top of page

Privacy & Cookies Policy

Effective date: 26 August 2025

1. Introduction

DX TouchPoint Consulting (“we,” “us,” “our”) is committed to protecting the privacy of our website visitors, clients, and service users.

This policy applies when we act as a data controller—meaning we determine the purposes and methods of processing your personal data—in accordance with the following data protection laws and standards:

  • Japan’s Act on the Protection of Personal Information (APPI) and JIS Q 15001 PrivacyMark requirements

  • European Union’s General Data Protection Regulation (GDPR)

  • Other applicable international privacy and data protection regulations

 

We use cookies on our website to improve functionality, security, and user experience. For non-essential cookies, we will request your consent upon first visit.

2. How We Use Your Personal Data

We process personal data solely for legitimate business purposes, legal obligations, and service-related needs. The categories of data we collect and process include:

a. Usage Data

Includes IP address, browser type, operating system, referral source, visit duration, pages viewed, and navigation paths (via analytics tools).
Purpose: Website performance and user experience improvement.
Legal Basis: Legitimate interests (APPI, GDPR Art. 6(1)(f)).

 

b. Account and Contact Data

Includes name, email address, and information you provide through contact or consultation forms.
Purpose: Responding to inquiries, providing services, and account administration.
Legal Basis: Contractual necessity and legitimate interests (APPI, GDPR Art. 6(1)(b), 6(1)(f)).

 

c. Service Interaction Data

Includes details related to your consultation, project scope, or advisory services.
Purpose: Service delivery, strategic planning, documentation, and communication.
Legal Basis: Contract performance and legitimate interests.

 

d. Enquiry and Relationship Data

Includes metadata and history of communication between you and DX TouchPoint Consulting.
Purpose: Client relationship management and service quality assurance.
Legal Basis: Legitimate interests.

 

We may also process personal data for legal claims, internal audits, compliance, or risk management when required.

 

3. Sharing Your Data

We do not sell personal data. However, we may share data with the following, as necessary and legally appropriate:

  • Professional advisors, subcontractors, or IT service providers

  • Third-party vendors providing CRM, analytics, or cloud services

  • Legal or regulatory authorities if legally required

 

All sharing complies with APPI, GDPR, and equivalent privacy laws, with appropriate contracts and safeguards in place.

4. International Transfers

Your personal data may be transferred to or accessed from jurisdictions outside your country of residence, including Japan, the EU/EEA, the United States, and other regions where our service providers operate.

These transfers are protected by:

  • Adequacy decisions (GDPR Art. 45)

  • Standard contractual clauses, binding corporate rules, or

  • Equivalent safeguards under APPI and JIS Q 15001

5. Data Retention and Deletion

We retain personal data only for as long as necessary to fulfill service-related, legal, or contractual obligations.

Once retention periods expire, data is securely deleted or anonymized in accordance with:

  • GDPR Art. 5(1)(e)

  • APPI and JIS Q 15001 security protocols

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access your personal data

  • Request corrections or deletions

  • Restrict or object to processing

  • Withdraw consent where applicable

  • Request data portability

  • Lodge a complaint with a supervisory authority

 

To exercise these rights, please submit a request using the Privacy Information Request Form (see Section 11).

7. About Cookies

a. What Are Cookies?

Cookies are small files stored on your device to support site functionality and user experience.

b. Types of Cookies We Use
Essential Cookies – required for core functionality
Preference Cookies – store language and layout settings
Security Cookies – help protect your data
Analytics Cookies – collect usage statistics (e.g., Google Analytics)
Marketing Cookies – used only with consent

c. Managing Cookies

You can disable cookies through your browser settings. However, some functionality may be limited.

8. Cookies from Third-Party Services

Our service providers (e.g., Google, CRM or analytics tools) may set cookies when you access our site. These are subject to their respective privacy policies.

9. Data Security

We implement appropriate technical and organizational measures to protect your data from loss, misuse, unauthorized access, or disclosure.

Our controls comply with:

  • JIS Q 15001: Annex on Information Security

  • APPI data protection standards

  • GDPR Art. 32

10. Policy Updates

We may revise this policy periodically. Updates will be posted on our website with a revised effective date. For significant changes, we may notify users via website alert or email.

11. Privacy Information Request Process

To request access to your personal data, corrections, deletions, or exercise any other rights under GDPR or APPI:

Please use our dedicated Privacy Information Request Form.

 

You will be asked to:

  • Provide your full name and contact details

  • Select the type of request (access, correction, deletion, etc.)

  • Upload proof of identity (required under APPI)

  • Indicate your preferred response method (email or postal mail)

 

We will confirm receipt, verify your identity, and respond within the timeframe required by law (usually within 30 days). Certain legal exemptions may apply.

12. Contact Details

We do not list our physical address or phone number publicly to prevent spam and misuse. For all privacy-related matters, please use the Privacy Information Request Form.

 

For general inquiries or consultations, please visit our Contact page or use the Book a Consultation form.

bottom of page