Privacy policy

AICELLO CORPORATION (the "Company") recognizes the importance of protecting Personal Information and considers its proper management to be a vital social responsibility. In order to fulfill this responsibility, the Company complies with the Act on the Protection of Personal Information and other applicable laws and regulations and establishes the following privacy policy (this "Policy") to promote the protection of Personal Information:

In this Policy, "Personal Information" means the "personal information (kojin jouhou)" as defined in the Act on the Protection of Personal Information (Act No. 57 of 2003 of Japan, "APPI"), referring to information about a living individual that can identify a specific individual by name, date of birth, or other descriptions contained in such information (including information that can be easily compared with other information to identify a specific individual), or that contains individual identification codes (codes derived from physical characteristics, purchase history, or other types of information that can identify a specific individual).

The purposes for which the Company collects and uses Personal Information of customers are as follows:

• To provide customers with products and services (the "Products") and related information of the Company and its subsidiaries and affiliates (collectively, the "Subsidiaries").
• To improve, enhance the quality of, and newly develop the Products of the Company and the Subsidiaries.
• To respond to inquiries and requests for materials from customers.
• To manage contractual relationships related to the Products provided to customers by the Company and the Subsidiaries.
• To conduct market research, data analysis, and surveys through questionnaires
• To engage in technological exploration, development, industrialization, and related research and development for the creation of new businesses.
• To carry out procedures related to recruitment and selection activities.
• To provide information on events, seminars, and exhibitions held by the Company and the Subsidiaries and to follow up with customers after participation.
• To enable the Company and the Subsidiaries to exercise their rights and fulfill their obligations under applicable laws and regulations.
• For advertising, publicity, and sales promotion activities of the Company and the Subsidiaries (including the analysis of Personal Information obtained by the Company, such as browsing history, or the quantification of interests and preferences, and the use of such results for personalized advertising, publicity, and promotional activities related to the Company’s Products).

The Company will strictly manage the Personal Information it obtains and, except as permitted by law, will not disclose or provide it to third parties without the customer’s consent.

The Company may outsource all or part of the handling of Personal Information within the scope necessary to achieve the purposes of use described in this Policy. In such cases, the Company will sufficiently examine the eligibility of the contractor, stipulate matters concerning confidentiality obligations in the contract, and exercise necessary and appropriate supervision over the contractor.

The Company may jointly use Personal Information obtained by the Company within the Company group to the extent necessary to achieve the purposes of use described in this Policy.

≪Scope of jointly used Personal Information≫
　All Personal Information of customers, unless the customer has made a specific request otherwise

≪Purposes of use by joint users≫
　The purposes of use described in this Policy

≪Entity responsible for managing jointly used Personal Information≫
　AICELLO CORPORATION (For details regarding the Company, please refer to the "Corporate Outline")

Customers may request disclosure of the Personal Information retained by the Company in accordance with the procedures set forth in the section “Procedures for Requesting Disclosure of Personal Information.” Upon receiving such a request, the Company will promptly disclose the requested information to the customer. However, the Company may choose not to disclose all or part of the information if any of the following applies, and in such cases, the Company will notify the customer of the decision without delay.

• If there is a risk of harm to the life, body, property, or other rights or interests of the customer or a third party
• If there is a significant risk of interference with the proper conduct of the Company’s business
• If such disclosure violates applicable laws or regulations

If any Personal Information held by the Company is inaccurate, the customer may request correction, addition, or deletion (collectively, “Correction”) of such Personal Information by following the procedures described in “Procedures for Requesting Disclosure of Personal Information” below. Upon receiving such a request, the Company will promptly conduct the necessary investigation, and if the Company determines that the request is justified, the Company will promptly carry out the Correction. The Company will also promptly notify the customer of whether or not the Correction will be made.

If a customer wishes to request the suspension of use, deletion, or suspension of provision to third parties (collectively, “Suspension”) of Personal Information held by the Company, the customer may do so by following the procedures described in “Procedures for Requesting Disclosure of Personal Information” below. Upon receiving such a request, the Company will promptly conduct the necessary investigation, and if the Company determines that the request is justified, the Company will carry out the Suspension. However, if the Suspension would require a large expense or is otherwise difficult to implement, and if alternative measures can be taken to protect the rights and interests of the customer, the Company will take such alternative measures instead. The Company will also promptly notify the customer of whether or not the Suspension will be implemented.

If a customer wishes to make a request under “Disclosure of Personal Information,” “Correction of Personal Information,” or “Suspension of Personal Information,” the customer needs to send a written request describing the details of the request along with identification documents to the contact address provided in “Contact Information” below.

The Company will establish an appropriate management system and implement necessary security measures to protect Personal Information from unauthorized access, loss, alteration, or leakage, and to ensure its accuracy and security. In the event of any incident including a leakage of a customer’s Personal Information, the Company will promptly report the incident to the relevant supervisory authority in accordance with the APPI and related guidelines, and take necessary measures, such as implementing preventative and corrective actions, based on the instructions of the authority.

The Company uses cookies on its website (the “Website”) to enhance usability and quality, to analyze visitor numbers and browsing behavior, and for advertising, marketing, and service improvement activities conducted by the Company and its group companies. The information collected through cookies does not, by itself, identify or distinguish individual customers. Customers may choose to enable or disable the use of cookies via browser settings or other available options; however, please note that disabling cookies may result in the Website not functioning properly.

