Established: November 29,2024
Aidemy Inc. (hereinafter referred to as “Company”, “we”, “us”, or “our”) has established this privacy policy (hereinafter referred to as “Privacy Policy”) as a policy regarding the handling of personal data provided to us by our customers (hereinafter referred to as “Customers”, “you”, or “your”) residing in the European Economic Area (EEA). Personal data subject to this Privacy Policy (hereinafter referred to as “Personal Data”) is limited to the definition of personal data covered by the EU General Data Protection Regulation (“GDPR”).
1. Personal Data that we collect from Customers
(1)Processing of Personal Data at our Company
The categories of Personal Data that we may obtain from Customers are listed in the table below. We respect the privacy rights of individuals and comply with the GDPR and other laws and regulations relating to data protection and privacy. We may collect certain information from you through cookies when you visit our service-related websites. For a detailed breakdown of the information collected by cookies and how we use this data, please refer to our COOKIE POLICY.
We render various services to our Customers, and in connection with the provision of these services, we may process your Personal Data. In such cases, we ensure that we will obtain Personal Data by fair and appropriate means, notify the Customer or publicly announce the purpose of use of the Personal Data, obtain the consent of the Customer, and use and process the Personal Data only within the scope of its purpose.
The purposes and legal basis for the processing of Personal Data that we process as a controller are listed in the table below.
When we collect Personal Data from the Customers, we will clearly state whether the provision of Personal Data is a legal or contractual requirement for a Customer, or a requirement necessary to conclude a contract, as well as whether the Customer is obligated to provide such Personal Data to us, and of the possible consequences of failure to provide such Personal Data by the Customer.
In addition, while we may obtain the Customer’s consent for the processing of its Personal Data in certain cases, except where the legal basis is explicitly stated as “consent”, the legal basis for processing is typically based on the necessity of processing for pursuing legitimate interests or for the performance or conclusion of a contract.
| Specific purpose of processing | Categories of Personal Data | Legal basis for processing |
|---|---|---|
| Registration of Account |
|
Legitimate interests (to register the Customer as a user to use the Company’s services). |
| Provision of products, services, and content |
|
Legitimate interests (to provide the Company’s products, services, and content to the Customer ,and to enable the Customer’s company (including affiliates and subsidiaries) to conduct personnel evaluation, employee training, etc.). |
| Operation, improvement, and development of our website, products, services, and contents |
|
Legitimate interests (to maintain and improve the quality by investigating the usage status of the services). |
| Detection and investigation of fraudulent activities such as falsification and vandalism of the Company’s services, and illegal activities |
|
Legitimate interests (to maintain and manage systems related to the Company’s services, prevent fraud, and ensure proper operation of the services). |
|
|
Legitimate interests (to provide or receive necessary information for providing products and services by the Company or to respond appropriately to inquiries). |
| Notification of various information regarding the services in use (including service maintenance information) |
|
Legitimate interests (to provide necessary information for better products and services) |
| Other purposes explicitly agreed upon by the Customer at the time of information collection | Information agreed upon by the Customer. | Customer’s consent |
(2)Withdrawal of Consent
Customers have the right to withdraw their consent at any time using the method specified by the Company at the time of obtaining consent. However, the legality of data processing that was based on consent before its withdrawal will not be affected by such withdrawal of consent. Customers have an absolute right to opt out of direct marketing at any time, and they may opt out of it, by following the instructions provided in electronic communication, or by contacting us using the contact information set forth in Article 7 of this Privacy Policy.
We do not make decisions based solely on automated data processing that would have a legal or similarly significant effect on you.
If the provision of Personal Data is required by law or a contract, and there are potential consequences for not providing such data, we will separately inform you about such consequences.
2. Transferring Personal Data Overseas
When the Company needs to transfer the Customer’s Personal Data outside the European Economic Area (EEA), we will, unless otherwise notified to the Customer separately, implement appropriate safeguards by relying on adequacy decisions in the countries where they are recognized, or by entering into the European Commission’s Standard Contractual Clauses with the transferee in other countries where adequacy decisions have not been recognized.
If you wish to receive a copy of the documents related to these safeguards, please contact us through the contact information set forth in Article 7 of this Privacy Policy.
3. Sources of Personal Data
We collect Customer’s Personal Data either directly from the Customers or indirectly through third parties including:
- Company to which the Customer belongs (including subsidiaries and affiliates);
- Companies that provide data processing and hosting services; and
- Companies that provide us with data analytics and marketing tools (Google, Microsoft, Datadog, etc.);
4. Sharing of Personal Data
In accordance with the GDPR, we may disclose your Personal Data with third parties, operating the following categories of businesses for the purposes set out in this Privacy Policy. This sharing may include the transfer of your Personal Data to Japan, which is outside the EU/EEA.
(1)Cloud services managing the Customer’s information
(Location: Japan and the United States of America)
The transfer of Personal Data may involve transferring the Customer’s Personal Data to the United Kingdom, Japan, or the United States of America (subject to changes in business circumstances) which are outside the EEA.
(2)Company to which the Customer belongs
(3)Companies providing data analysis tools
To measure the effectiveness of internet advertising, the Company uses “enhanced conversions”, an analytics service provided by Google. Your Personal Data may be forwarded and transmitted to Google, using the hashing technology.
5. Retention Period of Personal Data
We will retain the Customer’s Personal Data that we collect only for as long as it is necessary to achieve the purposes of use set out above. The specific period of retention will be determined by taking into account the purpose for which the Personal Data is to be used, the nature of the Personal Data, and the legal or business necessity to retain the Personal Data.
6. Legal Rights of Customers
You have the following rights with respect to the Personal Data that we collect and process. If you wish to exercise any of the following rights, please contact us by using the contact information set forth under Article 7 of this Privacy Policy. Additionally, you may also object to our processing of your Personal Data to the data protection supervisory authority of the member state where you reside, work, or where the GDPR violation occurred.
(1)Obtaining Information on Data Processing
You have the right to obtain from us all necessary information regarding our data processing activities related to you.
(2)Access to Personal Data
You have the right to receive confirmation from us as to whether or not your Personal Data has been processed, and if so, you have the right to access such Personal Data and certain related information.
(3)Correction or Deletion of Personal Data
You have the right to have inaccurate Personal Data relating to you corrected without undue delay or to have incomplete Personal Data made complete. You also have the right to have Personal Data relating to you erased without undue delay if certain requirements are met.
(4)Restrictions on Processing of Personal Data
You have the right to have the processing of your Personal Data restricted if certain requirements are met.
(5)Objections to Processing of Personal Data
You have the right to object to the processing of your Personal Data if certain requirements are met.
(6)Data Portability of Personal Data
You have the right to receive your Personal Data in a structured, commonly used, machine-readable format, and to transfer such data to another controller without hindrance from us, provided that certain requirements are met.
(7)Not to be Subject to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated data processing (including profiling) that have legal effects or similarly significant effects on you, if certain requirements are met.
7. Contact Information
For any questions about this Privacy Policy, or if you wish to inquire or request the rights specified in Article 6 of this Privacy Policy, please contact one of the following:
(1) Company
Aidemy Inc.
Address: Otemachi One Tower 6F, 1-2-1 Otemachi, Chiyoda-ku, Tokyo 100-0004, Japan
Email: privacy@aidemy.co.jp
(2) Representative
LCA Studio Legale
Address: Via della Moscova 18, 20121 Milano, Italy
Phone: +39 027788751
Email: milano@lcalex.it
8. Updates to this Privacy Policy
This Privacy Policy may be updated from time to time. In the event of material or significant changes, the Company will notify Customers through its website and, if necessary, via email.