Privacy Policy

IMD Inc. (the “Company”) recognizes the importance of protecting all personal information handled by the Company as a social responsibility, and complies with applicable laws and regulations related to personal information as well as other relevant rules and guidelines, in order to protect individuals’ rights.

In addition, in order to implement the policies set forth below, the Company will establish a personal information protection management system and, while continuously monitoring trends in the latest IT technologies, changes in social requirements, and changes in the business environment, the Company declares that it will work company-wide to continually improve the system.

Basic Policy on Personal Information Protection

• The Company appropriately acquires, uses, and provides personal information handled in connection with employment and personnel management of employees, and will not handle such personal information beyond the scope necessary to achieve the specified purposes of use. The Company will also implement measures to ensure this.
• The Company complies with laws and regulations concerning the handling of personal information, as well as national guidelines and other standards.
• The Company will take reasonable security measures against risks such as leakage, loss, or damage of personal information, invest management resources appropriate to the actual state of the business, and continuously improve its security framework. In the unlikely event of an incident, the Company will promptly implement corrective actions.
• The Company will respond promptly and sincerely to complaints and inquiries regarding the handling of personal information.
• The Company will review and continually improve the personal information protection management system in a timely and appropriate manner, based on changes in the environment surrounding the Company and the actual circumstances.

Policy for Handling Personal Information and App Data

1. Data We Access (Data We Handle)

In the app and services, we obtain the following information as identifiers:

• Email address
• Anonymized identifier (e.g., in the case of OAuth authentication)
• Identifier of the device used to access the service (if available)
• Nickname (if available)

2. Purposes of Use

In the app and services, we use the collected data for the following purposes:

• User authentication (user identification and security)
• Notifications to users (we do not send advertisements via email address)
• How we address users within the service (mainly by nickname)

3. Data Sharing

We do not provide, share, or transfer personal information to any third party under any circumstances, whether free of charge or for a fee. We also do not use it for advertising or analytics.

4. Data Protection and Storage

We handle collected data as follows:

• Encryption at or above the industry standard level for the current era
• Processing on Linux OS (we do not use Windows OS)
• Multi-layer security for storage hosts, including VPN, access authentication, restricted personnel access, and automated monitoring
• Stored in specific databases; not handled in raw file format
• For certain particularly important information, stored using a patent-pending distributed encryption system

5. Data Retention and Deletion

We retain data for as long as the user maintains an account associated with the relevant email address.

If the Company closes a user’s account, we retain the data as a backup for at least three (3) months, and then delete it thereafter.

If the user proactively requests deletion, complete deletion is possible by either of the following methods:

• Delete the account from within the app (immediate deletion; not recoverable)
• Contact support: https://support.imd.jp/form/