Privacy Policy for Residents of the EEA

Enacted: July. 24, 2023

Aiming Inc. (hereinafter referred to as “we,” “us,” or “our”) serves as the administrator of personal information provided to us or collected by us during the use of our services. We will inform users of the purposes and means of processing personal information that they provide and the measures we have taken to protect such personal information.

1. Concerning the Information We Collect

Personal information refers to any information concerning a specific or identifiable natural person that is processed by us. The provision of a user’s personal information may be mandatory for reasons such as statutory requirements, contractual obligations, or other requirements necessary for the execution of a contract. In such cases, if the user does not provide the required personal information, we may not be able to provide our services to them. As an example, the provision of information associated with a user’s registration for our service is a requirement for using the service. Additionally, the provision of the user’s device information is a requirement for the user to use our websites.

Information Relating to Registering for Services

Upon registering for our services, users may be asked to provide the following information:

1. A name identifying the user (e.g., full name, user name, nickname, etc.)
2. Email address
3. Date of birth
4. Gender
5. Other information about the user that we specify
6. In the case of a minor (under 16 years of age), additional information regarding their legal representative (full name, date of birth, email address, phone number)

Device Information

The following information may be collected when using our services and websites:

1. Cookies and other device identifiers
2. IP addresses
3. Device type and model
4. OS and version number
5. Other information that the user has agreed to provide

Location Data

In order to provide services that require location information, we may collect location data from the user’s device.

Payment Information

In order for users to purchase virtual currency or licenses to use virtual items offered via our services, we may collect the following billing and payment information provided to third-party payment service providers (including, but not limited to, Apple Inc. and Google LLC):

1. Purchase ID, purchase date, purchased product, or purchase history details such as amount spent
2. Postal/Zip code

Information Related to Customer Support

We may collect and store the following information when providing customer support to users:

1. Email address, phone number
2. Device model, OS information, and information on how users access our services
3. User ID
4. Correspondence with support and any information contained therein

Information Related to the Use of Our Services

When users use our services, we may collect and store the following information provided directly to us by them, as well as other data pertaining to how they use our services.
We may also record and store interactions between users on our services and any information contained therein.

1. Device identification data, operating system, hardware version, device setup, browser type and setup, and data regarding website and application usage
2. IP addresses, log data, usage time, cookies, and web beacons
3. Emails and text-based messages, gameplay content, support inquiry history, search terms entered by the user, chat history and other interactions between users, and performance data

Information Regarding User Interests and Preferences

We may collect information regarding the interests and preferences of users as inferred from their browsing and purchase history.

Information Gathered Using Cookies or Similar Means

• When a user accesses our services or websites, we may use cookies or similar technologies to obtain data regarding their usage environment (browser, etc.), services, and website usage. We may also use similar technologies in some of our advertising systems.
• We may collect and use the following cookies or similar technologies in various ways to improve the user experience of our services.

  Cookie 設定

1. Essential cookies: These cookies are necessary for our services to function properly and include cookies necessary to create an account. These cookies are not used to collect information for marketing purposes nor do they store websites visited by the user.
2. Performance cookies: Collect information about how users use our services, including information about the pages they visit most frequently. If a user has previously specified certain preferences, those preferences will be stored in these cookies. We use these cookies to improve our services and to optimize the user’s experience so that they can search our services more conveniently.
3. Functionality cookies: Used to store settings such as layout, text size, basic settings, language, etc. in order for us to provide our services and improve user experience. Information collected by these cookies is not used to identify individual users.
• Users are able to disable cookies through their browser settings, but this may cause some of our services and third-party services to not function properly.
• We use the following access analysis tools on our services and websites. These analytics tools use cookies in order to collect data. The data is collected anonymously and cannot be used to identify individuals. It is possible for users to disable cookies and prevent these tools from collecting their data. Please check your browser settings for more details.

  Cookie 設定

1. Google Analytics

   Google Analytics uses cookies and other means to collect user information. To learn more about how Google Analytics collects and utilizes information when users visit our websites, please visit the “How Google uses information from sites or apps that use our services” page at (www.google.com/policies/privacy/partners/).
   For more information on the terms and conditions regarding Google Analytics, please refer to the Google Analytics Terms of Service and Google’s Privacy & Terms.
   https://marketingplatform.google.com/about/analytics/terms/us/ https://marketingplatform.google.com/about/analytics/terms/us/
   https://policies.google.com/technologies/ads

   https://policies.google.com/technologies/ads

2. Google Analytics Opt-out Add-on

   Users can also disable Google Analytics via their browser’s add-on settings to stop the collection of their information due to our use of Google Analytics. To disable Google Analytics, download and install the Google Analytics Opt-out Add-on from the Google Opt-out Add-on download page and change the add-on settings of your browser.
   https://tools.google.com/dlpage/gaoptout https://tools.google.com/dlpage/gaoptout
   For the terms and conditions of the Google Analytics Opt-out Add-on, please see “Google Analytics Opt-out Browser Add-on – Additional Terms of Service” and Google’s Web Store Terms of Service.
   https://tools.google.com/dlpage/gaoptout/intl/en/eula_text.html https://tools.google.com/dlpage/gaoptout/intl/en/eula_text.html
   https://policies.google.com/terms https://policies.google.com/terms

