This Privacy Policy outlines how we collect, store, use, and protect your personal data, informing you of your privacy rights. Before using our website, our services, or contacting us, please read this Privacy Policy carefully.

If you do not wish your personal data to be processed as described in this Privacy Policy, please refrain from providing it to us. Be aware that this may impact our service provision, your access to our website, the use of certain website features, and your feedback.

 

Article 1: Scope

This Privacy Policy applies to the processing of your personal data related to the General Data Protection Regulation (GDPR), including the UK GDPR, limited to the European Economic Area (EEA) member states and the United Kingdom.

 

Article 2 (Definition)

Terms used in this Privacy Policy are defined as follows:

• "Applicable Privacy Laws" refer to privacy-related regulations, including the General Data Protection Regulation (GDPR) of the European Union (EU) and relevant national implementing laws.
• "Personal Data" means information about identified or identifiable natural persons processed by us according to Article 3 of this Privacy Policy.
• "Privacy Policy" refers to this document.
• "Processing" means any single or series of operations performed on Personal Data or sets of Personal Data, whether by automated means or otherwise (including collecting, recording, editing, compiling, composing, storing, modifying and/or altering, retrieving, referencing, using, disclosing by transmission, distributing or otherwise making available, aligning and/or combining, limiting, erasing and/or destroying).
• "Controller" means a natural or legal person, government authority, agency or any other person who, alone or jointly with others, determines the purposes and methods of the processing of Personal Data. The data controller in this Privacy Policy is us (Jeane Co., Ltd.).
• "Website" refers to https://yugen-gallery.com.

Article 3 (Personal Information Collection)

1. We may collect the following personal data from users of our website:

• Contact Information: Name, address, company name, department, job title, phone number, email address, and other similar information.
• Technical details related to your access to our website: Your IP address, cookies, operating system, browser type (for accessing our website), details of the device you are using (serial number of your device, unique identification number, MAC address, etc.)and other similar information. Technical and event-based data regarding the use of your device (e.g. Internet and Bluetooth combination and connection data, session times, etc.).
• Other information you provide to us: opinions and any other information you provide, etc. 

2.We do not collect sensitive or criminal personal information related to criminal offenses, except as required by applicable privacy laws.Additionally,  We do not intend to collect personal data (directly) from minors.

Article 4 (Legal Basis for Data Processing)

We may process personal data for the following purposes based on our legitimate interests and the necessity to provide you with appropriate products and services:

1. When you have given consent.

2.For our legitimate interests, provided that your data protection rights do not override our interests, including:

• Providing our products and services to you.
• Ensuring the continuity of our business.
• Providing, improving, developing our products, services, and advertisements.
• Communicating our policies and terms to you.
• Promoting safety and security.
• Using personal data for business management, data analysis, research, audits, etc.
• Ensuring the most effective delivery of content on our website to you.
• Notifying you of changes to our products or services.
• Managing your account.
• Fulfilling our legal obligations, exercising our legal rights, or protecting the rights of third parties.

(3) When necessary to fulfill a legal obligation.

(4) When necessary to protect our legitimate interests and legal rights, provided that your data protection rights do not override our interests.

(5) To protect our legitimate business interests and legal rights, including but not limited to compliance with laws, regulations, audits, legal claims (including disclosure of relevant information in legal proceedings or lawsuits), and other reporting requirements related to ethics and legal compliance.

Article 5 (Purposes of Personal Data Processing)

1. We may process personal information for the following purposes:

• Providing our products and services to you.
• Ensuring the continuity of our business.
• Managing services related to our employees and their employment relationships.
• Providing, improving, developing our products, services, and advertisements.
• Communicating our policies and terms to you.
• Promoting safety and security.
• Using personal information for business management, data analysis, research, audits, etc.
• Ensuring the most effective delivery of content on our website to you.
• Notifying you of changes to our products or services.

2. We may also process personal information for the following purposes:

• To comply with our obligations to our employees, suppliers, vendors and other third parties who provide services to us.
• To comply with our legal and regulatory obligations and requirements around the world (including reporting to and/or being audited by national and international regulatory bodies)
• Administer employment applications
• To prevent and detect fraud and crime
• Manage the security of and access to our systems, facilities, platforms, websites and applications
• To exercise and/or defend our legal rights in response to a court order
• To protect the rights of third parties
• To protect other legitimate business purposes
• To meet other purposes as allowed or required by applicable laws

3. We will process personal data in accordance with applicable privacy laws as outlined in this Privacy Policy.

4. If at the time of collecting personal data, we intend to process it for purposes other than those specified above, we will provide information about those additional purposes and all relevant additional information before further processing.

