OUR COMMITMENT

Security & Privacy

ISO/IEC 27001 Certified

Our Commitment to Information Security

To further strengthen our information security practices, basicmath Inc. has been included within the certification scope of the ISMS (Information Security Management System) certification held by our parent company, basicmath LLC, under international standard ISO/IEC 27001 and Japanese standard JIS Q 27001.

Under this certification, we manage and operate the important information entrusted to us by our customers in accordance with the same management framework, and strive to ensure safety and reliability.

We will continue to strengthen employee training and conduct ongoing reviews of our management systems — enhancing security measures in response to changes in the environment and risk landscape, and operating as a company worthy of our customers' trust and safety.

Certified Entity basicmath LLC
Standard ISO/IEC 27001:2022 / JIS Q 27001:2023
Registration Number IS 817345
Registered Scope Development, maintenance, operation, and sales of AI-powered SaaS systems
Development and maintenance of business systems
DX consulting
Digital marketing
Applicable Sites basicmath LLC — Kyoto HQ (Ogawa Kyoto Building 3F)
basicmath Inc. — Kyoto HQ (Ogawa Kyoto Building 2F)
Initial Registration January 15, 2025
Last Updated April 26, 2026
Certification Body BSI Japan Co., Ltd.
Accreditation Bodies ANSI National Accreditation Board (ANAB)
Japan Information Processing Development Corporation (JIPDEC)

Information Security Policy

Information Security Policy

basicmath LLC and basicmath Inc. (hereinafter "the basicmath Group") are committed to protecting the information assets managed or controlled by the Group, as well as information assets entrusted to us by customers, from threats such as accidents, disasters, and criminal acts. In order to meet the trust of our customers and society, we conduct information security activities in accordance with the following principles.

1

Management Responsibility

The basicmath Group is committed to continuously improving information security under leadership-driven, organizational management.

2

Internal Structure

The basicmath Group establishes an organization dedicated to maintaining and improving information security, coordinates across entities as needed, and formalizes information security measures as official rules.

3

Employee Commitment

Employees of the basicmath Group acquire the knowledge and skills required for information security and ensure solid engagement with information security practices.

4

Compliance with Laws and Contractual Requirements

The basicmath Group complies with laws, regulations, standards, and contractual obligations related to information security, and meets the expectations of our customers.

5

Response to Violations and Incidents

In the event of a violation of laws, breach of contract, or security incident related to information security, the basicmath Group will respond appropriately and work to prevent recurrence.

Revised: April 1, 2026

basicmath LLC   Representative Member

Shumari Nakajima

basicmath Inc.   Representative Director

Shumari Nakajima

Privacy Policy

Privacy Policy

basicmath Inc. (hereinafter "the Company") establishes the following Privacy Policy (hereinafter "this Policy") regarding the handling of users' personal information in the services provided on this website and in various services handled by the Company.

1

Personal Information

"Personal information" refers to "personal information" as defined under the Act on the Protection of Personal Information — information relating to a living individual that can identify a specific individual through descriptions such as name, date of birth, address, phone number, contact information, or other information, as well as data relating to appearance, fingerprints, voiceprints, and information that alone can identify a specific individual (personal identifying information) such as health insurance policy numbers.

2

Collection of Personal Information

The Company may ask for personal information such as name, date of birth, address, phone number, email address, bank account number, credit card number, and driver's license number when users register or make inquiries. The Company may also collect personal information, including transaction records and payment information involving users, from affiliates such as information providers, advertisers, and ad distribution partners.

3

Purpose of Collection and Use

The Company collects and uses personal information for the following purposes:

  • To provide and operate the Company's services
  • To respond to inquiries from users (including identity verification)
  • To send emails about new features, updates, campaigns, and other services provided by the Company
  • For necessary communications such as maintenance notifications and important announcements
  • To identify and refuse users who violate the Terms of Service or attempt to use services for unauthorized purposes
  • To allow users to view, modify, and delete their registered information and usage history
  • To bill users for paid services
  • For purposes incidental to the above
4

Changes to Purpose of Use

The Company may change the purpose of use of personal information only where it is reasonably deemed to be related to the original purpose.

In the event of a change, the Company will notify users or post notice on this website in the manner prescribed by the Company.

5

Disclosure to Third Parties

The Company will not provide personal information to third parties without the prior consent of the user, except in the cases listed below, and except as permitted by the Act on the Protection of Personal Information or other applicable laws:

  • When necessary to protect a person's life, body, or property and it is difficult to obtain the individual's consent
  • When particularly necessary for improving public health or the sound development of children and it is difficult to obtain the individual's consent
  • When it is necessary to cooperate with national or local government authorities or their delegated parties in executing legally mandated affairs, and obtaining consent may impede such execution
  • When the following items have been notified or publicly announced in advance and the Company has notified the Personal Information Protection Commission:
    • That the purpose of use includes provision to third parties
    • The categories of data provided to third parties
    • The method or means of provision to third parties
    • That provision to third parties will be suspended upon request by the individual
    • The method for accepting such requests

Notwithstanding the above, the following recipients shall not be considered third parties:

  • When the Company outsources all or part of the handling of personal information within the scope necessary to achieve the purpose of use
  • When personal information is transferred due to a business succession such as merger
  • When personal information is shared jointly with a specific party, and the individual has been notified in advance or placed in a position to readily access: the fact of joint use, the categories of shared data, the scope of sharing parties, the purpose of use, and the name of the party responsible for managing the data
6

Disclosure of Personal Information

When requested by the individual to disclose personal information, the Company will disclose it without delay. However, if disclosure falls into any of the following categories, the Company may withhold all or part of the information and will notify the individual promptly of such decision:

  • Risk of harm to the life, body, property, or other rights and interests of the individual or a third party
  • Risk of significant interference with the proper execution of the Company's business operations
  • Violation of other laws or regulations

Notwithstanding the above, non-personal information such as browsing history and behavioral data will not be disclosed as a general rule.

7

Correction and Deletion of Personal Information

If a user believes that personal information held by the Company is inaccurate, the user may request correction, addition, or deletion (hereinafter "correction, etc.") of such information in accordance with the Company's prescribed procedures.

If the Company receives such a request and determines that it is necessary to comply, the Company will carry out the correction, etc. without delay.

If correction, etc. is carried out or a decision is made not to carry out correction, the Company will notify the user without delay.

8

Suspension of Use of Personal Information

If the Company receives a request from an individual to suspend or delete personal information (hereinafter "suspension of use") on the grounds that it is being used beyond the stated purpose or was obtained through improper means, the Company will conduct the necessary investigation without delay.

If, based on the results of that investigation, the Company determines that compliance is necessary, it will suspend the use of the relevant personal information without delay.

The Company will notify the user without delay whether or not suspension of use has been carried out.

In cases where suspension of use would incur significant cost or is otherwise difficult to execute, and where alternative measures that sufficiently protect the user's rights and interests can be taken, the Company may implement such alternatives instead.

9

Changes to This Privacy Policy

The contents of this Policy may be changed without notice to users, except as otherwise stipulated in laws or this Policy.

Unless otherwise specified by the Company, the revised Privacy Policy shall take effect from the time it is posted on this website.

10

Contact

For inquiries regarding this Policy, please contact us at:

COMPANY

basicmath Inc.

E-MAIL

privacy@basicmath.jp