PRIVACY POLICY

Privacy Policy

The following statements set out the privacy policy (hereafter “this policy”) for ITO Technologies, Inc. (hereafter “ITO Technologies”) regarding the handling of personal information acquired from users via this application. The terms used in this policy follow the definitions specified in the Act on the Protection of Personal Information (hereafter the “Personal Information Protection Act”). For users residing in the United Kingdom or the European Economic Area (EEA), please also refer to the latter section, "Privacy Policy for Users Residing in the EEA or the U.K."

1. Compliance with the Personal Information Protection Act

With regard to the handling of users' personal information, ITO Technologies complies with the Personal Information Protection Act, guidelines on laws related to the protection of personal information, and other laws, regulations and guidelines pertaining to the protection of personal information.

2. Security measures for personal data

In handling personal data, ITO Technologies enacts security measures that meet the standard required by the Personal Information Protection Act. ITO Technologies will respond to any inquires received via the contact email address below regarding specific security control measures for retained personal data, to the extent necessary under the Personal Information Protection Act.
Contact email address: support@ito-technologies.com

3. Acquisition of personal information to implement the basic functions of this application and the purpose of its use

  1. Personal information to be acquired
    This application saves information, such as age, gender, weight, and stride length, that a user has entered via the application's settings screen, onto the device in which this application is installed (hereafter “user's device”). Furthermore, this application uses a sensor in the user's device to measure the user’s number of steps per hour and saves that data to the user's device. However, ITO Technologies does not acquire this information that is stored in the user's device.
  2. Purpose of use
    This application predicts the calories burned based on the number of the user's steps and information such as age, gender and weight that the user has saved to the user's device. In addition, this application predicts distance traveled based on the number of steps the user has taken and the stride-length information that the user has saved to the user's device. This application includes a function that provides such information to the user to enable the user to gauge the results of their walking.
  3. Storage period
    The information described in (1) that is saved to the user's device will be stored until this application is uninstalled from the user's device.

4. Acquisition of personal information and the use of it by ITO Technologies to ascertain the application's operational status.

  1. Personal information to be acquired
    This application saves the following information to the user's device and sends it to a server managed by ITO Technologies: the settings and actions that the user made in this application and information about operation of this application.
  2. Purpose of use
    Among the information described in (1), ITO Technologies uses that which is sent to a server that it manages to ascertain users' needs in relation to the application's functions, and to identify potential problems, and their causes, that could occur in this application.
  3. Storage period
    The information described in (1) that is saved to the user's device will be stored until this application is uninstalled from the user's device. In addition, information described in (1) that is sent to a server managed by ITO Technologies will be stored for up to 14 months after it is sent.

5. Handling of personal information for advertising and the purpose of its use(1) – Google AdMob

  1. Personal information to be acquired and the purpose of its use
    This application uses Google AdMob to deliver advertisements to users in this application. Google AdMob provides Google LLC with information about events in which there is a trigger from the user that is related to user properties or the advertisements displayed. Based on this information, in applications that implement Google AdMob, Google LLC then selects and displays advertisements that are highly relevant to the user. For more information about user properties and event information that may be acquired by Google LLC, please refer to the link below:
    https://support.google.com/admob/answer/9755157
  2. Storage period
    Google LLC determines the storage period for the information described in (1). For Google LLC’s privacy policy, please refer to the link below:
    https://policies.google.com/privacy

6. Handling of personal information for advertising and the purpose of its use(2) – LINE advertising network

  1. Personal information to be acquired and the purpose of its use
    This application uses the LINE advertising network to deliver advertisements to users in this application. By using the LINE advertising network, this app provides LINE Corporation with information that can identify a user's device, and selects and displays personalized advertisements. For more information about user information that may be acquired by LINE Corporation via the LINE advertising network, please refer to the link below:
    https://line.me/en/terms/policy/
  2. Storage period
    LINE Corporation determines the storage period for the information described in (1). For LINE Corporation’s privacy policy, please refer to the link below:
    https://line.me/en/terms/policy/

