GDPR
GDPR information
This page provides GDPR-oriented information for users in the European Economic Area (EEA), the UK, or Switzerland. It complements the Privacy Policy.
Controller
OrbiMax Guidance K.K.
1-6-5 Nishi-Shinjuku, Shinjuku-ku, Tokyo 160-0023, Japan
Email: [email protected]
Phone: +81 3-4578-2046
Key links
1) Lawful bases
Where GDPR applies, we rely on lawful bases such as:
- Consent (e.g., where cookies are optional and require opt-in in your context)
- Contract / pre-contract steps (responding to your request and providing scoped deliverables)
- Legitimate interests (security, fraud prevention, operational continuity)
- Legal obligation (compliance where required)
2) Your rights
Under GDPR, you may have the right to:
- access your data
- rectify inaccurate data
- erase data (where applicable)
- restrict processing
- object to processing (including legitimate interests)
- data portability (in certain cases)
- withdraw consent (where processing is based on consent)
To exercise rights, contact us with enough information to locate your data (e.g., the email address used). We may request verification to protect your privacy.
3) Retention
We keep data only as long as necessary for the stated purposes. Inquiry records may be retained for a reasonable period to manage follow-ups, and security logs are retained for limited periods to protect the service.
4) International transfers
As we operate from Japan and may use global infrastructure providers, data may be processed outside your country. Where GDPR applies, we use safeguards such as contractual commitments and technical protections appropriate for the context.
If you want details about transfer safeguards used at a given time, contact us.
5) Complaints
If GDPR applies to you, you may have the right to lodge a complaint with a supervisory authority in your place of residence or work, or where you believe an infringement occurred. We encourage you to contact us first so we can address the concern.
6) Effective date
Effective date: 2026-02-13