Privacy Policy

franky Co., Ltd. (hereinafter referred to as "our company") recognizes the importance of protecting personal information and complies with the Act on the Protection of Personal Information (hereinafter referred to as the "Personal Information Protection Act"). We will strive to properly handle and protect personal information in accordance with the privacy policy of (hereinafter referred to as "this privacy policy"). Unless otherwise specified in this privacy policy, the definitions of terms in this privacy policy are in accordance with the provisions of the Personal Information Protection Law.


1. Definition of personal information

In this Privacy Policy, personal information means information about a living individual that falls under any of the following items.

  1. Names, dates of birth, and other descriptions included in the information (meaning all matters described or recorded in documents, drawings, or electromagnetic records, or expressed using voice, motion, or other methods. ) that can identify a specific individual (including information that can be easily compared with other information to identify a specific individual).
  2. Items containing a personal identification code

2. Purpose of use of personal information

We will use personal information for the following purposes.

  1. To provide moln's sales business (hereinafter referred to as "our service") (including, but not limited to, product delivery, payment settlement, maintenance or troubleshooting, identity verification, authentication, security assurance, etc.) is not available.)
  2. To provide information about our services and to respond to inquiries, etc.
  3. To provide information on products, services, etc. of the Company or a third party by distributing e-mail magazines or other methods, or to advertise and measure advertising effectiveness
  4. To respond to acts that violate our company's terms, policies, etc. (hereinafter referred to as "terms, etc.") regarding our services
  5. To notify you of changes to our service terms, etc.
  6. Analyze user input or registration information, order information (including cancellation information, etc.), product purchase history and other information related to user service usage status, etc. to improve our services and new services to assist in the development of
  7. To conduct, operate or manage surveys, campaigns, seminars or events
  8. For employment management and internal procedures (personal information of officers and employees), for selection and communication in recruiting activities (personal information of applicants)
  9. For shareholder management, corporate law and other legal procedures (personal information of shareholders, stock acquisition rights holders, etc.)
  10. To create statistical data processed in a form that cannot identify individuals in relation to our services
  11. For other purposes incidental to the above purpose of use

3. Method of collecting personal information

In providing our services (as defined in Section 2), we collect the following information from users of our services in the following ways:

  1. In providing our services (as defined in Section 2), we collect the following information from users of our services in the following ways:

    1-1. Information to collect

    ・Profile information such as name, date of birth, address, phone number, email address, gender, hobbies and interests

    ・Information entered or sent by users through input forms or other methods specified by the Company

    ・Information on the usage status and usage of our services (referrer, IP address, server access log, cookie, ADID, IDFA and other identifiers, terminal information, content viewed or viewed by the user, usage time and other user behavior history including information such as

    ・Information about inquiries

    1-2. Collection method

    ・Methods of user input on our services

    ・Methods of collection when users use our services@>

    ・Methods of receiving information from our business partners (including providers of external services such as SNS, information providers, advertisers, ad distribution destinations, etc.)

  2. The Company retains the information set forth in Section 3.1 Item 1 during the period of provision of the Company's services and until one year after the termination of the provision of the Company's services.

4. Change of purpose of use of personal information

The Company may change the purpose of use of personal information within the scope reasonably recognized to have relevance. will be notified or published.


5. Use of personal information

  1. We will not handle personal information beyond the scope necessary to achieve the purpose of use without obtaining the consent of the individual, except as permitted by the Personal Information Protection Law and other laws and regulations. However, this shall not apply in the following cases.

    ・When required by law

    ・When it is necessary to protect a person's life, body or property and it is difficult to obtain the consent of the individual

    ・When it is necessary to cooperate with a national institution, a local government, or a person entrusted by them in carrying out the affairs stipulated by laws and regulations, and obtaining the consent of the person concerned interferes with the execution of the affairs when there is a risk of

    ・When personal data is provided to an academic research institution, etc., and the academic research institution, etc. needs to handle the personal data for academic research purposes (part of the purpose of handling the personal data is for academic research purposes) (Including cases where there is a risk of unjustly infringing on the rights and interests of individuals.)

    ・Information about inquiries

  2. We will not use personal information in a manner that may encourage or induce illegal or unfair acts.

6. Appropriate acquisition of personal information

  1. We will acquire personal information properly and will not acquire it by deception or other wrongful means.
  2. The Company will not acquire special care-required personal information (as defined in Article 2, Paragraph 3 of the Act on the Protection of Personal Information) without the prior consent of the individual, except in the following cases.

