Fotographer.ai Privacy Policy

1-10-9 Higashi-Gotanda, Shinagawa-ku, Tokyo ST Building 5F 

Fotographer AI Co., Ltd.

Representative Director:  Rintaro Suzuki

 

Fotographer AI Co., Ltd. (“the Company”), which operates the web system “Fotographer.ai” (the “System”) that automatically generates product photos using AI technology, recognizes the importance of protecting the personal information of users of this system (the “User”) and the Act on the Protection of Personal Information (the “Personal Information Protection Act”), in accordance with the following privacy policy (“the Privacy Policy”), will strive to handle and protect it appropriately.

 

1. Definitions

In the Privacy Policy, personal information and retained personal data shall be defined in accordance with the Personal Information Protection Act, and other definitions shall be in accordance with the “Terms of Use - Fotographer.ai” (the “User Terms”).

 

2. Clarification of the Purpose of Use

The Company acquires the following personal information on the site that operates the System (the “Site”) and uses it in accordance with the purpose of use.

 

1.    Acquired from the User

①   Information to be acquired:

・   Information such as e-mail address and password provided when registering an account for the System

・   SNS account information if the Company allow social login

・   Information such as name, company name, brand name, etc. registered by the User in the System

②   Purpose of use:

・   To register an account with the System and to confirm or manage the User's information,

・   To provide the functions of the System as stipulated in the User Terms,

・   To provide information on the functions of the System,

・   To settle the fee of users who use the paid plan,

・   To carry out the Company's actions under the User Terms,

・   To make administrative communications regarding the operation of the System,

・   To respond to acts that violate the User Terms,

・   To help improve the System, develop new services, etc.,

・   To conduct analysis for marketing of the System or other services, and

Ÿ   For other purposes incidental to the above purposes of use.

2.    Acquired from the inquiry form on the Site

(1)   Information to be acquired: Name, e-mail address, body of inquiry

(2)   Purpose of use: To respond to inquiries, etc.

 

3. Handling of Credit Card Numbers

As a general rule, the handling of credit card numbers is carried out through the System of the payment service provider, so the Company is not directly involved in the acquisition, use, provision, etc. of such information, and does not retain such information.

 

4. Restriction on Provision to Third Parties

Except as permitted by the Personal Information Protection Act and other laws and regulations, the Company will not handle personal information beyond the scope necessary to achieve the purpose of use without the consent of the User, nor will it provide it to a third party. However, this does not apply in the following cases. In addition, if the User requests notification of the purpose of use, the Company will notify the User in accordance with the procedure in Paragraph 8.

(1)  When required by law,

(2)  When it is necessary to protect the life, body, or property of a person and it is difficult to obtain the consent of the User,

(3)  When it is particularly necessary for the improvement of public health or the promotion of the sound development of children, and it is difficult to obtain the consent of the User,

(4)  When it is necessary to cooperate with a national agency, a local government, or an individual or entity entrusted by either of the foregoing in executing the affairs prescribed by laws and regulations, and obtaining the consent of the User is likely to interfere with the execution of the affairs,

(5)  When personal data is provided to an academic research institution, etc., and the academic research institution, etc. needs to handle the personal data for academic research purposes,

(6)  When the Company discloses or provides the personal data to a contractor to whom the Company has outsourced all or part of the handling of personal data to the extent necessary to achieve the purpose of use,

(7)  When personal data is provided as a result of business succession due to merger or other reasons, and

(8)  When sharing personal information in accordance with the provisions of the Personal Information Protection Act.

 

5. Restrictions on Acquisition and Use

The Company will acquire personal information in an appropriate manner and will not acquire it by deception or other wrongful means. In addition, the Company will not use personal information in a way that may encourage or induce illegal or unjust acts.

 

6. Implementation of Security Control Measures

The Company will take necessary and appropriate safety management measures for the management of retained personal data, such as the prevention of leakage, loss, or damage. In addition, the Company conduct necessary and appropriate supervision over those who handle it. Security control measures for personal data are as follows.

