Privacy Policy

1. About codoc, Inc.

Codoc Inc. (hereinafter referred to as "the Company") may handle user information, including personal information, in the course of providing Apps and various other service businesses (hereinafter referred to as "the Company's services"). The Company declares that it will comply with applicable laws and regulations and other standards regarding the protection of personal information, establish voluntary rules and systems, establish this Privacy Policy, and implement and maintain it

2. Application of this privacy policy

This Privacy Policy governs the Company's handling of personal information. It also describes how we use personal information, how we share personal information when it is shared, and your rights and choices regarding the handling of your personal information. If the Company has a separate privacy policy, it will be governed by that policy as well as this Privacy Policy. We also explain the use of access logs and other similar technologies in our services. By using our Services, you are deemed to have understood and agreed to this Privacy Policy.

3. Changes to this Privacy Policy

The Company may change this Privacy Policy as necessary. In the event of any changes, the Company will notify or announce the effective date and content of the revised Privacy Policy by appropriate means (e.g. posting on the Company's website, sending emails, notification on the Company's services, etc.). In addition, when the consent of the user is required by applicable laws and regulations or the content of the change, the user's consent shall be properly implemented.

4. Personal information to be collected

We receive and store information, including personal information, from users of our services. The term "personal information" as used in this Privacy Policy refers to information that can be used to identify an individual in accordance with applicable laws and regulations. For example, in the case of users to whom Act on the Protection of Personal Information in Japan applies, personal information is information about an individual that can be used to identify a specific individual by name, date of birth, or other description contained in the information (including information that can be easily cross-checked with other information to identify a specific individual). The term "personal information" refers to information that can be used to identify a specific individual by name, date of birth, or other description contained in the information (including information that can be easily collated with other information to identify a specific individual). The term "personal information" refers to information that can be used to identify a specific individual (including information that can be easily cross-checked with other information to identify a specific individual). For users covered by the General Data Protection Regulation ("GDPR"), this definition is based on the definition of "personal data" set forth in the GDPR; for users covered by the California Consumer Privacy Act of 2018 ("CCPA"), this definition is based on the definition of "personal data" set forth in the CCPA. In the case of users covered by the California Consumer Privacy Act of 2018 ("CCPA"), the definition based on "personal information" set forth in the CCPA will apply.

User's Registration Data

This data includes names, email addresses, social media accounts, etc. of users of our services.

Service Usage Data

Information such as IP address, access log, type of device used, device ID, device attributes, browser type, language, and operating system of users of our services. The purposes of use of the various types of personal data obtained from users and the legal basis for processing them in accordance with GDPR are as follows.

Type Purpose of use Basis
User's registration data For identification purposes when registering or logging in to our services Performance of contract.
Legitimate interests.
To provide information about our services, to contact you, to send newsletters, and to conduct surveys. Legitimate interests.
To provide content for our services, and to bill users for usage fees for paid services. Performance of contract.
Legitimate interests.
To cooperate with the courts, investigative agencies, and other relevant authorities in order to protect the life, body, or property of the Company, the user, or a third party. Compliance with legal obligations
Data on service use To inform and contact you for purposes related to our services. Performance of contract.
Legitimate interests.
To provide features, information, advertising, or other content based on a user's location. Legitimate interests.
To understand how users access and use our services, and to analyze the status of use. Legitimate interests.
For optimization of our services and development of new services. Legitimate interests.

The term "performance of contract" refers to the use of personal information by the Company to fulfill a contract with a user.

“Legitimate interests" means that we use personal information to provide you with the services you expect from us, with the intention of maintaining or developing the level of our services. For example, to analyze user usage and to design services that are more user-friendly.

The term "compliance with legal obligations" refers to the provision of personal information when the Company cooperates with the relevant authorities, such as courts and investigative agencies, in accordance with applicable laws. For example, if a user becomes a victim of illegal activities, personal information may be provided to the investigating authorities to protect the user's property.

5. Purpose of use of personal information

The Company may use the collected personal information for the following purposes.

  1. Identity verification and authentication services.

  2. After-sales service, inquiries and complaints.

  3. Inquiries to the Company and its services, and notifications of matters necessary for the operation of the Company's services .(including via email)

  4. Maintaining the system and responding to problems.

  5. Improvement of our services, development of new services, etc.

  6. Determination of whether a registered user is a member of antisocial forces.

  7. To send information about our services and products, to plan campaigns and sweepstakes, and to conduct questionnaires.

  8. Sending newsletters.

  9. Research and analysis of marketing data.

  10. To display, post or distribute advertisements that match the user's attributes on the Company's or a third party's website, web media, social media services, press release distribution services, books, magazines and other media.

