Geek Guild Privacy Policy &
Processing of Personal Data of Users Living in the EEA (European Economic Area) [and the United Kingdom]


PRIVACY POLICY

Established on April 27, 2020; revised on September 27, 2020

This Privacy Policy explains the handling of information by Geek Guild Co., Ltd (the “Company”) on this website (the “Site”).

1. Collection of Information

The Company may collect the following types of information from users when users interact with the Company through the Site.

Information that users provide directly

The Company may collect the following types of information through users’ arbitrary use of the Site:
• Contact information, such as name, e-mail address, or telephone number
• Information regarding affiliations, such as companies or organizations
• Login information, such as ID and password
• Information that users provide to the Company when users contact the Company, comment on posts, purchase services, or otherwise interact with the Site

Automatically collected information

In addition, if users use an Internet Protocol (IP) address, a mobile phone, etc., specific information may be collected automatically by the Company’s systems, including device identifier, type of browser, operating system, internet service provider, pages that users have accessed before or after using the Site, date and time of access, information regarding links that users have clicked, pages that users viewed in the Site, and other standard server log information.

Integrations with Social Networking and Other Services

Users may activate or log in to the Site through various online services, such as Facebook, Twitter, or YouTube (collectively, “Platforms”). Users may be able to access a Platform, directly or indirectly, through the Site. The Company aims to enrich and personalize users’ online experiences by integrating Platforms in this manner. If a user adds a Platform account to the Site or logs in to the Site using the user’s Platform account, the Company may collect relevant information necessary for the Site to access the Platform and data that the Platform holds. In addition, the Company may share users’ information with Platforms to facilitate or strengthen distribution of data from those Platforms or the Site.

As a part of integration with a Platform, that Platform may permit the Company to access specific information that users have provided to that Platform, and, in this case, the Company will use, store, or disclose such information in accordance with this Privacy Policy. Please note, however, that each Platform’s methods of use, storage, and disclosure of user information are controlled by the privacy policy applicable to that Platform.

2. Purpose of use of personal information

The Company may use users’ information for the following purposes:

• providing SmallTrain (a deep learning framework adopting a highly accurate trained model and library), CacheAI, AI services that use SmallTrain and CacheAI or for CacheAI and user community related services, support, consultation, data storage services, etc. for CacheAI and SmallTrain individually;
• responding to users’ requests regarding the Site, such as information and inquiries;
• analyzing the status of use of the Site and users’ data and customizing the content displayed when users use the Site in order to understand, improve, and operate the Site; • preventing acts that are possibly banned or illegal acts and complying with obligations, including those under other terms of use and laws; and
• other purposes that are disclosed or consented to by users at the time of collection of information.

3. Measures to share information

The Company does not provide users’ personal data to any third party except in the following cases:

• if the Company entrusts all or a part of the handling of users’ personal data to third party vendors or service providers (the Company uses Formspree for its contact forms and entrusts Formspree with the handling of personal data concerning inquiries from users; please refer to Formspree’s privacy policy (https://formspree.io/legal/privacy-policy)):
• if provision is in accordance with laws and regulations;
• if provision is conducted as a consequence of a merger or succession of business for any other reason; or
• if the user in question agrees to provision.

4. Measures to protect information

The Company takes measures to protect information from loss, theft, misuse, fraudulent access, disclosure, falsification, and destruction.

5. Information from children

Whe Company does not intentionally collect or store information from children under the age of 13 years, unless doing so is permitted by law. Information that the Company may have inadvertently received from children under the age of 13 years is deleted upon provision of notice. If there is reason to believe that a child who is under the age of 13 years has provided personal information to the Company through the Site, please contact the Company. In such a case, the Company will endeavor to delete such information from its database.

6. Amendment to this Privacy Policy

The Company may amend this Privacy Policy. In such a case, the Company will publish the amended Privacy Policy on the Site.

