Privacy Policy
Gounbeee (the “Operator”) establishes this Privacy Policy (this “Policy”) with respect to the handling of personal information of all individuals who use or access this website and the services provided on it (collectively, the “Service”). The meanings of terms used in this Policy follow the Act on the Protection of Personal Information of Japan (the “APPI”) and related guidelines.
1. Compliance with the APPI and Related Guidelines
The Operator complies with the APPI, the related guidelines issued thereunder, and other applicable guidance in handling personal information.
2. Acquisition of Personal Information in User Registration and Transactions
- User Registration.
When you register an account in your own name or in the name of a company or other organization to which you belong (“Company, etc.”), the Operator collects the following personal information:
- Your name
- Your date of birth
- Your email address
- Your address
- Your gender
- Credit Card Information via Payment Processor.
When you make a payment under a purchase contract on the Service, the Operator may collect credit card related information through a commissioned credit card payment processor. Such information is administered under the processor’s control and is not retained by the Operator.
- OAuth authentication.
We may receive certain profile information (e.g., email address, display name, service-specific ID) from Google or GitHub during OAuth authentication. We use this information to create and authenticate your account and to prevent fraud. We retain it only as necessary for legal and operational purposes. You can revoke our access at any time from your provider’s account settings.
3. Purposes of Use of Personal Information
The Operator uses your personal information for the following purposes:
- To deliver to you (including your Company, etc.) the products you purchase on the Service.
- (Regarding date of birth) To confirm whether you are a minor and determine eligibility for user registration.
- (Regarding credit card information) To process payments under purchase contracts on the Service.
- To respond to your inquiries.
- (Regarding email address) For the following:
- To deliver license keys and similar items for digital content products provided by the Service (see Terms of Use, Article 2(7)).
- To send information about new products or services of the Operator by email (only to customers who have agreed to receive such emails).
- To send email notifications regarding changes to the Terms of Use or this Policy, suspension or interruption of the Service, and other matters relating to the Service.
- Based on your browsing and purchase history on the Service, to analyze your needs and:
- Recommend products on the Service that suit your needs; and
- Utilize the analysis for merchandising and other business strategies in the Service and in any physical stores operated by the Operator.
4. Use of Google Analytics
- About Google Analytics.
The Service uses Google Analytics, a tool provided by Google LLC. In using Google Analytics, your visit history may be collected, recorded, and analyzed, and cookies stored on your device may be utilized for that purpose.
- Purpose of Use.
In connection with Google Analytics, the Operator receives statistical information from Google analyzing your visit history. The Operator uses such statistical information to understand trends in user interests toward the Service and to improve the structure and specifications of the Service.
- Possibility of Personal Information Collection.
The Operator does not collect information that can identify you as a specific individual through the use of Google Analytics, nor does the statistical information provided by Google contain information that can identify you as a specific individual.
- Opt-out.
You can disable the collection of your information by Google Analytics by changing the add-on settings of the browser through which you view the Operator’s website. To disable Google Analytics, download and install the “Google Analytics Opt-out Add-on” from Google’s opt-out add-on download page and change your browser add-on settings. If you disable Google Analytics, it will be disabled not only for this site but also for other websites you visit; you can re-enable it by reconfiguring your browser add-on settings.
- Google’s Policies.
Google manages information collected via Google Analytics in accordance with Google’s privacy policy and terms of use. For details, please see:
- Google policy explanation: https://policies.google.com/technologies/partner-sites
- Google Analytics Terms of Service: https://marketingplatform.google.com/about/analytics/terms/jp/
- Cookies.
A cookie is a mechanism by which, when you use a web page, certain information is saved as a file on your device. When you next access the same page, the site operator can retrieve the information saved as a cookie. You can restrict both the saving of cookies and the collection of information saved as cookies through your browser settings.
5. Security Control Measures for Personal Data
- Development of Rules for Handling Personal Data.
In accordance with the relevant guidelines, the Operator establishes internal rules on the handling and the security control measures of your personal data (“Personal Data”) and informs all staff.
- Organizational Measures.
The Operator appoints a Chief Information Security Officer (Personal Information Protection Manager)—held concurrently by the Operator—who supervises the handling of Personal Data, develops and operates the rules, and implements, records, and reviews responses and recurrence prevention in the event of incidents. Although there are no employees, where outsourcing to external service providers is used, the Operator requires confidentiality and security control measures by contract and conducts appropriate supervision. The manager keeps logs regarding the handling of Personal Data and conducts regular inspections. In the event of a significant leak, alteration, or other incident (“Incident”), the manager performs cause analysis, impact assessment, and reports to relevant authorities, and coordinates with external experts or contractors as necessary.
- Human Measures.
The Operator conducts periodic training for staff on points to note in handling Personal Data and sets forth confidentiality requirements in work rules.
- Physical Measures.
- (a) Personal Data is stored exclusively as electronic data on the Operator’s servers and is not kept in paper form.
- (b) Strict entry/exit controls are implemented at locations where servers storing Personal Data are installed.
- (c) Workspaces of staff handling Personal Data are clearly separated from other areas to prevent viewing by those without authorization.
- (d) All devices that may store Personal Data are completely wiped at disposal.
- Technical Measures.
- (a) The servers storing Personal Data are protected by strict external access controls, and access permissions and authentication methods are configured to limit staff who can access the data.
- (b) All devices that can access Personal Data implement technical controls to prevent any external removal of such data.
