Privacy Policy

Privacy Policy

Last Revised: June 21, 2025 (Originally enacted August 1, 2012)

INFOEYE Co., LTD. (hereinafter “we,” “us,” or “the Company”) is committed to protecting the privacy of our users. We comply with all applicable privacy laws and regulations, including Japan’s Personal Information Protection Act and related guidelines, to ensure that your personal information is handled securely and appropriately. This Privacy Policy describes how we collect, use, disclose, and protect personal information in the course of our business. It applies to all of our products, websites, and services, including kirikom.net, kirikom.plus, infoeye.com/selfpicks, kirikom.jp, plus.kirikom.jp, itf.kirikom.jp, file-pack.com, and any other services operated by INFOEYE Co., LTD. (collectively referred to as “the Service”). By using any of our Services, you acknowledge that you have read and agree to the practices described in this Privacy Policy. We will continue to abide by this Policy in handling your personal information.

Information We Collect

We collect various types of information from you in order to provide and improve our services. The types of personal information we may obtain include:

  • Account Information: When you register or use our Service, we collect information such as your name, email address, password, company or organization name, postal address (including postal code and region), telephone number, and any other contact details you provide. We may also ask for information about your intended use of the Service (e.g. whether you plan to use image processing, system features, product management, etc.) to better tailor our services to your needs.

  • Payment and Billing Information: If you purchase a paid plan or service from us, we (or our authorized payment processors) may collect billing details such as your billing address and payment information (e.g. credit card number or bank account information). Note: For security, any online payments are handled through reputable third-party payment providers; we do not store full credit card numbers on our own servers.

  • Service Usage Data: We maintain records of your interactions with our Service. This may include details of the services you use or orders you place (for example, image files you upload for processing on kirikom.net, or data related to projects and transactions in KIRIKOM PLUS), your order and transaction history, and any preferences or settings you configure. If you use our file transfer service (file-pack.com), we may log information about the files transferred (such as file names, sizes, and transfer timestamps) and the email addresses or user identifiers involved, as necessary to operate the service.

  • Communication and Inquiry Information: If you contact us with a question, request, or customer support issue, we will collect the information you choose to provide in your inquiry. This may include your contact information and the content of your communications (such as emails to our support team or feedback submitted through our websites). We will use this information to respond to you and resolve any issues.

  • Automatically Collected Technical Data: When you access our websites or online services, certain data is collected automatically. This includes your device and browser information (such as device type, operating system, browser type, and language settings), your Internet Protocol (IP) address, and information about how you navigated or interacted with our sites. We also use cookies and similar tracking technologies (described in more detail below) to collect information about your use of the Service, such as the pages or features you access and the dates/times of your visits. This technical and usage data helps us understand how our Services are used and enables us to personalize your experience.

  • Third-Party Integration Data: If you choose to integrate or connect our Service with external platforms or third-party services (for example, linking KIRIKOM PLUS with your e-commerce store on Shopify or another platform), we may receive information from those third parties as needed to facilitate the integration. For instance, if you connect a Shopify store, our system might access certain data from your Shopify account such as product details, inventory information, or order records so that our Service can work in conjunction with your online store. Likewise, we may transmit relevant data (like updated product information or order status) back to the external service as part of the integration. We will only access or exchange such integration data with your authorization and solely for the purposes of providing the integrated functionality you request. Please note that any information gathered from or sent to an external platform will also be subject to that platform’s own privacy practices.

How We Collect Information: In general, we collect personal information directly from you when you provide it to us (for example, by filling out registration or contact forms, entering information in our applications, or communicating with us). We may also collect some information automatically through your use of our Service (via cookies or log data as noted above), and in some cases we may obtain information from third parties (such as an integrated Shopify store or other partners, with your consent). We always strive to collect personal data by fair and lawful means. You are free to choose whether or not to provide us with certain personal information, but please understand that if you decline to provide information that is necessary for a particular Service or feature, we may not be able to deliver that Service or feature to you.

