Terms and Conditions

Article 1: General Provisions
These Terms and Conditions (these “Terms”) set forth the rights and obligations between Plug, Inc. (the “Company”) and persons whose registration has been approved by the Company (“Members”) with respect to the use of the service provided through the website “Crepo Package Design AI,” which is owned and operated by the Company (the “Service”).
Article 2: Scope of Application and Amendments to These Terms
1. These Terms shall apply to the Company and Members (as defined in Article 4) with respect to the provision and use of the Service.
2. The Company may amend these Terms without obtaining the prior consent of Members. The amended Terms shall be made available through the Service, and Members shall be requested to consent to them again. Members who do not consent may not continue to use the Service.
Article 3: Use of the Service
Members shall use the Service in accordance with these Terms and any user guides or other guidelines separately established by the Company.
Article 4: Membership
“Member” means a person who, in accordance with Article 5, registers to use the Service or purchase the Company’s products (“Member Registration”) and whose use of the Service has been approved by the Company. If a person completes Member Registration for the Service, such person shall be deemed to have agreed to these Terms.
Article 5: Membership Eligibility
1. Membership status, as defined by the Company, shall be validly granted upon the Member’s acceptance of these Terms and completion of all prescribed registration procedures.
2. Notwithstanding the preceding paragraph, if the Company determines that it is inappropriate to approve a person as a Member based on these Terms or other relevant regulations, the Company may revoke such Member status.
Article 6: Management of ID and Password
1. When using this Site after registration, Members shall use the ID and password provided by the Company or registered by the Member.
2. Members who wish to do so may register a telephone number for authentication and enable one-time password authentication via short message service (SMS) (multi-factor authentication). However, this feature is not available to Members using a trial plan.
3. Members shall bear full responsibility for the management and use of their own IDs and passwords. The Company recommends that Members change their passwords regularly or enable multi-factor authentication.
4. Members shall not transfer, sell, lend, or otherwise make their IDs or passwords available to any third party, or engage in any similar acts.
5. The Company shall not be liable for any damages arising in connection with the use or management of IDs and passwords by a Member or any third party, regardless of whether such use or management was due to willful misconduct or negligence.
6. The Company has implemented an account lockout system as a measure against unauthorized access. If a Member fails to log in ten consecutive times, the Member’s ID and password will be disabled.
Article 7: Member Registration Information
1. Members shall not make any false declarations regarding any of the items of registration information provided at the time of Member Registration (the “Registration Information”).
2. After Member Registration, Members shall complete the registration information update procedures conducted periodically by the Company within the period separately specified by the Company.
Article 8: Management of Registration Information
The Company shall implement preventive and security measures regarding the management of Member information to prevent tampering, leakage, or unauthorized access.
Article 9: Handling of Personal Information
1. Registered personal information will be used, in accordance with the Company’s Privacy Policy, for management as user information, routine communications, purchase procedures, shipping procedures, and accounting procedures. It may also be used to send notifications or communications regarding additions or updates to information concerning the Service. Registered personal information may also be entrusted to subcontractors within the scope necessary to achieve the stated purposes of use. It will not be used for any other purposes or provided to third parties.
2. Contact for inquiries regarding the Privacy Policy and the handling of personal information: Public Relations Department: 03-5577-7810; Personal Information Protection Officer: Naomi Murakawa: privacy@plug-inc.jp
Article 10: Confidentiality Provisions
The Company shall endeavor to maintain the confidentiality of the following matters for the purpose of protecting confidential information, including data held by Members using the Service. Each type of data shall be promptly deleted after the retention period specified below has elapsed. However, even while membership registration remains active, the data described in items 1, 2, and 5 below shall be promptly deleted upon a deletion request from the relevant Member via the inquiry form, email, or telephone, even if the applicable retention period has not yet elapsed. The retention period may also be extended at the request of the relevant Member via the inquiry form, email, or telephone.
  • 1. Uploaded images used for design evaluation and resulting heatmap images: 30 days
  • 2. Images generated through the design generation function: 35 days
  • 3. Account information, user information, and login history: until cancellation of membership
  • 4. Created project information (PDF and CSV files of results and data for output): until cancellation of membership
  • 5. Backup data for items 1 and 2: 35 days
  • 6. Backup data for items 3 and 4: 30 days
  • 7. Operation log data in this system: 1,100 days
Article 11: Prohibited Acts by Members
Members shall not engage in any of the following acts or any acts that may fall under any of the following. If the Company determines that a Member has violated any of these prohibitions, the Company may temporarily suspend use of the Service, terminate the Member’s membership, or take any other measures deemed necessary by the Company.
  • 1. Acts contrary to public order and morals
  • 2. Acts that violate laws or regulations, these Terms, or other rules established by the Company
  • 3. Acts that slander or defame the Company, other members, or third parties
  • 4. Acts involving the unauthorized use of, or allowing the unauthorized use of, an ID or password
  • 5. Acts intended to cause disadvantage or damage to the Company, other members, or third parties
  • 6. Acts involving the transmission or posting of harmful computer programs or similar content
  • 7. Acts of falsifying information accessible through this Site
  • 8. Acts that interfere with the operation of this Service
  • 9. Acts involving false registration
  • 10. Engaging in sales activities related to this Service that have not been approved by the Company, or acts that may be deemed to have such a nature
  • 11. Any other acts that the Company deems inappropriate
Article 12: Changes to Registration Information
If there are any changes to the information provided at the time of registration, the Member shall promptly notify the Company of such changes using the method designated by the Company.
Article 13: Cancellation of Membership
1. If a Member wishes to cancel membership, the Member shall notify the Company via the inquiry form, email, or telephone.
2. Upon receipt of a request to cancel membership, the Company will promptly delete account information (including the relevant ID and password), user information, login history, and project information (Article 10, items 3 and 4). After the deletion process is complete, the Member will no longer be able to view such information. However, backup data and operation logs (Article 10, items 6 and 7) will be deleted after the retention period specified in Article 10 has elapsed, even after cancellation of membership.