    ・If any of items 1 to 4 of paragraph 1 applies

    ・When obtaining personal information requiring special care from an academic research institution, etc., and when it is necessary to obtain such personal information requiring special care for the purpose of academic research (part of the purpose of obtaining personal information requiring special care is academic research) (Including cases where it is for the purpose, excluding cases where there is a risk of unjustly infringing on the rights and interests of individuals.) (Limited to cases where the business operator handling personal information and the academic research institution, etc. jointly conduct academic research.) .)

    ・The relevant special care-required personal information is disclosed by the person, a national agency, a local government, an academic research institution, etc., a person listed in each item of Article 57, Paragraph 1 of the Personal Information Protection Act, or a person specified by the rules of the Personal Information Protection Commission if it is

    ・When acquiring personal information that requires special care that is obvious in appearance by looking at or photographing the person

    ・In cases where personal information requiring special care is provided by a third party, and the provision by the third party

  3. When receiving personal information from a third party, we will confirm the following items in accordance with the rules of the Personal Information Protection Commission. However, this excludes cases where the provision of the personal information by the third party falls under any of the items in Section 5.1 or falls under any of the items in Section 9.1.

    ・The name or name and address of the third party, and in the case of a corporation, the name of its representative (in the case of a non-corporation that has a designated representative or administrator, the representative or administrator)

    ・How the third party acquired the personal information


7. Security management of personal information

We will provide necessary and appropriate supervision to our employees so that personal information can be safely managed against risks such as loss, destruction, falsification and leakage of personal information. In addition, when outsourcing all or part of the handling of personal information, the Company will conduct necessary and appropriate supervision to ensure the safety management of personal information at the outsourcee. Details of the specific security control measures regarding personal data held by the Company are as follows.

Formulation of basic policy

In order to ensure the proper handling of personal data, this privacy policy has been formulated as a basic policy regarding "compliance with relevant laws and regulations, guidelines, etc." and "point of contact for inquiries and complaints."

Development of discipline related to the handling of personal data

Formulate personal data handling rules for each stage of acquisition, use, storage, provision, deletion, disposal, etc., regarding the handling method, the person in charge, the person in charge, and their duties, etc.

Systematic security control measures

1 ) When a person responsible for the handling of personal data is appointed, the employee who handles personal data and the scope of personal data handled by the employee are clarified, and facts or signs of violation of laws and handling regulations are identified. Established a system for reporting and contacting the person in charge of

2 ) Conduct regular self-inspections on the handling of personal data, and conduct audits by other departments and external parties.

Personnel security control measures

Matters related to confidentiality of personal data are stated in the work regulations

physical security measures

Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal data, and when carrying such equipment, electronic media, etc., including movement within the office, personal data cannot be easily identified. implement measures to prevent

Technical safety control measures

1 ) Implement access control and limit the scope of the person in charge and the personal information database, etc. handled

2 ) Introduce a mechanism to protect information systems that handle personal data from unauthorized external access or unauthorized software.

Understanding the external environment

The cloud service provider used by the Company is located in Canada, and the server where personal data is stored in the service is located in Canada or the United States, so personal information in Canada and the United States Implement safety control measures after understanding the system related to the protection of

Formulation of basic policy

  1. In order to ensure the proper handling of personal data, this privacy policy has been formulated as a basic policy regarding "compliance with relevant laws and regulations, guidelines, etc." and "point of contact for inquiries and complaints."
  2. Development of discipline related to the handling of personal data
  3. Formulate personal data handling rules for each stage of acquisition, use, storage, provision, deletion, disposal, etc., regarding the handling method, the person in charge, the person in charge, and their duties, etc.

Systematic security control measures

  1. In addition to appointing a person responsible for the handling of personal data, clarifying the scope of personal data handled by employees who handle personal data and the scope of personal data handled by such employees, responsibility in the event that facts or signs of violation of laws and handling regulations are grasped Developing a system for reporting and contacting
  2. Regular self-inspection of the handling of personal data and audits by other departments and external parties

physical security measures

  1. Take measures to prevent theft or loss of equipment, electronic media, documents, etc. that handle personal data, and when carrying such equipment, electronic media, etc., including movement within the office, personal data cannot be easily identified. implement measures to prevent

Technical safety control measures

  1. Implement access control to limit the scope of the person in charge and the personal information database, etc. handled
  2. Introduce a mechanism to protect information systems that handle personal data from unauthorized external access or unauthorized software

8. Reporting of leaks, etc.

In the event of leakage, loss, damage, etc. of personal information handled by the Company, if it is necessary to report to the Personal Information Protection Commission and notify the person in accordance with the provisions of the Personal Information Protection Act, We will make such reports and notifications.


