Privacy policy
🔹Section 1: Scope of Application
This Policy applies to all users of our cross-border e-commerce rental service platform (hereinafter "Users") who reside in or access our services from Japan, Hong Kong, Taiwan, Singapore, Thailand, or the Philippines.
🔹Section 2: Personal Data We Collect
We may collect the following types of personal data:
- Name, nationality, passport number, date of birth
- Contact information (email, phone number, address)
- Credit card/payment information (processed through third-party platforms)
- Device identifier, IP address, cookies, usage logs
- Identity verification data (e.g., face photo, passport image)
🔹Section 3: Purpose of Use
We use the collected personal data for the following purposes:
- To identify and verify the identity of users
- To fulfill rental agreements and manage reservations
- For payment processing and fraud prevention
- To improve our services and customer experience
- To comply with legal obligations in relevant jurisdictions
🔹Section 4: Legal Basis for Processing
We process personal data on one or more of the following legal bases:
- The data subject has given explicit consent
- The processing is necessary for the performance of a contract
- The processing is required to comply with legal obligations
- The processing is necessary to protect the vital interests of the user or others
- The processing is necessary for the legitimate interests pursued by the operator, unless overridden by the user’s fundamental rights
🔹Section 5: Cross-border Transfers
We may transfer your personal data to third-party service providers or servers located in countries outside your country of residence. In such cases, we take appropriate safeguards such as contractual clauses, encryption, and access control to ensure your data is protected.
🔹Section 6: Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Upon expiration, we securely delete or anonymize the data.
🔹Section 7: Your Rights
Depending on applicable laws, you may have the following rights regarding your personal data:
- The right to access your data
- The right to correct inaccurate or incomplete data
- The right to request deletion of your data
- The right to object to or restrict certain processing
- The right to withdraw consent at any time
- The right to data portability (where applicable)
🔹Section 8: Security Measures
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These include access control, encryption, audits, employee training, and incident response.
🔹Section 9: Cookies and Tracking
We use cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and personalize content. You may manage your cookie preferences through your browser settings. Some features of our website may not function properly without cookies.
🔹Section 10: Third-party Sharing
We do not sell or rent your personal data. We may share personal data with trusted third-party service providers solely to perform business functions on our behalf (e.g., payment processing, logistics). These parties are contractually bound to protect your data.
🔹Section 11: Minors’ Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors without the consent of their legal guardian. If we learn that we have collected such data without proper authorization, we will promptly delete it.
🔹Section 12: Country-specific Disclosures – Hong Kong (PDPO)
For users in Hong Kong, we comply with the Personal Data (Privacy) Ordinance. Although Section 33 (on cross-border transfers) is not yet in force, we take protective measures including contractual safeguards to ensure proper data handling.
🔹Section 12: Country-specific Disclosures – Taiwan (PDPA)
For users in Taiwan, we comply with the Personal Data Protection Act. We only transfer data abroad upon your prior consent and for clearly stated purposes. You may exercise your rights by contacting us.
🔹Section 12: Country-specific Disclosures – Singapore (PDPA)
For users in Singapore, we ensure that all processing and overseas transfers of personal data are based on consent and with adequate protection as per the Personal Data Protection Act.
🔹Section 12: Country-specific Disclosures – Thailand (PDPA)
For users in Thailand, we comply with the Personal Data Protection Act. You have the right to access, correct, and request deletion of your data. We ensure data transferred abroad is adequately protected.
🔹Section 12: Country-specific Disclosures – Philippines (DPA)
For users in the Philippines, we comply with the Data Privacy Act. A designated Chief Information Security Officer handles inquiries, and we notify the National Privacy Commission in the event of a breach.
🔹Section 13: Contact
If you have any questions, concerns, or requests regarding your personal data, you may contact our Chief Information Security Officer (CISO) at:
Email: cateye@cateyebinoculars.jp
Address: [2-18-17 Matsumura-kata 1st floor, Tachibana, Sumida-ku, Tokyo, Japan]
CISO: [Jun Hosokawa]
🔹Section 14: FAQ
Q1. Why do you collect passport information?
It is necessary for identity verification and prevention of theft or resale. The information is securely stored and not used for any other purpose.
Q2. Can I have my personal data deleted?
Yes, unless we are legally required to retain it, we will honor your deletion request.
Q3. To which countries is my data transferred?
Primarily to Japan, and to the U.S. and Singapore where our payment and cloud service providers are located.
Q4. Do you store credit card information?
No, we do not store it. Credit card data is securely processed by Shopify and other payment providers.
