Privacy Policy

Our Commitment to Privacy

At Kiban-sha, we recognize that privacy is fundamental to building trust. This Privacy Policy explains how we collect, use, protect, and share personal information when you interact with our AI data infrastructure services and website.

We are committed to processing your personal data in accordance with applicable data protection laws, including Japan's Act on the Protection of Personal Information (APPI) and, where applicable, the EU General Data Protection Regulation (GDPR).

Information We Collect

Information You Provide to Us

We collect information that you voluntarily provide when you use our services or contact us:

Contact Information: Name, email address, phone number, company name, and job title when you fill out inquiry forms or request information
Communication Data: Messages, questions, or feedback you provide through our contact forms or email correspondence
Service Request Information: Details about your data infrastructure needs, project requirements, and technical specifications you share with us
Account Information: If you create an account, we collect username, password, and profile information

Information Collected Automatically

When you visit our website, we automatically collect certain information about your device and browsing activity:

Technical Data: IP address, browser type and version, operating system, device type, screen resolution
Usage Data: Pages visited, time spent on pages, links clicked, referring website, search terms used to find our site
Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy for details)
Analytics Data: Aggregated statistics about how visitors use our website to help us improve user experience

Information from Third Parties

We may receive information about you from business partners, analytics providers, or publicly available sources when relevant to our services.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: When you have given explicit consent for specific processing activities
Contract Performance: When processing is necessary to fulfill our services to you
Legal Obligations: When required to comply with legal or regulatory requirements
Legitimate Interests: When necessary for our business operations, provided your rights are not overridden

How We Use Your Information

We use the information we collect for the following purposes:

Service Delivery and Communication

Respond to your inquiries and provide requested information about our services
Process and fulfill service requests for AI data infrastructure consulting
Send service-related communications, updates, and notifications
Provide customer support and technical assistance

Website Improvement and Analytics

Analyze website usage patterns to improve user experience
Conduct research and development to enhance our services
Test new features and optimize website performance
Generate aggregated statistics about service usage

Marketing and Business Development

Send marketing communications about relevant services (with your consent)
Personalize content and offers based on your interests
Conduct market research and customer satisfaction surveys
Develop new services based on user feedback and needs

Security and Legal Compliance

Protect against fraud, unauthorized access, and security threats
Comply with legal obligations and respond to legal requests
Enforce our terms of service and other agreements
Resolve disputes and address complaints

How We Share Your Information

We may share your personal information in the following circumstances:

Service Providers

We engage third-party companies to perform services on our behalf, including hosting, analytics, email delivery, and customer support. These providers have access only to the information needed to perform their functions and are contractually obligated to protect your data.

Business Partners

With your consent, we may share information with trusted business partners who offer complementary services that may be of interest to you.

Legal Requirements

We may disclose your information when required by law, court order, or government regulation, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity, subject to this Privacy Policy.

How We Protect Your Information

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

Encryption: Data transmitted between your device and our servers is encrypted using industry-standard SSL/TLS protocols
Access Controls: We restrict access to personal data to authorized personnel who need it to perform their job functions
Secure Storage: Personal data is stored on secure servers with appropriate safeguards and backup procedures
Regular Audits: We conduct regular security assessments and update our practices to address emerging threats
Employee Training: Our staff receives training on data protection principles and secure handling practices

While we strive to protect your personal information, no method of transmission or storage is completely secure. We cannot guarantee absolute security but maintain commercially reasonable safeguards.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law:

Contact Information: Retained for the duration of our business relationship plus six years for legal compliance
Service Records: Maintained for seven years to comply with business and tax regulations
Marketing Data: Retained until you withdraw consent or for three years of inactivity
Website Analytics: Aggregated and anonymized data may be retained indefinitely for statistical purposes

When personal data is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule.

Your Rights and Choices

You have several rights regarding your personal data. To exercise these rights, please contact us using the information provided below:

Right to Access

You can request a copy of the personal data we hold about you, including information about how we use it.

Right to Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

You can request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances, such as while we verify its accuracy.

Right to Data Portability

You can request to receive your personal data in a structured, commonly used format or have it transferred to another organization.

Right to Object

You can object to processing of your personal data based on legitimate interests, including direct marketing.

Right to Withdraw Consent

Where we process your data based on consent, you can withdraw that consent at any time without affecting the lawfulness of prior processing.

We will respond to your requests within 30 days. In some cases, we may need additional time or information to fulfill your request. If we cannot comply with your request, we will explain why.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may:

Avoid filling out contact forms, account registrations, or any data-submitting features
Disable cookies through your browser settings (see our Cookie Policy for more details)
Contact us directly to request the deletion of any previously shared personal data
Opt out of marketing communications by clicking the unsubscribe link in our emails

We respect your privacy choices. If you would like us to delete your data, please reach out to us at the contact details provided on our Contact page. We will process your request promptly and confirm deletion within 30 days.

International Data Transfers

Our primary operations are based in Japan. If you are accessing our services from outside Japan, please be aware that your information may be transferred to, stored, and processed in Japan or other countries where our service providers operate.

We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards, such as standard contractual clauses approved by relevant authorities.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last updated" date and, where appropriate, provide additional notice such as email notification.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

Contact Us About Privacy

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer: Yuki Tanaka

Email: info@domain.com

Phone: +81 3 6220-7485

Address: 4-3-14 Toyosu, Koto-ku, Tokyo 135-0061, Japan

You also have the right to lodge a complaint with the Personal Information Protection Commission (Japan) or your local data protection authority if you believe we have not handled your personal data appropriately.

Data Controller