Privacy Policyプライバシーポリシー

MailMana Privacy Policy MailMana プライバシーポリシー

Last updated最終更新日 · 2026-05-19 Operated by Life Stack Japan 合同会社, Tokyo, Japan.運営:Life Stack Japan 合同会社(東京)

1. Introduction

MailMana ("we," "us," or "our") is a mobile application that helps expatriates living in Japan scan, automatically translate, and search Japanese-language documents including mail, utility bills, tax notices, government correspondence, and other paperwork.

This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and your rights regarding your data. Because MailMana processes documents that may contain sensitive personal information — including financial records, government correspondence, and medical documents — we take data handling seriously.

By using MailMana, you agree to the practices described in this policy.

2. Who We Are

MailMana is operated by Life Stack Japan.

Contact: privacy@mailmana.app

3. What Data We Collect

3.1 Account Information

  • Email address (used for login)
  • Encrypted password (we never store plaintext passwords)

3.2 Documents and Content

  • Scanned images and uploaded files — photos, PDFs, and other documents you capture or upload through the app
  • Extracted text — the original Japanese text extracted from your documents via OCR
  • Translated text — English translations generated by our AI pipeline
  • Document metadata — file name, category, date added, processing status, sender/title fields extracted by AI, and whether a document is pinned or archived
  • Action items — payments, deadlines, and tasks extracted by AI from your documents
  • Document sections — structured bounding box data for overlay display on scanned images

3.3 Email Forwarding Content

If you use the email forwarding feature:

  • The body of emails you forward to your MailMana inbox address
  • Email metadata (sender, subject, date)
  • Attachments included in forwarded emails

3.4 Device and Notification Data

  • Push notification tokens associated with your device(s) — used solely to notify you when document processing is complete
  • No device identifiers, location data, or usage analytics are collected

3.5 What We Do Not Collect

  • We do not collect your name, phone number, address, or payment information
  • We do not serve ads and do not collect data for advertising purposes
  • We do not track your behaviour across other apps or websites

4. How We Use Your Data

PurposeLegal Basis
Process and translate your documentsContractual necessity (providing the service)
Store your documents for retrieval and searchContractual necessity
Send push notifications when processing completesContractual necessity / Legitimate interest
Detect and deliver emails forwarded to your MailMana addressContractual necessity
Extract action items (deadlines, payments) from documentsContractual necessity
Debug service errors and improve reliabilityLegitimate interest

We do not use your document content to train AI models. Documents are processed transiently for translation and then stored at rest in your account only.

5. Third-Party Services and Data Sharing

MailMana uses third-party infrastructure providers to deliver its features. We do not sell, rent, or trade your personal information to any third party for marketing purposes. The categories of providers we use are:

5.1 Cloud Database & Storage

Your account information, document metadata, translated text, and document images are stored with a cloud database provider hosted in Japan. Data is encrypted in transit and at rest.

5.2 AI Processing — Google Cloud Tokyo

Document images and extracted text are sent to an AI model for OCR, translation, and content analysis. We exclusively use Google Cloud's Tokyo region (asia-northeast1) for this step. Your document content is processed within Japan and does not leave Japan's Google Cloud infrastructure during AI processing.

5.3 PDF Text Extraction

PDF files are sent to a third-party OCR service for text extraction prior to translation. We use this provider's EU region endpoint to minimize cross-border data exposure.

5.4 Email Forwarding Infrastructure

When you forward emails to your MailMana address, an email delivery provider receives and routes those messages, including body and attachments, to our processing pipeline. This provider's infrastructure is US-based.

5.5 Processing Infrastructure & Orchestration

Document processing runs on US-based cloud infrastructure providers. Document content passes through these systems transiently during processing and is not stored there after completion.

5.6 Push Notifications

Your device's push notification token is shared with a notification delivery provider to alert you when document processing completes. No document content is included in these notifications.

5.7 Error Monitoring

If the app encounters an error, anonymised diagnostic information (stack traces, error messages) may be sent to an error monitoring service. Error reports do not include document content or personal data.

6. Cross-Border Data Transfers

MailMana is designed to keep sensitive document content within Japan as much as possible:

  • AI processing (OCR and translation) occurs on Google Cloud Tokyo (asia-northeast1) — data does not leave Japan for this step
  • PDF text extraction uses a third-party OCR service's EU region endpoint

However, some data does cross borders:

  • Processing infrastructure and workflow orchestration (US-based providers)
  • AI observability and error monitoring logs (US-based providers)
  • Push notification tokens (US-based provider)
  • Forwarded email content (US-based provider)

Where cross-border transfers occur, we rely on the data processing agreements and standard contractual measures maintained by each provider.

7. Data Retention

DataRetention period
Documents and translationsRetained until you delete them or delete your account
Account credentialsRetained until you delete your account
Push notification tokensRetained while your device is registered; removed when you sign out or delete your account
Email forwarding tokenRetained until you delete your account
AI observability tracesSubject to the provider's retention policy (typically 90 days)
Error monitoring logsSubject to the provider's retention policy (typically 90 days)

8. Deleting Your Data

You can delete your account directly from the Settings screen in the app. When you delete your account:

  1. All document images are deleted from storage
  2. All document records, translations, action items, and metadata are deleted from the database
  3. Your authentication account is removed
  4. Your push notification tokens are removed

This deletion is handled by our delete-account function and is permanent and irreversible.

You may also delete individual documents at any time from within the app.

9. APPI Compliance (Japan)

MailMana is designed with Japanese residents in mind and takes compliance with Japan's Act on the Protection of Personal Information (APPI) seriously.

  • We use Google Cloud's Tokyo region (asia-northeast1) for AI processing to keep PII within Japan during the most sensitive processing stage
  • We maintain data processing agreements with all third-party service providers
  • Cross-border transfers of data to service providers outside Japan occur as described in Section 6 above
  • Users have the right to request disclosure, correction, or deletion of their personal information by contacting us at the address in Section 2

Note: This policy was drafted based on the 2022 APPI amendments. We recommend periodic legal review to ensure ongoing compliance.

10. Security

We take reasonable technical and organisational measures to protect your data:

  • All data is transmitted over HTTPS/TLS
  • Database-level row security ensures each user can only access their own documents
  • Authentication is managed by a dedicated auth provider; passwords are never stored in plaintext
  • File uploads are validated for size (max 10 MB) and content before processing

No system is perfectly secure. If you become aware of a security concern, please contact us at the address in Section 2.

11. Children's Privacy

MailMana is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this document. For significant changes, we will notify you through the app. Continued use of MailMana after changes take effect constitutes your acceptance of the revised policy.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact:

Life Stack Japan
Email: privacy@mailmana.app

Privacy contact: privacy@mailmana.app