7. Handling of personal information for advertising and the purpose of its use(3) – Meta Audience Network

  1. Personal information to be acquired and the purpose of its use
    This application uses Meta Audience Network to deliver advertisements to users in this application. By using the Meta Audience Network, this app provides Meta Platforms, Inc., with information that can identify a user's device, and selects and displays personalized advertisements. For more information about user information that may be acquired by Meta Platforms, Inc., via Meta Audience Network, please refer to the link below:
    https://www.facebook.com/privacy/policy?section_id=1-WhatInformationDoWe
  2. Storage period
    Meta Platforms, Inc., determines the storage period for the information described in (1). For Meta Platforms, Inc.'s privacy policy, please refer to the link below:
    https://www.facebook.com/privacy/policy/

8. Handling of personal information for advertising and the purpose of its use(4) – Pangle

  1. Personal information to be acquired and the purpose of its use
    This application uses Pangle to deliver advertisements to users in this application. By using Pangle, this app provides Bytedance Ltd. with information that can identify a user's device, and selects and displays personalized advertisements. For more information about user information that may be acquired by Bytedance Ltd. via Pangle, please refer to the link below:
    https://www.pangleglobal.com/privacy/enduser-en
  2. Storage period
    Bytedance Ltd. determines the storage period for the information described in (1). For Bytedance Ltd.'s privacy policy, please refer to the link below:
    https://www.pangleglobal.com/privacy/enduser-en

9. Handling of personal information in connection with the use of Firebase

  1. Personal information to be acquired by Google LLC and the purpose of its use
    (a) This application uses Firebase, which is provided by Google LLC. Firebase acquires the Android ID of the user's device, Firebase's own assigned ID, as well as the IP address, user agent, information related to operational defects in this application, and predefined user dimensions. For more information about predefined user dimensions, please refer to the link below:
    https://support.google.com/firebase/answer/9268042
    (b) For the purpose of use of personal data in Firebase and Google LLC's privacy policy, please refer to the links below:
    https://firebase.google.com/support/privacy
    https://policies.google.com/privacy
  2. Information acquired by ITO Technologies in connection with the use of Firebase, and the purpose of use of that information
    In connection with the use of Firebase in this application, ITO Technologies acquires from Google LLC statistical data that analyze the attributes and trends of users who use this application, and analytical data regarding malfunctions in the operation of this application. These data do not fall under the scope of personal information. ITO Technologies uses these data to ascertain users' needs in relation to this application and to identify potential problems, and their causes, that could occur in this application.
  3. Storage period
    The information described in (1) is stored by Google LLC for up to 14 months, to the extent necessary for Firebase functionality.

10. Handling of personal information for the implementation of backup functions and the purpose of its use

  1. Personal information to be acquired by Google LLC and the purpose of its use
    Information of users in the EEA region that is stored in the user's device, such as age, gender, weight, stride length and number of steps, by configuring approval of back-ups in this application, is saved to a Google Cloud server. For the privacy policy of Google LLC, which provides Google Cloud, please refer to the link below:
    https://policies.google.com/privacy
  2. Purpose of use
    If information stored in the user's device is lost for any reason, the information described in (1) that is stored in the Google Cloud server will be used by the backup function to restore that information.
  3. Storage period
    The storage period of the information described in (1) can be determined by the user, at the user's discretion, via the Google Cloud settings.

11. Request for disclosure and other matters related to acquired personal data

  1. Request for disclosure and other such matters
    When a user makes a request, in accordance with the Personal Information Protection Law, for notification of the purpose of use, disclosure, correction, addition, deletion, suspension of use, deletion, or suspension of provision to third party of retained personal data from the user's personal information, ITO Technologies will respond appropriately, without delay, in accordance with the Personal Information Protection Law.
  2. Point of contact
    The point of contact for requests for (1) is shown below. Requests will only be accepted when the person herself/himself, or an agent, sends an email message to the point of contact.
    Point of contact
    Company name: ITO Technologies, Inc.
    Current address: Mizunobu Building 7F, 1-11-1 Kitasaiwai, Nishi-ku, Yokohama City, Kanagawa Prefecture
    Representative: Masahiko Ito
    Contact email address: support@ito-technologies.com
  3. Request from an agent
    ITO Technologies may request the presentation of documentation that verifies the agent's identity (if a request is made by an agent, the agent is required to verify her/his identity and confirm that she/he is authorized to act on behalf of the individual) when receiving a request for (1) from an agent. In such a case, if the agent does not respond to the request to present documents, or if ITO Technologies is unable to confirm the identity of the agent from the materials presented to it, it may not perform the actions described in (1).

