Welcome to the Spark software (hereinafter referred to as “This Software”) and related artificial intelligence interaction services (hereinafter collectively referred to as “These Services”). This Privacy Policy (hereinafter referred to as “This Policy”) is designed to explain to you how we collect, use, store, protect, and disclose your personal data, as well as the relevant rights you enjoy as a data subject. Please carefully read and fully understand all the terms of this Policy before accessing, registering, or using this Software and these Services. Your access, registration, or use of this Software and these Services is considered as having read, understood, and agreed to accept the constraints of this Policy.
Contact: If you have any questions, complaints or suggestions regarding this Policy or matters related to the processing of personal data, please contact us via the following email address: alvinwijaya219477@icloud.com
1. Definition and scope
1.1 Core Definitions
- 1.1.1 Personal Data: Means any information related to an identified or identifiable natural person, subject to international data protection regulations such as the General Data Protection Regulation (GDPR), including but not limited to your name, email address, user input information, device information, etc.
- 1.1.2 Data Processing: Means any operation or set of operations performed on personal data, including but not limited to the collection, recording, organization, structuring, storage, modification or modification, retrieval, consultation, use, disclosure, dissemination, etc.
- 1.1.3 Data Controller: Means a person, corporation, or other organization that determines the purpose and manner of processing personal data. The controller of this Software and the personal data related to this Service is the operating entity of this Software (hereinafter referred to simply as “we”).
- 1.1.4 User Input Information: Means various types of instructions or information, such as text, voice, images, etc., that you submit to the Software during the use of this Service.
- 1.1.5 Anonymized Data: Means information that after processing cannot identify a specific natural person, and cannot be re-identified in a reasonable manner, such information does not belong to personal data.
1.2 Applicability Scope
1.2.1 This Policy applies to all activities where we collect, use, store, protect and disclose your personal data through this Software and Services.
1.2.2 This Policy does not apply to third-party services (such as third-party logins, payments, and sharing functions). The processing behavior of personal data resulting from your use of third-party services is carried out by third parties in accordance with their own privacy policies, and we take no responsibility for it.
2. Collection and use of personal data
2.1 Types of Personal Data Collected and Purposes
- 2.1.1 Account Registration and Authentication Related Data: To complete account registration and authentication, we may collect information such as your email address, username, and third-party account unique identifier (if you choose to log in to a third-party account). The purpose of such data collection is to provide you with stable account service and identify the account subject.
- 2.1.2 User Input Information: To provide you with core services such as AI chat interactions, content generation, and information queries, we collect user input information such as text, speech, and images submitted by you during the use of this service. The purpose of collecting this information is to understand your needs and generate AI output content that meets your needs.
- 2.1.3 Device and usage behavior data: To optimize service quality and ensure service security, we may collect information such as your device model, operating system version, IP address, usage time, and interaction frequency. The purpose of collecting such data is to analyze service usage, troubleshoot service failures, and prevent security risks.
- 2.1.4 Sensitive Personal Data: If you submit sensitive personal data, including biometric, health status, etc., during the use of this Service, we collect it only on the condition of obtaining your explicit consent, and we provide special protection strictly according to the requirements of relevant laws and regulations.
2.2 Legitimate basis for data use
2.2.1 Based on Your Consent: For user input information, sensitive personal data, etc., our processing behavior is based on your explicit consent. You can withdraw your consent at any time in the manner stipulated in this Policy, but this does not affect the legal data processing behavior performed based on consent prior to withdrawal.
2.2.2 For fulfilling contractual obligations: To provide you with account services, core interaction services, etc., our processing behavior is based on fulfilling service contractual obligations with you.
2.2.3 Based on Legitimate Interests: To ensure service security, optimize service quality, etc., our processing behavior is based on our legitimate interests, but these interests must not override your fundamental rights.
3. Storage and protection of personal data
3.1 Storage Period
- 3.1.1 We will store your personal data for the minimum period necessary to fulfill the processing purposes of this Policy agreement. After the storage period is exceeded, we will securely delete your personal data or anonymize it for processing.
- 3.1.2 For user input information that you choose to agree to use for model training, we will store it for no more than 5 years; if you choose not to agree to use it for model training, the related information will be stored for no more than 30 days, and will be deleted after the period expires. Legal and regulatory exceptions are provided.
3.2 Storage Location
3.2.1 We store your personal data on servers that comply with international data protection standards, located in the same legal data center where you use this service, and ensure that the data storage meets the requirements of local laws and regulations.
3.3 Security Measures
- 3.3.1 We adopt technical and administrative measures such as encrypted storage, transmission encryption, access control, and regular security audits to protect your personal data from unauthorized access, disclosure, tampering, or damage.
- 3.3.2 We strictly restrict access to personal data, authorizing only necessary personnel to access the relevant data while performing their work duties, and requiring them to comply with strict confidentiality obligations.
- 3.3.3 If a security incident such as a personal data leak occurs, we will immediately take remedial measures and promptly notify you and the relevant regulatory bodies as required by relevant laws and regulations.
4. Sharing, transfer and disclosure of personal data
4.1 Sharing
4.1.1 We will not share your personal data with any third party unless otherwise required by law and regulation or with your explicit consent.
