Mindy AI (hereinafter “we”) is committed to protecting your personal data and privacy security. This Privacy Policy is designed to clearly explain how we collect, use, store, share, and protect personal data during your use of the Mindy AI Conversation Software (hereinafter “the Services”) and the relevant rights issues. This Policy is formulated in accordance with international general privacy protection principles (including, but not limited to, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), etc.), and applies to all users who use our Services.
Please read and understand this Privacy Policy carefully before using the Services. If you do not agree with any of the terms of this Policy, please do not use our Services. By using the Services, you are deemed to have fully understood and agreed to the full content of this Policy.
1. Definition and scope
1.1 Definitions
1.1.1 Personal Data
Means various types of information that can directly or indirectly identify a specific natural person, including but not limited to names, contact information, device identifiers, IP addresses, conversation content, etc.
1.1.2 Users
Means a natural person who accesses, browses or uses this Service.
1.2 Scope of Applicability
This Policy applies to all user personal data that we collect and process through the Services, does not apply to independently provided services or third-party websites, and we are not responsible for third-party privacy practices.
2. Personal Data We Collect
2.1 Personal Data that you voluntarily provide
2.1.1 Account-Related Information
When you register and create an account, you may need to provide information such as your name and email address for account verification, login identification, and subsequent communication.
2.1.2 Conversation and Interactive Content
Conversation text that you enter during the process of using the Service, related files uploaded (such as documents, images, etc. that you actively submit), and your instructions for actions on the Service (such as queries, modifications, deletions, etc.).
2.1.3 Other voluntarily provided information
When you participate in our user surveys, feedback suggestions, or related activities, you proactively provide us with feedback, contact information, and other relevant information.
2.2 Automatically Collected Personal Data
2.2.1 Technology and Device Information
Device information (such as device model, operating system version, device identifier), browser information (such as browser type, version), and network information (such as IP address, network carrier, time zone) that you use when accessing services.
2.2.2 Use of behavioral data
Your service usage is automatically recorded, including access time, functional modules used, interaction frequency, conversation duration, and more, to analyze service usage trends and optimize the service experience.
2.2.3 Cookies and similar technical data
We may use cookies, web beacons, and similar technologies to collect information about your browsing preferences, login status, and more to ensure the proper operation of the Service and improve the efficiency of the Service. You can manage or disable cookies through your browser settings, but some Service functionality may be affected by this.
3. Purposes for the use of personal data
3.1 Provision and Maintenance of Services
Used to respond to your conversation requests, execute your action instructions, ensure the proper operation of the service, technical support, and troubleshooting.
3.2 Optimization and Improvement of Services
Based on conversation data and usage behavior data collected, AI models are trained and optimized to improve the accuracy and relevance of conversation responses, develop new service features, and improve the overall user experience.
3.3 Security and Risk Control
It is used to detect, prevent and address security risks such as fraud, illegal use, cyberattacks, protect the security of your account and personal data, and maintain service compliance and stability.
3.4 Communication and Notifications
To send you service-related notifications (such as account status changes, service updates, failure alerts, etc.), to respond to your inquiries, feedback, and, with your consent, to send service-related promotional messages.
3.5 Fulfilling Legal Obligations and Compliance Requirements
Use of relevant data to comply with applicable international laws and regulations, judicial rulings or administrative directives, and to protect our legitimate interests, rights, privacy or property, users or third parties.
3.6 De-Identification Research and Analysis
After personal data is de-identified (so that it cannot be identified as a specific individual), it is used for AI technology research, market analysis, industry trend prediction, etc. Such de-identified data will not be used to identify your identity.
4. Sharing and Disclosure of Personal Data
4.1 Third-party service providers
To fulfill service functionality or operational needs, we may share personal data with selected third-party service providers (such as cloud service providers, data storage providers, security monitoring providers, etc.). Such third parties will process the data strictly according to our instructions, this privacy policy, and relevant laws and regulations, accessing and using the data only for the purpose of providing the specified service, and may not be used for other purposes.
4.2 Transfers or reorganizations of business
In the event of a transaction such as a strategic restructuring, merger, acquisition, bankruptcy settlement or asset transfer, your personal data may be transferred to the transaction partner as part of the transaction asset. We will notify you prior to the transaction and ensure that your personal data is protected as required by the respective parties to continue complying with this Privacy Policy.
4.3 Legal Requirements and Security Protection
We may legally disclose your personal data in the following circumstances: (1) to comply with applicable laws and regulations, judicial rulings or administrative orders; (2) to protect our legitimate interests, security or property, users or the public; (3) to investigate or prevent fraud, illegal activities or abuse of services; and (4) to protect our service terms, privacy policies or other legitimate interests from infringement.
