Skip to main content
Disclosure Search

Privacy Policy

This page defines how Disclosure Search collects, uses, stores, shares, and protects information. For service usage rules and disclaimers, please refer to the Terms of Use.

Last updated: May 24, 2026
Scope of this document

This Privacy Policy defines information-handling practices. Usage rules and disclaimers are set forth in the Terms of Use.

Within scope

  • Types of information collected and purposes
  • Third-party sharing scope
  • Security safeguards and contact information

Outside scope

  • Service usage rules and prohibited conduct
  • Intellectual property restrictions
  • Disclaimers and liability terms
Scope

This policy applies to the Disclosure Search website and related features. Once you navigate to an external site, that site's own privacy policy applies.

Accounts and Personal Information

This service offers sign-in via third-party authentication providers (OAuth) such as Google, LINE, and GitHub. At sign-in and during subsequent account operation, the operator stores the following information in its database: (1) display name (received from the provider), (2) email address (received from the provider; stored in lowercase form for identity matching and duplicate detection), (3) profile image URL, (4) authentication provider name (google / line / github / etc.), (5) the user ID on that provider, (6) an internal user ID (auto-assigned), (7) role (admin / regular user), (8) the list of per-page access permissions individually granted by an administrator (e.g. learn, explorer, dd-qa), (9) account creation and last sign-in timestamps, (10) linkage history and merge operation logs when multiple providers are linked to the same account. Passwords are never stored on the operator's servers (authentication is fully delegated to the third-party provider). This information is used solely for account management, identity verification, permission management, abuse detection, and responding to the user's own disclosure / deletion requests. It is never sold to third parties, never shared for advertising purposes, and never transmitted externally for marketing.

Accuracy of Information

The developer makes no warranty whatsoever as to the accuracy, currency, or completeness of any information stored by the service — in particular the display name, email address, profile image, and provider user ID received from third-party authentication providers such as Google, LINE, and GitHub. If information changes at the provider side, the developer's records may become outdated. You are responsible for keeping your account information current and accurate. The developer bears no liability for any damages arising from inaccurate information, including without limitation misdelivery, missent notifications, misidentification, or erroneous grant or revocation of permissions.

Account Deletion

You may request deletion of your account at any time. Upon account deletion, all stored personal data including display name, email address, profile image, and authentication tokens will be permanently removed. To request deletion, please contact us using the information below.

Information That May Be Collected

The service may collect usage logs including search queries, viewed pages, device and browser information, access timestamps, and referrer URLs. The service does not collect personal information unnecessary for service operation.

Client-Side Storage

This service stores the following data in your browser (localStorage / cookies): language preference, dark mode setting, watchlist (saved companies, funds, and documents), PDF viewer zoom level, search filter cache, and Financial Model tag settings. All data is stored locally in your browser only and is not transmitted to the developer's servers. It can be deleted through your browser settings. The developer does not guarantee the persistence of locally stored data.

Server-Side Technical Logs

For security, abuse detection, incident analysis, and rate-limit enforcement, the server may temporarily retain the following technical logs: source IP address, user agent, request path, HTTP status code, response time, and authentication events (sign-in success / failure, account linking, account merging). These logs are retained for a reasonable period and then deleted on a rolling basis. They are not disclosed to third parties except where required by law.

Purpose of Use

Collected information is used to improve search quality, analyze incidents, prevent abuse, enhance features, and aggregate usage analytics. Where permitted by law, anonymized usage insights may be applied to service improvements.

Cookies

Cookies may be used for essential functionality (such as dark mode persistence), usability improvement, and analytics. You can manage or disable cookies in your browser settings, though some features may not function properly when disabled.

Retention Period

Collected information is retained only for as long as necessary to fulfill stated purposes, then deleted or anonymized. Where statutory retention obligations apply, those periods take precedence.

Third-Party Services and Sharing

Information may be shared where required by law or with service providers within operational necessity. Key third-party services include Sentry (error monitoring and incident analysis) and infrastructure providers. Sentry receives technical information when errors occur (URL, browser details, stack traces, etc.). The developer requires appropriate safeguards from all providers and prohibit use beyond agreed purposes.

Cross-Border Transfer and Processing

The service relies on cloud infrastructure providers, and your information may be stored or processed in data centers located outside Japan. By using the service, you expressly consent to such cross-border transfer and processing. Where applicable data-protection laws of other jurisdictions grant you additional rights, those rights will be honored in accordance with such laws.

Security Measures

The developer implements reasonable safeguards including access control, log monitoring, and operational controls to prevent leakage, loss, tampering, and unauthorized access.

Incident Response

In the event of a material security incident, the developer will investigate scope and impact, take mitigation measures, and provide notifications as required by applicable law and regulatory guidance.

User Responsibilities

You warrant that you will: (1) use only OAuth provider accounts that you own and control to link to the service; (2) not disclose or lend authentication credentials to any third party; (3) immediately change your provider-side credentials and notify the developer if you suspect any unauthorized use of your account; (4) appropriately secure your own browsers and devices, both physically and logically. The developer bears no liability for any damages — including unauthorized sign-in, data leakage, impersonation, third-party abuse of permissions, or data loss — arising out of or related to any failure to fulfill these responsibilities.

Limitation of Liability

Regardless of the legal basis (whether in contract, tort, strict liability, negligence, or otherwise), in the event the developer is held liable to you in connection with the provision of the service, the information handling described in this policy, or any matter related thereto, the developer's aggregate liability shall, to the maximum extent permitted by applicable law, be capped at zero (0) Japanese yen. Given that the service is provided free of charge, you expressly agree to this cap.

Disclaimer

Notwithstanding the security measures described in this policy, the developer does not guarantee the absolute security of information transmitted over the Internet. You acknowledge that your use of the service and any information handling associated therewith is entirely at your own risk. To the fullest extent permitted by law, the developer shall not be liable for any damages arising from data leakage, loss, alteration, or unauthorized access by third parties. Furthermore, this service is operated as a private, non-commercial individual project: no service-level agreement (SLA), no uptime guarantee, and no guarantee of data retention duration is offered. The developer bears no responsibility for sign-in failures, loss of access rights, account unlinking, or data loss caused by outages, API changes, or account suspensions at any third-party authentication provider (Google, LINE, GitHub, etc.). If a user's OAuth provider account is compromised, the developer is not responsible for any unauthorized sign-in or resulting damages. The developer reserves the right to terminate the service, retire features, or delete user accounts and associated data at any time without prior notice, for security reasons or any other cause.

Access, Correction, and Deletion Requests

Subject to applicable law, you may request access, correction, restriction, or deletion of relevant information. Identity verification may be required.

Information of Minors

Minors should use the service under guardian supervision. If the developer determines that information from a minor was provided inappropriately, the developer will take reasonable corrective action.

Policy Changes

This policy may be updated to reflect legal, regulatory, or operational changes. Material updates will be communicated through notices on this website.

Contact

For inquiries regarding this policy, please contact the developer at the email address below.

Contact Form
Guide|Why Us|About This Site|Changelog|Financial Metrics Guide|Learning Guide|Privacy Policy|Terms of Use|External Transmission Policy|Contact
GuideWhy UsAbout This SiteChangelogFinancial Metrics GuideLearning GuidePrivacy PolicyTerms of UseExternal Transmission PolicyContact

Search and track Japanese corporate disclosures in one place.

Data: Financial Services Agency, Japan Exchange Group, Ministry of Economy, Trade and Industry. This site is not operated or endorsed by these organizations.

© 2026 Disclosure Search · time2log