Privacy Policy

Last updated: April 17, 2026

Tomoki Yasui ("Operator") establishes this Privacy Policy regarding the handling of users' personal information in the AI model customization service "AI Rakuraku Ordermade" ("Service").

1. Personal Information Collected

• Account information: Email address and authentication data (collected through Supabase Authentication)
• Payment information: Credit card data is processed directly by Stripe, Inc. The Operator does not store card numbers. We receive transaction IDs, payment status, and amounts from Stripe.
• Usage data: Access logs, IP addresses, browser type/version, OS information, referrer URLs, page views, and timestamps
• Training Data: Files uploaded by users (text, PDFs, etc.) and URLs entered for training
• Inquiry information: Name, email address, and content provided through the contact form

2. Purpose of Use

1. Providing, operating, and maintaining the Service
2. User authentication and account management
3. Processing payments
4. Responding to user inquiries
5. Improving the Service and developing new features
6. Investigating violations of the Terms of Service
7. Sending important notices about the Service
8. Purposes incidental to the above

3. Third-Party Disclosure

The Operator will not disclose personal information to third parties except in the following cases:

• With the user's consent
• When required by law (court orders, law enforcement requests, etc.)
• When necessary to protect life, body, or property and obtaining consent is difficult
• When shared with the following service providers to the extent necessary for the Service:
  • Stripe, Inc.: Payment processing (Stripe Privacy Policy)
  • Supabase Inc.: User authentication and database management (Supabase Privacy Policy)
  • Cloud GPU provider: Executing AI training processes

4. Handling of Training Data

• Training Data is used solely for fine-tuning AI models within the Service.
• The Operator will not reuse Training Data to improve its own AI models or for any other secondary purpose.
• Training Data is automatically deleted from our servers within 30 days after training completion.
• Users may request immediate deletion of their Training Data via the contact form or email.

5. Security Measures

• SSL/TLS encryption for all communications
• Access control and authentication for databases
• Regular security assessments and vulnerability remediation
• Measures to prevent unauthorized access to personal information

6. Use of Cookies

The Service uses cookies and similar technologies for:

• Maintaining user sessions (keeping you logged in)
• Preserving language preferences
• Analyzing and improving service usage

You can disable cookies through your browser settings, but some features of the Service may become unavailable.

7. Your Rights

You may make the following requests by contacting us at contact@ai-rakuraku.jp. We will respond within a reasonable timeframe.

• Disclosure of personal information held about you
• Correction, addition, or deletion of inaccurate personal information
• Suspension or erasure of your personal information
• Cessation of third-party disclosure of your personal information

8. Data Retention Periods

• Account information: Deleted within 30 days of account deletion
• Payment records: Retained for the legally required period (up to 7 years)
• Training Data: Deleted within 30 days of training completion
• Access logs: Retained for 1 year from collection
• Inquiry information: Retained for 1 year after resolution

9. Contact

For inquiries regarding this Privacy Policy, please contact us at: contact@ai-rakuraku.jp

10. Changes to This Policy

1. The Operator may revise this Policy due to changes in law, service modifications, or other reasons.
2. Significant changes will be communicated via the Service or email.
3. Continued use of the Service after a revision constitutes acceptance of the revised Policy.

Effective: April 17, 2026