X-Locations Inc. (hereinafter referred to as the “Company“) will handle the information on users and related parties in “Allspark“ and other services that the Company provides (hereinafter referred to as the “Company Services“), as well as the information on users and related parties that the Company collects (hereinafter referred to as “User Information etc.“) in the following manner. In this policy, personal information means “personal information“ defined by Article 2(1) of the Personal Information Protection Act, and anonymously processed information means “anonymously processed information“ defined by the same article Section 9.
The Company will do its best to protect the important personal information of users and related parties, and will comply with laws and regulations and other norms.
2. About collection and use of User Information etc.
The Company receives the following User Information from its business partners and does not use them for any purpose other than the following.
1. Terminal information, position information
In order to provide the Company Services (the Company provides services relating to the delivery of mobile advertisement within a specific location range based on position information), and to maintain and improve it, the Company collects position information (including automated tracking type, GPS information, WiFi information, base station signals information) and terminal information (including but not limited to the type of terminal, anonymous identifier of UUID and IMEI that are associated with the mobile terminal, the type of mobile browser, operating system, log information, and IP address) of users and related parties acquired by the Company's business partners from the partners (application company, publisher, media platform and market, etc.).
In order to prevent the acquisition of information contrary to the intentions of users and related parties as much as possible, the Company requires its business partners to obtain the consent of users and related partners about providing their position information and terminal information to the Company before transmitting the information to the Company.
The Company is not able to identify users and related parties through its technology, and does not acquire names, e-mail addresses, telephone numbers, and other personal information without the consent of the users and related parties.
In addition, if users and related parties do not want to provide position information and terminal information, please disable the following advertisement identifiers at the terminal level: provision of position information; Cookie; Identification for Advertisers (hereinafter, “IDFA“); and Advertising ID.
2. Cookie, IDFA and Advertising ID
In providing the Company Services, the Company may use the technology called “IDFA“, “Advertising ID “ and “ Cookie“ and similar technology to collect and acquire information.
Advertising ID is an ID for advertisement issued by Google Inc, and it is a code to identify the mobile terminals of users and related parties when conducting targeting advertisement. Advertising ID is capable of identifying the mobile terminal of users and the related parties, but it is not capable of identifying the individuals of users and related parties. In addition, the users can disable Advertising ID function by setting so, but as a consequence, it may not be possible to use all or part of the Service (For details, please refer to the website of Google Inc., etc.).
Cookie is an industry standard technology by which web servers identify users' computers. Cookie is capable of identifying the computer of users and related parties, but it is not capable of identifying individuals of users and related parties. In addition, a user can refuse to receive cookies by changing its browser settings, or a user can set the browser to display a warning when it receives a Cookie. Most of the Service of the web site are available even if the browser does not accept a Cookie, however, please aware beforehand that the following situation may happen without a Cookie: limitation of available services such as not properly functioning; significant reduction of response rate; and the total unavailability of the services.
3. POI data, restaurant locations and menu prices, real estate prices etc.
The Company may collect and acquire POI data, restaurant locations, menu prices, real estate prices, etc. from published third party data in order to provide the Company Services.
The Company utilizes the collected data in order to deliver advertisements and other content that may be closely related to users and related parties, as well as to create data bases for behavioral characteristics inferred from the data, interested audiences, or profiles.
The Company may also purchase and use third party data licenses, such as data providers and position data vendors, to improve the quality of its data models in the Company Services. In addition, these third party data do not contain personal information.
4. Anonymously processed information
When the information collected by the Company fall under the personal information, and when processing said personal information and creating or providing anonymously processed information, the Company implements these processes according to the appropriate procedure following the law on the protection of personal information, and also with regard to anonymously processed information, the Company will take necessary safety measures and make appropriate review in accordance with the safety management of personal information.
5. Information that the Company collects and acquires from its own website, etc.
5-1. Personal information
In order to respond to inquiries from unidentified users and related parties, the Company may collect the information on the users and related parties such as: the personal names; organization names; addresses; telephone numbers or mail addresses of the users and related parties; and other information on users and related parties specified by the Company. Users and related parties can choose to provide or not provide the Company with this information by filling out a form on the email or website. The Company will keep these pieces of information for a reasonable period of time as a record.
5-2. Other than personal information
In order to maintain and improve the Company's web site, or to prevent fraud, or to perform market survey, and for the purpose of statistics and analysis and so on, the Company may collect the following information: IP host addresses; browsed pages; types of browser; Internet browsing and usage trends; Internet service providers; domain names; the date and time of visit to this web site; the URL of the link source; and the operating system of the computer; and so on. These pieces of information cannot by themselves identify a specific individual.