We endeavor to keep the personal information we hold accurate and up-to-date. You can help by promptly updating your account information or informing us of any changes (for example, updating your contact details or correcting any inaccuracies). This ensures that we can continue to provide you with the best service and communicate with you effectively.

Purposes of Use of Personal Information

We collect and use your personal information solely for specified and legitimate purposes in connection with our Service. The primary purposes for which INFOEYE Co., LTD. uses personal information include:

  • Providing and Operating Our Services: We use the information we collect to create and manage your user account, authenticate you when you log in, and deliver the services you request. For example, we process the images or data you submit through kirikom.net (our image clipping/editing service) and manage your projects and data in KIRIKOM PLUS (our cloud solution for the fashion/apparel industry). Your information is used to fulfill orders, complete transactions, send you the outputs or deliverables (such as processed image files or generated reports), and generally ensure the Service functions as intended for you.

  • Maintaining and Improving the Services: We use personal and usage data to maintain the quality and security of our Services and to carry out necessary operations. This includes using data for debugging and troubleshooting, protecting against errors or fraud, and improving user interface and functionality. For instance, understanding how users navigate our platforms (kirikom.plus, file-pack.com, etc.) helps us refine those services. We may also use feedback or usage trends to develop new features or enhance existing ones. All personal information is utilized only within the scope necessary for these maintenance and improvement activities.

  • Communication and Customer Support: We may use your contact information (such as email address or phone number) to communicate with you regarding your account or transactions. This includes sending service-related notifications such as confirmation emails, invoices or receipts, alerts about completed image processing jobs or file transfers, and updates about important changes to our Service or policies. If you reach out with questions or support requests, we will use your provided information to address your inquiries and provide customer support. We might also send occasional service announcements or tips on using our products. (We will obtain any necessary consent required by law before sending you promotional communications, and you will have the opportunity to opt out of such messages.)

  • Ensuring Legal Compliance and Safety: We may process personal information as needed to comply with applicable laws and regulations, or to respond to lawful requests and legal processes. We also use information to enforce our terms of service and other agreements, to prevent or investigate misconduct (such as suspected fraud, security incidents, or violations of our terms), and to protect the rights, property, or safety of our customers, the Company, or others. This includes using data to verify identities for security purposes and to monitor for any abusive or illegal activities on our platforms.

We will not use your personal information for any purpose beyond those that are stated at the time of collection or in this Privacy Policy without first obtaining your consent, unless otherwise permitted or required by law. We are careful to specify the purpose whenever we collect personal data, and we limit use of the data to only what is necessary to achieve those specified purposes. If we ever need to use your information for a new purpose that is not closely related to the original purpose, we will notify you of the new purpose and, if required, obtain your prior consent. In the event of any material changes to the purposes for which we use your data, we will also update this Privacy Policy accordingly and make an announcement or notification as appropriate.

Sharing and Disclosure of Personal Information

We treat your personal information with care and, as a general rule, we do not disclose or provide your personal data to any third party without your prior consent. However, there are certain circumstances under which we may share information with third parties, as described below, while still complying with privacy laws and ensuring appropriate safeguards:

  • With Your Consent or at Your Direction: We will share your personal information with third parties if you have expressly authorized us to do so. For example, if you request a service that involves a third-party provider or you use an integration (such as linking to Shopify or another platform as discussed below), we will share data as needed to fulfill your request, but only with your knowledge and permission.

  • Legal Requirements and Vital Interests: If we are presented with a legitimate legal demand (such as a court order, subpoena, or a request from law enforcement or regulators) requiring disclosure of certain personal information, we may comply with such legal obligations. Additionally, if it is necessary to share information in order to protect someone’s life, health or safety, or to protect the rights or property of our customers or the public, we may do so without prior consent. This exception would apply only in urgent situations where obtaining consent is difficult or where the law permits such disclosure for important reasons of public interest.

