Privacy Policy

Last Updated: April 30, 2026

1. Introduction

This Privacy Policy (hereinafter, this Policy) explains how Japan Onsen & Sauna Guide (hereinafter, this Site) collects, uses, protects, and shares the personal information of users (hereinafter, Users).

This Site provides services to users in Japan and internationally, and complies with the following laws and regulations:

Japan’s Act on the Protection of Personal Information (APPI)
EU General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
Other applicable data protection laws of each country

2. Operator Information

Service Provider: ForceEngine Co., Ltd.

Note: For the free parts of the service, such as facility search and article browsing, the transactions are mainly those that do not fall under the Act on Specified Commercial Transactions as mail-order sales. On the other hand, if you purchase paid digital content such as the premium magazine, please refer to the Notice Based on the Act on Specified Commercial Transactions.

3. Personal Information Collected

3.1 Information Collected When Registering for the Waitlist

When you register for the premium magazine waitlist, we collect the following information.

Email address (entered voluntarily by the user)
Registration date and time
Language setting at the time of registration

The collected information is used only to send notification emails when the magazine is released. You can unsubscribe from the waitlist at any time via the unsubscribe link in the email.

3.2 Information Collected When Making an Inquiry

We collect the following information submitted through the inquiry form.

Email address
Inquiry details
Date and time of submission

3.3 Information Collected Automatically

When you access this Site, the following information is collected automatically:

IP address
Browser type and version
Operating system
Referrer URL (the page from which you accessed this Site)
Date and time of access
Pages viewed
Cookie ID (described below)

3.4 Location Information

When using the facility search function, we may obtain the device’s location information (latitude and longitude) with the user’s permission. This information is used only to provide search results and is not stored.

3.5 Information Collected When Purchasing or Paying for the Premium Magazine, etc.

When purchasing paid content through Stripe Checkout or similar services, the following information is processed by us or through a payment processor.

Email address (for purchaser verification and sending magic links)
Identification information for the purchased content (such as magazine identifiers)
Identifiers related to payment and orders (such as transaction IDs issued by the payment processor. We do not store the card number itself on our servers.)
Payment amount, currency, and payment date and time (as transaction records)

Sensitive payment information such as card numbers and security codes is handled by the payment processor in compliance with PCI DSS.

3.6 Information Handled During Login (Authentication) via Magic Links, etc.

Login for viewing paid content involves the authentication infrastructure used by our company. In this process, the following information may be generated and stored.

Email address (the destination for login links)
Session identifiers and authentication tokens (may be stored in browser cookies, etc.)
Technical logs related to login attempts (IP address, access date and time, etc. to prevent misuse)

4. Purposes of Using Personal Information

We use the collected personal information for the following purposes:

4.1 Providing the Service

Displaying and managing content
Processing purchases of paid content, managing purchase history, and granting viewing privileges
Enabling login via magic links, maintaining sessions
Sending purchase completion notifications, viewing links, and re-login links (when the user initiates the procedure)

4.2 Improving the Service

Access analytics
Improving site usability
Developing new features

4.3 Communication

Responding to inquiries
Sending important notices (security-related matters, service changes, etc.)
Sending magazine release notification emails to waitlist registrants (based on the registrant’s consent)
Sending purchase completion guidance for paid content and login emails via magic links, etc. (when the user initiates the procedure)

4.4 Preventing Misuse

Detecting spam and bots
Investigating security incidents

4.5 Compliance with Laws and Regulations

Fulfilling legal obligations
Responding to legal claims

5. Legal Basis for Processing Personal Information (GDPR Compliance)

The legal bases for processing the personal information of EU residents are as follows:

5.1 Legitimate Interests (GDPR Article 6(1)(f))

Analysis for service improvement
Preventing misuse
Maintaining security

5.2 Consent (GDPR Article 6(1)(a))

Use of analytics cookies
Registration for the waitlist

5.3 Compliance with Legal Obligations (GDPR Article 6(1)(c))

Retention of information required by law

5.4 Performance of a Contract (GDPR Article 6(1)(b))

Including users within the EU, we process email addresses and information related to purchases and payments to the extent necessary for entering into and performing contracts for the purchase of paid content.

6. Use of Cookies

This Site uses the following cookies:

6.1 Essential Cookies (No Consent Required)

| Purpose | Retention Period | | ---------------------------------------- | ---------------------- | | Saving language settings | 30 days | | Maintaining login sessions (paid access authentication, etc.) | In accordance with the authentication platform’s settings |

6.2 Analytics Cookies (Consent Required)

| Purpose | Retention Period | | ----------------------------------------------------- | ---------------- | | Access analytics (statistics such as visitor count and page views) | Up to 2 years |

About the analytics service: This Site uses third-party analytics services to analyze site usage. These services use cookies to track user behavior, but do not collect information that identifies individuals.

