Privacy Policy for anyBOUND

Part 1 General Terms and Conditions

Leaps Inc., which has its registered offices at 1-41 Kanda-Jinbocho, Chiyoda-ku, Tokyo, Japan offers development and operation services of blockchain services, such as NFT related services and other services worldwide.

This Privacy Policy for anybound sets forth the manners in which Leaps Inc. ("Leaps Inc.", "we", "us", "our") handles and safeguards your personal information in connection with our anybound services in accordance with the Act on the Protection of Personal Information of Japan, the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures ("Individual Numbers Act") and our internal policies and rules regarding the protection of personal information.

Please use our anybound services after you have carefully read and understood this Privacy Policy for anybound.

For Residents of Member States of the European Economic Area (EEA):

Please see and read carefully the special and supplemental provisions in Part 2 below for EEA residents under the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") (click here) in addition to this general terms and conditions.

For Residents of the States of California, United States:

Please see and read carefully the special and supplemental provisions in Part 3 below for California residents under the California Consumer Privacy Act ("CCPA") (click here) in addition to this general terms and conditions.

1. Category of Information We Collect and Purposes of Processing

Leaps Inc. collects directly and indirectly, retains as searchable personal data files and uses your personal information in connection with our anybound services as follows.

If you need to get in touch with our customer support team or reach out to us through other means (such as through social media, or communicating with your accommodation through us), we will collect information from you too.

You can decide to participate in our promotions, provide us with feedback or ask for help with using the sites or our various communications platforms, and these also mean providing us with related personal data.

Where you are making a booking with other guests whose details you provide to us as part of your reservation, or if you make a booking on behalf of someone else, it is your responsibility to ensure that the person or people you have provided personal information are aware that you have done so, and have understood and accepted how Leaps Inc. or Transferee use their information (as described in this Privacy Policy).

Every customer is free to determine what personal information he or she provides to us. However, we may be unable to provide you with our services or contact you if you decide to provide us with no personal information or only limited information.

When you use our anybound services or access the related sites, we collect and use cookie related information, IP address and your device information for service improvement, research and development, customer relation management and promotion and advertisement (including but not limited to tailoring your experience on the site, providing you with high-quality and relevant content (including interest based advertising) and developing and improving our products and services).

In addition, your personal data may be converted into statistical or aggregated data which cannot be used to identify you and then used to produce statistical research and reports. This aggregated data may be shared and used in the ways described above.

2. Transfer of Personal Information to Third Parties

We will provide name, address, telephone number, e-mail address, wallet address, country of residence, planned travel date, and other necessary personal information by electromagnetic means, etc., to Transferee to the extent necessary for arrangements for the NFT Rights Exercise services you have applied for and procedures for receipt of such services, etc.

Transferee will further provide information which we provide in accordance with the preceding paragraph to facilities for transportation, accommodation facilities, service providers, insurance companies, public offices, etc., to the extent necessary for arrangements for travel services you have applied for and procedures for receipt of such services, to the extent necessary for the procedures for insurance covering its travel contract responsibilities, expenses in the event of an accident, to the extent necessary for providing information relating to safety or health or contacting a customer for confirming of its safety, etc.

Transferee may provide personal data of customers to souvenir stores or other dealers for the convenience of customers' shopping at the travel destinations.

To the extent necessary for the arrangement or provision of the various services that you have applied for, Transferee will provide its business partners, service providers, or public offices with personal information such as your name, address, telephone number, e-mail address, and other necessary personal information by electromagnetic means, etc.

To the extent necessary for responding to customer opinions, requests, and inquiries, including inquiries about products or services, or preparing contracts, Transferee will provide the customer's name, address, telephone number, e-mail address, and other necessary personal information by electromagnetic means, etc. to the transportation or accommodation facility, service provider, other related organizations and corporations, etc.

Transferee will provide customers' names, addresses, telephone numbers, e-mail addresses, etc., by electromagnetic means, etc. to its business partners for various points or other privilege granting programs, various campaigns, prizes, events or other sales promotion activities implemented by it or its business partners or for providing customers with information on these programs or activities.

