Welcome to use EchoUs AI chat software (hereinafter referred to as"The software") . This software was developed and run by the EchoUs team ("We") . We attach great importance to the protection of users' personal information, and are committed to protecting your information security and legitimate rights and interests through advanced technical means and strict management norms. This privacy policy is intended to clarify how, to what extent, and for what purpose we collect, store, use, share, transfer, and delete your personal information, as well as your rights. Before downloading, installing, registering or using this software, please read and fully understand the full contents of this policy, especially the bolded terms. By using this software, you fully understand and agree to all of the terms of this policy. If you have any questions, comments or complaints about this policy, please contact us at support@envexa.shop communicates with us.
Definition and scope of application
1.1 core definitions
1.1. Personal Information: information recorded by electronic or other means which, individually or in combination with other information, is capable of identifying a particular natural person or of providing information about the activities of a particular natural person, including but not limited to name, ID number, contact information, account information, chat records, equipment information.
1.1.2 sensitive personal information: means personal information whose disclosure or unlawful use could lead to infringement of the human dignity of natural persons or endanger the safety of persons or property; This software involves sensitive personal information including but not limited to mobile phone numbers, e-mail, biometric information (if any) , chat content contains private information.
1.1.3ai interactive data: refers to the user in the use of this software AI chat function, the active input text, voice, pictures and other interactive content, as well as AI model generated response content.
1.1.4 anonymization: the process by which personal information is processed so that the subject of the personal information can not be identified or associated, and the processed information can not be recovered. De-identification processing refers to the process of processing personal information so that it can not identify or relate to the subject of personal information without additional information.
1.2 scope
1.2.1 this policy applies to all users (hereinafter referred to as"Users") who download, Install, register and use the software through official channels including but not limited to official websites, app stores, officially authorized collaboration platforms, etc. .
1.2.2 this policy applies only to the services provided by this software and the handling of information. If this software contains links to third-party services (such as third-party login, payment, sharing, etc.) , the information processing rules of third-party services are independently developed and responsible by third parties, and we do not assume corresponding responsibility, please read the third party privacy policy carefully.
1.2.3 if we have a separate privacy policy for a particular service, such privacy policy will be supplemental to this policy and shall have the same legal effect as this policy; if the supplemental policy is inconsistent with this policy, subject to the supplementary terms.
2. Collection and use of personal information
2.1 collection principles
2.1.1 the principle of lawful and legitimate necessity: we collect personal information in a lawful and legitimate manner only to the extent necessary for the provision of this software service, and do not collect information unrelated to the service, not through fraud, deception and other improper means to collect information.
2.1.2 the principle of express consent: we will obtain your express prior consent for the collection of sensitive and non-essential personal information, and will not collect such information if you refuse to provide it, and does not affect the use of the core services of the software (unless the information is required for the core services) .
2.2 collection and use of necessary information
2.2.1 account registration and login information: in order to achieve account creation and authentication, you need to provide a mobile phone number or e-mail address when registering an account in this software, and set a login password; If you log in through a third-party account (such as a Google Account, an Apple ID, a wechat account, etc.) , we will get your account's unique identifier, username, avatar, and other basic information from the third party. This information is used for account login, identification, password retrieval and account security to ensure that your account rights and interests belong to a clear.
2.2.2 equipment information: in order to ensure the stability of software operation, adapt to different equipment and prevent security risks, your device model, operating system version, device unique identifier (e.g. IMEI, OAID, UUID) , MAC address, screen resolution, network type (wi-fimobile Data) , IP address, etc. . This information is used for equipment compatibility testing, troubleshooting, performance optimization and abnormal login detection to ensure stable and secure service.
2.2.3AI Interactive Core Data: in order to realize the core function of AI chat, we will collect text, voice, pictures and other interactive content (such as chat messages, questions, uploaded references, etc.) that you actively input during use. This information is only used by the AI model to understand your needs, generate response content, and optimize the interaction experience, which is the basis for providing AI chat services.
