This Privacy Agreement (hereinafter referred to as “This Agreement”) was created by the Aurachat AI Software (hereinafter referred to as “This Software”) operating entity (hereinafter referred to as “We”) and is designed to clearly inform users (hereinafter referred to as “You”) of the full process rules for how we collect, use, store, transmit, share, disclose, and destroy your personal information, clarify the rights and obligations of both parties in privacy protection, and protect your personal privacy and information security. This Agreement applies to all services that you access, register, use, and interact with artificial intelligence, intelligent generation, data processing, and other services provided by this Software through any terminal device (computer, mobile phone, tablet, etc.). Your registration or use of this Software is considered as having fully read, understood and voluntarily accepted the full terms and conditions of this Agreement; if you do not agree to this Agreement, do not use this Software.
1. Core Principles of Definition and Privacy Protection
1.1 Core Definitions
1.1.1 Personal Information
Means various types of information recorded electronically or in other ways that can individually or in combination with other information identify a specific natural person and reflect their activity situation, including but not limited to identifying information, device information, network information, usage behavior information, interactive content data, etc., in compliance with the international General Privacy Protection Standards (GDPR, CCPA, etc.) for the definition of personal information.
1.1.2 Sensitive Personal Information
It refers to personal information that, once leaked, illegally provided or misused, may lead to a violation of a natural person‘s personal dignity or a jeopardy of personal and property security, including but not limited to biometric information, financial account information, precise location information, health and medical information, personal information of minors, religious belief information, etc. We will take enhanced protection measures for sensitive personal information.
1.1.3 Anonymizing/De-identifying Information
Anonymized information refers to information that cannot be identified as a specific natural person and cannot be recovered through technical processing; de-identified information refers to information that cannot be identified as a specific physical person through technical processing without the help of additional information. This type of information is not personal information, and we can freely use it for legitimate purposes such as AI model optimization, service iteration, data analysis, and so on.
1.1.4 AI Interaction Data
Means the interaction content generated when you use this Software AI features, including but not limited to the text you enter, uploaded speech/images (used for AI recognition, generation), AI-generated response content, interaction duration and action instructions, etc.
1.2 Core Principles of Privacy Protection
1.2.1 Minimum Required Principles
We collect only the minimum amount of personal information necessary to provide this Software AI service. Information collected beyond the necessary range will be separately obtained with your explicit authorization. We do not collect irrelevant information without your permission.
1.2.2 Conscious Consent Principle
For activities such as the collection, use, and sharing of personal information, we will fully inform you in a clear and understandable manner of the relevant purpose, scope, and manner, and proceed only after obtaining your explicit consent (except when required by law and regulations).
1.2.3 Security Principles
Adopting international-leading technology and management measures, establish a full-process data security protection system, comply with international compliance requirements such as GDPR, CCPA, and ensure that your personal information and AI interaction data are not leaked, tampered with, lost, illegally accessed, or misused.
1.2.4 Transparent traceable principles
The entire process of processing personal information is public and transparent. We will record information processing logs to ensure that each action is traceable, facilitate your inquiries and problem verification, and actively accept user supervision.
2. How much and how personal information is collected
2.1 Personal Information You Proactively Provide
2.1.1 Account Registration and Authentication Information
When you register for this Software account, you are required to provide an email address and a self-set password for account creation, login authentication, and identification; if you choose to upgrade to an advanced account, use paid AI features, or engage in paid services, you may need to provide your name, contact information, payment account information, etc., as required by the service, for identity verification, order settlement, and service assurance. All information is used only for the agreed-upon purposes and will not be used for other purposes.
2.1.2 Information Related to AI Interactions
When you use the AI features of this Software, we will collect text that you actively enter, uploaded speech/images/documents (used for AI identification, interpretation, and content generation), submitted questions and requirements descriptions, and so on. We will use this information to respond to AI models, generate content that meets your needs, and optimize the AI interaction experience (after being anonymized).
2.1.3 Proactively submitted feedback and communication information
The information you provide when submitting inquiries, complaints, suggestions, or participating in our research and events through customer service channels (official contact email, etc.), including your communication content, contact information, feedback, etc., is used to respond to your needs, solve problems, optimize AI services, and conduct events. The communication records will be preserved and strictly confidential as required.
2.2 Automatically Collected Personal Information
2.2.1 Device and System Information
To ensure the compatibility of this Software‘s AI features and operational stability, we automatically collect information about the terminal devices you use with this Software, including device model, operating system version, hardware configuration, device identifiers (such as IMEI, MAC address, UUID), system language, resolution, battery status, storage capacity, etc. At the same time, we collect information about the device‘s operational status, which is used to troubleshoot technical issues, optimize AI feature suitability, and ensure the proper operation of services.
