Privacy Policy
Document Information
Last Updated: July 10, 2025
APPI 2025 Compliance: This policy reflects the latest amendments to Japan's Act on Protection of Personal Information (APPI), effective April 1, 2025.
1. Information We Collect
1.1 Personal Information
We collect information you provide directly to us, such as when you:
- Create an account or register for our services
- Use our event management platform
- Contact us for support or sales inquiries
- Subscribe to our newsletter or marketing communications
- Participate in surveys or provide feedback
1.2 Sensitive Personal Information
Enhanced Protection
In compliance with the APPI 2025 amendments (effective April 1, 2025), we apply stricter handling requirements to sensitive data categories including biometric data and personal identification information.
We may collect the following sensitive information with your explicit consent:
- Health Information: Dietary restrictions, accessibility needs, or medical emergency contacts
- Financial Information: Payment details and transaction history
1.3 Event Data
When you use Event Stacks, we collect and process:
- Event details, participant information, and venue data
- Sales and transaction records
- Task and project management data
- Staff and volunteer information
- Analytics and usage data from your events
- Video/photo content from events (with appropriate consent)
1.4 Automatically Collected Information
We automatically collect certain information when you use our services:
- Log data including IP addresses, browser type, and access times
- Device information and operating system details
- Usage patterns and feature interactions
- Location data (with your explicit permission)
- Cookies and similar tracking technologies
2. How We Use Your Information
We use the information we collect for the following specific purposes:
2.1 Service Delivery
- Provide, maintain, and improve our event management services
- Process transactions and manage your events
- Authenticate users and prevent fraud
- Provide customer support and respond to inquiries
2.2 AI and Analytics
AI Development Framework
Under APPI 2025 provisions, we may process pseudonymized data for AI model training and improvement within the legal framework for AI development, ensuring individual privacy protection through advanced anonymization techniques.
- Analyze usage patterns to improve our platform
- Develop AI-powered features for event optimization
- Generate anonymized statistical insights
- Personalize content and recommendations
2.3 Communication
- Send technical notices and security updates
- Provide customer support
- Send marketing communications (with explicit consent)
- Notify you of service changes or new features
2.4 Legal and Compliance
- Comply with legal obligations and regulatory requirements
- Protect our rights and prevent abuse
- Respond to legal requests and court orders
- Maintain business records for audit purposes
3. Information Sharing and Disclosure
We follow a strict "no sale" policy and only share your information in the following circumstances:
3.1 With Your Consent
We share information when you explicitly consent to such sharing. You can withdraw consent at any time.
3.2 Service Providers
We work with trusted third-party service providers under strict data processing agreements:
- Cloud hosting and infrastructure providers (AWS, Google Cloud)
- Payment processing companies
- Analytics and monitoring services
- Email delivery services
3.3 Opt-Out Data Sharing
Enhanced Opt-Out Rights
Under APPI 2025, we have implemented stricter opt-out procedures with clear notification requirements, easy-to-use mechanisms, and detailed record-keeping of all opt-out requests.
For certain data sharing arrangements, we may use an opt-out mechanism with:
- Clear notification of sharing purposes and recipients
- Easy-to-use opt-out procedures
- Regular review and notification updates
- Enhanced record-keeping of opt-out requests
3.4 Legal Requirements
We may disclose information when required by law or to protect our rights and users' safety.
4. Data Security
Security Commitment
We implement comprehensive security measures aligned with industry best practices to protect your personal information:
4.1 Technical Safeguards
- End-to-end encryption for data in transit and at rest
- 2-factor authentication for all administrative access
- Regular security vulnerability assessments
- Automated threat detection and response systems
5. Your Rights and Choices
Under the APPI and anticipated 2025 amendments, you have the following rights:
5.1 Access and Correction
- Request access to your personal information
- Request correction of inaccurate data
- Request suspension of use or deletion of your data
- Request details about data processing purposes and third-party sharing
5.2 How to Exercise Your Rights
To exercise these rights:
- Contact us at info@eventstacks.io with "APPI Request" in the subject
- We will verify your identity and respond within 30 days
- No fee required for reasonable requests
6. Additional Information for Users in Japan
6.1 Data Controller
trainspot KK
3-24-3 Asakusabashi, Taito-ku, Tokyo 111-0053, Japan
Representative: Malik Kusters
Email: info@eventstacks.io
6.2 AI Cooperation
In accordance with Japan's AI promotion framework, we cooperate with government initiatives on AI development and may participate in data collection efforts for national AI strategy development.
6.3 PPC Contact Information
For inquiries or complaints, contact the Personal Information Protection Commission:
Website: https://www.ppc.go.jp/
Email: privacy@ppc.go.jp
7. Changes to This Policy
We may update this policy to reflect:
- Changes in applicable laws and regulations
- Evolution of our services and business practices
- Feedback from users and regulatory authorities
- Industry best practices and security improvements
8. Contact Us
Get in Touch
For questions about this policy or to exercise your rights:
- Email: info@eventstacks.io
- Address: Event Stacks Privacy Team, 3-24-3 Asakusabashi, Taito-ku, Tokyo 111-0053, Japan