3. Microsoft Clarity

   For more information on Microsoft Clarity’s terms and conditions, please see the Microsoft Privacy Statement.
   https://privacy.microsoft.com/en-us/privacystatement https://privacy.microsoft.com/en-us/privacystatement

Information Acquired by Linking to External Services

We may acquire the IDs of external services used by users and other information that users have authorized our partners to disclose to us as per the privacy settings of those external services.

1. External service provider user ID
2. Other information that the user has agreed to provide to other affiliated companies

2. Purpose of and Legal Basis for Processing Collected Information

• We use the information we collect for the purposes found below and process data according to the legal bases listed. Furthermore, we may obtain the user’s consent to process personal information under certain circumstances. But even in such cases, except where we state the basis to be “consent (GDPR article 6.1 (a)),” the legal basis for doing so will be “when processing is necessary for the performance of a contract,” “when processing is necessary for the pursuit of legitimate interests,” or “when processing is necessary for compliance with a legal obligation.”
• Additionally, where required by law, we will only conduct direct marketing to customers after obtaining their consent.

(*)For more information on the balancing test for legitimate interests (article 6(1)(f) of the GDPR), please contact us using the address listed in section 12 below.

3. Retention Period of Personal Information

To determine the appropriate retention period for personal information, we consider the volume, nature, and sensitivity of the personal information, the risk of potential damage from its unauthorized use or disclosure, the purposes for which we process it, and whether or not we can achieve those purposes by other means, along with any applicable legal requirements. When our company no longer requires the personal information of users that we have collected, we will delete or anonymize the information. If deletion is not possible (for example, if the personal information is stored in backup archives) we will securely store the user’s personal information until it becomes possible to delete and will ensure that no further processing of the personal information takes place thereafter.

4. Safety Management of Collected Information

We will take necessary and appropriate measures to prevent the leaking, loss, or damage of any personal information that we handle, and otherwise safely manage such information.

5. Sources of Personal Information

We acquire the personal information of users directly, either by receiving it from them or by obtaining it automatically. However, for personal data of users who access our website, the information is indirectly acquired from external services usage analysis services used by our websites, such as Google LLC, Adjust Inc., AppsFlyer Ltd., payment service companies such as Apple Inc. and Google LLC, application development companies such as Sauce Labs Inc., as well as external services used by users.

6. Sharing and Providing Acquired Information to Third Parties

In order to achieve the purposes described in “2. Purpose and Legal Basis for Processing Collected Information” above, our company may share the personal information described in “1. Concerning the Information We Collect” above with the following third parties:

• Affiliated Companies
  We share information with members of our company group.
• Processors (Service Providers)
  We may hire vendors to perform certain business functions on our behalf, and these vendors may receive or directly collect information about users from us. Vendors and the business functions they provide may include the following:
  1. Businesses, such as Sauce Labs Inc., that provide service support functions such as customer service, customer relationship management, application development, list cleansing, physical mailing, and communications (email, fax).
  2. Auditing and accounting firms, such as those that assist in the preparation of our financial records.
  3. Specialized service consultants, such as companies that conduct analysis, provide support to improve our business, provide legal services, or provide project-based resources and support, etc.
  4. Providers of analysis and marketing services, such as Google LLC and AppsFlyer Ltd. (including companies who analyze the traffic of our online assets, identify potential customers, and assist with communications).
  5. Security vendors (such as those supporting the identification of and response to security incidents, service notifications, and fraud prevention).
  6. IT vendors (such as those supporting website design, hosting and maintenance, data and software storage, and network operations).
  7. Marketing vendors (such as those supporting the delivery of marketing emails).
  8. Other service providers necessary for our business activities.
• Business Partners for Marketing Purposes
  We may share a user’s device identifiers and information about their use of the services with our marketing business partners for marketing purposes.
• Online Advertising Partners
  We work with companies who assist us with advertising our services using tools such as cookies and online tracking technologies to collect information and measure the effectiveness of personalization, retargeting, and advertising.
• Social Media Platforms
  If a user interacts with us on a social media platform, that platform may be able to collect information about the user and their interactions with us. When a user interacts with social media objects (such as clicking the “Like” button on Facebook), both the platform itself and the user’s connections on said platform may be able to see that activity. To manage how such information is shared, please review the privacy policy of the social media platform in question.
• Government Institutions and Law Enforcement Agencies
  We may share information when we believe in good faith that we are lawfully authorized or required to do so in order to respond to a legal subpoena, warrant, court order, or other regulatory or law enforcement requests, or when necessary to protect our property or rights or the safety of our employees, customers, or other individuals.
• Other Businesses Involved in Commercial Transactions
  Our company’s ownership or corporate structure may change during the course of providing our services. We may transfer some or all of the information concerning our users to other entities, their affiliates, or service providers connected to them, or during negotiations relating to a merger, acquisition, sale of assets or lines of business, change in ownership, or financing transactions. We cannot guarantee that an acquired or merged entity will have the same privacy practices or treat user information as described in this policy.

