Privacy Policy

1. Who we are

2. Explanation of how we use your Personal Data

• Information entered or uploaded by you, or received by us on your behalf:
• Telephone number and email address at the time you register for the waiting list and apply for an Invite Code.
• Name, telephone number, address, date of birth, email address, as well as identification documents uploaded by you when you open a GIG-A account.
• Details of your transactions when you make an inquiry.
• Information requested by partner companies when you use their services:
  • Additional information requested by partner companies (such as the purpose of use of bank account)
  • Information needed for ID and authentication of the services provided by partners.
  • Transaction information of the services provided by partners (e.g., bank account information, including account information of individuals to whom transfers are made).
• Information collected for security purposes and for identification and authentication.
  • Personal information such as an address, telephone number, date of birth, financial information (e.g., credit card and bank account information), the purpose of the transaction, geographic location, description of the individual, photograph, and identification documents, etc
• At the time of legality verification.
  • Authentication information, the purpose of the transaction, facial photograph, identification documents, and documents related to individual transactions, etc.
• Information that is automatically collected by us when you use our Service
• When you make an inquiry
• We collect the content of your communication such as online chats, emails, direct messages, and other means.
• When you access and use our Service
  • Details of your transactions (including geographic location information at the time of the transaction)
  • Information on-screen transitions, clicks, and other activity on the Service
  • Your device information (including operating system, platform, time zone, language, and other settings),
  • Technical information such as Internet Protocol (IP) addresses used to connect to the Internet
  • Information about your network provider
• Information that we collect or receive from other sources
  • When we verify the information you have provided us
    • Personal information that is publicly available or published
    • Information provided by database providers
    • Information provided by credit reference agencies and the results of their inquiries,
    • Information provided by fraud prevention agencies and the results of their inquiries.

• To manage the operation of our Service and provide it to you.
• To provide your information to partner companies based on your requests.
• To provide guidance and support regarding our Services and to respond to your inquiries, complaints, disputes, and lawsuits.
• To ensure the security of the Service, including the prevention and detection of fraud and financial crime.
• To integrate and analyze customer data and develop credit scoring models.
• To provide information on our and our partners' products, services, and events through notifications on mobile applications, emails, and other means.
• To analyze the acquired information and provide customized information according to each customer's needs.
• To notify you of changes to the Service, terms, policies, etc.
• To manage the operations like campaigns, etc.
• To perform tasks, communications, and procedures associated with the above, and to respond to inquiries.
• To analyze the acquired information and use it to improve and enhance the Service and to develop new services
• To improve the quality of response to inquiries and to accurately understand the content of inquiries.
• To create, use, disclose, or provide statistical data related to the Service to the extent that individuals cannot be identified.
• To create, use, disclose, or otherwise provide data processed in such a way that individuals cannot be identified, for the purpose of improving or enhancing the Service, or for marketing materials.

• We may ask you to enter or upload details of your transactions.
• We may collect the contents of communications through online chat, e-mail, direct messages, or other means.

• To respond to inquiries
• To improve the quality of customer support
• To improve and develop services

• News articles or press coverage concerning individuals
• Contact information such as email addresses
• Contents of postings on social networking services.

• To provide information on our and our partners' products, services, events, etc. through various means of communication such as notifications on our mobile application and e-mails. This may include analyzing the acquired information for the purpose of providing relevant information to our customers.
• To integrate and analyze customer data to build a credit scoring model.
• To perform tasks, communications, and procedures associated with the above purposes, as well as to respond to inquiries from our customers.

3. When personal data is provided to third parties

4. Data Storage & Outsourcing

5. Your Rights

• The right to be informed about the purposes for which your personal data will be used.
• The right to request a copy of the personal data that we hold about you.
• The right to request the correction, supplementation, or deletion of personal data held by us about you. In such cases, we may need to verify the accuracy of any new data you provide.
• The right to request that we stop using or delete your personal data if the collection or use of your personal data is in violation of applicable law.
• The right to request that we stop direct marketing to you.
• The right to request that we stop providing your personal data to third parties. However, if you object to the provision of necessary data, we may have to close your account.
• The right to request disclosure of personal data provision records to third parties.

6. How to protect your personal data:

• We have established a basic policy for information security to ensure the proper handling of information assets, including personal data.

• We have established internal rules that stipulate how to handle information assets, including personal data, at each stage of acquisition, use, storage, provision, deletion/disposal, etc.
• We have also separately established detailed operating procedures to ensure that all employees who handle information assets can perform their duties in a more appropriate manner.

