Privacy Policy

1. Information We Collect

The studio may collect personal data in the following circumstances.

1-1. When you contact us or inquire about commissioned work

• Name (or organisation name)
• Email address
• Phone number (optional)
• Information contained in the inquiry itself (project details, current situation, and the like)

1-2. When you use our software products

When you use software or services provided by the studio (such as SynquoRum), data may be collected in accordance with the terms of service and privacy policy of each such product. Please refer to those documents for the specifics applicable to each product.

1-3. Information collected automatically

When you use the website, the studio may automatically collect information such as cookies, IP addresses, browser type, referring URLs, and time spent on the site. This information is used primarily for site improvement and statistical purposes.

2. How We Use Information

Personal data is used only within the scope of the following purposes.

• To respond to inquiries and consultation requests
• To provide, operate, and improve the studio’s services
• To evaluate, scope, estimate, contract, and execute commissioned work
• To issue and send invoices, receipts, and other transaction-related documents
• To comply with legal obligations
• To pursue purposes incidental to the above

3. Disclosure to Third Parties

Except in the following circumstances, the studio does not disclose your personal data to third parties.

• When you have given consent
• When required by law (including disclosure requests from courts, the police, or other public authorities)
• When sharing with service providers necessary to deliver the service (payment processors, hosting providers, communication and analytics services, etc.) under appropriate confidentiality arrangements
• In connection with a business succession
• When necessary to protect the life, body, or property of a person, and where it is difficult to obtain consent

4. Service Providers

In delivering its services, the studio may entrust hosting, payment, communication, and analytics tasks to outside vendors. Vendors are permitted to handle personal data only to the extent necessary for the entrusted task, and are bound by appropriate confidentiality obligations. Vendors include, among others, Vercel (hosting), Anthropic (AI inference), and Google (analytics).

5. Retention

Personal data is retained for the period necessary to fulfill the purposes for which it was collected, or for the period required by law. Data is promptly deleted or anonymised once that period has passed.

Inquiry correspondence is generally retained for three years from the last exchange. Records related to commissioned work are retained for seven years following contract completion, in accordance with applicable tax law requirements.

6. Security

The studio takes reasonable security measures to prevent the leakage, loss, or alteration of personal data. These include access controls, encrypted communication (TLS), regular log review, and timely deletion of data no longer needed.

That said, communication and electronic storage over the internet have inherent technical limitations and a degree of residual risk. While the studio takes the greatest care, it cannot guarantee absolute security; please be aware of this in advance.

7. Your Rights

You may exercise the following rights regarding the personal data the studio holds about you.

• The right to request disclosure of your personal data
• The right to request correction, addition, or deletion of inaccurate data
• The right to request the suspension of use or disclosure to third parties
• The right to withdraw consent

Please send such requests to contact@helifraxis.com. After verifying identity, the studio will respond promptly within reasonable means.

8. Cookies

The website may use cookies to improve usability, understand usage patterns, and refine functionality. If you prefer not to allow cookies, you may disable them in your browser settings; please note that some site functions may not work correctly as a result.

9. Children’s Privacy

The studio’s services are not intended for use by individuals under 16 years of age. Use by anyone under 16 should occur only with parental consent. If the studio learns that personal data has been collected from a child without parental consent, it will delete that data promptly.

10. International Transfers

Cloud services and outside vendors used by the studio may, by their nature, process personal data on servers located outside Japan. When such transfers occur, the studio puts in place appropriate safeguards consistent with the laws of the destination jurisdiction and this Privacy Policy.

11. EU, EEA, and UK Residents (GDPR / UK GDPR)

If you reside in the European Union, the European Economic Area, or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and the UK GDPR.

• The right to access your personal data
• The right to rectification of inaccurate data
• The right to erasure (the right to be forgotten)
• The right to restriction of processing
• The right to data portability (to receive your data in a structured format)
• The right to object to processing
• The right to withdraw consent at any time, where processing is based on consent
• The right to lodge a complaint with a supervisory authority (a national data protection authority in the EU, or the UK ICO)

The legal bases on which the studio processes personal data include, as applicable: (a) performance of a contract; (b) the studio’s legitimate interests; (c) your consent; and (d) compliance with a legal obligation.

When personal data is transferred from the European Economic Area to Japan or other regions, the studio relies on appropriate safeguards such as the European Commission’s adequacy decisions or Standard Contractual Clauses (SCCs). Japan benefits from an adequacy decision issued by the European Commission.

To exercise these rights, or for any inquiry related to GDPR / UK GDPR, please contact contact@helifraxis.com.

12. California Residents (CCPA / CPRA)

If you reside in California, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

• The right to know the categories of personal information collected and the purposes for which it has been used in the past 12 months
• The right to delete personal information
• The right to correct inaccurate personal information
• The right to opt out of the sale, sharing, or use of personal information for cross-context behavioural advertising
• The right to limit the use of sensitive personal information
• The right to non-discrimination for exercising any of the above rights

The studio does not "sell" your personal information for monetary consideration as that term is defined under the CCPA.

You may exercise these rights yourself or through an authorised agent. Please contact contact@helifraxis.com; the studio will respond after verifying your identity.

13. Changes to This Policy

This Privacy Policy may be revised in response to changes in law, services, or operating practice. Material changes will be announced on the website. Continued use of the studio’s services following such revisions constitutes acceptance of the revised policy.

14. Contact

Questions, requests, and complaints regarding this Privacy Policy may be directed to:

Email

contact@helifraxis.com

Operator name, address, and phone number

Disclosed promptly upon request. Please send your request to the email address above.