3. If a request to delete uploaded images and generated images (Article 10, items 1 and 2) is submitted simultaneously with the request to cancel membership, the Company will promptly delete the relevant uploaded images and generated images, including the backup data specified in Article 10, item 5.
4. If no deletion request is made as described in the preceding paragraph, the images will be deleted after the retention period specified in Article 10 has elapsed.
Article 14: Revocation of Membership
1. If a Member’s conduct falls under any of the following categories, the Company may immediately revoke the Member’s membership and terminate all or part of the Agreement prospectively without any prior notice.
  • 1. In the event of unauthorized use of an ID or password
  • 2. If the Member receives a disposition from a regulatory authority, such as revocation or suspension of business operations
  • 3. When a bill of exchange or check issued by the Member is dishonored, or when the Member is subject to suspension of banking transactions
  • 4. When the Member is subject to enforcement measures for delinquency in the payment of taxes and public dues
  • 5. If the Member is subject to provisional seizure, seizure, provisional disposition, auction, compulsory execution, or other similar measures
  • 6. When a petition for bankruptcy, civil rehabilitation, corporate reorganization, or similar proceedings is filed by or against the Member
  • 7. When a resolution is passed to suspend or cease business operations, dissolve the company, or when the company enters liquidation proceedings
  • 8. When a significant organizational change, such as a merger or transfer of business, occurs
  • 9. When entrusted services are significantly delayed or become impossible to perform due to causes attributable to either the Company or the Member
  • 10. When there are other reasonable grounds to determine that it is difficult to continue the business relationship
  • 11. If there are false statements in the declarations or notifications submitted to the Company
  • 12. In the event of a delay in payment or other failure to fulfill payment obligations related to this Service
  • 13. If there is a violation of the prohibited acts set forth in Article 11
  • 14. In addition to the preceding item, if there is a violation of these Terms or other regulations established by the Company
  • 15. If it is discovered that the Member’s membership registration has been revoked in the past due to a violation of these Terms or similar reasons
  • 16. If there has been any fraudulent or improper conduct in the use of the Service
2. The termination described in the preceding paragraph shall not preclude the Company from claiming damages from the other party.
3. When the Company revokes a Member’s membership, the Company shall revoke all rights that the Member has on this Site.
Article 15: Ownership of Rights
1. All intellectual property rights, including copyrights, and all other rights and authority pertaining to the Service’s website data and the systems, software, applications, modules, etc. related to the Service (collectively, “Data, etc.”) shall belong to the Company. Members shall not process, modify, edit, reproduce, reprint, sell to third parties, transfer, lend, or otherwise transfer possession of such Data, etc. without the Company’s permission. However, images and result data owned by Members and used by Members in using the Service shall not constitute such Data, etc.
2. Under no circumstances may a Member reverse engineer, decompile, or disassemble the systems, etc.
3. When using the Service, Members shall take necessary measures to ensure that they do not infringe upon the intellectual property rights (such as copyrights, design rights, and trademark rights) or other rights held by third parties.
4. This Article shall remain in full force and effect even after the termination of this Agreement between the Company and the Member.
5. As a general rule, secondary use of data is prohibited. “Secondary use” refers to disclosing to third parties the results obtained through the use of the Service or the data itself. However, disclosure of necessary information limited to specific parties for the purpose of promoting sales of the relevant products shall not constitute secondary use.
Article 16: Restrictions
1. Membership is generally limited to corporate customers. However, the Company may refuse to sell the Service to entities that the Company deems to be competitors or to entities that the Company determines may present issues regarding data sales or use.
2. The scope of use of the Service is as follows:
  • – The Service may be used only within the business premises of the purchasing corporation (or, if purchased through a separate legal entity such as a group purchasing company, the actual using corporation).
  • – “Business premises” refers to a location where economic activities are conducted within a single section under a single management entity. Note that in cases where a group purchasing company or similar entity performs only a portion of the management entity’s functions, it shall be deemed to be integrated with the parent company or similar entity.
3. Up to five accounts may be used per member.
4. Data, etc. are sold on the premise that Members will use them directly, and resale or lending for the purpose of generating profit for the Member or any third party is prohibited.
Article 17: Disputes Regarding Rights
1. If a dispute arises between a Member and the Company or a third party regarding infringement of copyrights, design rights, trademark rights, other intellectual property rights, or other rights due to causes attributable to the Member, the Member shall resolve such dispute at the Member’s own responsibility and expense.
2. If a dispute arises between the Company and a Member or a third party regarding infringement of copyrights, design rights, trademark rights, other intellectual property rights, or other rights due to causes attributable to the Company, the Company shall resolve such dispute at its own responsibility and expense.
3. Upon becoming aware that a dispute described in the preceding two paragraphs has arisen, the Member and the Company shall immediately notify each other of such fact.
Article 18: Assignment of Rights and Obligations
1. Members shall not assign to any third party the status obtained through Member Registration or any rights or obligations arising from this Agreement.
2. The Company may, at its discretion, assign all or part of the Service to a third party; in such a case, all rights of users related to the Service, including the Member’s account, shall be transferred to the assignee within the scope of the assigned rights.
Article 19: Usage Fees, etc.
1. Members shall pay the usage fees separately specified by the Company for use of the Service in accordance with the method separately specified by the Company.
2. The Company may change the usage fees specified in the preceding paragraph and the payment methods without prior notice to Members. In such cases, the Company shall notify Members by a method it deems appropriate.
3. Any bank transfer fees or other costs necessary for the payment described in the preceding paragraph shall be borne by the Member.
Article 20: Exchanges, Returns, and Cancellations
Please note that, due to the nature of the sales format, exchanges or returns of data provided through the Service cannot be accepted after a plan has been finalized. However, this does not apply to cases not attributable to the customer. If a Member wishes to cancel the contract for the Service after a plan has been finalized, the Member must contact the Company within one week of such finalization and before the forecast values are calculated.