• We have appointed a person responsible for the management of personal data and have clarified the employees who handle personal data, as well as the scope and authority of personal data to which they have access.
• In addition, access privileges are reviewed on a regular basis.
• A system is in place for reporting to the person in charge in the event that a violation of internal rules, etc., a leak or loss of personal data, or any other incident is detected.
• A system is also in place for promptly responding to incidents.
• Periodic audits of the handling of personal data by an external organization are conducted.

• All employees are regularly trained, and their level of understanding is checked to further raise their awareness of the handling of information assets, including personal data, and of precautions regarding information security.
• The confidentiality of information assets, including personal data, is stipulated in the employment regulations, and a written pledge is collected from employees when they join the company.

• Prohibition of independent access to personal data and measures to restrict access.
• In principle, personal data is stored on cloud servers in Japan, and access is restricted to only certain terminals and networks.
• Downloading of personal data is monitored by logs.

• Employees who handle personal data and the personal data they handle are limited. Systems that handle personal data are protected from unauthorized access from outside or unauthorized software, and access logs are monitored.
• We regularly assess the security of our systems that handle personal data by conducting vulnerability assessments through external organizations, obtaining the latest security information, and taking appropriate measures to manage any risks.

• When dealing with personal data outside of Japan, we implement necessary and appropriate security measures based on our knowledge of the personal information protection systems in other countries.

7. Use of Modules, Cookies, etc.

• To provide Services (personal identification, customer support, etc.)
• To analyze how our Services are used, to distribute advertisements on behalf of us, and to measure the effectiveness of such advertisements.

• LIQUID Applicant SDK (Mobile App)
  Provider: Liquid Corporation (プライバシーポリシー - 株式会社Liquid（リキッド） ) Purpose of use: To perform identity verification (eKYC) Items obtained: Identification information (name, address and other input information, identification document ticket, photo and video, etc.) Provision to third parties: None
• Intercom (mobile app)
  Provider: Intercom (Terms and Policies | Intercom ) Purpose of use: To provide customer support Items collected: Individual inquiries, transaction details, and other items entered by customers and our operators in online chat Disclosure to third parties: None A part of personal data such as transaction details may be stored in overseas servers A part of personal data such as transaction details may be stored in overseas servers managed by the company, located in Ireland, U.S.A., Australia.
• Facebook SDK (Mobile App)
  Provider: Meta (Meta Privacy Policy - How Meta collects and uses user data ) Purpose of use: To measure advertising effectiveness tems collected: Anonymized identifiers (used solely for data exchange with Meta) and log data Disclosure to third parties: None A part of personal data, such as identifiers, may be stored on overseas servers managed by the company, located in U.S., Ireland, Denmark, and Sweden.
• Survey Monkey (website)
  Provider: Momentive (Terms of Use | Momentive ) Purpose of use: To conduct research, create waiting lists, and issue Invite Codes Items collected: e-mail addresses, responses to surveys Some personal data, such as e-mail addresses, may be stored on overseas servers managed by us (in the United States, Canada, the United Kingdom, Ireland, Germany, the Netherlands, and Australia).

• To improve convenience by storing information such as language preferences and the date and time of the last visit.
• To provide better service by understanding the number of visits, usage patterns, etc.

8. Others

• As stated in Article 5, if you request to know how your personal data is used, to access, correct, or delete your personal data, to suspend or delete the use of your personal data, or to suspend the provision of your personal data to third parties (collectively referred to as "disclosure, etc."), we will respond to such requests in compliance with the Personal Information Protection Law within a reasonable scope.
• To make such a request, you need to use our designated form and pay a prescribed fee. If you need to obtain the prescribed form for such purposes, please refer to the contact point specified in Article 9.
• Once we have confirmed that the request for disclosure or other actions related to personal data has been made by the person themselves and that their identity has been verified, we will promptly disclose the relevant personal data and provide notice of such disclosure by providing electronic records, typically. If the request is made by a representative, we will verify the representative's legitimate authority using official documents, a letter of attorney, or other methods. However, if there is no personal data to be disclosed or if there are justifiable reasons for not disclosing the data, we will inform the person accordingly.
• To obtain the disclosure of personal data and notification of purpose of use, a handling fee is required as specified by us, which is 1,000 yen per request and does not include consumption tax.

9. Contacts