In order to prevent or respond to the occurrence of any disability, malfunction, or accident relating to products, services, networks, or systems, Transferee will provide the customer's name, address, telephone number, e-mail address, and other necessary personal information to the relevant authorities or parties by electromagnetic means, etc.

Transferee will provide personal data such as your name, address, telephone number or e-mail address, and other personal data by electromagnetic means, etc. to the government, public offices, investigative organizations, and business partners to the extent necessary to provide an environment in which you can use products or services safely, such as monitoring, preventing, analyzing, and taking countermeasures on or against illegal, fraudulent or any other improper acts, or to resolve disputes, or to protect life, body, or property or any other right of Transferee or its group companies or any third parties.

Transferee will provide the customer's name, e-mail addresses, telephone numbers, etc. which are hashed ("hash" means processing of converting them into irregular character strings) or converted into secure data form to advertising distribution companies and/or related service providers (including those located in foreign countries) through electromagnetic means, etc. in order to deliver advertisements, etc.

We will provide the customer's personal data by electromagnetic means, etc., with the consent of the customer or to the extent permitted by law.

Where required or permitted by an applicable law or regulation, such as to protect ourselves against liability, to respond to subpoenas, judicial processes, legitimate requests, warrants or equivalent by law enforcement officials or authorities, to investigate fraud or other wrongdoing or as otherwise required or necessary in order to comply with applicable law, protect our legitimate interests or to the purchasers in connection with any sale, assignment, or other transfer of all or a part of our business or company. We may also, in compliance with applicable law, disclose your information to enforce or apply the terms and conditions applicable to our services or to protect the rights, property, or safety of Leaps Inc., our users, or others.

Business reorganization, such as part of any sale, assignment or other transfer of our business, or transition of service to another provider. We will ask for your consent if required by applicable law.

3. The Shared Use of Personal Information

In order to contact customers, simplify future travel product bookings and facilitate the arrangement and management of your travel needs and for other purposes specified in Section 1 above, Transferee will share and jointly use the personal information provided from Leaps Inc. as follows.

(1) Personal information: name, address, telephone number, e-mail address or other identification information.

(2) Scope of joint users: Transferee's group companies (please refer to the following for Transferee's group companies) https://www.jtbcorp.jp/jp/jtb_group/.

4. Outsourcing

Transferee may entrust all or part of the business including handling personal information of customers provided from Leaps to a third party for the purpose of arranging travel, managing travel, travel attendance services, intermediary services at airports, travel services such as payment of travel expenses, and other services, and for the purpose of use as described in Section 2 above or for its businesses. In this case, Transferee will select the third party based on its standards and entrust the personal information after entering into an agreement including confidentiality.

5. Transfer of Personal Information to a Third Party in a Foreign Country

6. Safety Management Measures

(1) We have taken necessary and appropriate safety management measures to protect personal data, such as preventing leakage, loss, or damage. The main contents of these measures are as follows.

• Establishment of basic policy: in order to comply with laws and regulations and ensure proper handling of personal information, we have formulated personal information protection policies, and based on these policies, we have established handling rules and other related internal rules concerning the acquisition, use, provision, and disposal of personal information.
• Development of disciplines regarding the handling of personal information.
• Institutional security control measures: in addition to establishing a person responsible for the handling of personal data, we clarify the employees who handle personal data and the scope of personal data handled by those employees. We have also established a system to report any violations or threats of violation of laws and regulations or our internal rules to the Personal Information Management Officer.
• We conduct periodic self-inspections of the status of the handling of personal data and conduct audits by our audit department. When outsourcing businesses, including the handling of personal information, we include clauses related to the handling of personal information in our contracts.
• Human security control measures: we provide regular training to our employees regarding matters to be careful on the handling of personal information. Matters concerning the confidentiality of personal information are described in our work rules and other internal rules.
• Physical security control measures: in areas where personal data is handled, we control the entry and exit of employees and take measures to prevent access to personal data by unauthorized persons. We establish rules for storage and disposal of documents and electronic media containing personal information. Measures are taken to prevent theft or loss of equipment such as password setting and remote control measures.
• Technical security control measures: access control is implemented to limit the persons and the scope of databases handled by employees. We have introduced mechanisms to protect the systems handling personal data from unauthorized access from outside or from unauthorized software.
• Survey of the external environment: Transferee stores a part of personal information in some foreign countries such as the U.S., Singapore, etc. We confirm the outline of the personal information protection legislation in such regions and take measures such as concluding a contract on the handling of personal information with a third party to whom we transfer personal information.