2.3 collection and use of optional information
2.3.1. Profile information: if you choose to complete your profile, you can provide your name, nickname, Avatar, gender, interest tag, etc. . This information is used for personalized service optimization, such as recommending relevant chat topics based on interest tags, optimizing AI response style, etc. . You can modify or delete this information at any time in the"Personal Center".
2.3.2 voice interaction information: if you use voice chat, we collect your voice data and convert it into text, which is used by the AI model to recognize speech content and generate responses. Voice data will only be retained for the necessary time (not exceeding 72 hours) after conversion. Converted text data will be stored in accordance with this policy, and original voice data will be deleted.
2.3.3. Location data: If you use a location-based service (e.g. local topic recommendations, if any) and actively enable location permissions, we will collect your location data. This information is only used to implement the service, and you can turn off location permissions in device settings at any time. If you do, you won't be able to use the service, but it won't affect the core chat functionality.
2.3.4 behavioral information: to optimize product features and user experience, we will collect your behavioral data, logon time, chat frequency, function usage record (such as whether to use voice chat, file transfer, etc.) , AI response satisfaction evaluation, page length, etc. . This information is used to analyze user habits, improve AI model performance, and optimize interface design and functional layout.
2.4 methods of information collection
2.4.1 offer: the information you submit or upload to US when you register your account, complete your information, use AI chat and other services.
2.4.2 automatic collection: When you use this software, through the software background program automatically collected device information and use behavior information, the process does not require you to manually operate.
2.4.3 information provided by a third party: information provided to us by a third party in accordance with its privacy policy and your authorization when you log in or use a third-party service through a third-party account.
3. Storage of personal information
3.1 how and where to store
3.1.1 storage: we store the personal information we collect on our own servers and those of our partner cloud service providers (e.g. AWS, Alibaba Cloud, etc.) , in order to ensure the security of information, we use encryption storage (AES-256 encryption algorithm) , access control, security audit and other technical measures. For the sensitive chat content entered by users, we will perform additional end-to-end encryption processing, ensure security during transmission and storage.
3.2.2 storage location: Our servers and partner cloud servers are located in Singapore, the United States and Hong Kong, China where international data protection standards are met. If you need to transfer your personal information overseas, we will strictly comply with relevant laws and regulations, adopt data encryption, sign data processing agreements, pass international data transmission compliance certification and other measures, ensure the security of information transmission.
3.2 storage life
3.2.1 account related information: during the life of your account, we will continue to store your account registration information, personal data information, etc. to protect your normal use of the service; if you cancel your account, we will delete such information within 15 working days after the account cancellation is completed, unless otherwise stipulated by laws and regulations.
3.2.2ai interactive data: YOUR CHAT history and other interactive data will be stored for the duration of your account. You can manually delete specific chat history through the chat settings function of this software. If you do not manually delete, we will keep the chat logs for 12 months after they are generated. After that, they will be anonymized automatically and the data will no longer be associated with your identity.
3.2.3 equipment and behavioural information: such information is retained only for the minimum period necessary to achieve the purpose of the service, generally not exceeding six months, after which it is anonymised for product optimization and data analysis.
3.2.4 legal and regulatory requirements: We will retain information for an extended period of time if requested to do so by a legal, regulatory, judiciary or administrative authority, after waiting for the related request invalidation, deletes or anonymizes processing promptly.
4. Sharing, transfer and disclosure of personal information
4.1 sharing of personal information
4.1.1 restriction in principle: we will not share your personal information with any third party unless:
4.1.1.1 with your express consent, we will clearly inform you of the purpose of sharing, the identity of the third party, the scope of the information, and how it will be shared before sharing it with a third party, and obtain your individual written consent (including explicit online confirmation) .
4.1.1.2. Necessary sharing of services: in order to implement the core or additional services of this software, we need to share the necessary information with our service providers (such as cloud storage providers, AI model training support providers, etc.) , however, we will sign strict confidentiality agreements and data processing agreements with such third parties to clarify the scope, obligations and responsibilities of their information processing, and supervise their information processing activities to ensure information security.
4.1.1.3 legal and regulatory requirements: we may share necessary personal information with the relevant authorities pursuant to a mandatory requirement by a legal, regulatory, judiciary or administrative authority, but we will do our best to protect your information as far as the law allows, and inform you in time (unless the law forbids) .