12. Revision of this policy

If ITO Technologies modifies this policy, it will announce the revision, the date of revision and the revised content in this application.

13. Applicable law

This policy shall be construed in accordance with the laws of Japan.

14. Court jurisdiction

The Yokohama District Court in Japan has exclusive jurisdiction over any legal dispute related to this policy, including requests described in Section 8.

15. Official language

This policy uses Japanese as the official text. To the extent there is a conflict between the Japanese version and the applicable version translated into another language, the Japanese version will prevail.

16. Displays about ITO Technologies

Company name: ITO Technologies, Inc.
Current address: Mizunobu Building 7F, 1-11-1 Kitasaiwai, Nishi-ku, Yokohama City, Kanagawa Prefecture
Representative: Masahiko Ito

Privacy Policy for Users Residing in the EEA or the U.K.

The following statements set out the privacy policy (hereafter “this policy”) for ITO Technologies, Inc. (hereafter “ITO Technologies”) regarding the handling of personal data acquired via this application from a user who is residing in the EEA or the United Kingdom (hereafter an "EEA user"). This policy takes precedence in regard to the handling of personal data of users within the EEA.

1. GDPR Compliance

ITO Technologies complies with the provisions of the GDPR (General Data Protection Regulation and United Kingdom General Data Protection Regulation) regarding the handling of personal data of EEA users.

2. Handling of personal data to implement basic functions of this application

  1. Personal data to be acquired
    This application saves information, such as age, gender, weight and stride length, that an EEA user has entered via this application's settings screen, onto the device in which this application is installed (hereafter “user's device”). Furthermore, this application uses a sensor in the user's device to measure an EEA user’s number of steps per hour and saves that data to the user's device. However, ITO Technologies does not acquire this information that is stored in the user's device.
  2. Purpose of use
    This application predicts the calories burned based on the EEA users’ number of steps and from information such as age, gender, and weight that the EEA user has saved to the user's device. In addition, this application also predicts distance traveled based on the number of steps taken by the EEA user and stride-length information that the EEU user has saved to the user's device. This application includes a function that provides such information to an EEA user to allow the EEU user to gauge the results of their walking.
  3. Basis for GDPR compliance
    Handling of the information described in (1) is essential to implement the basic functions of this application. Therefore, the handling of this information complies with GDPR on the basis of Article 6, Paragraph 1(b) of the GDPR.
  4. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    EEA users are not obliged to provide the information described in (1) in using this application. However, if they don’t provide such information, they will not be able to use the basic functions of this application.
  5. Storage period
    The information described in (1) that is saved to the user's device will be stored until this application is uninstalled from the user's device.

3. Handling of personal data so that ITO Technologies can ascertain the operational status of the application.

  1. Personal data to be acquired
    This application saves the following information to the user's device and sends it to a server managed by ITO Technologies: the settings and actions that the EEA user makes in this application and information about operation of this application.
  2. Purpose of use
    Among the information described in (1), ITO Technologies uses that which is sent to a server that it manages to ascertain users' needs in relation to the application's functions, and to identify potential problems, and their causes, that could occur in this application.
  3. Basis for GDPR compliance
    By acquiring the information described in (1), ITO Technologies can improve the functions of this application based on needs related to this application and problems that may occur in it. Because the potential disadvantage to EEA users from this is slight, the acquisition of this information is in compliance with the GDPR on the basis of Article 6, Paragraph (1)(f) of the GDPR.
  4. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    EEA users are not obliged to provide the information described in (1) in using this application. Even if they don’t provide such information, it does not affect their use of basic functions of this application.
  5. Storage period
    The information described in (1) that is saved to the user's device will be stored until this application is uninstalled. In addition, information described in (1) that is sent to a server managed by ITO Technologies will be stored for up to 14 months after it is sent.