7. Inquiries and Disclosure Regarding Customer Personal Information

If you wish us to notify the purpose of use or disclose, correct, add or delete your personal data, discontinue to use or erase your personal data, or cease to provide it to a third party, please contact the following inquiry desk. Provided, however, that we are unable to comply with your request if such request may seriously interfere with the proper conduct of our business. We will take necessary measures without delay in accordance with laws and regulations and our internal rules. If we are unable to comply with your request in whole or in part, we will explain the reason. Our contact point for handling personal information is as follows.

Leaps Customer Service Office Address: 1-41 Kanda-Jinbocho, Chiyoda-ku, Tokyo

8. Handling of Specific Personal Information

We use Individual Numbers only within the scope of the purpose of use stipulated in the Individual Numbers Act. We will not provide to any third party other than the recipients stipulated in the Individual Numbers Act. We will promptly delete or remove the relevant Individual Number upon completion of any Individual Number administrative procedures as set forth under the Individual Numbers Act.

9. Handling of Anonymously Processed Information

We will take appropriate protective measures to prevent the identification of specific individuals and the restoration of such personal information used for production, and will prepare anonymously processed information and provide such information to third parties to the extent permitted by law.

(1) How to create anonymously processed information: when preparing anonymously processed information, we process the information appropriately according to the following in accordance with the standards stipulated by the Personal Information Protection Law and the Rules of the Personal Information Protection Committee.

• Deleting a description that identifies a specific individual
• Deleting an individual identification code
• Eliminating the sign that connects information with each other
• Deleting unique descriptions, etc.
• Taking other appropriate measures based on the nature of the personal information database, etc.

(2) Items included in anonymously processed information: personal attribute information of customers (gender and year of birth of representatives) and information on use of us (application date (month/year), stores (prefecture/municipality/type), travel information (departure date/return date, area, and accommodation facility (name/type), number of users (by adult, male, female, and child), product grade, product type, product form, travel purpose, and type of participation).

(3) Provision of anonymously processed information to a third party: items and methods of provision of information included in anonymously processed information prepared by us and provided to third parties are as follows. Items (1) and (2) in (2) above. We will inform the recipients of such information that such data is anonymously processed information and provide such information after stipulating a contract to prevent improper handling of such information as identifying acts. To provide anonymously processed information to a third party by a secure electromagnetic manner such as encrypting data files.

(4) Other safety management measures for anonymously processed information: clarify the authority and responsibility of the person handling information such as the processing method. We have established rules and regulations concerning the handling of such information, such as processing methods, and provide education and supervision to employees who handle such information.

10. Amendment of these Regulations

These regulations may be changed or revised from time to time depending on the necessity to comply with changes in laws and regulations and the business necessity. Such changes shall be posted on this website. You are requested to fully confirm the latest contents of these regulations after any changes that are posted on this website.

11. In the Event of Leakage of Personal Information

Should a problem arise, such as the leakage of personal information, we will notify customers, ensure safety, suspend our system as necessary, and publicize the facts on our website, etc., in accordance with laws and regulations.

