GDPR Notice (EU-style explanation)

We aim to follow core GDPR-style principles where applicable:

• Lawfulness, fairness, transparency — explain how data is used.
• Purpose limitation — use data for stated purposes.
• Data minimization — collect only what is needed for the request.
• Accuracy — keep information reasonably up to date.
• Storage limitation — keep data no longer than necessary.
• Integrity and confidentiality — protect data with reasonable safeguards.

• Identity and contact details (name, email, phone if provided).
• Message content (subject and message text).
• Technical data (limited logs and cookie preferences, where applicable).

We do not intentionally collect special categories of data via web forms. Please avoid including sensitive data in messages.

Depending on context and applicability, we rely on one or more of:

• Consent — when you submit a form and provide the consent checkbox.
• Steps at your request / contract — responding to your inquiry and preparing information you request.
• Legitimate interests — operating the website securely, preventing abuse, maintaining communication records.
• Legal obligation — if recordkeeping or compliance is required.

We keep data only for as long as needed for response handling, operational continuity, and legal/security needs.

• Inquiry communications: retained for a reasonable period for follow-ups and reference.
• Security logs: retained for a limited period to protect services.

If GDPR applies to your situation, you may have the right to:

• Access — request confirmation and a copy of your data.
• Rectification — correct inaccurate data.
• Erasure — request deletion in certain cases.
• Restriction — limit processing in certain cases.
• Portability — receive data you provided in a structured, commonly used format where applicable.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — where processing is based on consent.

To exercise rights, email us at [email protected]. We may need to verify your identity to protect your data.

Data may be processed in Japan and potentially other jurisdictions where service providers operate. Where required, we use reasonable safeguards and limit transfers to what is necessary.

We may use service providers (processors) for hosting and communications. We aim to:

• Use providers that support confidentiality and security controls;
• Limit data shared to what is necessary;
• Maintain appropriate contractual safeguards where applicable.

If GDPR applies, you may have the right to lodge a complaint with a supervisory authority in your EU/EEA country of residence or place of work.

We encourage contacting us first to address concerns directly.