Article 21: Notices
Notices from the Company to Members regarding the use of this website and pursuant to these Terms shall be made by the Company via the email address provided by the Member or by any other method separately specified by the Company.
If a Member fails to update the registered email address or other registration information as necessary, and as a result, any notices or documents sent by the Company are delayed or fail to reach the Member, the Member shall have no objection to such notices or documents being deemed to have been received at the time they would normally have been received.
Article 22: Disclosure of Information
If the Company receives a disclosure request pursuant to laws and regulations, or if a judicial or administrative authority requests information through lawful procedures, the Company may disclose usage records (logs) and other necessary information regarding the Service to such authority without the Member’s consent.
Such disclosure will be made in accordance with laws and regulations and within a reasonable scope.
Article 23: Disclaimer
1. The Company shall not be liable for any actions taken by a Member based on results provided by the Company to the Member through the Service.
2. The Company shall not be liable for any damages incurred directly or indirectly by a Member as a result of using the Service.
3. The Company shall have no obligation to modify, alter, or add to equipment, systems, or software managed by the Company, or to change the method of providing the Service, in order to ensure compatibility with the communication devices and software used by Members when using the Service.
4. The Company uses Amazon Web Services (“AWS”) to provide the Service. The division of responsibilities between the Company and AWS shall be in accordance with AWS’s “Shared Responsibility Model.” AWS is responsible for the security of infrastructure such as data centers, network equipment, and virtualization platforms. The Company is responsible for matters related to the operation, management, and configuration of the Service, including applications built on AWS, system settings, and the management and protection of user data. The Company does not provide any warranty beyond the scope of AWS’s responsibility with respect to damages arising from AWS failures, outages, security incidents, or similar events.
5. The Company does not warrant that the Site, servers, various types of content, or emails sent from the Company’s Site are free from viruses or other harmful elements.
6. The Company shall not be liable for any damages of any kind arising from the use of this Site, including but not limited to direct, indirect, incidental, punitive, or consequential damages.
7. If a Member violates these Terms or other applicable regulations and is subject to any claim or lawsuit by another Member or a third party for causing damage to such Member or third party, the Member shall resolve such claim or lawsuit at the Member’s own expense and responsibility, and the Company shall bear no liability whatsoever.
Article 24: Supplementary Provisions Regarding the Use of Generative AI
In providing the package design generation function, the Service may use generative AI models provided by third parties such as Google and OpenAI (the “External Generative AI Models”). Although the Company has confirmed in advance the handling of information input into such External Generative AI Models, including storage, retraining, and analysis, as well as the security levels thereof, such handling shall be subject to the latest terms of use and related policies established by each model provider, and the Company makes no warranty with respect to such handling. Because such terms and policies may be amended from time to time, each Member shall make appropriate decisions regarding the information to be input based on its own information management policies and other relevant considerations.
Article 25: Changes to the Content of the Service, and Temporary Interruption, Suspension, and Discontinuation of the Service
In order to maintain the Service in good working order, the Company shall, in principle, notify Members at least one week before the implementation date when maintenance, inspection, or updates of the equipment or systems used to provide the Service are necessary. Furthermore, in any of the following cases, the Company may modify all or part of the Service or suspend all or part of the provision of the Service without prior notice to Members.
  • 1. When the provision of the Service becomes difficult due to fire, power outages, acts of interference by third parties, or similar circumstances
  • 2. If the provision of communication lines by the telecommunications carrier responsible for the Service’s communications is interrupted or suspended, making it difficult to provide the Service
  • 3. If the Company is ordered to temporarily interrupt, suspend, or discontinue the Service by a court, other public authority, or pursuant to laws and regulations
  • 4. In any other case where the Company determines that temporary interruption or suspension of all or part of the Service is unavoidably necessary
  • 5. The Company shall not be liable for any disadvantage or damage incurred by a Member as a result of changes to the content of the Service, or temporary interruption, suspension, or discontinuation of the Service pursuant to the preceding paragraph.
Article 26: Incident Response and Backups
1. If the Company confirms the occurrence of a failure, outage, data loss, security breach, or other serious event that hinders the provision of the Service (an “Incident”), the Company will identify the cause and assess the scope of impact as promptly as possible. If the Company determines that Members are affected, the Company will promptly notify them. The Company will aim to carry out recovery measures with a target recovery time of one day or less and a target annual service uptime of 99% or higher.
2. The Company will perform backups for the purpose of preserving Members’ data. Data will be stored on AWS storage services, and automatic backups will be performed once per day. Backup data will be retained for a specified period (30 days) and then sequentially deleted. In the event of an Incident, the Company will attempt to restore data from the most recent backup to the extent possible.
Article 27: Governing Law
These Terms shall be governed by and construed in accordance with the laws of Japan.
Article 28: Exclusive Jurisdiction
In the event of any dispute arising between the Company and a Member in connection with these Terms, the court having jurisdiction over the location of the Company’s head office shall be the exclusive court of first instance.
Article 29 : Regulations Concerning Handling of Personal Information Outside of Japan
The following provisions shall apply to the handling of personal information outside of Japan. If there is any difference between the provisions up to Article 26 and Article 29 regarding the handling of personal information outside of Japan, the provisions of Article 29 shall take precedence.
1. Personal Data to be collected
Personal data to be collected for the use of this service is as follows.
  • 1. Company/organization name
  • 2. Head office, branch office, branch office, laboratory
  • 3. Department
  • 4. Name
  • 5. Country
  • 6. Postal code
  • 7. Address
  • 8. Building name
  • 9. Telephone number
  • 10. E-mail address
  • 11. Password
Personal data collected shall be general personal data, and no special personal data such as health data or genetic data shall be handled. By agreeing to these Terms of Use and Privacy Policy, you give us permission to share your personal information. Even after consent has been given, consent may be withdrawn upon request of the individual and upon confirmation of the individual's identity by us. Personal data of minors shall not be handled.