1-41 Kanda-Jinbocho, Chiyoda-ku, Tokyo Leaps Inc. Yohei Shiobara, President and Chief Executive Officer Title and contact address of the Personal Information Management Officer Senior Manager of Chief Executive Officer (contact address: same as above)

Part 2 Special Provisions for Residents of Member States of the European Economic Area

The provisions below are the special and supplemental provisions under the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") for residents of member states of the European Economic Area. These special and supplemental provisions apply to you in the case where the GDPR applies to our collection or processing of your data and is available on our website and through other channels. Please read carefully these special and supplemental provisions in addition to the general terms and conditions (Part 1) before you commence use of our anybound services.

1. Legal Basis

Under the GDPR, our collection and processing of your data under Section 1 of Part 1 is based on our and/or your legitimate interests such as provision of our anybound services. In addition, your personal data may be converted into statistical or aggregated data which cannot be used to identify you and then used to produce statistical research and reports. This aggregated data may be used in the ways described above.

Leaps Inc. processes your personal data in its interest as well as your interest, so Leaps Inc. provides and you receive the NFT related services that you have requested and other related services specified in the above.

Where GDPR requires us to ask you to give us your consent to collect and use certain types of personal information such as personal data that GDPR considers as special categories, we will seek separate explicit consent from you prior to obtaining that data.

In all your dealings with us you must ensure that others you may represent are aware of the content of our Privacy Policy and consent to you on their behalf.

We will process your data for as long as possible in order to fulfil our service to you and comply with the applicable fiscal, tax, securities and commercial law regulations on retention of business and financial documentation.

2. Retention Periods

We keep your personal data as long as there is a statutory or legal requirement to do so or in order to provide the aforementioned services to you. For accounting or auditing purposes we may retain your personal data for a period of time after our direct business dealings have ended.

3. Data Storage and Transfer

Furthermore, Transferee may share your personal data with its group companies as well as with other companies which may be located within or outside the EEA and provide travel and business process services related to the provision of the services indicated above (including cases under Section 2 and 3 of Part 1), for example: airlines, hotels, accommodations, transportation, restaurants, tour operators, travel agencies, other service providers (including service providers for Transferee). Where a company is located outside the EEA, Transferee will arrange adequate safeguards such as Binding Corporate Rules or Standard Contract Clause arrangement or transfer your personal data based on appropriate legal basis.

When Transferee processes your personal data, Transferee will store it on our systems located within EEA, Japan or other countries. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of its business, including in connection with any bankruptcy or similar proceedings, Transferee may transfer any and all personal data to the relevant third party.

Your data may also be processed by staff operating outside the EEA who work for Transferee or for one of its suppliers (e.g., travel guides, transportation services). Such staff may be engaged in, among other things, the provision of support services.

For the purpose of providing you with Transferee's services, including your booking of flight, hotel, security, incident/accident management etc., Transferee may disclose and process your personal data outside of the EEA countries. In order for you to travel abroad, it may be mandatory as required by government authorities at the point of departure and/or destination to disclose and process your data for immigration, border control and/or any other purposes. Also Transferee needs to provide airlines/accommodation providers with your name, contact detail, etc. in accordance with their terms and conditions.

It may be necessary for us - by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence - to disclose your personal data. We may also disclose your personal data if we determine that, due to purposes of national security, law enforcement, or other issues of public importance, the disclosure is necessary or appropriate. We may also disclose your personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.

Where we share your data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing (Articles 26, 28 and 29). Furthermore, where we transfer your data from EEA to any entity outside the EEA, we will put appropriate legal frameworks in place, notably Binding Corporate Rules (Article 47 GDPR), controller-to-controller and controller-to-processor Standard Contract Clauses approved by the European Commission, in order to cover such transfers (Articles 44 ff. GDPR), or we will share your data based on rules of the GDPR.

By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, in particular, by adopting Binding Corporate Rules or Standard Contract Clauses or based on other GDPR rules.

Where you are making a booking with other guests whose details you provide to us and we provide to Transferee as part of your reservation, or if you make a booking on behalf of someone else, it is your responsibility to ensure that the person or people you have provided personal information about are aware that you have done so, and have understood and accepted how Transferee uses their information.

