Notice

GDPR Notice

This notice summarizes data protection principles and rights commonly associated with the GDPR. LynxMax operates from Tokyo, Japan. GDPR may apply in certain cross-border contexts (for example, if an EU-based individual contacts us), but applicability depends on facts and legal criteria. We use this page to describe a rights-forward approach in a clear format.

Effective date
February 14, 2026

1) Controller

LynxMax Legal G.K.
3-18-6 Shiba, Minato-ku, Tokyo 105-0014, Japan
Email: [email protected]
Phone: +81 3-5407-8841

2) Data we may process

  • Contact identifiers (name, email, optional phone)
  • Message content you provide (subject, inquiry details)
  • Basic technical data (IP address, browser/device signals, timestamps) for website operation and security

3) Purposes

  • Responding to inquiries and providing scope information
  • Delivering requested services where engagement terms exist
  • Maintaining operational records and ensuring security
  • Handling opt-out and preference requests

4) Principles we follow

  • Lawfulness, fairness, transparency: explain what we do and why.
  • Purpose limitation: use data for defined reasons.
  • Data minimization: collect only what is needed for the request.
  • Accuracy: keep data reasonably current when you update us.
  • Storage limitation: keep data no longer than reasonably necessary.
  • Integrity and confidentiality: apply reasonable safeguards.

5) Lawful bases (where applicable)

When GDPR applies, processing may rely on one or more lawful bases:

  • Consent (for example, form consent checkbox)
  • Contract (steps to provide requested services)
  • Legitimate interests (running a secure website, communicating about inquiries)
  • Legal obligation (where required)

6) Data subject rights

Where GDPR applies, you may have the following rights:

  • Access: request a copy of personal data we hold about you.
  • Rectification: request correction of inaccurate data.
  • Erasure: request deletion in certain circumstances.
  • Restriction: request limiting processing in certain cases.
  • Portability: request data in a structured, commonly used format (where applicable).
  • Objection: object to processing based on legitimate interests in certain cases.
  • Withdraw consent: where processing is based on consent, you can withdraw it.

7) How to exercise rights

Send a request to [email protected]. Include:

  • Your full name
  • The email address used to contact us
  • The right you want to exercise (access, deletion, etc.)
  • Any context to help us find the relevant records

We may request reasonable identity verification to prevent unauthorized access.

8) International transfers

If we process data through service providers that store data outside your country, we apply reasonable safeguards and select providers with appropriate security practices. Data location depends on provider infrastructure.

9) Complaints

If GDPR applies, you may have the right to lodge a complaint with a supervisory authority. We encourage contacting us first to clarify and resolve concerns where possible.

10) Reference policy

For a full description of our data handling, see Privacy Policy.

Shortcuts
Navigate
Privacy
Data, cookies, retention.
Open
Opt-out
Email preferences and cookies.
Open
Contact
Send context on the main page.
Go
This notice is informational and does not replace legal analysis of applicability.