Last Updated: May, 2026
BY USING OUR SERVICES, INCLUDING OUR WEBSITES AND APPLICATIONS, YOU ARE AGREEING TO BE BOUND BY THE TERMS OF THIS PRIVACY POLICY. YOU ARE ENCOURAGED TO READ THIS PRIVACY POLICY IN ITS ENTIRETY. IF YOU DO NOT WANT YOUR INFORMATION USED OR DISCLOSED IN THE MANNER DESCRIBED IN THIS PRIVACY POLICY, OR IF YOU DO NOT AGREE WITH ANY TERM OR CONDITION IN OUR TERMS, INCLUDING THIS PRIVACY POLICY, THEN YOU MUST NOT ACCESS OR USE OUR SERVICES (IN WHOLE OR IN PART) OR SUBMIT YOUR INFORMATION TO US.
GMO Registry US, Inc. provides the privacy policy to the controller and supports them in ensuring compliance with data protection requirements but does not independently handle data processing duties towards users. Within the scope of providing hosting services for the domain parking site, GMO Registry US, Inc. acts solely as a data processor and is not responsible for the data processing itself under the General Data Protection Regulation (GDPR), as well as to users in the United States — in particular residents of the State of California under the California Consumer Privacy Act (CCPA/CPRA). The controller of the domain parking website is entirely responsible for the data processing obligation to inform data subjects.
We may update this Privacy Policy from time to time to reflect new technologies and/or changes in legislation. We will notify you of any changes in an appropriate manner. Your concerns will always be taken into account when making such updates.
This Privacy Policy has a modular structure: a general section covering all processing activities when the website is accessed (Section B), specific sections for individual processing situations (Sections C–D) and US-specific rights (Section E). We may update this policy from time to time and will notify you of material changes in an appropriate manner.
This Privacy Policy is based on the following definitions:
The website provider and controller (according to Art. 4 (7) GDPR) can be contacted via the contact data provided in the legal notice or via email konnichiwa@taku.com.
We ensure that we only process your personal data in accordance with the law. This processing is supported by different legal bases, which include:
| Legal | Explanation | Example |
|---|---|---|
| Consent (Article 6 (1)(a), Article 7 GDPR) | We process your data for a particular purpose based on your explicit consent. | Sending advertising emails |
| Performance of a contract (Article 6 (1)(b) GDPR) | Your data is necessary to execute a contract with you. | If processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. |
| Legal obligation (Article 6 (1)(c) GDPR) | We are legally obliged to process your data. | In the event of a request from an authority (e.g., law enforcement agencies or courts). |
| Legitimate interest (Article 6 (1)(f) GDPR) | Processing is important for our company or third parties and does not affect your rights. | Processing technical data for the correct display of our website and to ensure stability and security for performance. |
In accordance with the law, you may exercise the following rights against the data controller:
| Your rights | Significance | Legal basis |
|---|---|---|
| Access | You can always request details about the personal data we handle that relates to you. | Article 15 GDPR |
| Rectification | Please let us know if your data is inaccurate, and we will promptly correct it. | Article 16 GDPR |
| Erasure | Depending on the specific situation, you can request that we delete your data. | Article 17 GDPR |
| Restriction of processing | The restriction of the processing of your data may be requested by you under certain conditions. | Article 18 GDPR |
| Transmission | Concerning the personal data you've provided to us, you have the right to receive it in a structured, standard, and machine-interpretable format, and you can also transfer this data to another controller. | Article 20 GDPR |
| Object | You can raise an objection to the processing of your data, particularly when it is used for direct marketing purposes. | Article 21 GDPR provided that the processing is carried out based on Article 6 (1)(f) GDPR. |
| Withdrawal of consent | If you have given us your consent to the processing of your data, you will have the right to withdraw your consent at any time with effect for the future. | Article 7 (3) GDPR |
Should you have any questions or concerns regarding your personal data, please contact us at: konnichiwa@taku.com. We have appointed a Data Protection Officer to assist us with compliance with applicable privacy regulations. To communicate with our DPO, please email to dpo@taku.com.
