# Privacy Policy Actual Co., Ltd. (hereinafter referred to as the "Company") recognizes the importance of protecting personal information, complies with the Act on the Protection of Personal Information (hereinafter referred to as the "Personal Information Protection Act"), and will endeavor to handle and protect it appropriately in accordance with the following privacy policy (hereinafter referred to as "this Privacy Policy"). Unless otherwise specified in this Privacy Policy, the definitions of terms used herein shall follow the provisions of the Personal Information Protection Act. ## 1. Definition of Personal Information In this Privacy Policy, "Personal Information" refers to information regarding a living individual that falls under any of the following items: * (1) Information that can identify a specific individual by name, date of birth, or other descriptions contained in said information (including any matters written or recorded in documents, drawings, or electromagnetic records, or expressed using voice, movement, or other methods) (this includes information that can be easily collated with other information, thereby enabling the identification of a specific individual). * (2) Information that contains an Individual Identification Code. ## 2. Purpose of Use of Personal Information The Company shall use personal information for the following purposes: * (1) To provide the Company's services (hereinafter referred to as "this Service"). * (2) To provide guidance and respond to inquiries, etc., regarding this Service. * (3) To provide guidance on the Company's products, services, etc. * (4) To respond to acts that violate the Company's terms, policies, etc. (hereinafter referred to as "Terms, etc.") regarding this Service. * (5) To notify users of modifications to Terms, etc., regarding this Service. * (6) To analyze information regarding user utilization status, etc., in order to improve this Service and develop new services. * (7) For employment management and internal procedures (regarding personal information of officers and employees), and for screening and communication in recruitment activities (regarding personal information of applicants). * (8) For shareholder management and handling procedures under the Companies Act and other laws and regulations (regarding personal information of shareholders, share option holders, etc.). * (9) To create statistical data processed into a format that cannot identify individuals in connection with this Service. * (10) For other purposes incidental to the above purposes of use. ## 3. Change of Purpose of Use of Personal Information The Company may change the purpose of use of personal information within a scope reasonably recognized as having relevance. In the event of a change, the Company will notify the individual who is the subject of the personal information (hereinafter referred to as the "Principal") or publicly announce it. ## 4. Use of Personal Information * 4.1 Except in cases permitted by the Personal Information Protection Act and other laws and regulations, the Company will not handle personal information beyond the scope necessary to achieve the purpose of use without obtaining the consent of the Principal. However, this shall not apply to the following cases: * (1) Cases based on laws and regulations. * (2) Cases where it is necessary for the protection of a person's life, body, or property, and it is difficult to obtain the consent of the Principal. * (3) Cases where it is especially necessary for improving public health or promoting the sound growth of children, and it is difficult to obtain the consent of the Principal. * (4) Cases where it is necessary to cooperate with a state organ, a local government, or a person entrusted by them in executing affairs prescribed by laws and regulations, and obtaining the consent of the Principal risks impeding the execution of said affairs. * (5) Cases where personal data is provided to an academic research institution, etc., and said academic research institution, etc., needs to handle the provided personal data for academic research purposes (this includes cases where a part of the purpose of handling said personal data is for academic research purposes, and excludes cases where there is a risk of unjustly infringing on the rights and interests of individuals). * 4.2 The Company will not use personal information in a manner that risks encouraging or inducing illegal or improper acts. ## 5. Proper Acquisition of Personal Information * 5.1 The Company shall acquire personal information properly and shall not acquire it by deception or other wrongful means. * 5.2 The Company shall not acquire special care-required personal information (meaning what is defined in Article 2, Paragraph 3 of the Personal Information Protection Act) without obtaining the prior consent of the Principal, except in the following cases: * (1) Cases falling under any of items (1) through (4) of Paragraph 4.1. * (2) Cases where special care-required personal information is acquired from an academic research institution, etc., and said academic research institution, etc., needs to acquire said special care-required personal information for academic research purposes (this includes cases where a part of the purpose of acquiring said special care-required personal information is for academic research purposes, and excludes cases where there is a risk of unjustly infringing on the rights and interests of individuals) (limited to cases where said personal information handling business operator and said academic research institution, etc., jointly conduct academic research). * (3) Cases where said special care-required personal information is made public by the Principal, a state organ, a local government, an academic research institution, etc., any of the persons listed in the items of Article 57, Paragraph 1 of the Personal Information Protection Act, or other persons prescribed by the Rules of the Personal