Privacy Policy

This English version has been prepared for your reference only. If there is a conflict between the Japanese version and the English version, the Japanese version will control.

GMO Adam, Inc. (“we”, “us”, and “our”) establishes this privacy policy (“Policy”) for Adam byGMO (“the Service”) based on the "Act on the Protection of Personal data", and protects your Personal Information. We handle and protect personal information appropriately in accordance with this Policy.

For users located in the jurisdicitons where EU GDPR or UK GDPR applies, we establish "GDPR Compliant Privacy Policy" to provide the Service.

1. Compliance with applicable laws and regulations

We comply with this Policy, applicable laws and regulations regarding the protection of Personal Information, as well as guidelines provided by the Personal Information Protection Commission.

2. Definition of Personal Information

Personal information means information about a living individual that can be used to identify the specific individual by name, date of birth, or other description contained in the information. This includes information that can be easily cross-checked with other information to identify a specific individual.

3. Processing Purposes

We handle the personal information of users of this service to the extent necessary to achieve the purpose of use, except in cases where we have obtained the consent of the user of the service or where such information is treated as an exception by law or other regulations. The purposes of our use of personal information are as follows;

  1. To solicit and sell the Service to users
  2. To provide information on applications for the Service, membership cancellations, and changes to registered information, and to perform various other administrative procedures such as confirmation procedures.
  3. To confirm, investigate, or reply to inquiries received from users regarding the Service.
  4. To conduct questionnaires and surveys for users.
  5. To exercise rights or fulfill obligations based on contracts or laws and regulations with users.
  6. To properly perform the entrusted work in the event that all or part of the processing of personal information is entrusted by another business or other entity, etc.
  7. To ensure the appropriate and smooth performance of the transactions between users of the Service.
  8. We, its parent company GMO Internet Group, Inc. and its consolidated subsidiaries(collectively, "the Group"), as well as the development, introduction, and provision of services by the Group's partner companies.
  9. To conduct market research, research and development of new services, and to provide information to users concerning the Service and the Group's business by analyzing user attribute information, usage information, etc.
  10. To conduct business management and internal administration, including integrated compliance and risk management of the Group.
  11. To provide shareholder benefits to the Group's shareholders.
  12. To perform incidental procedures to the above.
  13. To perform other purposes for which the individual has voluntarily consented.

4. Collection of Information relating to natural persons

We acquire users' personal information only to the extent necessary to achieve the purposes specified and announced in advance, and use the information appropriately within the scope necessary to achieve the purposes of use.

5. Acquisition of Personal Information

We may receive personally identifiable information from a third party and link it to personal data held by us, thereby acquiring it as personal data that identifies the user. In such cases, the information will be used within the scope of the purposes of use described in "3. Processing Purpose.”

[Note] How we use cookies
We uses cookies and other similar technologies ( "cookies") on our website by default to provide users with a seamless experience, personalized features, and personalized advertisements. Users accessing our website are required to consent to our use of cookies, provided that users may manage the cookies preferences by changing "cookies preferences" at the browser.

6. Security measures

In order to prevent leakage of users' personal information, we implement necessary and appropriate security measures as described below, as well as appropriately supervise our employees and

(1) Establishment of the Policy
This Policy is established to ensure that we process your Personal Information legally and in an appropriate manner.

(2) Implementation of rules in relation to Personal Data processing
Procedures and manuals of each stage of Personal Data processing such as collection, use, storage, disclosure, and deletion are established.

(3) Organizational security measures

  • We have established an organizational structure to safeguard Personal Data, and have appointed our Data Protection Officer.
  • In preparation for any data breach, we have set a specific department which is in charge of any data breach. The department has implemented a system to investigate the fact, find the root causes, report to the Personal Information Protection Commission, contact and inform to the person, announce the remediation plan.

(4) Human security measures

  • All new employees are required to submit non-disclosure agreements regarding confidentiality of Personal Data.
  • We periodically conduct education and training regarding Personal Information.

(5) Physical security measures

  • We have implemented internal controls to prevent theft of documents, hardware or devices where Personal Information is stored.

(6) Technological security measures

  • We have access controls implemented to limit the Personal Information processing coverage.
  • We have implemented measures to prevent unauthorized access to information systems which store Personal Information from outside.

