RINKO.ai
LicensesTerms

Privacy Policy

Last updated: January 4, 2025

RINKO.ai ("Service") is a web service provided by Rinko.ai ("Company") that includes research and clinical data analysis support and writing assistance. The Company respects user privacy and handles personal information and related data appropriately in accordance with applicable laws.

This Policy describes the collection, use, storage, sharing, and protection of information in the Service, as well as user rights.

1. Definitions

  • "Personal Information": Information that can identify an individual, such as name and email address (including cases where identification is possible through easy cross-reference with other information).
  • "User Data": Data that users input, upload, generate, or save to the Service (e.g., CSV/Excel files, analysis settings, output tables, figures, RKO files, text, etc.).
  • "Local Processing": Processing performed within the browser (e.g., WebR, IndexedDB, etc.) that is not transmitted to Company servers.
  • "External Transmission": Processing that involves transmission to Company servers or external service providers used by the Company.
  • "External Services": Third-party services used by the Company for authentication, payment processing, monitoring, etc. (e.g., Supabase, Stripe, Sentry, etc.).

2. Information We Collect

The Company may collect the following information to provide the Service.

2.1 Information Provided by Users

  • Account Information: Email address, password (passwords are not stored in plain text)
  • Billing Information: Subscription plan, payment status, partial billing information (detailed card numbers are managed by payment processors)
  • Support Inquiries: Information necessary for support (we may request email content, attachments, or logs)

2.2 Automatically Collected Information

  • Device and Log Information: IP address, browser type, OS, access time, referrer, activity history (page navigation, errors, etc.)
  • Cookies, etc.: For maintaining login sessions, language settings, theme settings, security purposes, etc.

2.3 Handling of User Data

Important: This Service adopts a "local-first" design, processing user data on the device whenever possible.

About Statistical Analysis: Statistical analysis (regression analysis, tests, etc.) and figure generation are performed entirely within the user's browser using WebR technology. Source data for analysis (CSV/Excel) is never transmitted to or stored on Company servers.

However, external transmission may occur in the following cases:

  • Authentication, Billing, Credit Management: Necessary information is transmitted to Company/external services for account identification and purchase management.
  • AI Features (statistical interpretation, Methods generation, writing assistance, review, etc.): When users execute AI features, input text may be transmitted to the Company or AI providers. The scope of transmitted data, retention period, and training usage depend on Company settings and AI provider policies.

Users should perform necessary anonymization/masking on their end to avoid transmitting personal information, sensitive information, or regulated information (medical data, etc.). See "9. User Responsibilities" for details.

3. Purpose of Use

The Company uses collected information for the following purposes.

  • Providing and operating the Service, identity verification, login authentication
  • Plan provision, billing, refunds, credit grant/consumption/balance management
  • Usage analysis, feature improvement, quality enhancement
  • Detection and prevention of fraudulent use, security assurance
  • Responding to inquiries, notifications (terms changes, important announcements, etc.)
  • Legal compliance, dispute resolution, rights protection

4. Third-Party Disclosure (External Services)

The Company provides information to or outsources processing to external services to the extent necessary to achieve the above purposes.

4.1 Primary External Services

  • Supabase: Authentication and user management
  • Stripe: Payment processing
  • Sentry: Error monitoring (crash logs, stack traces, etc.)

4.2 Examples of Information That May Be Shared

  • Account identifiers, email addresses
  • Purchase information necessary for payment (card details are typically held by Stripe)
  • Technical information when errors occur (device/browser information, error details)

5. International Transfer

When external service servers are located outside Japan (e.g., United States, EU, etc.), information may be transferred internationally. The Company implements reasonable protective measures in accordance with applicable laws.

6. Retention Period

The Company retains information for the period necessary to achieve the purpose of use or as required by law.

  • Account Information: Retained for account maintenance. Deleted or anonymized within a reasonable period after account closure.
  • Billing Information: Retained for the period necessary for accounting, tax, and fraud prevention purposes.
  • Logs: Retained for a certain period for security and operational purposes.
  • User Data: Data stored on user devices is not retained on Company servers.

7. Security

The Company implements reasonable security measures to prevent unauthorized access, leakage, alteration, or loss of information.

  • Encrypted communications (TLS)
  • Access control management, audit logs
  • Vulnerability countermeasures, dependency updates
  • Incident response procedures

* However, there are limitations to internet communication and device security, and complete security cannot be guaranteed.

8. User Rights

Users may request the following regarding personal information held by the Company, to the extent permitted by applicable law.

  • Disclosure, correction, deletion, suspension of use, suspension of third-party provision
  • Withdrawal of consent (when consent is the legal basis)

Contact: Please contact us through the "Send Feedback" feature in the app

Additional information may be requested for identity verification.

9. User Responsibilities (Medical/Sensitive Information)

This Service is intended for research and statistical analysis support. The Company cannot verify the legality of data input/uploaded by users or whether it infringes third-party rights.

Users must comply with the following:

  • When handling personal information, patient-identifiable information, or sensitive information, users must anonymize/pseudonymize at their own responsibility and ensure compliance with authorization, consent, and legal requirements
  • Do not include sensitive or confidential information in text sent to AI features (keep it to the minimum necessary)

10. Minors

If the user is a minor, consent from a legal guardian may be required.

11. Amendments

The Company may amend this Policy as necessary. For significant amendments, reasonable advance notice will be provided. Continued use after amendments constitutes acceptance of the amended content.

Contact

For questions or comments about this Policy, please use the "Send Feedback" feature in the app settings menu.

RINKO.ai

Operated by: Rinko.ai

Back to AppTerms of Service