Information Protection Commission. * (4) Cases where special care-required personal information that is structurally obvious from appearance is acquired by visually identifying or filming the Principal. * (5) Cases where special care-required personal information is provided by a third party, and said provision by the third party falls under any of the items of Paragraph 8.1. * 5.3 When receiving the provision of personal information from a third party, the Company shall confirm the following matters pursuant to the provisions of the Rules of the Personal Information Protection Commission. However, this excludes cases where the provision of said personal information by the third party falls under any of the items of Paragraph 4.1 or any of the items of Paragraph 8.1. * (1) The name or designation and address of said third party, and in the case of a corporation, the name of its representative (or the representative or administrator in the case of an organization that is not a corporation but has a designated representative or administrator). * (2) The background/circumstances under which said third party acquired the personal information. ## 6. Safety Management of Personal Information The Company shall exercise necessary and appropriate supervision over its employees to ensure the safety management of personal information against risks such as loss, destruction, falsification, and leakage of personal information. Furthermore, when entrusting all or part of the handling of personal information, the Company shall exercise necessary and appropriate supervision to ensure that safety management of personal information is maintained at the entrusted party. The specific details of the safety management measures regarding personal data held by the Company are as follows. ## 7. Reporting in the Event of Leakage, etc. In the event that a situation such as the leakage, loss, or damage of personal information handled by the Company occurs, and a report to the Personal Information Protection Commission and notification to the individual are required based on the provisions of the Personal Information Protection Act, the Company shall issue such reports and notifications. ## 8. Third-Party Provision * 8.1 Except in cases falling under any of the items in Paragraph 4.1, the Company shall not provide personal information to a third party without obtaining the prior consent of the Principal. However, the following cases do not constitute provision to a third party as stipulated above: * (1) Cases where personal information is provided in connection with entrusting all or part of the handling of personal information within the scope necessary to achieve the purpose of use. * (2) Cases where personal information is provided in connection with the succession of business due to a merger or other reasons. * (3) Cases of joint use based on the provisions of the Personal Information Protection Act. * 8.2 Notwithstanding the provisions of Paragraph 8.1, except in cases falling under any of the items in Paragraph 4.1, when providing personal information to a third party located in a foreign country (excluding countries designated by the Rules of the Personal Information Protection Commission based on Article 28 of the Personal Information Protection Act) (and excluding third parties who have established a system conforming to the standards designated by the Rules of the Personal Information Protection Commission based on Article 28 of the Personal Information Protection Act), the Company shall obtain the prior consent of the Principal to the effect that provision to a third party in a foreign country is permitted. * 8.3 When obtaining the Principal's consent for provision to a third party in a foreign country based on Paragraph 8.2, the Company shall provide information to the Principal regarding the following matters. However, if the matter in item (1) cannot be specified, the Company shall, instead of the matters in items (1) and (2), provide a statement to the effect that the matter in item (1) cannot be specified and the reason thereof, along with any other information that may serve as a reference for the Principal in place of said matter: * (1) The name of the foreign country. * (2) Information regarding the systems for the protection of personal information in said foreign country. * (3) Information regarding the measures taken by said third party for the protection of personal information (if such information cannot be provided, a statement to that effect and the reason thereof). * 8.4 When personal information is provided to a third party, the Company shall create and preserve records in accordance with Article 29 of the Personal Information Protection Act. * 8.5 When receiving the provision of personal information from a third party, the Company shall perform the necessary verifications in accordance with Article 30 of the Personal Information Protection Act, and create and preserve records pertaining to said verifications. ## 9. Disclosure of Personal Information * 9.1 When requested by the Principal to disclose personal information based on the provisions of the Personal Information Protection Act, the Company shall, after confirming that the request is indeed from the Principal themselves, disclose it to the Principal without delay (if said personal information does not exist, the Company shall notify them to that effect). However, this shall not apply to cases where the Company does not owe an obligation of disclosure under the Personal Information Protection Act or other laws and regulations. * 9.2 The provisions of the preceding paragraph shall apply mutatis mutandis to records pertaining to provision to third parties created based on Paragraph 8.4 and records pertaining to provision from third parties created based on Paragraph 8.5 regarding personal information by which the Principal is identified. ## 10. Correction, etc. of Personal Information When requested by the Principal to correct, add