7. Demand for disclosure and correction of personal data

Please contact the Company using the contact details provided in “8.” below with regard to procedures concerning making requests and the like for disclosure, correction, suspension of use, etc. of personal data held by the Company or to make comments, ask questions, or submit any other inquiries or complaints regarding handling of personal information.

8. Contact details

Please contact info@geek-guild.jp to make inquiries regarding handling of personal information and this Privacy Policy.


Geek Guild Co., Ltd.
Kyodaikatsura Venture Plaza North Building 310, 1-36, Goryo-ohara, Nishikyo-ku, Kyoto 615-8245

Processing of Personal Data of Users Living in the EEA (European Economic Area) [and the United Kingdom]

This Exhibit applies to processing of personal data of users living in the EEA (European Economic Area) [and the United Kingdom].

1. Controller

The controller for data processing is the Company. Please refer to “8.” of the Privacy Policy for contact details.

2. Legal basis, etc. for processing

The Company will process the personal data of users in accordance with the legal basis provided for in the GDPR (Articles 6 and 7). Further, the Company will process personal data of a sensitive nature, including users’ religious beliefs and health status, in accordance with special criteria provided for in the GDPR (Articles 9 and 10).

(1) If processing is required for the pursuit of legitimate interests
The Company will obtain and process the following personal data of users for the purpose of use of personal information set out in “2.” of this Privacy Policy because it is necessary to do so in order to pursue the Company’s legitimate interests (for details regarding the balancing test for legitimate interests, please inquire using the contact details provided for in “8.” of this Privacy Policy).

If the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, the Company will separately notify users whether those users are obliged to provide the personal data and of the possible consequences of failure to provide such data.

3. Storage period for personal data

The Company will store users’ personal data for the period necessary to fulfill the aforementioned purposes for obtaining and processing users’ personal data, the period for which the personal data must be stored under law, and the period necessary to prevent conflicts related to the Company. The specific storage period will be decided based on the following considerations: the purpose for obtaining and processing the personal data; the nature of the personal data; and the necessity of storing the personal data for legal or business reasons.

4. Rights of users

Users have the following rights regarding personal data obtained and processed by the Company.

Obtaining information regarding processing of data
Each user has the right to obtain from the Company all the requisite information regarding data processing activities by the Company that concern that user (Articles 13 and 14 of the GDPR). Access to personal data
Each user has the right to obtain from the Company confirmation whether or not personal data concerning that user are being processed, and, where that is the case, access to the personal data and certain information relating to that personal data (Article 15 of the GDPR).
Rectification or erasure of personal data
ach user has the right to obtain without undue delay the rectification of inaccurate personal data concerning that user and the right to have incomplete personal data completed (Article 16 of the GDPR). Each user also has the right to obtain the erasure of personal data concerning that user without undue delay where certain grounds apply (Article 17 of the GDPR).
Restriction on processing of personal data
ach user has the right to obtain restriction of processing of personal data where certain grounds apply (Article 18 of the GDPR).
Objection to processing of personal data
Each user has the right to object to processing of personal data concerning that user where certain grounds apply (Article 21 of the GDPR).
Data portability of personal data
Each user has the right to receive the personal data concerning that user in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller without hindrance from the Company where certain grounds apply (Article 20 of the GDPR).
Non-applicability of automated decision-making
automated processing, including profiling, that produces legal effects concerning that user or similarly significantly affects that user where certain grounds apply (Article 22 of the GDPR).
Withdrawal of consent
With respect to processing whose legal basis is user consent, each user has the right to withdraw consent at any time by a method that is separately designated by the Company at the time when the Company obtains the user’s consent. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

If a user intends to exercise any of the aforementioned rights, he or she is requested to inquire using the contact details provided in “8.” of the Privacy Policy.
A user may lodge an objection in relation to the processing of personal data by the Company with the Data Protection Supervisory Authority of the Member State where the user lives, where the user’s workplace is located, or where a violation of the GDPR occurs.