  • Business Transfers: In the event that INFOEYE Co., LTD. undergoes a business transaction such as a merger, acquisition, corporate reorganization, or sale of all or part of our business/assets, personal information may be transferred to the successor or acquiring entity as part of that transaction. In such cases, we will ensure that the new owner will continue to handle your personal information in accordance with this Privacy Policy (or you will be given notice and a chance to opt out of the transfer, if required by applicable law).

Furthermore, there are certain types of sharing that we do not consider “third-party” disclosures under privacy law (because the data isn’t provided to an independent outsider in a way that violates your privacy). We reserve the right to provide personal information in these situations, at our discretion, to support our operations and serve you better:

  • Service Providers and Processors: We may outsource or entrust the handling of personal information (in whole or in part) to third-party service providers who perform services on our behalf. This includes, for example, contractors and partner companies that assist us in operating our services, processing data (such as cloud storage providers or payment processors), delivering customer support, or other business support functions. These service providers are not considered independent “third parties” under the law in this context because they process information on our instructions and for our purposes. We contractually require our service providers to use personal information only for the purposes of providing services to us (consistent with the purposes described in this Policy) and to protect it with appropriate security measures.

  • Joint Use with Affiliates or Partners: In certain cases, we may jointly use personal information with affiliated companies or business partners, but only for specific purposes that have been disclosed to you in advance. For example, if we collaborate with a partner to offer an integrated service or promotion, we might share information such as your name and contact details with that partner only if: (a) we have informed you beforehand of the details of such joint use – including what information is shared, the scope of users or entities sharing it, the purposes of sharing, and who is responsible for protecting the data – and (b) such information is readily available for you to reference. In any joint use arrangement, INFOEYE Co., LTD. remains responsible for managing your personal information in conjunction with the partner and ensuring your privacy rights are protected.

Aside from the situations described above, we will not sell, rent, or trade your personal information to third parties for their marketing purposes, and we will not otherwise share your data with third parties in ways not covered by this Privacy Policy without obtaining your consent. If you have any questions about third-party sharing or want more details about our service providers and partners, you may contact us at the address provided in the Contact section below.

Integration with External Services (e.g., Shopify)

Our Services may offer integration with certain external platforms or third-party services to enhance functionality – for example, KIRIKOM PLUS allows API integration with e-commerce platforms such as Shopify (and others) so that you can seamlessly connect your online store with our system. Participation in any such integration is entirely optional and initiated by you.

If you choose to integrate our Service with a third-party service, we will exchange the minimum necessary information with that service to enable and maintain the integration. For example: if you connect a Shopify store to KIRIKOM PLUS, our system may access data from your Shopify account such as your product catalog, product images, inventory levels, or order information. This allows you to manage or sync those items within KIRIKOM PLUS. Conversely, we might send updates (like product details or order status updates) from KIRIKOM PLUS back to your Shopify store to keep both systems in sync.

We will only access and use information from an external service with your authorization and solely for the purposes of providing the integrated functionality you have requested. We do not receive or retrieve information from third-party accounts unless it is necessary to provide the specific integration and you have linked the accounts yourself. Likewise, we do not share your personal information with an external platform unless it is part of the integration’s operation (for instance, sending necessary data to Shopify to update your store, in this example).

Please be aware that any information exchanged with a third-party service as part of an integration will also be subject to that third party’s own terms and privacy policy. We encourage you to review the privacy policies of any external services you connect to our Service (such as Shopify) so you understand how they will handle your data. If you have concerns about the data that a third-party service may collect or receive, you should adjust the integration settings or choose not to use the integration. You can also disconnect an integration at any time, and once disconnected, we will no longer actively exchange your data with that third party (though data already obtained or shared may remain in the respective systems).