(1)  In order to ensure the proper handling of retained personal data, the Company have established the Privacy Policy regarding compliance with relevant laws and regulations and the contact point for handling questions and complaints,

(2)  For each stage of acquisition, use, storage, provision, deletion, disposal, etc. of retained personal data, the Company will determine the handling method and the person who handles it and handle it in accordance with the procedures prescribed by the Company,

(3)  As an organizational safety management measure, the Company have implemented the following;

    i.       With regard to the handling of retained personal data, the representative himself is responsible for clarifying the business and scope of handling it and is working to identify facts or signs of violation of the Personal Information Protection Act and the rules prescribed by the Company as necessary.

  ii.       The Company regularly check how the retained personal data, and do not become overconfident about how the Company handle it, but rather check it from an objective perspective.

(4)  The following personnel safety management measures are implemented;

    i.       The Company will be striving to strengthen awareness and improve knowledge regarding the handling of retained personal data.

  ii.       The Company will maintain the confidentiality of retained personal data.

(5)  The following physical security control measures are implemented;

    i.       The Company will limit the handling area of retained personal data and restrict the entry and exit of third parties and the removal of personal data.

  ii.       The Company will take measures to prevent theft or loss of equipment, etc., that handles retained personal data, and implements measures to ensure that the data is not easily identified even when it is carried.

(6)  The following technical security control measures are implemented;

    i.       Retained personal data is protected by passwords, access control, etc.

  ii.       The Company have introduced a mechanism to prevent unauthorized access to retained personal data by anti-virus measures and communication encryption.

(7)  The Company does not intentionally store, or handle retained personal data held by the Company in a foreign country.

 

7.Disclosure to the Person

When the Company is requested by the User to disclose retained personal data or records of provision to third parties in accordance with the provisions of the Personal Information Protection Act, the Company will disclose the information to the User without delay after confirming that the request is made by the User oneself (if the retained personal data or records of provision to a third party do not exist, the Company will notify the User to that effect). However, this does not apply if the Company is not obligated to disclose the information under the Personal Information Protection Act or other laws and regulations.

 

8.Corrections, etc.

In the event that the Company is requested by the User to correct, add, or delete the content of retained personal data (“Correction, etc.”) in accordance with the provisions of the Personal Information Protection Act, the Company will conduct the necessary investigation without delay to the extent necessary to achieve the purpose of use, after confirming that the request is made by the User oneself, and based on the results, correct the content of the retained personal data. The Company will notify the User to that effect (if the Company decide not to make Correction, etc., the Company will notify the User to that effect). However, this does not apply if the Company is not obligated to correct the information under the Personal Information Protection Act or other laws and regulations.

 

9.Suspension of Use, etc.

In the event that the Company is requested by the User to suspend the use or provision of retained personal data or delete it (“Suspension of use, etc.”) in accordance with the provisions of the Personal Information Protection Act, and if it is found that there is a reason for the request, the Company will make the Suspension of use, etc. without delay after confirming that the request is made by the User oneself and notify the User to that effect. However, this does not apply if the Company is not obligated to suspend the use of personal information under the Personal Information Protection Act or other laws and regulations.

 

10. Cookies, etc.

The Company may obtain information from the User by using cookies and similar technologies.

(1)  In order to use input assistance and access analysis, information may be acquired through cookies.

(2)  Cookies are recorded on the User's computer, but do not contain anything that identifies an individual. The User who wishes to disable cookies can do so by changing the settings of own web browser.

(3)  However, if the User disable cookies, the User may not be able to use some of the functions of the Company's services.

 

11. Google Policies, etc.

When the Company use the Google Analytics service, the following applies;

(1)  The User agrees to the following when the Company uses the Google Analytics service.

 That the Company uses cookies to collect the User's data

(2)  Regarding (1), the User will check the following link in the Google Privacy Policy regarding the information to be acquired, the purpose of use, and the provision to third parties.

 

Google Privacy Policy

https://policies.google.com/privacy?hl=ja

 

How Google uses information from sites or apps that use our services

https://policies.google.com/technologies/partner-sites?hl=ja

 

12. Inquiries

If the User have any requests for disclosure, opinions, questions, complaints, or other inquiries regarding the handling of personal information, please contact the Company through the inquiry form on the Site.

 

13. Revisions

The Company shall review the operational status of the handling of personal information from time to time and strive for continuous improvement and may revise the Privacy Policy as necessary. The method of revision shall be in accordance with the User Terms. The revised Privacy Policy will take effect from the time the revision date is displayed on the Site.

 

Revised on November 30, 2024