Thank you for choosing YumiAI Platform (“YumiAI”, or the “Platform”). YumiAI platform and related services are provided to you in the form of web pages, applications (which may include different versions), browser plugins, mini-programs, software development kits (SDKs) for use by third-party websites and applications, application programming interfaces (APIs), and innovative forms that may emerge with technological development. These products and services include, but are not limited to, platforms with “AI interactive dialogue” as the core function and other functions (collectively the “Services”). This service is currently in the internal testing stage. The future operator is expected to be YumiAI AI Tech Inc. (“We”), which is in the process of registration.
We value your privacy and are committed to protecting your personal data. This Privacy Policy (“Policy”) explains how we collect, use, share, and safeguard your personal information when you access or use the Services, including any site or platform that links to this Policy.
This Privacy Policy applies to personal data collected by us through the YumiAI Platform, our mobile application, desktop software, official website, and any other features, functionalities, or services provided now or in the future (collectively, the “Services”).
This Policy describes:
The types of personal information we collect and how we collect it;
How we use your personal information and the legal bases for doing so;
How we share your information and with whom;
Your privacy rights under applicable laws, including GDPR and U.S. privacy laws (such as CCPA/CPRA); and
How we protect your information and how long we retain it.
By accessing or using the Services, you acknowledge and agree to this Policy. If you do not agree, please do not use our Services.
Please note that this Policy does not cover third-party products, services, websites, or content (“Third-Party Services”). These are subject to their own privacy policies, and we recommend reviewing their privacy statements before using them.
We may collect the following information from and about you, including information that you provide, automatically collected information, and information from other sources.
When you interact with our Services, you may provide certain personal information voluntarily, including but not limited to:
Registration Information: When you register for an account, we may collect details such as your username, password, date of birth (where applicable), email address, and/or telephone number. If you register as a representative of an organization, we may also collect your name, business email address, phone number, country, physical address, and, if applicable, your organization’s details.
User Content: We collect the content you create, upload, generate, or otherwise make available through the Services. This may include profile information (such as nickname and avatar), user-generated content, images, prompts, and any other material you create and/or share using the Services.
Payment Information: When you purchase Paid Services (as defined in our Terms of Service), we use third-party payment processors to handle your payment transactions. These providers may collect your credit card details or other financial information. We do not store your full payment card details, but we may retain transaction confirmation or records required for compliance and accounting purposes.
Correspondence Information: When you contact us for support, feedback, or inquiries—whether by email, chat, or other communication channels—we collect the information you choose to provide, including the content of your messages and any associated details.
Surveys and Promotions: With your consent, we may collect information when you participate in surveys, research studies, promotions, marketing campaigns, or events that we organize or sponsor.
When you interact with our Services, including when you browse without creating an account, we automatically collect certain information about your device and usage patterns. This may include:
a) Technical and device information: We may collect details such as your IP address, browser type, user agent, mobile carrier, time zone, device identifiers (including identifiers used for advertising), device model, operating system, network type, and screen resolution.
b) Usage information: We log information about your activity within the Services, including the pages or content you view, the duration of your interactions, access times, navigation paths, clicks, searches, and the referring URL (the website you visited before landing on our Services).
c) Location Information: We may infer the general geographic area (e.g., country, region, or city-level) from your device’s IP address or similar network signals. We use this information to help protect your account (for example, by detecting unusual login activity), apply regional settings (such as language, time zone, or content availability), comply with geo-based legal requirements, and improve the relevance and quality of the responses and features you experience in the Services. With your permission, we may collect your precise location information for location-based functions.
d) Cookies and Similar Technologies: We use cookies, mobile IDs, and other similar technologies to operate and optimize the Services, enable us to provide certain features and functionality, and enhance your experience using the Services. You can manage or disable cookies through your browser or device settings.
e) We use ClkLog Analytics to help us understand how users interact with our Services. You can learn about how ClkLog uses your data and how to opt-out of ClkLog Analytics by visiting https://github.com/clklog/clklog.
f) Our Services currently do not respond to “Do Not Track” (DNT) signals from web browsers.
If you choose to register for or access the Platform using a third-party account (such as Apple or Google), we may receive certain information from that third party, including your username, public profile details, and any other information you authorize the third party to share with us. Similarly, we may share limited information with the third-party provider to enable authentication and account linkage, such as your app ID, access token, and referring URL.