Use of Cookies and Similar Technologies

We use cookies and similar tracking technologies on our websites to provide, personalize, and improve your experience with our Service. Cookies are small text files that are placed on your device (computer, smartphone, etc.) when you visit a website. We use these tools for several important functions:

  • Essential and Functional Cookies: Some cookies are necessary for our websites and services to function properly. For example, they enable you to stay logged in as you navigate through secure areas of the site, remember your preferences (such as language selection on kirikom.plus which offers multiple languages), and ensure that our services load and display correctly. These cookies do not gather personal data for marketing, but they are required for basic service operation.

  • Analytics and Performance: We also utilize cookies and third-party analytics services to understand how users access and use our websites. For instance, we may use Google Analytics or similar tools that set cookies in order to collect information about site traffic and usage patterns. This helps us analyze metrics like which pages are most popular, how users move through our site, and how long they stay, so that we can improve the design and content of our Services. The information collected through analytics cookies is generally aggregated and does not directly identify individual visitors.

  • Advertising and Marketing (if applicable): At present, we do not display third-party ads on our service platforms in a way that uses your personal data, and we do not share your personal information with third-party advertisers. If this changes in the future, and we or our partners use cookies for advertising purposes, we will update this policy and seek any required consents. Any marketing-related cookies will only be used in accordance with applicable law.

You have choices regarding cookies. Most web browsers are initially set up to accept cookies by default, but you can modify your browser settings to refuse or delete cookies if you prefer. Please note that if you disable cookies entirely, some features of our Service (especially those requiring login or remembering settings) may not function properly. For example, you may not be able to stay logged in or some interactive features might be unavailable. We recommend that you leave cookies turned on for the best experience, but the decision is yours.

For more information about how to manage cookies and other tracking technologies, refer to your browser’s help documentation. Our websites may also recognize certain “Do Not Track” signals or similar preferences from your browser; however, not all third-party services honor these signals. We will continue to monitor developments around Do Not Track and adjust our practices as required.

Data Security and Protection Measures

INFOEYE Co., LTD. takes the security of your personal information very seriously. We have implemented a range of technical and organizational measures designed to safeguard your data from unauthorized access, disclosure, alteration, loss, or destruction. These are some of the key measures we employ to protect your information:

  • Encryption of Data in Transit: All communications between your browser and our websites are protected using SSL/TLS encryption (HTTPS). This means that when you submit personal information or files through our Service (such as uploading images or entering your login credentials), that data is encrypted while being transmitted over the internet to prevent eavesdropping or interception by unauthorized parties.

  • Access Controls and Authentication: We restrict access to personal data within our organization strictly to those employees and contractors who need it to operate and develop the Service or to assist you. Employees who handle personal information are subject to confidentiality obligations. We use password protection and, where appropriate, multi-factor authentication to prevent unauthorized access to administrative systems. Each user’s account data is isolated such that only that user (and our service administrators) can access it.

  • Secure Infrastructure: Our servers and databases are protected by firewalls, intrusion detection systems, and other standard security precautions. We regularly update our software and systems to address potential security vulnerabilities. For cloud-based services and data storage, we utilize reputable data center providers who maintain high levels of physical and network security. We also perform secure backups and have disaster recovery procedures in place to prevent data loss.

  • Monitoring and Audits: We monitor our systems for possible vulnerabilities and attacks, and we conduct periodic security audits and risk assessments. By regularly reviewing our security practices, we strive to proactively identify and mitigate any potential threats to your personal information. We also follow relevant industry standards and security guidelines to ensure we are up-to-date with best practices in data protection.

  • Organizational Training and Policies: Protecting privacy is a company-wide priority. We have appointed a Personal Information Protection Manager who is responsible for overseeing our compliance with data protection laws and our internal security program. We maintain internal privacy and security policies, and we educate and train our officers and employees about the importance of protecting personal data and the proper procedures for handling information. All staff members who have access to personal information receive appropriate training and are supervised to ensure they follow our protocols. In the event that we outsource any personal data processing tasks to external contractors or partners, we exercise careful oversight and require them to adhere to the same high standards of security and confidentiality.