In connection with other purposes and manners of the transfer of personal information, please see Section 2, 3 and 4 of the General Terms and Conditions.

4. Children

Our products and services are intended for adult customers. However, we may knowingly collect and process personal data on children under sixteen (16). On these occasions, we will take account of this event when processing the personal data of children and implementing the legal basis for such processing. For example, where the processing of personal data of children is based on their consent such as the processing of his or her sensitive personal data, we will seek the consent of parents, tutors, or other adults holding parental responsibility over children, if required under the GDPR.

5. Links to Other Sites

We may propose hypertext links from our websites to third-party websites or Internet sources. We do not control and cannot be held liable for third parties' privacy practices and content. Please read carefully their privacy policies to find out how they collect and process your personal data.

6. Our Records of Data Processes

We handle records of all processing of personal data in accordance with the obligations established by the GDPR (Article 30), both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the GDPR and cooperate with the supervisory authorities as required (Article 31).

7. Security Measures

We process your personal data in a manner that ensures their appropriate security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection (Article 25(1) and 32 GDPR). As to details of such security measures, please see Section 3 of the General Terms and Conditions. We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

8. Notification of Data Breaches to the Competent Supervisory Authorities

In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects (if necessary) (Articles 33 and 34 GDPR).

9. Processing Likely to Result in High Risk to Your Rights and Freedoms

We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms (Article 35 of the GDPR). If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the GDPR or that appropriate technical and organisational safeguards are in place in order to proceed with it. In case of doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations (Article 36 GDPR).

10. Your Rights

As a customer you have a number of rights as follows.

• Access to personal data: you have the right to be provided full information about your personal data that we hold.
• Data correction: you have the right to require that we correct any incorrect information we hold about you.
• Data deletion: you may also have the right to ask that we delete your personal data. Please note that certain conditions may apply to the exercise of this right.
• Restriction on processing of personal data: you may have the right to ask that we restrict the use of your personal data. Please note that certain conditions may apply to the exercise of this right.
• Object to processing of personal data: you may have the right to object to the use of your personal data by us. Please note that certain conditions may apply to the exercise of this right.
• Portability of personal data: you may have the right to receive your personal data in a structured and commonly used format. Please note that certain conditions may apply to the exercise of this right.

You also have the right to obtain from us a copy of the Binding Corporate Rules or of any Standard Contract Clauses that we use if we transfer your personal data outside the EEA and take such arrangement.

To exercise your rights, or if you require further information about how your personal data is used by us, you can contact us.

Following is the procedure when you want to execute these rights.

• Upon receiving your request, we will contact you to confirm the request is being handled, and we will indicate the reasonable timeframe for us to respond.
• Our special team will make an initial assessment of the request to decide whether it is a valid request and whether confirmation of identity is required.
• If no further action from you is required, we will proceed with the processing of your request.
• At the end of our assessment and internal procedure, we will provide a confirmation as to our compliance or processing of your request.
• For any unfounded or excessive (e.g., further repeated) requests, we may charge a reasonable fee based on administrative costs.

11. When You Want to Complain About Your Personal Data

We have appointed appropriate staff with management support to oversee and ensure compliance with the GDPR. You can bring complaints to us in writing.

You can also contact our employees to complain about the way we handle your personal data. The employees who have been confronted with the complaint will inform you about the contact details to file a complaint in accordance with the present procedure or pass the complaint to our Data Protection Team as appropriate.

After receiving the complaint our Data Protection Team will send an acknowledgement of receipt within one week to you. The confirmation may include further questions necessary for the clarification of the issues. Our Data Protection Team or local Human Resources Department will provide an answer to you as soon as reasonably practicable, but no later than one month upon receiving the complaint. If, due to complexity of the complaint, a substantive response within one month cannot be provided, you will be notified with a reasonable estimate of the timeframe, but not exceeding two months from the notice.

You may also raise the complaint to the relevant Data Protection Authority or lodge a claim with a court of competent jurisdiction.

