Privacy Policy

'Personal Information' in this Policy means personal information as defined under the Act on the Protection of Personal Information of Japan. Terms such as 'Personal Data' and 'Retained Personal Data' follow the definitions under that Act and related laws. In addition to Personal Information, the Service may handle information relating to users, including Portfolio Data, external service integration information, usage logs, cookie and similar identifiers, device information, inquiry content, and AI chat inputs.

The Company obtains information relating to users through the following methods: 1. Information entered or submitted by users through account registration, profile settings, inquiries, feedback, portfolio creation, CSV uploads, AI chat use, and other operations on the Service 2. Information obtained from integration providers or the Company's contractors when a user authorizes or uses integrations with authentication services, payment services, data providers, AI services, search services, or other external services 3. Access logs, IP addresses, cookie and similar identifiers, device information, browser information, viewed pages, operation history, error information, and performance information automatically obtained through use of the Service 4. Payment-related information. Detailed payment information such as credit card numbers is generally handled by payment service providers, and the Company obtains information necessary for payment status, subscription plan, and billing management.

The Company uses obtained information for the following purposes: 1. To provide the Service, verify identity, authenticate users, manage accounts, manage portfolios, conduct analysis, provide AI chat, web search, X search, external integrations, data synchronization, and dashboard display 2. To process paid plans, payments, billing, subscriptions, receipts, and related matters 3. To respond to inquiries, feedback, support requests, important notices, maintenance, and changes to terms 4. To detect, investigate, prevent, and respond to misuse, violations of terms, security incidents, failures, spam, and rights infringements 5. To analyze usage, improve quality, develop functions, improve performance, and optimize displayed content 6. To respond to laws, courts, administrative agencies, regulators, and other public authority requests 7. For purposes incidental or reasonably related to the above If the Company changes the purposes of use, it will do so within a scope reasonably related to the previous purposes and, where necessary, publish or notify the changes by posting on the Service or other appropriate methods.

The Company will not provide Personal Data to third parties without the user's prior consent, except in the following cases: 1. When required by law 2. When necessary to protect a person's life, body, or property and it is difficult to obtain the user's consent 3. When particularly necessary to improve public health or promote the sound development of children and it is difficult to obtain the user's consent 4. When cooperation is necessary for a national government agency, local public body, or its contractor to perform duties prescribed by law, and obtaining consent may interfere with that performance 5. When outsourcing operations necessary to achieve the purposes of use, including authentication, payment, hosting, data storage, email delivery, analytics, error monitoring, customer support, AI models, web search, X search, and data provision 6. When provided in connection with a merger, company split, business transfer, or other business succession 7. When provided to an external service or business operator necessary for the integration within the scope authorized by the user When Personal Data is handled by a third party or contractor located outside Japan, the Company will take necessary actions under applicable law, including information provision, consent, contractual measures, or other appropriate safeguards.

Users may request disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of third-party provision of Retained Personal Data or records of third-party provision through the procedures specified by the Company. After verifying the identity of the requester, the Company will respond within a reasonable period in accordance with applicable law. However, the Company may be unable to comply with all or part of a request where it is not legally required to do so, where compliance may harm the rights or interests of the user or a third party, where it may significantly interfere with the Company's business, where the request lacks a reasonable basis, or where otherwise permitted by law.

The Company endeavors to implement necessary and appropriate security control measures, including access control, encryption, log management, contractor management, and permission management, to prevent leakage, loss, damage, unauthorized access, and other incidents involving Personal Information. The Company retains obtained information only to the extent necessary to achieve the purposes of use and deletes or anonymizes it by reasonable methods when it is no longer needed. Inquiries, requests for disclosure, and complaints regarding this Policy should be sent to contact@velpha.ai.

The Service may transmit information relating to users from their devices to external service providers for analytics, performance measurement, error monitoring, and service improvement. The following is information regarding major external transmissions: