Privacy Policy

Chia Inc. hereinafter referred to as Chia respects and values the privacy of its users. Our mission is to provide a place where everyone can express themselves online, and that mission should not be achieved at the expense of user privacy. In providing Chia services, we have established this Privacy Policy in light of the usefulness of personal information and for the purpose of protecting the rights and interests of individuals. Chia, including its officers and employees, will faithfully implement this policy.

In this Policy, the term personal information means information that can identify you, directly or indirectly, by reference to one or more identifiers or characteristics, such as name, identification number, location data, online identifier, or other similar information.

This Policy applies to websites, applications, APIs, SaaS, and other services operated or provided by Chia. The main services covered by this Policy include https://chi.as, https://komaca.app, https://biory.app, https://biory.page, https://yay.bio, https://poge.me, and other services separately designated by Chia hereinafter collectively referred to as Chia Sites.

Where Chia is subject to the EU General Data Protection Regulation 2016 hereinafter referred to as GDPR or other European data protection laws, Chia may act as a controller or processor under such laws with respect to personal data processed in connection with the provision of Chia services. Under Article 4(7) of the GDPR, controller means the person or entity that determines the purposes and means of the processing of personal data.

Use from outside Japan and cross-border processing

Chia, as a Japanese corporation, handles information relating to users in accordance with the Act on the Protection of Personal Information of Japan and other applicable laws and regulations.

If a user uses Chia services from outside Japan, information relating to the user may be stored, processed, viewed, or managed in Japan or in any other country or region where Chia or its contractors use cloud services, payment services, email delivery services, analytics services, or other external services.

In handling information relating to users, Chia will implement necessary and appropriate security control measures in accordance with this Policy, Chia’s Information Security Policy, and Chia’s procedures for managing contractors.

However, Chia does not guarantee compliance with all personal information protection laws, data localization regulations, communications regulations, display regulations, or other laws and regulations outside Japan that may apply in the country or region where the user is located.

Chia’s personal information protection policy

  1. Chia will acquire, use, and provide appropriate personal information according to the nature and scale of its business.
  2. Chia will specify the purposes of use of personal information and will take reliable measures to ensure that personal information is not used beyond those purposes.
  3. Chia will comply with the Act on the Protection of Personal Information, guidelines established by governmental authorities, and other applicable laws and regulations.
  4. Chia will implement security control measures to prevent leakage, loss, deletion, or damage of personal information. Chia will also prepare appropriate response procedures and measures to prevent the expansion of damage in the event of an incident involving personal information.
  5. Chia will appoint a contact person and will promptly respond to requests for disclosure, inquiries, and complaints regarding personal information.
  6. Chia will review and improve its security control measures as appropriate.

What personal information does Chia collect?

The personal information that Chia collects from you and the methods by which Chia collects personal information about you are as follows.

Personal information provided by you to Chia

You may provide personal information, including your name and contact details, by filling out forms or by communicating with Chia by mail, telephone, email, or other means. This includes, but is not limited to, personal information provided in the following cases:

Personal information collected by Chia

When you access Chia Sites, the following information is automatically collected:

This personal information is collected through cookies, server logs, and other similar technologies. The contents collected and recorded in access logs are used as server operation information to improve Chia Sites and services. They may also be used to send you, by email or other means, information useful for your use of Chia services or promotional information based on your usage status.

When such information is used as server operation information, it will not be linked to personal information. However, when email notices are sent to you, such information may be linked to your user information and email address.

You may disable cookies through your browser settings, but doing so may make all or part of the services on the website unavailable.

Cookies

Like many other websites, Chia uses tools called cookies to make Chia Sites more convenient for users. The term cookies as used by Chia also includes HTML5 local storage and other similar technologies used to record or collect information about devices.

Cookies are small data files transferred between a web server and your web browser and stored as files on your computer disk or mobile device.

Chia primarily uses cookies for the following purposes:

You may disable cookies by selecting the appropriate settings in your browser. However, please note that doing so may prevent you from using all or part of Chia Sites or services.

Chia may permit third parties selected by Chia to place cookies on Chia Sites for the purpose of analyzing usage trends and user groups of Chia Sites or providing advertisements relevant to you. Such third parties may collect information about the time users spend engaging in online activities when using Chia websites and about movement to other websites. Chia does not use technology that recognizes do-not-track signals from your web browser.

Purposes of Chia’s handling of personal information

Chia handles your personal information for the following purposes. Handling includes collection, recording, editing, structuring, storage, modification, retrieval, reference, use, disclosure by transmission, distribution, alignment, combination, restriction, erasure, and destruction.

Email

Chia may send emails for the purpose of announcing Chia services, features, research, news, promotions, content, and events. You may choose not to receive such emails.

