隐私政策

本文件以英语提供。

Effective Date: 2025 Nov 20

This Privacy Policy explains how Stayforge ("we," "our," or "the Company") collects, uses, stores, and protects personal information and service-usage data in connection with our software platform, APIs, IoT devices, and related applications ("the Services"). By accessing or using the Services, you agree to the terms described below.

1. Information We Collect

We collect the following categories of information:

1.1 Account and Profile Information

Name, email address, organization name, and related identifiers
Authentication information such as OAuth profiles and login metadata
Organization and tenant association information used within the Stayforge platform

1.2 Google User Data (When Signing in with Google)

If you choose to sign in using Google OAuth, we may obtain:

Email address
Display name
Google account identifier (sub)

We do not access any additional Google user data beyond the scopes required for authentication.

1.3 Service and API Usage Data

API requests, request metadata, execution logs
IoT device access events and audit logs
Device identifiers, firmware information, operational and diagnostic data

1.4 Payment and Billing Information

Billing details necessary for processing payments through Stripe (We do not store full credit card numbers.)

1.5 Technical Data

IP address, browser type, operating system, and device identifiers
Cookies, session metadata, performance and reliability metrics

1.6 Communication and Support Records

Emails, support tickets, error reports, diagnostic information

2. How We Use Personal Information

We use collected data only for legitimate operational purposes:

Providing, maintaining, and improving the Services
Account authentication, including Google OAuth login
Access control, device management, and security auditing
Usage measurement, subscription management, and billing
Fraud prevention and incident investigation
Customer support and system maintenance
Compliance with legal and regulatory obligations

We do not sell personal information or use it for targeted advertising.

3. Use of Google User Data

We access Google user data only for the purpose of authentication and user identification. Specifically:

The email address and display name are used to create or identify your Stayforge account
The Google account identifier ("sub") is used to uniquely associate your login
Google data is not used for any unrelated purpose

We do not:

use Google user data for advertising or marketing
transfer Google data to third parties except as required to provide our Services
combine Google user data with unrelated datasets
store or request additional Google information beyond the granted scopes

This use complies with the Google API Services User Data Policy, including all Limited Use requirements.

4. Sharing of Information

We only share personal information with third parties under the conditions described below.

4.1 Cloud Infrastructure Providers

We rely on reputable cloud service providers—such as Google Cloud, Cloudflare, DigitalOcean, and equivalent providers—to host, secure, and deliver the Services.

These providers process data exclusively on our behalf under strict contractual and security obligations.

4.2 Authorized Subcontractors and Service Providers

We may engage subcontractors or technical partners for:

system maintenance and monitoring
hardware logistics and device provisioning
customer support assistance
security auditing or software development
data processing tasks required for service operation

All subcontractors are required to maintain confidentiality and use the information only for the tasks assigned.

4.3 Payment Processors

Stripe receives only the information required to securely process payments.

4.4 Legal Compliance and Protection

We may share information when required by law, regulation, or valid governmental request, or to protect the rights, property, or safety of our users or the Company.

4.5 Consent-Based Sharing

We will not share personal information with third parties for any unrelated purpose without your explicit consent.

5. International Data Transfers

Your data may be processed in regions where we or our service providers operate.

All providers adhere to recognized international security and privacy standards.

6. Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, or as required by law.

Access logs, device logs, and API usage records may be retained for security and audit requirements.

7. Security Measures

We implement commercially appropriate security measures, including:

TLS encryption for all data in transit
Encrypted storage for sensitive data
Role-based access control and API key rotation
Network-level protection through Cloudflare and GCP
Continuous monitoring and anomaly detection

No method of transmission or storage is completely secure, but we take reasonable steps to safeguard information.

8. Cookies and Tracking Technologies

We use cookies and session identifiers for authentication, reliability, and performance measurement.

You may disable cookies in your browser, but some features may not function properly.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal information
Request corrections or updates
Request deletion of personal information
Restrict or object to certain forms of processing
Request portability of your data

You may exercise these rights by contacting: support@stayforge.co

Rights Related to Google User Data

Users may specifically request deletion of Google-linked account data at any time.

Upon verification, we will delete all Google user data stored in our systems unless retention is required for legal or security purposes.

10. Deletion of Google User Data

You may request deletion of Google OAuth login information by contacting support@stayforge.co.

We will remove associated Google user data from our systems within a reasonable timeframe, except where retention is legally required.

11. Children's Privacy

The Services are not intended for individuals under the age of 16.

We do not knowingly collect personal information from children.

12. Changes to This Privacy Policy

We may update this Policy from time to time.

Revisions will be posted on this page with an updated effective date.

Your continued use of the Services constitutes acceptance of the changes.

13. Contact Information

For questions or requests related to privacy, you may contact:

Stayforge – Privacy Office

Email: support@stayforge.co

2F-C, Shibuya Dogenzaka Tokyu Building,
1-10-8 Dogenzaka, Shibuya-ku, Tokyo 150-0043, Japan