Managing Cookies: In your browser settings, you can refuse cookies or delete existing cookies. However, disabling essential cookies may cause some functions of the service to stop working properly.

7. Provision of Personal Information to Third Parties

This Site does not provide users’ personal information to third parties except in the following cases.

7.1 Third Parties Necessary for Service Provision

| Category | Purpose | Information Provided | Location | | ------------------------- | -------------------------------- | --------------------------------------------------------- | -------- | | Cloud database / authentication | Database, authentication, storage | Information related to waitlist, purchases, and authentication, session-related data | U.S., etc. | | Analytics service | Analyzing site usage | Access logs | U.S. | | Hosting provider | Website hosting | Access logs | U.S. | | Email delivery service | Delivery of notifications, magic link emails, etc. | Email address, link tokens contained in email body, etc. | U.S. | | Payment processor | Credit card payment processing | Information necessary for payment (the full card number is not retained by us) | U.S., etc. |

These third parties manage personal information under strict security standards based on appropriate data processing agreements (Data Processing Agreement).

7.2 International Data Transfers

As noted above, some personal information is transferred to the United States and outside the EU. These transfers are protected by the following mechanisms:

Standard Contractual Clauses (SCC)
Adequacy decisions (where applicable)
Other safeguards in compliance with Chapter V of the GDPR

7.3 Disclosure Based on Laws and Regulations

In the following cases, personal information may be disclosed due to legal obligations:

Court orders
Formal requests from law enforcement agencies
To protect life or bodily safety in emergencies

8. User Rights

8.1 Rights of All Users

Right of access: the right to confirm your own personal information
Right to correction: the right to correct inaccurate information
Right to deletion: the right to delete personal information
Right to object: the right to object to the processing of personal information

8.2 Additional Rights for EU Residents (GDPR Subjects)

Right to data portability: the right to receive personal information in a machine-readable format and transfer it to another service
Right to restriction of processing: the right to restrict processing under certain circumstances
Right to object to automated decision-making, including profiling

8.3 Additional Rights for California Residents (CCPA Subjects)

Right to know: the right to know the categories and specific information of personal information collected
Right to deletion: the right to request deletion of personal information
Right to opt out of sale: the right to opt out of the sale of personal information (this Site does not sell personal information)
Right to non-discrimination: the right not to be discriminated against for exercising your rights

8.4 How to Exercise Your Rights

To exercise these rights, please submit a request through the inquiry form.

Response Period:

Standard requests: handled within 30 days
Complex requests: up to 60 days (you will be notified in advance if extended)

9. Data Retention Periods

| Type of Data | Retention Period | | ------------------------------------ | ---------------------------------------------------------------------- | | Waitlist registration information | Until unsubscribe via the unsubscribe link, or 90 days after magazine release | | Records related to purchase and payment of paid content | For the period required by law and accounting/tax obligations (unnecessary items will be deleted after the period) | | Inquiry details | Up to 1 year after completion of handling | | Access logs | Up to 90 days | | Backup data | Up to 180 days | | Cookies | Varies by cookie (see above) |

Retention for legal compliance: Only when there is information that must be retained due to specific legal obligations, such as tax-related records, we retain it for the period specified by law.

10. Data Security

This Site implements the following technical and organizational measures to protect personal information from unauthorized access, loss, destruction, and alteration:

10.1 Technical Measures

SSL/TLS encryption: encrypting all communications over HTTPS
Regular security updates

10.2 Organizational Measures

Strict management of access permissions
Establishment of a security incident response plan

10.3 Response in the Event of a Data Breach

If a leak of personal information occurs:

Report it to the supervisory authority within 72 hours (GDPR requirement)
If the risk is high, notify affected users directly
Investigate the cause and implement measures to prevent recurrence

11. Children’s Personal Information

This Site is not intended for children under 13 (under 16 for EU residents). We do not intentionally collect personal information from children under 13 (under 16 for EU residents).

If we discover that a child under 13 has provided personal information to this Site, we will promptly delete that information.

If you are a parent or guardian and believe your child has provided personal information to this Site, please contact us immediately.

12. Changes to the Privacy Policy

This Site may update this Policy from time to time in response to changes in laws and regulations or improvements to the service.