2. Purpose of collecting personal data in each category
Personal data collected will be used to provide information necessary for the use of this service, to promote the use of this service, to communicate new features and services, and to provide information on the state of use.
The personal data will be collected for the purpose of sending information necessary for the use of the service, communicating new functions and services to promote the use of the service, communicating the status of use, and billing for the use of the service, etc.
The data will be used for the purpose of sending information and exchanging information according to the actual usage of each individual.
Personal information will not be disclosed to third parties other than companies involved in the provision and sale of this service.
3. Details of the data administrator
The data controller shall be Plug Inc. The personal data processor shall be the person responsible for information security management of Plug and a person appointed by this person and approved by the data controller.
We may entrust the following sub-processors with the processing of personal data to the extent necessary for the purposes of use of personal data as described in this document. We will ensure that the sub-processor complies with the provisions of this Article and the applicable laws of each country.
<Sub-processors>
  • INTAGE CHINA (Shanghai) Co.
  • INTAGE (Thailand) Co.
  • INTAGE INDONESIA, Inc.
  • INTAGE SINGAPORE PTE.
4. Storage period of personal data
All personal data acquired will be stored. The period of storage shall be from the time of use of the Service to the time of withdrawal from membership. However, one month will be allowed between the withdrawal request and the deletion of the personal data. In the event that a member requests deletion of his/her personal data, the personal data will be deleted as soon as the member's identity is confirmed. When personal information is no longer needed due to termination of this service, etc., all personal information will be deleted and all registered individuals will be notified of this.
5. The rights and methods of access to personal data, including the conditions regarding who has the right to access personal data and the conditions for accessing such personal data
Persons entitled to access personal data shall be limited to PLUG employees and employees of marketing partners who have received appropriate information management training. Information management training shall be conducted annually and the completion of such training shall be recorded. Personal data shall be stored on a secure server, and only authorized employees shall be able to access it through password management.
6. Use and disclosure of personal data without consent
The Company and its marketing partners will not acquire personal data without consent. In the event that we discover that personal data has been acquired, we will immediately delete the data and inform the subject individual of the date and time of deletion. In the event of a breach of personal data, we will disclose this fact within 72 hours to the registrant and, if necessary, to the data protection authorities in the target country, and will take immediate action. If an individual suffers damage as a result of our illegal actions, we will compensate the individual for the damage caused by the illegal actions.
7. Refusal of request or objection from the individual
When we receive a request for disclosure, correction, or deletion of personal information from an individual, we will disclose, correct, or delete the information within 72 hours after confirming the identity of the individual. However, if we are unable to confirm the identity of the person whose personal information is being disclosed, we will withhold action on the request until we can confirm the identity of the person. In addition, data portability rights will be granted to the individual to whom the personal information has been disclosed.
8. Explanation of Appropriate Security Measures for Personal Data
Personal data will be stored and operated strictly in accordance with ISO27001 information security regulations for which Plug Co.

Effective April 1, 2019
Revised April 17, 2026

Privacy Policy (EN)

This Privacy Policy describes how PLUG Inc., whose scope of business is AI services, marketing research and design, collects, uses, processes and discloses your personal data through the provision of packaging design evaluation AI and other services (collectively, the "Services") PLUG is the controller handling Personal Data and the processors handling Personal Data are the ISMS Manager of PLUG and those selected by the ISMS Manager and approved by the Manager.

Personal Data" means any information that identifies or can be used to identify you. This includes, but is not limited to, your name, company, organization, telephone number, and e-mail address. However, the personal data we collect will not include sensitive personal data as defined by the GDPR. We generally collect, use, disclose, or otherwise process your personal data in accordance with this Privacy Notice, with your consent, and in accordance with applicable local laws, such as the GDPR and the Thai Personal Data Protection Act (PDPA) and the Indonesian Personal Data Protection Law (PDPL).

I. Collection of Personal Data
We collect your personal data in the ways listed below. We may also combine personal data collected through these various channels.
When you provide us with personal data
We collect personal data from you when you use the Services and provide it to us when you fill out a user profile or registration form (such as name, contact information, and other identifying information, as appropriate).
II. Use of Personal Data
We may use personal data for the purposes listed below.
Provision of services and functions
Your personal data is used to provide, personalize, maintain and improve our web services. This includes using your personal data for the following purposes
  • ● To provide services to our customers in our various business areas
  • ● To create, manage and update customer accounts
  • ● To verify customer usage and affiliation (if necessary)
  • ● To bill customers based on their use of our services
  • ● To conduct interviews and questionnaires regarding customers' requests for our services
User Support
We use personal data to resolve user support issues. For example, we do the following
  • ● Investigate and address concerns
  • ● Monitor and improve user support response
  • ● Responding to questions, comments, and feedback
  • ● Notifying customers of actions taken to resolve user support issues
R&D and Security
We may use the personal data we collect for testing, research, analysis, and product development. This allows us to understand and analyze your needs and preferences, protect your personal data, improve and enhance the safety and security of our services, and facilitate the development of new features, products, and services.
Legal purpose
We may use the personal data we collect for legal purposes, such as to investigate and resolve claims or disputes, detect/prevent/prosecute crimes, or as permitted or required by applicable law. We may also use your personal data when required, advised, recommended, expected or requested to do so by our legal counsel or by any national or international legal, regulatory, governmental or other authority.
Marketing and Promotion
We may use your personal data to send you marketing information about new services, events, promotions, seminars, etc.
In our transmissions, we may communicate such marketing to you by various means (SMS, chat applications (WhatsApp, Telegram, LINE, Viber, WeChat, Zalo, etc.), push notifications, calls, emails, etc.).If you wish to stop receiving such marketing communications, please ask the Administrative Manager to unsubscribe. Please note that even if you opt out of receiving marketing or promotional communications, Plug may still send you content and questions as necessary, such as service use or account verification.
