Privacy Policy & Specified Commercial Transactions Disclosure

Basic Policy on Personal Information Handling

Apostille Japan (hereinafter, "our office") considers it a foundational principle to acquire, use, and manage personal information entrusted to us through our gyoseishoshi services in strict accordance with Japan's Act on the Protection of Personal Information (APPI) and the Gyoseishoshi Act.

In particular, gyoseishoshi are national qualification holders who bear a statutory legal duty under Article 12 of the Gyoseishoshi Act to protect confidential information obtained in the course of their work. Our office observes this duty rigorously, and except where there is a legitimate reason or legal grounds, we do not disclose client personal information or document content to third parties.

Applicable Laws

• Act on the Protection of Personal Information (Act No. 57 of 2003)
• Gyoseishoshi Act (Act No. 4 of 1951)
• Specified Commercial Transactions Act (Act No. 57 of 1976)
• Income Tax Act and Corporation Tax Act (as the basis for retention periods)

Personal Information Protection Officer

The officer responsible for personal information management at our office is Daisuke Mori, Gyoseishoshi / Administrative Scrivener. Questions and requests regarding personal information handling are received via the contact channel listed at the end of this page.

Personal Information We Collect

In responding to inquiries and executing engaged services, our office collects the following personal information. All information is acquired within the minimum scope necessary for service execution.

Information Collected at Inquiry

• Name (in Latin alphabet and / or Chinese characters)
• Email address
• Phone number (optional)
• Inquiry content including destination country and document type
• Messaging platform IDs (LINE, WhatsApp, etc., when contact originates from those channels)

Information Collected During Service Execution

• Address and registered domicile (as required for document procurement and delivery)
• Date of birth and nationality (as required for document authentication)
• Personal information contained within submitted documents (family register information, academic history, employment history, criminal-record information, etc.)
• Payment-related information (credit card information is processed and held by Stripe; our office does not retain card data)
• Identification documents (copies of passport, driver's license, etc.)

Information Acquired Through Website Use

• IP address, browser information, and operating system information
• Access timestamps, pages viewed, and referrer URLs
• Information contained in cookies (see Section 8 for details)

Purpose of Use

Our office uses collected personal information solely for the following purposes. Any use beyond these purposes will require prior consent from the data subject.

Primary Purpose: Inquiry Response and Quote Preparation

• Responding to inquiries
• Communicating total quote pricing and delivery schedules
• Responding to follow-up questions

Secondary Purpose: Service Execution

• Apostille application (Ministry of Foreign Affairs)
• Notary public and Legal Affairs Bureau procedural representation
• Preparation of Certified Translation
• Domestic and international document delivery
• Payment-related communications

Tertiary Purpose: Statutory Compliance

• Service record retention under the Gyoseishoshi Act
• Accounting record retention under the Income Tax Act and Corporation Tax Act
• Retention of invoices, receipts, and accounting records

We do not use personal information for marketing purposes. Our office does not use client personal information for newsletter distribution, promotional outreach, or transfer to third parties for marketing purposes.

Third-Party Disclosure

Our office does not provide client personal information to third parties as a general matter. The following exceptions apply.

Disclosure Within the Scope of Service Execution

For apostille procurement, translation, and delivery purposes, personal information is provided to the following authorities and service providers within the scope necessary for service execution. These are operated as "service entrustments" under the management responsibility of our office.

• Ministry of Foreign Affairs (MOFA) — for apostille applications
• Notary public offices — for private document notarization
• Legal Affairs Bureau — for verification of notary public seals
• Prefectural police headquarters — for police clearance certificate procurement
• Municipal offices — for family register and residence certificate procurement
• Courier services — DHL, EMS, Japan Post, Yu-Pack, etc.
• Payment processors — Stripe, Wise, banks

Cross-Border Transfer (Through DHL, EMS, and International Courier Services)

For international document delivery, client name, delivery address, and contact information are provided to international courier services. This is the information sharing necessary to deliver documents to the destination country. Courier services handle this information in accordance with the laws of their respective countries and their own privacy policies.

Statutory Disclosure

Personal information may be provided to third parties pursuant to law in the following circumstances.

• Disclosure requests from courts, police, or other public authorities pursuant to law
• When necessary to protect the life, body, or property of the data subject or third parties
• Tax audits, gyoseishoshi association supervisory inspections, or other statutory bases

Security Management Measures

To protect client personal information from leakage, loss, or damage, our office implements the following security management measures.

Physical Security Management

• Documents containing personal information are stored in lockable cabinets
• Office access is controlled
• Disposal is performed via shredder or by confidential document disposal services using dissolution processing

Technical Security Management

• SSL/TLS encryption (HTTPS) across all website pages
• Password protection and automatic OS updates on business workstations
• Multi-factor authentication on cloud storage
• Antivirus software with regular updates

Personnel Security Management

• Strict observance of statutory confidentiality duty under Article 12 of the Gyoseishoshi Act
• Management oversight by the Personal Information Protection Officer: Daisuke Mori, Gyoseishoshi / Administrative Scrivener
• Confidentiality agreements with service entrustment partners (notary public offices, courier services, etc.)

