PRIVACY POLICY

Privacy Policy of AN&EL LLC

1. General Provisions

AN&EL LLC (registration address: VISHU Bldg, 1F, 5 Chome-17-4 Toyo, Koto City, Tokyo 135-0016), hereinafter referred to as the “Company,” operates a beauty salon and processes personal data of clients and other data subjects using personal data information systems, including its official website [Insert Website URL] and other online platforms linked to this Policy.

The Company acts as a personal data operator in accordance with the current legislation of Japan, including the “Law on the Protection of Personal Information” (Law No. 57, May 30, 2003). The Company ensures the security and confidentiality of all personal data collected.

For the purposes of this Policy, personal data refers to any information provided by users through the Company’s website, mobile applications, or other communication channels, relating to an identified or identifiable person.


2. Collection of Personal Data

The Company collects personal data through various methods, including:

  • Personal data provided by clients:

    • Full name

    • Contact information (phone number, email address, etc.)

    • Appointment details and service history

    • Payment and billing details (if applicable)

    • Feedback and preferences related to salon services

  • Passive data collection through website and applications:

    • Device location when using the Company’s mobile application

    • IP addresses and cookies

    • Website interaction data, including visited pages, session duration, and referral sources

    • Technical details such as browser type, operating system, and screen resolution

    • Detection of automated access attempts to ensure security

The Company may utilize third-party services to collect statistical data, including analytics and advertising tools. These third-party services manage their own data storage, and their data processing is governed by their respective policies. The Company is not responsible for the localization of third-party servers but ensures compliance with applicable laws.


3. Principles and Conditions for Processing Personal Data

The processing of personal data by the Company is carried out in accordance with the following principles:

  • Lawfulness and fairness

  • Limited processing for specific and legitimate purposes

  • Accuracy, sufficiency, and relevancy of collected data

  • Confidentiality and security measures to prevent unauthorized access or disclosure

Personal data is processed only when necessary for:

  • Booking and providing beauty salon services

  • Customer relationship management and communication

  • Marketing and promotional activities (with user consent)

  • Compliance with legal and regulatory requirements

Personal data may be shared with third-party service providers (e.g., payment processors, appointment booking systems) with the data subject’s consent unless otherwise required by law. The Company ensures that all third parties comply with confidentiality and security obligations.


4. Rights of Data Subjects

Clients and other data subjects have the following rights under Japanese law:

  • Request clarification, correction, or deletion of personal data

  • Withdraw consent for data processing

  • Obtain details on data processing activities and storage duration

  • Request notification of any corrections or updates made to their personal data

  • File complaints with relevant regulatory authorities in case of suspected violations

To exercise these rights, clients may contact the Company via email at [Insert Contact Email] or by mail at the Company’s address.

The Company is not responsible for inaccurate or false information provided by the client.


5. Implementation of Data Protection Measures

The Company takes necessary legal, organizational, and technical measures to protect personal data against unauthorized access, loss, alteration, or misuse. These measures include:

  • Secure storage and encryption of sensitive information

  • Access control mechanisms for authorized personnel only

  • Regular security assessments and updates to data protection protocols

  • Monitoring of unauthorized access attempts and system vulnerabilities

All employees handling personal data undergo training on data protection laws and policies. The Company continuously improves its security framework to comply with evolving legal and regulatory standards.