III. Disclosure of Personal Data
For this purpose, we need to share personal data with the following marketing partners for the Service. In the event that we share personal data with our marketing partners, a Data Processing Agreement (DPA) shall be executed between us and the marketing partners in advance. Marketing partners with whom we share personal data are responsible for complying with this Privacy Policy in the same manner as we do.
Plug's relationship with its business partners
We may provide your Personal Data to our vendors, consultants, marketing partners, research firms, and other service providers and business partners.
If we market our services through Plug's marketing partners, we may share your personal data with them for future marketing efforts.
With our legal counsel and government authorities.
We may share your personal data with our legal counsel, law enforcement authorities, government authorities, and other third parties. This may be for legal purposes, when we need to respond to an emergency situation that threatens the life, health, or safety of a person, or when it is necessary for the public interest.
Business transfer
We may share your personal data with other parties in connection with acquisitions, sales, mergers, joint ventures, consolidations, reorganizations, financings, or other business transactions of any kind. However, your personal data will be subject to our obligations in any existing privacy notices to which you have consented.
IV. Retention of Personal Data
We will retain your Personal Data for as long as necessary to fulfill the purposes outlined in this Notice. If your Personal Data is no longer needed for the Services or purposes, or if we no longer have a legal or business purpose for retaining your Personal Data, we will erase, destroy, anonymize, or take steps to prevent access or use of such Personal Data in accordance with the requirements of applicable law. We will not use your personal data for any other purpose.
V. International Transfer of Personal Data
Your Personal Data may be transferred from the country, state and city in which you are using our Services ("Home Country") to another country, state and city ("Alternative Country").
If we transfer your Personal Data from your Home Country to an Alternate Country, we will comply with our legal and regulatory obligations regarding your Personal Data, including having a lawful basis to transfer the Personal Data and taking appropriate safeguards to ensure an adequate level of protection for the Personal Data. We will We also ensure that recipients in alternative countries are obligated to protect your personal data with a level of protection equivalent to the protection afforded under applicable law and the ISMS standard.
Our lawful basis is either consent (i.e., we may seek your consent to transfer your personal data from your home country to the alternate country when you provide us with your personal data) or safeguards permitted by law.
VI. Cookies, related technologies and advertising on third party platforms
Cookies
We may use cookies, web beacons, tags, scripts, local shared objects such as HTML5, ad identifiers and similar technologies (collectively, "cookies") in connection with your use of the Website and App. Cookies have a unique identifier and reside on your computer or mobile device, in emails we send to you, and on our web pages, among others. Cookies are used for a variety of purposes, including. Provide basic functionality essential to the use of our websites, services or apps. To authenticate you or remember your user preferences and settings. To deliver and measure the effectiveness of advertising campaigns, such as measuring views and clicks.
Disabling the collection of cookies on our website
You have the right to choose to disable, block, or disable cookies. However, please note that the rejection or deletion of some cookies may affect the availability, functionality, or use of our websites, services, or apps. You may adjust your Internet browser settings to disable, block, or disable cookies, delete your browsing history, or clear your Internet browser cache. These settings may be found in the "History", "Preferences", "Settings" or "Privacy" sections of your Internet browser. You can also adjust your cookie settings here.
VII. Protection of Personal Data
We will take reasonable legal, organizational, and technical measures to ensure that your personal data is protected. This includes measures to prevent personal data from being lost or used or accessed in an unauthorized manner. We limit access to your personal data to our employees on a need-to-know basis. Those who process your personal data are required to do so only by authorized means and to treat your information confidentially in accordance with the security standards required by ISMS. We are ISO 27001 and Privacy Mark certified. We promote the handling (including the obligation to record and maintain handling records) and protection of personal data in accordance with the privacy standards required by these standards. In the event of a significant security incident involving personal data that constitutes a data breach, we will immediately notify the subject of the personal data and any supervisory authority required by applicable law within 72 hours and implement remedial measures.However, please understand that the transmission of information over the Internet is not completely secure. While we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through online means.
VIII. Your rights regarding your personal data
Subject to applicable law, you have the right to
  • ● Inquire about the processing of your personal data and be provided with a copy of it
  • ● Inquire about the processing of your personal data and be provided with a copy of it
  • ● In some cases request correction and/or deletion of your personal data, as the case may be
  • ● Request restriction of, or oppose processing of, your personal data, as the case may be
  • ● Request a restriction on, or object to, the processing of your personal data, as the case may be
  • ● Request that we receive or transmit in machine-readable form to another organization the personal data you have provided to us if we are using your personal data on the basis of consent or performance of a contract
  • ● Complain to the relevant data privacy authority if your data privacy rights have been breached or if you have been prejudiced as a result of the unlawful processing of your personal data
  • ● Where you are given the option to share your personal data with us, you may always choose not to do so.
If, after we have requested your consent to process your Personal Data, you choose to withdraw that consent, we will honor that choice in accordance with our legal obligations. However, if you choose not to share your Personal Data with us, withdraw your consent to our use of your Personal Data, or withdraw your consent to our Privacy Notice, we will be unable to take the actions necessary to achieve the purposes of the processing described in II Use of Personal Data or you may not be able to use the Services. Even after you choose to withdraw your consent, we may continue to process your Personal Data to the extent required or otherwise permitted by applicable law. We will review and verify all requests in advance. To verify your authority to make a request, we may ask you to provide information or documentation in support of your request. After review, we will validate your request within the timeframe required by applicable law.
IX. Corrections and updates
We may modify, update or amend the terms of this Privacy Notice at any time. Such amendments shall be communicated to you through the application and/or other appropriate means at least five (5) business days prior to the effective date. Updated versions will be posted on the Web Site. It is your responsibility to review the Privacy Notice on a regular basis. Your continued use of the Application, Website or Services after any amendment, update or revision of this Notice constitutes your agreement to be bound by such revision, whether or not reviewed by you.
