Privacy Policy

Gekkado Inc. (hereinafter referred to as 'the Company') complies with global privacy standards, respects user privacy, and takes great care in managing personal information. This policy applies to all users of our services and complies with applicable laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Scope of Application

This Privacy Policy applies to the following services (hereinafter referred to as "the Services"):
- Our website and mobile applications
- Provided APIs and cloud services
- Customer support, inquiries, newsletter subscriptions, and marketing activities

By using the Services, you are deemed to have agreed to this policy.

2. Collected Personal Information

The Company may collect the following types of personal information.

2-1. Provided Information

- Name, email address, phone number, and address
- Payment information (The Company does not store credit card details; they are securely stored by Stripe)
- Company name, job title
- User profile information (avatar, social media accounts)

2-2. Automatically Collected Information

- IP address, device information, browser type
- Site visit history, usage data
- Information collected via cookies and tracking technologies (see Section 7: Use of Cookies for details)

2-3. Information from Third Parties

- Data analytics services (e.g., Google Analytics)
- Advertising partners (e.g., Google, Yahoo)

3. Purpose of Using Personal Information

The Company uses personal information for the following purposes:

1. Service provision and management (account creation, login, customer support)
2. Personalization (providing content based on user interests)
3. Marketing (newsletters, promotional offers)
4. Compliance and security (fraud detection, legal obligations)
5. Statistical data generation (anonymized data analysis)

4. Legal Basis (GDPR Compliance)

For EU users, data processing is based on the following legal grounds:
- Performance of a contract: To provide the Services requested by the user
- Legitimate interests: Improving user convenience and enhancing our services
- Legal obligations: Compliance with tax and regulatory requirements
- Consent: Marketing emails and the use of cookies (Consent can be withdrawn at any time)

5. Sharing of Personal Information

The Company does not share user personal information with third parties, except in the following cases:
1. Legal disclosure (disclosure to government agencies or law enforcement)
2. Business outsourcing (provision of data to service providers for processing and hosting)
3. Mergers or business transfers (data transfer in the event of a business succession)
4. User consent (data sharing based on user approval)

6. Data Retention Period

The Company retains personal information only for the period necessary to fulfill the purposes of data collection.
- Account information: Retained for up to five years after service termination (unless legally required otherwise)
- Contract and transaction data: Retained for up to seven years for tax and accounting purposes, after which it is anonymized or deleted. However, some data may continue to be stored by third-party payment providers such as Stripe.
- Marketing data: Retained until the user requests to unsubscribe.

7. Use of Cookies

The Company uses cookies for the following purposes:
- Essential cookies: Providing core site functionalities
- Analytical cookies: Analyzing site usage via tools such as Google Analytics
- Marketing cookies: Optimizing advertisements

Users can manage cookies through browser settings.

8. International Data Transfers

The Company operates globally and may store data in data centers in the EU, the United States, and the Asia-Pacific region.

GDPR-compliant safeguards:
- Japan has been granted an "Adequacy Decision" by the EU, meaning that data transfers from the EU to Japan are legally recognized.
- For data storage outside Japan (e.g., EU, U.S., Asia-Pacific), appropriate data protection measures are implemented based on Standard Contractual Clauses (SCCs).
- When transferring EU user data to Japan, the Company complies with Japan’s Act on the Protection of Personal Information (APPI).

9. User Rights (GDPR & CCPA)

Users have the following rights regarding their personal data:

- Right of Access: Request disclosure of their personal data
- Right to Rectification: Request corrections to inaccurate information
- Right to Erasure (Right to be Forgotten): Request deletion of unnecessary data
- Right to Restriction of Processing: Request limitations on data processing
- Right to Data Portability: Receive their data in a machine-readable format
- Right to Object: Object to certain types of data processing
- Right to Withdraw Consent: Withdraw consent-based processing at any time

Under the CCPA, California residents may request to opt out of the "sale" of their personal data ("Do Not Sell My Personal Information").

For inquiries, please contact us at:

Email: supportdocuest.com

Address:
9th Floor, Taiyo Seimei Toyama Building, 1-3-14 Takaramachi, Toyama City, Toyama, Japan, 930-0007
Gekkado Inc.

Effective Date: February 3, 2025