Privacy Policy

Effective Date: December 24, 2025
Last Updated: February 25, 2026

AI-zen, Inc. ("the Company", "we", "our") establishes this Privacy Policy ("Policy") regarding the handling of personal information and other data obtained through the provision of the "StandBy" service ("the Service"). We handle such information in accordance with the Act on the Protection of Personal Information of Japan ("APPI") and other applicable laws and regulations.

1. Business Operator (Personal Information Handling Business Operator)

Name: AI-zen, Inc.
Address: Tsukuba Industry Promotion Center, 2-5-1 Azuma, Tsukuba City, Ibaraki 305-0031, Japan
Representative: Daigo Yokota
Contact: info@ai-zen.co.jp (Email is the primary contact method)

2. Information We Collect

We collect the following categories of information in connection with the Service:

Account Information: Email address, username, authentication information, configuration settings, and related data.
User Content: Audio recordings, text, images, and associated metadata (including timestamps, location information if provided, device information, etc.), and any other data stored by users through the Service.
Generated Content: Transcriptions, summaries, notes, task extraction results, search indices, reports, and other outputs generated by the Service.
Usage Information: Access logs, activity logs, crash logs, and device/browser information (including IP address).
Support Information: Inquiries, communications, support history, and related records.
Billing Information: Subscription status and related billing data. (Credit card numbers and similar sensitive payment information are handled by the payment processor and are generally not stored by the Company.)

3. Purposes of Use

We use the collected information for the following purposes:

To provide and operate the Service (including recording, storage, transcription, summarization, search, export, and other features).
To perform processing using external AI services and to improve service quality (including error correction and performance enhancement).
To verify identity, authenticate users, maintain security, and prevent unauthorized use.
To respond to inquiries and provide customer support.
To manage billing, payments, and contractual relationships.
To analyze usage and improve or develop the Service (including creation of statistics that do not identify individuals).
To comply with laws and regulations, respond to disputes, and protect our rights.

4. Use of External AI Services (Including Transmission of Audio Data)

We use external AI service providers to deliver certain functions of the Service. User Content, including audio recordings, text, and associated metadata, may be transmitted to and processed by such external providers. The external AI service providers currently used by the Service include the following:
- Google LLC (Gemini API) — for text generation and analysis
- OpenAI, Inc. (OpenAI API) — for text generation, analysis, and embedding
- Anthropic, PBC (Claude API) — for text generation and analysis
We have configured all external AI service providers listed above to opt out of using User Content for training or improving their machine learning models. We require such providers, through contracts, API configurations, or equivalent operational measures, not to use User Content provided by us for such purposes.
We do not use User Content for training or fine-tuning our own machine learning models unless the user has given explicit prior consent.
The list of external AI service providers may be updated from time to time. Any material changes will be reflected in this Policy.

5. Entrustment to Third-Party Processors

We may entrust all or part of the processing of collected information to third-party processors as necessary for the purposes stated in this Policy. Such processors may include cloud infrastructure providers, external AI service providers, payment processors, customer support operators, and security-related service providers.
We supervise such processors appropriately in accordance with applicable laws.

6. Third-Party Provision

We do not disclose personal data to third parties without obtaining the user's consent, except in the following cases:

When required by law;
When necessary to protect the life, body, or property of a person and obtaining consent is difficult;
When necessary for public health or the sound development of children and obtaining consent is difficult;
When cooperating with government agencies, and obtaining consent may impede such operations;
When entrusted to third-party processors for the purposes described in this Policy;
In the event of business succession through merger, acquisition, or other transfer;
Any other cases permitted under applicable laws and regulations.

7. Transfer to Third Parties Located Outside Japan

For the provision of the Service, we may transfer User Content (including audio data) and other information to processors located outside Japan, including the United States.
In accordance with APPI, we provide necessary information and obtain consent as required for the transfer of personal data overseas. Information regarding the relevant foreign data protection systems and the safeguards implemented by such processors is available through this Policy or upon request.

8. Retention and Deletion (No Backups)

We do not create backups of User Content or Generated Content.
When users delete their data within the Service or terminate their account, we will promptly delete such data from our operational systems.
However, records that must be retained under applicable laws, payment and billing records, and minimal data necessary for fraud prevention and security may be retained for the legally required or operationally necessary period.

9. Security Measures

We implement organizational, personnel, physical, and technical safeguards to prevent leakage, loss, or damage of collected information.
Such measures include access controls, encryption, permission management, monitoring, and other industry-standard security practices.
Details may be disclosed upon request to the extent reasonable.

10. User Rights (Requests for Disclosure, etc.)

In accordance with APPI and other applicable laws, users may request notification of purposes of use, disclosure, correction, addition, deletion, suspension of use, and disclosure of third-party transfer records concerning their personal data.
Requests may be submitted to the contact point below. We may require additional information to verify identity.
Contact: info@ai-zen.co.jp
Requests are generally free of charge. However, if requests are repetitive or excessive, we may charge fees to the extent permitted by law.

11. Information Concerning Third Parties Recorded by Users

Users may record audio that contains speech or other information of third parties. Users are responsible for obtaining any consent required under applicable laws before making such recordings.
If a third party believes that information concerning them is being processed through the Service, they may contact the address above. We will review and respond to such inquiries within a reasonable scope.

12. Minors

The Service is not intended for individuals under the age of 13.
Minors may use the Service only with the consent of a parent or legal guardian.

13. For U.S. Residents (Where Applicable)

To the extent that U.S. state privacy laws such as the California Consumer Privacy Act (CCPA/CPRA) apply, users have rights including access, deletion, correction, and the right to opt out of certain data practices.
We do not "sell" personal information, nor do we "share" it for cross-context behavioral advertising as defined under applicable U.S. law.
We may provide personal information to service providers only within the scope necessary to provide the Service and subject to appropriate contractual restrictions.
Exercise of Rights: info@ai-zen.co.jp

14. Amendments

We may revise this Policy as necessary.
When significant changes are made, we will notify users through methods we deem appropriate.

End of Policy