to, or delete its contents (hereinafter referred to as "Correction, etc.") based on the provisions of the Personal Information Protection Act on the grounds that the personal information is not true, the Company shall, after confirming that the request is indeed from the Principal themselves, conduct the necessary investigation without delay within the scope necessary to achieve the purpose of use. Based on the results, the Company shall perform the Correction, etc. of the contents of the personal information and notify the Principal to that effect (if a decision is made not to perform the Correction, etc., the Company shall notify the Principal to that effect). However, this shall not apply to cases where the Company does not owe an obligation of Correction, etc. under the Personal Information Protection Act or other laws and regulations. ## 11. Suspension of Use, etc. of Personal Information When requested by the Principal to suspend the use of or erase their personal information (hereinafter referred to as "Suspension of Use, etc.") based on the provisions of the Personal Information Protection Act on the grounds that (i) the Principal's personal information is being handled beyond the scope of the previously publicly announced purpose of use, or is being used in a manner that risks encouraging or inducing illegal or improper acts, or on the grounds that the Principal's personal information was acquired by deception or other wrongful means; (ii) when requested to suspend the provision of their personal information to a third party (hereinafter referred to as "Suspension of Provision") based on the provisions of the Personal Information Protection Act on the grounds that the personal information is being provided to a third party without the consent of the Principal; or (iii) when requested to implement the Suspension of Use, etc. or Suspension of Provision based on the provisions of the Personal Information Protection Act on the grounds that the Company no longer needs to use the Principal's personal information, a situation stipulated in the main text of Article 26, Paragraph 1 of the Personal Information Protection Act has occurred regarding the Principal's personal information, or any other case applies where the handling of the Principal's personal information risks harming the Principal's rights or legitimate interests; and if it is determined that there are reasonable grounds for said request, the Company shall, after confirming that the request is indeed from the Principal themselves, implement the Suspension of Use, etc. or Suspension of Provision of the personal information without delay and notify the Principal to that effect. However, this shall not apply to cases where the Company does not owe an obligation of Suspension of Use, etc. or Suspension of Provision under the Personal Information Protection Act or other laws and regulations. ## 12. Provision of Personally Referable Information to Third Parties * 12.1 When it is anticipated that a third party will acquire personally referable information (meaning what is defined in Article 2, Paragraph 7 of the Personal Information Protection Act, and limited to those constituting a personally referable information database, etc., as prescribed in Article 16, Paragraph 7 of the same Act; the same shall apply hereinafter) as personal data, the Company shall not provide said personally referable information to said third party without first confirming the following matters pursuant to the provisions of the Rules of the Personal Information Protection Commission, except in cases listed under any of the items of Paragraph 4.1. * (1) That the Principal's consent has been obtained to the effect of permitting said third party to receive the provision of personally referable information from the Company and acquire it as personal data by which the Principal can be identified. * (2) In the case of provision to a third party located in a foreign country, when attempting to obtain the Principal's consent specified in the preceding item, information regarding the system for the protection of personal information in said foreign country, the measures taken by said third party for the protection of personal information, and any other information that may serve as a reference for the Principal has been provided to the Principal in advance pursuant to the provisions of the Rules of the Personal Information Protection Commission. * 12.2 When the Company provides personally referable information to a third party pursuant to the provisions of the preceding paragraph, it shall create and preserve records in accordance with Article 31 of the Personal Information Protection Act.  * 12.3 When acquiring personally referable information from a third party as personal data, the Company shall perform the necessary verifications in accordance with the Personal Information Protection Act, and create and preserve records pertaining to said verifications. ## 13. Handling of Pseudonymized Information * 13.1 When creating pseudonymized information (meaning what is defined in Article 2, Paragraph 5 of the Act on the Protection of Personal Information, and limited to those constituting a pseudonymized information database, etc., as prescribed in Article 16, Paragraph 5 of the same Act; the same shall apply hereinafter), the Company shall process personal information in accordance with the standards prescribed by the Rules of the Personal Information Protection Commission. * 13.2 When the Company has created pseudonymized information, or has acquired pseudonymized information and deleted information, etc., pertaining to said pseudonymized information (meaning what is defined in Article 41, Paragraph 2 of the Act on the Protection of Personal Information; the same shall apply hereinafter), the Company shall take measures for the safety management of the deleted information, etc., in accordance with the standards prescribed by the Rules of the Personal Information