You have the right to make a complaint at any time to the data protection supervisory authority in your country. The UK regulator for data protection issues is the Information Commissioner's Office (www.ico.org.uk). The details of the relevant authorities in other EU/EEA countries can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
In accordance with legal regulations, the data we process will be either erased or its processing will be restricted. Unless explicitly stated otherwise within this Privacy Policy, we will delete the data stored by us as soon as it is no longer necessary for its intended purpose. Data will only be kept beyond the point it is needed for its original purpose if this is required for other legally permissible reasons or if statutory retention obligations mandate a longer storage period. In these instances, processing will be limited (i.e., blocked), and the data will not be processed for other purposes. For example, a legal obligation to retain data exists due to documentation requirements in tax and commercial law.
Children under the age of 16 (EU/EEA) and under the age of 18 (US) are not permitted to use our online services.
DUE TO THE AGE RESTRICTIONS FOR USE OF THIS WEBSITE AND THE SERVICES, NO INFORMATION OBTAINED BY THE WEBSITE AND/OR THE SERVICES, FALL WITHIN THE CHILD ONLINE PRIVACY ACT (COPA) AND IS NOT MONITORED AS DOING SO.
Processors are companies that we use to process your personal data. They only work on our behalf and are contractually bound to protect your privacy. You can find more information about the processors in the individual procedures.
Third parties are companies that we contract to provide certain services or to whom we are required to transfer data by accessibility use policy or by law. These companies are responsible for handling your information.
| Category | Recipient | Purpose of data transfer | Legal basis |
|---|---|---|---|
| Processor | IT service providers (e.g., hosting providers, software providers, e-mail service providers, and identity service providers) | Technical support for the website, provision of software solutions | Data processing agreement (Article 28 GDPR) |
| Third parties | Ad technology partners (Yahoo, Meta, Taboola, etc.) | Ad effectiveness measurement | Consent (Art. 6(1)(a) GDPR) |
| Third parties | Authorities (e.g., tax office, customs) | Fulfillment of legal reporting obligations | Legal obligation, Article 6 (1)(c) GDPR |
In order to provide you with the best possible service, we work with partners in different countries. This means that your information may be transferred to countries outside the EU/EEA/US.
We make sure that your information is protected when it is transferred abroad. We use various measures to do this:
| Scenario | Description | Security measures | Legal basis |
|---|---|---|---|
| Adequate level of data protection | Transfer of data to countries with a level of data protection similar to that in the EU (e.g., Switzerland, Canada). | No additional protection is required as the level of data protection is considered sufficient. | Article 45 GDPR |
| No adequacy, but contract clauses | Data transfer to countries without an adequate level of data protection. | E.g., EU-standard contractual clauses, binding corporate rules | Article 46 GDPR, Article 47 GDPR |
| Data transfer to certified companies in the USA | Transfer of data to companies in the United States that have joined the EU-US Data Privacy Framework. | The companies have undertaken to comply with European data protection standards and are subject to regular review, Article 45 GDPR + certification according to the EU-US Data Privacy Framework. | Article 45 GDPR + certification https://www.dataprivacyframework.gov |
| Exceptional cases | Data transfer that is necessary due to explicit consent, contractual, or legal obligation | Consent of the data subject, contractual obligation, legal obligation | Article 49 GDPR |
We apply technical and organizational security measures to protect personal data that is collected, in particular against accidental or intentional manipulation, loss, destruction, or against the attack of unauthorized persons. Our security measures are continuously improved in line with technological developments. To protect your data in transit, we use encryption technologies (TLS).
We do not use automated decision-making, including profiling.
We explain here how the controller processes your personal data when you visit this domain parking website. Information about tracking is provided separately under section D.
When you visit this domain parking website, certain information is automatically stored in so-called server logs. This data helps to improve the website and ensure smooth operation.
The data collected includes:
We process this information to enable use of the website and to enhance its performance. Your IP address is stored only for the duration of your visit to allow access on an informational basis. Any further use or evaluation takes place solely under the following provisions and, where applicable, with your consent.
