隐私政策 · Privacy Policy
生效日期:2026 年 3 月 21 日 · Effective Date: March 21, 2026
This Privacy Policy explains how AIBOXZ ("we", "us", "our") collects, uses, shares, and protects personal information when you use our services, websites, applications, and APIs (collectively, the "Services").
1. Information We Collect
- Account Data: email address, profile details, authentication identifiers, and account role.
- Session Data: conversation content (text, voice, generated files), timestamps, language settings, and technical diagnostics.
- Payment Data: billing plan, subscription status, transaction metadata, and payment processor references (we do not store full card numbers).
- Device and Usage Data: IP address, browser/device type, logs, and security events.
- Long-term semantic memory (optional, Pro): for eligible accounts we may store text-derived embeddings (numeric vectors) and associated redacted text snippets to recall context across sessions.
2. How We Use Information
- to provide, maintain, and improve the Services;
- to authenticate users and protect account security;
- to process subscriptions, payments, and service credits;
- to monitor abuse, fraud, and policy violations;
- to comply with legal obligations and enforce our Terms.
3. Legal Bases (EEA/UK)
Where applicable, we process personal data based on: performance of a contract, legitimate interests, compliance with legal obligations, and your consent (for example, optional recording features).
4. Sharing of Information
We may share information with trusted service providers that support our operations, such as cloud hosting, authentication, analytics, AI model providers, and payment processors. We require contractual safeguards and only share data necessary for specific service purposes.
5. International Transfers
Your information may be processed in countries outside your residence. When required, we implement appropriate safeguards (such as standard contractual clauses) for cross-border transfers.
6. Data Retention
We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.
7. Your Rights
Depending on your location, you may have rights to access, correct, delete, export, or restrict processing of your personal data.
Deleting long-term memory: signed-in users may request removal of stored semantic-memory vectors by calling POST /api/memory/delete-all with a valid session token, or by contacting us at the email below.
8. Children's Privacy
The Services are not directed to children under the age required by applicable law. If you believe a child provided personal information, please contact us for review and removal.
9. Security
We use technical and organizational safeguards including encryption in transit, access controls, and monitoring. No method of transmission is completely secure; therefore, absolute security cannot be guaranteed.
10. AI Output and Sensitive Data
Please avoid submitting highly sensitive personal information unless strictly necessary. AI outputs may contain errors. Optional recording features require explicit user action and are off by default.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If changes are material, we will provide additional notice as required by law.
12. Contact
For privacy requests or questions, contact: yxq190606@gmail.com