(7) Understanding foreign data protection laws and regulations

  • We use cloud services to store and retain some Personal Data. The data centers of those service
  • providers are located in U.S., Chile, Ireland, Netherlands, Denmark, Finland, Belgium, Singapore, Taiwan and Australia. We have reviewed the terms and conditions of the services provided by cloud service providers, and we endeavor to understand the data protection laws and regulations in those countries and regions.

7. Provision of Personal Information to Third Parties

We do not provide personal information of users to third parties without their consent, except in cases where we outsource work, use personal information jointly with a specific party, or when permitted by law.

8. Joint processing of Personal Data

We may process your Personal Data jointly in the following situations.
a. Items of Personal Data
Name, address, e-mail address, telephone number, contract information, usage information, and other information about the users.
b. Scope of joint processors
We, its parent company GMO Internet Group, Inc. and its consolidated subsidiaries
c. Purposes of joint processing
The information are strictly used under information management within the necessary scope for “3. Processing Purposes” above.
d. Party who is responsible for joint processing
GMO Adam, Inc.
The address, representative and other information of GMO Adam, Inc. can be confirmed below.

9. Request for access, etc.

When we receive a request for disclosure, etc. (notification of purpose of use, disclosure, correction, etc., suspension of use, etc., suspension of provision to a third party) of retained personal data, etc., we confirm the identity of the person making the request and strive to respond appropriately and promptly. If there is a request for disclosure as to whether or not an Individual Number is retained, we respond as to whether or not an Individual Number is retained. Specific procedures are as follows;
(1) Request for access, etc.
The individual whose retained personal data is held by us may make the following requests with respect to said retained personal data
- Notification of the purpose of use
- Disclosure
- Correction, etc.
- Suspension of use, etc.
- Cessation of provision of information to third parties
(2) How to request
Please contact the address listed in "10. Inquiries" below.
(3) Identification method
We confirm the identity of the user by a method prescribed by us.
(4) Disclosure fee
1,100 yen (tax included)
However, if the actual cost exceeds the above amount, or if the contents of the request are unusualand require a certain amount of time or work to investigate or respond, an amount equivalent to the actual cost and fee must be paid separately.
(5) Method of response
In the case of a request by the person himself/herself or his/her representative, we will respond to
the request in one of the following ways.
1. Send an electromagnetic record of the contents of the response by e-mail to the e-mail address registered with us by sending an attachment to the e-mail.
2. By mailing a written response to the person at his/her registered address.
*The fee is collected together with the usage fee.
*If the person in question is not our user, payment must be made by postal ticket or fixed-amount money order.
*If the request is made by a representative, we will confirm that the requestis made by the principal and that the representative has the authority to act on behalf of the principal. In order to verify the identity of the person, a "Request for Disclosure of Personal Information, etc.", "Letter of Proxy", and "Seal on the Letter of Proxy" must be submitted.
*In the event that a request for disclosure is made by a representative, we will, in principle, reply to the request in person.
*Requests for discontinuance of use, etc. may be made in the following cases:
when we use your personal information for purposes other than those for which it was originally intended, when we obtain it illegally, when we use it in a way that may encourage or induce illegal or unjust acts, when we no longer need to use the retained personal data, when there is a leakage, etc. of the retained personal data, or when we use the personal data in a way that may encourage or induce an illegal or unjust act. In addition, we may do so when there is a risk that the rights and interests of the person in question may be harmed by the handling of the retained personal data. Cessation of provision to a third party may also be requested in the following cases: when we have provided your personal information to a third party without your consent, when we have provided your personal information to a third party in a foreign country without your consent, when we no longer need to use your
retained personal data, when there has been a leakage of your retained personal data, or when there is any other case if there is a risk that the rights and interests of the person may be harmed by the handling of the data. Please note that there may be cases in which we are unable to respond to your request.

10. Inquiries

We endeavor to respond sincerely and promptly to your comments, inquiries, complaints, etc. Inquiries regarding personal information are accepted via the inquiry form.
The inquiry form:

11. Changes to Policy

We may revise this Policy in order to protect users' personal information and to comply with changes in laws and regulations. In this case, we will notify you in advance on our website.

GMO Adam, Inc.
(Revised May 30, 2022)



Have more questions? Submit a request

Articles in this section