Skip to main content
LISMOA

Legal

Privacy Policy

Last updated: June 15, 2026

This English version is a reference translation. In case of any discrepancy, the Japanese version prevails.

illustrious Inc. (the "Company") establishes this Privacy Policy (the "Policy") regarding the handling of personal information and other information of users (the "Users") of the web application "LISMOA" (the "Service") provided by the Company, and complies with the Act on the Protection of Personal Information (the "APPI") and other applicable laws, regulations, and guidelines.

Article 1 (Basic Policy)

The Company handles Users' personal information appropriately and securely, and takes security management measures to prevent leakage, loss, damage, and similar incidents.

Article 2 (Scope and Definitions)

1. This Policy applies to all information that the Company collects and uses in the Service (including personal information, personally related information, device information, cookies, and similar data).

2. Terms are defined in accordance with the APPI and other applicable laws.

Article 3 (Information Collected)

The main categories of information the Company collects are as follows.

  • Account information: Name, email address, profile image, and similar data provided via Google login.
  • Usage information: Access date and time, IP address, browser and device information, cookies, referring URLs, operation and event logs, and similar data.
  • Amazon-linked data: Data related to the Amazon seller account connected by the User (sales, advertising, inventory, orders, etc.). Data is collected through official APIs (SP-API, Ads-API, etc.) in compliance with Amazon's Data Protection Policy (DPP) and related policies.
  • Payment-related information: Payment status, billed amount, transaction ID, and similar data (credit card numbers and similar information are processed by the payment service provider Stripe and are not retained by the Company).
  • Inquiry information: Name and contact details, inquiry content, response history, and similar data.

Article 4 (Methods of Collection)

  • Provided directly by the User (registration, linking settings, inquiries, etc.).
  • Collected automatically (access logs, cookies, etc.).
  • Obtained from linked services (Google, Amazon, Stripe, etc.) based on the User's explicit instruction and consent.

Article 5 (Purposes of Use)

The Company uses collected information for the following purposes.

  1. 1. Providing, maintaining, and operating the Service (profit and loss calculations, analysis, visualization, dashboard display, account management, etc.).
  2. 2. Improving the Service, planning and developing new features, enhancing quality, and optimizing the user experience.
  3. 3. Understanding usage patterns, preventing unauthorized or improper acts, ensuring security, and handling failures.
  4. 4. Notifying Users of important announcements, changes to terms and policies, etc.
  5. 5. Responding to inquiries and providing support.
  6. 6. Creating and providing anonymized and aggregated data (Article 7).
  7. 7. Complying with laws, handling accounting and audits, and resolving disputes.
  8. 8. Sending information about the Company's services (via email, in-app display, etc.). Users may opt out through the Company's prescribed method.

Article 6 (Third-Party Disclosure, Entrustment, and Cross-Border Transfer)

1. The Company does not provide personal data to third parties except in the following cases.

  1. (1) The individual has given consent.
  2. (2) Required by law.
  3. (3) Necessary to protect a person's life, body, or property.
  4. (4) Particularly necessary for public health or the sound development of children.
  5. (5) Necessary to cooperate with a national or public authority.

2. The Company may entrust the following operations to external service providers. The Company exercises necessary and appropriate supervision over such providers.

  • Provision and operation of cloud infrastructure (e.g., Amazon Web Services).
  • Payment processing (e.g., Stripe).
  • Access analysis and quality improvement (e.g., Google Analytics, Microsoft Clarity, HubSpot, and others as needed).

3. Servers used for storing and processing data may be located outside Japan. The Company takes appropriate security management measures in accordance with applicable laws.

Article 7 (Handling of Anonymized and Aggregated Data)

1. The Company may process and anonymize collected data into a form that cannot identify an individual and provide it within the Service as reference information for other Users (e.g., a feature comparing performance against overall averages).

2. Anonymized and aggregated data does not contain personal information. It is not made publicly available and is used only within the scope of user-facing features of the Service.

Article 8 (Compliance for Amazon-Linked Data)

The Company collects, stores, and uses Amazon-linked data in accordance with Amazon's DPP and other policies and agreements. The scope of collection and use is limited to the purposes for which the User connected and consented, and to the scope of this Policy.

Article 9 (Retention Period and Deletion)

1. The Company retains collected data for the duration of the contract period. When a User deletes their account, the Company promptly deletes the personal information and Amazon-linked data related to that User.

2. However, information that must be retained by law (billing information, accounting books, etc.) and information processed or stored by payment service providers (such as Stripe) may not be directly deletable by the Company, or may need to be retained for a period required by law.

3. Data remaining in backups is deleted in sequence after a reasonably practicable operational period.

4. The Company may accumulate data in a data warehouse or similar system in addition to the main database for service provision and improvement, but will handle such data within the scope of this Policy.

Article 10 (Security Management Measures)

The Company implements technical and organizational security management measures including access control, least-privilege and authentication management, encryption of data in transit and at rest, audit logging, vulnerability countermeasures, employee training, and oversight of entrusted parties.

Article 11 (Users' Rights)

1. Users may request notification of the purpose of use, disclosure, correction, addition, deletion, suspension of use, erasure, or cessation of third-party provision of their own personal information held by the Company (subject to the requirements and exceptions provided by law).

2. When making such a request, Users may be asked to provide information to verify their identity. Depending on the nature of the request, Users may lose access to all or part of the Service.

3. For requests and inquiries, please see "Business Information and Contact" at the end of this Policy.

Article 12 (Use of Cookies and External Transmission)

1. The Company may use cookies and similar technologies to improve convenience, analyze access, and enhance features.

2. On the Company's website (lismoa.com), information is transmitted from Users' devices to external service providers as described below (disclosed in accordance with Japan's external-transmission disclosure rules under the Telecommunications Business Act).

  • Google Tag Manager / Google Analytics (Google LLC): The URL and referrer of the page viewed, browser, device, and OS type, cookie and similar identifiers, and IP address are transmitted. The purpose is to measure and analyze website usage and improve the Service.

3. Users may restrict cookies through their browser settings, but some features of the Service may become unavailable.

Article 13 (Use by Minors)

The Service is intended primarily for business operators. If a minor uses the Service, please obtain the consent of a parent or guardian.

Article 14 (Changes to Purposes of Use)

The Company may change the specified purposes of use to the extent reasonably deemed to have a substantial connection to the original purposes. In the event of a material change, the Company will announce and notify Users at least 30 days before the effective date.

Article 15 (Changes to This Policy)

The Company may update this Policy as necessary. For material changes, the Company will notify Users at least 30 days before the effective date via posting on the Service or another method the Company deems appropriate. If a User uses the Service after such notice, or does not cancel within the period defined by the Company, they are deemed to have agreed to the change.

Business Information and Contact

  1. Business name: illustrious Inc.
  2. Address: Imon Mitake Building 3F, 1-20-1 Shibuya, Shibuya-ku, Tokyo, Japan
  3. Phone: 050-1791-1726

For inquiries regarding the handling of personal information, please contact us via the contact form.

Supplementary Provisions

  1. Established: August 1, 2024
  2. Revised: August 23, 2025
  3. Last revised: June 15, 2026 (Article 12 updated to add disclosure of external transmission)
Start free for 14 days