PRIVACY POLICY

This privacy policy (“Privacy Policy”) provides consumers with a comprehensive description of the practices of AIDIS Inc., a Japanese corporation (“Company”) regarding the collection, use, disclosure, and sale of Personal Information (as defined in Article 2 below) and of the rights of consumers regarding their Personal Information.

Article 1 (Handling of Personal Information)

Company acknowledges the importance of Personal Information, and shall handle the Personal Information of each user (“User”) of online gaming services and other services (“Services”) provided by Company in compliance with this Privacy Policy.

Article 2 (Personal Information)

As used in this Privacy Policy, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

Personal Information includes but is not limited to the following, if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular User:
• Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
• Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• Biometric information.
• Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
• Characteristics of protected classifications under California or federal law (e.g. race, age, sex, nationality, etc.).

Personal Information does not include:
• Publicly available information from government records.
• Deidentified or aggregated consumer information (i.e., anonymized information).
• Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Confidentiality of Medical Information Act (CMIA), or clinical trial data.
• Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

Article 3 (Categories of Personal Information Collected by Company)

In the 12 months preceding the effective date of this Privacy Policy, Company has collected the following categories of Personal Information from Users (Personal Information included in one category may overlap with information in another category or other categories):
• Identifiers: alias (a “Player Name”), unique personal identifier, online identifier, probabilistic identifier, internet protocol address, email address, account name, or other similar identifiers.
• Internet/Application Activity: data from User’s interaction with the Services, the Company’s website, application, or advertisement, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Company will not collect additional categories of Personal Information without providing Users notice in an updated Privacy Policy.

Article 4 (Categories of Sources of Personal Information)

The Personal Information that Company acquired in the 12 months preceding the effective date of this Privacy Policy was provided directly by Users in registering for and paying for Services from Company, and indirectly by Users using the Company’s Services or by third party sources such as social media sites, ad networks, and analytics providers.

Article 5 (Purpose of Use)

Company shall use Personal Information it obtains within the scope of the following purposes of use, or within the scope of purposes of use that are clear from the circumstances of acquisition. Company will not use Personal Information for any other purpose, except when agreed to by a particular User or when Company is legally mandated to do so. Company may use or disclose Personal Information it collects from Users for the following business purposes:
• To achieve the purposes for which the User provided the information. For example, if a User provides his or her Personal Information to purchase a product or service, Company will use that information to process the User’s payment and facilitate delivery.
• To provide, deliver, maintain, and improve Company’s Services.
• To help maintain the safety, security, and integrity of our products, services, websites, applications, databases and other technology and business assets.
• To calculate billing for the Services, refunds, and related paperwork.
• For advertising or promotion by Company or a third party.
• To provide information and notifications on the Services and new services related to the Services.
• To provide Users with support and to respond to User feedback and inquiries.
• For surveys, statistics, analysis, testing, research, analysis, and product development, including to develop and improve Company’s Services, websites, applications, and Company’s other products and services.
• For sales activity, orders, business contacts, exercising rights and fulfilling obligations, and the like.
• For administrative purposes such as human resources, labor management and welfare, business maintenance and development and the like.
• For employment selection and employee onboarding procedure at the time of employment, and the like.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• Other uses incidental to the uses in the preceding items.

Company will not use Personal Information for materially different, unrelated, or incompatible purposes without providing reasonable notice to Users.

Article 6 (Disclosure to Third Parties for Business Purpose)

Company shares User’s Personal Information with the following categories of third parties:
• Subsidiaries and affiliates.
• Contractors and service providers.
• Data aggregators.
• Third parties with whom Company partners to offer products and services to Users.

Company will not disclose Personal Information to third parties, except as described below, when agreed upon by the User, or when Company is legally mandated to do so:
• Disclosure to a financial institution, credit card company, collection agency, or other business that performs settlement or acts as an agency in order to settle payments or other monies due to Company;
• Disclosure to a third party as a linkage partner in order to use an external linkage service using various social media accounts (LINE, Twitter, Facebook, etc.) or Google account, and the like, when providing the Services;
• Disclosure to a contractor who is obligated under an agreement to manage Personal Information appropriately;
• Disclosure in connection with the sale of Services, a portion of the Services or certain stock and/or assets, or a corporate merger, consolidation, restructuring, or other corporate change including, without limitation, during the course of any due diligence process; and
• Disclosure is requested by a law enforcement, judicial, administrative, or regulatory agency, and Company believes in good faith that the law requires disclosure or that disclosure is necessary to protect or enforce the rights, property, safety, or security of Company or others.