12.1 How Changes Are Notified

Notice on the Site

12.2 Effectiveness of Changes

The revised policy takes effect when posted on the Site. Continued use of the service will be deemed acceptance of the revised policy.

13. For EU Residents (GDPR Compliance)

13.1 Data Controller

The operator of this Site is the data controller of your personal information.

13.2 EU Representative (GDPR Article 27)

As with this Site, which is based outside the EU, personal data may be sent outside the EU (for example, to the United States) through servers, payment processors, and similar services (cross-border transfer). Under the GDPR, this is mainly organized as a matter of Chapter V (safeguards for transfers, such as adequacy decisions and Standard Contractual Clauses).

On the other hand, the appointment of an EU representative under Article 27 is not determined solely because there is a cross-border transfer. It is a separate rule under which an appointment may be required when a controller outside the EU handles personal data in connection with, for example, the continuous provision of goods or services to people in the EU, if the legal requirements are met.

This Site does not currently appoint an EU representative. If use by EU residents becomes continuous and substantial, and we determine that Article 27 measures are necessary, we will respond accordingly, such as by notifying you in this Policy or elsewhere. For individual legal judgments, please consult a specialist if necessary.

13.3 Complaints to Supervisory Authorities

If you have a complaint regarding the GDPR, you may file it with the data protection supervisory authority in your country of residence.

Major EU data protection authorities:

Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
France: Commission Nationale de l'Informatique et des Libertés (CNIL)
List of supervisory authorities by country

14. For California Residents (CCPA Compliance) {#ccpa-rights}

14.1 About the Sale and Sharing of Personal Information

Important notice: This Site does not sell personal information.

This Site does not do the following:

Selling personal information to third parties in exchange for monetary consideration
“Sharing” as defined by the CCPA (disclosure of personal information for cross-context behavioral advertising purposes)

About sharing with third parties:

Personal information shared by this Site with service providers (cloud providers, analytics services, etc.) is limited to the extent necessary to provide the service, and these service providers operate under strict data protection agreements. Such sharing does not constitute “sale” or “sharing” as defined by the CCPA.

14.2 Global Privacy Control (GPC) Support

This Site automatically recognizes and honors the Global Privacy Control (GPC) signal.

What GPC is:

A signal sent through a browser or browser extension
An expression of the user’s intent: “Do not sell or share my personal information”
A response required under California law (CCPA)

This Site’s response:

When you visit this Site with a browser that has GPC enabled, analytics cookies are automatically disabled
No banner is shown, and privacy-first settings are applied immediately

How to set up GPC:

Supported browsers: Brave, Firefox (extensions), DuckDuckGo, etc.
For details: https://globalprivacycontrol.org/

14.3 Exercising California Rights

You may exercise your rights using the method described in Article 8 of this Policy.

Special rights for California residents:

Right to know: the categories and specific information of personal information collected in the past 12 months
Right to deletion: request deletion of personal information held by this Site
Right to opt out of sale (this Site does not sell)
Right to non-discrimination: service quality will not be reduced because you exercised your rights

How to exercise your rights:

Please submit a request through the inquiry form.

Response period: Within 45 days (up to 90 days if complex, with prior notice if extended)

15. Waitlist Registration and Unsubscribe

15.1 About Registration

The premium magazine waitlist is a service that users who wish to receive a notification when the magazine is released may register for voluntarily. Only an email address is required to register.

Registration for the waitlist processes personal information based on the following legal basis (GDPR Article 6(1)(a)):

Consent: the user is deemed to have consented by voluntarily entering their email address and pressing the registration button.

15.2 About Notification Emails

After registration, we may send the following emails:

Registration confirmation email
Magazine release notification email

We do not send spam emails at all. We will contact you only with magazine release notifications.

15.3 How to Unsubscribe

You can unsubscribe from the waitlist at any time:

Unsubscribe link in the email: click the "unsubscribe" link in the received email
Inquiry form: contact us through the inquiry form to request unsubscribing

After unsubscribing, the registration information will be deleted promptly.

16. Processing for Premium Magazine Purchasers (Payment / Authentication Links)

16.1 Purchase and Payment

When purchasing paid content, email addresses, purchase details, transaction identifiers issued by the payment processor, and similar information are processed for the performance of the contract and compliance with laws and regulations. Credit card numbers and similar information are, in principle, handled within the payment processor’s system, and we do not store them on our Site’s servers.

16.2 Authentication Links

We may send a one-time login URL to the email address of users who have viewing privileges. This is because we use an authentication method in which we do not permanently retain passwords. The validity period of the link and the procedure for reissuing it follow the guidance in the relevant email and on the Site.

