Good-Feel Co., Ltd. (hereinafter referred to as “the Company”), when engaging in Internet-related business such as the development and sale of software (including game applications), as well as the operation of websites, shall appropriately use, sincerely store and manage the personal information (hereinafter simply referred to as the “Personal Information”) of customers and the parties involved with the Company's business (hereinafter collectively referred to as the “Person in Question”) under the principle of compliance (legal compliance) and privacy protection, including the provisions of the Act on the Protection of Personal Information (including the guidelines and other regulations of the Ministry of Economy, Trade and Industry under the same Act).
(1) The Personal Information handled by the Company includes the name, sex, date of birth, age, email address, language used, name of the country and region of residence, IP address, information on cookies (including technologies similar thereto; hereinafter referred to as the “Cookies”), and browser history, etc. of the Person in Question. If the Person in Question signs up for a service on the Company website through a social media service, the Company may, in addition to the above, acquire the nickname, profile image and other content posted by the Person in Question on the social media service.
(2) In the following cases, the Person in Question is expected to provide Personal Information:
(1) The Company shall use the Personal Information provided by the Person in Question in accordance with Paragraph 1 above for the purpose of attaining the purpose and within the scope thereof as shown in the following examples. However, the case set forth in (2) below shall not be subject to the restriction under this paragraph:
(2) The cases set forth in the proviso of the preceding paragraph are as follows:
When changing the purpose stated in Paragraph 2-(1) above, the Company shall notify the Person in Question or make an announcement (in principle, such announcement shall be made by posting the information on the website). However, this shall not apply to the following cases:
The Company shall endeavor to keep personal data (compiled database of Personal Information) accurate and up-to-date to the extent necessary for attaining the purpose of use.
When outsourcing all or part of the handling of personal data, the Company shall perform necessary and proper supervision of the outsourcee so as to facilitate security control.
If the Person in Question requests that the Company notify them of the purpose of use of the retained personal data (personal data which the Company is authorized to disclose, correct and delete), the Company shall, in principle, verify the identity of the Person in Question, and then give such notification without delay. However, this shall exclude the cases stated in the proviso of Paragraph 3 above.
The Company shall not, except in the cases listed below, provide or disclose Personal Information the Company receives to any third party without obtaining the consent of the Person in Question beforehand:
If the Person in Question requests that the Company disclose the retained personal data which can be used to identify the said individual, the Company shall verify the identity of the Person in Question, and then disclose such information without delay. However, this shall exclude the case where such disclosure violates laws and regulations, or where such disclosure is deemed likely to significantly hinder the proper operation of the Company's business.
If the Company receives a request from the Person in Question for the correction or other alteration of the retained personal data concerning the said individual on the grounds that there is an error in the data, the Company shall in principle, upon verifying the identity of the Person in Question, make the correction and notify the Person in Question without delay. If the Company receives a demand for suspension of use and deletion of the retained personal data (hereinafter referred to as the “Suspension of Use, etc.”) on the grounds that it violates a law or regulation, and when the grounds for the Suspension of Use, etc. are found, the Company shall implement the Suspension of Use, etc. to the extent necessary for correcting such violation and also notify the Person in Question without delay.
The Company shall perform security control of personal data and take preventive measures against unauthorized access, leakage, loss, falsification, etc.
As stated in Chapter II, Paragraph 6, when the Person in Question is under 16 years old, the Person in Question is expected to provide Personal Information after obtaining the consent of a person with parental authority.
In accordance with the EU General Data Protection Regulation (the “REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC”; hereinafter referred to as the “GDPR”), the provisions in Chapter II in addition to Chapter I shall apply to the handling of Personal Information of the Person in Question residing in the European Economic Area comprised of the EU member countries, Norway, Iceland and Liechtenstein (hereinafter collectively referred to as the “EEA”). If the provisions of Chapter I come into conflict with those of Chapter II, the provisions of Chapter II shall prevail.
The purpose of this Policy is to explain how the Company, acting as the controller, gathers and processes personal data, which has been provided or disclosed by a person residing in the EEA (hereinafter referred to as the “Data Subject”), or which the Company has received or acquired through a third party.
