Privacy Policy

Last updated: 2025-11-10

Controller : Real Escapes G.K., 4-11-5 Kaminoge, Setagaya-ku, 158-0093 Tokyo, Japan

Contact: [email protected] | 2 Chome-5-24 Yanaka, Taito City, Tokyo 110-0001

This Privacy Policy explains how we collect, use, disclose, and protect information in accordance with Japan’s Act on the Protection of Personal Information (APPI) and, where applicable, the EU General Data Protection Regulation (GDPR) for individuals located in the EU/EEA. (PPC)

1) Scope

This policy applies to:

Our websites and landing pages at www.hicodata.com
Contact forms, downloads, event registrations, newsletter sign-ups
Analytics, advertising, and social media pixels used on our sites
APPI governs how businesses in Japan handle personal information, and the Personal Information Protection Commission (PPC) oversees compliance. (DLA Piper Data Protection)

Where our site targets or monitors users in the EU/EEA (e.g., EU language/currency, shipping to EU, or EU behavioral tracking), GDPR may apply in addition to APPI. (European Data Protection Board)

2) What We Collect

We may collect:

A. Information you provide

Contact details (name, company, email, phone)
Messages and inquiry contents
Booking and event registration details
B. Automatically collected information

Device, browser, IP address, and general location
Pages viewed, session duration, referrers
Cookie IDs, advertising IDs, and similar identifiers (collectively “person-related information” under APPI when not directly identifiable). (ICLG International Business Reports)
C. Marketing & analytics tools (examples)

Google Analytics 4, Google Tag Manager, Search Console, LinkedIn Insight Tag, Meta Pixel.
(We will keep this list updated on our site.)

3) Why We Use Your Information

Responding to inquiries, quotes, and meeting requests
Providing newsletters, resources, and event information (opt-in)
Site operation, security, troubleshooting, and product/service improvement
Analytics to understand content performance and user journeys
Advertising and remarketing (where consent/opt-out rules apply)
Under APPI, we disclose the purposes and handle data appropriately; providing personal data to third parties generally requires consent, subject to narrow exceptions. (Japanese Law Translation)

For EU users, we rely on lawful bases such as consent, performance of a contract, or legitimate interests (e.g., basic analytics and site security), and legal obligation where required. (GDPR)

4) Cookies & Similar Technologies

We use first-party and third-party cookies/pixels to:

Ensure the site works properly (strictly necessary)
Measure usage (analytics)
Personalize content and ads (marketing/remarketing—consent may be required)
Under Japan’s APPI, cookies and similar identifiers can be regulated as “person-related information,” especially when shared with third parties who could link them to an individual; in such cases, consent and record-keeping obligations may apply. We will implement a banner where required and provide choices. (ICLG International Business Reports)

You can manage cookies via our {Cookie Preferences} link and your browser settings.

5) Sharing & Third Parties

We may share information with:

Service providers (hosting, analytics, CRM/marketing tools, email, payment, security) under contractual confidentiality
Advertising/measurement partners (only where lawful—e.g., consent for EU users; APPI rules for sharing person-related information/cross-border transfers) (Japanese Law Translation)
We do not sell personal data.

6) International Transfers

Our servers, vendors, or partners may be located outside Japan. Under APPI, cross-border transfers generally require consent or other safeguards; we assess recipient countries’ systems and implement appropriate measures or obtain consent where needed. For EU users, we use GDPR mechanisms (e.g., Standard Contractual Clauses) when applicable. (Benesch Law)

7) Retention

We keep personal information only as long as necessary for the stated purposes, legal obligations, or to resolve disputes. Retention schedules differ by category (e.g., inquiry logs: {12–24 months}, contract records: {7 years}). Then we securely delete or de-identify data.

8) Your Rights

Under APPI (Japan): you can request disclosure, correction, addition, deletion, suspension of use, and cessation of third-party provision of your Personal Data, subject to statutory conditions. Contact {privacy@yourdomain}. We will verify identity and respond per APPI. (Japanese Law Translation)

Under GDPR (EU users): you may have rights to access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent at any time (without affecting prior processing). You may also lodge a complaint with an EU supervisory authority. (GDPR)

9) Security

We implement organizational, technical, and physical measures proportional to risk (access controls, encryption in transit, least-privilege, audit/logging, vendor due diligence). We train staff and regularly review controls referencing Japanese guidance for corporate privacy governance. (Ministry of Economy, Trade and Industry)

10) Data Breaches

If we detect a data breach that triggers notification duties, we will follow APPI requirements (including PPC reporting where applicable) and notify affected users and authorities as required. (OneTrust)

11) Children

Our services are intended for business users. We do not knowingly collect personal information from children under {16/18}. If you believe a child provided personal information, contact us to delete it.

12) Do-Not-Track / Opt-out

Browsers may offer Do-Not-Track signals; there is no common standard. We honor applicable consent/opt-out requirements for analytics/ads and provide in-product controls where available.

13) Updates to This Policy

We may update this policy to reflect legal, technical, or business changes. Material changes will be highlighted on this page with a new “Last updated” date.

14) How to Contact Us / Appeals

Email: [email protected]
Postal: Daiwa Mansion, 2 Chome-5-24 Yanaka, Taito City, Tokyo 110-0001
If you are not satisfied with our response under APPI, you may contact Japan’s Personal Information Protection Commission (PPC). EU users may contact their local supervisory authority. (PPC)