9. Third party provision

    1. We will not provide personal information to a third party without obtaining the prior consent of the individual, except in cases that fall under any of the items in Section 5.1. However, the following cases do not fall under the provision to third parties specified above.

      ・When providing personal information in conjunction with entrusting all or part of the handling of personal information within the scope necessary to achieve the purpose of use

      ・When personal information is provided along with business succession due to merger or other reasons

      ・In case of joint use based on the provisions of the Personal Information Protection Act

    2. Notwithstanding the provisions of Article 9.1, the Company shall, except in cases corresponding to any of the items of Article 5.1, operate in foreign countries (countries designated by the rules of the Personal Information Protection Commission pursuant to Article 28 of the Personal Information Protection Act) ) to a third party (excluding those who have established a system that meets the standards specified by the rules of the Personal Information Protection Commission based on Article 28 of the Personal Information Protection Law). When providing personal information, we will obtain the consent of the person in advance to the effect that the provision to a third party in a foreign country is permitted.
    3. When obtaining the consent of the person for the provision to a third party located in a foreign country pursuant to Section 9.2, the following matters shall be provided to the person. However, if the matters in Item 1 cannot be identified, instead of the matters in Items 1 and 2, the fact that the matters in Item 1 cannot be identified, the reason for that, and information that should be helpful to the person in lieu of said matters We will provide you with that information, if any.

・Name of the foreign country

・Information on the system for the protection of personal information in the foreign country

・Information on measures taken by the third party to protect personal information (if the information cannot be provided, that fact and the reason)

  1. When we provide personal information to a third party, we will create and store records in accordance with Article 29 of the Personal Information Protection Law.
  2. When receiving personal information from a third party, the Company shall, in accordance with Article 30 of the Personal Information Protection Act, conduct necessary confirmation, and create and store records related to the confirmation.

10. Disclosure of personal information, etc.

  1. When the person requests disclosure of personal information based on the provisions of the Personal Information Protection Law, we will disclose it to the person without delay after confirming that the request is from the person himself/herself. (If the personal information does not exist, we will notify you to that effect.) However, this does not apply if the Company is not obligated to disclose it under the Personal Information Protection Law or other laws and regulations.
  2. The provisions of the preceding paragraph shall apply mutatis mutandis to records related to provision to third parties created based on Section 9.4 and records related to provision from third parties created based on Section 9.5 regarding personal information that identifies the person. shall be However, stipulations regarding fees are excluded.

11. Correction of personal information

If the person requests correction, addition, or deletion of the content (hereinafter referred to as "correction, etc.") based on the provisions of the Personal Information Protection Act on the grounds that the personal information is not true, the Company will After confirming that the request is from the person himself/herself, we will conduct necessary investigations without delay within the scope necessary to achieve the purpose of use, and based on the results, correct the content of personal information, etc. We will notify the person to that effect (if we decide not to make corrections, etc., we will notify the person to that effect). However, this does not apply if the Company is not obligated to make corrections, etc. under the Personal Information Protection Act or other laws and regulations.


12. Suspension of use of personal information

The Company will notify the person that (1) the person's personal information is being handled beyond the scope of the purpose of use that has been announced in advance, or is being used in a manner that may encourage or induce illegal or unjust acts. or because the personal information of the individual has been obtained by deception or other wrongful means, suspension or deletion of its use (hereinafter referred to as "suspension of use, etc.") in accordance with the provisions of the Personal Information Protection Law (2) suspension of provision of personal information (hereinafter referred to as "providing ), or (3) when the Company no longer needs to use the person's personal information, the personal information protection law Article 26 paragraph 1 regarding the person's personal information Suspension of use, etc., or provision of personal information based on the provisions of the Personal Information Protection Law for the reason that the handling of the personal information of the individual may harm the rights or legitimate interests of the individual, or if a stipulated situation occurs. In the event that a request for suspension is made and it is found that there is a reason for the request, after confirming that the request was made by the person himself/herself, suspension of use, etc. or suspension of provision of personal information will be made without delay. and notify the person to that effect. However, this does not apply if the Company is not obligated to suspend the use, etc. or the provision of personal information under the Personal Information Protection Act or other laws and regulations.


