Privacy Policy

Last updated: 9 December 2025

This privacy policy (this "Policy") explains how the Flashvery operations team ("we", "us", "our") handles personal data and related information of users (including creators, purchasers and visitors, collectively "Users") in connection with the services we provide (our website, applications and any related services, collectively the "Service").

We comply with Japan's Act on the Protection of Personal Information and operate the Service with due regard to applicable laws in the EEA, the United Kingdom, Switzerland, the State of California in the United States and other relevant jurisdictions.

1. Controller

Name: Flashvery Operations Team
Data protection lead: Masanori Iwata
Location: Tokyo, Japan
Contact: support@flashvery.com
Data Controller: The above entity acts as the data controller.

2. Information we collect

Account information (name / creator name, email address, profile, social media IDs, country/region, etc.)
Transaction and payment information (purchase and sales history, amounts, balance and payout status, billing information). Sensitive payment information such as full card numbers is handled by our payment processors and is not stored by us.
Content (guides / spots, descriptions, photos and videos, location information, tags, reviews and related metadata).
Communications (inquiries, surveys, bug reports, records from tests and user interviews).
Technical information (IP address, device and browser information, cookie / SDK identifiers, logs of actions and errors, language and time zone settings, etc.).
Marketing and analytics data (event data related to page views, conversions and similar, collected through advertising and analytics tags).

3. How we collect information

Information you provide directly through forms, uploads and similar actions.
Information collected automatically through your use of the Service (via cookies, SDKs and logs).
Information obtained from connected services and publicly available sources (for example, public social media profiles).
Voluntary feedback, interviews and similar research activities.

4. Purposes of use

We use personal data for the following purposes:

Providing, operating and maintaining the Service, including authentication, login and storage / display of content.
Managing transactions (sales, purchases, payments and related notifications).
Improving user experience (search, recommendations, rankings and similar optimisations).
Responding to inquiries and sending important notices about the Service.
Quality improvement and product development (access analytics, A/B testing, error log analysis).
Preventing fraud and abuse and ensuring security (for example, countermeasures against impersonation or unauthorised redistribution).
Measuring the effectiveness of advertising and promotions (including processing based on your separate consent where required).
Complying with laws and regulations, protecting our rights and resolving disputes.

5. Cookies, Analytics and Similar Technologies

Analytics Tools We Use

We take a privacy-first approach to analytics:

Plausible Analytics: A lightweight analytics tool that does not use cookies. It does not identify individuals and respects DNT/GPC (Do Not Track / Global Privacy Control) signals.
PostHog (consent-based): Advanced analytics features that are only enabled when you explicitly opt in via your account settings.

Essential Cookies

We use only the minimum cookies necessary for session management and security.

Respecting Your Privacy Settings

If your browser's DNT (Do Not Track) or GPC (Global Privacy Control) is enabled, all analytics are automatically disabled.

For more details, please refer to our Cookie Policy.

We may share or entrust the processing of personal data to third parties to the extent necessary to achieve the above purposes, and we will appropriately supervise such third parties through contracts and other means.

Main categories of such third parties include:

Payment processing: Stripe and similar providers (we do not store card information).
Infrastructure and delivery: cloud providers such as Vercel, CDNs, email delivery services such as Postmark, logging platforms and similar services.
Analytics and advertising: providers of access analytics and advertising measurement (including, for example, Plausible and PostHog, as well as other vendors that may be introduced in the future).
AI functionality: where we offer AI features (such as guide generation), input, output and related metadata may be processed by AI service providers.
Legal compliance, enforcement of rights and business transfers.

7. International transfers

Our servers and service providers may be located outside your country or region. Where required by applicable law, we will implement appropriate safeguards, such as standard contractual clauses, for cross-border transfers of personal data.

8. Legal bases (EEA / UK users)

For Users in the EEA or the UK, we process personal data on the following legal bases:

Performance of a contract with you or in order to take steps at your request prior to entering into a contract.
Our legitimate interests (for example, to improve the Service, prevent abuse and protect our rights), to the extent such interests are not overridden by your rights and interests.
Your consent, where required (for example, for certain types of marketing or analytics cookies).
Compliance with legal obligations.

Where processing is based on your consent, you may withdraw your consent at any time. This does not affect the lawfulness of processing carried out before your withdrawal.

9. Retention period

We retain personal data for as long as necessary to fulfil the purposes described above, and then delete or anonymise it. From the perspective of payment, tax and fraud prevention, we normally retain transaction-related data for seven (7) years and then anonymise it or take other appropriate measures. Where laws require us to retain data for a longer or shorter period, we will comply with those requirements.

10. Security

We implement reasonable technical and organisational measures to protect personal data, including access controls, encryption and audit logs. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Public information and user-generated content

Profiles, guides and other content that you designate as public may be visible to other users and visitors. If your content includes personal data of third parties, you are responsible for obtaining any necessary rights and consents. We may implement technical measures to protect content against unauthorised redistribution or scraping.

12. Special provisions regarding AI features

When you use AI-powered features, your input text, generated output and related metadata may be sent to AI service providers. We aim to configure such services with privacy-friendly options (such as opting out from training where available), but the details depend on each provider's specifications. Please avoid entering highly sensitive information into AI features.

13. Children

The Service is intended for users who are 18 years of age or older. We do not knowingly allow persons under 18 to use the Service. If we become aware that we have collected personal data from someone under 18, we will delete such data and take appropriate steps.

14. Your rights

Subject to applicable law, you may request access to, correction of, suspension of use of, deletion of or similar actions in relation to your personal data. Users in the EEA / UK may also have rights to data portability, restriction of processing, objection to certain processing and the right to lodge a complaint with a supervisory authority.

To exercise your rights, please contact us at support@flashvery.com. We may need to verify your identity before responding.

15. Marketing communications

We send newsletters and other marketing communications based on your consent or other applicable legal basis. You can change your communication preferences or unsubscribe at any time by following the instructions in our emails or in your account settings, where available.

16. Changes to this Policy

We may modify this Policy from time to time in response to changes in laws, regulations or the Service. When we make important changes, we will notify you by posting a notice on the Site or by email and indicate the date of the latest update at the top of this Policy.

17. Contact

Flashvery Operations Team
Email: support@flashvery.com