This Privacy Policy outlines how we collect, use, store, and protect your personal data when you interact with our website. It explains how we comply with data protection laws including the General Data Protection Regulation (GDPR) in the EU, the California Consumer Privacy Act (CCPA) in the USA, the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, and Japan's Act on the Protection of Personal Information (APPI).The following sections outline our approach to safeguarding your privacy and the specific purposes for which your personal data is processed. Definitions of terms such as "personal data" and "processing" are provided as outlined in Article 4 of the General Data Protection Regulation (GDPR).
The entity responsible for processing your personal data is:
COMPANY: D7 DESIGN
We process personal data you provide directly (e.g., through account registration or contact forms) or data collected automatically through your use of our website. These data include, but are not limited to, email addresses, IP addresses, names, location, and any other data shared during interaction with our website.
We process personal data based on the following legal grounds:
• Contractual obligations (Article 6(1)(b) GDPR): Necessary for fulfilling agreements such as processing purchases or providing services.
To fulfill contractual agreements such as processing purchases or providing services.
• Legitimate interests (Article 6(1)(f) GDPR):
For website administration, fraud prevention, improving user experience, and marketing.
• Consent (Article 6(1)(a) GDPR):
When you provide explicit consent, such as subscribing to newsletters or marketing communications.
• Compliance with legal obligations (Article 6(1)(c) GDPR):
For compliance with local laws, such as tax regulations.
These legal bases ensure that your personal data is processed appropriately and in accordance with applicable laws. Details of how these legal bases apply are described in Section II.
Personal data may be shared with the following service providers acting as data processors on our behalf:
• IT Service Providers
• Google Inc.
We may also share data with third parties acting as data controllers, such as:
• Payment service providers
We ensure that third-party service providers are compliant with applicable data protection laws and provide adequate safeguards for your data.
As a company headquartered in Japan, your personal data may be transferred outside the European Economic Area (EEA), the United States, Canada, or other regions. This includes data shared with third-party service providers such as Google Analytics and Media.net. We ensure that international transfers comply with applicable laws, including Standard Contractual Clauses (SCC) for transfers from the EU and other safeguards required by regional laws.
We retain personal data for no longer than necessary to fulfill the purposes for which it was collected. When the data is no longer required, it will be securely deleted or anonymized in accordance with applicable laws.
As a data subject, you have the following rights under relevant data protection laws:
Right to access: You can request information about the data we hold about you.
Right to rectification: You can correct any inaccurate or incomplete data.
Right to erasure: You can request that we delete your data in certain circumstances.
Right to restriction of processing: You can request that we limit the use of your data.
Right to data portability: You can request that we provide your data in a structured format for transfer to another provider.
Right to object: You can object to processing based on legitimate interests, including for direct marketing purposes.
For EU residents, these rights are guaranteed under the GDPR. For California residents, rights are guaranteed under the CCPA, and for Canadian residents, under PIPEDA.
To exercise these rights, please contact us using the details in Section III.If you believe your data has been processed unlawfully, you have the right to lodge a complaint with a supervisory authority in the applicable region (e.g., the Information Commissioner’s Office in the UK for GDPR, or the Office of the Privacy Commissioner of Canada for PIPEDA).
We encourage you to contact us first to address any concerns.
When registering an account, we may collect the following details:
• Email address
• Encrypted password
• Name
• Country
• Date of birth
If you opt to register via "Single Sign-On" with Facebook, we process the registration details provided by Facebook, such as your name and email address.
Legal Basis: Processing is necessary for contract initiation and fulfillment (Article 6(1)(b) GDPR).
When you make a purchase, payment processing is handled by third-party services. These services process your payment information directly, and their privacy policies apply. We do not store payment details unless you provide them for other purposes.
Legal Basis: Processing is necessary for contract execution (Article 6(1)(b) GDPR).
By subscribing to our newsletter, you consent to the use of your email address and name for distributing information about our products, events, and services. Subscription confirmation is required via email.
Legal Basis: Your explicit consent (Article 6(1)(a) GDPR).
• IP address
• Browser type and version
• Operating system
• Cookies
Legal Basis: Processing is based on our legitimate interests (Article 6(1)(f) GDPR) to ensure website functionality and security.
We use cookies to enhance your browsing experience. These include:
• Session cookies: Temporary and deleted after closing your browser.
• Persistent cookies: Retained for longer periods.
• First-party cookies: Set by our website.
• Third-party cookies: Set by external providers.
You can manage cookies through your browser settings, but please note that disabling some cookies may affect website functionality.
"For more detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy."
Legal Basis: Functional cookies are processed under legitimate interests (Article 6(1)(f) GDPR). Third-party cookie usage is detailed below.
We use Google Analytics to analyze website usage. Data may be transferred outside the EEA, but IP anonymization is enabled to ensure only truncated IP addresses are processed within the EEA.
You can opt out of Google Analytics tracking by installing the browser plugin available at:
https://tools.google.com/dlpage/gaoptout/
Legal Basis: Legitimate interests (Article 6(1)(f) GDPR) for improving website functionality and analyzing usage patterns.
When you contact us via email or through our contact form, we process your email address, name, and any other information you provide.
Legal Basis: Processing is necessary for responding to inquiries (Article 6(1)(b) and (f) GDPR).
For any questions or concerns about this Privacy Policy, or to exercise your rights, please reach out to us at:
CONTACT PAGE
You have the right to object to the processing of your personal data based on legitimate interests. If you object, we will cease processing your data unless we have overriding legitimate grounds.
Objections related to advertising will always result in a cessation of related data processing.
This Privacy Policy is subject to regular review and may be updated as necessary to ensure compliance with applicable laws and regulations in the jurisdictions where we operate.
.png){kind=logo}
