Journely
ProductCompanyTeamBlog
ProductCompanyTeamBlog

Privacy Policy

How we collect, use, and protect your information

Last updated: September 9, 2025

1

Introduction and Scope

This Privacy Policy ("Policy") explains how Journely ("we," "our," or "Company"), operated from Japan, collects, uses, and protects your personal information in compliance with the Act on the Protection of Personal Information (APPI) and related Japanese regulations.

By using our Service, you acknowledge that you have read and understood this Policy. If you do not agree, please discontinue use immediately.

2

Legal Basis and Compliance

We operate in strict compliance with:

  • Act on the Protection of Personal Information (APPI)
  • Personal Information Protection Committee (PPC) Guidelines
  • Financial Services Agency (FSA) Regulations (where applicable)
  • Telecommunications Business Act
  • Act on Specified Commercial Transactions
3

Information We Collect

3.1 Information You Provide

  • Account Information: Email address only (we follow minimal data collection principles)
  • Journal Entries: Your personal investment notes, thesis, and decisions (user-entered data, NOT live account data)
  • Portfolio Tracking: Positions you manually enter for tracking (NOT connected to real brokerage accounts)
  • Waitlist Information: Email and referral codes for early access
  • Support Communications: Inquiries and feedback you send to us

3.2 Automatically Collected Information

  • Technical Data: IP address, browser type, device information
  • Usage Data: Features used, time spent, interaction patterns
  • Cookies: Session management and preference storage only
  • Location: Country-level only for multi-currency display (USD/JPY/VND)

3.3 Information We DO NOT Collect

  • Brokerage account login credentials or access tokens
  • Bank account numbers or routing information
  • Credit card or payment card information
  • Government-issued ID numbers
  • Live portfolio holdings from brokerage accounts
  • Trading authorization or execution permissions
  • Fund transfer or payment processing information for securities
  • Income or net worth information
4

Purpose of Use

We use your information ONLY for:

  • Service Provision: Operating the demo platform and visualization tools
  • Communication: Sending service updates and responding to inquiries
  • Improvement: Analyzing usage patterns to enhance user experience
  • Legal Compliance: Meeting regulatory requirements
  • Security: Preventing fraud and unauthorized access

We will NEVER use your information for: Providing actual investment advice, executing real trades, or selling to third parties.

5

Data Sharing and Disclosure

5.1 We DO NOT Share Data With:

  • Financial institutions or brokers
  • Investment advisors or fund managers
  • Marketing or advertising companies
  • Data brokers or aggregators

5.2 Limited Sharing Circumstances:

  • Service Providers: Only essential services (e.g., Supabase for authentication) under strict data processing agreements
  • Legal Requirements: When required by Japanese law or court order
  • Emergency: To protect vital interests or prevent serious harm
  • Business Transfer: In case of merger/acquisition (with prior notice)
6

International Data Transfers

Your data is primarily stored in Japan. Any international transfers comply with APPI requirements:

  • We ensure adequate protection through standard contractual clauses
  • Transfers only to countries with adequate data protection laws
  • Your explicit consent for specific transfers outside Japan
7

Data Security Measures

We implement comprehensive security measures:

  • Encryption: TLS 1.3 for transmission, AES-256 for storage
  • Access Control: Role-based access, multi-factor authentication
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Employee Training: Regular security and privacy training
  • Incident Response: Established breach notification procedures
  • Regular Audits: Annual security assessments
8

Your Rights Under APPI

You have the following rights regarding your personal information:

  • Access Right: Request disclosure of your personal data
  • Correction Right: Request correction of inaccurate data
  • Deletion Right: Request deletion of unnecessary data
  • Suspension Right: Request suspension of data use
  • Portability: Receive your data in a structured format
  • Objection: Object to certain processing activities

To exercise these rights, contact: hello@journely.me. We will respond within 30 days.

9

Data Retention

  • Active Accounts: Retained while account is active
  • Inactive Accounts: Deleted after 2 years of inactivity
  • Legal Records: 5 years as required by Japanese commercial law
  • Marketing Communications: Until opt-out + 6 months
10

Cookies and Tracking Technologies

We use minimal, essential cookies only:

  • Essential Cookies: Authentication and security
  • Preference Cookies: Language settings (EN/JA/VI)
  • NO Third-Party Tracking: We don't use advertising or analytics cookies
11

Children's Privacy

Our Service is not intended for individuals under 20 years of age (the age of majority in Japan). We do not knowingly collect information from minors. If we discover such collection, we will immediately delete the information.

12

Data Breach Notification

In the event of a data breach that may harm your rights and interests:

  • We will notify the Personal Information Protection Committee within 72 hours
  • We will notify affected users without undue delay
  • We will provide details of the breach and mitigation measures
13

Updates to This Policy

We may update this Policy to reflect legal changes or service improvements. Material changes will be notified via email at least 30 days before taking effect. Continued use after updates constitutes acceptance.

14

Contact Information

Data Controller:

Journely
Location: Tokyo, Japan
Email: hello@journely.me

15

Complaints

If you are unsatisfied with our response, you may file a complaint with:

Personal Information Protection Committee
Website: www.ppc.go.jp
Phone: 03-6457-9680

16

Third-Party Integrations

Journely may integrate with third-party services for market data and research purposes ONLY. These integrations are READ-ONLY and educational in nature. We do NOT:

  • Connect to your brokerage accounts for trading or execution
  • Obtain authorization to move funds or execute trades
  • Access your financial accounts for any transactional purposes
  • Act as an intermediary between you and financial institutions

Third-party services we use:

  • Market Data Providers: For research and educational insights only (read-only public data)
  • Supabase: For secure authentication and data storage
  • Analytics Services: For product improvement (anonymized data only)

All third-party integrations are subject to their respective privacy policies and terms of service.

Good to know

Your privacy matters to us. Journely is designed with privacy in mind - we collect only what we need to provide our service, and we never sell your data to third parties.

We are an investment journaling and research platform for educational purposes. We do not connect to your brokerage accounts, execute trades, or manage your investments.

Privacy Questions?

We are here to help

hello@journely.me
Journely

AI-powered investment research.
No FOMO, just clarity.

Product

ProductChatBlogChangelog

Company

About UsTeam

Legal

TermsPrivacyCommerce

Connect

ContactLinkedInXFacebook
2025 Journely LLC. Built in Tokyo.
All systems operational