Japan-Specific Privacy Policy
Act on Protection of Personal Information (APPI) Compliance
Last updated: February 2026
Privacy Advantage for Japanese Users
Whisper processes all audio and transcriptions 100% locally on your device. Your voice recordings and transcribed text never leave your computer, meaning no cross-border transfer of sensitive audio data occurs. Only minimal account information (email, subscription status) is stored on our servers.
1. Business Operator Information
2. Personal Information We Handle
2.1 Collected Personal Information
- Email address — For account management and communications
- Name — For account identification
- Device hardware ID — For license validation (one device per license)
- Subscription and payment status — For service delivery (payment details are processed by Stripe and not stored by us)
2.2 Data We Do NOT Handle
Audio recordings — Processed locally, never sent to our servers
Transcribed text — Stored only on your device
Voice biometric data — Not collected or processed
3. Purpose of Use
We use your personal information for the following purposes only:
- Account creation and authentication
- License validation and subscription management
- Payment processing (via Stripe)
- Customer support and communications
- Service improvement through anonymous usage analytics
- Sending important service updates and security notifications
We will not use your personal information beyond the stated purposes without obtaining your prior consent, except as required by law.
4. Cross-Border Transfer of Personal Data
In accordance with Article 28 of APPI, we disclose the following about cross-border data transfers:
Data stored on servers outside Japan:
- Account data (email, name, subscription status) — Stored on Supabase servers in the United States
- Payment data — Processed by Stripe (headquartered in the United States, PCI DSS compliant)
Data that is NOT transferred outside your device:
- Audio recordings — 100% local processing, never uploaded
- Transcription text — Stored in local SQLite database only
- Speech recognition models — Downloaded once, stored locally on your device
The United States, where our account data is stored, maintains data protection standards recognized by international frameworks. Our service providers (Supabase and Stripe) implement industry-standard security measures to protect your data.
5. Third-Party Providers
We share personal information with the following third-party service providers:
| Provider | Purpose | Data Shared | Location |
|---|---|---|---|
| Stripe | Payment processing | Email, payment method | United States |
| Supabase | Database, authentication | Email, name, subscription data | United States |
| Hugging Face | Model downloads | IP address (download only) | United States / EU |
| OAuth authentication | Email, name (if Google sign-in used) | United States | |
| Cloudflare | CDN, DDoS protection | IP address (website access only) | Global |
We do not sell, trade, or otherwise share your personal information with third parties for marketing purposes.
6. Your Rights Under APPI
As a user in Japan, you have the following rights regarding your personal information:
6.1 Right to Disclosure: You may request disclosure of the personal information we hold about you. We will respond within a reasonable period (typically within 2 weeks).
6.2 Right to Correction: If your personal information is inaccurate, you may request correction, addition, or deletion. You can also update your account information directly through the app.
6.3 Right to Cessation of Use: You may request that we stop using your personal information or delete it entirely. Upon such request, we will delete your account data within 30 days.
6.4 Right to Cessation of Third-Party Provision: You may request that we stop providing your personal information to third parties. Note that this may affect service functionality (e.g., payment processing).
6.5 How to Exercise Your Rights: To exercise any of these rights, contact us at whisper@remskill.com. We may need to verify your identity before processing your request.
7. Security Measures
We implement the following measures to protect your personal information:
- All network communications use TLS 1.3 encryption
- Passwords are securely hashed (never stored in plain text)
- Payment information is handled exclusively by Stripe (PCI DSS compliant)
- Audio and transcription data remain on your device (eliminating server-side risk)
- Regular security audits and monitoring
- Access controls limiting employee access to personal data
8. Cookies and Tracking
Website: Our website uses cookies for authentication and analytics. You can manage cookie preferences through your browser settings.
Desktop Application: The desktop app does not use cookies. It stores preferences locally on your device.
9. Complaints and Inquiries
If you have concerns or complaints regarding our handling of your personal information, please contact us:
Email: whisper@remskill.com
Response Time: We aim to respond to all inquiries within 2 weeks.
If you are not satisfied with our response, you may file a complaint with the Personal Information Protection Commission of Japan (PPC).
10. Changes to This Policy
We may update this policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or in-app notification. The latest version will always be available at this page.
Related Policies
Privacy Policy — Our general privacy policy
Security & Privacy — Technical details on how we protect your data
Terms of Service — Terms governing use of the Service