Due to the nature of the Internet and email communications, there is a risk that Personal Information may be intercepted and leaked to third parties during the process of transmission. Please be fully aware of this risk before sending or receiving Personal Information through such means.

The Website may contain links to external websites. Please confirm, at your own responsibility, how Personal Information is handled on those websites. The Company bears no responsibility whatsoever for the handling of Personal Information on websites operated by entities or individuals other than the Company.

The address of the Company, the name of its representative, and the name of its Personal Information Protection Manager are as follows:

For inquiries regarding the handling of Personal Information, please contact:

The Company may amend or revise this Policy from time to time. Any such changes will be announced by posting on the top page of the Website.

This Policy was revised on [August 21], 2025.

Special Provisions for Residents of the European Economic Area (EEA)

When our company handles the personal data of individuals residing in the European Economic Area (EEA), the General Data Protection Regulation (GDPR) applies. These special provisions are additional terms that apply to the processing of personal data of such EEA residents and are implemented in accordance with the GDPR, where our company acts as a data controller. The contents of our Privacy Policy applicable to customers residing in the EEA are supplemented or modified by these special provisions.

We process your personal data for the following purposes, relying on the legal bases stipulated under the GDPR:

• Performance of Contract (Article 6(1)(b) GDPR): To provide services or products requested by you and to fulfill contractual obligations. For example, account creation, product delivery, provision of services, and responding to inquiries—where necessary in connection with our contractual relationship with you.
• Compliance with Legal Obligations (Article 6(1)(c) GDPR): To comply with legal obligations applicable to us. This includes, for example, record-keeping obligations under accounting and tax laws or responding to legal demands.
• Legitimate Interests (Article 6(1)(f) GDPR): To process personal data to the extent necessary for pursuing the legitimate interests of our company or third parties. This may include improving our services and quality, product development, ensuring security, preventing fraud, and managing customer relationships (such as collecting feedback and conducting surveys). In such cases, we will give due consideration so as not to unduly infringe upon your fundamental rights and freedoms. You have the right to object to processing based on legitimate interests depending on your specific circumstances (see “Data Subject Rights” below).
• Consent (Article 6(1)(a) GDPR): Where personal data is used for purposes that do not fall under the above legal bases, we will obtain your explicit consent in advance. For instance, the distribution of email newsletters or the use of data for marketing purposes will be conducted based on your consent. You may withdraw your consent at any time; however, such withdrawal does not affect the lawfulness of processing conducted prior to the withdrawal.

As a data subject within the EEA, you have the following rights under the GDPR. If you submit a request to exercise any of these rights, we will respond without undue delay unless legal exceptions apply:

• Right of Access (Right to Notification and Disclosure): The right to confirm how your personal data is used and to obtain a copy of your personal data held by us.
• Right to Rectification: If your personal data held by us is inaccurate or outdated, you have the right to have it corrected or supplemented with additional information.
Please also refer to “Disclosure of Personal Information” and “Procedures for Requesting Disclosure of Personal Information” above.
• Right to Erasure (“Right to be Forgotten”): Under certain conditions, you may request the erasure of your personal data held by us. For example, if the data is no longer necessary for the original purpose for which it was collected. Please also refer to “Suspension of Personal Information” and “Procedures for Requesting Disclosure of Personal Information” above.
• Right to Restriction of Processing: Under certain conditions, you may request the temporary suspension of processing of your personal data. For instance, during the verification period if the accuracy of the data is contested. Please also refer to “Suspension of Personal Information” and “Procedures for Requesting Disclosure of Personal Information” above.
• Right to Object: You have the right to object to the processing of your personal data based on reasons related to your particular situation. In particular, you may object to processing based on our legitimate interests. You also have the right to object at any time to the use of your personal data for direct marketing purposes (such as sending advertisements via direct mail or email). If your objection is recognized, we will stop processing the relevant data.
• Right to Data Portability: You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format. You also have the right to request the transfer of such data to another data controller, where technically feasible. This may include providing the data directly to another business operator as instructed by you.

In addition to the above rights, you also have the right to lodge a complaint with a supervisory authority (data protection authority) in your country of residence within the EEA regarding the processing of your personal data.

If we transfer your personal data collected within the EEA to outside the EEA (including Japan), we will implement appropriate safeguards as required under the GDPR. Where the recipient country has been deemed by the European Commission to provide an adequate level of data protection, we will rely on that adequacy decision (for example, Japan is recognized as a country with an adequacy decision). If the recipient country is not subject to an adequacy decision, we will adopt appropriate safeguards based on Article 46 of the GDPR, such as concluding Standard Contractual Clauses (SCCs), to ensure a level of protection equivalent to that in the EEA. You may also request details or a copy of such safeguards from us where appropriate.

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Unless otherwise specified at the time of collection, the specific retention period will be determined based on the purpose of processing and relevant industry standards. In addition, if legal retention obligations under applicable laws such as commercial or tax laws exist, we will retain the data for the statutory period. Personal data that is no longer needed for the purpose will be securely deleted or anonymized so that individuals cannot be identified.

If you have any questions regarding these special provisions or your rights under the GDPR, or if you wish to exercise your rights, please contact us at the following:

By contacting the above, we will respond in good faith within a reasonable timeframe. Please note that when exercising your rights, we may ask you to verify your identity.