Privacy policy
Effective Date: May 11, 2026 · Last Updated: May 12, 2026
Basic Policy
This website recognizes the importance of personal information and considers its protection to be a social responsibility. We comply with all laws and regulations concerning personal information and properly handle the acquisition, use, and management of personal information collected through this website.
Definition of Personal Information
In this Privacy Policy, “personal information” (also referred to as “personal data” in some jurisdictions) refers to personal information as defined in Article 2, Paragraph 1 of Japan’s Act on the Protection of Personal Information (APPI): information about a living individual that can identify a specific individual through their name, date of birth, or other descriptors (including information that can be readily collated with other information and thereby identify a specific individual), or information that contains a personal identification code.
Scope of Application
This Privacy Policy sets forth the principles that this website follows when handling personal information of customers or equivalent information.
Purposes of Use of Personal Information
This website uses information provided by customers within the scope of the following purposes:
- Identity verification
- Confirming and responding to inquiries, comments, and similar contacts
- Distributing and sending newsletters, direct mail, and various notices
- Conducting campaigns, surveys, monitors, and interviews
- Providing, improving, developing, and marketing our services
- Providing personal information to partner businesses or organizations based on the customer’s consent or application
- Investigating conduct prohibited under our Terms of Service or similar policies
- Other purposes individually consented to by the customer
Legal Basis for Processing
We process personal information based on the following legal grounds, as applicable under Japan’s Act on the Protection of Personal Information (APPI), the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and equivalent laws:
| Purpose of Processing | Legal Basis |
|---|---|
| Responding to inquiries and providing customer support | Performance of a contract, or steps to enter into a contract |
| Processing orders, payments, and fulfilling product purchases | Performance of a contract |
| Distributing newsletters, direct mail, and marketing communications | Consent (which you may withdraw at any time) |
| Running campaigns, surveys, monitors, and interviews | Consent |
| Detecting fraud, abuse, and conduct prohibited under our Terms of Service | Legitimate interest in protecting our services and users |
| Complying with tax, accounting, and legal record-keeping obligations | Legal obligation |
| Service improvement, product development, and analytics | Legitimate interest, balanced against your rights |
| Providing personal information to partner businesses with your consent | Consent |
Where we rely on legitimate interest, we have conducted a balancing assessment to ensure your rights and interests do not override ours. You may object to processing based on legitimate interest at any time by contacting us at contact@miaomada.co.jp.
Business Operator Information
- Company Name: Miaomada Co., Ltd.
- Address: 82-2 Hasunuma-cho, Itabashi-ku, Tokyo 174-0052, Japan
- Representative: Keiichiro Honda
- Contact for Privacy Inquiries: contact@miaomada.co.jp
Management of Personal Information
To ensure the accuracy and security of personal information, this website thoroughly implements security measures and takes the necessary and appropriate level of safeguards against the risks of leakage, falsification, and unauthorized access to personal information.
We use SSL encryption to prevent important information from being read or altered by third parties.
Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. The following table summarizes our standard retention periods:
| Data Type | Retention Period |
|---|---|
| Inquiry and contact form data | 3 years from last contact |
| Newsletter subscriber data | Until unsubscription, then deleted within 30 days |
| Order, transaction, and invoice records | 7 years (as required by Japanese tax and accounting law) |
| Website access logs (IP address, user agent) | 6 months |
| Cookie data | Varies by cookie category (session cookies: until browser close; persistent cookies: up to 13 months) |
| Approved public comments on the website | Until the comment is deleted or the related account is closed |
When personal information is no longer needed for the stated purposes and no legal retention obligation applies, we will securely delete or anonymize it. Where legally permitted, you may request earlier deletion under your Right to Erasure (see “Your Rights” above).
Data Breach Notification
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority — in Japan, the Personal Information Protection Commission (PPC); in the EU, the data protection authority in the affected member state — without undue delay, and where feasible, within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33 and APPI requirements.
- Notify affected individuals directly by email where contact details are available, or, where direct contact is not feasible, through a prominent notice on our website. The notification will describe:
- The nature of the breach
- The likely consequences
- The measures we are taking to address and mitigate it
- Contact details for further information
We maintain internal procedures for breach detection, investigation, and response to ensure timely and appropriate action.
Disclosure of Personal Information to Third Parties
This website does not disclose personal information to third parties except in the following cases where there are legitimate reasons:
- When the individual has given consent
- When required by law
- When necessary to protect a person’s life, body, or property
- When necessary for public health or the healthy upbringing of children
- When cooperating with national agencies or similar bodies in performing duties prescribed by law (tax audits, statistical surveys, etc.)
To the extent necessary to achieve the stated purposes of use, this website may outsource the handling of personal information to other businesses.
We do not sell or share your personal information for cross-context behavioral advertising or for monetary or other valuable consideration.
Your Rights
You have the following rights regarding your personal information. Where applicable under local law (including the EU General Data Protection Regulation, the UK Data Protection Act 2018, and the California Consumer Privacy Act), these rights include:
- Right to access — request a copy of the personal information we hold about you
- Right to rectification (correction) — request that inaccurate or incomplete information be corrected
- Right to erasure (“right to be forgotten”) — request deletion of your personal information, subject to legal retention obligations
- Right to restriction of processing — request that we limit how your information is used
- Right to data portability — request your information in a structured, commonly used format
- Right to object — object to processing based on legitimate interests or for direct marketing
- Right to withdraw consent — withdraw consent at any time where processing is based on consent
- Right to non-discrimination — receive equal service regardless of exercising your privacy rights (California residents)
To exercise any of these rights, please contact us at contact@miaomada.co.jp. We will respond within a reasonable timeframe and in accordance with applicable law.
