🛒
Sign inRegister

Privacy Policy

Last updated: March 17, 2026

1. Introduction

Tokyo By Pass Ltd. ("we", "our", "us"), registered at 171 Old Bakery Street, Valletta VLT 1455, Malta, operates the website tokyobypass.com. This Privacy Policy explains how we collect, use, disclose and safeguard your personal data when you use our platform.

We comply with the EU General Data Protection Regulation (GDPR), the Malta Data Protection Act (Chapter 586), and applicable data protection laws in the Asia-Pacific region.

2. Data We Collect

2.1 Information You Provide

  • Account data — name, email address, phone number, country code
  • Payment data — card details are processed by our PCI-compliant payment provider and never stored on our servers
  • Booking data — experience selections, dates, quantities, special requests
  • Communications — support messages, feedback, reviews

2.2 Automatically Collected Data

  • Device data — browser type, operating system, screen resolution
  • Usage data — pages viewed, click patterns, search queries
  • Location data — approximate location derived from IP address
  • Cookies — see our Cookie Policy for details

3. How We Use Your Data

  • Process and fulfill your bookings
  • Send booking confirmations and e-tickets
  • Provide customer support
  • Send marketing communications (with your consent)
  • Improve our platform and user experience
  • Detect and prevent fraud
  • Comply with legal obligations

4. Legal Basis for Processing

  • Contract performance — to process bookings and provide services
  • Legitimate interest — to improve our services and prevent fraud
  • Consent — for marketing communications and non-essential cookies
  • Legal obligation — to comply with tax and regulatory requirements

5. Data Sharing

We may share your data with:

  • Experience providers — to fulfill your bookings (name and booking details only)
  • Payment processors — to handle secure transactions
  • Analytics providers — aggregated, anonymized usage data
  • Legal authorities — when required by law

We never sell your personal data to third parties.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Booking records are kept for 7 years for tax and legal compliance. You may request deletion at any time by contacting us.

7. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

To exercise any of these rights, contact us at support@tokyobypass.com.

8. Data Security

We implement industry-standard security measures including SSL/TLS encryption, secure password hashing (bcrypt), HTTP-only cookies, and regular security audits to protect your personal data.

9. International Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or a prominent notice on our website.

12. Contact Us

For privacy-related inquiries:
Tokyo By Pass Ltd.
171 Old Bakery Street, Valletta VLT 1455, Malta
Email: support@tokyobypass.com

You also have the right to lodge a complaint with the Malta Information and Data Protection Commissioner (IDPC) at idpc.org.mt.