16.3 Third-Party Services

For details of payment, authentication/database, email delivery, and other processing, please refer to Article 7 of this Policy and the privacy policies of each provider.

17. Governing Law and Jurisdiction

17.1 Governing Law

The interpretation and application of this Policy shall be governed by the laws of Japan.

However, the following laws and regulations may apply preferentially:

For EU residents: the EU General Data Protection Regulation (GDPR)
For California residents: the California Consumer Privacy Act (CCPA)
Other mandatory laws and regulations of the user’s place of residence

17.2 Court of Jurisdiction

Any disputes regarding this Policy shall be subject to the exclusive agreed jurisdiction of the Tokyo District Court as the court of first instance.

However, this does not apply where the jurisdiction of another court takes precedence under mandatory laws and regulations.

Revision History

2026-04-14Partial revision

2026-03-13Partial revision

2026-02-20Partial revision

2025-12-11Initial publication

Contact Us

For inquiries or complaints regarding the handling of personal information, please use our contact form.

Go to Contact Form

Privacy Policy

Last Updated: April 30, 2026

1. Introduction

This Site provides services to users in Japan and internationally, and complies with the following laws and regulations:

Japan’s Act on the Protection of Personal Information (APPI)
EU General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
Other applicable data protection laws of each country

2. Operator Information

Service Provider: ForceEngine Co., Ltd.

3. Personal Information Collected

3.1 Information Collected When Registering for the Waitlist

When you register for the premium magazine waitlist, we collect the following information.

Email address (entered voluntarily by the user)
Registration date and time
Language setting at the time of registration

The collected information is used only to send notification emails when the magazine is released. You can unsubscribe from the waitlist at any time via the unsubscribe link in the email.

3.2 Information Collected When Making an Inquiry

We collect the following information submitted through the inquiry form.

Email address
Inquiry details
Date and time of submission

3.3 Information Collected Automatically

When you access this Site, the following information is collected automatically:

IP address
Browser type and version
Operating system
Referrer URL (the page from which you accessed this Site)
Date and time of access
Pages viewed
Cookie ID (described below)

3.4 Location Information

3.5 Information Collected When Purchasing or Paying for the Premium Magazine, etc.

When purchasing paid content through Stripe Checkout or similar services, the following information is processed by us or through a payment processor.

Email address (for purchaser verification and sending magic links)
Identification information for the purchased content (such as magazine identifiers)
Identifiers related to payment and orders (such as transaction IDs issued by the payment processor. We do not store the card number itself on our servers.)
Payment amount, currency, and payment date and time (as transaction records)

Sensitive payment information such as card numbers and security codes is handled by the payment processor in compliance with PCI DSS.

3.6 Information Handled During Login (Authentication) via Magic Links, etc.

Login for viewing paid content involves the authentication infrastructure used by our company. In this process, the following information may be generated and stored.

Email address (the destination for login links)
Session identifiers and authentication tokens (may be stored in browser cookies, etc.)
Technical logs related to login attempts (IP address, access date and time, etc. to prevent misuse)

4. Purposes of Using Personal Information

We use the collected personal information for the following purposes:

4.1 Providing the Service

Displaying and managing content
Processing purchases of paid content, managing purchase history, and granting viewing privileges
Enabling login via magic links, maintaining sessions
Sending purchase completion notifications, viewing links, and re-login links (when the user initiates the procedure)

4.2 Improving the Service

Access analytics
Improving site usability
Developing new features

4.3 Communication

Responding to inquiries
Sending important notices (security-related matters, service changes, etc.)
Sending magazine release notification emails to waitlist registrants (based on the registrant’s consent)
Sending purchase completion guidance for paid content and login emails via magic links, etc. (when the user initiates the procedure)

4.4 Preventing Misuse

Detecting spam and bots
Investigating security incidents

4.5 Compliance with Laws and Regulations

Fulfilling legal obligations
Responding to legal claims

5. Legal Basis for Processing Personal Information (GDPR Compliance)

The legal bases for processing the personal information of EU residents are as follows:

5.1 Legitimate Interests (GDPR Article 6(1)(f))

Analysis for service improvement
Preventing misuse
Maintaining security

5.2 Consent (GDPR Article 6(1)(a))

Use of analytics cookies
Registration for the waitlist

5.3 Compliance with Legal Obligations (GDPR Article 6(1)(c))

Retention of information required by law

5.4 Performance of a Contract (GDPR Article 6(1)(b))

6. Use of Cookies

This Site uses the following cookies:

6.1 Essential Cookies (No Consent Required)

6.2 Analytics Cookies (Consent Required)

| Purpose | Retention Period | | ----------------------------------------------------- | ---------------- | | Access analytics (statistics such as visitor count and page views) | Up to 2 years |

7. Provision of Personal Information to Third Parties

This Site does not provide users’ personal information to third parties except in the following cases.

