1. Basic Policy
Whatever Co. (the “Company”) establishes this Privacy Policy (the “Policy”) as follows regarding the handling of user information in the application “everies” (the “Service”) provided by the Company.
The Company recognizes the protection of users’ personal information as a significant social responsibility, and shall endeavor to ensure its proper protection and comply with applicable laws and regulations relating to personal information.
This Policy is established in accordance with the laws of Japan concerning the protection of personal information and other applicable Japanese laws. It does not apply to the EU General Data Protection Regulation (GDPR), the UK Data Protection Act, other European data protection laws, the California Consumer Privacy Act (CCPA), the Children’s Online Privacy Protection Act (COPPA), or other U.S. state privacy laws.
The Company does not guarantee the provision of support to users located in the European Economic Area (EEA), the United Kingdom, Switzerland, or any U.S. state.
2. Information Collected
In providing the Service, the Company may collect or handle the following information:
(1) Information provided by users
Text input data
Image data obtained via camera (which may include facial data)
Audio data obtained via microphone
Contact information such as name and email address provided when making inquiries
(2) Information collected automatically
Device information (OS, device type, etc.)
Information regarding usage of the application
Log information and metadata
3. Purpose of Use
The collected information shall be used for the following purposes:
Provision of the Service and implementation of its functions (including AI generation, voice processing, and AR display)
Improvement of the Service and enhancement of quality
Prevention of unauthorized use and ensuring security
Responding to inquiries (including complaints and other communications from users)
Compliance with legal obligations
Handling matters associated with business succession due to mergers, company splits, business transfers, or similar events
4. Provision to External Services
For the purpose of providing functionality, information may be transmitted to the following third-party services:
(1) Google LLC (Gemini API / Firebase AI Logic)
Data transmitted: text, images (camera data), metadata, AI-generated results
Purpose: AI generation and processing
Retention period: in principle, up to 55 days (for abuse monitoring purposes)
Storage location: Google servers, including in the United States
Use for training: not used for model training in principle (except where users opt in)
(2) ElevenLabs, Inc.
Data transmitted: audio data, text data
Purpose: speech recognition and voice generation
Retention period: up to two (2) years (data may remain in backups for up to 30 days after deletion)
Storage location: primarily in the United States
Use for training: may be used for service improvement
By agreeing to this Policy, users shall be deemed to have agreed to the privacy policies of the above external service providers.
5. Cross-Border Data Transfers
Information collected through the Service may be transmitted to and stored on servers located outside Japan, including in the United States.
In such jurisdictions, data protection laws equivalent to those of Japan may not be in place.
Even in such cases, the Company shall take appropriate contractual and other necessary measures with service providers to ensure the secure management of user information.
By using the Service, users shall be deemed to have consented to such cross-border transfers.
6. Approach to Personal Information
The Company does not collect personal information for the purpose of identifying specific individuals.
However, depending on the content entered by users and the manner of use, information related to individuals (such as facial or voice data) may be processed.
7. Security Measures
The Company implements reasonable physical, technical, and organizational security measures to prevent unauthorized access to or leakage of user information, to maintain data accuracy, and to ensure proper disposal when necessary.
The Company periodically reviews these measures to ensure their effectiveness and appropriateness.
In the event of an incident, the Company shall promptly take corrective actions.
8. Use by Minors
Due to the requirements of Google Gemini, the Service is intended for users aged 18 or older.
Where separate age restrictions are imposed by Google or the Gemini API or other services used by the Company, users shall also comply with such restrictions.
9. User Rights
Users may, in accordance with the Act on the Protection of Personal Information, request the following with respect to their personal data held by the Company:
Request for disclosure: notification of the purpose of use and disclosure of personal data held by the Company
Request for correction, addition, or deletion: where the content of personal data is inaccurate
Request for suspension of use or deletion: where personal data is handled beyond the scope of the purpose of use or obtained by improper means
Request for suspension of third-party provision: where personal data is provided to third parties without the user’s consent
Such requests will be addressed without undue delay after confirming that the request is made by the user, and in consideration of compliance with applicable laws.
Please note that requests may be declined where they exceed the scope permitted by law, are deemed unreasonable, or may significantly interfere with the proper operation of the Company’s business.
10. Changes to the Policy
The Company may revise this Policy as necessary.
Changes will be notified through posting within the Service or by other appropriate means.
11. Contact Information
For inquiries regarding this Policy, please contact:
Whatever Co.
Email: everies@whatever.co
7-2-8 Roppongi, Minato-ku, Tokyo 106-0032, Japan
Effective Date: May 11, 2026