  11. Provide functions, information, advertisements, or other content based on the user's location information.

  12. To understand how users access and use the Company's services, and to analyze the status of use.

  13. To bill users for use of paid services.

  14. Other purposes individually specified for each of the Company's services.

  15. Other purposes incidental to the above purposes of use.

6. Cookies and Access Logs

Our service does not use cookies, but we may install collection tags and other devices to obtain access logs. The access log contains information such as the IP address, host name, browser name, and access date and time of the user who accessed this website.

Behavior analysis and advertisement distribution using access logs

The Company's service uses access log records by the Company or third parties in order to understand site usage, improve the site, create reports and display appropriate advertisements and promotions. Access logs are managed in accordance with the Company's or the third party's privacy policy and other relevant policies. If the user does not wish to receive advertisements and promotions or to have access logs collected, the user can stop the distribution of advertisements and promotions or the collection of access logs by accessing the respective company's site and following the opt-out procedure.

In addition, our services use Google Analytics provided by Google LLC and Amazon Web Services provided by Amazon Web Services, Inc.

7. Provision of Personal Information to Third Parties

The Company may provide personal information to third parties (including those located outside Japan) in the following cases. The Company may provide personal information to third parties (including those located outside Japan) in the following cases.

  1. with the consent of the individual.

  2. when the disclosure of personal information is requested by a court of law, public prosecutor's office, police department, tax office, bar association, or an organization with equivalent authority.

  3. In order to display, post, or distribute advertisements that match the user's attributes on a third party's website, webmedia, social media service, press release distribution service, book, magazine, or other media, the information is provided to the third party.

  4. When the Company outsources all or part of its business to a third party within the scope necessary to achieve the purpose of use.

  5. In the event that personal information is to be used jointly with a specific party,

  6. when it is necessary for the Company to exercise its rights.

  7. in the event of a merger, transfer of business, or other event that results in the succession of business, the information will be disclosed to the person who succeeds to the business.

  8. when permitted by the Personal Information Protection Law or other laws and regulations.

The sale of the consumer's personal information of users residing in the State of California in the United States of America is not conducted under the CCPA, as is the case with users in other regions. In addition, when necessary to provide services to users (e.g, payment processing companies, etc.) the Company may entrust the handling of personal information to a third party after conducting necessary and appropriate supervision of the entrusted party, but such information may not be used for any other purpose.

8. Transfer to a third country

In the event that the Company transfers the User's personal data to third countries (other than countries and regions that have obtained sufficiency certification) other than Japan, European Union member states, and Iceland, Liechtenstein, and Norway ("EEA") in order to outsource the handling of personal information to third parties, the Company shall certify under the Privacy Shield Framework and enter into standard contractual clauses and will ensure the security of the destination country by certifying it under the Privacy Shield Framework, entering into standard contractual clauses, and other methods in accordance with applicable laws and regulations.

9. Provision of information to external vendors

In cases where the Company obtains support services from a third party in relation to the Company's services, the Company may share the user's personal information with a trusted vendor in conjunction with the outsourcing of all or part of the handling of personal data to the extent necessary to achieve the purpose of use. In the event of such sharing, the Company shall impose on such a contractor the obligation to use the user information only within the scope of the purposes authorized by the Company and to protect the user information according to the same or higher standards as the Company. In addition, the Company may provide third parties with personal information that has been processed in such a way that the individual cannot be identified through certain measures and the said personal information cannot be restored.

10. Retention and storage period of information

The Company will retain and store user information for the period necessary to carry out the purpose of use or for the period specified by applicable laws and regulations. After the purpose of use has been fulfilled or the period specified by applicable laws and regulations has expired, the personal information will be promptly deleted. However, in order to comply with our legal obligations and to protect our rights and interests, we may retain, store, and use your information. The Company also collects and retains data in which personal information has been processed in such a way that it cannot be used to identify an individual through certain measures and such personal information cannot be recovered. As a general rule, such data will be deleted promptly after the purpose has been fulfilled or the statutory period has expired, but may continue to be retained and stored for the protection of our rights and interests, the improvement of our services, or for compliance with legal obligations.

11. User's Rights

Users residing in certain countries or regions are granted certain rights regarding their personal information. In principle, these rights include the right of access to their personal information and the right to request its collection and deletion, but the conditions for exercising these rights, as well as additional rights, vary from country to country. However, the conditions for exercising such rights and additional rights vary from country to country. Therefore, we will separately explain your rights as described in Section 13. and Section 14. especially for users residing in the EEA and users residing in California, USA.

