Article 1 Company name, address, name of representative

Company name Leborn Co., Ltd.

Address 〒104-0033 1-25-2 Shinkawa, Chuo-ku, Tokyo Shinkawa ST Building 2F

Representative Representative Director Hiroaki Matsuoka

Article 2 Regarding compliance with laws and regulations

In order to protect personal information, we will comply with the Personal Information Protection Act, guidelines of each government agency, and other related laws and regulations.

Article 3 Acquisition and use of personal information

When we acquire personal information, we will announce or notify the purpose of use (including disclosure by this privacy policy), and directly from the person in contract or other documents (including electromagnetic records) ), we will specify the purpose of use in advance and acquire the personal information by lawful and fair means. We will use personal information appropriately within the scope necessary to achieve the purpose of use.

Article 4 About the method of collecting personal information and its purpose of use

1. When you register for use of our services on this website or within this application, when you use our services, when you request support, or when you inquire about our products and services, we will collect information from you We may collect the following personal information:

a) Name

B) Address

c) phone number

D) Email address

e) Payment/billing information

f) Contents of communication with customer support

g) Terminal name used

h) Contents of communication with customer support

i) Customer's location information

J) IP address

2　Our company will establish a management system for personal information protection according to the actual business situation regarding the handling of customer's personal information collected based on the preceding paragraph, and will appropriately handle the information within the scope of the following purpose of use in accordance with internal regulations, etc. and use with caution.

a) Websites operated by the Company provided by the Company (hereinafter referred to as the "Website"), services related to smartphone applications operated by the Company, and other services operated by the Company (identification AI service, fragrance AI services, sensory evaluation AI services, hereinafter collectively referred to as the "Services"), for the provision and management of

a) To inform customers of the usage status and operating status of the Service

c) For information about the Service and services provided by third parties affiliated with the Company

d) For improvement and development of this service

e) For responding to inquiries

f) For conducting questionnaires

g) To provide customized content for customers

h) To send notifications to customers regarding this service, our company, and third parties affiliated with our company, such as management hacker updates

i) For use in marketing and campaigns

J) To create statistical data on the usage of this service, processed into a format that cannot identify individuals or specific users S) To provide to a third party affiliated with our company C) Analysis of attribute information, behavior history, etc. acquired by the Company to understand the customer's hobbies, preferences, etc.

M) For other items incidental or related to the preceding items

​

3. Personal information obtained from this website and this application may be supplemented with other information obtained and held by our company. When the Company indirectly acquires personal information from a third party, it will be used within the scope of the above purposes after confirming whether the third party has properly acquired it from the individual.

4. Personal information collected on this website and this application will not be used beyond the original purpose of collection. In addition, when changing the purpose of use, we will not change it beyond the scope that is reasonably recognized to be related to the purpose of use before the change.

Article 5 Provision of Personal Information to Third Parties

We will not provide personal information entrusted to us to a third party without obtaining the prior consent of the customer. However, the following cases are excluded.

a) When it becomes necessary to provide personal information to an external contractor within the scope of the original purpose of use. In addition, when it becomes necessary to provide personal information to a subcontractor, we will provide it after appropriately supervising the subcontractor regarding information management.

b) When personal information is provided along with business succession due to merger or other reasons.

c) When personal information is jointly used with a specific person, to that effect, the items of personal information to be jointly used, the scope of joint users, and the use of the users. When the person is notified in advance of the purpose and the name or name of the person responsible for the management of the personal information, or when the person is placed in a state where the person can easily know it.

d) Other cases permitted under the Personal Information Protection Law.

Article 6 Provision of Personal Information to Third Parties

1.Except for cases stipulated by laws and regulations, when it is assumed that a third party will acquire personal related information as personal data, the third party will acquire the relevant information from the person who owns the relevant personal related information. We will not provide such information without confirming that consent has been obtained to allow us to do so. ​

2. Except in cases stipulated by laws and regulations, when personal related information is provided to a third party based on the confirmation in the preceding paragraph, the Company shall provide matters related to the provision (when, to what recipient, what kind of personal related information provided, how the third party obtained the consent of the person, etc.).

Article 7 Security control measures for personal data

The Company will take the necessary and appropriate security control measures for the management of personal data, such as prevention of leakage, loss or damage, as outlined below. In addition, we will exercise necessary and appropriate supervision over employees and contractors (including subcontractors, etc.) who handle personal data. Details of security control measures for personal data are stipulated separately in the "Personal Information Regulations".

​

(Formulation of Personal Information Protection Guidelines) In order to ensure the proper handling of personal data, we have formulated this privacy policy regarding "compliance with relevant laws and regulations, guidelines, etc." and "point of contact for questions and complaints."

​

(Improvement of Discipline Concerning Handling of Personal Data) For each stage of acquisition, use, storage, provision, deletion, disposal, etc., we have formulated "Personal Information Handling Regulations" for handling methods, responsible persons, persons in charge, and their duties.

​

(Organizational Security Control Measures) In addition to appointing a person responsible for handling personal data, clarifying the scope of personal data handled by employees who handle personal data and the scope of personal data handled by such employees, We have established a system for reporting and contacting the person in charge of personal information protection management when signs are identified. In addition, we regularly conduct self-inspections regarding the handling of personal data, and audits are conducted by other departments.

(Personnel Security Control Measures) We provide regular training to our employees on points to note regarding the handling of personal data. Matters concerning the confidentiality of personal data are described in the employment regulations.

​

(Physical Security Control Measures) In the area where personal data is handled, we manage the entry and exit of employees and restrict the equipment they bring in, and take measures to prevent unauthorized persons from viewing personal data. Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal data, and when carrying such equipment, electronic media, etc., including movement within the office, personal data cannot be easily identified. We are taking measures to

(Technical Security Control Measures) Access control is implemented to limit the scope of the person in charge and the personal information database, etc. handled. We have introduced a mechanism to protect information systems that handle personal data from unauthorized external access or unauthorized software.

Article 8 Management of subcontractors