4.4 Your Explicit Consent
Upon obtaining your explicit written consent, we may share your personal data to the extent and for the purposes you consent to.
4.5 Prohibition of Data Selling
We will not sell your personal data to any third party for commercial marketing purposes, except with your express permission.
5. Storage and protection of personal data
5.1 Storage periods
We will store your personal data for the minimum period necessary to achieve the purposes described in this Privacy Policy. After exceeding the storage period, we will take security measures to delete or anonymize the related data, unless otherwise required by law and regulations.
5.2 Storage locations
Your personal data will be stored on servers that comply with international privacy protection standards, and may be located in different countries or regions. We ensure that cross-border data transfers comply with the requirements of applicable laws and regulations, and adopt security measures such as encrypted transfers and data processing protocols.
5.3 Security Measures
We implement technical and organizational security measures that comply with international standards, including but not limited to data encryption (transmission and storage encryption), access controls (principle of least privilege), security auditing, vulnerability detection and remediation, and more to prevent unauthorized access, disclosure, tampering or damage to personal data. Although we implement strict security measures, please note that no network transmission or electronic storage method can be guaranteed to be 100% secure, and you must bear the corresponding risks arising from using the service.
6. Your rights to your personal data
Under applicable international privacy laws and regulations, you have the following rights in relation to personal data, and we will provide reasonable facilities for you to exercise these rights:
6.1 Access and Information Rights
You have the right to request access to the personal data we hold about you, to learn about the collection, use, sharing of the data, and so on.
6.2 Right to Amendment
If you find that your personal data in our possession is inaccurate or incomplete, you have the right to request us to correct or supplement the relevant data.
6.3 Right to delete (right to be forgotten)
In accordance with legal and regulatory requirements, you have the right to request us to delete your personal data (e.g., the service purpose has been achieved, you withdraw your consent, etc.).
6.4 Restriction or objection to processing rights
You have the right to request us to limit the processing of your personal data (e.g., when there is a dispute about the accuracy of the data), or object to our processing of your personal data for specific purposes (e.g., marketing).
6.5 Data Portability Rights
You have the right to request us to provide your personal data in a structured, generic, and machine-readable format, or to transfer it directly to another compliant data processor you designate (provided that it meets legal and regulatory requirements).
6.6 Revocation of the Right to Consent
For the processing of personal data based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the legality of the data analysis processing that was performed based on your consent prior to the withdrawal.
6.7 Ways of exercising your rights
If you wish to exercise the above rights, or have any questions about the processing of personal data, you can contact us via the contact email specified in section 10 of this Policy. We will verify and respond to your request within the time required by applicable laws and regulations upon receipt.
7. Special Instructions for Data Processing for AI Model Training
7.1 Training Data Sources and Processing
We may use data such as your conversation content for training and optimization of AI models, but in this process, we will use de-identification processing to ensure that the data cannot be associated with a specific individual. We will not use information that directly identifies you for model training unless we obtain your explicit consent.
7.2 Choose your opt-out mechanism
If you do not wish your conversation data to be used for AI model training, you can submit a “choose out” request through service-in-service settings or by contacting us. We will adjust the scope of data usage accordingly, ensuring that your relevant data is no longer used for model training purposes.
7.3 Algorithm Transparency Explanation
We are committed to increasing the transparency of AI algorithms, and you can learn the basic principles of AI conversational responses and data processing logic through the service help center. If you have any objections to AI decision results, you can contact us for review and explanation.
8. Third-party service links
Our Services may contain links to third-party services (such as links to social media sharing, third-party tool integrations, etc.). Clicking on such links will jump to third-party platforms, and the third-party privacy policies and data processing practices are not our concern and we take no responsibility for them. Please read their privacy policies carefully before accessing third-party services.
9. Privacy Policy Updates
9.1 Updates
We may revise and update this Privacy Policy in light of changes in international laws and regulations, updates in service functionality, business operation needs, etc.
9.2 Update Notification
When significant changes to this Privacy Policy occur, we will notify you in significant ways through in-service pop-up notifications, email notifications, etc. For non-significant changes, we will publish the updated Privacy Policy at prominent locations on the Service Platform. Please periodically review the latest version of this Policy.
9.3 Effective Time
The updated privacy policy takes effect from the date of publication. If you continue to use our services, it is considered that you have accepted the updated privacy policy.
10. Contact us
If you have any questions, comments, or suggestions regarding this Privacy Policy, or need to exercise your personal data-related rights, you can contact us by:
Contact email: nadamarcel@outlook.com
We will process and respond to your inquiries and requests within the time limits specified by applicable laws and regulations.