Privacy Policy

Document Information

Last Updated: July 10, 2025
APPI 2025 Compliance: This policy reflects the latest amendments to Japan's Act on Protection of Personal Information (APPI), effective April 1, 2025.

1. Information We Collect

1.1 Personal Information

We collect information you provide directly to us, such as when you:

  • Create an account or register for our services
  • Use our event management platform
  • Contact us for support or sales inquiries
  • Subscribe to our newsletter or marketing communications
  • Participate in surveys or provide feedback

1.2 Sensitive Personal Information

We may collect the following sensitive information with your explicit consent:

  • Health Information: Dietary restrictions, accessibility needs, or medical emergency contacts
  • Financial Information: Payment details and transaction history

1.3 Event Data

When you use Event Stacks, we collect and process:

  • Event details, participant information, and venue data
  • Sales and transaction records
  • Task and project management data
  • Staff and volunteer information
  • Analytics and usage data from your events
  • Video/photo content from events (with appropriate consent)

1.4 Automatically Collected Information

We automatically collect certain information when you use our services:

  • Log data including IP addresses, browser type, and access times
  • Device information and operating system details
  • Usage patterns and feature interactions
  • Location data (with your explicit permission)
  • Cookies and similar tracking technologies

2. How We Use Your Information

We use the information we collect for the following specific purposes:

2.1 Service Delivery

  • Provide, maintain, and improve our event management services
  • Process transactions and manage your events
  • Authenticate users and prevent fraud
  • Provide customer support and respond to inquiries

2.2 AI and Analytics

AI Development Framework

Under APPI 2025 provisions, we may process pseudonymized data for AI model training and improvement within the legal framework for AI development, ensuring individual privacy protection through advanced anonymization techniques.

  • Analyze usage patterns to improve our platform
  • Develop AI-powered features for event optimization
  • Generate anonymized statistical insights
  • Personalize content and recommendations

2.3 Communication

  • Send technical notices and security updates
  • Provide customer support
  • Send marketing communications (with explicit consent)
  • Notify you of service changes or new features
  • Comply with legal obligations and regulatory requirements
  • Protect our rights and prevent abuse
  • Respond to legal requests and court orders
  • Maintain business records for audit purposes

3. Information Sharing and Disclosure

We follow a strict "no sale" policy and only share your information in the following circumstances:

We share information when you explicitly consent to such sharing. You can withdraw consent at any time.

3.2 Service Providers

We work with trusted third-party service providers under strict data processing agreements:

  • Cloud hosting and infrastructure providers (AWS, Google Cloud)
  • Payment processing companies
  • Analytics and monitoring services
  • Email delivery services

3.3 Opt-Out Data Sharing

For certain data sharing arrangements, we may use an opt-out mechanism with:

  • Clear notification of sharing purposes and recipients
  • Easy-to-use opt-out procedures
  • Regular review and notification updates
  • Enhanced record-keeping of opt-out requests

We may disclose information when required by law or to protect our rights and users' safety.

4. Data Security

Security Commitment

We implement comprehensive security measures aligned with industry best practices to protect your personal information:

4.1 Technical Safeguards

  • End-to-end encryption for data in transit and at rest
  • 2-factor authentication for all administrative access
  • Regular security vulnerability assessments
  • Automated threat detection and response systems

5. Your Rights and Choices

Under the APPI and anticipated 2025 amendments, you have the following rights:

5.1 Access and Correction

  • Request access to your personal information
  • Request correction of inaccurate data
  • Request suspension of use or deletion of your data
  • Request details about data processing purposes and third-party sharing

5.2 How to Exercise Your Rights

To exercise these rights:

  • Contact us at info@eventstacks.io with "APPI Request" in the subject
  • We will verify your identity and respond within 30 days
  • No fee required for reasonable requests

6. Additional Information for Users in Japan

6.1 Data Controller

trainspot KK 3-24-3 Asakusabashi, Taito-ku, Tokyo 111-0053, Japan
Representative: Malik Kusters
Email: info@eventstacks.io

6.2 AI Cooperation

In accordance with Japan's AI promotion framework, we cooperate with government initiatives on AI development and may participate in data collection efforts for national AI strategy development.

6.3 PPC Contact Information

For inquiries or complaints, contact the Personal Information Protection Commission:
Website: https://www.ppc.go.jp/
Email: privacy@ppc.go.jp

7. Changes to This Policy

We may update this policy to reflect:

  • Changes in applicable laws and regulations
  • Evolution of our services and business practices
  • Feedback from users and regulatory authorities
  • Industry best practices and security improvements

8. Contact Us

Get in Touch

For questions about this policy or to exercise your rights:

  • Email: info@eventstacks.io
  • Address: Event Stacks Privacy Team, 3-24-3 Asakusabashi, Taito-ku, Tokyo 111-0053, Japan