Company has disclosed the following categories of Personal Information for a business purpose to the parties identified above:
• Identifiers.
• Internet/application activity.

Other than for the purposes specifically identified above in this Article 6, Company did not disclose any User’s Personal Information to third parties in the 12 months preceding the effective date of this Privacy Policy. Company did not sell any User’s Personal Information to third parties in the 12 months preceding the effective date of this Privacy Policy. Company does not and will not sell the Personal Information of any Users, including Users who are minors under 16 years of age.

Article 7 (Outsourcing of Personal Data)

Company may outsource the Services in whole or in part, and disclose necessary Personal Information to the third party contractor so that it can perform the Services smoothly to achieve the purpose of use. When outsourcing the Services, Company will supervise the contractor as necessary and appropriate, including supervision of subcontractors.

Article 8 (Secure Management, etc.)

Company will strive to keep Personal Information accurate and up-to-date, and delete applicable Personal Information when it is no longer needed.
Company will put in place the necessary and appropriate measures for the secure management of User Personal Information, such as preventing leaks, loss, damage, and other risks.
Regarding the handling of User Personal Information by its employees, Company will instruct all of its employees of the need for proper handling of Personal Information and will provide proper training and appropriate supervision.
Company may provide some Personal Information to external contractors in the course of carrying out Company business, such as providing the Services. In such cases, Company will select contractors that have appropriate security control measures in place regarding Personal Information, and will provide necessary and appropriate supervision.

Article 9 (California Consumer Privacy Rights)

Under the California Consumer Privacy Act of 2018 (Cal. Civ. Code, §§ 1798.100—1798.199, California consumers have the following rights:

(1) Right to Know: the right to request, free of charge, up to twice per year, that Company disclose what Personal Information of the consumer Company collects, uses, discloses, and sells. On a User’s request, Company will disclose:
• The categories of Personal Information that Company collected about the requesting party within the last 12 months.
• The categories of sources for the Personal Information that Company collected about the requesting party.
• Company’s business or commercial purpose for collecting or selling the requesting party’s Personal Information.
• The categories of third parties with whom Company shares the requesting party’s Personal Information.
• The specific pieces of Personal Information Company collected about the requesting party.
• If Company sold or disclosed the requesting party’s Personal Information for a business purpose, two separate lists disclosing:
　o sales, identifying the Personal Information categories that each category of recipient purchased; and
　o disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

(2) Right of Deletion: the right to request the deletion of their Personal Information collected or maintained by Company. On a User’s request, Company will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. Company may deny a User’s request to delete his or her Personal Information if it is necessary for Company to maintain the User’s Personal Information in order to:
• Complete the transaction for which the Personal Information was collected, provide a good or service requested by the User, or reasonably anticipated within the context of Company’s ongoing business relationship with the User, or otherwise perform a contract between Company and User.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
• Debug to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise that consumer’s right of free speech, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Penal Code Sections 1546 et seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the business’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
• To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
• Comply with a legal obligation.
• Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

(3) Right to Opt-Out of Third Party Sales. Consumers have the right to opt-out of the sale of their Personal Information by Company. As described in Article 6 above, Company does not sell Personal Information to third parties. Company will not disclose Users’ Personal Information except in order to allow Company to provide Services to Users as described in Article 6 above.

(4) Right to Non-Discrimination: the right not to receive discriminatory treatment by Company for the exercise of their privacy rights under the California Consumer Privacy Act.

California Civil Code Section 1798.83 permits California residents who use Company’s website to request information regarding Company’s disclosure of Personal Information to third parties for direct marketing purposes. Company does not and will not disclose User’s Personal Information to third parties for the third parties’ direct marketing purposes unless the User first affirmatively agrees to that disclosure.

