Privacy Policy
English Version (For Convenience)
Section titled “English Version (For Convenience)”BBHunt Japan K.K. (the “Company”) recognizes the importance of protecting personal information and, in compliance with the Act on the Protection of Personal Information (APPI), handles and protects personal information appropriately in accordance with this Privacy Policy.
1. Definition of Personal Information
Section titled “1. Definition of Personal Information”“Personal Information” in this Privacy Policy means personal information as defined in Article 2, Paragraph 1 of the APPI.
2. Purpose of Use of Personal Information
Section titled “2. Purpose of Use of Personal Information”The Company uses personal information for the following purposes:
(1) To provide, operate, maintain, and improve the Service (2) To verify user identity, authentication, and account management (3) To operate and manage bug bounty programs (4) To process reward payments and tax-related matters (5) To respond to inquiries, opinions, complaints, and other communications regarding the Service (6) To notify users of changes to terms, policies, and other matters related to the Service (7) To address violations of the Company’s terms and policies related to the Service (8) To provide information about the Company’s products and services (9) To contribute to the improvement of the Service and development of new services (10) To create statistical data in a form that does not identify individuals (11) To provide information to third parties with prior consent from registered users (12) For other purposes incidental to the above purposes
3. Changes to Purpose of Use
Section titled “3. Changes to Purpose of Use”The Company may change the purpose of use of personal information within a reasonably recognizable scope of relevance, and will notify or publicly announce any such changes.
4. Restrictions on Use of Personal Information
Section titled “4. Restrictions on Use of Personal Information”The Company will not handle personal information beyond the scope necessary to achieve the purpose of use without the consent of the individual, except as permitted by the APPI and other applicable laws. However, this does not apply in the following cases:
(1) When required by law (2) When necessary to protect human life, body, or property and obtaining consent is difficult (3) When particularly necessary for improving public health or promoting the sound development of children and obtaining consent is difficult (4) When cooperation is necessary for national or local government entities to carry out affairs prescribed by law, and obtaining consent may impede the execution of such affairs
5. Proper Acquisition of Personal Information
Section titled “5. Proper Acquisition of Personal Information”- The Company acquires personal information properly and does not acquire it through deception or other wrongful means.
- The Company does not acquire sensitive personal information without prior consent of the individual, except in the following cases: (1) When falling under any of the items in Paragraph 4 (2) When the sensitive personal information has been made public by the individual, government agencies, or other entities prescribed by the rules of the Personal Information Protection Commission (PPC) (3) When sensitive personal information that is visually apparent is acquired through visual observation or photography
6. Security Management of Personal Information
Section titled “6. Security Management of Personal Information”The Company implements necessary and appropriate security management measures to prevent unauthorized access, leakage, loss, or damage to personal data. Specifically, the Company implements the following measures:
- Basic Policy Formulation: Formulates basic policies to ensure proper handling of personal information.
- Development of Rules for Handling Personal Data: Develops handling rules for each stage of acquisition, use, storage, provision, and deletion/disposal.
- Organizational Security Management Measures: Establishes a person responsible for handling personal data and clarifies the scope of personal data handled by each employee.
- Human Security Management Measures: Provides regular training to employees on matters related to handling personal data.
- Physical Security Management Measures: Implements entry/exit management and equipment restrictions in areas where personal data is handled.
- Technical Security Management Measures: Implements access controls and introduces mechanisms to protect information systems handling personal data from unauthorized access and malicious software.
7. Provision to Third Parties
Section titled “7. Provision to Third Parties”- The Company does not provide personal information to third parties without prior consent of the individual, except when falling under any of the items in Paragraph 4.
- Notwithstanding the provisions of Paragraph 1, when providing personal information to a third party in a foreign country, the Company obtains prior consent from the individual for such provision.
- When providing personal information to a third party, the Company creates and preserves records in accordance with Article 25 of the APPI.
8. Disclosure of Personal Information
Section titled “8. Disclosure of Personal Information”When an individual requests disclosure of personal information based on the provisions of the APPI, the Company will disclose such information without delay after confirming the request is from the individual. However, this does not apply when the Company is not obligated to disclose under the APPI or other applicable laws.
9. Correction of Personal Information
Section titled “9. Correction of Personal Information”When an individual requests correction, addition, or deletion of personal information on the grounds that the information is not true, the Company will conduct necessary investigations without delay within the scope necessary to achieve the purpose of use, make corrections based on the results, and notify the individual accordingly.
10. Ceasing Use of Personal Information
Section titled “10. Ceasing Use of Personal Information”When an individual requests ceasing use or erasure of personal information on the grounds that the information is being handled beyond the publicly announced purpose of use or was acquired through deception, and the request is found to be valid, the Company will cease use of the personal information without delay and notify the individual accordingly.
11. Use of Cookies and Other Technologies
Section titled “11. Use of Cookies and Other Technologies”The Service may use cookies and similar technologies. These technologies help the Company understand usage patterns and improve the Service. Users who wish to disable cookies can do so through their web browser settings. However, disabling cookies may prevent some features of the Service from functioning properly.
12. International Data Transfers
Section titled “12. International Data Transfers”- The Company may transfer personal information outside of Japan for the operation of the Service.
- For personal information subject to the EU General Data Protection Regulation (GDPR), the Company implements appropriate safeguards in accordance with GDPR requirements.
- The Company takes necessary measures for providing personal information to third parties in foreign countries in accordance with Article 28 of the APPI.
13. Contact Information
Section titled “13. Contact Information”For requests for disclosure, opinions, questions, complaints, and other inquiries regarding the handling of personal information, please contact:
BBHunt Japan K.K.
E-mail: privacy@bbhunt.jp
14. Continuous Improvement
Section titled “14. Continuous Improvement”The Company regularly reviews the status of personal information handling operations and strives for continuous improvement, and may change this Privacy Policy as necessary.