7.1 Third Parties Necessary for Service Provision

These third parties manage personal information under strict security standards based on appropriate data processing agreements (Data Processing Agreement).

7.2 International Data Transfers

As noted above, some personal information is transferred to the United States and outside the EU. These transfers are protected by the following mechanisms:

Standard Contractual Clauses (SCC)
Adequacy decisions (where applicable)
Other safeguards in compliance with Chapter V of the GDPR

7.3 Disclosure Based on Laws and Regulations

In the following cases, personal information may be disclosed due to legal obligations:

Court orders
Formal requests from law enforcement agencies
To protect life or bodily safety in emergencies

8. User Rights

8.1 Rights of All Users

Right of access: the right to confirm your own personal information
Right to correction: the right to correct inaccurate information
Right to deletion: the right to delete personal information
Right to object: the right to object to the processing of personal information

8.2 Additional Rights for EU Residents (GDPR Subjects)

Right to data portability: the right to receive personal information in a machine-readable format and transfer it to another service
Right to restriction of processing: the right to restrict processing under certain circumstances
Right to object to automated decision-making, including profiling

8.3 Additional Rights for California Residents (CCPA Subjects)

Right to know: the right to know the categories and specific information of personal information collected
Right to deletion: the right to request deletion of personal information
Right to opt out of sale: the right to opt out of the sale of personal information (this Site does not sell personal information)
Right to non-discrimination: the right not to be discriminated against for exercising your rights

8.4 How to Exercise Your Rights

To exercise these rights, please submit a request through the inquiry form.

Response Period:

Standard requests: handled within 30 days
Complex requests: up to 60 days (you will be notified in advance if extended)

9. Data Retention Periods

Retention for legal compliance: Only when there is information that must be retained due to specific legal obligations, such as tax-related records, we retain it for the period specified by law.

10. Data Security

This Site implements the following technical and organizational measures to protect personal information from unauthorized access, loss, destruction, and alteration:

10.1 Technical Measures

SSL/TLS encryption: encrypting all communications over HTTPS
Regular security updates

10.2 Organizational Measures

Strict management of access permissions
Establishment of a security incident response plan

10.3 Response in the Event of a Data Breach

If a leak of personal information occurs:

Report it to the supervisory authority within 72 hours (GDPR requirement)
If the risk is high, notify affected users directly
Investigate the cause and implement measures to prevent recurrence

11. Children’s Personal Information

This Site is not intended for children under 13 (under 16 for EU residents). We do not intentionally collect personal information from children under 13 (under 16 for EU residents).

If we discover that a child under 13 has provided personal information to this Site, we will promptly delete that information.

If you are a parent or guardian and believe your child has provided personal information to this Site, please contact us immediately.

12. Changes to the Privacy Policy

This Site may update this Policy from time to time in response to changes in laws and regulations or improvements to the service.

12.1 How Changes Are Notified

Notice on the Site

12.2 Effectiveness of Changes

The revised policy takes effect when posted on the Site. Continued use of the service will be deemed acceptance of the revised policy.

13. For EU Residents (GDPR Compliance)

13.1 Data Controller

The operator of this Site is the data controller of your personal information.

13.2 EU Representative (GDPR Article 27)

13.3 Complaints to Supervisory Authorities

If you have a complaint regarding the GDPR, you may file it with the data protection supervisory authority in your country of residence.

Major EU data protection authorities:

Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
France: Commission Nationale de l'Informatique et des Libertés (CNIL)
List of supervisory authorities by country

14. For California Residents (CCPA Compliance) {#ccpa-rights}

14.1 About the Sale and Sharing of Personal Information

Important notice: This Site does not sell personal information.

This Site does not do the following:

Selling personal information to third parties in exchange for monetary consideration
“Sharing” as defined by the CCPA (disclosure of personal information for cross-context behavioral advertising purposes)

About sharing with third parties:

14.2 Global Privacy Control (GPC) Support

This Site automatically recognizes and honors the Global Privacy Control (GPC) signal.

