Chapter 1  Handling of Personal Information at GRADUS inc.


1. Introduction

GRADUS inc. (hereinafter referred to as the "Company") shall comply, regarding the importance of data privacy protection, and in order to maximize public confidence in its business, with the Act on the Protection of Personal Information (Personal Information Protection Law) and other related laws and regulations, handle personal information appropriately and take action for security management.
We will also ensure that personal information is not mishandled, and will properly educate and supervise employees on the appropriate handling of personal information.

The Company will promptly respond to inquiries and complains regarding personal information, and will also continue to review and improve the handling of personal information and our methods for secure management.


2. Scope of Application

This privacy policy (hereinafter referred to as the "Privacy Policy") will apply to users who use Otsukai services (hereinafter referred to as the "Services").


3. Purpose of Use

The Company shall only collect personal information to the extent necessary for providing, maintaining and upgrading the Services and for operating Services. The Company uses personal information for the following purposes. It will not be used for any other purpose.

  • Provision, maintenance and upgrade of the Services and operation of other Services, and provision of services incidental or related thereto.


4. Personal Information Acquired from Users

The Company may acquire the following personal information from users who use the Services.

  1. Name, address and telephone number;

  2. Email address, user ID and delivery information;

  3. Other information which users enter into the form designated by the Company; or

  4. Cookies.


5. Provision of Personal Information to Third Parties

The Company will never provide any personal information to third parties without consent from users, except in the following cases

  1. When the Company has received a formal request for inquiry under laws and regulations from official authorities such as a court or the police;

  2. When it is found that there is an imminent danger to the life, body, or property, etc. of an person and there is an urgent need to provide personal information of such person;

  3. When it is found necessary to provide or share the information for the provision of service(s) which user desires to receive; 

  4. When companies entrusted by the Company require the information in order to provide service(s) to users (These companies are not allowed to use the personal information provided by the Company beyond the extent necessary for such purposes.);

  5. When it is found to be necessary to protect the rights, assets, or services, etc. of the Company and a third party against user’s violations of the Terms of Use; or

  6. When user has agreed to provide own personal information to a third party.


6. Measures for Security Control of Personal Information

The Company will take appropriate actions to keep personal information accurate and up-to-date.
The Company endeavours to take reasonable measures to protect personal information from unauthorized access, loss, destruction, alteration, or leakage, etc.
It should be noted, that also entrusted subcontractors that handle personal information perform the same strict management. In the event personal information is compromised in any way, the Company will respond quickly and appropriately.


7. Retention Period

The Company shall establish a retention period for the users’ personal information to the extent necessary in accordance with the purpose of use, and promptly delete and dispose the users’ personal information after the expiration of the retention period or after the purpose of use has been achieved.


8. Rights of Users

Users may request the Company to disclose, correct, discontinue using, or delete their own personal information. For further details, users may contact us through the following contact details regarding personal information management. Users residing in some countries including the European Economic Area have the right to submit an inquiry or file a complaint to our lead supervisory authority under the applicable laws and regulations.


9. Contact

For any inquiries regarding the handling of personal information, please contact the following.

GRADUS inc.

Picasso Sakaisuji-Hommachi Bld.2F, 1-8-8, Bakurou-machi, Chuo-ku Osaka-shi, 541-0059

otsukai-support@manga.tokyo


Chapter 2  Handling of Personal Information of EEA Residents


With respect to the handling of personal information of users residing in the European Economic Area consisting of the European Union (EU), Norway, Iceland and Liechtenstein (hereinafter referred to as “EEA”) (hereinafter referred to in this Chapter as the “Users”), the REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive “95/46/EC (hereinafter referred to as “GDPR”) shall apply after May 25, 2018. Besides Chapter 1, Chapter 2 also shall be applied to the handling of personal information of users residing in the EEA. In the event any provisions of this Chapter contradict those of Chapter 1, the provisions of this Chapter shall prevail.


1. Introduction

A guardian’s consent or permission must be obtained in the event the Users under the age of sixteen (16) use the Services and consent to this Privacy Policy. The Users’ consent to the handling of personal information by the Company must be obtained in the event a person such as family member applies for the Services on behalf of the Users.


2. Purpose of Processing Personal Information

The Company shall collect and process personal information of the Users necessary to provide, maintain and upgrade the Services and to operate other Services only for the following purposes.