4.1.1.4 protection of legitimate interests: in order to protect the legitimate interests of you or other users, in defence of the public interest or in case of emergency to prevent damage to persons or property, we can share personal information within reasonable limits (E. G. Fraud Prevention, user protection, etc.) .
4.2 transfer of personal information
4.2.1 we will not transfer your personal information to any third party except in the event of a merger, acquisition, transfer of assets, liquidation or other corporate restructuring. In such cases, we will notify you 30 natural days in advance by means of this software announcement, registered email, etc. , to ensure that the transferee continues to perform its personal information protection obligations; if the transferee is unable to perform this obligation, we will take measures to protect your information security.
4.3 disclosure of personal information
4.3.1 we will not publicly disclose your personal information unless we have your express consent or have taken reasonable steps to protect your privacy in order to comply with laws and regulations and respond to the public interest.
4.3.2 we may publicly disclose anonymised or de-identified information which is not personally identifiable and which can be used for product promotion, industry reporting, academic research, etc. , your consent is not required.
5. Cross-border transfer of personal information
5.1 transmission scenarios
5.1.1 if the service you are using involves cross-border data transmission (if the server is located outside China, the service provider is an outside entity, or you are using this software outside China) , we will comply with the relevant laws and regulations, ensuring that cross-border transmissions comply with data protection standards.
5.2 transmission safeguards
5.2.1 where cross-border transmission is required, we will take one or more of the following measures to safeguard information security:
5.2.1.1 obtaining your express consent and informing you of the purpose of cross-border transmission, the recipient and the security measures;
5.2.1.2 enter into a data processing agreement with the receiving party abroad, defining the rights and obligations of both parties and requiring them to take protective measures no less favourable to this policy;
5.2.1.3 security assessment or certification of cross-border data transmission by relevant state authorities (e.g. security assessment of China's exit of personal information, EU GDPR adequacy certification, etc.) ;
5.2.1.4 use of technical measures such as secure transmission and data desensitization to reduce transmission risks.
6. Exercise of user rights
6.1 right to information
6.1.1 you have the right to know the extent, manner, purpose and duration of the collection, use, storage and sharing of personal information by this software.
6.2 access and replication rights
6.2.1 you have the right to access your personal information, including account information, profile, chat history, usage history, etc. . You can view it through the"Personal center", "Chat record" and other functions of this software. If you need to copy the relevant information, you can export it through the application function or contact us to apply, we will reply and provide within 15 working days.
6.3 right of Correction
6.3.1 you have the right to request correction if you find that your personal information is incorrect or incomplete. For account information, personal data and other content that can be modified by yourself, you can directly correct it through the"Personal Center"; for other information that can not be corrected by yourself, you can contact us by email to submit a correction request, we will complete the verification and processing in 15 working days.
6.4 right to delete
6.4.1 you have the right to request the deletion of your personal information and may exercise this right if:
6.4.1.1 the chat record can be deleted manually through the"Chat settings-delete record" function;
6.4.1.2 personal data information can be deleted directly through the"Personal Centre";
6.4.1.3 account information and other information can be deleted by cancelling the account or contacting us to request deletion. We will complete the deletion within 15 working days.
6.4.2 you may request us to remove the information immediately if we violate any laws or regulations or this policy regarding the collection or use of information.
6.5 withdrawal of consent
6.5.1 you have the right to withdraw your consent to the collection and use of personal information. For permission class permissions (such as location permissions, microphone permissions, etc.) , you can turn them off by device settings-applications-EchoUs-permissions; for other permissions, you can contact us by email to apply for withdrawal. After the withdrawal of consent, we will no longer collect and use the corresponding information, but it will not affect the legality of the information processing behavior based on the consent completed before the withdrawal, and may lead to the normal use of some services.
6.6 right of cancellation
6.6.1 you have the right to cancel your account in this software. You can submit a request for cancellation through"Setup-account center-account cancellation". Please back up important chat records and personal information before you log off. After the application is approved (usually within 7 working days) , the account will be officially canceled. We will delete all your personal information, and can not recover it. The cancellation of your account does not affect your legal rights and obligations arising before the cancellation.