13. Provision of Personal Information to Third Parties

  1. The Company shall not provide third parties with personal information (meaning information stipulated in Article 2, Paragraph 7 of the Act on the Protection of Personal Information, and limited to information constituting a personal information database, etc. stipulated in Article 16, Paragraph 7 of the same Act). .The same shall apply hereinafter.) as personal data, excluding the cases listed in each item of Section 5.1, the following items shall be confirmed in advance in accordance with the rules of the Personal Information Protection Commission. We will not provide the relevant personal information to the third party without doing so.

    ・The person's consent has been obtained to allow the third party to receive personal-related information from the Company and obtain it as personal data that can identify the person.

    ・When providing to a third party in a foreign country, when obtaining the consent of the person in the preceding item, in accordance with the rules of the Personal Information Protection Commission, in advance The system, measures taken by the third party to protect personal information, and other information that should be helpful to the individual are provided to the individual.

  2. When we provide personal information to a third party, we will create and store records in accordance with Article 31 of the Personal Information Protection Law.
  3. When receiving personal-related information from a third party, we will perform necessary confirmation in accordance with Article 31 of the Personal Information Protection Law, and create and store records related to the confirmation. >

14.Handling of Pseudonymized Information

  1. The Company shall handle pseudonymously processed information (meaning the information stipulated in Article 2, Paragraph 5 of the Act on the Protection of Personal Information, and limited to information constituting the pseudonymously processed information database, etc. stipulated in Article 16, Paragraph 5 of the same Act. The same shall apply hereinafter. ), the personal information shall be processed in accordance with the standards stipulated by the Personal Information Protection Commission rules. .1 Except for the cases listed in each item of paragraph 1, we will not provide the relevant personal information to the third party without confirming the following matters in advance in accordance with the rules of the Personal Information Protection Commission.
  2. When the Company creates pseudonymously processed information, or acquires pseudonymously processed information and deleted information, etc. related to the pseudonymously processed information (meaning what is stipulated in Article 41, Paragraph 2 of the Personal Information Protection Law; the same shall apply hereinafter) When we do so, we will take measures for safe management of deleted information, etc., in accordance with the standards set by the Personal Information Protection Commission rules as necessary to prevent leakage of deleted information, etc.
  3. In addition to cases based on laws and regulations, we do not use pseudonymized information beyond the scope necessary to achieve the purpose of use.
  4. Regarding the application of paragraph 4 to pseudonymously processed information, the phrase "to change within the scope reasonably recognized to be relevant" in the same paragraph is replaced by "to change" and "to notify or announce ” shall be read as “will be announced”.
  5. The provisions of paragraphs 8 and 10 through 12 shall not apply to pseudonymized information.
  6. Notwithstanding the provisions of Sections 9.1 to 9.3, the Company shall not provide personal data that is pseudonymously processed information to third parties, except when required by law. However, the cases listed in each item of Section 9.1 do not fall under the provision to a third party specified above.

15. Use of Cookies and Other Technologies

  1. Our services may use cookies and similar technologies. These technologies help us understand how our services are being used, and contribute to improving our services. Users who wish to disable cookies can do so by changing their web browser settings. However, if you disable cookies, you may not be able to use some functions of our services.
  2. In addition, our services include Google G.K. (including Google Analytics. For details on how Google Analytics collects and processes data, see "How Google uses data when users use Google partner sites and apps."). We use cookies provided by the page (www.google.com/intl/en/policies/privacy/partners/).

16. Contact

Name, address and name of representative of business operator handling personal information

〒150-0013

Hiroo MTR Building 4F, 2-36-13 Ebisu, Shibuya-ku, Tokyo

franky Co., Ltd. (Representative Director Yu Akasaka)

Contact point

Phone number: 0364506470

E-mail: support@moln.com

Click here for the inquiry form.

(Reception hours are from 11:00 to 19:00 on weekdays.)


17. Continuous improvement

We will review the operational status of the handling of personal information from time to time and strive for continuous improvement, and we may change this privacy policy as necessary.


that's all


Enacted April 1, 2022