7. Transfer of Personal Information Overseas

As a result of the sharing and disclosure of information mentioned above, a customer’s personal information may be transferred to the following countries:

• The United States
• Japan

Many of our IT systems are hosted within Japan. The European Commission has determined that Japan provides an adequate level of protection. For further details, please see the decision regarding the adequacy of protection available here.

Additionally, while we do transfer personal data to processors hosting or accessing the data outside of the EEA, as detailed below, in such cases, we take the appropriate measures to ensure the user’s data is adequately protected.

• United States – Personal information as described in “1. Concerning the Information We Collect” – Mechanism relied upon: Approved standard contractual clauses (Articles 46(2)(c) and 46(5) of the GDPR).

A copy of the document containing these protective measures can be obtained from the contact form provided in item 12 below.

8. A User’s Rights to Information

All users have the following rights:

1. Right to Information About Data Processing
   Users have the right to obtain from us all necessary information regarding any data processing that we conduct which affects the user (articles 13 and 14 of the GDPR).
2. Right to Withdraw Consent
   Users have the right to withdraw their consent at any time. However, the withdrawal of consent does not affect the lawfulness of information processing based on consent before such consent was withdrawn.
3. Right to Access Personal Information
   Users have the right to obtain confirmation from us as to whether or not we are processing their personal information and, if so, to access the personal information and certain related information (article 15 of the GDPR).
4. Right to Rectification Personal Information
   Users have the right to rectify inaccurate personal information concerning them without undue delay and to have incomplete personal information completed (article 16 of the GDPR).
5. Right to Erasure of Personal Information
   Under certain conditions, users have the right to have their personal information erased without undue delay (article 17 of the GDPR).
6. Right to Restrict Processing
   Users have the right to restrict us from processing their personal information under certain conditions (article 18 of the GDPR).
7. Right to Object to Processing
   Under certain conditions, users have the right to object to the processing of their personal information (article 21(1) of the GDPR).
8. Right to Object to Direct Marketing
   Users have the right to object to their personal information being processed for the purpose of direct marketing at any time (article 21(2) of the GDPR).
9. Right to Data Portability
   Under certain conditions, users have the right to receive their personal information in a structured, commonly used, and machine-readable format, and to transfer that data to another controller without hindrance from us (article 20 of the GDPR).
10. Right Not to Be Subject to Automated Decision Making
    Under certain conditions, users have the right not to be subject to a decision based solely on automated processing (not performed by a human) which produces legal or other significant effects (article 22 of the GDPR).
11. Right to Lodge a Complaint
    Users have the right to lodge a complaint with a data protection supervisory authority in the member state of their habitual residence, place of work, or the place of the alleged infringement (article 77 of the GDPR).

If you wish to exercise these rights, please contact us using the contact form provided in item 12.

9. Protection of the Personal Information of Minors

• When the legal basis for the processing of personal data is the user’s consent, we do not intentionally collect personal information from individuals under the age of 16 without prior consent from a parent or legal guardian. Users under the age of 16 who wish to use our services are required to obtain permission to do so from their parent or guardian.
• We may grant the guardian of a minor the right to view, correct, delete, or suspend the handling of said minor’s personal information, and to allow the guardian to request that the consent given to the above be revoked.

10. Privacy Policies of External Websites

Our services may contain links to external websites or services. This Privacy Policy only applies to the services that we provide. If you click on an external link, please ensure that you also read that website’s Privacy Policy.

11. Changes to the Privacy Policy

The contents of the Privacy Policy are subject to change.
Except for cases in which we stipulate otherwise, the revised Privacy Policy shall take effect from the time it is posted on this website.

12. Contact

If you have any questions, comments, feedback, or inquiries regarding the handling of the personal information of users, please contact us using the contact form below.

e-mail: support@danmachi-danchro.com