  1. Disclosure of Personal Information

When the Company is requested by a User to disclose his/her personal information, the Company shall disclose such information to the User without delay. However, the Company may decide not to disclose all or part of the information if disclosure would cause any of the following to occur, and if the Company decides not to disclose the information, it will notify the user to that effect without delay. The user may request disclosure of records pertaining to provision to a third party.

  • When there is a risk of harm to the life, body, property, or other rights and interests of the user or a third party.
  • In cases where there is a risk of significant hindrance to the proper execution of the Company's business.
  • When it would violate other laws and regulations.
  1. Correction, addition, deletion, suspension of use, and deletion of personal information

When a user requests the correction, addition, deletion, suspension of use, or elimination of his/her personal information, the Company will respond within a reasonable period of time in accordance with the law after confirming the identity of the user.

12. EEA Residents

This section explains the personal information of EEA residents that we handle and the rights of users under the GDPR.

  1. Right to Withdraw Consent

    You may withdraw your consent at any time, even if we have obtained your consent to collect your personal data. If the user withdraws his/her consent, the user may not be able to use all or part of the Company's services.

  2. Right to know

    The User may request an explanation of the User's personal information held by the Company, the purpose and method of use of such information, and may receive a copy of the User's personal information through procedures separately designated by the Company.

  3. Right to delete

    The user may request the deletion of the personal information handled by the Company regarding the user. However, this does not apply to the following cases.

    • When it is necessary to comply with legal obligations.
    • When there is a legitimate business purpose.
    • Necessary to prove, exercise, or defend a legal claim.
  4. Right to Change or Modify

    If the personal information collected by the Company from the User is inaccurate, the User may request the Company to change, add, or correct it by following the procedures separately specified by the Company.

  5. Right to object to, limit, or restrict the use of personal information

    You may request that we stop using all or part of your personal information, or restrict our use of it. You may also object or complain at any time to the supervisory authority of any country in the EEA or to us regarding our processing of your personal information.

13. United States - California Residents

This section describes the personal information of California residents that we handle and the user's rights under the CCPA. If you are a resident of California, you may exercise the following rights under the CCPA.

  1. Right to know

    • You may request the disclosure of the following information up to two times in a 12-month period with respect to your personal information that we have collected in the past 12 months
    • Categories of personal information that we have collected about you
    • Category of the information source pertaining to the personal information.
    • The purpose for which the personal information was collected.
    • Category of the third party with whom the personal information was shared.
    • Categories pertaining to the user's personal information disclosed by the Company for business purposes, and categories pertaining to third parties to whom the Company disclosed such information for business purposes.
  2. Right to delete

    The User may request the deletion of the personal information collected by the Company from the User to the extent provided for in the CCPA.

  3. Right to Opt-Out of the Sale of Personal Information

    A user may request to opt out of the sale of his or her personal information. However, as already mentioned, we do not sell, share, or rent personal information. If you have any questions on this point, please contact us using the contact information below.

  4. Refusal of discriminatory treatment

    The Company will not treat users unfairly or discriminate them from other users in exercising or having exercised the above rights. If you wish to exercise any of the above rights, you may contact the Company through the following contact point. In such cases, we may verify your identity with identification documents in order to confirm the basis for exercising your rights.

14. Notification by email or mobile

The Company will send notifications related to transactions involving the Company's services or to the provision of the Company's services as necessary. However, we try to refrain from sending you communications that you do not want to receive. As a general rule, for marketing communications sent by the Company, opt-in (obtaining prior consent) is required.

15. Security

We are committed to protecting the information we maintain about our customers from unauthorized access or disclosure. We are committed to continuously improving our security measures for protection. If a security problem is identified, we will take appropriate corrective measures. If you find any bugs or vulnerabilities in our services, please let us know using the contact information below. In the event of a breach of personal information, we will take appropriate action in accordance with applicable laws and regulations.

16. Links to Other Companies' Websites

The Company's website may contain links to other companies' websites. Other companies' websites are subject to their own rules and privacy policies that differ from those of the Company's website.

17. Use by children

Our Service is not available to minors under the age of 16 who reside outside of Japan. Minors under the age of 16 who reside outside of Japan should not provide any personal information through the Service. In the unlikely event that personal information is provided, please contact us via the contact information below, and we will delete the information in a timely manner.

18. Contact information

If you have any questions or complaints, or if you wish to exercise any of the rights described in this Privacy Policy, please contact us at the following address.

In addition to the above, inquiries regarding CCPA can also be sent by email.

email: info@codoc.jp