The processing of this data is necessary under Article 6(1)(f) GDPR for the proper display of our website and to ensure its stability and security.
For operating this domain parking website, we engage the provider GMO Registry US, Inc, 200 Continental Drive Suite 401, Newark, DE 19713 USA, to process meta and communication data of our users on our behalf. This is done based on our legitimate interest in ensuring an efficient and secure provision of the website in accordance (Article 6 (1)(f) and Article 28 GDPR). An order processing agreement is in place.
GMO Registry US, Inc. solely provides the technical infrastructure that enables this domain to be monetised via an advertising technology platform. GMO Registry Inc. is neither the owner nor the operator of this domain. The company accepts no responsibility for the data processing that takes place in connection with the use of this website. The respective domain owner or website operator is the sole controller.
For our website, we use the services of the Content Delivery Networks (CDN) of Cloudflare, Inc., USA ("Cloudflare"), and Constant Company, LLC, USA ("Vultr").
A CDN ensures that content on our site—such as images, fonts, or scripts—is delivered via various servers distributed worldwide. This makes our website load faster and protects it against technical failures or attacks.
When you visit our website, your browser establishes a connection to the servers of the providers Cloudflare and Vultr. Among other things, your IP address and other technical information (e.g., browser type, operating system, time of visit) are transmitted. This data is used exclusively to speed up the display of our website and to ensure security.
You can find more information about the providers in their privacy policies:
The use of CDNs is based on our overriding legitimate interest (Article 6 (1)(f) GDPR) in the technically secure and optimized provision of our online services.
Access to information or the storage of data on your device (e.g., through cookies, device fingerprinting, or local storage) is based on the national implementation of
Instead, a patchwork of state laws governs the use of cookies and tracking technologies, particularly where they involve the collection or "sale" of personal information. The following summarizes the applicable legal framework for U.S. residents:
The use of tracking provided by partners (cookies and similar tracking technologies, such as web beacons, pixels, tags and scripts) is based on your consent.
You can limit the use of tracking pixels and similar technologies by setting your browser's tracking protection to the highest level, using an ad blocker (e.g., uBlock Origin), or blocking third-party cookies.
For other browsers not listed, please consult the documentation that your browser manufacturer provides.
Please note that our cookie consent tool provides more information about the cookies we use, including their purposes and lifespan. Revoking your consent at any time via our consent management tool.
Our parking website enables us to measure the performance and effectiveness of advertising campaigns. This allows us to demonstrate the benefits of their ads to our advertising customers and increase the relevance of the ads we place.
We collect data by:
This data is analyzed to generate reports on the overall performance of the campaign (e.g., how many actions can be attributed to the ad). These reports may also show performance based on different user demographics.
Handling of your data:
When you see or click on an ad, your interaction data is included in the campaign analysis. The reports are created in aggregated and anonymized form so that no conclusions can be drawn about individual users.
We use tracking pixels (also called "counting pixels" or "web beacons") on our digital services such as websites and emails. These are tiny graphic elements (1x1 pixels) embedded in the content, which are automatically requested from a server when you access our services. This allows us to collect statistical data for usage and reach analysis.
When a tracking pixel is loaded, the following data may be processed:
You can revoke your consent at any time with future effect by changing your preferences in our consent management tool.
| Provider | Location/Company | Legal Basis for Third-Country Transfer | Privacy Policy |
|---|---|---|---|
| Facebook, Meta Inc. | USA, California | Article 45 GDPR + certification https://www.dataprivacyframework.gov | https://www.facebook.com/business/tools/meta-pixel/; https://www.facebook.com/about/privacy/ |
| Taboola Inc. | USA, New York | Article 45 GDPR https://www.taboola.com/policies/data-protection-addendum-for-rtb-and-programmatic-partners | https://www.taboola.com/policies/privacy-policy |
| Outbrain UK Limited | UK | Article 45 GDPR | https://www.outbrain.com/privacy/ |
| Yahoo Inc. | USA, New York | Article 45 GDPR + certification https://www.dataprivacyframework.gov | https://legal.yahoo.com/us/en/yahoo/privacy/index.html |
| TikTok Technology Limited, Tiko Tok Inc. | Ireland, Dublin; USA, Los Angeles | Art. 46 GDPR (EU-standard contractual clauses) https://www.tiktok.com/legal/page/global/tiktok-data-sharing-agreement/en | https://www.tiktok.com/legal/page/eea/privacy-policy/en?tid=331758017400 |
We use the Microsoft Clarity analytics service on our website. The service is provided by our processor, Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Dublin 18, Ireland), with whom we have entered into a data processing agreement. If your data is transferred to the US, this is done based on the EU-US Data Privacy Framework (DPF). Microsoft is certified under this framework to ensure an adequate level of data protection.