4. Handling of personal data for advertising(1) – Google AdMob

  1. Personal data to be acquired and the purpose of its use
    (a) This application uses Google AdMob to deliver advertisements to EEA users in this application. Google AdMob provides Google LLC with information about events in which there is a trigger from an EEA user that is related to user properties or the advertisements displayed. Based on this information, in applications that implement Google AdMob, Google LLC then selects and displays advertisements (hereafter "personalized ads") that are highly relevant to the EEA user. For more information about EEA user properties and event information that may be acquired by Google LLC, please refer to the link below:
    https://support.google.com/admob/answer/9755157
    (b) In connection with the use of Google AdMob in this application, Google LLC is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. For Google LLC's privacy policy, please refer to the link below:
    https://policies.google.com/privacy
  2. Basis for GDPR compliance
    This application confirms whether or not an EEA user consents to the information described in (1)(a) being used to deliver personalized ads when using this application. EEA users can also easily withdraw their consent by using the opt-out setting for personalized ads, as described in the Google Ads Privacy Policy. Therefore, the handling of information complies with GDPR on the basis of Article 6, Paragraph 1(a) of the GDPR.
    (Link to Google Ad Privacy Policy)
    https://policies.google.com/technologies/ads
  3. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    In using this application, EEA users are not obliged to provide Google LLC with the information described in (1)(a). Even if they don’t provide such information to Google LLC, it does not affect their use of the basic functions of this application. The same applies if consent is changed using the method described in (2).
  4. Storage period
    Google LLC determines the storage period for the information described in (1). For Google LLC’s privacy policy, please refer to the link below:
    https://policies.google.com/privacy

5. Handling of personal data for advertising(2) – LINE advertising network

  1. Personal data to be acquired and the purpose of its use
    (a) This application uses the LINE advertising network to deliver advertisements to EEA users in this application. By using the LINE advertising network, this app provides LINE Corporation with information that can identify an EEA user's device, and selects and displays personalized advertisements. For more information about EEA user information that may be acquired by LINE Corporation via the LINE advertising network, please refer to the link below:
    https://line.me/en/terms/policy/
    (b) In connection with the use of the LINE advertising network in this application, LINE Corporation is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. For LINE Corporation's privacy policy, please refer to the link below:
    https://line.me/en/terms/policy/
  2. Basis for GDPR compliance
    This application confirms whether or not an EEA user consents to the information described in (1)(a) being used to deliver personalized ads when using this application. EEA users can also easily withdraw their consent by using the opt-out setting for personalized ads. Therefore, the handling of information complies with GDPR on the basis of Article 6, Paragraph 1(a) of the GDPR.
  3. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    In using this application, EEA users are not obliged to provide LINE Corporation with the information described in (1)(a). Even if they don’t provide such information to LINE Corporation, it does not affect their use of the basic functions of this application. The same applies if consent is changed using the method described in (2).
  4. Storage period
    LINE Corporation determines the storage period for the information described in (1)(a). For LINE Corporation’s privacy policy, please refer to the link below:
    https://line.me/en/terms/policy/

6. Handling of personal data for advertising(3) – Meta Audience Network

  1. Personal data to be acquired and the purpose of its use
    (a) This application uses the Meta Audience Network to deliver advertisements to EEA users in this application. By using the Meta Audience Network, this app provides Meta Platforms, Inc., with information that can identify an EEA user's device, and selects and displays personalized advertisements. For more information about user information that may be acquired by Meta Platforms, Inc., via Meta Audience Network, please refer to the link below:
    https://www.facebook.com/privacy/policy?section_id=1-WhatInformationDoWe
    (b) In connection with the use of the Meta Audience Network in this application, Meta Platforms, Inc., is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. For Meta Platforms, Inc.'s privacy policy, please refer to the link below:
    https://www.facebook.com/privacy/policy
  2. Basis for GDPR compliance
    This application confirms whether or not an EEA user consents to the information described in (1)(a) being used to deliver personalized ads when using this application. EEA users can also easily withdraw their consent by using the opt-out setting for personalized ads. Therefore, the handling of information complies with GDPR on the basis of Article 6, Paragraph 1(a) of the GDPR.
  3. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    In using this application, EEA users are not obliged to provide Meta Platforms, Inc., with the information described in (1)(a). Even if they don’t provide such information to Meta Platforms, Inc., it does not affect their use of the basic functions of this application. The same applies if consent is changed using the method described in (2).
  4. Storage period
    Meta Platforms, Inc., determines the storage period for the information described in (1)(a). For Meta Platforms, Inc.'s privacy policy, please refer to the link below:
    https://www.facebook.com/privacy/policy/