X. How to contact us
If you have any questions about this notice or wish to exercise any of the rights described in this notice, please fill out the form below or send an email directly to our Data Protection Officer
  • Name : PLUG Inc. (Contact: ISMS Officer)
  • Address : Fuzanbo Bldg. 3F, 1-3-5 Jimbocho, Chiyoda-ku, Tokyo 101-0051, Japan
  • e-mail : info@plug-inc.jp
If you have any questions about how your data is used, please contact PLUG. The original of this notice is written in Japanese. In the event of any inconsistency between the Japanese version and any other language version, the Japanese version shall prevail.

Effective Date: May 1, 2024

Privacy Policy (IND)

Kebijakan Privasi ini menjelaskan bagaimana PLUG Inc, yang ruang lingkup bisnisnya adalah layanan AI, riset dan desain pemasaran, mengumpulkan, menggunakan, memproses, dan mengungkapkan data pribadi Anda melalui penyediaan AI evaluasi desain kemasan dan layanan lainnya (secara kolektif disebut sebagai "Layanan") PLUG adalah pengendali yang menangani Data Pribadi dan pemroses yang menangani Data Pribadi adalah Manajer ISMS PLUG dan mereka yang dipilih oleh Manajer ISMS dan disetujui oleh Manajer.

Data Pribadi" berarti informasi apa pun yang mengidentifikasi atau dapat digunakan untuk mengidentifikasi Anda. Ini termasuk, namun tidak terbatas pada, nama, perusahaan, organisasi, nomor telepon, dan alamat email Anda. Namun, data pribadi yang kami kumpulkan tidak akan mencakup data pribadi yang sensitif sebagaimana didefinisikan oleh GDPR. Kami umumnya mengumpulkan, menggunakan, mengungkapkan, atau memproses data pribadi Anda sesuai dengan Pemberitahuan Privasi ini, dengan persetujuan Anda, dan sesuai dengan hukum setempat yang berlaku, seperti GDPR dan Undang-Undang Perlindungan Data Pribadi Thailand (PDPA) dan Undang-Undang Perlindungan Data Pribadi Indonesia (PDPL).

I. Pengumpulan Data Pribadi
Kami mengumpulkan data pribadi Anda dengan cara-cara yang tercantum di bawah ini. Kami juga dapat menggabungkan data pribadi yang dikumpulkan melalui berbagai cara ini.When Anda memberikan data pribadi kepada kami Kami mengumpulkan data pribadi dari Anda saat Anda menggunakan Layanan dan memberikannya kepada kami saat Anda mengisi profil pengguna atau formulir pendaftaran (seperti nama, informasi kontak, dan informasi pengenal lainnya, sebagaimana mestinya).
II. Penggunaan Data Pribadi
Kami dapat menggunakan data pribadi untuk tujuan yang tercantum di bawah ini.
Penyediaan layanan dan fungsi
Data pribadi Anda digunakan untuk menyediakan, mempersonalisasi, memelihara, dan meningkatkan layanan web kami. Hal ini termasuk menggunakan data pribadi Anda untuk tujuan berikut
  • ● Memberikan layanan kepada nasabah kami di berbagai area bisnis kami
  • ● Untuk membuat, mengelola, dan memperbarui akun pelanggan
  • ● Untuk memverifikasi penggunaan dan afiliasi pelanggan (jika perlu)
  • ● Menagih pelanggan berdasarkan penggunaan layanan kami
  • ● Untuk melakukan wawancara dan kuesioner mengenai permintaan pelanggan atas layanan kami
Dukungan Pengguna
Kami menggunakan data pribadi untuk menyelesaikan masalah dukungan pengguna. Sebagai contoh, kami melakukan hal berikut.
  • ● Menyelidiki dan mengatasi masalah
  • ● Monitor and improve user support response
  • ● Menanggapi pertanyaan, komentar, dan umpan balik
  • ● Memberitahukan kepada pelanggan tentang tindakan yang diambil untuk menyelesaikan masalah dukungan pengguna
Litbang dan Keamanan
Kami dapat menggunakan data pribadi yang kami kumpulkan untuk pengujian, penelitian, analisis, dan pengembangan produk. Hal ini memungkinkan kami untuk memahami dan menganalisis kebutuhan dan preferensi Anda, melindungi data pribadi Anda, memperbaiki dan meningkatkan keselamatan dan keamanan layanan kami, serta memfasilitasi pengembangan fitur, produk, dan layanan baru.
Tujuan hukum
Kami dapat menggunakan data pribadi yang kami kumpulkan untuk tujuan hukum, seperti untuk menyelidiki dan menyelesaikan klaim atau perselisihan, mendeteksi/mencegah/menindak kejahatan, atau sebagaimana diizinkan atau diwajibkan oleh hukum yang berlaku. Kami juga dapat menggunakan data pribadi Anda jika diperlukan, disarankan, direkomendasikan, diharapkan, atau diminta oleh penasihat hukum kami atau oleh badan hukum, peraturan, pemerintah, atau otoritas lainnya di tingkat nasional atau internasional.
Pemasaran dan Promosi
Kami dapat menggunakan data pribadi Anda untuk mengirimkan informasi pemasaran mengenai layanan baru, acara, promosi, seminar, dll.
Dalam transmisi kami, kami dapat mengkomunikasikan pemasaran tersebut kepada Anda dengan berbagai cara (SMS, aplikasi obrolan (WhatsApp, Telegram, LINE, Viber, WeChat, Zalo, dll.), Pemberitahuan push, panggilan, email, dll.). Jika Anda ingin berhenti menerima komunikasi pemasaran tersebut, silakan minta Manajer Administrasi untuk berhenti berlangganan. Harap diperhatikan bahwa meskipun Anda memilih untuk tidak menerima komunikasi pemasaran atau promosi, Plug masih dapat mengirimkan konten dan pertanyaan yang diperlukan, seperti penggunaan layanan atau verifikasi akun.