4.1.2 To provide necessary technical support, service optimization, etc., we may share necessary personal data with third-party service providers, but we will sign strict confidentiality agreements with third parties, require them to use the data only within the agreed limits, and monitor their data processing behavior.
4.2 Transfer
4.2.1 We will not transfer your personal data to any third party without your explicit consent.
4.2.2 If the transfer of personal data is necessary due to business mergers, acquisitions, bankruptcy liquidations, etc., we will notify you in advance and ensure that the beneficiary continues to comply with the relevant provisions of this Policy, ensuring that your personal data rights are not compromised.
4.3 Disclosure
4.3.1 We only disclose your personal data in the following circumstances: (1) to comply with applicable laws and regulations, judicial rulings or administrative orders; (2) to protect our legitimate interests and yours or other third parties; and (3) to respond to public safety, public interest-related emergencies.
5. Rights of Data Subjects
5.1 Core Rights Content
- 5.1.1 Access Rights: You have the right to request that we provide you with information related to the processing of your personal data, including the types of personal data, sources, purposes of processing, methods of processing, etc.
- 5.1.2 Correction Right: You have the right to request us to correct or supplement your inaccurate or incomplete personal data.
- 5.1.3 Right to delete (right to be forgotten): In certain circumstances (e.g., processing purposes have been achieved, you withdraw your consent, etc.), you have the right to request us to delete your personal data.
- 5.1.4 Data Portability Rights: You have the right to request that we provide your personal data in a structured, commonly used and machine-readable format, and the right to transfer such data to other data controllers.
- 5.1.5 Revocation of Consent: You have the right to revoke your consent to the processing of personal data at any time, revocation of consent can be completed through the convenient option action in the settings interface of this Software (action steps do not exceed 4 steps) or by contacting our Customer Service email address.
- 5.1.6 Restriction of processing rights: In certain circumstances, you have the right to request us to restrict the processing of your personal data.
5.2 How your rights are exercised
5.2.1 You can submit requests to exercise your rights to us through the relevant functional modules in this Software or through the contact email specified in this Policy. We will respond to them within the legal and regulatory limits and notify you of the processing results.
5.2.2 If you are dissatisfied with the results of our response, you have the right to lodge a complaint with the relevant data protection regulator in your locality.
6. Data Protection for Minors
6.1.1 We do not actively collect personal data from minors under the age of 13 or the minimum age of use stipulated in the country/region of residence. If a minor uses this Service and submits personal data without parental or legal guardian‘s permission, their parents or legal guardians have the right to contact us to request the deletion of the relevant data.
6.1.2 For minors who have parental or legal guardian‘s permission to use this Service, we will take additional security measures to strictly limit the scope of collection and use of personal data to ensure the safety of the minors‘ personal data.
7. Special Conditions for Personal Data Used for Model Training
7.1 Authorization Methods
7.1.1 For your user input information, we do not use it for AI model training by default. If you agree to use the relevant information for model training to optimize service quality, you can actively turn on the authorization option through this software settings interface.
7.1.2 User input information from paid users is not used for model training by default, unless you actively choose to agree.
7.2 Training Data Processing
7.2.1 If you agree to use user input information for model training, we will strictly de-identify the data to ensure that specific individuals cannot be re-identified before being used for training.
7.2.2 You may revoke your authorization for model training at any time. Upon revocation, we will stop using your subsequent user input information for training and process the collected relevant data according to the storage period stipulated in this policy.
8. Notes Related to Third Party Services
8.1.1 This Software may contain links to third-party services or integrates third-party functions (such as third-party login, payment, sharing functions), and third-party services may collect your personal data.
8.1.2 The processing of personal data by third-party services is not our concern and we take no responsibility for it. We recommend that you carefully read the third-party privacy policy before using third-party services to understand their data processing rules.
9. Policy Updates and Notifications
9.1 Policy Updates
9.1.1 We have the right to update this Policy in accordance with changes in laws and regulations, business development needs, etc. The updated Policy will be published in prominent locations in this Software, including but not limited to in-Software pop-ups, bulletin board posts, etc.
9.1.2 If there are significant changes to this Policy, we will notify you in a more significant way (such as by sending you a separate notice) that your continued use of this Service signifies your consent to the updated Policy.
9.2 Notification Methods
9.2.1 The various notifications we send to you related to this Policy can be delivered through in-software messages, email, notices, etc., and notifications are considered delivered from the date of issuance.
10. Dispute Resolution and Applicable Law
10.1 Applicable Law
10.1.1 The establishment, execution, interpretation and dispute resolution of this Policy are governed by the principles of international civil business law and by the laws and regulations in force in the country where you are using the Services (without conflict).
10.2 Dispute Resolution
10.2.1 Any disputes arising from or related to this Policy should first be resolved through friendly negotiation; if negotiation fails, either party has the right to file a lawsuit in the courts with jurisdiction where the entity operating this Software resides.
11. Other Terms
11.1 Divisibility
11.1.1 If any provision of this Policy is deemed to be invalid, unenforceable, or void of legal force, this does not affect the validity, enforceability, and legal force of the other provisions.