What GPC is:

A signal sent through a browser or browser extension
An expression of the user’s intent: “Do not sell or share my personal information”
A response required under California law (CCPA)

This Site’s response:

When you visit this Site with a browser that has GPC enabled, analytics cookies are automatically disabled
No banner is shown, and privacy-first settings are applied immediately

How to set up GPC:

Supported browsers: Brave, Firefox (extensions), DuckDuckGo, etc.
For details: https://globalprivacycontrol.org/

14.3 Exercising California Rights

You may exercise your rights using the method described in Article 8 of this Policy.

Special rights for California residents:

Right to know: the categories and specific information of personal information collected in the past 12 months
Right to deletion: request deletion of personal information held by this Site
Right to opt out of sale (this Site does not sell)
Right to non-discrimination: service quality will not be reduced because you exercised your rights

How to exercise your rights:

Please submit a request through the inquiry form.

Response period: Within 45 days (up to 90 days if complex, with prior notice if extended)

15. Waitlist Registration and Unsubscribe

15.1 About Registration

The premium magazine waitlist is a service that users who wish to receive a notification when the magazine is released may register for voluntarily. Only an email address is required to register.

Registration for the waitlist processes personal information based on the following legal basis (GDPR Article 6(1)(a)):

Consent: the user is deemed to have consented by voluntarily entering their email address and pressing the registration button.

15.2 About Notification Emails

After registration, we may send the following emails:

Registration confirmation email
Magazine release notification email

We do not send spam emails at all. We will contact you only with magazine release notifications.

15.3 How to Unsubscribe

You can unsubscribe from the waitlist at any time:

Unsubscribe link in the email: click the "unsubscribe" link in the received email
Inquiry form: contact us through the inquiry form to request unsubscribing

After unsubscribing, the registration information will be deleted promptly.

16. Processing for Premium Magazine Purchasers (Payment / Authentication Links)

16.1 Purchase and Payment

16.2 Authentication Links

16.3 Third-Party Services

For details of payment, authentication/database, email delivery, and other processing, please refer to Article 7 of this Policy and the privacy policies of each provider.

17. Governing Law and Jurisdiction

17.1 Governing Law

The interpretation and application of this Policy shall be governed by the laws of Japan.

However, the following laws and regulations may apply preferentially:

For EU residents: the EU General Data Protection Regulation (GDPR)
For California residents: the California Consumer Privacy Act (CCPA)
Other mandatory laws and regulations of the user’s place of residence

17.2 Court of Jurisdiction

Any disputes regarding this Policy shall be subject to the exclusive agreed jurisdiction of the Tokyo District Court as the court of first instance.

However, this does not apply where the jurisdiction of another court takes precedence under mandatory laws and regulations.

Revision History

2026-04-14Partial revision

2026-03-13Partial revision

2026-02-20Partial revision

2025-12-11Initial publication

Contact Us

For inquiries or complaints regarding the handling of personal information, please use our contact form.

Go to Contact Form

Privacy Policy

Last Updated: April 30, 2026

1. Introduction

This Site provides services to users in Japan and internationally, and complies with the following laws and regulations:

Japan’s Act on the Protection of Personal Information (APPI)
EU General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
Other applicable data protection laws of each country

2. Operator Information

Service Provider: ForceEngine Co., Ltd.

3. Personal Information Collected

3.1 Information Collected When Registering for the Waitlist

When you register for the premium magazine waitlist, we collect the following information.

Email address (entered voluntarily by the user)
Registration date and time
Language setting at the time of registration

The collected information is used only to send notification emails when the magazine is released. You can unsubscribe from the waitlist at any time via the unsubscribe link in the email.

3.2 Information Collected When Making an Inquiry

We collect the following information submitted through the inquiry form.

Email address
Inquiry details
Date and time of submission

3.3 Information Collected Automatically

When you access this Site, the following information is collected automatically:

IP address
Browser type and version
Operating system
Referrer URL (the page from which you accessed this Site)
Date and time of access
Pages viewed
Cookie ID (described below)

3.4 Location Information

3.5 Information Collected When Purchasing or Paying for the Premium Magazine, etc.

When purchasing paid content through Stripe Checkout or similar services, the following information is processed by us or through a payment processor.

Email address (for purchaser verification and sending magic links)
Identification information for the purchased content (such as magazine identifiers)
Identifiers related to payment and orders (such as transaction IDs issued by the payment processor. We do not store the card number itself on our servers.)
Payment amount, currency, and payment date and time (as transaction records)

Sensitive payment information such as card numbers and security codes is handled by the payment processor in compliance with PCI DSS.

