totonoeai Privacy Policy and Cookie Policy
This is an unofficial translation of the canonical Japanese version for informational purposes only. In case of any discrepancy, the Japanese version (
content.md) prevails.
Enacted: April 19, 2026 Last revised: May 4, 2026
Article 1 (Basic Policy)
Yu Nakamura (sole proprietor, hereinafter "we" or "us") regards the protection of users' personal information as an important responsibility in providing "totonoeai" (hereinafter the "Service"), and handles personal information appropriately in accordance with this Privacy Policy while complying with the Act on the Protection of Personal Information (hereinafter "APPI") and other applicable laws and regulations.
Article 2 (Definition of Personal Information)
"Personal information" in this Privacy Policy means personal information as defined in Article 2, Paragraph 1 of the APPI — that is, information relating to a living individual that can identify a specific individual by name, date of birth, or other description contained in the information (including information that can be easily cross-referenced with other information to identify a specific individual).
Article 3 (Information Collected)
We collect the following information in providing the Service.
3-1 Account Information (Obtained via Google OAuth)
When a user logs in using a Google Account, we obtain the following information from Google.
| Type of Information | Content |
|---|---|
| Name (display name) | Name registered in the Google Account |
| Email address | Email address of the Google Account |
| Google ID | Unique ID of the Google Account |
| Profile image URL | Icon image URL of the Google Account (when obtained) |
3-2 Usage Logs and Technical Information
| Type of Information | Content |
|---|---|
| IP address | IP address of the access source |
| Browser information | Browser type and version, OS information (User-Agent) |
| Access logs | Date and time of access, referring page, features used, error logs |
| Cookie information | Information collected via cookies as set out in Article 6 |
3-3 Payment Information (Obtained via Stripe)
For use of paid plans (Light / Premium), the following information is processed through Stripe (operated by Stripe Japan K.K.).
| Type of Information | Content |
|---|---|
| Credit card information | Card number, expiration date, security code (obtained and managed directly by Stripe; not stored on our servers) |
| Payment history | Charge date and time, amount, transaction ID |
| Billing information | Name, address, etc. entered by the user (if provided) |
3-4 Uploaded Files (Temporary Processing) and Data Input to AI
Files uploaded by users for conversion processing (documents, images, videos, etc.) are used solely for the purpose of processing and are deleted within a reasonable period after processing is complete (see Article 5). They may be retained for a certain period to the extent operationally necessary for system logs, backups, caches, etc.
[IMPORTANT] When using AI features, the content of input text, audio, video, and documents is transmitted to the servers (located in the United States) of third-party AI service providers such as Anthropic, PBC (Claude API) or OpenAI, LLC (Whisper API, etc.). Before inputting confidential information, personal information, trade secrets, business-critical information, medical or financial information, or any other information that should not be disclosed to third parties into AI features, please carefully review and use these features at your own responsibility.
Users bear sole responsibility for the legality of data they input and for any infringement of third-party rights (including copyright, trademark rights, portrait rights, privacy rights, trade secrets, and other rights). We do not conduct prior review of content input by users. If a claim of rights infringement or similar claim is received from a third party, the user shall resolve it at their own cost and responsibility.
3-5 Tool Usage History
When a logged-in user runs a text-based tool (Markdown editor, AI document formatting, AI meeting notes, diagram generation, URL shortening, etc.), the input text and output result are stored on our servers (AWS RDS, Tokyo region) for 30 days to support re-use and history restoration. Records older than 30 days are deleted automatically. For file-based tools (PDF conversion, OCR, video processing, etc.), the file itself is not retained — only metadata such as filename, run timestamp, and an output preview. Users can delete individual entries at any time from the "History" tab on the account page.
3-6 Error and Monitoring Information (Obtained via Sentry)
To ensure stable operation of the Service, we use the error monitoring tool "Sentry" (Functional Software, Inc. d/b/a Sentry). Error reports including stack traces, browser information, and session IDs at the time of errors are collected.
3-7 Access Analytics Information (Obtained via Google Analytics 4)
To understand access conditions and improve the Service, we use Google Analytics 4 provided by Google LLC. Cookies collect user behavior (page view history, time on site, referral source, device information, and approximate geographic information). Please refer to Google LLC's website for Google Analytics terms of use and privacy policy.
