Effective date
Effective date: 2026-02-10.
Definitions
- “Service”: the website, platform, and related educational materials offered at xyrolab.pro.
- “Personal data”: information that identifies or can reasonably be linked to an individual.
- “Processing”: any operation performed on data (collection, storage, use, disclosure, deletion).
- “Controller”: the entity that determines how and why personal data is processed.
Scope
This policy applies to information processed through our website and forms, as well as communications you send to us. It does not cover third-party websites you may access via external links.
Data we collect
A) Information you provide
- Contact details (name, email) and optional phone number (if you include it).
- Message content (subject and message text) submitted via forms or email.
- Business-related context you choose to share (e.g., team size, learning goals). Please avoid sensitive personal data.
B) Information collected automatically
- Basic device and usage data (e.g., browser type, approximate timestamps, pages visited).
- Technical logs needed for security and performance (e.g., error logs, rate limiting data).
- Cookie preferences and cookie identifiers (see Cookies section).
Purposes of processing
We process data for the following purposes:
- To respond to inquiries and provide requested information.
- To operate, maintain, and improve the Service (performance, reliability, user experience).
- To prevent abuse, protect against fraud, and maintain security.
- To comply with legal obligations (where applicable).
- To manage opt-outs and consent choices.
Legal basis (where applicable)
Depending on your location and the context, processing may rely on one or more of the following:
- Consent (e.g., cookie preferences; optional marketing communications where used).
- Contract / pre-contract steps (e.g., responding to plan requests and enrollment questions).
- Legitimate interests (e.g., maintaining security, preventing abuse, improving performance).
- Legal obligation (e.g., record-keeping requirements, where applicable).
Data retention
We keep personal data only as long as needed for the purposes described above, unless a longer period is required by law.
- Contact requests: typically retained for a reasonable period to manage follow-ups and maintain records.
- Security logs: retained as needed to investigate incidents and prevent abuse.
- Cookie preferences: retained based on your device/browser settings and cookie expiration.
Security
We use reasonable technical and organizational measures to protect personal data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please avoid sending sensitive information through the contact forms.
Your rights
Depending on your jurisdiction, you may have rights such as:
- Access to your personal data
- Correction of inaccurate data
- Deletion (where applicable)
- Restriction or objection to certain processing
- Data portability (where applicable)
- Withdrawal of consent (where processing relies on consent)
International transfers
If we transfer personal data across borders (for example, to hosting or email providers), we take reasonable steps to ensure appropriate safeguards, consistent with applicable law.
Children’s privacy
The Service is intended for a general adult audience and is not designed for children. If you believe a child has provided personal data, contact us so we can take appropriate steps.
Changes to this policy
We may update this policy from time to time. We will post the updated version on this page and update the effective date.
Contact details
- Controller: XyroLab GK
- Email: [email protected]
- Address: 4-11-2 Shinjuku, Shinjuku-ku, Tokyo 160-0022, Japan
- Business ID/Tax ID: 5234567890124