| Category | Purpose of processing | Processed data |
|---|---|---|
| User behavior & analysis | Improving website functionality, identifying navigation issues, and optimizing design. | Clicks, mouse movements, scrolling behavior, time spent on pages. |
| Technical data | Generation of heat maps and session recordings, as well as for fraud prevention (Trust Tokens). | Masked IP address, device ID, device information, browser type, language, approximate location data. |
| Cookies / Tracking | Recognition of the user across sessions (e.g., for analyzing returning visitors). | Cookies and similar technologies. |
For more information about the analytics service, please refer to Microsoft's general privacy statement, which also covers Microsoft Clarity: https://privacy.microsoft.com/en-us/privacystatement.
This section supplements the general information set out elsewhere in this Privacy Policy. It applies exclusively to individuals who reside in U.S. states that have enacted their own comprehensive data privacy legislation, and only to the extent that GMO US by Taku meets the jurisdictional thresholds established under the applicable state law.
The following states currently provide their residents with specific statutory privacy rights, which are described in more detail below: California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia. The precise scope and nature of these rights varies from state to state; where differences exist, they are noted accordingly.
The table below sets out the categories of personal information that GMO US by Taku collects or has collected in the preceding 12 months. For each category, it specifies whether we disclose that information for a business purpose, whether it is shared in connection with behavioral targeted advertising, whether it is disclosed in exchange for services of value, the categories of third parties who receive it, whether it is sold, and our intended retention period.
In the course of our business operations, we process various categories of personal data with a focus on transparency and security. The information we collect includes technical identifiers (such as IP addresses and device IDs), commercial information (including service history and transaction records), internet activity data (such as browsing history and interactions with our advertisements), and geolocation data derived from IP addresses.
All such data is disclosed for legitimate business purposes, specifically for analytics, the technical delivery of our services, and—in the case of location data—for advertising relevance. This information is shared exclusively with selected service providers, vendors, affiliates, and operational partners. It is important to note that we do not sell your personal information, nor do we share it with third parties for cross-context behavioral targeted advertising. We retain this data only as long as necessary to fulfill the stated purposes or as required by applicable legal retention periods.
We collect personal information directly from you and indirectly through your use of our services — for instance, through your interactions with our website, forms you complete, or services you purchase. We use that information for the purposes described in this Privacy Policy and disclose it as set out above.
We do not sell personal information. We do not share personal information with third parties for cross-context behavioral advertising. These commitments apply equally to personal information relating to individuals under the age of 16.
Subject to applicable jurisdictional thresholds and state-specific limitations, residents of the states listed in Section E.I have the right to:
The exact scope of each right depends on the state in which you reside. Where a right is described above as subject to state-specific exclusions, residents of the relevant state should assume that the corresponding right may not be available to them.
To exercise any of the rights set out in this section, please contact us by email at dpo@taku.com or in writing via the contact data provided in the legal notice. Before we act on any request, we will take reasonable steps to verify your identity and confirm that the personal information in question relates to you.
If we decline to act on a request — in whole or in part — you may appeal that decision by sending a written appeal to dpo@taku.com. We will review your appeal and respond within the timeframe required by applicable state law. To the extent permitted by law, we may charge a reasonable fee to process requests that are excessive, repetitive, or manifestly unfounded.
This section applies solely to individuals who reside in the State of California (referred to in this section as "consumers" or "you"). It has been adopted to meet the requirements of the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together, the "CCPA").