III. Pengungkapan Data Pribadi
Untuk tujuan ini, kami perlu membagikan data pribadi dengan mitra pemasaran berikut untuk Layanan. Apabila kami membagikan data pribadi dengan mitra pemasaran kami, Perjanjian Pemrosesan Data (DPA) harus dilaksanakan antara kami dan mitra pemasaran terlebih dahulu. Mitra pemasaran yang kami bagikan data pribadi bertanggung jawab untuk mematuhi Kebijakan Privasi ini dengan cara yang sama seperti yang kami lakukan.
Hubungan Plug dengan mitra bisnisnya
Kami dapat memberikan Data Pribadi Anda kepada vendor, konsultan, mitra pemasaran, firma riset, dan penyedia layanan serta mitra bisnis kami lainnya. Jika kami memasarkan layanan kami melalui mitra pemasaran Plug, kami dapat membagikan data pribadi Anda kepada mereka untuk upaya pemasaran di masa mendatang.
Dengan penasihat hukum kami dan otoritas pemerintah.
Kami dapat membagikan data pribadi Anda kepada penasihat hukum kami, otoritas penegak hukum, otoritas pemerintah, dan pihak ketiga lainnya. Hal ini dapat dilakukan untuk tujuan hukum, saat kami perlu menanggapi situasi darurat yang mengancam nyawa, kesehatan, atau keselamatan seseorang, atau saat diperlukan untuk kepentingan publik.
Transfer bisnis
Kami dapat membagikan data pribadi Anda dengan pihak lain sehubungan dengan akuisisi, penjualan, merger, usaha patungan, konsolidasi, reorganisasi, pembiayaan, atau transaksi bisnis lainnya dalam bentuk apa pun. Namun, data pribadi Anda akan tunduk pada kewajiban kami dalam pemberitahuan privasi yang ada yang telah Anda setujui.
IV. Penyimpanan Data Pribadi
Kami akan menyimpan Data Pribadi Anda selama diperlukan untuk memenuhi tujuan yang diuraikan dalam Pemberitahuan ini. Jika Data Pribadi Anda tidak lagi diperlukan untuk Layanan atau tujuan, atau jika kami tidak lagi memiliki tujuan hukum atau bisnis untuk menyimpan Data Pribadi Anda, kami akan menghapus, memusnahkan, menganonimkan, atau mengambil langkah-langkah untuk mencegah akses atau penggunaan Data Pribadi tersebut sesuai dengan persyaratan hukum yang berlaku. Kami tidak akan menggunakan data pribadi Anda untuk tujuan lain apa pun.
V. Pemindahan Data Pribadi Internasional
Data Pribadi Anda dapat ditransfer dari negara, negara bagian, dan kota tempat Anda menggunakan Layanan kami ("Negara Asal") ke negara, negara bagian, dan kota lain ("Negara Alternatif"). Jika kami mentransfer Data Pribadi Anda dari Negara Asal ke Negara Alternatif, kami akan mematuhi kewajiban hukum dan peraturan kami terkait Data Pribadi Anda, termasuk memiliki dasar yang sah untuk mentransfer Data Pribadi tersebut dan melakukan perlindungan yang sesuai untuk memastikan tingkat perlindungan yang memadai untuk Data Pribadi tersebut. Kami juga akan memastikan bahwa penerima di negara alternatif berkewajiban untuk melindungi data pribadi Anda dengan tingkat perlindungan yang setara dengan perlindungan yang diberikan berdasarkan hukum yang berlaku dan standar ISMS. Dasar hukum kami adalah persetujuan (yaitu, kami dapat meminta persetujuan Anda untuk mentransfer data pribadi Anda dari negara asal Anda ke negara alternatif saat Anda memberikan data pribadi Anda kepada kami) atau perlindungan yang diizinkan oleh hukum.
VI. Cookie, teknologi terkait, dan iklan pada platform pihak ketiga
Cookies
Kami dapat menggunakan cookie, suar web, tag, skrip, objek bersama lokal seperti HTML5, pengidentifikasi iklan, dan teknologi serupa (secara kolektif disebut "cookie") sehubungan dengan penggunaan Situs Web dan Aplikasi oleh Anda. Cookie memiliki pengenal unik dan berada di komputer atau perangkat seluler Anda, di email yang kami kirimkan kepada Anda, dan di halaman web kami, di antaranya. Cookie digunakan untuk berbagai tujuan, termasuk. Menyediakan fungsionalitas dasar yang penting untuk penggunaan situs web, layanan, atau aplikasi kami. Untuk mengautentikasi Anda atau mengingat preferensi dan pengaturan pengguna Anda. Untuk menyampaikan dan mengukur efektivitas kampanye iklan, seperti mengukur tampilan dan klik.
Menonaktifkan pengumpulan cookie di situs web kami
Anda memiliki hak untuk memilih untuk menonaktifkan, memblokir, atau menghapus cookie. Namun, harap diperhatikan bahwa penolakan atau penghapusan beberapa cookie dapat memengaruhi ketersediaan, fungsionalitas, atau penggunaan situs web, layanan, atau aplikasi kami. Anda dapat menyesuaikan pengaturan browser Internet Anda untuk menonaktifkan, memblokir, atau menonaktifkan cookie, menghapus riwayat penelusuran, atau menghapus cache browser Internet Anda. Pengaturan ini dapat ditemukan di bagian "Riwayat", "Preferensi", "Pengaturan", atau "Privasi" pada peramban Internet Anda. Anda juga dapat menyesuaikan pengaturan cookie Anda di sini.
