The Company may transfer the customer’s personal data to countries outside the EU region to provide its services. Such countries may include those that the Committee has not decided as providing a sufficient level of protection with respect to the protection of personal data.
Please be advised that the Company will transfer personal data to such third countries only if proper protective measures such as of the standard data protection provisions set forth in Article 46(2) of the EU General Data Protection Regulation (the “GDPR”) are taken.
To obtain a copy of a document used for the protection of the customer’s information or to obtain detailed information, please send a letter to the Company (Togeki Bldg., 4-1-1 Tsukiji, Chuo-ku, Tokyo) or contact (click here).

7. Retention Period

The Company will retain the customer’s personal data for the period of time required to achieve the purpose of use set forth in this Policy.
The decision on the retention period of personal data is based on (i) whether or not the customer is continuing to use the Company’s services, (ii) whether or not there are legal obligations that the Company must comply with, and (iii) whether or not there is a need to perform an agreement that the customer is a party to.

8. Rights of the Customer

The customer has (i) the right to request a copy of the personal data, (ii) the right to request revisions, (iii) the right to request deletions, (iv) the right to limit the handling (or stop the processing) of personal data, and (v) the right to have the personal data provided to Shochiku for an agreement or under consent be structured and receive it in a form that is machine-readable (right of data portability), against the Company.
In addition thereto, the customer has (vi) the right to object to the handling of personal data, under certain conditions. Please refer to “9. Right to File Objection to Handling of Data” below for details.
These rights may be restricted, for example, if a third party’s personal data is disclosed by complying with the customer’s request, if the rights of someone other than the customer (including the Company’s rights) will be infringed, or if retention is required or deletion of information of which its retention has exigent legitimate interests is required by the laws and regulations. These exceptions to the rights are set forth in both the GDPR and the domestic laws of each EU state regarding privacy.
To exercise any of these rights, please send a letter to the Company (Togeki Bldg., 4-1-1 Tsukiji, Chuo-ku, Tokyo) or contact (click here).

9. Right to File Objection to Handling of Data

The customer always has the right to file an objection against the handling of personal data that is handled on the basis of legitimate interests. The handling of personal data used here includes profiling (which means to analyze and predict the customer’s actions from the customer’s information; the same applies hereafter).
If the customer’s personal data is handled for the purpose of direct marketing, the customer has the absolute right to refuse direct marketing and to refuse the profiling conducted for such purpose.
To exercise any of these rights, please send a letter to the Company (Togeki Bldg., 4-1-1 Tsukiji, Chuo-ku, Tokyo) or contact (click here).

10. Right to Withdraw Consent

If the Company is handling personal information under the customer’s consent, the customer always has the right to withdraw such consent. This withdrawal will not have effect on the legality of any handling that was conducted under the consent granted before then.
To exercise this right, please send a letter to the Company (Togeki Bldg., 4-1-1 Tsukiji, Chuo-ku, Tokyo) or contact (click here).

11. Personal Data Required to Be Provided

The personal data that is required to be provided will be indicated on the form that the customer fills out. If the provision of personal data is required, the Company will not be able to provide its services to the customer unless proper information is provided.

12. Right to File Complaint with Supervising Authorities

The customer has the right to file a complaint against the supervising authorities. The supervising authorities where the complaint can be filed include the supervising authorities of the EU member states where the customer’s place of residence or workplace is located or where the place the petition of the GDPR violation is initiated is located.