7. Handling of personal data for advertising(4) – Pangle

  1. Personal data to be acquired and the purpose of its use
    (a) This application uses Pangle to deliver advertisements to EEA users in this application. By using Pangle, this app provides Bytedance Ltd. with information that can identify an EEA user's device, and selects and displays personalized advertisements. For more information about user information that may be acquired by Bytedance Ltd. via Pangle, please refer to the link below:
    https://www.pangleglobal.com/privacy/enduser-en
    (b) In connection with the use of Pangle in this application, Bytedance Ltd. is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. For Bytedance Ltd.'s privacy policy, please refer to the link below:
    https://www.pangleglobal.com/privacy/enduser-en
  2. Basis for GDPR compliance
    This application confirms whether or not an EEA user consents to the information described in (1)(a) being used to deliver personalized ads when using this application. EEA users can also easily withdraw their consent by using the opt-out setting for personalized ads. Therefore, the handling of information complies with GDPR on the basis of Article 6, Paragraph 1(a) of the GDPR.
  3. Whether there is an obligation to allow personal data to be acquired and the effect of not having it acquired
    In using this application, EEA users are not obliged to provide Bytedance Ltd. with the information described in (1)(a). Even if they don’t provide such information to Bytedance Ltd., it does not affect their use of the basic functions of this application. The same applies if consent is changed using the method described in (2).
  4. Storage period
    Bytedance Ltd. determines the storage period for the information described in (1)(a). For Bytedance Ltd.'s privacy policy, please refer to the link below:
    https://www.pangleglobal.com/privacy/enduser-en

8. Handling of personal data in connection with the use of Firebase

  1. Personal information to be acquired by Google LLC and the purpose of its use
    (a) This application uses Firebase, which is provided by Google LLC. Firebase acquires the Android ID of the user's device, Firebase's own assigned ID, as well as the IP address, user agent, information related to operational defects in this application, and predefined user dimensions. For more information about predefined user dimensions, please refer to the link below:
    https://support.google.com/firebase/answer/9268042
    (b) Regarding the purpose of the use of personal data in Firebase, please refer to the link below:
    https://firebase.google.com/support/privacy
    (c) In connection with using Firebase in this application, Google LLC is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. For Google LLC's privacy policy, please refer to the link below:
    https://policies.google.com/privacy
  2. Information acquired by ITO Technologies in connection with the use of Firebase, and the purpose of the use of that information
    In connection with the use of Firebase in this application, ITO Technologies acquires from Google LLC statistical data that analyzes the attributes and trends of users who use this application, and analytical data regarding malfunctions in the operation of this application. These data cannot be uniquely identified to a particular user and are not associated with a user that can be uniquely identified and do not constitute personal data. ITO Technologies uses these data to ascertain users' needs in relation to this application and to identify potential problems, and their causes, that could occur in this application.
  3. Basis for GDPR compliance
    By allowing Google LLC to acquire the information described in (1), ITO Technologies can improve the functions of this application based on the needs related to this application and the problems that may occur in this application. Because the potential disadvantage to EEA users from that is slight, the acquisition of this information is in compliance with the GDPR on the basis of Article 6, Paragraph (1)(f) of the GDPR.
  4. Whether there is an obligation to allow Google LLC to acquire personal data and the effect of not allowing its acquisition
    EEA users are not obliged to provide Google LLC with the information described in (1). Even if they don’t provide such information, it will not affect their use of basic functions of this application.
  5. Storage period
    The information described in (1) is stored by Google LLC for up to 14 months, to the extent necessary for Firebase functionality.

