1. Introduction
jdmvin.com (hereinafter "this site") provides chassis-number-based vehicle recall lookup and grade information for Japanese Domestic Market (JDM) vehicles, operating for users worldwide. In order for users to feel secure when using this site, we position information security as one of our top priorities and have established the following basic policy.
2. Basic Principles
Compliance with Laws and Regulations
We respect and strive to comply with personal information protection and information security-related laws and regulations in various countries and regions, such as the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) in the United States, PIPEDA in Canada, LGPD in Brazil, PDPA in Singapore, and POPIA in South Africa.
Organizational and Technical Measures
To protect personal information and internal systems, we implement technical measures and promote security awareness among site operation members. Specific measures include:
- Encryption in transit: All traffic uses HTTPS (TLS 1.2 or higher), with HSTS to prevent downgrade attacks.
- Edge protection: Cloudflare's global edge network provides DDoS mitigation, Web Application Firewall (WAF) rules, bot management, origin IP concealment, and automatic TLS certificate management.
- Access control: Administrative access is restricted, authenticated, and audited.
- Data minimization: No user accounts, email addresses, or personal identifiers are required to use this service. Chassis numbers are processed in-memory and are not stored against a user identity. Only aggregated, non-identifying access logs are retained for security and capacity planning, rotated automatically.
- Third-party services: Where we use third-party services (Google AdSense, Google Analytics, Google Forms, Cloudflare), we rely on those providers' own security certifications and audits and do not share user data with them beyond what is necessary for service operation.
Continuous Improvement
We regularly review and improve this policy in accordance with social conditions, technological advances, and amendments to laws in various countries.
3. Response to Suspected Incidents
In the event of suspected unauthorized access or information leakage to our site's systems or information assets, we will promptly assess the situation and investigate the cause, minimize damage, and take appropriate measures, including notification to relevant parties and users as necessary.
Vulnerability reporting
If you discover a security vulnerability affecting jdmvin.com, please report it privately via the Contact form with "Security" in the subject. We will:
- Acknowledge your report within 5 business days.
- Investigate and validate the issue.
- Coordinate disclosure timing with you.
- Credit you publicly (if you wish) once a fix is deployed.
We ask that you do not exploit, publicly disclose, or share with third parties any vulnerability before we have had a reasonable opportunity to address it.
4. Management Structure
This site maintains operational rules based on this basic policy and strictly manages information received from users. In the future, if necessary, we will also communicate this policy to contractors and partner companies and require the same level of security standards.
5. Amendments
This basic policy may be revised as needed. In the case of important changes, an announcement will be made on this site.
6. What you can do
To protect your own browsing of this site:
- Use a modern, up-to-date browser.
- Verify the URL bar shows
https://jdmvin.comwith a valid certificate. - Do not enter sensitive personal information into our forms — we never ask for it.
- Report anything that looks phishy via our Contact form.
7. Related
- Privacy Policy — what data we collect
- Privacy Center — exercise your privacy rights
- Terms of Use — your obligations