Despite our thorough efforts to secure your data, please be aware that no method of transmitting or storing data is 100% secure. While we cannot guarantee absolute security, we are continuously working to improve our safeguards and will promptly inform affected users and authorities (as required by law) in the unfortunate event of any data breach or security incident.

Your Rights and Choices

We respect your rights regarding your personal information. Under applicable law, including Japanese privacy law (and other regulations which may apply based on your location), you have the following rights and choices concerning the personal data we hold about you:

  • Access and Disclosure Requests: You have the right to request access to the personal information we have about you and to receive an explanation of how we have used it and who we have shared it with. This is sometimes known as a data disclosure request. Upon your request, we will provide you with a copy of the personal data we maintain about you, in accordance with legal requirements.

  • Correction and Update: If any of your personal information is incorrect, incomplete, or has changed, you have the right to request that we correct or update it. We encourage you to keep your information up-to-date by editing your account profile where possible, or by contacting us to request changes. We will promptly make the corrections necessary to ensure accuracy.

  • Deletion and Erasure: You may request that we delete or erase personal information we hold about you. For example, you can ask us to remove information that you believe is no longer necessary for the purposes of processing, or information that you have withdrawn consent for. We will honor such requests to the extent required by applicable law. Do note that in some cases we may retain certain information for legal or operational reasons (see “Data Retention” below), but we will inform you if this is the case. If you wish to cancel your account or stop using our Service, you can also request account deletion, and we will process that request.

  • Objecting to or Restricting Use: You have the right to request that we stop using your personal information in certain ways. For instance, you can ask that we cease processing your data for specific purposes (for example, if you do not want to receive marketing emails, you can opt out at any time). You can also request that we limit how we use your data – for example, if you contest the accuracy of your information, you can request a restriction on processing until the accuracy is verified. Additionally, you may request that we stop providing your information to third parties in certain circumstances.

  • Data Portability: To the extent applicable law provides, you may have the right to receive some of your personal information in a commonly used, machine-readable format, and to have that information transmitted to another data controller (for example, another service provider) where technically feasible. (This right typically applies to information you provided directly, when processing is based on your consent or necessary for contract performance.)

  • Withdrawal of Consent: If you have given us consent to process your personal information for a specific purpose, you have the right to withdraw that consent at any time. For example, if you consented to receive a newsletter or to integrate with a third-party service, you can revoke that consent by unsubscribing from the newsletter or disconnecting the integration. Please note that withdrawing consent will not affect the legality of any processing we conducted prior to your withdrawal, and it may not affect processing that is being done on a lawful basis other than consent.

How to Exercise Your Rights: To exercise any of your rights listed above, please contact us using the contact information provided in the Contact Information section of this Privacy Policy. Please be as specific as possible about the information or the action you are requesting. For your protection, we will need to verify your identity before fulfilling your request – for example, we may ask you to provide certain details to confirm that you are the person associated with the data, or require you to make the request from the email address registered to your account.

Fees: In principle, we will not charge you for exercising your rights; however, under Japanese law we are allowed to charge a reasonable fee for responding to excessive or repetitive requests for disclosure of personal data. In practice, if you request access/disclosure of your personal data, we may charge a standard processing fee of JPY 2,000 per request (consumption tax not included). This fee is to cover administrative costs (and it corresponds to the fee stated in our Japanese policy). We will inform you of any fees before processing your request, and upon payment of the fee, we will proceed with the disclosure process. Most other types of requests (such as correction or deletion requests) will generally not incur a fee.

Response Timeframe: We strive to respond to all valid requests within a reasonable timeframe, and as required by law. The time needed may vary depending on the complexity of the request and our verification procedures, but we will keep you informed of the status. If, for some reason, we cannot fulfill your request (either in whole or in part), we will provide you with an explanation.

