Privacy Policy

1) Definitions

“Personal Data” means information that identifies or can reasonably be linked to an individual (e.g., name, email). “Processing” means any operation performed on Personal Data (collection, storage, use, disclosure). “Controller” refers to the entity that determines the purposes and means of processing. “Service” refers to our website and related educational services. “You” means the visitor, user, or customer.

2) Scope

This Policy applies to the website at xyroone.click and to any communications you have with XyroOne via forms, email, or support channels. It does not apply to third-party websites you may reach via external links.

3) Eligibility

The Service is intended for individuals who can form legally binding agreements under applicable law. If you do not meet this requirement, please do not submit Personal Data through our forms.

4) Data we collect

4.1 Data you provide

• Contact details: name, email, phone
• Message content: subject, message body, and details you choose to provide
• Consent records: checkbox confirmation for privacy policy

4.2 Data collected automatically

• Device & usage data: IP address, browser type, pages viewed, timestamps
• Diagnostic logs: error logs and performance logs to keep the site functioning
• Cookie preferences: stored to remember your choices

4.3 Sensitive data

Please do not submit sensitive information (e.g., government IDs, health details) through our forms. If you do, we may delete it where feasible for safety and compliance.

5) Purposes of processing

• To respond to inquiries and requests submitted through the website
• To provide educational services you request (course outlines, availability, support)
• To maintain security, prevent abuse, and troubleshoot technical issues
• To comply with legal obligations and enforce our Terms
• To manage opt-out requests and communication preferences

6) Legal basis (where applicable)

Depending on your location and applicable law, we process Personal Data under one or more of the following bases:

• Consent: for optional communications or cookie categories where consent is required
• Contract / pre-contract steps: to respond to requests and provide services you ask for
• Legitimate interests: for essential operations, security, and improvement of the Service (balanced against your rights)
• Legal obligation: to comply with law and lawful requests

7) Cookies & similar technologies

We use a cookie consent tool loaded from after user interaction (scroll). We do not embed Google Analytics, Google Tag Manager, Google Fonts, or Google Maps.

7.1 Cookie categories

• Required / Performance: used to operate the website and remember your preferences
• Marketing : if enabled, used to manage communication preferences (not required for site access)

7.2 Managing cookies

You can change your preferences using the cookie tool (if available) or via your browser settings. For additional instructions, see Opt-out.

8) Sharing & disclosures

We may share Personal Data with service providers that help operate the Service (e.g., hosting, email delivery), under contracts that require appropriate protections. We may also disclose information if required by law or to protect rights, safety, and the integrity of the Service.

8.1 Service providers

Providers may process data on our behalf for limited purposes (e.g., secure hosting, email inbox). Providers used (hosting, email, payment) are listed on request.

8.2 Business transfers

If XyroOne is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction, subject to applicable law.

9) Retention

We keep Personal Data only as long as needed for the purposes described above, unless a longer retention is required by law. Typical retention periods may include:

• Contact form messages: retained for up to 12–24 months for follow-up and recordkeeping (adjust as needed)
• Operational logs: retained for shorter periods (e.g., days to weeks) unless needed for security investigations
• Consent and opt-out records: retained as needed to demonstrate compliance

Retention schedules are maintained per applicable law and available on request.

10) Security

We use reasonable technical and organizational measures designed to protect Personal Data, such as access controls and secure configurations. However, no system can be guaranteed to be fully secure. If you believe your information has been compromised, contact us using the details below.

11) Your rights

Depending on your location, you may have rights such as:

• Access to your Personal Data
• Correction of inaccurate data
• Deletion (where legally permitted)
• Objection to certain processing
• Restriction of processing
• Data portability (where applicable)
• Withdrawal of consent (where processing is based on consent)

To exercise your rights, contact us. We may need to verify your identity before completing requests.

12) International transfers

If our service providers operate in other countries, your information may be processed outside your country of residence. Where required, we use appropriate safeguards consistent with applicable law. Specify safeguards and transfer mechanisms are applied where required by applicable law and provider location.

13) Children’s privacy

The Service is not directed to children. We do not knowingly collect Personal Data from children. If you believe a child has provided us data, contact us and we will take appropriate steps.

14) Changes to this Policy

We may update this Policy from time to time. The “Effective date” above indicates when it last changed. If changes are material, we will take reasonable steps to provide notice (e.g., posting on this page).

15) Contact

Controller: XyroOne

• Website: xyroone.click
• Email: [email protected]
• Address: 7-7-7 Koenji, Suginami-ku, Tokyo 166-0002, Japan

If you have complaints, you may also have the right to contact a relevant data protection authority in your jurisdiction, where applicable.