Protection Commission as necessary to prevent the leakage of deleted information, etc. * 13.3 The Company shall comply with the following provisions regarding pseudonymized information (limited to those that constitute personal information; the same shall apply hereinafter in this Paragraph 13.3): * (1) Notwithstanding the provisions of Paragraph 4.1, the Company shall not handle pseudonymized information beyond the scope necessary to achieve the purpose of use, except in cases based on laws and regulations. * (2) Regarding the application of Paragraph 3 to pseudonymized information, the phrase "change... within a scope reasonably recognized as having relevance" in said paragraph shall be read as "change," and the phrase "notify the individual who is the subject of the personal information (hereinafter referred to as the 'Principal') or publicly announce it" shall be read as "publicly announce it." * (3) Notwithstanding the provisions of Paragraphs 8.1 through 8.3, the Company shall not provide personal data that constitutes pseudonymized information to a third party, except in cases based on laws and regulations. However, the cases listed in each item of Paragraph 8.1 do not constitute provision to a third party as stipulated above. * (4) When handling pseudonymized information, the Company shall not collate said pseudonymized information with other information in order to identify the Principal pertaining to the personal information used to create said pseudonymized information. * (5) When handling pseudonymously processed information, the Company shall not utilize contact details or other information contained in said pseudonymously processed information to make telephone calls, send mail or correspondence, deliver telegrams, transmit via fax or electromagnetic methods, or visit residences. * (6) With regard to pseudonymously processed information, the provisions of Paragraph 7 and Paragraphs 9 through 11 shall not apply. ## 14. Handling of Anonymously Processed Information * 14.1 When creating anonymously processed information (meaning what is defined in Article 2, Paragraph 6 of the Act on the Protection of Personal Information, and limited to those constituting an anonymously processed information database, etc., as prescribed in Article 16, Paragraph 6 of the same Act; the same shall apply hereinafter), the Company shall process personal information in accordance with the standards prescribed by the Rules of the Personal Information Protection Commission. * 14.2 When the Company has created anonymously processed information, it shall take measures for safety management in accordance with the standards prescribed by the Rules of the Personal Information Protection Commission. * 14.3 When the Company has created anonymously processed information, it shall publicly announce the items of information regarding individuals contained in said anonymously processed information pursuant to the provisions of the Rules of the Personal Information Protection Commission. * 14.4 When providing anonymously processed information (including that which is created by the Company and that received from third parties; the same shall apply hereinafter unless otherwise specified) to a third party, the Company shall, in advance, publicly announce the items of information regarding individuals contained in the anonymously processed information to be provided to the third party and the method of provision thereof, and shall clearly state to said third party that the information pertaining to said provision is anonymously processed information. * 14.5 When handling anonymously processed information, the Company shall not perform (1) collating the anonymously processed information with other information, or (2) acquiring information regarding descriptions, etc., or individual identification codes deleted from said personal information, or information regarding the processing methods implemented pursuant to the provisions of Article 43, Paragraph 1 of the Act on the Protection of Personal Information (item (2) applies only to said anonymously processed information received from a third party) in order to identify the Principal pertaining to the personal information used to create the anonymously processed information. * 14.6 The Company shall personally take necessary and appropriate measures for the safety management of anonymously processed information, handling complaints regarding the creation and other processing of anonymously processed information, and any other measures necessary to ensure the proper handling of anonymously processed information, and shall endeavor to publicly announce the details of said measures. ## 15. Utilization of Cookies and Other Technologies * 15.1 This Company's services may utilize Cookies and similar technologies. These technologies help the Company understand the utilization status of our services and contribute to service improvement. Users who wish to disable Cookies can do so by changing their web browser settings. However, disabling Cookies may render some functions of the Company's services unavailable. * 15.2 This Company's website uses Google Analytics, a service provided by Google LLC, to understand how visitors utilize our website. Please check the link below to understand how data is collected and processed by Google Analytics: ## 16. Inquiries Applications for disclosure, etc., opinions, questions, complaints, or any other inquiries regarding the handling of personal information should be directed to the contact office below: Actual Co., Ltd.\ E-mail: ## 17. Continuous Improvement The Company shall review the operational status regarding the handling of personal information as appropriate and endeavor to make continuous improvements, and may change this Privacy Policy as necessary. Enacted on August 1, 2025 --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.archix.ai/en/policies-and-legal/privacy-policy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.