12. Changes to Our Privacy Policy

We may revise or update this Privacy Policy from time to time. Any changes we may make to our Privacy Policy in the future will be posted on this webpage. If we make changes which we believe are significant, we will inform you through the website to the extent possible and seek your consent where applicable.

13. Contact

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to Leaps Inc., 1-41 Kanda-Jinbocho, Chiyoda-ku, Tokyo, JAPAN.

14. About Cookies etc.

About cookies etc., please see Section 1(4) (*1) of Part 1.

Part 3 Special Provisions for Residents of States of California, United States

29/5/2025

The provisions below are the special and supplemental provisions under the California Consumer Privacy Act ("CCPA") for Residents of States of California, United States. These special and supplemental provisions apply to you in the case where the CCPA applies to our collection or processing of your data and are available on our website and through other channels. Please read carefully these special and supplemental provisions in addition to the General Terms and Conditions (Part 1) before you commence use of our anybound services.

1. Categories and Purposes of Your Collected Personal Information

The categories of personal information which we have collected within the preceding 12 months, and the business or commercial purposes for which such personal information was collected are specified in Section 1 of the General Terms and Conditions (Part 1).

2. Sources of Personal Information

Under anybound services, we collect your personal information from you (data subject) or a person who provides your personal information on behalf of you (including but not limited to your parents or guardians).

3. Disclosure of Personal Information

We have disclosed your personal information specified in Section 1 of Part 1 to third parties for our operational business purposes specified in Section 2, 3 and 4 of Part 1 and Section 5 of this Part 3 within the preceding 12 months, and we have disclosed these categories of personal information to the parties specified in Section 2, 3 and 4 of Part 1 and Section 5 of this Part 3.

4. Do Not Sell My Personal Information

Under the CCPA, California residents have the right to opt-out of the "sale" of their personal information. CCPA defines "sale" broadly to include any transfers or disclosures to other businesses or third parties for monetary or other valuable consideration (hereinafter referred to as "CCPA-defined transfers"). While we do not obtain financial compensation for your personal information, we may share it with third parties for service procedures. To exercise this right, please contact us.

5. Your Rights and Requests

If you are a California resident, you have the following rights under the CCPA.

I. Request to disclose to you the following information covering the 12 months preceding your request.

• The categories of personal information we collected about you
• The categories of sources from which we collected such personal information
• The business or commercial purposes for collecting such personal information about you
• The categories of third parties with whom we shared such personal information
• The specific pieces of personal information we have collected about you

II. Request to delete personal information we collected from you.

III. Non-discrimination for the exercise of the rights under the CCPA.

To make a request for the disclosure or deletion described above, please contact us.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include providing your email and phone verification, known customer information, and/or account sign-up authentication or other information (including but not limited to passport related information and social security related information) needed to verify your identity depending on the sensitivity of personal information in question.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

If you use an authorized agent to submit a request to know or a request to delete described above, you may specify your agent by providing the authorized agent written permission to do so. In addition, we will request sufficient information that allows us to reasonably verify your agent is the person about whom you assign.

We use good faith efforts to respond to a verifiable consumer request within forty-five (45) days after its receipt. If we need more time (up to 90 days), we will inform you of the reason and the needed extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. For data portability requests, we will select a commercially reasonable format to provide your personal information that is commonly useable and should allow you to transmit the information from one entity to another entity without hindrance, but we do not guarantee that all formats are useable in all media. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

6. Changes to this Privacy Policy

We may change this Privacy Policy from time to time. The date last updated mentioned at the top of this page states when this Privacy Policy was last updated and any changes will become effective upon our posting the revised Privacy Policy.

Where required by CCPA or other applicable law, we will request your consent to any such changes. We will provide the revised Privacy Policy by email or by posting notice of the changes on our website or through any relevant services.

7. About Cookies etc.

About cookies etc., please see Section 1(4) (*1) of Part 1.

8. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us: Leaps Inc., 1-41 Kanda-Jinbocho, Chiyoda-ku, Tokyo, JAPAN.