Legal · Privacy Policy
MmowW Scrib🐮 — Privacy Policy
Last updated: 2026-05-02 · Operator: Sawai Gyoseishoshi Office (Japan) · Compliance: GDPR · APPI · PCI-DSS (Stripe)
This Privacy Policy explains how MmowW Scrib🐮 ("Service") collects, uses, retains, and deletes your personal data. We process data under the EU General Data Protection Regulation (GDPR), Japan's Act on the Protection of Personal Information (APPI / 個人情報保護法), and PCI-DSS (handled exclusively by Stripe).
本プライバシーポリシーは、MmowW Scrib🐮 における個人情報の取扱方針を定めるものです。GDPR・個人情報保護法(APPI)・PCI-DSS(Stripe対応)に準拠します。
§1. Data Controller
- Operator: Sawai Gyoseishoshi Office (さわい行政書士事務所)
- Contact: info@mmoww.net · Tel: 090-1189-4136
- EU/UK GDPR representative: TODO: ポッポ確認 — EU representative designation if/when MAU > threshold under Art. 27 GDPR
§2. Data We Collect
| Category | Examples | Purpose | Legal basis |
|---|
| Account data | Email, name, password hash, Pass type | Authentication, billing, support | Contract (GDPR Art. 6(1)(b)) |
| Document input data | Form answers, draft text, uploaded docs | Generate output documents | Contract / Consent |
| Document metadata | Document ID, type, created/exported timestamps, version history | Dashboard, audit log, support | Legitimate interest |
| Payment data | Card number, billing address — handled by Stripe only; we never see card details | Pass purchase | Contract |
| Usage data | Pages viewed, AI queries, error logs, IP, browser | Service improvement, security | Legitimate interest |
| 愛ちゃん AI logs | User question + response (anonymized after 30d) | Quality improvement | Legitimate interest |
§3. Data Retention — Pass-Linked Auto-Deletion
Document input data is automatically deleted 30 days after Pass expiry.
This is a core privacy commitment of Scrib🐮:
- While Pass is active: Document input data (form answers, draft text, uploaded files) is encrypted at rest and accessible to you in the dashboard.
- 30 days after Pass expiry: Document input data is permanently deleted from primary storage and backup media within the next backup-rotation cycle. This is automatic; no Member action is required.
- Document metadata + download history: Retained indefinitely (or until account deletion) for audit, regulatory, and tax-record purposes. Metadata excludes the actual document content — only IDs, types, timestamps, version counts, and export logs.
- Account data: Retained while account is active. Upon account deletion, retained for 90 days (recovery window), then deleted.
- Payment records: Retained 7 years per Japanese tax law (Income Tax Act / Corporation Tax Act). Stripe also retains payment data per its own policy.
書類入力データは、パスの有効期限切れから30日後に自動削除されます。書類メタデータ(ID・種類・作成/出力日時・バージョン履歴)とダウンロード履歴は、アカウント削除まで(または法令上の保存義務がある間)保持します。決済記録は税法に基づき7年間保持します。
§4. Cookies & Tracking
- Strictly necessary cookies: Session authentication, CSRF protection. No consent required (PECR / GDPR Art. 6(1)(f)).
- Analytics cookies: We use privacy-respecting analytics (Plausible or self-hosted equivalent — TODO: ポッポ確認 最終選定). No personal identifiers are collected. IP is hashed and discarded after 24h.
- No third-party advertising trackers. No Facebook Pixel, no Google Ads remarketing, no cross-site behavioral tracking.
- Stripe Checkout may set its own cookies on its hosted pages — see Stripe Privacy Policy.
§5. Payment Data — Stripe / PCI-DSS
All payment processing is performed by Stripe Payments Inc. (PCI-DSS Level 1 certified). MmowW Scrib🐮 never receives, stores, or transmits raw card numbers, CVV, or full bank details. We receive only:
- Stripe customer ID
- Last-4 digits of card (display purposes only)
- Subscription / charge ID
- Billing email and country
Stripe's privacy practices: https://stripe.com/privacy
§6. AI Processing — 愛ちゃん (Anthropic Claude)
- 愛ちゃん is powered by Anthropic's Claude API. When you send a question to 愛ちゃん, the question text and a Retrieval-Augmented-Generation context (selected passages from our 18-cell knowledge base) are transmitted to Anthropic's API.
- Anthropic's API enterprise terms specify that customer inputs and outputs are not used to train base models. See Anthropic Privacy.
- We log the question + response on our servers for 30 days for quality assurance, then anonymize (strip any user identifiers) and aggregate for product improvement.
- Do not input sensitive personal data (national ID, health data, banking credentials) into 愛ちゃん.
§7. Data Sharing & Sub-processors
| Sub-processor | Purpose | Region |
|---|
| Supabase (PostgreSQL + Auth + Storage) | Account, document, dashboard data | Tokyo region (ap-northeast-1) |
| Stripe | Payment processing | USA / Ireland (EU/JP local) |
| Anthropic (Claude API) | 愛ちゃん AI | USA |
| Xserver VPS | API hosting, build pipeline | Japan |
| Cloudflare / CDN | Static asset delivery, DDoS protection | Global edge |
We do not sell, rent, or share personal data with advertisers, data brokers, or marketing companies.
§8. International Transfers
Personal data may be transferred outside Japan / EU / UK to the sub-processors listed above. Transfers rely on:
- EU Standard Contractual Clauses (SCCs) — for transfers from EU/UK to USA.
- APPI Article 28 — for cross-border transfers from Japan, with appropriate safeguards confirmed via DPA.
§9. Your Rights
Under GDPR and APPI you have the right to:
- Access — request a copy of your personal data.
- Rectification — correct inaccurate data.
- Erasure ("right to be forgotten") — delete your account and associated data, subject to legal retention obligations (e.g., 7-year tax records).
- Portability — receive your data in a machine-readable format.
- Object / Restrict — object to processing based on legitimate interest; restrict processing while a complaint is reviewed.
- Withdraw consent — where processing is based on consent.
- Lodge a complaint — with your local data protection authority (e.g., 個人情報保護委員会 / EU DPA / UK ICO).
To exercise rights, email info@mmoww.net. We respond within 30 days (GDPR Art. 12(3)).
§10. Security
- TLS 1.2+ for all transport.
- AES-256 encryption at rest (Supabase managed).
- Password hashing via bcrypt / argon2 (managed by Supabase Auth).
- Row-Level Security (RLS) on every database table — Members can only access their own rows.
- Regular automated backups; tested restore procedure.
- Incident response: breach notification within 72 hours per GDPR Art. 33.
§11. Children
The Service is not directed to individuals under 18 (or the age of majority in your jurisdiction). We do not knowingly collect data from minors. If you believe a minor has registered, contact info@mmoww.net.
§12. Photos / Uploads / Document Rights
If you upload images or documents (e.g., for OCR or attachment to a generated document), you confirm you hold the rights to do so. We process uploads solely to fulfill the Service and delete them per §3 retention rules.
§13. Changes to This Policy
We may update this Policy. Material changes will be communicated via email and/or in-app notice at least 30 days before taking effect.
Privacy questions: info@mmoww.net · Sawai Gyoseishoshi Office · Tel: 090-1189-4136