3.6 Information Handled During Login (Authentication) via Magic Links, etc.

Login for viewing paid content involves the authentication infrastructure used by our company. In this process, the following information may be generated and stored.

Email address (the destination for login links)
Session identifiers and authentication tokens (may be stored in browser cookies, etc.)
Technical logs related to login attempts (IP address, access date and time, etc. to prevent misuse)

4. Purposes of Using Personal Information

We use the collected personal information for the following purposes:

4.1 Providing the Service

Displaying and managing content
Processing purchases of paid content, managing purchase history, and granting viewing privileges
Enabling login via magic links, maintaining sessions
Sending purchase completion notifications, viewing links, and re-login links (when the user initiates the procedure)

4.2 Improving the Service

Access analytics
Improving site usability
Developing new features

4.3 Communication

Responding to inquiries
Sending important notices (security-related matters, service changes, etc.)
Sending magazine release notification emails to waitlist registrants (based on the registrant’s consent)
Sending purchase completion guidance for paid content and login emails via magic links, etc. (when the user initiates the procedure)

4.4 Preventing Misuse

Detecting spam and bots
Investigating security incidents

4.5 Compliance with Laws and Regulations

Fulfilling legal obligations
Responding to legal claims

5. Legal Basis for Processing Personal Information (GDPR Compliance)

The legal bases for processing the personal information of EU residents are as follows:

5.1 Legitimate Interests (GDPR Article 6(1)(f))

Analysis for service improvement
Preventing misuse
Maintaining security

5.2 Consent (GDPR Article 6(1)(a))

Use of analytics cookies
Registration for the waitlist

5.3 Compliance with Legal Obligations (GDPR Article 6(1)(c))

Retention of information required by law

5.4 Performance of a Contract (GDPR Article 6(1)(b))

6. Use of Cookies

This Site uses the following cookies:

6.1 Essential Cookies (No Consent Required)

6.2 Analytics Cookies (Consent Required)

| Purpose | Retention Period | | ----------------------------------------------------- | ---------------- | | Access analytics (statistics such as visitor count and page views) | Up to 2 years |

7. Provision of Personal Information to Third Parties

This Site does not provide users’ personal information to third parties except in the following cases.

7.1 Third Parties Necessary for Service Provision

These third parties manage personal information under strict security standards based on appropriate data processing agreements (Data Processing Agreement).

7.2 International Data Transfers

As noted above, some personal information is transferred to the United States and outside the EU. These transfers are protected by the following mechanisms:

Standard Contractual Clauses (SCC)
Adequacy decisions (where applicable)
Other safeguards in compliance with Chapter V of the GDPR

7.3 Disclosure Based on Laws and Regulations

In the following cases, personal information may be disclosed due to legal obligations:

Court orders
Formal requests from law enforcement agencies
To protect life or bodily safety in emergencies

8. User Rights

8.1 Rights of All Users

Right of access: the right to confirm your own personal information
Right to correction: the right to correct inaccurate information
Right to deletion: the right to delete personal information
Right to object: the right to object to the processing of personal information

8.2 Additional Rights for EU Residents (GDPR Subjects)

Right to data portability: the right to receive personal information in a machine-readable format and transfer it to another service
Right to restriction of processing: the right to restrict processing under certain circumstances
Right to object to automated decision-making, including profiling

8.3 Additional Rights for California Residents (CCPA Subjects)

Right to know: the right to know the categories and specific information of personal information collected
Right to deletion: the right to request deletion of personal information
Right to opt out of sale: the right to opt out of the sale of personal information (this Site does not sell personal information)
Right to non-discrimination: the right not to be discriminated against for exercising your rights

8.4 How to Exercise Your Rights

To exercise these rights, please submit a request through the inquiry form.

Response Period:

Standard requests: handled within 30 days
Complex requests: up to 60 days (you will be notified in advance if extended)

9. Data Retention Periods

Retention for legal compliance: Only when there is information that must be retained due to specific legal obligations, such as tax-related records, we retain it for the period specified by law.

10. Data Security

This Site implements the following technical and organizational measures to protect personal information from unauthorized access, loss, destruction, and alteration:

10.1 Technical Measures

SSL/TLS encryption: encrypting all communications over HTTPS
Regular security updates

10.2 Organizational Measures

Strict management of access permissions
Establishment of a security incident response plan

10.3 Response in the Event of a Data Breach

If a leak of personal information occurs:

Report it to the supervisory authority within 72 hours (GDPR requirement)
If the risk is high, notify affected users directly
Investigate the cause and implement measures to prevent recurrence

11. Children’s Personal Information

This Site is not intended for children under 13 (under 16 for EU residents). We do not intentionally collect personal information from children under 13 (under 16 for EU residents).