VII. Perlindungan Data Pribadi
Kami akan mengambil tindakan hukum, organisasi, dan teknis yang wajar untuk memastikan bahwa data pribadi Anda terlindungi. Hal ini mencakup tindakan untuk mencegah data pribadi hilang atau digunakan atau diakses dengan cara yang tidak sah. Kami membatasi akses ke data pribadi Anda hanya kepada karyawan kami yang perlu tahu. Mereka yang memproses data pribadi Anda diharuskan untuk melakukannya hanya dengan cara yang sah dan memperlakukan informasi Anda secara rahasia sesuai dengan standar keamanan yang disyaratkan oleh ISMS. Kami bersertifikat ISO 27001 dan Tanda Privasi. Kami mendukung penanganan (termasuk kewajiban untuk mencatat dan menyimpan catatan penanganan) dan perlindungan data pribadi sesuai dengan standar privasi yang diwajibkan oleh standar ini. Jika terjadi insiden keamanan signifikan yang melibatkan data pribadi yang merupakan pelanggaran data, kami akan segera memberi tahu subjek data pribadi dan otoritas pengawas apa pun yang diwajibkan oleh hukum yang berlaku dalam waktu 72 jam dan menerapkan langkah-langkah perbaikan, namun perlu dipahami bahwa transmisi informasi melalui Internet tidak sepenuhnya aman. Meskipun kami akan melakukan yang terbaik untuk melindungi Data Pribadi Anda, kami tidak dapat menjamin keamanan Data Pribadi Anda yang dikirimkan melalui sarana online.
VIII. Hak-hak Anda terkait data pribadi Anda
Dengan tunduk pada hukum yang berlaku, Anda memiliki hak untuk
  • ● Menanyakan tentang pemrosesan data pribadi Anda dan diberikan salinannya
    Dalam beberapa kasus, meminta koreksi dan/atau penghapusan data pribadi Anda, sesuai dengan kasusnya
  • ● Meminta pembatasan, atau menentang pemrosesan, data pribadi Anda, sesuai dengan kasusnya
  • ● Meminta pembatasan, atau menentang pemrosesan data pribadi Anda, tergantung pada kasusnya
  • ● Menarik persetujuan atas pemrosesan data pribadi Anda yang kami miliki atau kendalikan (dan di mana kami memproses data pribadi Anda berdasarkan persetujuan Anda)
  • ● Meminta kami menerima atau mengirimkan dalam bentuk yang dapat dibaca mesin kepada organisasi lain data pribadi yang telah Anda berikan kepada kami jika kami menggunakan data pribadi Anda atas dasar persetujuan atau pelaksanaan kontrak
  • ● Mengajukan keluhan kepada otoritas privasi data yang relevan jika hak privasi data Anda telah dilanggar atau jika Anda telah dirugikan sebagai akibat dari pemrosesan data pribadi Anda yang melanggar hukum
  • ● Apabila Anda diberi pilihan untuk membagikan data pribadi Anda kepada kami, Anda selalu dapat memilih untuk tidak melakukannya.
Apabila, setelah kami meminta persetujuan Anda untuk memproses Data Pribadi Anda, Anda memilih untuk menarik persetujuan tersebut, kami akan menghormati pilihan tersebut sesuai dengan kewajiban hukum kami. Namun, jika Anda memilih untuk tidak membagikan Data Pribadi Anda kepada kami, menarik persetujuan Anda atas penggunaan Data Pribadi Anda oleh kami, atau menarik persetujuan Anda atas Pemberitahuan Privasi kami, kami tidak akan dapat melakukan tindakan yang diperlukan untuk mencapai tujuan pemrosesan yang dijelaskan dalam II Penggunaan Data Pribadi atau Anda mungkin tidak dapat menggunakan Layanan.Bahkan setelah Anda memilih untuk menarik persetujuan Anda, kami dapat terus memproses Data Pribadi Anda sejauh yang diwajibkan atau diizinkan oleh hukum yang berlaku. Kami akan meninjau dan memverifikasi semua permintaan terlebih dahulu. Untuk memverifikasi otoritas Anda untuk membuat permintaan, kami dapat meminta Anda untuk memberikan informasi atau dokumentasi untuk mendukung permintaan Anda. Setelah ditinjau, kami akan memvalidasi permintaan Anda dalam jangka waktu yang diwajibkan oleh hukum yang berlaku.
IX. Koreksi dan pembaruan
Kami dapat memodifikasi, memperbarui, atau mengubah ketentuan-ketentuan dalam Pemberitahuan Privasi ini kapan saja. Perubahan tersebut akan dikomunikasikan kepada Anda melalui aplikasi dan/atau cara lain yang sesuai setidaknya lima (5) hari kerja sebelum tanggal efektif. Versi yang diperbarui akan diposting di Situs Web. Anda bertanggung jawab untuk meninjau Pemberitahuan Privasi secara teratur. Jika anda terus menggunakan Aplikasi, Situs Web atau Layanan setelah adanya perubahan, pembaruan atau revisi Pemberitahuan ini, maka anda setuju untuk terikat dengan revisi tersebut, baik yang telah anda tinjau maupun yang belum.
X. Cara menghubungi kami
Jika Anda memiliki pertanyaan tentang pemberitahuan ini atau ingin menggunakan salah satu hak yang dijelaskan dalam pemberitahuan ini, silakan isi formulir di bawah ini atau kirim email langsung ke Petugas Perlindungan Data kami
  • Nama : PLUG Inc. (Kontak: Petugas ISMS)
  • Alamat : Fuzanbo Bldg. 3F, 1-3-5 Jimbocho, Chiyoda-ku, Tokyo 101-0051, Jepang
  • e-mail : info@plug-inc.jp
Jika Anda memiliki pertanyaan tentang bagaimana data Anda digunakan, silakan hubungi PLUG. Dokumen asli pemberitahuan ini ditulis dalam bahasa Jepang. Jika terjadi ketidaksesuaian antara versi bahasa Jepang dan versi bahasa lainnya, maka versi bahasa Jepang yang akan berlaku. If you have any questions about how your data is used, please contact PLUG. The original of this notice is written in Japanese. In the event of any inconsistency between the Japanese version and any other language version, the Japanese version shall prevail.

Effective Date: May 1, 2024