Privacy and Access Log Policy

This policy applies to both the website and publicly available APIs operated by this service.

How we collect, use, retain, and protect access logs for this website and its APIs.

Last updated: December 2025

Policy Overview

This policy explains the information collected through access logs, the purposes of use, retention period, third-party provision, security measures, and GDPR-related handling.

1. Information We Collect

For the purpose of stable operation and security of this website and its APIs, the following information may be automatically collected when users access the site:

  • IP address
  • Date and time of access
  • Requested URLs
  • User-Agent
  • Referrer
  • Request information related to API usage

2. Purpose of Use

The collected information is used solely for the following purposes:

  1. Stable operation of the website and APIs
  2. Detection and prevention of unauthorized access
  3. Troubleshooting and security incident response
  4. Statistical analysis of access patterns in a manner that does not identify individuals
  • Collected information is not used for marketing, profiling, or advertising purposes.

3. Access Log Analysis

This website uses an access log analysis tool (AWStats) on the server for the purpose of understanding access trends.

The statistical data generated by AWStats may include information such as IP addresses.

4. Data Retention Period

Access logs and statistical data generated through access log analysis are retained for a maximum period of 12 months and are automatically deleted after the retention period has elapsed.

5. Provision to Third Parties

Collected information will not be provided to third parties except when required by laws or regulations.

However, in accordance with the requirements of research funding programs, a portion of access log information may be provided for the purpose of usage analysis and reporting to NBDC, a public research-related organization.

The provided information is used strictly within the scope of the above-mentioned purpose.

6. Security Measures

Appropriate security measures are implemented to protect collected information from unauthorized access, leakage, alteration, or loss, including access control using firewall systems (FortiGate).

7. Compliance with the EU General Data Protection Regulation (GDPR)

Personal data of users located in the European Union is processed based on legitimate interests in accordance with Article 6(1)(f) of the GDPR, for the purpose of ensuring secure and stable operation of this website and its APIs.

8. Rights of Data Subjects

Users have the right, in accordance with applicable laws and regulations, to request access to, rectification, deletion, or restriction of processing of their personal data.

Requests regarding personal data should be directed to the contact information listed below.

9. Contact Information

The Noguchi Institute, Laboratory of Glycoinformatics

Email: glyconavi@noguchi.or.jp

Optional Additional Statement (Recommended)

This website continuously reviews and improves its data management practices, including minimization and anonymization of access log information, in order to enhance the protection of personal data.