Additional Restriction on Use: We will not use personal information collected from California consumers for purposes that are materially different from, unrelated to, or incompatible with the purposes for which it was collected, without first providing you with notice.
Disclosure Practices: When we disclose personal information to a third party for a business purpose, we do so under a written contract that describes the purpose of the disclosure and requires the recipient to keep the information confidential and use it only to carry out the agreed services.
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We do not knowingly sell or share the personal information of consumers under 16 years of age.
Right to Know and Data Portability. You have the right to ask us to disclose, for the 12-month period preceding your request, the following information:
Right to Deletion. You may request that we delete personal information we have collected from you and that we direct our service providers to take the same action. We will honor deletion requests unless retaining the data is necessary for one of the following purposes:
Right to Correct. You may ask us to correct inaccurate personal information that we hold about you, taking into account the nature of the information and the purposes for which it is processed.
Right to Opt Out of Sale or Sharing. You may direct us not to sell your personal information or share it with third parties for cross-context behavioral advertising. As noted above, we do not currently engage in either practice; however, you may still submit a request and we will confirm our position in writing.
Right to Limit Use of Sensitive Personal Information. Where we process sensitive personal information, you may direct us to limit our use and disclosure of such information to what is necessary to provide the services you have requested or for other purposes permitted under Cal. Code Regs. tit. 11, § 7027(m). We collect government-issued identification documents — such as a driver's license or passport — only to verify your identity, secure your account, and detect or prevent fraud. We do not process such information to draw inferences about you, and we do not sell or share it for cross-context behavioral advertising.
Right to Non-Discrimination. We will not treat you differently because you have exercised any right under the CCPA. Specifically, we will not:
Where we offer a financial incentive program in connection with the collection or use of your personal information, participation will be voluntary and subject to your prior opt-in consent, which you may revoke at any time. Any such incentive will bear a reasonable relationship to the value of the personal information involved.
To exercise your rights to know, access, correct, or delete your personal information, please submit a verifiable consumer request to us by email at dpo@taku.com or by mail via the contact data provided in the legal notice.
Requests may be submitted by you personally, by a person you have legally authorized to act on your behalf, or — in the case of a minor child — by you as the child's parent or legal guardian. We cannot respond to a request or provide personal information if we are unable to verify the identity of the requestor or confirm that the personal information at issue relates to that person. Submitting a request does not require you to create an account with us.
You may submit a request for access or data portability no more than twice in any 12-month period.
We will confirm receipt of your request within 10 business days. If you do not receive a confirmation within that period, please follow up with us at the contact address above. We aim to provide a substantive response within 45 days of receiving a verifiable request. Where additional time is needed — up to a further 45 days — we will notify you in writing of the reason and the expected completion date.
Disclosures made in response to an access request will cover the 12-month period immediately preceding the date the request was received. Where we are unable to comply with any part of your request, our response will include an explanation of the reasons. For data portability requests, we will provide your information in a format that is readily usable and can reasonably be transmitted to another organization.
We do not charge a fee for processing or responding to verifiable consumer requests. If a request is excessive, repetitive, or clearly without merit, we reserve the right to charge a reasonable fee and will notify you of this in advance.
California residents may, once per calendar year, request information about any personal information we have disclosed to third parties for their direct marketing purposes during the preceding calendar year. To submit such a request, please write to us at dpo@taku.com or at the mailing address above.
| Contact | Email / Address | Purpose |
|---|---|---|
| Privacy / CCPA Requests | dpo@taku.com | All California consumer rights requests |
| Data Protection Officer | dpo@taku.com | Privacy compliance and CCPA inquiries |
| Written Correspondence | Contact data provided in the legal notice | Mailed requests and appeals |
Residents of Nevada have a limited statutory right to opt out of certain sales of personal information under Nevada Revised Statutes Chapter 603A. We do not sell personal information in a manner that triggers the opt-out requirements of that statute. Nonetheless, Nevada residents who wish to submit an opt-out request may do so by contacting us at dpo@taku.com. We will respond to such requests in accordance with applicable Nevada law.