2.2.2 Network and Usage Behavior Information
It automatically collects your network connection information (IP address, network type, network carrier, signal strength, connection speed, etc.), for the purpose of optimizing network transport policies, ensuring seamless AI interactions; and it also records your behavioral data on your use of this Software, including log-in/log-out times, log-in locations, AI feature access frequency, interaction duration, action logs, preferences, etc., for service optimization and personalized AI experience enhancement (such as recommended features based on usage habits).
3. Purposes and Scenarios of Use of Personal Information
3.1 Core AI Services Provision and Operation
3.1.1 Basic AI Services Support
Using collected account information, AI interaction data, device and network information, we provide you with core AI services such as artificial intelligence interaction, intelligent content generation, speech/image recognition, data interpretation, and more, ensuring that AI capabilities respond properly to meet your usage needs.
3.1.2 Service Stability and Adaptability Guarantees
Based on device information, operation logs, network data, etc., monitor the operational status of this software, troubleshoot system failures, network anomalies, AI feature adaptation problems, etc., promptly fix and optimize, ensure service continuity, and reduce the impact of service interruptions or functional anomalies on you.
3.2 Account Security and Risk Control
3.2.1 Account Security Protection
Using data such as device information, login records, and network characteristics, build anomalous behavior identification models. Pre-alert against risky behaviors such as out-of-place login, unfamiliar device login, and high-frequency operations. Take measures such as verification code verification, temporary account lock, security alerts, and more to prevent account theft and misuse risks, ensuring the security of your account and personal information.
3.2.2 Violation behavior checks
In response to suspected illegal violations, infringements of rights, and violations of the service agreement when you use this Software (such as uploading illegal content, abusing AI capabilities to generate illegal content), we use the relevant information to conduct checks based on reasonable and necessary principles, take measures such as limiting account functionality, signing off accounts, and deleting illegal content, to maintain service order and legitimate interests of third parties.
3.3 AI Model Optimization and Service Iteration
3.3.1 AI Model Optimization
After anonymizing and de-identifying your AI interaction data for processing, this is used to optimize the response accuracy, interaction smoothness, and content generation quality of AI models, improving the utility and intelligence level of AI services. This processing does not involve any personally identifiable information.
3.3.2 Service Experience Upgrade
Based on usage behavioral data, user feedback, etc., analyze user needs and habits, optimize the design of this software interface, operational processes, and AI feature layout, develop new AI feature modules, and improve service usability and user experience.
3.4 Compliance and compliance with legal obligations
To ensure compliance in the operation of this Software AI service, using, disclosing your personal information, fulfilling legal obligations such as information reporting, co-operating with investigations, providing evidence, etc., under the legitimate requirements of laws and regulations, judicial authorities, and regulatory bodies.
4. Storage and Protection Measures for Personal Information
4.1 Storage Management Specifications
4.1.1 Storage Location and Server Deployment
Your personal information and AI interaction data will be stored in encrypted servers in countries or regions that comply with international privacy protection standards (such as GDPR, CCPA), servers that we operate autonomously or commission qualified third-party providers to host, all storage behavior in compliance with local laws and regulations and the terms of this agreement, not stored in regions that have not obtained international privacy protection certifications, and no data transfer to any region that does not meet compliance requirements.
4.1.2. Storage Duration and Destruction Rules
Your account information, personal data, and AI interaction data will be continuously stored during your use of this Software; if you sign out of your account, we will completely delete all personal information and related data through irreversible technology within 180 days after completing the sign-out of your account (except for those required by law and regulations to be retained, have been anonymized, or are used for dispute resolution). Personal information that exceeds the storage period will be regularly cleaned and destroyed to ensure that the data cannot be recovered.
4.1.3 Data Backup Policy
Using multi-region, multi-copy distributed backup technology, your personal information and AI interaction data are regularly backed up. Backup data is also protected by cryptographic measures to prevent data loss due to hardware failure, natural disasters, cyber attacks, etc., ensuring data recoverability. At the same time, the storage and destruction of backup data also strictly follows the terms of this agreement.
4.2 End-to-End Security Measures
4.2.1 Technical Protection
Using the SSL/TLS 1.3 encrypted transfer protocol, personal information and AI interaction data are encrypted throughout the process of transmission, preventing data from being intercepted, tampered with, or stolen; stored data is encrypted using the AES-256 encryption algorithm, setting up strict server access control, allowing only authorized personnel to access the data within necessary limits; building intrusion detection and defense systems (IDS/IPS), firewalls, security audit systems, and more, monitoring risk behaviors such as cyber attacks and malicious access in real time, enabling timely intercept and warning.