Chia may use third-party services to send emails or communicate smoothly with you. For smoother communication, Chia may provide your email address and other information to third-party service providers solely for this purpose.

To whom does Chia provide information?

Your personal information will be treated as strictly confidential. For the purposes set forth in this Policy, Chia may provide your personal information to the following parties:

Chia may disclose your personal information as a legal obligation, such as in response to a subpoena or similar court proceeding, when Chia believes disclosure is necessary to protect the rights of Chia or the safety of you or third parties, to investigate fraud, or in response to inquiries from non-governmental third parties when disclosure is deemed necessary. In the case of inquiries from non-governmental third parties, Chia will obtain your prior consent before disclosing your personal information unless notice is prohibited by applicable law.

Chia requires all third parties to respect the security of your personal information and to handle it in accordance with applicable laws. Chia does not permit third-party service providers to use your personal information for their own purposes and permits them to handle your personal information only for specified purposes and in accordance with Chia’s instructions.

When personal data relating to users located in the European Economic Area, the United Kingdom, or Switzerland is transferred to a country or region whose level of protection is not recognized under an adequacy decision or other equivalent mechanism, Chia will conduct such transfer in accordance with applicable data protection laws and will rely on standard contractual clauses or other appropriate safeguards.

Chia is an international company headquartered in Japan. Chia also works with third-party service providers in various countries, such as cloud providers, web hosting providers, help desk software providers, and payment processors. As part of Chia’s business operations, your information may be transferred outside the European Economic Area and stored or processed in other countries, including Japan, Singapore, and the United States. When using Chia Sites, user information may be stored or processed in Japan, Singapore, the United States, or other countries or regions to the extent necessary for Chia’s business operations. When personal information is transferred from the EEA to a country that has not received an adequacy decision from the European Commission, Chia will rely on appropriate safeguards for data transfer, such as standard contractual clauses approved by the European Commission.

How long is information retained?

Chia retains personal information in a form that can identify you only for as long as necessary for the purposes for which the personal information is handled.

Chia may use your personal information to the extent necessary to comply with legal obligations, resolve disputes, and enforce agreements and rights, or where it is not technically reasonably possible to remove the information elsewhere. In other cases, Chia will delete your personal information within a reasonable period after receiving a request.

SSL

Chia Sites use SSL to protect personal information. When you access Chia Sites using a browser with security functions and enter personal information, including your name and email address, and such personal information is transmitted to Chia servers, the personal information is automatically encrypted when sent to and received by the server. Therefore, even if transmitted data is intercepted by a third party, the contents are protected from being read.

If you use a browser that does not support SSL, you may not be able to access Chia Sites or input information.

Privacy rights in Europe

This section applies only to residents of Europe.

Chia collects and handles your personal information only where there is a legal basis for handling personal information under data protection laws, including the GDPR. The legal basis depends on the purposes for which Chia handles your personal information as described above. Chia collects and uses your personal information only in the following cases:

Even if you have consented to the use of personal information for a specific purpose, you have the right to change your mind at any time.

Chia may also use your email address to send newsletters and promotional emails. Chia will request your consent in accordance with law when you first provide personal information. You may opt out by following the unsubscribe instructions in such emails or by contacting Chia through the inquiry function on Chia Sites.

In certain circumstances, you may have rights under the GDPR with respect to your personal information. However, these data privacy rights do not apply to Chia where Chia handles your personal information as a processor on behalf of Chia’s customer. In such case, you should exercise your European data privacy rights against Chia’s customer, namely the controller of the personal data as defined in Article 4(7) of the GDPR.

Request for access to personal information

You may have the right to request access to the personal information held by Chia about you and to related information, including the purposes of handling, the recipients or categories of recipients of personal information, where possible the retention period of the personal information, the source of the personal information, and whether automated decision-making systems exist.

Request for correction of personal information

You may have the right to have Chia correct inaccurate portions of your personal information without undue delay.

Request for erasure of personal information

You may have the right to request erasure of your personal information.

Request for restriction of handling of personal information

You may have the right to prohibit or restrict the handling of your personal information.

Request for transfer of personal information

Where technically feasible, you may have the right to have your personal information transferred directly to a third party.

If you believe that Chia has not complied with this Policy or its obligations under the GDPR, you have the right to lodge a complaint with an EU data protection authority.

Contact

If you have any questions regarding this Policy or its implementation, please contact Chia through the inquiry page on Chia Sites.

Changes to this Policy

Chia may revise this Policy due to changes in Chia’s information management practices. If there is a material revision, Chia will notify users by posting a notice on Chia Sites before the revision becomes effective. Please review this page periodically for the latest information regarding Chia’s personal information protection practices.

Effective date and revision history

Chia Inc.