IP addresses are anonymized (anonymize_ip) on the Google Analytics side and are not used to identify individuals.
3-8 Short URL Safety Verification (Google Safe Browsing)
For URLs entered by users in the Service's URL shortening feature, we use the Google Safe Browsing API provided by Google LLC to verify server-side that the URL is not a phishing or malware site. Only the target URL is sent to Google during verification (users' personal information is not sent).
Article 4 (Purpose of Use)
We use collected personal information for the following purposes.
| Purpose of Use | Information Covered |
|---|---|
| Account authentication and management for the Service | Google OAuth information (name, email, Google ID) |
| Providing Service features (file conversion, OCR, AI processing, etc.) | Uploaded files, account information |
| Billing processing and contract management for paid plans (Light / Premium) | Stripe payment information, account information |
| Sending notices and important communications regarding the Service | Email address |
| Investigating and responding to violations of the Terms of Service | Usage logs, IP address, account information |
| Service quality improvement, incident response, and fraud prevention | Usage logs, error logs (Sentry), IP address |
| Compliance with legal obligations (management of payment records subject to retention requirements, etc.) | Stripe payment information |
| Ad delivery for Free Plan (Google AdSense) | Cookie information (see Article 8), IP address |
| Access analytics and service improvement (Google Analytics 4) | Cookie information, anonymized IP address, page view history, device information |
| Site ownership verification (Google Search Console) | Site ownership confirmation information via DNS / meta tags |
| Short URL safety verification (Google Safe Browsing) | Only the URL entered by the user |
We do not use personal information for purposes other than those listed above. If use for any other purpose becomes necessary, we will obtain the user's prior consent.
Article 5 (Data Retention Periods)
| Type of Data | Retention Period |
|---|---|
| Uploaded files (user content) | 1 day after upload (AWS S3 lifecycle policy auto-deletes the uploads/, processed/, results/ prefixes after 24 hours). Presigned URL validity: 15 minutes to 1 hour |
| Usage logs (access logs, error logs, etc.) | 1 year from collection |
| Account information (Google OAuth information, etc.) | Deleted within 90 days after account deletion |
| Stripe payment information | 7 years from the last transaction in accordance with applicable laws (accounting record retention requirements, etc.) |
| Cookie and session information | According to the expiration of each cookie (see Article 6) |
Article 6 (Third-Party Disclosure)
We do not provide users' personal information to third parties except in the following cases.
6-1 Third-Party Disclosure (Parties That Directly Receive Users' Personal Information)
The following parties receive users' information as independent personal information handling businesses.
| Recipient | Information Provided | Purpose of Provision | Recipient's Privacy Policy |
|---|---|---|---|
| Google LLC (Google AdSense) | Cookie information, IP address, browser information | Ad delivery and behavioral targeting for Free Plan | https://policies.google.com/privacy |
| Google LLC (Google Analytics 4) | Cookie information, anonymized IP address, page view history, device information | Access analytics and service improvement | https://policies.google.com/privacy |
| Google LLC (Google Safe Browsing) | URLs entered by users | Short URL safety verification (phishing/malware detection) | https://policies.google.com/privacy |
| Google LLC (Google Search Console) | Site ownership confirmation information, aggregated search query data | Site ownership verification and search performance analysis | https://policies.google.com/privacy |
| Stripe Japan K.K. | Name, email address, credit card information, payment-related information | Payment processing and billing management | https://stripe.com/jp/privacy |
6-2 Processors (Parties That Process Personal Information Under Our Instructions)
The following parties process personal information as our business processors within the scope of our instructions.
| Processor | Information Processed | Purpose of Processing | Location |
|---|---|---|---|
| Amazon Web Services, Inc. (AWS) | Account information, usage logs, uploaded files (temporary) | Infrastructure and data storage (S3 Tokyo Region, RDS Tokyo Region) | United States (data stored in Tokyo Region) |
| Anthropic, PBC | Content of text and documents input to AI (temporary) | Provision of AI document processing and formatting features | United States |
| OpenAI, LLC | Audio and text input to AI (temporary) | Provision of audio processing features via Whisper API | United States |
| Functional Software, Inc. d/b/a Sentry | Error logs, session IDs, browser information | Error monitoring and incident response | United States |
6-3 Disclosure Based on Laws and Regulations
We may provide information without the user's consent when required by law or when a lawful request is made by an administrative or judicial authority.
