Privacy Policy
Last updated: January 21, 2026
Introduction
We are the sole proprietorship kakuo gadgets operated by Ryota Kakuo, providing the web page monitoring service "Monitope." We respect your privacy and are committed to protecting your personal information.
This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use the Service. By using the Service, you consent to the practices described in this Privacy Policy.
1. Data Controller
The data controller responsible for your personal information is the sole proprietorship kakuo gadgets (brand name: Kakuo gadgets) operated by Ryota Kakuo.
2. Information We Collect
We may collect the following categories of information:
2.1 Information You Provide Directly
| Type of Information | Purpose |
|---|---|
| Email address | Account authentication, notifications, support |
| Username | Account identification |
| Password | Authentication (stored using BCrypt hashing) |
| Timezone and language settings | User experience optimization |
2.2 Information Collected Automatically
| Type of Information | Purpose |
|---|---|
| IP address | Security, fraud prevention |
| Browser and device information | Service optimization, compatibility |
| Access date/time and page views | Service improvement, usage analysis |
| Cookies and similar technologies | Session management, preference storage |
2.3 Service-Related Information
- Monitored URLs
- Monitor settings (selectors, check intervals, etc.)
- Notification settings (recipients, channel configurations)
- Monitoring history (content hashes of detected changes)
2.4 Payment Information
If you use a paid plan, payment processing is handled through our payment processor (Stripe). We do not directly store credit card numbers or other payment credentials. For information about how Stripe handles your payment information, please see Stripe's Privacy Policy.
3. How We Use Your Information
We use the collected information for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and operating the Service | Contract performance |
| Sending change detection notifications | Contract performance |
| Service-related announcements | Legitimate interests |
| User support | Contract performance |
| Service improvement and new feature development | Legitimate interests |
| Fraud prevention and security | Legitimate interests, legal obligation |
| Terms of Service enforcement | Legitimate interests, legal obligation |
| Usage analysis and statistics (anonymized) | Legitimate interests |
4. Information Sharing
We do not share your personal information with third parties except in the following cases:
- With your consent
- When required by law (court orders, legal requests from authorities, etc.)
- To protect life, body, or property
- For public health or child welfare purposes
4.1 Service Providers (Data Processors)
We use the following third-party services (data processors) and share information to the extent necessary for service provision:
| Service | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud hosting, data storage | Japan/USA |
| Amazon SES | Email delivery | Japan/USA |
| Stripe | Payment processing | USA |
| Google reCAPTCHA | Bot prevention | USA |
5. Data Security
We implement the following security measures to protect your personal information:
- Password encryption: Industry-standard hashing algorithm (BCrypt)
- Communication encryption: All communications encrypted via HTTPS
- Credential encryption: Target website authentication information encrypted with AES-256
- Access control: Database access protected with appropriate permission management
- Regular audits: Periodic security audits conducted
- No PII in logs: Personal information is not written to system logs
6. Data Retention
We retain information for the following periods:
| Type of Information | Retention Period |
|---|---|
| Account information | Until account deletion |
| Monitoring history | Per plan limits (5-100 entries per monitor) |
| Access logs | Up to 90 days |
| Backup data | Up to 30 days |
| Payment records | As required by law (7 years) |
Upon account deletion, the above information will be promptly deleted except where retention is required by law.
7. Your Rights
You have the following rights regarding your personal information:
| Right | Description | How to Exercise |
|---|---|---|
| Right of access | Access your personal information | Contact Form |
| Right to rectification | Correct inaccurate information | Account Settings |
| Right to erasure | Delete account and related data | Account Deletion Page |
| Right to data portability | Export data (JSON format) | Data Export Page |
| Right to withdraw consent | Withdraw marketing consent | Notification Settings |
To exercise these rights or if you have questions about this Privacy Policy, please contact us via our Contact Form. We typically respond within 30 days.
8. Cookies
We use cookies to provide and improve the Service. For more details about our use of cookies, please see our "Cookie Policy".
9. International Data Transfers
While our Service is operated from Japan, we provide services globally. Your data may be processed on servers located outside of Japan.
When transferring data from the EEA (European Economic Area), UK, or Switzerland to Japan or other third countries, we implement appropriate safeguards:
- Japan has received an adequacy decision from the European Commission
- For other third countries, we use Standard Contractual Clauses (SCCs)
10. Children's Privacy
Our Service is not intended for users under the age of 16. If you are under 16, please do not register for the Service without parental consent. If we learn that we have collected personal information from a child under 16, we will promptly delete such information.
11. Changes to This Policy
We may update this Privacy Policy as needed. If significant changes are made, we will notify you through the Service or by email. The updated Privacy Policy will take effect when posted on this page.
12. GDPR (For EEA Residents)
Residents of the European Economic Area (EEA) have the following additional rights under GDPR:
- Right to restrict processing: Request restriction of processing under certain circumstances
- Right to object: Object to processing based on legitimate interests
- Right to lodge a complaint: File a complaint with your local data protection authority
Legal basis: We process personal data based on contract performance (processing necessary for service provision), legitimate interests (service improvement, security), and consent (marketing).
13. CCPA (For California Residents)
California residents have the following rights under the California Consumer Privacy Act (CCPA):
- Right to know: Know the categories and specific pieces of personal information collected in the past 12 months
- Right to delete: Request deletion of personal information, subject to certain exceptions
- Right to non-discrimination: Not be discriminated against for exercising your rights
- Right to opt-out: Opt-out of the "sale" of personal information
Sale of Personal Information: We do not "sell" personal information as defined by the CCPA.
To exercise these rights, please contact us via our Contact Form. For identity verification, please contact us from your registered email address.
Supplementary Provisions
These supplementary provisions take effect on January 21, 2026.
Contact Us
For inquiries regarding this Privacy Policy, please use our Contact Form.