Article 1 (Purpose)

This Privacy Policy sets forth the handling of personal information in the CLI-based note-taking application and cloud synchronization service known as "Risu Note" (hereinafter referred to as the "Service") provided by Laiosys (hereinafter referred to as "we," "us," or "our"). We consider the protection of personal information to be an important responsibility and will properly manage and protect customers' personal information in compliance with the Act on the Protection of Personal Information (hereinafter referred to as the "APPI") and related laws and regulations.

Article 2 (Definition of Personal Information)

In this Privacy Policy, "Personal Information" refers to personal information as defined in the APPI, which is information about a living individual that can identify the specific individual by name, contact information, or other descriptions contained in such information (including information that can be readily collated with other information and thereby identify the specific individual).

Article 3 (Acquisition of Personal Information)

1. In providing the Service, we may acquire the following information when a customer registers an account.
   • Google Account Information (name, email address, profile image, etc.): Acquired through Google Authentication (Firebase Authentication).
2. We may acquire the following information in the course of the customer's use of the Service.
   • IP address, device information, OS information, browser type, usage history, etc.: Used for improvement of the Service, maintenance of security, and prevention of unauthorized use.
3. We will not acquire personal information without the customer's consent.

Article 4 (Purpose of Use of Personal Information)

We will use the acquired personal information for the following purposes:

1. For the provision, operation, maintenance, and improvement of the Service
   • Account management and authentication
   • Provision of cloud synchronization function
   • Provision of Pro Plan and billing processing (using Stripe payment)
   • Response to inquiries from customers
2. For the improvement of the Service and development of new functions
   • Analysis of usage status
   • Collection of user feedback
3. For maintenance of security and prevention of unauthorized use
   • Monitoring and prevention of unauthorized access, spamming, etc.
4. For other purposes incidental to the above purposes of use

Article 5 (Provision of Personal Information to Third Parties)

1. We will not provide customers' personal information to third parties without obtaining the customer's consent, except in the following cases:
   • Cases based on laws and regulations
   • Cases where there is a need to protect a human life, body, or fortune, and when it is difficult to obtain a principal's consent
   • Cases where there is a special need to enhance public hygiene or promote fostering healthy children, and when it is difficult to obtain a principal's consent
   • Cases where there is a need to cooperate in regard to a central government organization or a local government, or a person entrusted by them performing affairs prescribed by laws and regulations, and when there is a possibility that obtaining a principal's consent would interfere with the performance of the said affairs
2. We use a payment service provider (Stripe) for billing processing. We provide the payment service provider only with the information necessary for payment.

Article 6 (Security Management Measures for Personal Information)

1. We will take necessary and appropriate security management measures to prevent leakage, loss, or damage of personal information and for other security management of personal information.
2. We will exercise necessary and appropriate supervision over employees handling personal information regarding the proper handling of personal information.
3. When entrusting the handling of personal information, we will exercise necessary and appropriate supervision over the trustee.

Article 7 (Disclaimer Regarding Encryption and Data Recovery)

1. The Service adopts End-to-End (E2E) Encryption, and customers' note data is encrypted by a Passphrase managed only within the customer's terminal.
2. We do not have any means to know the customer's Passphrase, nor do we have any means to decrypt encrypted data.
3. If a customer loses their Passphrase, we cannot recover the customer's note data by any means.
4. Customers shall bear the responsibility for managing their Passphrases, and we shall not be liable for any data loss due to a forgotten Passphrase.

Article 8 (Data Ownership and Backup)

1. All intellectual property rights of note data in the Service belong to the customer.
2. The Service mainly stores Local Data on the customer's PC, and the cloud is used for synchronization.
3. Customers shall manage backups of Local Data at their own responsibility in preparation for data loss on the cloud (including server failures, etc.). We shall not be liable for any damages caused to customers due to data loss on the cloud.

Article 9 (Prohibited Acts)

Customers shall not engage in the following acts when using the Service:

1. Acts violating laws and regulations or public order and morals
2. Acts related to criminal acts
3. Acts that may destroy or interfere with the functions of our server or network
4. Acts that may interfere with the operation of our Service
5. Acts infringing on copyrights, trademark rights, privacy rights, portrait rights, or other rights
6. Saving and synchronization of illegal data, malware, copyright-infringing content, etc.
7. Other acts that we deem inappropriate
8. We may temporarily suspend or suspend the use of the Service without notifying the customer if the customer violates the above prohibited acts.

Article 10 (Account Suspension and Metadata Disclosure)

1. We may freeze or delete a customer's account if the customer violates prohibited acts or if there is a lawful and valid request from law enforcement agencies.
2. We cannot decrypt the content of the customer's note data, but we may disclose metadata such as account information if there is a lawful and valid request from law enforcement agencies.

Article 11 (Payment, Cancellation, and Refund)

1. The Pro Plan is provided through a payment service provider (Stripe).
2. Subscription renewal is automatic unless the customer follows the cancellation procedure.
3. Even if a customer cancels during the subscription period, no prorated refund will be made, and the functions of the Pro Plan will be available until the end date of the said subscription period.
4. If a payment delay occurs, the customer's synchronization function may be suspended, and the plan may be downgraded to the Free Plan. The account itself will not be deleted.

Article 12 (Service Interruption and Termination)

1. We may temporarily interrupt the provision of the Service if it becomes difficult to provide the Service due to natural disasters, fires, power outages, or other force majeure, or if obstacles arise in the operation of the Service due to unexpected technical factors such as OS updates.
2. We may terminate the Service after notifying customers in advance.
3. The Service is provided "As-Is" (Early Access version or v1.0), and may contain unexpected bugs. We do not guarantee complete operation regarding defects dependent on the OS environment.
4. Even if the Service is terminated, customers can continue to use note data saved locally. However, the cloud synchronization function will stop.

Article 13 (Disclaimer)

1. We shall not be liable for any damages caused to customers arising from the use of the Service, except in cases of our willful misconduct or gross negligence.
2. We make no guarantees regarding any acts performed by customers using the Service and the results thereof.
3. We shall not be liable for any damages, claims, etc., received by customers from third parties regarding the Service.

Article 14 (Modification of this Privacy Policy)

1. We may modify this Privacy Policy at any time without notifying customers if there is an amendment to the APPI or other laws and regulations, or if business needs arise.
2. Unless otherwise specified by us, the modified Privacy Policy shall take effect from the time it is posted on our website, etc.

Article 15 (Governing Law and Jurisdiction)

1. The interpretation of this Privacy Policy shall be governed by the laws of Japan.
2. In the event of a dispute regarding the Service, the district court having jurisdiction over the location of our business office shall be the exclusive agreed court of first instance.