6.7 complaints and right of appeal
6.7.1 if you feel that your personal information rights have been infringed, or you have any objection to our information processing, you can contact us by email to lodge a complaint or appeal. We will process and report the result within 15 working days.
7. Protection of personal information of minors
7.1 principles of protection
7.1.1 we attach great importance to the protection of the personal information of minors. If you are a minor under the age of 14(hereinafter referred to as"Minor") , you must obtain the consent of your legal guardian before using this software; If you are a minor aged 14-18, you should obtain the consent or guidance of your guardian before using this software.
7.1.2 we do not collect personal information of minors on our own initiative. If a guardian discovers that the personal information of a minor has been improperly collected, he/she may lodge an objection to us by contacting our email address, we will verify and delete the relevant information within 15 working days.
7.2 guardianship rights
7.2.1 the legal guardian of a minor has the right to view the use of the minor's personal information in this software, to request the correction or deletion of the information improperly collected, and to withdraw consent to the use of the information collected, the right to cancel the accounts of minors. When exercising the above-mentioned rights, the Guardian shall provide valid identity proof and proof of guardianship relationship. We will deal with them in a timely manner after verification of identity.
8. Personal information security measures
8.1 technical security
8.1.1 data encryption: AES-256 encryption is used for the storage of collected personal information, end-to-end encryption is used for transmission of sensitive information such as chat content, and Bcrypt Hasche algorithm is used for encryption of account passwords, prevent information from being read or tampered with illegally.
8.1.2 security: servers are protected by firewalls, intrusion detection systems (IDS) and data desensitization systems, and are regularly scanned for security vulnerabilities, tested for penetration and searched for viruses, potential risks of timely repair.
8.1.3 data backup: establish a sound data backup mechanism that regularly encrypts and backs up personal information to ensure that data can be quickly recovered in the event of an accident and to reduce the risk of data loss.
8.2 managing safety and security
8.2.1. Control of Access: a strict hierarchy of access is maintained for internal employees, with access granted only to persons in essential positions to a limited number of personal information, and all access operations are logged and regularly audited.
8.2.2 employee training: conduct regular training on personal information protection laws and regulations and safe operation for employees, and strengthen employees' awareness of privacy protection.
8.2.3 emergency response: establish an emergency response mechanism for information security incidents. In the event of a security incident such as information leakage or loss, an emergency response plan will be immediately activated to take remedial measures, in accordance with the requirements of laws and regulations and timely notification to users and the relevant regulatory authorities.
9. Privacy policy changes
9.1 circumstances of change
9.1.1 this policy may be amended in accordance with regulatory updates, service function upgrades, operational strategy adjustments or regulatory requirements. We will notify you in a significant manner if the policy changes relate to core aspects of the scope, purpose, and methods of collecting and using personal information, or may affect your information rights.
9.2 notification and effectiveness of changes
9.2.1 the revised policy will be posted on the settings-privacy center page of this software for a period of not less than seven natural days, we will send you a notice of the change by using pop-up window and registered email to confirm the change and the effective time.
9.2.2 the revised policy will take effect automatically after the expiry of the period of publication. If you disagree with the revised policy, you may discontinue using the software. If you continue to use the software, you have agreed to the revised policy.
Complaints and dispute resolution
10.1 complaint channels
10.1.1 if you have any questions, comments or complaints about this policy, you may contact support@envexa.shop with us, we will be in 15 working days to receive and feedback the results of processing.
10.2 dispute settlement
10.2.1 if you have a dispute with US regarding the implementation of this policy, it shall first be settled through friendly negotiations, any party shall have the right to bring an action against the People's Court in the jurisdiction of the location of the software operator.
10.2.2 if you believe that our information processing activities violate relevant laws and regulations, you may file a complaint with your local data protection regulator.
11. Other articles
11.1 time of commencement
11.1.1 this policy shall take effect from the date of promulgation.
11.2 contact us
11.2.1 if you have any questions about this policy, please contact us by.
11.2.2 contact us by support@envexa.shop