International Shipping Available

privacy policy

franky Co., Ltd. (hereinafter referred to as the "Company") recognizes the importance of protecting personal information, and complies with the Act on the Protection of Personal Information (hereinafter referred to as the "Personal Information Protection Act"). We will strive to handle and protect your personal information appropriately in accordance with its privacy policy (hereinafter referred to as the "Privacy Policy"). Unless otherwise specified in this privacy policy, the definitions of terms in this privacy policy are in accordance with the provisions of the Personal Information Protection Act.

1. Definition of personal information

In this privacy policy, personal information refers to information about living individuals that falls under any of the following items.

(1) Names, dates of birth, and other descriptions included in the information (any items written or recorded in documents, drawings, or electromagnetic records, or expressed using voice, movement, or other methods) information that can identify a specific individual (including information that can be easily compared with other information and thereby make it possible to identify a specific individual)

(2) Items that include a personal identification code

2. Purpose of use of personal information

Our company uses personal information for the following purposes.

(1) To provide the WIND AND SEA brand sales business (hereinafter referred to as "our services") (including product delivery, payment settlement, maintenance or troubleshooting, identity verification, authentication, security assurance, etc.) (Not limited to these.)

(2) To provide information regarding our services, respond to inquiries, etc.

(3) To provide information on products, services, etc. of our company or third parties through e-mail magazine distribution or other methods, or to advertise and measure advertising effectiveness.

(Four) To respond to acts that violate our company's terms, policies, etc. (hereinafter referred to as "Terms, etc.") regarding our services.

(Five) To notify you of changes to the terms of our services, etc.

(6) We analyze user input information or registration information, order information (including cancellation information, etc.), product purchase history, and other information related to user service usage to improve our services and create new services. To assist in the development, etc.

(7) To conduct, operate or manage surveys, campaigns, seminars or events

(8) To provide point services operated by our company

(9) For employment management and internal procedures (about personal information of executives and employees), for selection and communication in human resource recruitment activities (about personal information of applicants)

(Ten) For shareholder management, corporate law, and other legal procedures (regarding personal information of shareholders, stock acquisition rights holders, etc.)

(11) In connection with our services, to create statistical data processed in a format that does not identify individuals.

(12) For other purposes incidental to the above purposes of use.

3. How to collect personal information, etc.

3.1 In providing our services (as defined in Section 2), we collect the following information from users of our services by the following methods:

(1) Information we collect

 Profile information such as name, date of birth, address, phone number, email address, gender, hobbies, interests, etc.

 Information entered or submitted by users through input forms or other methods specified by our company
 Information regarding the usage status and usage method of our services (referrer, IP address, server access log, cookie, ADID, IDFA and other identifiers, terminal information, content viewed or viewed by the user, usage time and other user behavior history, etc.) )
 Information regarding inquiries
(2) Collection method
 How Users Enter Information on Our Services
 How we collect information when you use our services
 How to receive information from our affiliates (including external service providers such as SNS, information providers, advertisers, advertising distribution destinations, etc.)

3.2 The Company retains the information set forth in Section 3.1, Item 1 during the period in which the Company's services are provided and until one year after the provision of the Company's services ends.

4. Change of purpose of use of personal information

Our company may change the purpose of use of personal information within the scope reasonably deemed to be relevant, and in the event of a change, the purpose of use of personal information may be changed by the individual who is the subject of the personal information (hereinafter referred to as the "principal"). will be notified or announced.

5. Use of personal information

5.1 Our company will not handle personal information beyond the scope necessary to achieve the purpose of use without obtaining the consent of the person, except as permitted by the Personal Information Protection Act and other laws and regulations. However, this does not apply in the following cases.

(1) When based on laws and regulations
(2) When it is necessary to protect a person's life, body, or property, and it is difficult to obtain the consent of the person.
(3) When it is particularly necessary to improve public health or promote the healthy upbringing of children, and it is difficult to obtain the consent of the individual.
(Four) In cases where it is necessary to cooperate with a national agency, local government, or a person entrusted by them in carrying out the affairs stipulated by laws and regulations, obtaining the consent of the person concerned may interfere with the execution of the affairs. When there is a risk of
(Five) When personal data is provided to an academic research institution, etc., and the academic research institution, etc. needs to handle the personal data for academic research purposes (part of the purpose of handling the personal data is for academic research purposes) (Excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals.)