Article 7 (Provision to Third Parties in Foreign Countries)
As set out in the preceding article, we provide or entrust the processing of personal information to the following parties located in the United States.
Party Country/Region Category Matters Concerning Level of Personal Information Protection Anthropic, PBC United States Processor See each party's privacy policy and DPA OpenAI, LLC United States Processor See each party's privacy policy and DPA Functional Software, Inc. d/b/a Sentry United States Processor See each party's privacy policy and DPA Google LLC (AdSense) United States (and related countries) Third-party recipient See each party's privacy policy and DPA Google LLC (Analytics 4 / Search Console / Safe Browsing) United States (and related countries) Third-party recipient See each party's privacy policy and DPA With respect to the payment processor Stripe, our contracting counterparty is Stripe Japan K.K., a domestic entity. We do not directly transfer personal information to a foreign third party. Internal handling within Stripe Japan K.K., including transfers to its group companies (such as Stripe, Inc.), is governed by Stripe's privacy policy (https://stripe.com/jp/privacy).
The United States does not fall under the category of countries recognized under Article 28, Paragraph 1 of the APPI as having an equivalent level of protection for individual rights and interests (countries designated by the Personal Information Protection Commission rules as having an adequacy decision).
Each of the above parties has adopted applicable personal information protection regulations (state laws such as California's CCPA/CPRA in the United States) or voluntary data protection measures. Specifically, one or more of the following security management measures are in place:
- Data transfer agreements based on EU Standard Contractual Clauses (SCC)
- Membership in the EU-US Data Privacy Framework (DPF) or the UK Extension to the EU-US DPF
- Acquisition of international certifications such as ISO/IEC 27001 or SOC 2 Type II
- Conclusion of each party's own Data Processing Agreement (DPA)
However, please note that these do not fully guarantee a level of protection equivalent to Japan's APPI. We will continuously implement appropriate security management measures with respect to international transfers of personal information in connection with the use of the Service.
By using the Service, users consent to the provision of personal information to foreign countries as set out in Article 6 and this Article.
For an overview of the personal information protection systems of the countries where each party is located, please refer to the Personal Information Protection Commission's website:
Article 8 (Cookie Policy)
8-1 Use of Cookies
We use cookies and similar technologies in the Service for the following purposes.
8-2 Types of Cookies Used
(1) Essential Cookies (Indispensable for Service Provision)
| Cookie Name | Purpose | Expiration | HttpOnly | Secure |
|---|---|---|---|---|
| JWT access-token cookie (totonoe_access) | Maintaining user authentication status | 24 hours | Yes (not accessible via JavaScript) | Yes (HTTPS only) |
| JWT refresh-token cookie (totonoe_refresh) | Re-issuing access tokens | 7 days | Yes | Yes |
| Session ID cookie (totonoe_session) | Session management for rate-limit buckets | 1 year | Yes | Yes |
| Cookie consent choice (totonoe_cookie_consent) | Stores acceptance / rejection of this policy so the consent banner does not reappear on subsequent visits | 1 year | No (must be readable from JavaScript to gate loaders) | Yes |
Essential cookies are indispensable for providing the Service and cannot be disabled.
(2) Advertising Cookies (Free Plan and Light Plan)
| Cookie Name | Purpose | Provider | Expiration |
|---|---|---|---|
| Google AdSense-related cookies | Ad delivery, behavioral targeting, frequency capping | Google LLC | Up to 13 months (per Google policy) |
On the Free Plan, ads served via Google AdSense cookies are displayed across the site. On the Light Plan, ads are shown only at the top of tool result screens; no advertising cookies are used elsewhere. On the Premium Plan, neither advertising cookies nor the AdSense script itself is loaded on any screen.