California consumers who wish to take advantage of these rights may do so in accordance with the procedures set forth in Article 11 (Requests and Inquiries) below. Company will not discriminate or retaliate against Users for exercising any rights under the California Consumer Privacy Act of 2018.

Article 10 (Disclosure, Correction, or Removal of Personal Information.)

If a User requests disclosure, correction, or removal of his or her Personal Information, Company shall comply with such requests, except where prohibited by law. Note that Company's fulfillment of a User’s request to remove Personal Information may not ensure complete or comprehensive removal (e.g., if the content or information has been captured or reposted by another User).

Article 11 (Requests and Inquiries)

For requests to know what Personal Information Company collected about the User in the preceding 12 months, or for requests to correct or delete Personal Information, Users must submit a verifiable consumer request that (1) provides Company with sufficient information to reasonably verify that the person making the request is a User about whom Company collected Personal Information or an authorized representative of a User and (2) describes the User’s request with sufficient detail to allow Company to properly understand, evaluate, and respond to the User’s request. A verifiable consumer request should include, at a minimum, the requesting User’s full name (first, middle, and last name), the email address the User used to register for Company’s products, and the username that he or she used in registering for Company’s products or services. Company will use Personal Information provided in a verifiable consumer request only to verify the requesting party’s identity or authority to act on behalf of the requesting party. If Company is unable to verify that the person submitting a verifiable consumer request to know, correct, or delete Personal Information is either a User or is authorized by a User to act on such User’s behalf, Company will be unable to respond to such a request and will be unable to disclose Personal Information. Company may submit one or more requests for further information to allow Company to verify the legitimacy of such a request. To exercise his or her rights to know, to correct, or to delete Personal Information, a User may submit a verifiable consumer request to Company by any of the three means provided for below.

Users may submit requests to opt-out of the sale of Personal Information or may provide comments, questions, concerns, or other feedback about Company’s handling of Personal Information, by any request, which need not be a verifiable consumer request.

Users may submit verifiable consumer requests (to know, correct, or delete Personal Information) or ordinary requests (to opt-out of sales of Personal Information or for inquiries or feedback about Company’s handling of Personal Information)
to Company by any of the following methods:
• Electronic Mail: info@aidis.co.jp
• Website poral: https://www.aidis.co.jp/en/contact/
• Physical Mailing Address:
AIDIS Inc.,
Attn: Personal Information Protection Administrator.
6F, Sumitomo Fudosan Aoyama-Dori Building, 1-7-7 Shibuya,
Shibuya-ku, Tokyo

Company will attempt to respond to a User’s request to know, correct, or delete Personal Information within forty-five (45) days of the User’s request. If Company needs more time (not to exceed an additional 45 days), it will notify the requesting party of such need in writing within 45 days of the User’s request. If a User has an account with Company, it will deliver its written response to that account. If a User does not have an account with Company, it will deliver its written response by mail or electronically, at the User’s election. Company does not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Article 12 (Do Not Track Requests)

Because there currently is not an industry or legal standard for recognizing or honoring Do Not Track (DNT) signals, Company does not respond to them at this time.

Article 13 (Changes to Privacy Policy)

Company reserves the right to amend this Privacy Policy without the prior agreement of the User when it deems it necessary and at any time.
In the event Company makes changes as provided for in the preceding paragraph, Company will promptly notify Users, such as by posting a notice on Company’s website. After Company makes changes to this Privacy Policy and notifies Users per the preceding sentence, continued use of the Services by the User will be deemed acceptance of the updated Privacy Policy.

Article 14 (Contact Information)

If consumers have any questions or comments about this Privacy Policy, the ways in which Company collects and uses Personal Information described above, consumer choices and rights regarding such use, or to exercise any consumer rights under California law, please contact Company at:
• Electronic Mail: info@aidis.co.jp
• Website poral: https://www.aidis.co.jp/en/contact/
• Physical Mailing Address:
AIDIS Inc.,
Attn: Personal Information Protection Administrator.
6F, Sumitomo Fudosan Aoyama-Dori Building, 1-7-7 Shibuya,
Shibuya-ku, Tokyo

Last Updated on March 5th, 2020