The method and purpose for handling the Personal Information of the Person in Question by the Company, types of the Personal Information of the Person in Question handled by the Company, and the provision of the Personal Information of the Person in Question to third parties are as stated in Chapter I, Paragraph 1 through Paragraph 7.
In principle, the consent of the Person in Question provides the legal basis for the use of Personal Information by the Company. If the Person in Question does not give his/her consent, the following form the legal basis for the use of Personal Information; as a necessity for performing a contract with the Person In Question, as a necessity for executing the procedures according to a request from the Person in Question before the execution of the contract, as a necessity for legitimate interests sought by the Company or a third party, or as a necessity for complying with legal obligations which the Company is to assume. An increase in profit, etc. due to improvements, etc. of marketing and services, improvements, etc. of the accessibility and security of the Company website fall under “legitimate interests sought by the Company or a third party.”
In addition to complying with Chapter I, Paragraph 6 (Notification of Purpose of Use), Paragraph 8 (Request for Disclosure), Paragraph 9 (Correction and Suspension of Use of Personal Information), the Company shall respond to requests concerning the Personal Information of the Person in Question residing in the EEA within a reasonable period of time and scope as follows. Note that when processing a request, the Company shall verify the identity of the Person in Question in advance.
(1) Requests concerning withdrawal of consent
Upon confirming the details of a request, the Company shall delete or suspend the use of the content concerning the Personal Information of the Person in Question to the appropriate and possible extent. Note that as a result of the suspension of use or deletion, the Company may become unable to provide services which have been available or services which meet the needs of the Person in Question. Fully understand the above before filing a request.
(2) Request concerning data portability
Upon confirming the details of a request, the Company shall deliver or receive the Personal Information desired by the Person in Question to the appropriate and possible extent.
(3) Handling of requests restricting the use of Personal Information
Upon confirming the details of a request, the Company shall undergo the procedures desired by the Person in Question to the appropriate and possible extent.
(4) Requests concerning filing of objections
Upon confirming the details of a request, the Company shall suspend the use of the Person in Question’s Personal Information to the appropriate and possible extent.
(5) Making requests
The Person in Question may contact the below-mentioned “Contact Address for Inquiries” to exercise the rights provided for in this paragraph.
If the Company is compelled to internationally transfer the acquired personal data to a third country outside of the EEA, the Company shall take proper protective measures necessary for international data transfer. When conducting marketing, business activities or service provision for the Company's various businesses, the Company may use a server provided by an overseas service operator.
When using the Company's services and other similar items, if a Person in Question residing in the EEA is under 16 years old or has not reached the age limit under the laws of the EU member country, the Person in Question is expected to obtain the consent of a person with parental authority or obtain the person with parental authority's permission to give him/her consent. If the person with parental authority files or fills out an application for use, etc. of the Company's services on behalf of the Person in Question, the person with parental authority is expected to obtain the consent of the Person in Question with respect to the handling of the Personal Information by the Company before filing the application.
The Company shall store and manage the personal data acquired or gathered from the Person in Question for a required period according to the purpose stated above. If the personal data becomes unnecessary in light of the purpose stated above, the Company shall, in principle, delete the personal data promptly.
The Company may analyze the access logs of the Company website. However, the Company shall not perform automated processing (including profiling) for analyzing and forecasting the personal preferences and actions of the Data Subject by utilizing the Personal Information provided, and decision-making which legally affects the Data Subject.
With respect to the processing of the relevant Personal Information, the Person in Question has the right to raise an objection to the data protection authorities having jurisdiction over the place of residence of the Person in Question. Data protection authorities in the respective countries can be checked at the URL below:
The contact address for inquiries with respect to Chapter I, Paragraphs 6, 8 and 9, and Chapter II, Paragraph 4 is stated below. The Company shall endeavor to process complaints and opinions sent to us appropriately and promptly.
Good-Feel Co., Ltd.
TOC Building, 7-22-17 Nishi-Gotanda, Shinagawa-ku, Tokyo 141-0031
Established on September 1, 2008
Last revised on August 22, 2019
Representative Director, Shigeharu Umezaki