This Privacy Policy (hereinafter referred to as the “Policy”) is designed to clarify the relevant rules for the Elaris Software (hereinafter referred to as the “Software”) for collecting, using, storing, transmitting, and disclosing users‘ personal information and data, to protect users‘ privacy rights and data security, and to comply with international general data protection guidelines (including, but not limited to, the EU GDPR, APEC Cross-Border Privacy Rules Framework, etc.). This Policy applies to all users who use this Software (hereinafter referred to as the “Users”), regardless of the device (computer, mobile terminal, etc.) through which users access or use this Software. Using this Software means that users have fully read, understood, and agreed to all terms of this Policy; if users do not agree to this Policy, they should immediately stop using this Software.
1. Definition and scope
1.1 Core Definitions
1.1.1 Personal Information: Means information that can identify a specific natural person individually or in combination with other information, including but not limited to names, email addresses, phone numbers, device identifiers, IP addresses, chat records, usage preferences, etc., that meets the standards defined for personal information in the International General Data Protection Regulations.
1.1.2 Non-Personal Information: Means information that cannot identify a specific natural person, including but not limited to software usage statistics, user behavior data after anonymizing processing, system execution logs, AI interaction desensitization data, etc., which can be used for software optimization and industry research.
1.1.3 Third-Party Services: Means services provided by third parties that are integrated or linked to this Software (such as cloud storage, data analysis, payments, etc.) whose privacy policies are independent of this Policy. Users using third-party services are subject to third-party privacy regulations, and this Software does not assume any privacy-related responsibility for third-party services.
1.2 Applicability Scope
1.2.1 This Policy applies to all functional modules, services and related extended services of this Software, including but not limited to all service scenarios such as account registration, AI chat interactions, data storage, feature upgrades, customer service consultation, etc.
1.2.2 This Policy does not apply to third-party services. The third party is independently responsible for the privacy protection of third-party services. If users develop privacy-related issues due to using third-party services, they should communicate directly with the third party to resolve them.
2. Information Collection
2.1 Collecting Principles
2.1.1 Legitimacy Principles: Collecting user information only when obtained with the user‘s explicit consent, necessary for the fulfillment of the service agreement, or in accordance with relevant international laws, regulations, and treaty provisions, strictly following the core requirement of “informed consent.”
2.1.2 Minimum Required Principle: Collect only the user information necessary to realize the core functions of this software (AI chat, account management, etc.), do not collect information that is not related to the service, and control the scope of information collection to a minimum.
2.1.3 Transparency Principle: Clearly inform users of the purpose, scope, method, and use of information collected, ensure that users are aware and have the freedom to choose whether to provide it, and do not conceal any matters related to information collection.
2.2 Scope and method of collection
2.2.1 Account Related Information: When users register for this Software account, they are required to provide an email address (as an account login credential). We will collect the email address provided by users for core purposes such as account verification, password recovery, service notifications, security alerts, and more.
2.2.2 Chat and Interaction Information: When users use this Software AI chat functionality, the chat content, interaction instructions, and feedback information sent by users will be collected to optimize the accuracy of AI responses and improve the chat experience. All chat information will be stored with strict encryption.
2.2.3 Device and Usage Behavior Information: During user use of this Software, the System will automatically collect the user‘s device model, operating system version, IP address, device identifier, software startup time, feature usage records, etc., for the purpose of optimizing software performance, troubleshooting, and preventing security risks.
2.2.4 Voluntarily provided information: When users voluntarily provide additional information (such as preferences, requirements descriptions, etc.) when using specific features of this Software (such as personalized AI settings, theme customization, etc.), we will use it only for the implementation of that specific feature and not for other purposes.
3. Information Usage
3.1 Purpose of Use
3.1.1 Provide Core Services: Use the collected information to provide users with the core functions of this Software, including account login, AI chat interactions, chat record storage, service push, etc., to ensure the service is functioning normally and reliably.
3.1.2 Optimize the service experience: Based on user chat records and usage behavior information, analyze user needs and preferences, optimize AI algorithms, chat response logic, and software interface interactions to improve service personalization and convenience.
