This English version is provided for reference purposes only. In the event of any inconsistency or conflict between the Japanese version and the English version of this Privacy Policy, the Japanese version shall prevail.

 BIMBase Inc. (hereinafter referred to as “the Company”) establishes the following Privacy Policy (hereinafter referred to as “this Policy”) regarding the handling of user information in connection with the websites, systems, mobile applications, and related services provided by the Company (collectively referred to as “the Services”).

1.Information We Collect

 The Company may collect the following information in connection with the provision of the Services.

  1. Information Collected Through the Website
     Information provided through inquiry forms, document requests, or other input forms on the Company’s website, including names, company names, affiliations, email addresses, phone numbers, and other submitted information, as well as Cookies, access logs, and other information related to website usage.
  2. Information Collected Through Use of the Services
     Account information (such as names, email addresses, and affiliations), login information, authentication information, authentication history, usage history, operation history, and access logs.
  3. Device and Usage Environment Information
     Device identifiers (such as device IDs), operating systems, browser types and versions, IP addresses, and network-related information.
  4. Facility and IoT Data
     Sensor information, operational status, model location information of facilities and equipment, and other operational data obtained from facilities or equipment managed by users through the Services.
    Such information is generally handled as business data that does not identify specific individuals.

2.Classification of Information

 The Company classifies and handles information obtained through the Services as follows.

  1. Personal Information
    Information that can identify a specific individual.
  2. Business Data
    Equipment information, IoT data, operational data, and other information that does not identify a specific individual.

3.Purpose of Use

 The Company uses the acquired information for the following purposes.

  1. Purposes Related to the Website
    (1) Responding to inquiries and sending materials
    (2) Providing information regarding the Services and related information
  2. Purposes Related to the Services
    (1) Providing, operating, and maintaining the Services
    (2) Providing facility management and data visualization functions
    (3) User authentication, identity verification, security management, and account administration
    (4) Improving the Services and developing new functions
    (5) Creating and analyzing statistical data
    (6) Preventing unauthorized use and ensuring security
    (7) Responding to inquiries from users
    (8) Fulfilling obligations based on laws or contracts

4.Ownership of Data

 The ownership and handling of business data acquired or generated through the Services shall be determined in accordance with contracts concluded between the Company and users or the organizations to which users belong.
 The Company shall appropriately handle such data in accordance with such contracts and this Policy.

5.Information Collection by Usage Method

 The Services are provided through multiple forms of use, including web browsers and mobile applications. The Company may collect the following information depending on the usage method.

  1. When Using Web Browsers
    Cookies, session information, and access logs.
  2. When Using Mobile Applications
    Device information (such as device models and operating systems), application usage information, network information, and identifiers required for push notifications.
  3. Use of Device Functions in Mobile Applications
    The mobile application may access device functions such as cameras, storage, and notification functions for purposes including photo capture, image registration, notification delivery, and other functions necessary for providing the Services. Such functions are used only to the extent necessary for providing the Services.

6.External Transmission on the Website

 The Company may use analytics tools and other external services to analyze usage of the Company’s website and the Services, improve quality and usability, and enhance the Services.
 As a result, information such as device information, Cookies, browsing history, IP addresses, and other usage information may be transmitted to external service providers.
 The Company uses such information for purposes including service improvement, usage analysis, prevention of unauthorized use, and appropriate service provision.
 Users may restrict or disable such information transmission through browser settings or methods provided by the respective service providers.

7.Use of External Services

 The Company may use cloud services and other external services in providing the Services. Such external services shall be appropriately managed in accordance with contracts and this Policy.

8.Provision to Third Parties

 The Company shall not provide personal information acquired from users to third parties except in the following cases:

  1. When the user has given consent
  2. When required by laws or regulations
  3. When necessary to protect human life, body, or property
  4. In connection with business succession due to mergers, company splits, business transfers, or similar events

9.Outsourcing and Overseas Transfer

 The Company may outsource all or part of the handling of personal information within the scope necessary to achieve the purposes of use. In such cases, the Company shall execute appropriate agreements with contractors and provide necessary and appropriate supervision.
 The Services are generally provided using servers located in Japan. However, where necessary for service provision or based on contracts between the Company and users or the organizations to which users belong, servers or cloud services located outside Japan may be used.
 In such cases, the Company shall handle information appropriately in accordance with applicable laws, regulations, and contracts, while implementing appropriate security measures.

10.Security Measures

 The Company implements organizational, human, physical, and technical security measures to prevent unauthorized access, leakage, loss, or damage of acquired information.
 Such measures include access control, encrypted communications (SSL/TLS), log monitoring, and establishment of internal regulations.

11.Use of Statistical Data

 The Company may process acquired information into a form that does not identify individuals and use such information as statistical data.

12.Retention Period

 The Company retains acquired information only for the period necessary to achieve the purposes of use and shall appropriately delete such information when it is no longer necessary.

13.User Responsibility

 Users shall appropriately manage their account information at their own responsibility.

14.User Rights

 Users may request disclosure, correction, suspension of use, or deletion of their personal information in accordance with the Act on the Protection of Personal Information of Japan.
 For details regarding such requests, please contact the inquiry desk specified in Article 16.

15.Changes to This Policy

 The Company may revise this Policy as necessary. Revised contents shall become effective when posted on the Company’s website.
 However, where required by applicable laws, the Company shall obtain user consent through appropriate methods.

16.Contact

 For inquiries regarding this Policy or the handling of personal information related to the Services, please contact us through the following inquiry form.

Inquiry Form:https://www.bimbase.co.jp/home/contact/

Contact

Established: July 11, 2025
Revised: May 11, 2026

BIMBase Inc.
Yasuko Nakahara, CEO