If we discover that a child under 13 has provided personal information to this Site, we will promptly delete that information.

If you are a parent or guardian and believe your child has provided personal information to this Site, please contact us immediately.

12. Changes to the Privacy Policy

This Site may update this Policy from time to time in response to changes in laws and regulations or improvements to the service.

12.1 How Changes Are Notified

Notice on the Site

12.2 Effectiveness of Changes

The revised policy takes effect when posted on the Site. Continued use of the service will be deemed acceptance of the revised policy.

13. For EU Residents (GDPR Compliance)

13.1 Data Controller

The operator of this Site is the data controller of your personal information.

13.2 EU Representative (GDPR Article 27)

13.3 Complaints to Supervisory Authorities

If you have a complaint regarding the GDPR, you may file it with the data protection supervisory authority in your country of residence.

Major EU data protection authorities:

Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
France: Commission Nationale de l'Informatique et des Libertés (CNIL)
List of supervisory authorities by country

14. For California Residents (CCPA Compliance) {#ccpa-rights}

14.1 About the Sale and Sharing of Personal Information

Important notice: This Site does not sell personal information.

This Site does not do the following:

Selling personal information to third parties in exchange for monetary consideration
“Sharing” as defined by the CCPA (disclosure of personal information for cross-context behavioral advertising purposes)

About sharing with third parties:

14.2 Global Privacy Control (GPC) Support

This Site automatically recognizes and honors the Global Privacy Control (GPC) signal.

What GPC is:

A signal sent through a browser or browser extension
An expression of the user’s intent: “Do not sell or share my personal information”
A response required under California law (CCPA)

This Site’s response:

When you visit this Site with a browser that has GPC enabled, analytics cookies are automatically disabled
No banner is shown, and privacy-first settings are applied immediately

How to set up GPC:

Supported browsers: Brave, Firefox (extensions), DuckDuckGo, etc.
For details: https://globalprivacycontrol.org/

14.3 Exercising California Rights

You may exercise your rights using the method described in Article 8 of this Policy.

Special rights for California residents:

Right to know: the categories and specific information of personal information collected in the past 12 months
Right to deletion: request deletion of personal information held by this Site
Right to opt out of sale (this Site does not sell)
Right to non-discrimination: service quality will not be reduced because you exercised your rights

How to exercise your rights:

Please submit a request through the inquiry form.

Response period: Within 45 days (up to 90 days if complex, with prior notice if extended)

15. Waitlist Registration and Unsubscribe

15.1 About Registration

The premium magazine waitlist is a service that users who wish to receive a notification when the magazine is released may register for voluntarily. Only an email address is required to register.

Registration for the waitlist processes personal information based on the following legal basis (GDPR Article 6(1)(a)):

Consent: the user is deemed to have consented by voluntarily entering their email address and pressing the registration button.

15.2 About Notification Emails

After registration, we may send the following emails:

Registration confirmation email
Magazine release notification email

We do not send spam emails at all. We will contact you only with magazine release notifications.

15.3 How to Unsubscribe

You can unsubscribe from the waitlist at any time:

Unsubscribe link in the email: click the "unsubscribe" link in the received email
Inquiry form: contact us through the inquiry form to request unsubscribing

After unsubscribing, the registration information will be deleted promptly.

16. Processing for Premium Magazine Purchasers (Payment / Authentication Links)

16.1 Purchase and Payment

16.2 Authentication Links

16.3 Third-Party Services

For details of payment, authentication/database, email delivery, and other processing, please refer to Article 7 of this Policy and the privacy policies of each provider.

17. Governing Law and Jurisdiction

17.1 Governing Law

The interpretation and application of this Policy shall be governed by the laws of Japan.

However, the following laws and regulations may apply preferentially:

For EU residents: the EU General Data Protection Regulation (GDPR)
For California residents: the California Consumer Privacy Act (CCPA)
Other mandatory laws and regulations of the user’s place of residence

17.2 Court of Jurisdiction

Any disputes regarding this Policy shall be subject to the exclusive agreed jurisdiction of the Tokyo District Court as the court of first instance.

However, this does not apply where the jurisdiction of another court takes precedence under mandatory laws and regulations.

Revision History

2026-04-14Partial revision

2026-03-13Partial revision

2026-02-20Partial revision

2025-12-11Initial publication

Contact Us

For inquiries or complaints regarding the handling of personal information, please use our contact form.

Go to Contact Form