Article 6 (Sharing of Personal Data)

We may share your personal data with third parties under the following conditions:

1. Conditions for Data Sharing

We will share your personal data with third parties only under the following circumstances:

• The disclosure is necessary for the provision of the third party's services or for the third party's participation. For example, the third party may only have access to personal information that is necessary to provide the service.
• The third party is under a duty of confidentiality with respect to the personal data.
• The third party is required to comply with applicable data protection laws.

2. Sharing Personal Information

We may share all or part of the information specified in Article 3 above with the following parties (third parties)

• Cooperating companies and individuals who perform services on our behalf.
• Airlines, shipping companies, trucking companies, warehouses, accounting firms, consulting firms, law firms, insurance companies, other government agencies, marketing agencies, market research agencies, Internet hosting providers and payment processors and other related subcontractors and service providers, our contracted artists.
• Data processors of our affiliated companies authorized, appointed, or engaged for the stated purposes, including accounting firms, audit firms, insurance companies, and tax accountants.
• Competent authorities, such as the police and authorities in the country of transit or destination (or customs procedures, subject to the laws of each country)
• Other third parties who need to know the information.

Article 7 (Disclosure of Personal Data to Third Parties)

We may transfer personal data to entities outside the European Economic Area (EEA) or jurisdictions within Japan, which may not have the same data protection laws as the EEA and may not recognize many of the rights afforded to data subjects within the EEA. If we transfer your personal data outside the EEA, we will ensure that your personal data is protected in accordance with the legal requirements applicable to that personal data. If your personal data is transferred outside the EEA, you can obtain more detailed information about the protection of that personal data by contacting us.

1. Transfer outside the EEA

Some of the third parties to whom we entrust your personal data are based outside the EEA and/or the UK ("GDPR Third Countries"). When transferring data from the EEA or the UK to GDPR Third Countries, such transfers will be carried out in accordance with the General Data Protection Regulation (GDPR) and UK GDPR, as well as any additional recommendations or decisions issued by the European Data Protection Board, European Commission, and other competent authorities. In the case of transfers outside the EEA or the UK, the reasons for such transfers are set out below. Please note that if we collect personal data directly from you, this will not constitute a transfer.

2. Legitimacy of Transfer outside the EEA and the UK

When transferring your personal data to GDPR Third Countries, we will always ensure that at least one of the protective measures below is implemented to ensure the same level of protection:

-The legitimacy of transferring your personal data to GDPR Third Countries may be based on the so-called adequacy decision of the EU. Adequacy decision means that the European Commission recognizes that data protection in a specific country is at the same level as under the GDPR. This applies, for example, when transferring your personal data from the EEA to Japan.

-If adequacy decision is not applicable to GDPR Third Countries when transferring personal data to these countries, we will conclude European Commission's model clauses on data protection, also known as Standard Contractual Clauses ("Transfer SCC"), or UK transfer contracts approved by the ICO.If additional measures are deemed necessary based on applicable privacy laws, we will take additional measures, which may include technical, organizational, and/or contractual measures.

Article 8 (Security)

1. We will implement appropriate organizational and/or technical security measures to protect personal data and prevent its unauthorized use, loss, or alteration. Only employees, agents, contractors, and other third parties who need to know the personal data will be granted access. These individuals are bound by confidentiality obligations based on their employment or (data processing) contracts.

2. When we entrust the handling of your personal data, we will require such contractors to maintain appropriate security controls under the terms of the contract, and we will conduct necessary and appropriate monitoring of such contractors.

Article 9 (Retention period)

1. We will not retain personal data beyond the scope necessary for the purposes for which it was collected.

2. A data subject of personal data may at any time request us to delete such personal data. In addition, we will delete such personal data when it is no longer necessary for the purposes for which it was collected or processed.

Article 10 (Cookies)

1. We use  cookies to enable the proper functioning of the website.

2. Cookies are information stored by the browser on the computer of website users. We use different types of cookies depending on the purpose.

