2F Nezameya Bldg 72-1 Fukakusa Inarionmaechō, Fushimi, Kyoto Japan

Tea Ceremony Canon Kyoto

Your Gateway to Japanese Tea Tradition

Privacy Policy

Last Updated: January 1, 2026

1. Data Controller

Company Name: Karen Japan Co., Ltd.
Operating Shop: Tea Ceremony Canon Kyoto
Company Address: 1F, Oyoshi Building, Fukakusa Inarinakanocho, Fushimi-ku, Kyoto, Kyoto
Shop Address: 72-1 Fukakusa Inarionmaechō, Fushimi, Kyoto Japan
Contact: booking.@.kyoto-tea-ceremony.jp

We value the protection of your personal information and comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

2. Personal Information We Collect

We collect the following information:

  • Reservation Information: Name, email address, phone number, reservation date and time, number of participants
  • Payment Information: We use Stripe as our payment processor. We do not directly collect or store your credit card information. Stripe collects and processes payment information including card details, billing address, and transaction data. Please refer to Stripe’s Privacy Policy for details.
  • Communication Records: Inquiry content, email and message history
  • Website Usage Information: IP address, browser information, access logs

3. Purpose of Use

We use your personal information for the following purposes:

  • Accepting, confirming, and managing tea ceremony experience reservations
  • Providing services to customers
  • Responding to inquiries
  • Processing reservation changes and cancellations
  • Analysis for service improvement

4. Legal Basis

Legal basis for information processing:

  • Contract Performance: For reservations and service provision (GDPR Article 6(1)(b))
  • Legitimate Interest: For service improvement and fraud prevention (GDPR Article 6(1)(f))
  • Consent: For marketing purposes (GDPR Article 6(1)(a))

5. Data Retention Period

  • Reservation information: 3 years after service completion
  • Accounting records: Period required by law
  • Inquiry records: 1 year after response completion

6. Third-Party Disclosure

We do not provide personal information to third parties except in the following cases:

  • Payment Processing Service Provider (Stripe): We use Stripe, Inc. for secure payment processing. When you make a reservation payment, your payment information is transmitted directly to Stripe. Stripe processes payment data in accordance with PCI-DSS standards and their privacy policy. Your credit card information is not stored on our servers.
  • When legally required
  • With customer consent

Stripe’s Data Processing:

  • Stripe is based in the United States
  • Stripe complies with GDPR through standard contractual clauses
  • For more information, visit: https://stripe.com/privacy

6.5 Payment Security

Credit Card Security:

  • We use Stripe’s secure payment gateway, which is PCI-DSS Level 1 certified (the highest level of payment security)
  • Your credit card information is encrypted and transmitted directly to Stripe
  • We never see or store your complete credit card details on our servers
  • All payment transactions are processed over secure SSL connections

7. Your Rights (GDPR)

If you reside in the EU, you have the following rights:

  • Right of Access: Confirmation of your personal information
  • Right to Rectification: Correction of inaccurate information
  • Right to Erasure: Request deletion of personal information (“right to be forgotten”)
  • Right to Restriction of Processing: Restriction of specific processing
  • Right to Data Portability: Receive and transfer data
  • Right to Object: Object to processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us using the contact information above.

8. Data Security

We protect personal information from unauthorized access, loss, destruction, and alteration through appropriate technical and organizational measures.

9. Use of Cookies

Our website may use cookies to improve site functionality. You can manage cookies through your browser settings.

10. International Data Transfers

Your information is primarily processed within Japan. However, payment information is processed by Stripe, Inc., which is based in the United States. We ensure appropriate safeguards are in place:

  • Stripe complies with GDPR requirements through standard contractual clauses (SCCs)
  • Stripe maintains appropriate technical and organizational security measures
  • Data transfers are conducted in accordance with GDPR Article 46

For details on Stripe’s data protection practices, please refer to their privacy policy at https://stripe.com/privacy.

11. Complaints to Supervisory Authority

If you have concerns about data protection, you have the right to lodge a complaint with the data protection supervisory authority in your region.

12. Policy Changes

This policy may be updated as necessary. Significant changes will be announced on our website.

13. Contact

For privacy-related inquiries, please contact:

Karen Japan Co., Ltd. / Tea Ceremony Canon Kyoto
Email: booking.@.kyoto-tea-ceremony.jp
Address: 1F, Oyoshi Building, Fukakusa Inarinakanocho, Fushimi-ku, Kyoto, Kyoto