9. Handling of personal data for the implementation of backup functions

  1. The personal data that Google LLC acquires
    Information of users in the EEA region that is stored in the user's device, such as age, gender, weight, stride length and number of steps, by configuring approval of back-ups in this application, is saved to a Google Cloud server. In this case, Google LLC is the processor, but ITO Technologies complies with GDPR regarding the processing method of personal data, including information security management. Regarding the response to GDPR in Google Cloud and the privacy policy of Google LLC, which provides Google Cloud, please refer to the link below:
    https://cloud.google.com/security/gdpr
    https://policies.google.com/privacy
  2. Purpose of use
    If information stored in the user's device is lost for any reason, the information described in (1) that is stored in the Google Cloud server will be used by the backup function to restore that information.
  3. Basis for GDPR compliance
    Saving the information described in (1) to a Google Cloud server is essential to implement the backup function at the request of an EEA user. Therefore, the handling of this information complies with GDPR on the basis of Article 6, Paragraph 1(b) of the GDPR.
  4. Whether there is an obligation to allow Google LLC to acquire personal data and the effect of not allowing its acquisition
    EEA users are not obliged to provide Google LLC with the information described in (1). Even if they don’t provide such information, it does not affect their use of basic functions of this application, except the backup function.
  5. Storage period
    The storage period of the information described in (1) can be determined by the EEA user, at the user's discretion, via the Google Cloud settings.

10. Right to obtain information on the handling of personal data

EEA users have the right to obtain all necessary information from ITO Technologies regarding its handling of personal data related to them (Articles 13 and 14 of the GDPR).

11. Right to access

EEA users have the right to confirm with ITO Technologies whether it is handling personal data related to them. In addition, if ITO Technologies is handling such personal data, the users have the right to access certain information, such as the purpose of the handling and the category of the personal data (Article 15 of the GDPR).

12. Right to have personal data corrected or erased

EEA users have the right to have ITO Technologies correct, without delay, any inaccurate personal data related to them (Article 16 of the GDPR). In addition, EEA users have the right to have ITO Technologies erase their personal data (Article 17 of the GDPR), without delay, if the handling of it is no longer necessary, or if they have withdrawn their consent regarding personal data that is being handled on the basis of Article 6(1)(a) of the GDPR, or if certain other requirements are met.

13. Right to restrict handling

EEA users have the right to have ITO Technologies restrict the handling of their personal data where there is doubt about its accuracy or where certain other requirements are met (Article 18 of the GDPR).

14. Right to object to handling

EEA users have the right to object to the handling of personal data related to them if certain requirements are met (Article 21 of the GDPR).

15. Right to data portability

EEA users can receive personal data related to them in a structured, commonly used and machine-readable format, provided that certain requirements are met. They also have the right to transfer their personal data to another manager, without hindrance from ITO Technologies (Article 20 of the GDPR).

16. Point of contact with the manager

If EEA users need to contact ITO Technologies to exercise their rights, or for any other reason, please send email to the following address: ITO Technologies will promptly respond to such email that it receives. However, ITO Technologies will only respond regarding the exercise of the rights of an EEA user if the user provides ITO Technologies with a document, in the form of data, that proves that the user is the actual person herself/himself or an agent authorized by that person.

Contact email address: support@ito-technologies.com

17. Right not to be subject to automated decision-making

ITO Technologies will not cause any legal effect or significant impact to EEA users due to decisions based solely on automated handling of their personal data (Article 22 GDPR).

18. Right to lodge an objection with a supervisory body

EEA users may lodge an objection to our processing of their personal data with the supervisory body in their country of residence, workplace or a GDPR member state where an infringement has occurred.

19. Revision of this policy

If ITO Technologies modifies this policy, it will announce the revision, the date of revision and the revised content in this application.

20. Official language

This policy uses Japanese as the official text. To the extent that there is conflict between the Japanese version of this policy and an applicable version translated into another language and made public, the Japanese version shall prevail.

Last updated: July 16, 2023