August 13, 2020 Osamu Osada, CEO of Choei Inc.

Choei Inc. (hereinafter referred to as "the Company") is based on the EU (General Date Protection Regulation, hereinafter referred to as "GDPR"). We will handle the personal information which applies to GDPR as follows, work on the protection of personal data, proper management and proper use.

1　Personal information obtained from customers

We will handle the necessary personal information for the purposes stated in "Purpose of use of personal information and legal basis" in the next section. In addition, we may handle information that requires special consideration for the performance of contracts and the legitimate interests of our company and affiliated companies based on the standards of GDPR.
[Personal information Collection]
Customer's name, address, telephone number, email address, gender, date of birth, country of residence (area of residence), passport number, work unit information (company name, length of service, etc.), cookie information (Includes information handled by technologies similar to this. Hereinafter referred to as "cookies"), website access history, etc.

2　Purpose of use of personal information and legal basis

We will handle your personal information based on legal grounds use for the following purpose. In addition, it’s possible to handle personal information based on consent of customer, other than those specified in the following items.

• (1)　Accommodation facility management (accommodation business operation / management, event implementation, etc.) (Legal basis: performance of contract / legitimate interests)
• (2)　Accommodation reservation procedure, settlement procedure (legal basis: performance of contract / legitimate interest)
• (3)　For introduction of properties, communication of application results, credit inquiry to credit information agencies, occupancy examination, lease contract, joint guarantee contract, management consignment contract, sublease original contract, conclusion ,performance, and contract management of mediation contract, implementation of management and after-sales service after signing contract (legal basis: performance of contract, legitimate interests)
• (4)　For introduction of other real estate and services of our company, the introduction of products and services of our business partners that we think are useful to our customers, to send questionnaires, etc. (include no deal) (legal) Rationale: Legitimate interests)
• (5)　Insurance brokerage business (legal basis: performance of contract / legitimate interest)
• (6)　Correction / deletion of information registered in our service (legal basis: performance of contract)
• (7)　Support and safety measures for customers who visit our company’s facilities, confirmation of surveillance camera, investigation and report when an accident happens (legal basis: fulfillment of contract, legal obligation)
• (8)　Exercise rights and perform obligations based on laws and regulations (legal basis: legitimate interests)
• (9)　Business related to the previous items

3　Security management of personal information

We will take appropriate measures, establish internal regulations and systems, conclude necessary confidentiality agreements, educate employees, etc.to prevent leakage, loss, or damage of customer's personal information.

4　Use of cookies

We use cookies on some of our related web pages. Customers can limit or allow the use of cookies by setting browser. The setting method differs in depending on the browser. Please note that if you select the setting to reject all cookies, you may be restricted in using various services on the Internet, such as not being able to receive services that require authentication. In addition, the Group of our company may store and refer to the Group's cookies via a third party based on the consignment to a third party that outsources the distribution of the Group's advertisements.

5　Rights of Customer

You have the following rights to us regarding your personal information.

• (1)　Right to request access (disclosure of purpose, type, destination, retention period, acquisition source, etc.)
• (2)　Right to request correction or deletion
• (3)　Right to request for handling restriction
• (4)　Right to making a deal
• (5)　Right to request the person or a third party to transfer the person's personal information

6　Withdrawal of consent

Customers can withdraw consent at any time after giving consent to personal information.

7　Appeals to regulatory agencies

Customers can make a deal to the supervisory of each country that manages residence data of customers regarding our handling of your personal information.