5.2 Our company will not use personal information in any way that may encourage or induce illegal or unjust acts.

6. Appropriate acquisition of personal information

6.1 Our company acquires personal information appropriately and does not acquire it through falsehood or other illegal means.

6.2 Our company will not acquire sensitive personal information (as defined in Article 2, Paragraph 3 of the Personal Information Protection Act) without the prior consent of the person, except in the following cases:

(1) If any of Items 1 to 4 of Section 5.1 apply.
(2) When personal information requiring special consideration is acquired from an academic research institution, etc., and it is necessary to acquire the personal information requiring special consideration for the purpose of academic research (part of the purpose for acquiring the personal information requiring special consideration is for academic research purposes) (Excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals.) (Limited to cases where the relevant personal information handling business and the relevant academic research institution, etc. conduct academic research jointly.) )
(3) If the personal information requiring special consideration is disclosed by the person, national institutions, local governments, academic research institutions, etc., persons listed in the items of Article 57, Paragraph 1 of the Personal Information Protection Act, or other persons specified by the rules of the Personal Information Protection Commission. If
(Four) When obtaining personal information that requires special consideration that is obvious from its appearance by visually observing or photographing the person.
(Five) When receiving personal information requiring special consideration from a third party, and the provision by the third party falls under any of the items in Section 9.1.

6.3 When receiving personal information from a third party, our company will confirm the following items in accordance with the rules of the Personal Information Protection Commission. However, this excludes cases where the provision of personal information by the third party falls under any of the items in Section 5.1 or any of the items in Section 9.1.

(1) The name or name and address of the third party, and in the case of a corporation, the name of its representative (in the case of an unincorporated organization with a designated representative or administrator, its representative or administrator).

(2) Background of the acquisition of the personal information by the third party

7. Safety management of personal information

Our company provides necessary and appropriate supervision over our employees to ensure the safe management of personal information against risks such as loss, destruction, falsification, and leakage of personal information. Additionally, when outsourcing all or part of the handling of personal information, our company will provide necessary and appropriate supervision to ensure the safe management of personal information at the outsourcing company. The details of the specific safety management measures regarding personal data held by our company are as follows.

Formulation of basic policy

In order to ensure the proper handling of personal data, we have formulated this privacy policy as a basic policy regarding "compliance with relevant laws and guidelines, etc." and "desktop for handling questions and complaints."

Establishment of regulations regarding the handling of personal data

Establish rules for handling personal data regarding handling methods, persons in charge and their duties, etc. for each stage of acquisition, use, storage, provision, deletion/disposal, etc.

Organizational security control measures

1) In addition to appointing a person responsible for the handling of personal data, we will clarify the employees who handle personal data and the scope of personal data handled by those employees, and if we identify facts or signs of violations of laws or handling regulations. Established a system for reporting to the person in charge.

2) Regularly conduct self-inspections regarding the handling of personal data, and conduct audits by other departments and external parties.

Personnel safety management measures

Matters related to confidentiality of personal data are included in the employment regulations.

Physical safety control measures

Take measures to prevent the theft or loss of devices, electronic media, documents, etc. that handle personal data, and ensure that personal data is not easily identified when carrying such devices, electronic media, etc., including when moving within the office. Implement measures to

Technical safety control measures

1) Implement access control to limit the scope of personnel and personal information databases, etc. handled.

2) Introducing a mechanism to protect information systems that handle personal data from unauthorized external access or unauthorized software.

Understanding the external environment

Since the foreign country where the provider of the cloud service that we use is located is Canada, and the country where the server where personal data is stored in the service is located is Canada or the United States, personal information in Canada and the United States When our company handles personal data in a foreign country, we will take security control measures after understanding the system for the protection of personal information in the foreign country.

8. Reporting of leaks, etc.

In the event that personal information handled by our company is leaked, lost, damaged, etc., and we are required to report to the Personal Information Protection Committee and notify the person in accordance with the provisions of the Personal Information Protection Act, we will: We will provide such reports and notifications.