We may use your information to operate, provide, support and administer the Platform and Services, enable their features, secure your account, and to fulfill, enforce, and comply with our Terms of Service. In particular, we use personal information for the following purposes:
a) Verify eligibility and age requirements to ensure you are legally permitted to use the Services.
b) Provide, operate, and maintain the Services, including core functionality and account features.
c) Fulfill your requests for products, Services, functionality, support, and information; and perform internal operations such as troubleshooting, data analysis, testing, research, statistics, surveys, and soliciting feedback to improve the Services.
d) Display, recommend, or otherwise promote your content to other users, consistent with your settings and the design of the Platform.
e) Communicate with you, including sending notices about changes to the Services, Terms, or policies.
f) Provide customer support and respond to questions, requests, complaints, and feedback.
g) Process transactions and support sales, promotions, purchases, subscriptions, refunds, and related user support functions.
h) Protect the Platform and our community by safeguarding security and defending our legal rights, property, commercial interests, and those of our affiliates, users, and the public.
i) Enforce our terms, conditions, and policies and meet legal and regulatory obligations.
j) Detect, investigate, and help prevent abuse, fraud, and illegal activity, including scanning, analyzing, and reviewing User Content and associated metadata for policy violations.
k) Use your information for additional purposes that are disclosed at the time of collection, with your consent, or as otherwise permitted by applicable law.
Where the GDPR or other data protection laws apply, we must identify a lawful basis before processing your personal information. Depending on the context, we process personal information under one or more of the bases below.
a) Performance of a Contract. We process personal information as needed to enter into, perform, and administer our Terms of Service with you—this includes creating and managing your account, providing core Services and features, processing payments or subscriptions, delivering content you request, and responding to service-related inquiries.
b) Consent. We rely on your consent where required by law or where we offer optional features. Examples include: subscribing to marketing emails; participating in surveys or beta programs; or allowing us to access certain device data (e.g., precise location, if ever enabled). You may withdraw your consent at any time using available settings or by contacting us (see Contact Us). Withdrawal will not affect processing that occurred before withdrawal.
c) Legal Obligations. We process personal information to comply with laws and regulatory requirements—for example, tax and accounting rules, responding to lawful requests from public authorities, verifying identity where required (e.g., fraud, sanctions, or anti-money-laundering checks if applicable), or honoring data subject rights under privacy laws.
d) Legitimate Interests. We process personal data where necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by your fundamental rights and freedoms. These interests include securing and protecting our Services and business; preventing fraud, abuse, or misuse; developing and improving our products and services; and marketing our Services (where consent is not required).
e) Protection of Vital Interests (Infrequent). In rare cases, we may process personal information to protect the vital interests of an individual—for example, responding to an urgent safety issue that involves risk of serious harm.
f) Establishment, Exercise, or Defense of Legal Claims. We may process relevant personal information as needed to assert or defend legal claims, manage disputes, or protect our rights, users, affiliates, or the public.
g) Other Permissible Grounds. If applicable local law provides additional lawful bases for processing, we will rely on those where appropriate and will identify them at the point of collection. We may aggregate or de-identify personal information so that it can no longer reasonably identify you. We use such information for purposes described in this Policy, including analyzing usage trends, improving or adding features, and conducting research.
We typically act as a “data controller” (under GDPR) or “business” (under CCPA/CPRA) for the personal data we collect to provide and manage the Services for you. However, when we process personal data on behalf of our business customers pursuant to our agreements with them (e.g., when a company provides its employees access to our Platform), we act as a “data processor” or “service provider.” In such cases, our processing is governed by our contracts with those customers, not this Privacy Policy.
We do not sell your personal information. However, we may share it with third parties for the purposes described in this Policy and as permitted by law. This may include the following categories of recipients:
We engage trusted third-party vendors and partners to help us operate, improve, and support the Services. These may include:
Payment processors that handle transactions securely
Hosting and cloud service providers that store and manage our infrastructure
Analytics and measurement providers to help us understand performance and usage
Advertising and marketing partners, where allowed by law and in line with your preferences
All such third parties are bound by strict contractual obligations to process data only on our behalf and in accordance with this Policy.
We may share your information with companies within our corporate group, including subsidiaries, parent entities, and affiliates under common ownership or control. Such sharing enables us to:
Operate and optimize the Services
Improve products and features
Conduct internal reporting and business planning
Where applicable, these entities may be located outside your home country. In such cases, we implement appropriate safeguards for international data transfers (see International Transfers below).
We may disclose your information to law enforcement, regulators, courts, or other third parties when we believe in good faith that disclosure is necessary to:
Comply with applicable law, legal processes, or lawful requests
Enforce our Terms of Service and other agreements or investigate potential violations
Detect, prevent, or address fraud, security, or technical issues
Protect the rights, property, or safety of our company, users, or the public
Establish, exercise, or defend legal claims
Your information may be shared or transferred in connection with a corporate transaction, such as:
A merger, acquisition, or sale of assets
Financing, restructuring, or reorganization
Bankruptcy, insolvency, or receivership
If such a transaction occurs, we will require the recipient to honor this Privacy Policy or provide equivalent protection.
We may share your information with third parties for other purposes if you consent or direct us to do so. Where required by law, we will obtain your explicit consent before sharing.
The personal information we collect may be stored and processed on servers located outside the country where you reside. Currently, we store data on secure servers in United States, but we may also engage affiliates and service providers in other countries to support our operations.