4.2.2 Management and personnel security
Establish a strict data security management system, clarify the data access rights and responsibilities of personnel in various positions, conduct background reviews, privacy protection training, and signing of confidentiality agreements for employees who access user personal information; implement operation logs throughout the process, conduct real-time audits of data access, modification, deletion, and other operations, and immediately pursue responsibility once violations are discovered; regularly conduct security vulnerability scanning, penetration testing, remediate potential security vulnerabilities, and keep technical protection capabilities in sync with industry-leading levels.
4.2.3 Emergency response mechanisms
Develop a data security emergency response plan, establish rapid response processes, clarify emergency response steps, division of responsibility, and communication channels in the event of sudden events such as data leakage, loss, and tampering. When a security incident occurs, remediation measures will be taken immediately to reduce losses, and you and relevant regulators will be promptly notified as required by law and regulations.
5. Sharing, transfer, and disclosure of personal information
5.1 Sharing of Personal Information
5.1.1 Sharing with Third-Party Service Providers
To provide more complete AI services, we may share necessary personal information with third-party service providers, cooperation scenarios including server hosting, payment processing, identity verification, technical operations, AI model optimization support, etc. We will strictly screen partners, conduct comprehensive assessments of their qualifications, privacy protection capabilities, sign formal cooperation agreements and confidentiality agreements, clarify their information use scope, security obligations and breach responsibilities, and monitor their information processing behavior throughout the process to ensure the security of your personal information.
5.1.2 Sharing with Affiliates
Subject to compliance with the purposes of this agreement and the legal and regulatory requirements, your personal information may be shared with our affiliates for service coordination, account interconnectivity, security assurance and AI service optimization. Affiliates are required to strictly comply with the privacy protection standards stipulated in this agreement and may not use the information beyond the authorized scope, and if affiliates change the purpose of use of the information, they need to obtain your separate consent.
5.1.3 Sharing Based on User Authorization
With your explicit consent or authorization, we may share relevant personal information with the third parties you designate, such as authorizing third-party applications to access some of your AI service functions, disclosing relevant interaction information when sharing AI-generated content, and so on, within the scope of your authorization.
5.2 Personal Information Transfer
5.2.1 Transfer restrictions and conditions
We will not transfer your personal information arbitrarily, unless there are corporate changes such as mergers, splits, acquisitions, asset transfers, and the transferring party and the transferred party must sign an information transfer agreement, clearly stating the privacy protection obligations of the transferred party, the transferred party must continue to comply with this agreement and the relevant legal and regulatory requirements, and if the transferred party changes the purpose of information processing, your consent must be obtained separately.
5.3 Disclosure of Personal Information
5.3.1 Legal Disclosure
When we are required to disclose your personal information due to mandatory requirements of law and regulations, judicial rulings, decrees or regulatory bodies, we will endeavor to limit the scope of disclosure to within the legal limits, protect your privacy rights and interests, and record the disclosure behavior.
5.3.2 Security and Rights-Protecting Disclosure
To protect the personal and property security of you or others, maintain service order, or respond to emergency situations (such as hacking attacks, data leaks, major security incidents), we may disclose the relevant personal information to the extent reasonably necessary, take timely remedial measures, and notify the affected users.
5.3.3 Anonymous Disclosure of Information
Free disclosure of anonymized, de-identified information, such information does not involve personal identity, disclosure behavior does not require obtaining your consent, can be used for legitimate purposes such as industry research, AI technology exchange, market research, etc.
6. Your privacy rights and how they are exercised
6.1 Basic Privacy Rights
6.1.1 Access and View Rights
You have the right to access and view your personal account information (email, account ID, preferences, etc.), usage records (login logs, operation logs, etc.), AI interaction data, and related personal information at any time through the account settings interface of this Software. We will provide you with a clear query path.
6.1.2 Correction and Supplementary Rights
If your personal information is incorrect, incomplete, or outdated, you can self-correct through the account settings interface (such as contact details, preferences), or send an email to our official contact address, brianewc@outlook.com, requesting correction or supplementation. We will process and provide feedback within 30 business days after verifying your identity.
6.1.3 Right to Delete
You have the right to voluntarily delete your personal information such as your AI interaction records and operation logs, and you can also request the deletion of account information (except for logging out of accounts). For information that cannot be deleted on your own, you can contact Customer Service to request deletion, and we will process it promptly after verification, except for those required to be retained by law and regulations.