9. Third party provision

9.1 Our company will not provide personal information to third parties without the prior consent of the person, except in cases that fall under any of the items in Section 5.1. However, the following cases do not constitute provision to a third party as specified above.

(1) When personal information is provided in conjunction with entrusting all or part of the handling of personal information to the extent necessary to achieve the purpose of use.

(2) When personal information is provided due to business succession due to merger or other reasons

(3) When jointly using information pursuant to the provisions of the Personal Information Protection Act

9.2 Notwithstanding the provisions of Section 9.1, except in cases falling under any of the items of Section 5.1, the Company may ) (excluding those who have established a system that complies with the standards specified by the rules of the Personal Information Protection Commission based on Article 28 of the Personal Information Protection Act). When providing personal information, we will obtain the consent of the person in advance to allow the provision to a third party located in a foreign country.

9.3 If we obtain the consent of the principal for the provision of personal information to a third party located in a foreign country pursuant to Section 9.2, we shall provide the principal with information regarding the following matters: However, if the matter in item 1 cannot be specified, in place of the matters in items 1 and 2, the fact that the matter in item 1 cannot be specified, the reason for that, and information that should be helpful to the person in place of the matter. If so, we will provide such information.

(1) Name of the foreign country

(2) Information regarding the system for protection of personal information in the foreign country concerned

(3) Information regarding measures taken by the third party to protect personal information (if the information cannot be provided, that fact and the reason)

9.4 When we provide personal information to a third party, we will create and preserve records in accordance with Article 29 of the Personal Information Protection Act.

9.5 When our company receives personal information from a third party, we will conduct the necessary confirmation in accordance with Article 30 of the Personal Information Protection Act, and create and preserve records related to such confirmation.

10. Disclosure of personal information, etc.

10.1 When we are requested by a person to disclose personal information based on the provisions of the Personal Information Protection Act, we will disclose personal information to the person without delay after confirming that the request is from the person himself/herself. (If the personal information does not exist, we will notify you to that effect.) However, this does not apply if the Company is not obligated to disclose pursuant to the Personal Information Protection Act or other laws and regulations.

10.2 The provisions of the preceding paragraph shall apply mutatis mutandis to records related to the provision of personal information to third parties created pursuant to Article 9.4 and records related to provision from third parties created pursuant to Article 9.5, regarding personal information that identifies the individual. shall be done. However, provisions regarding fees are excluded.

11. Correction of personal information, etc.

If a person requests that the personal information be corrected, added to, or deleted (hereinafter referred to as "correction, etc.") based on the provisions of the Personal Information Protection Act on the grounds that the personal information is not true, After confirming that the request is from the individual, we will conduct the necessary investigation without delay within the scope necessary to achieve the purpose of use, and based on the results, we will make corrections to the personal information, etc. We will notify the person to that effect (if we decide not to make any corrections, etc., we will notify the person to that effect). However, this does not apply if the Company is not obligated to make corrections, etc. pursuant to the Personal Information Protection Act or other laws and regulations.

12. Suspension of use of personal information, etc.

Our company will notify you that (1) your personal information is being used beyond the scope of the purpose of use announced in advance, or that your personal information is being used in a manner that is likely to encourage or induce illegal or unjust acts; Suspension of use or deletion of personal information based on the provisions of the Personal Information Protection Law (hereinafter referred to as "suspension of use, etc.") due to the reason that the person's personal information has been obtained by false or other illegal means. (hereinafter referred to as "Provision of Personal Information." or (3) if it is no longer necessary for our company to use the personal information of the person concerned, the main text of Article 26, Paragraph 1 of the Personal Information Protection Act regarding the personal information of the person concerned. Suspension of use or provision of personal information in accordance with the provisions of the Personal Information Protection Act, in the event that a situation stipulates occurs, or in other cases where the handling of the personal information of the person is likely to harm the rights or legitimate interests of the person. If suspension is requested and it turns out that there is a reason for the request, we will suspend the use or provision of personal information without delay after confirming that the request was made by the person himself/herself. and notify the person to that effect. However, this does not apply if the Company is not obligated to suspend use or discontinue provision pursuant to the Personal Information Protection Act or other laws and regulations.

