Privacy Policy

1. At a Glance

• We collect only the information needed to operate the JTTP B2B travel trade platform and respond to inquiries.
• We never sell your personal information.
• We retain your data until you ask us to delete it — see Section 14 below to contact us at any time.
• You can request access, correction, deletion, portability, or withdrawal of consent at any time.
• We comply with the EU/UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), Japan's Act on the Protection of Personal Information (APPI), and other applicable privacy laws.

2. Scope of This Policy

This Privacy Policy applies to personal information we collect through japantraveltradeportal.com, the JTTP trade portal (trade.txj.co.jp), and any related services, forms, or communications operated by TXJ (collectively, the "Services").

3. Information We Collect

• Business contact information: name, job title, company / trading name, company registration number, business email, business phone, business address, country, website URL.
• Account information: login credentials, role, preferences, and profile information for the trade portal.
• Inquiry & form content: the messages, requests, regions, property types, and other details you submit through Buyer Registration, Property Request, or Listing Application forms.
• Transaction & usage data: booking records, commission calculations, and platform activity logs.
• Technical data: IP address, browser type and version, device type, operating system, referring URL, pages viewed, and timestamps — collected via server logs and cookies.

We do not knowingly collect special categories of data (e.g. health, biometric, religious data) or data from children under 16.

4. How We Use Your Information & Legal Bases

Under the GDPR and similar laws we rely on the following legal bases:

• Contract: to provide the Services, process registrations, applications and bookings, and operate your account.
• Legitimate interests: to maintain platform security, prevent fraud, improve our Services, and conduct B2B outreach to industry contacts.
• Consent: for non-essential cookies, marketing emails, and optional communications. You may withdraw consent at any time.
• Legal obligation: to comply with applicable laws, tax and accounting rules, and lawful requests from authorities.

5. Cookies and Similar Technologies

We use strictly necessary cookies to operate the site (e.g. session, authentication, language preference) and, where you have consented, analytics or performance cookies to understand how the Services are used.

How to control or delete cookies: you can manage or delete cookies at any time through your browser settings (Chrome, Safari, Firefox, Edge).

To request deletion of cookie-related identifiers we hold about you, or to withdraw analytics consent, please contact us using the details in Section 14. Disabling strictly necessary cookies may break parts of the Services.

6. How We Share Information

We do not sell your personal information and we do not share it for cross-context behavioral advertising. We share information only with:

• Service providers / processors that host the site, store database records, send transactional email, and operate analytics — under written agreements requiring confidentiality and GDPR-compliant safeguards.
• Trade partners (e.g. properties or DMCs) only when necessary to fulfil a request you have submitted.
• Legal & regulatory authorities when required by law or to protect rights, property, or safety.
• Successors in connection with a merger, acquisition, or asset transfer, subject to this Policy.

7. International Data Transfers

JTTP is a global B2B platform. Your information may be processed in Japan, the European Economic Area, the United Kingdom, the United States, and other countries where our service providers operate. Where we transfer personal data out of the EEA, UK, or other regulated regions, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or adequacy decisions.

8. Data Retention

We retain your personal information for as long as needed to provide the Services and until you ask us to delete it. You may request deletion at any time using the contact details in Section 14. We will delete or anonymise your data within 30 days of a valid request, except where we are required by law (e.g. tax, anti-fraud or accounting obligations) to retain certain records for longer.

9. Your Privacy Rights

Depending on your location, you have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Request deletion ("right to be forgotten") of your personal information and cookie identifiers
• Restrict or object to certain processing
• Receive your data in a portable format
• Withdraw consent at any time
• Opt out of the "sale" or "sharing" of personal information (we do not sell or share — but you may still submit a request)
• Not be subject to solely automated decision-making with legal or similarly significant effects
• Lodge a complaint with your local supervisory authority

To exercise any of these rights, please contact us using the details in Section 14. We will respond within 30 days (or the period required by applicable law).

10. Region-Specific Notices

EEA / UK (GDPR & UK GDPR): the data controller is Tourism Exchange Japan, LLC. Use the contact details in Section 14 for all data protection matters.

California (CCPA / CPRA): in the prior 12 months we have collected the categories of personal information described in Section 3 for the business purposes in Section 4. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.

Japan (APPI): 当社は個人情報の保護に関する法律（個人情報保護法）に従って個人情報を取扱います。開示・訂正・利用停止・削除等のご請求は、下記第14項の連絡先までご連絡ください。

11. Data Security

We implement appropriate technical and organisational measures including encryption in transit (TLS), access controls, least-privilege permissions, and Row-Level Security on our database. No method of transmission or storage is 100% secure; please notify us immediately if you suspect an incident.

12. Children

The Services are intended for B2B travel trade professionals and are not directed to children under 16. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Effective date" above. Material changes will be communicated by email or a prominent notice on the Services where appropriate.