  • Preparation and renewal of user account;

  • Sending merchandise through the Services;

  • Provision of information through the Services; 

  • Internal operations required to provide the Services (including the maintenance and management of the system, and troubleshooting for operational problems); or

  • Operation of other Services and provision of services incidental or related thereto.


3. Grounds for Processing Personal Information

The Company shall process personal information of the Users in accordance with the following grounds.


  1. Provision of the Services to Users

The Company must collect and use the following information to provide the Services to the Users.

  • Profile information necessary to prepare a user account (including the name, address and telephone number of the Users); and 

  • Information necessary to enable the Users to purchase and sell, send, receive, etc. merchandise through the Services (including user ID and delivery information).


  1. Consent from Users

The Company may collect or use personal information of the Users, such as IP addresses and Cookies, with the consent of such Users.


4. User’s Rights

The Users of the Services may request the Company to do the following:


  1. Revocation of consent

As long as the processing of personal information is based on the User’s consent, such Users have the right to revoke their consent in relation to their personal information at any time.


  1. Access to personal information

The Users have the right to seek explanation relating to their personal information. The Users also have the right to receive a copy of their personal information held by the Company.


  1. Correction and deletion of personal information

The Users have the right to seek correction and deletion of their personal information held by the Company.


  1. Restriction on processing

The Users have the right to request the Company to restrict the processing of their personal information.


  1. Right of data portability

The Users have the right to receive their personal information in a structured, commonly-used, and machine-readable format. The Users also has the right to transfer their own personal information in a structured, commonly-used, and machine-readable format to any third party designated by the User.


  1. Complaint

The Users have the right to file a complaint to a supervisory authority at any time. The Users may be able to check for supervisory authorities with respect to data protection in respective countries. http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm


5. Collection of Personal Information while Browsing through the Company’s Website

  1. Information collected by the Company

For the purpose of providing, maintaining, and upgrading the Services or for the purpose of operating other Services, the Company shall collect IP addresses, Cookies, individual identification information of terminals of the Users who came to the Company’s website for the use of the Services. This function of collecting data may be blocked by disabling Cookies; therefore, please check your browser settings. Please note that if Cookies are disabled, it may have some effect on the performance of the Company’s website, and the Company may not be able to provide services or functions expected by the Users.


  1. Third party Cookies

The Company uses the “Google Analytics” access analysis tool by Google. This Google Analytics uses Cookies for the collection of traffic data. Such traffic data has been collected anonymously, and individuals will not be identified personally. This function of collecting data may also be blocked by disabling Cookies; therefore, please check your browser settings. 

Please refer to the following URL for the details of Cookies used by the Google Analytics on the website. https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Please refer to the following URL for the method on how to block the Google Analytics tracking.

https://developers.google.com/analytics/devguides/collection/analyticsjs/user-opt-out


6. Retention Period

The Company shall establish a retention period for the Users’ personal information to the extent necessary in accordance with the purpose of use, and promptly delete and dispose the Users’ personal information after the elapse of the retention period or after the purpose of use has been achieved.


7. Scope of Recipients

The Users’ personal information held by the Company may be disclosed, as below, to third parties other than the Company:

  1. Personal information to be disclosed

The name, address, and telephone number of the Users of the Services who desire to purchase 


  1. Persons to whom personal information will be disclosed

Users who accept purchase requests


  1. Period of disclosure

The period from the time of acceptance of a purchase request until merchandise arrives to the Users who desire to purchase.


As mentioned above, Users who are disclosed other User’s personal information (i.e., item (2) above) may not disclose such personal information of other Users (i.e., item (1) above) to any third parties without consent of such other Users.


8. Transfer to Outside of the EEA

The Company may provide the Users’ personal information to cloud vendors located outside the EEA (in the U.S.) within the purposes set forth in Chapter 1, Article 3 and Chapter 2, Article 2 hereof. In such case, the Company shall take appropriate protective measures such as executing data processing contracts with such cloud vendors and provide an appropriate level of protection of the Users’ personal information.


9. Updating the Privacy Policy

The Company may update the Privacy Policy as necessary. In the event users use the Services after the Privacy Policy has been updated, it shall be deemed that users have consented to the updated Privacy Policy; therefore, please read and confirm the content thereof carefully.