13. Provision of personal information to third parties

13.1 Our company is limited to personal information (meaning what is specified in Article 2, Paragraph 7 of the Personal Information Protection Act, and is limited to information that constitutes a personal information database, etc. specified in Article 16, Paragraph 7 of the Act) provided by a third party. (hereinafter the same shall apply) is expected to be acquired as personal data, in addition to the cases listed in each item of Section 5.1, the following matters shall be confirmed in advance as specified in the Personal Information Protection Commission rules. We will not provide such personal information to any third party without doing so.

(1) The person's consent has been obtained to allow the third party to receive personally-related information from the Company and acquire it as personal data that can identify the person.

(2) When providing personal information to a third party located in a foreign country, if the consent of the person mentioned in the previous item is to be obtained, the system regarding the protection of personal information in that foreign country must be established in advance, as stipulated by the rules of the Personal Information Protection Commission. , Measures taken by the third party to protect personal information and other information that should be helpful to the person are provided to the person.

13.2 When we provide personal information to a third party, we will create and preserve records in accordance with Article 31 of the Personal Information Protection Act.

13.3 When receiving personal information from a third party, the Company shall conduct necessary confirmations and create and preserve records related to such confirmations in accordance with Article 31 of the Personal Information Protection Law.

14. Handling of kana-processed information

14.1 Our company uses pseudonymized information (meaning what is specified in Article 2, Paragraph 5 of the Personal Information Protection Act, and limited to that which constitutes the pseudonymized information database, etc. specified in Article 16, Paragraph 5 of the same Act. The same applies hereinafter). ), personal information shall be processed in accordance with the standards established by the Personal Information Protection Commission rules.

14.2 When the Company creates pseudonymized information, or obtains pseudonymized information and deletion information related to said pseudonymized information (means what is specified in Article 41, Paragraph 2 of the Personal Information Protection Act; the same shall apply hereinafter). In such a case, we will take measures for the safe management of Deleted Information, etc. in accordance with the standards established by the Personal Information Protection Commission rules as necessary to prevent the leakage of Deleted Information, etc.

14.3 In addition to cases based on laws and regulations, the Company may use pseudonymized information (limited to personal information; the same applies hereinafter in Sections 145.3 to 145.5) beyond the scope necessary to achieve the purpose of use. We do not handle

14.4 Regarding the application of Paragraph 4 to pseudonymized information, the phrase "to be changed within the scope reasonably deemed to be relevant" in the same paragraph is replaced with "to be changed" and "to be notified or announced." '' shall be read as ``to be announced''.

145.5 The provisions of paragraphs 8 and 101 to 123 shall not apply to pseudonymized information.

14.6 Notwithstanding the provisions of Sections 9.1 to 9.3, the Company will not provide personal data that is pseudonymized information to third parties, except as required by law. However, the cases listed in each item of Section 9.1 do not fall under the provision of personal information to a third party as specified above.

15. Use of cookies and other technologies

15.1 Our services may use cookies and similar technologies. These technologies help us understand the usage status of our services and contribute to improving our services. Users who wish to disable cookies can do so by changing their web browser settings. However, if you disable cookies, you may not be able to use some functions of our services.

15.2 Our services also include Google LLC (including Google Analytics).For information on how data is collected and processed by Google Analytics, see "Google's use of data when you use Google partner sites and apps." We use cookies provided by the website (see www.google.com/intl/ja/policies/privacy/partners/).

16. Contact us

For requests for disclosure, opinions, questions, complaints, and other inquiries regarding the handling of personal information, please contact the contact point below.

Name, address, and representative name of the business handling personal information

〒150-0041
 Bansho Building 1F, 1-9-10 Jinnan, Shibuya-ku, Tokyo
franky Co., Ltd. (Representative Director Yu Akasaka)

Contact point

telephone number :0357085757
E-mail: support@windandsea.jp

Click here for the inquiry form.
https://windandsea.jp/pages/contact

17. Continuous improvement

We will review the operational status regarding the handling of personal information as appropriate and strive for continuous improvement, and may change this privacy policy as necessary.

[Established on April 1, 2022]
[Updated on August 21, 2023]
RAFFLE CLOSES IN
00
DAYS
:
00
HOURS
:
00
MINUTES
:
00
SECONDS