Actoli LLC ("Actoli," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose and protect information about you when you access FramRise (the "Service"). The Service is operated from Japan and intended for a global audience. We comply with the Act on the Protection of Personal Information (APPI) of Japan, the General Data Protection Regulation (GDPR) of the European Union/United Kingdom and the California Consumer Privacy Act (CCPA/CPRA) where applicable.
1. Information We Collect
1.1 Information You Provide
- Account Information: When you register, we collect your email address, username and password. Passwords are stored using industry‑standard encryption (hashing/salting).
- Payment Information: We use Stripe to process subscription payments. Stripe collects your payment details and may share limited billing information (e.g., card type, last four digits, payment status) with us. We do not store full payment card numbers.
- Support Communications: If you contact us, we collect the information you provide (such as your name, email address and contents of the inquiry) to respond.
1.2 Information We Collect Automatically
- Usage Data: We collect information about your interactions with the Service, such as downloaded assets, pages viewed, dates and times of access and features used. This helps us monitor performance and plan improvements.
- Device and Log Information: We automatically receive your IP address, browser type, operating system, device identifiers and other technical data when you use the Service.
- Cookies and Similar Technologies: We use session cookies to authenticate you, remember preferences and analyse usage. These cookies do not contain personal data other than an anonymised identifier. You can disable non‑essential cookies through your browser settings; however, some functionality may be limited.
2. Purposes and Legal Bases for Processing
We process your personal data only where we have a legal basis to do so. Depending on your location, these legal bases may include:
- Performance of Contract: We use your information to create and manage your account, deliver the Service, process payments and provide customer support.
- Legitimate Interests: We analyse usage data to improve the Service, prevent fraud, enforce our Terms and protect the security of our systems. We balance our interests against any potential impact on your rights.
- Consent: We send you marketing communications (e.g., newsletters or promotional offers) only with your opt‑in consent. You may withdraw consent at any time by following the unsubscribe instructions in emails or by contacting us.
- Legal Obligations: We may process and disclose your information to comply with applicable laws and respond to lawful requests (e.g., tax or accounting obligations or government inquiries).
3. Data Sharing and Disclosure
We do not sell or rent your personal information. We share data only as described below:
- Service Providers: We engage trusted third parties to perform services on our behalf, such as payment processing (Stripe), cloud hosting (e.g., AWS), content delivery and analytics. These providers may process your information only to the extent necessary to perform their services and are bound by confidentiality obligations.
- Compliance with Law and Protection of Rights: We may disclose information if required by law or if we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud or respond to government requests.
- Business Transfers: If we are involved in a merger, acquisition, restructuring or asset sale, your information may be transferred as part of that transaction, subject to the promises of this Privacy Policy.
4. International Transfers
Your information may be transferred to and processed in countries other than your own, including Japan and the United States. When we transfer personal data from the European Economic Area (EEA) or United Kingdom to Japan, we rely on the European Commission's adequacy decision recognising Japan's data‑protection regime as providing an adequate level of protection. For transfers to other countries that do not have an adequacy decision, we use Standard Contractual Clauses or other legally recognised mechanisms, or obtain your explicit consent.
5. Data Security
We implement appropriate technical and organisational measures to protect your information against unauthorised access, disclosure, alteration or destruction. These measures include TLS/SSL encryption for data in transit, encryption at rest, access controls, regular security audits and staff training. However, no method of transmission or storage is completely secure; we cannot guarantee absolute security.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Right of Access: You can request a copy of the personal information we hold about you.
- Right to Rectification: You can request correction of inaccurate or incomplete data.
- Right to Erasure (Right to be Forgotten): You can request deletion of your personal data when it is no longer needed, subject to lawful exceptions.
- Right to Restrict Processing: You can request that we limit how we process your data in certain circumstances.
- Right to Data Portability: You can request to receive your data in a structured, commonly used machine‑readable format.
- Right to Object: You can object to processing based on our legitimate interests, including direct marketing.
- Right to Opt‑Out of Sale/Sharing (California): We do not sell or share personal information as defined by CCPA. California residents can opt out of any such activities by contacting us.
To exercise any of these rights, please contact us at info@actoli.jp. We may ask you to verify your identity before responding. We will respond within the timeframe required by applicable law.
7. Data Retention
We keep your information only as long as necessary to fulfil the purposes for which it was collected or as required by law. Our typical retention periods are:
- Account Data: Retained as long as your account is active and up to three (3) years after closure to address potential disputes or comply with legal obligations.
- Payment Records: Retained for seven (7) years for tax and accounting purposes.
- Usage Analytics: Retained for up to two (2) years in anonymised or aggregated form.
- Support Communications: Retained for three (3) years from the date of our last interaction.
8. Cookies and Tracking Technologies
We use the following categories of cookies:
- Essential Cookies: Required to authenticate users and secure the Service. You cannot opt out of these.
- Functional Cookies: Remember preferences (e.g., language settings). You may disable these through your browser without affecting basic functionality.
- Analytics Cookies: Collect usage statistics to help us understand how the Service is used and improve it. We use aggregated data that does not directly identify you. You can choose to disable analytics cookies without affecting your ability to use the Service.
Your browser's settings may allow you to delete or block cookies. You can also manage cookie preferences on our site where available. Disabling essential cookies may affect your experience.
9. Children's Privacy
The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children. If we learn that a child has provided us with personal data, we will take steps to delete such information as required by law. Parents or guardians who believe we have collected information from a child may contact us at info@actoli.jp.
10. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technology or legal requirements. We will notify you of material changes by email or through the Service. The "Last Updated" date at the top of this Policy indicates when changes were last made. Your continued use of the Service after changes become effective constitutes your acceptance of the updated Policy.
11. Do Not Sell or Share My Personal Information (CCPA Notice)
We do not sell or share your personal information as defined under the California Consumer Privacy Act. If we decide to engage in such activities in the future, we will provide notice and the ability to opt out.
12. Contact Us
If you have questions about this Privacy Policy, your rights or our data practices, please contact us:
Data Controller: Actoli LLC
Address: 1‑12‑4 Ginza, Chuo‑ku, Tokyo 104‑0061, Japan
Email: info@actoli.jp
Phone: +81‑80‑7467‑0800 (Japanese only; please contact by email if possible)
You also have the right to lodge a complaint with a supervisory authority in your jurisdiction (for example, your local data protection authority in the EEA or the UK's Information Commissioner's Office).