3.1.3 Security Assurance: Use user information to identify unusual login, malicious use, sending spam messages, and other behaviors, prevent account theft, information leakage, and other security risks, and protect user accounts and data security.
3.1.4 Compliance and Notification: In accordance with relevant international laws, regulations, and treaty requirements, or to send users necessary notifications such as service updates, policy changes, security reminders, etc., to ensure that users are kept up to date with software-related developments.
3.2 Use Restrictions
3.2.1 Use of information without exceeding the scope of user consent, if information is needed for purposes not clearly stated in this Policy, written consent will again be obtained from the user, and unauthorized extension of the scope of use of information is strictly prohibited.
3.2.2 User personal information will not be used for other purposes unrelated to this Software Service, unless expressly authorized by the user or in compliance with relevant international laws, regulations and treaty provisions, to prevent misuse of information.
4. Storage of Information
4.1 Storage Location
4.1.1 User information collected by this Software will be stored on servers that comply with international data protection standards (such as GDPR requirements), with specific locations dynamically adjusted according to service optimization requirements to ensure compliance with local data protection regulations and cross-border data flow rules.
4.2 Storage Period
4.2.1. The storage period of personal information is the minimum time required to achieve the purposes of the service. If a user signs out of their account, we will delete or anonymize all personal information processed by that user within 15 business days after the account sign-out is completed, except as otherwise stipulated by law, regulation and treaty.
4.2.2 Non-Personal Information may be stored for a long period of time for legitimate purposes such as software optimization, statistical analysis, AI algorithm training, etc., without the user‘s consent, and will remain anonymized during the storage process.
4.3 Storage Security
4.3.1 International-leading encryption technologies (such as SSL/TLS, AES-256) are used to encrypt the storage of user information and double-encrypt sensitive information such as chat records to prevent unauthorized access, tampering, and disclosure of information.
4.3.2 Establish a well-established security management system, strictly control server access permissions, regularly conduct security testing, vulnerability remediation, and risk assessment, equip professional security teams to ensure the security of data storage, and comply with international data security protection standards.
5. Information Transfer
5.1 Transfer Principles
5.1.1 User information will be transferred only in order to achieve the purposes of this Software Services, obtaining the user‘s consent or in compliance with relevant international laws, regulations and treaty requirements, strictly following the relevant rules for cross-border data flows.
5.1.2 Encryption techniques are adopted during transmission to ensure the security and integrity of information during transmission, prevent information from being intercepted, tampered with, and leaked, and ensure the security of the entire process of data transmission.
5.2 Transmission Range
5.2.1 User information is transferred only between the entity operating this Software and its authorized service providers. The authorized service providers must strictly comply with this Policy and related confidentiality agreements, not use or disclose user information without permission, and must comply with international data protection requirements.
5.2.2 If the service requires the transfer of user information to other countries or regions, it will ensure compliance with the data protection regulations and cross-border data flow rules of that country or region, and will inform the user in advance of the purpose, scope, and security measures of the transfer, obtaining the user‘s consent before the transfer.
6. Information Disclosure
6.1. Forbidden disclosure situations
6.1.1 Do not disclose your personal information to any third party without your explicit consent, except as otherwise stipulated by law, regulations and treaties, and strictly protect your information from illegal disclosure.
6.2 Allowed Disclosures
6.2.1 Upon obtaining the user‘s written consent, disclosure of relevant information to the third parties designated by the user is strictly limited to the scope authorized by the user.
6.2.2 The disclosure of necessary user information to comply with legal, regulatory and contractual obligations, and in response to legitimate requests from judicial or regulatory authorities (such as court citations, regulatory investigations), will be conducted strictly according to the relevant procedures.
6.2.3 Disclosure of user information to authorized service providers for the implementation of this software services (such as storage, data analysis, AI algorithm optimization, etc.), but only to ensure that the service provider complies with confidentiality obligations and is used only for agreed purposes, and for regular compliance audits of the service provider.
6.2.4 Disclosure of non-personal information after anonymized processing, which cannot identify the user identity, can be used for legitimate purposes such as statistical analysis, industry research, AI algorithm training, etc., without the user‘s consent.