6.1.4 Authorization of the Right to Revoke
You can revoke your authorization to collect, use, and share personal information at any time, such as revoking your authorization to collect AI interaction data, authorization to associate third-party accounts, etc., which can be done through device settings or functions within this Software; upon revoking your authorization, we will stop collecting and using the relevant information, but this will not affect the legality of information processing previously performed based on authorization.
6.1.5 Right to Sign Out of an Account
You have the right to request the cancellation of this software account. You can submit the cancellation request through the account settings interface, or contact customer service to assist with the cancellation. Before the cancellation of the account, we will remind you to back up your important data and AI-generated content. After the cancellation of the account is complete, we will delete the relevant personal information in accordance with the terms of this agreement. After the cancellation of the account, it cannot be recovered.
6.1.6 Data Portability Rights
You have the right to request that we export your personal information and AI interaction data stored in this Software in a common, readable format that makes it easier for you to transfer to other service platforms. You can contact customer service to request data export, and we will provide the export file within 30 business days after verification of identity.
6.2 Considerations on exercising your rights
6.2.1 Identity Verification Requirements
To ensure the security of your account, when exercising the above rights, we may require you to perform identity verification (such as email verification codes, answering security questions, etc.), verification through which your application can be processed later.
6.2.2 Impact Description
After withdrawing some core service authorizations (such as AI interaction data collection authorizations) or signing out of your account, you may not be able to use all or some of the AI functions of this Software normally, and you are responsible for the consequences.
7. Privacy Notice for Third-Party Services and Links
7.1 Integration of Third-Party Services
7.1.1 Scope of Third Party Services
This Software may integrate plug-ins, tools, and functional modules provided by third parties (such as third-party login, payment services, speech recognition plug-ins, AI model assistive tools, etc.) such services are operated independently by third parties whose privacy policies and service terms are independent of this agreement.
7.1.2 Responsibility and Risk Notice
When you use third-party services, you should personally review their privacy policies and service terms, and carefully authorize third parties to access your information; any privacy disclosure, damage to rights resulting from third-party services will be the responsibility of the third party, we do not assume any collateral responsibility, but will do our best to assist you in defending your rights.
7.2 Third-party link hopping
7.2.1 Link Provision and Reminders
This Software may contain links to third-party websites and applications. We only provide the links for convenience and are not responsible for the content, security, and privacy policies of third-party websites and applications, nor do we endorse any actions or information from third-party parties.
7.2.2 Access Recommendations
When you access third-party links, you should make your own judgment on their security and legality, carefully provide personal information, and we will not be responsible for any losses caused by your access to third-party links.
8. Privacy Protection for Special Groups
8.1 Privacy Protection for Minors
8.1.1 Applicability scope and consent requirements
Minors under 16 years of age who use this software must obtain the consent of their legal guardian (parent or other guardian) and provide the necessary information on their behalf to register an account. The guardian should fulfill parental responsibilities, monitor the behavior of minors using this software, control the extent of minors‘ use of AI features, and prevent privacy disclosure risks. We will not actively collect additional personal information from minors. If a guardian discovers that minors‘ information has been improperly collected, they can contact us to delete it. We will process it immediately after verification.
8.1.2 Information Restrictions for Minors
When minors use this Software, they are not allowed to upload or share sensitive personal information involving themselves or others, and they are not allowed to abuse AI functions to generate illegal content; we will apply appropriate restrictions on the functionality of minors‘ accounts, strengthen content review, and if we discover any illegal behavior in minors‘ accounts, we will promptly notify guardians and take appropriate measures.
8.2 Protection of Other Special Groups
8.2.1 Protection of Vulnerable Groups
For vulnerable groups such as elderly people and people with disabilities, we will provide a more convenient path for exercising privacy rights, such as simplifying operating processes, providing human assistance, etc., ensuring their privacy interests are not violated and ensuring they can use this software AI service safely and conveniently.
9. Protocol updates and notification mechanisms
9.1 Protocol Update Rules
9.1.1 Update Triggering Conditions
We may modify this agreement due to changes in laws and regulations, upgrades to international privacy protection standards, iterations of the AI functions of this software, changes in user needs, and other reasons. The revised agreement will be more conducive to protecting your privacy rights and interests without reducing the original protection standards.
9.1.2 Update Process and Disclosures
After updating this Agreement, we will notify you through pop-ups in this Software, official emails, website announcements, etc., clearly informing you of the content of the update, the effective time, and the reason for the amendment; at the same time, the revised Agreement will be publicly displayed on the official Software website, in prominent client-side locations, for a period of not less than 7 natural days.