When we transfer your personal information across borders for any purpose described in this Policy, we do so in compliance with applicable data protection laws and implement appropriate safeguards to protect your information.
If you access the Services from the EEA, United Kingdom, or Switzerland and your personal information is transferred to a country that has not been deemed to provide an adequate level of data protection, we implement appropriate safeguards as required by law. These include the European Commission’s Standard Contractual Clauses (and the UK Addendum or other approved transfer tools, as applicable), supplemented by technical and organizational measures designed to protect your data.
You can view and update most of your profile information at any time by signing into your account. Additional privacy controls are available in Settings, where you can manage certain preferences and permissions.
Depending on your location and applicable law, you may have the following rights regarding your personal information:
a) Access and Confirmation. You can request confirmation as to whether we process your personal information and obtain a copy of the data we hold about you.
b) Rectification. You have the right to request that we correct inaccurate or incomplete personal information.
c) Erasure (“Right to be Forgotten”). In certain circumstances, you can request that we delete your personal information, subject to legal or contractual obligations.
d) Restriction of Processing. You may request that we limit the processing of your personal information in specific situations.
e) Data Portability. Where technically feasible, you can request a copy of your personal information in a structured, commonly used, and machine-readable format and ask us to transfer it to another controller.
f) Withdrawal of Consent. Where processing is based on your consent, you have the right to withdraw it at any time. This will not affect the lawfulness of processing before withdrawal.
g) Opt-Out of Sales and Targeted Advertising (U.S. Residents). If you are covered by U.S. state privacy laws such as the CCPA/CPRA, you may have the right to opt out of the sale or sharing of your personal information or its use for cross-context behavioral advertising.
h) Objection to Processing. In some cases, you may object to our processing of your personal information, including for direct marketing purposes.
i) Complaints. You have the right to lodge a complaint with your local data protection authority if you believe your privacy rights have been violated. If you have questions about these rights or how to exercise them, please contact us at service@yumiai.com. We will respond to your request in accordance with applicable laws.
California residents may have the following rights, subject to certain limitations:
a) The right to know what personal information we have collected, used, disclosed, and sold.
b) The right to request deletion of your personal information.
c) The right to correct inaccurate personal information.
d) The right to opt-out of the “sale” or “sharing” of your personal information (as those terms are defined under CCPA/CPRA). We do not sell your personal information for monetary compensation. However, like many companies, we use advertising and analytics services that may be considered a “sale” or “sharing” under California law. You can opt-out by visiting our ‘Do Not Sell or Share My Personal Information’ link in the website footer.
e) The right to limit the use and disclosure of sensitive personal information (we do not use or disclose sensitive personal information for purposes beyond those allowed by the CCPA).
f) The right to not receive discriminatory treatment for exercising your privacy rights.
g) Verification: To process your request, we will need to verify your identity. We may ask for information such as your name, email address, and account ID.
h) Authorized Agents: You may designate an authorized agent to make a request on your behalf. We will require the agent to provide proof of your written permission or power of attorney. We may still need to verify your identity directly.
No Absolute Security. We maintain reasonable technical and organizational measures designed to protect the personal data you provide. However, We cannot guarantee that your personal data will be absolutely secure, any transmission is at your own risk.
To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
We recommend you take precautions to protect your personal data and be careful about sending sensitive data to us via unencrypted email.
We generally retain your information for as long as it is necessary to serve the purpose(s) for which such information was collected, including to provide you with the Services. However, there are occasions when we are likely to keep this information longer in accordance with our legal obligations or where it is necessary for the establishment, exercise, or defense of legal claims.
After you have terminated your use of our Services, we may store your information in an aggregated and anonymized format. Notwithstanding the foregoing, we may also retain any information as reasonably necessary to comply with our legal obligations, to allow us to resolve and litigate disputes, and to enforce our agreements.
The Services are not directed at children under the age of 13 (or equivalent minimum age in the relevant jurisdiction). If you believe that we have personal data about or collected from a child under the relevant age, please contact us at service@yumiai.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by means of a notice within the Services or by other reasonable methods. The “Last Updated” date at the top of this Policy indicates when the changes take effect.
We encourage you to review this Policy periodically. By continuing to access or use the Services after the effective date of an updated Policy, you agree to the revised terms. If you do not agree with the updated Policy, you should discontinue using the Services.
If you have any questions or concerns about this Policy or our practices related to the protection of personal information, please feel free to contact us at service@yumiai.com.
We aim to respond to privacy requests within 15 days after verifying your identity. For complex requests, we may require additional information to assist you effectively.
Please contact us first if you believe we have processed your personal information in a manner inconsistent with this Policy or applicable law. We will review and address your concern as promptly as we reasonably can.
This does not affect your right to:
Lodge a complaint with your local data protection authority.
Pursue other remedies available to you under applicable law or under the dispute resolution process described in our Terms of Service.