• Functional cookies: Necessary cookies for the proper functioning of this website, including cookies required for account creation.
• Analytical cookies: Cookies used to obtain information about the use of this website (or its parts) by users. This information allows us to improve the website as much as possible according to what users find interesting and important. We use the data obtained from such cookies solely for the purpose of analyzing the usage of this website.

3. For the purpose of improving the quality and effectiveness of this website, we may use third-party cookies. For example, we use Google Analytics configured with privacy. Google Analytics processes IP addresses on our behalf.

4. Cookies are enabled by default in most browsers. Users of this site may configure their browsers to refuse cookies or to notify them when cookies are sent. However,if cookies are disabled, some features or services on our or other websites may not function properly.

Article 11 (Data Breach)

We have established mechanisms and policies to promptly identify and analyze security breaches that may lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data held by us. Depending on the analysis results, we will notify the supervisory authorities as required and notify affected data subjects (which may include you).

Article 12 (Rights of data subjects)

1. If the processing of personal data is based on consent, the data subject of personal data has the right to withdraw their consent at any time.

2. The data subject of personal data has the right to request access to their personal data. This allows the data subject to receive a copy of their personal data held by us.

3. The data subject of personal data has the right to request the correction of their personal data held by us. This allows the data subject to correct incomplete or inaccurate data held by us.

4. The data subject of personal data has the right to request the deletion of their personal data held by us. This entitles us to delete personal data that we have processed without a legitimate reason.

5. The data subject of personal data has the right to object to the processing of personal data by us for our legitimate interests. If we process personal data for direct marketing purposes, we will always accept objections from data subjects of personal data.  If we are processing personal data for other purposes, we will stop processing personal data unless there are imminent legitimate reasons  (i) that override the interests or rights and freedoms of the data subject of personal data, or (ii) in connection with the institution or conduct of legal proceedings or for the purpose of proving a claim.

6. The data subject of personal data has the right to request restrictions on the processing of their personal data.

7. The data subject of personal data has the right to request the transmission of their personal data to themselves or a third party. We will provide the data subject's personal data to the specified data subject or third party in a structured, commonly used, and machine-readable format. Please note that these rights only apply to automatically processed information to which the data subject has originally consented or for which we have previously fulfilled a contract with the data subject.

8. The aforementioned rights can be exercised free of charge. If we receive a request from the data subject of personal data, we will provide information about the subsequent situation within one month and, in any case, will provide information within two months of receiving the request. This period may be extended by an additional two months depending on the complexity and number of requests. We will notify the data subject of personal data of such an extension within one month of receiving the request.

9. If the requests from a data subject are manifestly unfounded or excessive, in particular if the same request is made repeatedly, we will charge the data subject reasonable costs or refuse to comply with the user's request.

10. In addition to the aforementioned rights, the data subject of personal data has the right to lodge a complaint with the supervisory authority (especially the supervisory authority in the EU member state where the data subject of personal data habitually resides, works, or the place where the alleged GDPR violation occurred). However, we would appreciate the opportunity to address the concerns before the data subject of personal data contacts the supervisory authority. For issue resolution, please contact us first before reaching out to the supervisory authority. We welcome the opportunity to address and resolve any concerns you may have.

Article 13 (Contact information)

If you have any questions, complaints, or wish to exercise any of the rights set forth in Article 12 of this Privacy Policy, please contact us at the following address:

3F Totate International Building, 2-12-19 Shibuya, Shibuya-ku, Tokyo 150-0002

Jeane Corporation

TEL: 0363806165 (Available: Weekdays 10:00-19:00)

Article 14 (External Links)

This website may contain information (hyperlinks, banners, etc.) from third parties. We do not control such third party information and are not responsible for compliance with applicable privacy laws and regulations on behalf of such third parties. Website users are advised to carefully read the privacy policies of any third party websites they visit.

Article 15 (General provisions)

1. We reserve the right to regularly revise this Privacy Policy. Data subjects of personal data are responsible for regularly reviewing the applicable provisions.

2. If any provision of this Privacy Policy conflicts with the law, the provision will be replaced to the extent permitted by law with a provision that reflects the original intent of the provision. In such a case, the remaining provisions will continue to apply and remain unchanged.