Privacy Policy

Privacy Policy (Draft / English)

Business Operator: BS-P (hereinafter “we,” “us,” or “BS-P”)
Representative: Eitarou (“Eight”) Ishiguro
Location: Ichikawa City, Chiba, Japan
Contact: /biz/contact/

Scope of Application:
This Privacy Policy applies to BS-P’s business activities, including (but not limited to) IT/AI consulting, genetic analysis, Web3/blockchain R&D, FEM system SaaS, and website development and provision.

1. Basic Principles

We respect individuals’ rights and interests and handle personal information appropriately in compliance with applicable laws, guidelines, and internal rules.

2. Personal Information We Collect and Primary Purposes of Use

We collect and use personal information only to the extent necessary for the purposes described below.

  1. Inquiries and business discussions

  • Data: Name, organization/affiliation, contact details, inquiry/consultation details

  • Purpose: Communication, proposals, and contract-related correspondence

  1. Service delivery and operations (IT/AI consulting, website development, FEM SaaS, Web3/blockchain development)

  • Data: Contact details, account information, logs, and other information necessary to deliver and support services

  • Purpose: Service provision, maintenance, and customer support

  1. Genetic analysis-related services (only when applicable and with consent)

  • Data: Testing-related information

  • Purpose: Analysis and reporting

  1. Recruitment (when applicable)

  • Data: Application information

  • Purpose: Recruitment screening and communication

  1. Accounting and legal compliance

  • Data: Information necessary for invoicing, payments, tax, and legal requirements

  • Purpose: Accounting operations and compliance with laws and regulations

We do not use personal information for purposes other than those stated above.

3. Methods of Collection

We collect personal information through:

  • Information entered by the individual,

  • Paper documents,

  • Electronic data received from the individual or client, and/or

  • Other information obtained lawfully.

For special care-required personal information, we obtain the individual’s consent before collection, as required by law.

4. Outsourcing and Third-Party Provision

  • When we outsource the handling of personal information, we select and supervise contractors appropriately and manage them through contracts and other measures.

  • Except as required by law, we do not provide personal information to third parties without the individual’s consent.

  • If it becomes necessary to provide personal information to a third party located outside Japan, we will notify the individual of information such as the relevant country’s personal information protection system, as required.

5. Joint Use

We do not conduct joint use of personal information.

6. Security Control Measures (Overview)

We implement reasonable and appropriate security measures, including:

  1. Organizational measures

  • Appointment of a responsible manager, inventory/record management, periodic inspections, and vendor/contractor management

  1. Human measures

  • Confidentiality agreements, training, and revocation of access rights upon termination

  1. Physical measures

  • Entry/exit controls, locking controls, secure handling of storage media, and proper disposal

  1. Technical measures

  • Access control, least privilege, MFA, encryption, log auditing/monitoring, malware protection, and backups

  1. External environment measures

  • If data is stored outside Japan, we will understand the relevant legal environment and take appropriate measures.

7. Anonymized Information and Pseudonymized Information

When creating or providing anonymized or pseudonymized information, we implement measures to prevent re-identification and ensure appropriate disclosure and security management.

8. Retention and Disposal

After the purpose of use has been achieved, we delete or dispose of personal information in a manner that makes restoration difficult, in accordance with applicable laws, contracts, and our internal standards.

9. Requests for Disclosure, etc. (Retained Personal Data)

We accept requests from the individual (or an authorized representative) regarding:

  • Notification of purpose of use,

  • Disclosure (including records of third-party provision),

  • Correction, addition, or deletion, and

  • Suspension of use, deletion, or suspension of provision to third parties.

Contact: See the contact information above.
Procedure: We will confirm identity and inform you of whether any fee applies.
Response timeframe (guideline): Within 30 days.
If we cannot comply due to legal or other valid reasons, we will notify you of the reason.

10. Incidents, Complaints, and Inquiries

In the event of leakage or other incidents, we will assess impact, take necessary actions (including reporting where required), and implement measures to prevent recurrence. We also accept complaints and inquiries through the contact point above.

11. Continuous Improvement

We continuously improve this Privacy Policy and related internal rules through internal audits, training, corrective actions, and other measures.

Established: October 28, 2025
Last Revised: October 28, 2025