For details on advertising cookies and how to opt out, please refer to the following Google page:
(3) Monitoring and Error Tracking Cookies (Sentry)
| Cookie Name | Purpose | Provider | Expiration |
|---|---|---|---|
| Sentry-related tokens | Error monitoring, session tracking, performance measurement | Functional Software, Inc. d/b/a Sentry | End of session or up to 1 year |
(4) Access Analytics Cookies (Google Analytics 4)
| Cookie Name | Purpose | Provider | Expiration |
|---|---|---|---|
_ga, _ga_* |
User identification, session identification, access analytics | Google LLC | Up to 2 years (per Google policy, renewed approximately every 13 months) |
In Google Analytics 4, IP addresses are anonymized via the anonymize_ip setting. To opt out of collection by Google Analytics, please use the Google browser opt-out add-on (https://tools.google.com/dlpage/gaoptout).
8-3 Cookie Management
Users may disable cookies through their browser settings. However, disabling essential cookies may result in functional restrictions such as being unable to log in to the Service normally.
Article 9 (Users' Rights)
Users have the following rights with respect to their personal information held by us.
| Right | Content | Legal Basis |
|---|---|---|
| Right to disclosure | Right to request disclosure of personal information held by us | APPI Article 32 |
| Right to correction, addition, or deletion | Right to request correction, etc. when the content of personal information differs from the facts | APPI Article 33 |
| Right to suspension of use or erasure | Right to request suspension of use or erasure of personal information used illegally or unnecessarily | APPI Article 34 |
| Right to suspension of third-party provision | Right to request suspension of provision of personal information to third parties | APPI Article 35 |
- To exercise the above rights, please contact the inquiry desk set out in Article 11 in writing or by email.
- We will respond within a reasonable period after verifying the identity of the requester.
- We may charge a fee for disclosure requests (the fee amount will be communicated at the time of the request).
- If it is difficult or unnecessary to respond to a disclosure request under applicable law (e.g., where there is a risk of harming the rights of a third party), we may be unable to comply with the request. In such cases, we will explain the reason.
Article 10 (Security Management Measures)
In accordance with Article 23 of the APPI, we implement the following security management measures to prevent leakage, loss, or damage of personal information.
10-1 Technical Security Management Measures
- Communication encryption: All communications to the Service use HTTPS (TLS 1.2 or higher).
- Data encryption: Stored data is encrypted (AWS S3 server-side encryption, RDS encryption).
- Authentication security: HttpOnly cookies are used for JWT authentication to restrict access to authentication information from JavaScript.
- Access control: Access to personal information is limited to personnel with a business need.
- Immediate file deletion: Uploaded files are promptly deleted after processing is complete.
10-2 Organizational Security Management Measures
- Access privilege management: Access privileges to personal information are granted to the minimum necessary personnel, and granting, changing, and revoking privileges are properly managed.
- Education and training: Employees who handle personal information receive training on personal information protection.
- Processor management: Personal information protection agreements are concluded with business processors, and appropriate supervision is exercised.
Article 11 (Minors)
- Use of the Service by persons under the age of 13 is prohibited.
- Minors aged 13 or older but under 18 must obtain the consent of a parent or guardian before using the Service.
- If it becomes apparent that a person under the age of 13 is using the Service, we will delete that account and promptly delete the associated personal information.
Article 12 (Revisions to the Privacy Policy)
- We may revise this Privacy Policy due to changes in laws and regulations, changes in the content of the Service, or other reasonable grounds.
- In the event of material changes (such as changes to the purpose of use of personal information or the addition of new third-party disclosure recipients), we will notify users of the changes and the effective date in advance by posting on the Service or sending an email to users.
- The revised Privacy Policy takes effect from the time it is posted on the Service.
- If users cannot agree to the revised Privacy Policy, they may delete their account.
Article 13 (Inquiry Desk)
For inquiries, disclosure requests, complaints, and opinions regarding the handling of personal information, please contact the following desk.
Personal Information Protection Officer: Yu Nakamura (sole proprietor)
- Address: Disclosed without delay upon request
- Email: totonoeai@gmail.com
- Reception hours: Weekdays 10:00–17:00 (excluding weekends, public holidays, and year-end/New Year period)
We will respond within a reasonable period (in principle, within two weeks) after receiving your inquiry.
Operator: Yu Nakamura (sole proprietor) Address: Disclosed without delay upon request Email: totonoeai@gmail.com
Enacted: April 19, 2026 Last revised: May 4, 2026