7. User Rights
7.1 Access Rights
7.1.1 Users can log in to this Software account at any time to view their personal information (such as email, chat records, usage records, etc.), understand how information is collected, used, and stored, and ensure that users have the right to be aware of their information.
7.2 Correction Rights
7.2.1 If users find that their personal information is inaccurate or incomplete, they may request a correction through the relevant features of this Software or by contacting Customer Service at isankaev@margi2021eood.com. We will review and process the information within 3 working days to ensure the sourcing circumstances of the user’s information.
7.3 Right to Delete
7.3.1 Users may request the deletion of some or all of their personal information (including chat records). If deleting information affects the normal provision of the service, we will inform the user of the relevant impact, and after the user confirms, we will proceed with the deletion action to ensure the user‘s right to delete the information.
7.4 Right to Sign Out
7.4.1 Users can request to sign off their account through the relevant features of this Software. After the account is signed off, we will delete or anonymize all personal information processed by the user in accordance with the provisions of section 4.2.1 of this Policy. The account and related data cannot be recovered after signing off, and we respect the user‘s right to sign off their account.
7.5 Revocation of Consent
7.5.1 Users may revoke their consent to the collection, use, transmission, and disclosure of information at any time. Upon revoking the consent, we will stop the related information processing behavior, but without affecting the legality of information processing activities that were completed based on the user‘s consent before the revocation, ensuring the user‘s free choice.
7.6 Complaints and Right to Complaint
7.6.1 If users believe that their privacy rights have been infringed, they can submit a complaint or complaint through the contact email agreed in this Policy, and we will process and provide feedback on the processing results within 5 working days to provide users with effective channels for rights remedies.
8. Third-party services
8.1 Access to Third Party Services
8.1.1 This Software may integrate or link to third-party services (such as cloud storage services, data analytics services, payment services, etc.), third-party services may collect information about users, and third-party services may collect information in accordance with their own privacy policies and international data protection regulations.
8.2 Declaration of Responsibility
8.2.1 This Software provides only links or access channels to third-party services, does not control the information collection and use behavior of third-party services, nor assumes any privacy-related responsibility arising from third-party services. Users should take care of the privacy protection situation of third-party services on their own.
8.2.2 Before using third-party services, users should carefully read the third-party privacy policies, understand their information processing rules, and independently decide whether to use third-party services. If users develop privacy issues due to using third-party services, this Software is not related.
9. Policy Updates
9.1 Update Notification
9.1.1 As international laws, regulations, and treaties are updated, software functions are optimized, and operational requirements are changed, this Policy may be revised. After revisions, update notifications will be posted in prominent locations of this Software (such as the login page, settings page) to inform users of the changes in the Policy, ensuring that users are aware of the changes in the Policy.
9.2 Effective Time
9.2.1 After updating this Policy, it becomes effective from the date of publication. If users continue to use this Software, it is considered that they agree to the updated Policy; if users do not agree to the updated Policy, they should immediately stop using this Software and clarify the Policy’s effective rules.
9.3 Historical Versions
9.3.1 Users can view historical versions of this Policy through the relevant features of this Software to understand the record of changes to the Policy, ensuring the right of users to be informed.
10. Contact information and disclaimer
10.1 Contact information
10.1.1 If you have any questions, complaints, complaints, or need to exercise any rights related to this Policy, please contact us via the following email address: isankaev@margi2021eood.com. We will respond and handle them promptly to provide you with a convenient communication channel.
10.2 Disclaimer
10.2.1 This Software assumes no responsibility for the leakage, loss, or tampering of user information due to irresistible forces (such as natural disasters, network disruptions, hacking attacks, etc.), and irresistible forces must comply with standards defined by international common law.
10.2.2 Users are solely responsible for information security risks resulting from their own misconduct (such as leaking account passwords, improperly sharing personal information, using unofficial versions of software, etc.).
10.2.3 This Software assumes responsibility only for the security of user information collected, processed, and stored by itself, not for the security of information provided by third-party services, and clearly divides responsibility.
This policy comes into effect from the date of publication. The final interpretation rights belong to the entity operating the Elaris software, and are implemented in accordance with international general data protection laws, regulations, and treaties.