Exceptions: Please understand that in certain situations we may decline or limit our response to your request, if a full compliance would conflict with other legal obligations or rights. For example, we might refuse to disclose information if the disclosure is prohibited by law, or if providing the data would reveal personal information about another individual. We might decline a deletion request if keeping the information is required by law (such as record-keeping obligations) or if deleting it could impede ongoing legal compliance or our ability to assert legal claims. We may also refuse requests that would jeopardize the legitimate rights or interests of the individual or a third party – for instance, if fulfilling a request could endanger someone’s safety, violate someone else’s privacy, or unreasonably interfere with our operations. In any case, we will assess requests fairly and explain our decisions.

Finally, please note that providing your personal information to us is generally voluntary on your part. However, if you choose not to provide certain details that we require to offer our Services (for example, failing to provide a name and email for account registration, or withholding payment information for paid plans), we may not be able to create an account for you or provide the requested service. We will inform you at the time of collection which information is necessary and which is optional. Even after you provide consent or information, you have the rights described above to change your mind or request changes.

Data Retention

We will retain your personal information for only as long as it is necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means:

  • Active Accounts: For as long as you maintain an account with us or continue to use our Service, we will keep your personal information on file to meet the ongoing needs of providing the service (e.g., to maintain your account, provide you with access to your data, and so forth). This includes retaining your profile information, settings, and service usage records.

  • Completed Transactions: We retain records of the services you have used, such as order histories, processed images or files, and business transactions (including invoices and payment records), to support our contractual obligations to you and for our legitimate business interests such as accounting, auditing, and compliance. These records will typically be kept for the duration needed for administrative purposes and to comply with financial and tax regulations. For example, Japanese commercial and tax law may require us to keep certain transactional data for a number of years.

  • Communication Records: If you have corresponded with us (such as through support emails or feedback forms), we may retain those communications as long as necessary to address your inquiry and for our reference (so we have a history of support requests and responses). We might keep these records to improve our customer service or to establish facts in case of disputes.

  • Backup and Archival Data: Like most companies, we perform regular backups of our systems to ensure resilience. Residual copies of your personal information might exist in backup storage even after it is removed from our active databases. These backups are securely stored and only accessed if needed for disaster recovery. We will eventually delete or overwrite old backups in accordance with our data retention policy.

When we no longer have a legitimate business need or legal obligation to retain your personal information, we will delete it or anonymize it in our systems so that it can no longer be associated with you. For instance, if you cancel your account or if we shut down a particular service, we will initiate the deletion of personal data associated with that account or service, except for data we must keep by law or for legitimate interests (as noted above). In some cases, if immediate deletion is not feasible (for example, the data is stored in secure archives), we will ensure that your information is securely isolated and protected from further use until deletion is possible.

If you would like us to delete your personal information sooner, you can make a request as described in the Your Rights section. We will honor such requests to the extent possible and will inform you of the outcome.

Changes to this Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated Privacy Policy on our website(s) and update the “Last Revised” date at the top of this Policy. The updated Policy will become effective on the date it is posted (unless a later date is indicated).

If we make any material changes that significantly affect how we handle your personal information, we will take additional steps to notify you. For example, we might display a prominent notice on our website or send you an email notification, especially if you are a registered user. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Your continued use of our Services after the effective date of an updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with any aspect of the updated Policy, you should stop using the Services and contact us if you wish to have your data removed or request any other action under the Policy.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please do not hesitate to contact us. We will gladly assist you. Below is our designated contact for personal information inquiries:

INFOEYE Co., LTD. – Personal Information Inquiry Desk
Mailing Address: BIZSMART Kanda, 1-10-6 Kajicho, Chiyoda-ku, Tokyo 101-0044, Japan
E-mail: faq@kirinuki-ya.com

お試し無料!

まずは、無料のお試しにて品質、価格をご確認ください。

無料 お試し!

jaJapanese
jaJapanese
×