- (c) All devices that may handle Personal Data have anti-malware software installed, and OS and application auto-updates are enabled.
- (d) Security measures are incorporated into the design of the systems composing the Service, and reviewed regularly.
- Review of Measures.
Under the supervision of the Information Security Committee, the Operator performs regular inspections and audits of the handling of Personal Data and reviews the security control measures accordingly.
6. Provision of Personal Data to Third Parties
- Outsourcing.
Within the scope necessary to achieve the purposes of use, the Operator may entrust the handling of Personal Data to third parties, such as shipping companies and credit card payment processors. In such cases, the Operator selects contractors capable of properly handling Personal Data, executes contracts concerning the handling of Personal Data, and conducts necessary and appropriate supervision.
- Other Third-Party Provision.
Except for outsourcing described in the preceding item and cases where the Operator may lawfully provide Personal Data to third parties under the APPI and other laws and regulations, the Operator does not provide Personal Data to third parties.
7. Procedures for Requests Regarding Retained Personal Data
- How to Make a Request.
- If you are the principal:
- If you are an agent:
- When We Cannot Accommodate Requests.
Even when a Request is made in accordance with the preceding item, if there are deficiencies in the method, if the identity of the principal or agent cannot be verified, or if legal restrictions apply, we may be unable to accommodate the Request. In such cases, we will notify you accordingly.
For requests or demands (collectively, “Requests”) under the APPI concerning notification of purposes of use, disclosure, correction/addition/deletion, or suspension of use/deletion/cessation of third-party provision of your retained personal data (“Disclosure, etc.”), please fill out the prescribed request form and send it by email with the following documents attached, to the contact point below. Requests by other means cannot be accepted.
A copy of an identity document (e.g., driver’s license, health insurance card) sufficient to verify your identity.
All of the following: a copy of the principal’s identity document; and the original of the prescribed power of attorney duly completed by the principal.
Contact for Requests: master(At sign)gounbeee.com
Download of Forms: Request form / Power of attorney (URLs omitted).
8. Contact Point
For opinions, consultations, complaints, or other inquiries regarding the handling of personal information by the Operator, please contact:
Email: master(At sign)gounbeee.com
9. Information about the Operator
Sole proprietor: Gounbeee
Address: Provided upon inquiry to the contact above.
Representative: Provided upon inquiry to the contact above.
10. Revisions to this Policy
When this Policy is revised, the Operator will publish on the Service the fact of revision, the revision date, and the contents after revision.
11. Deactivation, Re-registration, and Deletion
- Deactivation (Withdrawal).
When you withdraw, your account is immediately deactivated (soft deletion) and cannot be used to sign in. To preserve system integrity and to enable future re‑registration using the same email address, the email stored in your account is replaced with a non‑functional internal placeholder (e.g.,
USER_ID.TOKEN@deleted.local) and the deactivation time (deleted_at) is recorded. The placeholder is not used for communications. - Audit & Transaction Integrity.
To maintain the integrity of past transactions (e.g., orders, licenses, payments) and to comply with applicable laws, the Operator retains the minimum necessary audit logs and transactional records after deactivation. For fraud prevention, abuse detection, and audit purposes only, the Operator may retain a one‑way cryptographic hash of your original email. Such hash cannot be used to contact you or reconstruct the original email address.
- Re‑registration.
After deactivation, you may create a new account using your original email address. The deactivated account remains with the internal placeholder email. Re‑registration does not automatically carry over settings or data of the pre‑withdrawal account, except for minimum records retained as required by law or operations.
- Permanent Deletion (Erasure) on Request.
Upon your verified request, the Operator will irreversibly delete or anonymize personal data except where retention is required by applicable laws (e.g., tax, accounting) or necessary to establish, exercise, or defend legal claims. Where immediate deletion is technically infeasible (e.g., immutable backups), operational access is severed and the data is removed in accordance with backup rotation and disposal cycles.
- Retention Periods.
- Orders/Licenses/Payments: retained for periods required by tax and accounting laws.
- Audit & Security Logs: retained for a limited period necessary for security and fraud prevention.
- Backups: deleted on rolling cycles; operational access to personal data in backups is restricted.
- Contact for Erasure Requests.
If you wish to request permanent deletion (erasure), contact: master(At Sign)gounbeee.com.
Additional Privacy Terms for CogitsuneMusic (Windows App Version)
CogitsuneMusic Privacy Policy (Windows app version)
This privacy policy applies to the Windows application “CogitsuneMusic” (the “App”) provided by Gounbeee (“we”, “us”).
1. Information we collect
The App does not send or store personally identifiable information such as your name, email address, or postal address on our servers. Settings and presets used by the App are stored locally on your device.
2. Network communication and logs
When the App accesses online content (for example, update checks or online manuals), standard web server logs such as your IP address and browser information may be recorded by our servers or third-party servers. These logs are used only for service operation and security purposes.
3. Purchases and payment information
Purchases of the App are processed through the Microsoft Store. We do not receive or store your credit card number or other payment details.
4. Sharing of information
We do not sell or rent your personal information to third parties. We may disclose information only when required by applicable law.
5. Security
We take reasonable measures to protect information from unauthorized access, alteration, or disclosure.
6. Changes to this policy
We may update this policy from time to time. When we make important changes, we will notify you via our website or through update information for the App.
7. Contact
If you have any questions about this policy, please contact:
Gounbeee – master@gounbeee.com