logo

Privacy Policy

Effective Date: May 5, 2025 Last Updated: May 5, 2025

NotShibuya, Inc. ("Shibuya," "we," "us," or "our") values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our platform, including our website at www.shibuya.film and related services (the "Platform"). By using the Platform, you agree to this Privacy Policy.

  1. Information We Collect

1.1 Information You Provide

Account Information: When you create an account or donate, we collect your name, email address, and contact details.

Payment Information: For donations via Stripe, we collect payment details through Stripe (subject to Stripe's Terms of Service and Privacy Policy). For USDC donations, we record your wallet address and transaction metadata. Wallet addresses are public on the blockchain and may be linked to your identity by third parties. We recommend using privacy-focused wallets.

1.2 Automatically Collected Data

We and our third-party providers (e.g., Google Analytics, AWS) automatically collect:

  • Device and browser type
  • IP address and approximate location
  • Pages visited and actions taken
  • Referral URLs and timestamps

This data supports analytics, security, fraud prevention, and Platform performance.

1.3 Cookies and Tracking Technologies

We use cookies, local storage, and pixels to:

  • Maintain user sessions
  • Analyze usage trends
  • Enable donation functionality

We use first-party and third-party cookies (e.g., Google Analytics). Non-essential cookies (e.g., analytics, marketing) require your consent via our cookie banner, which you can manage at any time. Essential cookies are always active to ensure Platform functionality. You can also control cookies via browser settings. We are working to support Global Privacy Control (GPC) signals and will update this Policy once implemented. We do not currently respond to "Do Not Track" signals due to technical limitations.

  1. How We Use Your Information

We use your information to:

  • Operate and maintain the Platform

  • Process donations and refunds

  • Communicate with you (e.g., project updates, confirmations)

  • Improve Platform functionality and user experience

  • Prevent fraud and ensure security

  • Comply with legal obligations (e.g., tax, sanctions, consumer protection laws)

    2.1 Legal Bases for Processing (GDPR)

For EU/UK users, we process data based on:

  • Contract performance (e.g., donations, account access)
  • Legal obligations (e.g., tax reporting)
  • Legitimate interests (e.g., security, Platform improvements)
  • Consent (e.g., non-essential cookies, marketing emails). Marketing emails require your explicit opt-in, such as checking a box during signup. You may withdraw your consent at any time.
  1. When We Share Your Information

We do not sell your personal information. We may share it with:

  • Payment processors (e.g., Stripe)
  • Blockchain analytics tools (e.g., Chainalysis for compliance)
  • Service providers (e.g., AWS for cloud hosting, SendGrid for email, Google Analytics for usage trends)
  • Regulators, law enforcement, or legal authorities when required

In a corporate transaction (e.g., merger, acquisition), user data may be transferred, subject to this Policy.

  1. Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Delete your data (note: blockchain data, like USDC wallet addresses, is immutable and cannot be deleted)
  • Receive your data in a portable format
  • Restrict or object to certain processing
  • Opt out of marketing communications
  • Avoid discrimination for exercising privacy rights (California residents)

To exercise these rights, email legal@shibuya.xyz. California residents may designate an authorized agent to submit requests.

  1. Data Retention

We retain data only as long as necessary:

  • Account data: 7 years after account closure for tax and audit purposes
  • Donation data: 7 years for financial compliance
  • Analytics data: Up to 26 months (Google Analytics default)
  • Blockchain data (e.g., USDC transactions): Permanent due to blockchain immutability

We delete data when no longer needed, except where legal obligations apply.

  1. Security

We protect your data with:

  • TLS encryption for data in transit
  • Role-based access controls
  • Regular internal audits

No system is 100% secure. You use the Platform at your own risk.

  1. Children's Privacy

The Platform is not intended for users under 18 due to donation-related legal restrictions. We do not knowingly collect data from anyone under 18. If we discover such data, we will delete it.

We may verify user age during the signup process using self-declaration or technical measures to help enforce our 18+ policy.

Contact legal@shibuya.xyz if you believe a child has provided data.

  1. International Transfers

Your data is transferred to, stored, and processed in the United States. For EU/UK users, we use Standard Contractual Clauses (SCCs) to ensure GDPR-compliant transfers. Our key processors (e.g., AWS, Stripe) also comply with SCCs.

  1. Breach Notification

If a data breach may affect your rights, we will notify you and regulators within 72 hours where feasible, as required by law.

  1. Changes to this Policy

We may update this Policy, revising the "Last Updated" date. Material changes will be communicated via the Platform or email. Continued use of the Platform accepts the updated terms. We review this Policy annually to ensure compliance.

  1. Contact Us

For questions or requests, contact: legal@shibuya.xyz

Stay in touch, get our once-in-a-blue-moon newsletter

Follow us
XIGDSCSUB
©2025 NotShibuya, Inc. · Privacy · TOS