9.2 Effectiveness and Acceptance
9.2.1 Effective Time
The revised agreement comes into effect upon notification, and if you continue to use this software after the policy comes into effect, it is considered that you have fully read, understood, and agreed to the new agreement; if you do not agree to the new agreement, you should immediately stop using this software and sign out of your account.
9.2.2 Historical Version Preservation
We will maintain the historical version of this agreement, and you can check the past versions through the official website of this software to understand the trajectory of changes to the agreement.
10. Disclaimer
10.1 Disclaimer for Irresistible and External Risks
10.1.1 Irresistible Circumstances
We do not assume any liability for breach of contract, but we will do our best to take remedial measures to reduce the damage and notify you promptly if your personal information is leaked, lost, tampered with, or if the AI functionality of this Software is disrupted or unable to function due to irresistible forces or external factors such as natural disasters, war, terrorist activities, network disruptions, hacking attacks, virus infections, third-party service failures, regulatory policy adjustments, etc.
10.1.2 Disclaimer for Third Party Behavior
We will not take responsibility for any privacy damage resulting from a third party‘s illegal access, abuse of your personal information, or third-party services, but we will help you pursue liability with the third party and provide the necessary documentary evidence.
10.2 Disclaimer for User Error and Self-Action
10.2.1 Scenario of User Error
You are solely responsible for the privacy damage, account security risk, or legal liability resulting from your own misdeeds such as leaking your account password, authorizing third parties to illegally use this Software, disclosing personal information to others on your own initiative, uploading illegal and unlawful content, improper operation, etc.
10.2.2 Disclaimer for Voluntary Sharing
The risks of information disclosure, infringement, etc. that result from your sharing AI-generated content and personal information with third parties through this Software are your own, and we do not assume responsibility.
10.3 Technical Limitations and Reasonable Bias Disclaimer
10.3.1 Description of Technical Limitations
Although we have adopted comprehensive security protection measures, the current technological level cannot completely eliminate all privacy security risks. If information security incidents are caused by technological limitations, we will not assume additional responsibility after fulfilling reasonable attention obligations and remedial measures.
10.3.2 Disclaimer for AI Functional Bias
The content generated by the AI functions of this software is based on existing technology and data training. There may be certain biases, errors, or imperfections. We do not guarantee the absolute accuracy, legality, or applicability of the content generated by AI. When you use AI to generate content, you should verify it yourself. You bear the associated risks on your own.
11. Dispute Resolution and Legal Applicability
11.1 Dispute Resolution Methods
11.1.1 Negotiation Priority
Any disputes arising from this agreement should first be resolved through friendly negotiation between the parties. Negotiations can be communicated through the official contact email brianewc@outlook.com, and we will endeavor to reach a consensus solution with you.
11.1.2 Arbitration resolution
If negotiations fail, any party has the right to apply for arbitration from an internationally recognized arbitration agency recognized by both parties. The arbitration venue is determined by negotiation between the two parties, the language of arbitration is English, the arbitration ruling is the final ruling, has binding force on both parties, and the arbitration costs are borne by the losing party (except as otherwise stipulated).
11.2 Applicable Law
11.2.1 Choice of Applicable Laws
The establishment, enforcement, execution, interpretation, and dispute resolution of this Agreement are governed by the International General Business Rules and the laws and regulations of arbitration jurisdictions. If there is a conflict between the laws of arbitration jurisdictions and the International General Privacy Protection Principles, the provisions that are more conducive to protecting the privacy rights of the users will have priority.
12. Contact information and appendices
12.1 Privacy-Related Contact Methods
12.1.1 Official Consultation and Complaint Channels
If you have any privacy-related inquiries, complaints, suggestions, or need to exercise your privacy rights, request data export/delete, please email to our official contact address: brianewc@outlook.com. We will review and provide feedback on the processing results within 30 working days.
12.1.2 Privacy Officer
We set up a dedicated Privacy Protection Officer, responsible for coordinating personal information protection work and supervising the execution of this agreement. If you need to contact the Privacy Protection Officer, you can do so through the email note “Privacy Protection Officer” above.
12.2 Appendix
12.2.1 Effectiveness of the Agreement
This Agreement constitutes the complete agreement between you and us regarding the protection of personal information, replacing any previous verbal or written agreement reached by both parties regarding privacy protection. This Agreement does not suffice, and applicable laws and regulations as well as other service terms of this Software apply.
12.2.2 Part of the Terms Is Invalid
If any provision of this Agreement is deemed by a competent authority to be invalid or unenforceable without affecting the validity of the other provisions, the other provisions shall continue to be enforced, and the invalid provision will be replaced by the legally valid provision closest to the original intent.
12.2.3 Effective Date
This Agreement is effective from the date of publication.