International Data Transfers
This website is operated from Japan. Personal information you provide is stored and processed in Japan. Japan has been recognized by the European Commission as providing an adequate level of data protection (EU Adequacy Decision, 2019), allowing transfers from the EU/EEA to Japan without additional safeguards.
Certain third-party services we use (such as Google Analytics and Gravatar) may transfer data outside Japan, including to the United States. These transfers rely on appropriate safeguards such as the EU-U.S. Data Privacy Framework or Standard Contractual Clauses, as applicable.
Inquiries Regarding Personal Information
When a request for access, correction, or suspension of use is received, we will respond in accordance with our established procedures and applicable law. Please contact us using the contact details listed in our “Notation Based on the Specified Commercial Transactions Act” page on this site, via the inquiry form on the shop page, or directly at contact@miaomada.co.jp.
Right to Lodge a Complaint with a Supervisory Authority
If you are located in the European Union, the United Kingdom, or another jurisdiction with a data protection authority, you have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal information violates applicable law.
Children’s Privacy
This website is not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information without parental consent, please contact us at contact@miaomada.co.jp and we will take steps to delete such information.
Cookies
A cookie is a small text file stored on your device by your web browser when you visit a website. Cookies help websites remember information about your visit, such as your preferences and settings.
When you first visit our site, a cookie consent banner will appear, allowing you to:
- Accept all cookies, including those used for analytics
- Reject all non-essential cookies, allowing only those strictly necessary for the site to function
- Customize your preferences by category
You can change or withdraw your consent at any time by clicking the cookie preferences link in our website footer.
We use CookieYes as our consent management platform to record and manage your consent preferences. For details, please refer to the CookieYes Privacy Policy.
Categories of Cookies We Use
- Necessary — Required for the site to function. Always active. Examples: WordPress session cookies, CookieYes consent cookie.
- Analytics — Helps us understand how visitors interact with our site. Opt-in required. Examples: Google Analytics 4 (
_ga,_ga_*).
If you disable cookies through your browser settings or reject them through our banner, some services and features of this website may not function correctly.
Access Analytics
This website uses Google Analytics 4 (GA4), a web analytics service provided by Google LLC, to analyze and improve our website.
- IP anonymization: GA4 anonymizes IP addresses by default before storage.
- Data retention: We retain GA4 event data for 14 months, after which it is automatically deleted.
- Consent-based loading: Google Analytics is only loaded after you have given consent through our cookie banner. If you reject analytics cookies, Google Analytics will not run on your session.
- Aggregated data: Traffic data is aggregated and anonymous, and does not identify individual users.
For details on how Google processes data, please refer to the Google Privacy Policy.
You can also opt out of Google Analytics entirely by installing the Google Analytics Opt-out Browser Add-on.
Comments and Inquiry Forms
This website collects data entered into comment and inquiry forms, as well as IP addresses and browser user agent strings, to help detect spam.
An anonymized hash string generated from the email address may be provided to the Gravatar service to confirm whether the user is using that service.
For Gravatar’s privacy policy, please see https://automattic.com/privacy/.
When a comment is approved, the profile image is displayed publicly along with the comment.
We acquire personal information properly and do not obtain it through deception or other improper means.
Embedded Content from Other Sites
This website contains embedded content (videos, images, posts, etc.). Embedded content from other sites behaves exactly as if the visitor had visited those sites directly.
These sites may collect your data, use cookies, embed additional third-party tracking, and monitor your interaction with the embedded content.
If you are logged in to such a site with an account, tracking of your interactions with the embedded content may also be included.
Disclaimer
While we make every effort to publish accurate information about the contents and information on this website, we do not guarantee its accuracy or safety. Please note that we accept no responsibility for any damages arising from the content posted on this website.
If you navigate to another site via a link or banner from this website, we bear no responsibility for the information, services, or other content provided by the destination site.
Pricing listed on this website is subject to change without notice.
Copyright and Portrait Rights
The copyright, portrait rights, and other rights for all content (text, images, videos, audio, files, etc.) posted on this website belong to the site owner or the respective rights holders. Unauthorized use—including reproduction, transfer, and secondary use—is prohibited. Modification, alteration, or addition to the content is also strictly prohibited.
If any rights holder finds an issue with the posted content, please contact us directly. We will respond promptly.
Links
Linking to this website is freely permitted in principle. No permission or notification is required. When quoting, please credit the source and link to the relevant page.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations, or other factors. When we make material changes, we will update the “Last Updated” date at the top of this page and, where appropriate, provide notice through our website or by other means. We encourage you to review this Privacy Policy periodically.
Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of Japan. We strive to align our practices with internationally recognized data protection standards, including the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the California Consumer Privacy Act (CCPA), where applicable.
Contact
For any questions, requests, or concerns regarding this Privacy Policy or our handling of your personal information, please contact us at contact@miaomada.co.jp.
Miaomada Co., Ltd., 82-2 Hasunuma-cho, Itabashi-ku, Tokyo 174-0052, Japan