This Privacy Policy explains how GomiMate collects, uses, and protects your personal information when you use the GomiMate mobile app or website. It is designed to comply with Japan's Act on the Protection of Personal Information (APPI) and, where applicable, the EU General Data Protection Regulation (GDPR).
Advertising and Google Services Disclosure
The GomiMate website uses Google Analytics for aggregate website measurement and Google AdSense / Google-served ads for advertising delivery and measurement.
When you visit the website, the page URL, IP address, browser and device information, and cookie or advertising identifiers may be transmitted to Google for advertising delivery, personalization where permitted, fraud prevention, and measurement.
Google and its partners may place or read cookies and use web beacons or similar technologies. GomiMate does not send Google personally identifying app account information for advertising.
1. Information We Collect
- Location label: the ward, city, or neighbourhood you select for garbage schedules. We do not collect GPS coordinates or real-time location.
- Push notification token: an anonymous Apple APNs or Google FCM token used only to deliver reminders.
- Optional account data: email address, hashed password, and optional name if you create a GomiMate Plus account.
- Usage analytics: anonymous aggregated feature usage and crash reports that cannot identify you.
- Device information: device type, operating system version, and app version for diagnostics.
- We do not collect financial details, contacts, photos, or unrelated data.
2. How We Use Your Information
- Deliver garbage collection reminders on the correct day and time.
- Sync your ward's official collection schedule.
- Manage your GomiMate Plus subscription if applicable.
- Respond to support requests and city coverage requests.
- Improve reliability through anonymised analytics and crash reports.
- Comply with legal obligations. We do not sell, rent, or trade personal data. The website uses advertising services that may use cookies or identifiers for ad delivery and measurement under their own policies.
3. Legal Basis for Processing (GDPR)
- Contract: processing needed to provide schedules, reminders, and account features.
- Consent: push notifications, which you can disable at any time in device settings.
- Legitimate interests: anonymous diagnostics and analytics for service quality.
- Legal obligation: compliance with applicable laws.
4. Third-Party Services
- Apple APNs for iOS push notifications.
- Google Firebase Cloud Messaging for Android push notifications.
- Stripe for GomiMate Plus payments. GomiMate does not store card numbers.
- Japanese municipal open data for official garbage schedules. No personal data is shared with municipalities.
5. Data Retention
- Schedule data is stored locally and removed when you delete the location or uninstall the app.
- Account data is retained while the account is active, plus 30 days after deletion for recovery.
- Push tokens are removed when you unsubscribe from notifications or delete the account.
- Anonymised analytics may be retained for up to 26 months.
- Support correspondence may be retained for 2 years for follow-up issues.
6. Your Rights
Depending on your location, you may request access, correction, deletion, portability, withdrawal of consent, or objection to processing based on legitimate interests.
- To exercise privacy rights, email privacy@gomimate.com. We respond within 30 days.
- Under Japan's APPI, you may also contact the Personal Information Protection Commission of Japan.
7. Children's Privacy
GomiMate is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact privacy@gomimate.com and we will delete it promptly.
8. Data Security
- TLS encryption for data in transit.
- AES-256 encryption for data at rest where server storage is used.
- Hashed and salted passwords.
- Access controls for staff who need data to provide support.
- Regular security reviews. If a breach affects your rights, we will notify you as required by GDPR and APPI.
9. International Data Transfers
GomiMate primarily stores and processes data in Japan. If data is transferred outside Japan for push notifications, payments, or infrastructure, we use appropriate safeguards such as Standard Contractual Clauses where required.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be announced in-app or by email if you have an account. The updated date above reflects the latest revision.
11. Contact Us
- Privacy email: privacy@gomimate.com
- Response time: within 30 days
- Available in: English, Japanese, Chinese, Indonesian, Hindi, Korean, Arabic, and Malay
