Privacy Policy
Note: This English version is provided for convenience only. In the event of any discrepancy between the Japanese and English versions, the Japanese version shall prevail.
(Personal Information Protection Policy)
Last Updated: December 8, 2025
LostSOS Concierge (Representative: Natsuki Nedachi) (the "Company") establishes this Privacy Policy (the "Policy") regarding information (including personal information) obtained from users and others in connection with the Company's lost-item rescue concierge service (the "Service").
1. Business Information / Contact
- •* Business Name: LostSOS Concierge
- •* Representative: Natsuki Nedachi
- •* Address: N&E BLD. 6F, 1-12-4 Ginza, Chuo-ku, Tokyo 104-0061, Japan
- •* Phone: 080-8410-9827
- •* Email: support@lost-sos.com
- •* Office Hours: 10:00–18:00 Japan Time (JST), excluding weekends and Japanese national holidays
2. Scope of This Policy
- •This Policy applies to information that the Company obtains and uses in connection with the Service. Covered channels include the Company's website and web forms, email, WhatsApp, LINE, WeChat, Kakao, and phone calls (including AI/automation), among others.
3. Information We Collect
The Company collects the following information to the extent necessary to provide the Service.
(1) Information Collected Directly from Users
- •* Contact information such as name, email address, phone number, and preferred language
- •* Identifiers on the chat channel selected by the user (e.g., phone number, user ID, display name, profile information if configured)
- •* Information issued by the Company to start chats and identify cases (e.g., case ID, token, link code, etc.)
- •* Chat message history and related metadata such as timestamps
- •* Information about the lost item(s) (date/time lost, location, rail line/facility name, characteristics, photos, identifiers such as IMEI/serial numbers, etc.)
- •* Information required for identity verification and verification of legitimate authority (e.g., images of government-issued photo identification, selfie, proof of purchase, power of attorney (signed PDF/image), etc.)
- •* Information required for shipping and customs (e.g., shipping address, recipient information, contact details, declared value, item description, etc.)
- •* Inquiry details, the contents of chats/emails/calls, and support history (Calls may be recorded for quality control, evidentiary purposes, and fraud prevention.)
(2) Information Obtained from Third Parties (as Necessary to Handle a Case)
- •* Information provided by railways, taxi companies, hotels, facilities, police, carriers, and other relevant parties (e.g., characteristics of found items, storage location, pickup conditions, tracking numbers, whether contact is possible, etc.)
(3) Information Collected Automatically (When Using the Website)
- •* Access logs (IP address, device information, browser information, referrer, etc.)
- •* Identifiers such as cookies and information about browsing/usage behavior (The Company may use Google Analytics (GA4), Google Ads conversion tracking, and PostHog. See Section 8 for details.)
4. Purposes of Use
The Company uses the collected information for the following purposes:
- •* Providing the Service (intake, case management, inquiries/communications, recovery arrangements, storage, shipping arrangements, sharing tracking information, etc.)
- •* Identity verification, authority verification, fraud prevention, impersonation prevention, and security measures
- •* Obtaining, recording, and maintaining evidence of plan selection and consents (including agreement to the Terms of Service and related policies)
- •* Billing, payment processing, refunds, and related procedures/communications
- •* Customer support, quality improvement, and service delivery (including call recordings)
- •* Service improvement, usage analysis, and advertising effectiveness measurement
- •* Legal compliance, dispute handling, and exercising rights (including chargeback handling)
5. Use of AI / Machine Translation / Automation
- •* The Company may use AI, machine translation, and other automation tools on the full content of communications for case handling purposes (e.g., multilingual support, summarization, routing).
- •* The Company does not use users' personal information for the purpose of training the Company's own AI models.
- •* If the Company uses external AI/translation services, it will do so only to the extent necessary to achieve the above purposes and will endeavor to implement appropriate security measures and contractual protections.
6. Third-Party Provision and Outsourcing
The Company will not provide personal data to third parties except in the following cases:
- •* With the user's consent
- •* When required by law
- •* When necessary to protect life, body, or property and obtaining consent is difficult, etc.
The Company may outsource the handling of personal data to the extent necessary to provide the Service (e.g., payment processing, cloud/hosting, communications such as email/chat, translation/AI, recovery partners, carriers and customs-related parties, analytics tools, etc.). The Company will manage and supervise contractors so that they handle personal data only within the scope of the Company's purposes of use.
7. Provision to Third Parties Located Outside Japan (Cross-Border Transfers)
- •* The Company may provide personal data to third parties located outside Japan due to international shipping, use of carriers with overseas operations, and use of external services such as cloud/AI providers.
- •* If a user selects chat services such as WhatsApp, WeChat, or Kakao, information such as message contents and identifiers may be provided to and stored by those service providers (which may be located outside Japan).
- •* In accordance with applicable laws, the Company will, as necessary, present information such as the destination country, relevant systems in that country, and protective measures taken by the recipient, and obtain the user's consent. Consent may be obtained at the time the user agrees to the Terms of Service and/or selects a chat channel. The Company will also request appropriate protective measures from contractors and other recipients.
9. Retention Period
The Company retains information only for the period necessary to achieve the purposes above and deletes or anonymizes it when no longer needed. Typical retention periods are as follows:
- •* Case logs (chat/email/support history, billing-related records, etc.): 2 years after completion
- •* Identity verification documents, selfies, and powers of attorney: 90 days after completion
- •* Call recordings: 90 days from the date recorded
- •* Access logs and analytics data: As required by tool settings and operational needs (reviewed periodically)
Note: The Company may need to retain information longer to comply with laws or handle disputes.
10. Security Measures
- •The Company implements necessary and appropriate security measures to prevent leakage, loss, or damage of personal data, such as least-privilege access control, two-factor authentication, device/data protection, vendor management, and log management.
11. Requests for Disclosure, Correction, or Suspension of Use
- •* Users may request disclosure, correction/addition/deletion, suspension of use/erasure, or suspension of third-party provision regarding the Company's retained personal data.
- •* Please contact the Company at the contact point in Section 1. The Company may request additional information or documents for identity verification. Fees are, in principle, free of charge.
12. Response to Data Breaches
- •If a data breach occurs, the Company will take measures in accordance with applicable laws, including reporting to relevant authorities and notifying affected individuals as necessary.
13. Changes to This Policy
- •The Company may revise this Policy due to changes in laws or the Service. The revised Policy will be posted on the Company's website with the updated date. If there are material changes, the Company will provide notice by an appropriate method.