3. Disclosure of information to third parties
The personal information of the users and related parties collected and acquired for the management of the Company Services will not be provided to a third party (a “third party“ specified in Article 23 of the Act on the Protection of Personal Information) unless the person's consent is obtained. However, this does not apply to the cases listed below. In addition, regardless of the provisions of this section, the Company may provide statistical data that does not fall under personal information to third parties. Please be aware in advance.
- Legal reasons
Both within and outside of the country of the residence of users and related parties, it may become necessary for the Company to disclose personal information of users and related parties due to laws, regulations, legal procedures or requests from public or government agencies.
The Company may disclose information about its users and related parties if the Company believes it is necessary or appropriate for the realization of national security, law enforcement or other public interest.
The Company may disclose information about users and related parties if it decides that disclosure is reasonably necessary for enforcing the Subscriber Agreement, the Company's operations or for the protection of the Users or related parties.
- When it is necessary for protection of human life, body or property, and it is judged that it is difficult to obtain the consent of the person.
- When it is particularly necessary to improve public health or promote the sound development of children, and if it is judged to be difficult to obtain a consent of the person.
- In cases where it is necessary for a national organization or a local public entity or a person who receives the commission to cooperate in carrying out the affairs prescribed by the law, if it is judged to be difficult to fulfill the affairs concerned by obtaining the consent of the person in question.
- In the case of considering the succession of the Company's business by merger, business transfer or other reasons, if it is judged to be necessary to disclose it to the person who considers succession of the business.
- When disclosing as statistical information.
4. Disclosure / correction of user information etc.
When the User requests disclosure, correction, addition, or deletion of user information (including personal information) provided by users and related parties, please contact privacy at (please change to @) x-locations.com (the Company's legal team).
In addition, advertisement identifiers such as the above IDFA and Google Advertising ID can be disabled in the settings of various applications and browsers, and position information can be set off at the terminal level.
Unless the Company is required to store data such as User Information for legal or legitimate business purposes, the Company will put in commercially reasonable effort to allow users and related parties to have an access to request the Company to correct incorrect data or delete data.
If the information is incorrect, the Company will work in good faith to provide users with a way to update or delete them immediately. However, if the Company does not have these obligations under the Personal Information Protection Act or other laws, if the same request is repeated many times without justifiable reasons, or if the request requires excessive technical work, the above-mentioned procedure may not be possible to be taken place.
Before responding to requests from users and related parties, the Company may ask their identity confirmation.
5. Child's personal information
The Services does not generally target children under the age of 13, and the Company does not intentionally obtain personally identifiable information from such children. If for some reason the Company acquires personally identifiable information from children under 13 years of age without the consent of their parents, the Company will take appropriate action to promptly remove that information from the Company's records.
In the following cases, the Company assumes no responsibility for the acquisition of user information by third parties.
- When a user and related party themselves disclosed the user information etc. to a third party using the function of the Service or another means.
- When an individual was identified from the information, etc. that the user and related party inputted on the Service.
- When a third party acquired user information etc. from outside of the Company's site (including other sites that are linked from the Company's website).
- When a person other than the user or the related party obtained the information that can identify the user and the related party.
7. Consignment of handling of personal information
The Company may entrust the handling of all or part of personal information acquired from users and related parties to a third party to the extent necessary to achieve the purpose of use. In this case, the Company will enter into a confidentiality agreement, etc. in accordance with this policy in advance with the consignee, and will carry out necessary and appropriate supervision so that appropriate safety management of information can be achieved at the consignee.
8. Safety management system
- In order to prevent leakage, loss and damage of user information etc. and to protect other User Information, the Company has been taking necessary and appropriate measures for security management of User Information such as: restricted access to personal information files; restriction of the number of personnel who owns the access authorization to bare minimum; introduction of security software for preventing unauthorized access; hashing and encryption; and adoption of anonymization technology.
However, there is no 100 % secure transmission method or electronic storage method via the Internet. Therefore, while the Company strives to take commercially appropriate measures to protect the information of users and related parties, the Company cannot guarantee complete security.
- The Company, with its Representative Director as the responsible manager for User Information management, will communicate guidelines for privacy and safety to its employees, and will properly manage and continuously improve the User Information management system.
9. Discarding acquired information
The acquired personal information will be destroyed when it is judged to be reasonably unnecessary in light of the normal business operation by the Company.
11. For inquiries regarding personal information
Established: January 1, 2018