Path Spark Mesh Get in touch

Legal

Privacy Policy

Path Spark Mesh takes data protection seriously. This policy explains what personal data we collect, why we collect it, how it is used, and what rights you have in relation to it. We aim to keep this straightforward and honest.

Last updated: 12 May 2025

1. Data we collect

We collect the minimum data necessary to provide our services and communicate with enquirers. The following categories apply:

  • Contact form submissions: When you send a message, we receive your name, email address, subject (if provided), and message content. This data is used solely to respond to your enquiry.
  • Analytics data: If you have consented to analytics cookies, anonymised usage data is collected via third-party analytics tools. This includes pages visited, session duration, and broad geographic region. No personally identifying information is included.
  • Cookie consent preferences: Your cookie choices are stored locally in your browser using localStorage. This data does not leave your device.
  • Technical data: Standard server logs may record IP addresses and browser type as part of normal website operation. This data is not used for profiling.

2. How we use your data

  • Responding to enquiries: Contact form data is used exclusively to reply to your message and, if appropriate, to discuss the possibility of working together. We do not add you to any mailing list without explicit consent.
  • Website improvement: Anonymised analytics data is used to understand which content is most useful and to identify any technical issues with site performance.
  • Legal basis: Data processing is based on legitimate interest (responding to your message) and, where applicable, your explicit consent (cookies). We do not rely on any contractual obligation until a session has been formally agreed.
  • Data retention: Contact enquiries are retained for up to twelve months and then deleted unless an ongoing client relationship exists. Analytics data is subject to the retention policy of the analytics platform used.

3. Data sharing and third parties

We do not sell personal data to third parties under any circumstances. Data may be shared with the following categories of service providers only where necessary:

  • Analytics services: Anonymised usage data is shared with our analytics provider where consent has been given. This provider processes data in accordance with its own privacy policy.
  • Hosting infrastructure: The website is hosted on servers operated by a third-party hosting provider. Standard server log data is processed as part of this arrangement.
  • Legal obligations: Personal data may be disclosed if required by applicable law, court order, or regulatory authority.

4. Data protection measures

  • Encryption in transit: The website uses HTTPS to encrypt all data exchanged between your browser and our servers.
  • Access controls: Contact form submissions are accessible only to authorised personnel involved in responding to enquiries.
  • Breach notification: In the event of a data breach that poses a risk to your rights or freedoms, we will notify affected individuals and, where required by applicable law, the relevant supervisory authority, within the timeframes specified by that law.
  • Local cookie storage: Cookie preferences are stored only in your browser's localStorage and are never transmitted to our servers.

5. Your rights

Right of access

You may request a copy of any personal data we hold about you. We will provide this within one calendar month of receiving a valid request.

Right to rectification

If any personal data we hold is inaccurate or incomplete, you may request that it be corrected or supplemented.

Right to erasure

You may request deletion of personal data we hold, provided that no legal obligation requires us to retain it.

Right to data portability

Where data has been provided by you and processed by automated means, you may request it in a structured, machine-readable format.

Right to object

You may object to processing carried out on the basis of legitimate interest. We will cease processing unless we can demonstrate compelling legitimate grounds.

Withdrawing consent

Where processing is based on your consent (e.g., optional cookies), you may withdraw that consent at any time via our Cookie Policy page.

To exercise any of these rights, please contact us via the contact page. We will respond within one calendar month.

Your Rights and Opt-Out Instructions

You are not required to provide any personal information when using this website. If you prefer not to share your data, you may: avoid filling out contact forms or any data-submitting features; disable cookies through your browser settings (see our Cookie Policy for more details); or contact us directly to request the deletion of any previously shared personal data. We respect your privacy choices. If you would like us to delete your data, please reach out via our Contact page. We will process your request promptly.

Retention and storage of personal information

Path Spark Mesh retains personal information only for the period required to fulfil the original purpose for which it was collected, or as required by Japanese law (Act on the Protection of Personal Information, APPI Article 19). For most contact-form submissions and consultation records, our retention period is up to 36 months from your last interaction; transactional records (e.g., invoices, refunds) are retained for the seven-year period mandated by Japanese tax law. After the retention period elapses, data is securely deleted or anonymised in line with our internal records-management policy. You may request earlier deletion at any time using the contact details below — we will action verified requests within 30 calendar days unless legally required to retain the information.

International transfers and cross-border safeguards

While Path Spark Mesh operates from Japan and stores most data on infrastructure located within the Japanese jurisdiction, certain processors used for hosting, email delivery and aggregated analytics may be located in the European Union, the United Kingdom or the United States. Where personal information is transferred outside Japan, transfers are made under safeguards required by APPI Article 28 — namely (i) the destination jurisdiction recognises an equivalent personal-information-protection framework, or (ii) the processor is contractually bound to standards substantially equivalent to APPI, or (iii) you have provided explicit informed consent at the point of collection. A list of sub-processors currently engaged is available on request.

Children's privacy and accessibility

Our services are not directed to children under sixteen (16). We do not knowingly collect personal information from minors and we apply additional verification when an account or enquiry appears to originate from a person below the age of consent. If you become aware that a child has provided us with personal information, please contact us using the channels below and we will delete the records promptly. We design our forms and consent flows to meet Japanese web-accessibility expectations (JIS X 8341-3) wherever practical; if you encounter an accessibility barrier preventing you from exercising your rights, please tell us and we will provide an alternative channel.

Contact — personal-information protection manager

Path Spark Mesh — Personal Information Protection Manager
Address: 〒273-0048 Chiba, Funabashi, Maruyama,
Phone: +81 47-438-5126
Email: info@pathsparkmesh.com

For complaints regarding personal-information handling that we cannot resolve to your satisfaction, you may contact the Personal Information Protection Commission of Japan (PPC, 個人情報保護委員会) at www.ppc.go.jp.