Organizational Security Management

• Internal regulations on personal information protection
• Defined incident response procedures and reporting destinations (Personal Information Protection Commission, affected clients)
• Periodic review of this Privacy Policy

Confidentiality and Document Handling under the Gyoseishoshi Act

Our licensed Gyoseishoshi Administrative Scrivener is subject to statutory confidentiality obligations under Article 12 of the Gyoseishoshi Act. We do not disclose confidential information obtained in the course of our services to any third party without justifiable grounds.

We collect, use, and retain public records, certificates, documents submitted for translation, and translation-related data only to the extent necessary to perform the requested services.

Original documents are generally returned after completion of the requested service. Copies, scanned data, working files, and translation-related data may be retained only to the extent necessary for legal, administrative, service management, or record-keeping purposes, and will otherwise be deleted or disposed of by appropriate methods. Paper documents that are no longer required will be disposed of by shredding or other methods designed to make reconstruction difficult.

Generative AI and External AI Tools

Our office may use generative AI tools in a supplementary capacity for purposes such as workflow efficiency, general drafting, and public-facing content creation. With respect to client confidential documents, however, we strictly follow the policies set out below.

Non-Input Policy for External Generative AI Services

We do not input the images or text of the following client documents into external generative AI services (cloud-based services such as ChatGPT, Claude, Gemini, and similar platforms):

• Family Register (koseki touhon, koseki shouhon, removed family register, revised family register)
• Resident Records (juminhyou), regardless of whether the My Number is included
• Identity verification documents such as passports, driver's licenses, and Residence Cards
• Police Certificates (Criminal Record Certificate)
• Registry Certificates (commercial registration, real estate registration)
• Tax Certificates, Income Certificates, and Resident Tax Certificates
• Seal Registration Certificates
• Other confidential documents individually provided by the client

Final Responsibility for Deliverables

Certified Translations and all submission documents are finalized and reviewed under the professional responsibility of the Gyoseishoshi. Where AI tools are used in a supplementary capacity, accuracy and appropriateness of the content are confirmed by the Gyoseishoshi, with responsibility clarified through the signed Certification of Translation Accuracy.

Considerations for Documents Submitted Abroad

The above policy is applied consistently to documents intended for submission to U.S. USCIS, U.K. UKVI, Singapore ICA, Immigration New Zealand, the Philippine PSA, and other receiving authorities in our five focus jurisdictions. Inquiries from overseas law firms, immigration advisory firms, and corporate legal teams are handled under operational practices designed to maintain confidentiality.

Retention Period and Disposal

Our office retains personal information for the following periods, after which information is securely disposed of.

Disposal Method

Following the retention period, paper materials are disposed of via shredder or confidential document disposal services using dissolution processing; electronic data is erased using methods that prevent restoration. For corporate engagements where a disposal certificate is required, please contact our office separately.

Disclosure, Correction, and Deletion Requests

You have the following rights regarding personal information about yourself held by our office, in accordance with Articles 33 through 35 of the Act on the Protection of Personal Information.

• Right to Disclosure (Article 33): Right to request disclosure of held personal data
• Right to Correction, Addition, or Deletion (Article 34): Right to request correction when content is factually incorrect
• Right to Cessation of Use or Erasure (Article 35): Right to request cessation or erasure in cases of statutory violation

How to Submit Requests

• Requests are accepted by email at info@apostille-japan.com
• For identity verification, submission of identification documents (copy of passport, driver's license, etc.) may be requested
• Requests submitted by an agent require a power of attorney and the agent's identification documents

Response Time and Fees

• We respond to requests within two weeks as a general matter
• Disclosure-request fees are waived
• However, if frequent requests impose substantial administrative burden, reasonable processing fees may be charged

Cookies and Access Analytics

Our website uses cookies and access analytics tools to improve service quality. The information collected through these tools is aggregated and analyzed in a form that does not identify individuals.

Access Analytics Tools in Use

For details on Google Analytics, please refer to the Google Privacy Policy.

Types of Cookies

• Essential cookies: Cookies necessary for basic site functionality (e.g., language preference retention)
• Analytics cookies: Anonymous cookies used by Google Analytics

How to Opt Out

If you prefer not to be tracked through access analytics, the following options are available.

• Disable cookies in your browser settings
• Install the Google Analytics Opt-out Browser Add-on
• Use private / incognito browsing mode

Specified Commercial Transactions Act Disclosure

In accordance with Article 11 of the Specified Commercial Transactions Act, the following information regarding our service provision is disclosed.

Contact and Revision History

Personal Information Inquiries

For questions and requests regarding this Privacy Policy and personal information handling, please contact:

• Personal Information Protection Officer: Daisuke Mori, Gyoseishoshi / Administrative Scrivener
• Contact: info@apostille-japan.com
• Address: 3F Akasaka Front Town, 4-8-19 Akasaka, Minato-ku, Tokyo 107-0052, Japan

Revision of This Policy

Our office may revise this Privacy Policy in response to amendments to applicable laws, changes in service content, and other circumstances. Any revisions will be reflected on this page with the revision date and content noted. Material changes will be announced in advance on the homepage of our website.

The Japanese version of this Privacy Policy is the authoritative text. The English version is provided for client convenience as a translation, and in the event of any discrepancy in interpretation, the Japanese version shall prevail.