Privacy Policy

Last modified: October 2024

Interest based advertising: to learn more about data disclosure click here
Opt-out options: DO NOT USE MY DATA

I. INTRODUCTION. REGIONAL PATTERNS (CALIFORNIA)

AIBY Inc. (“we,” “us” or “our”) takes your privacy seriously. This Privacy policy (“Privacy policy”) explains our data protection policy and describes the types of information we may process when you install and/or use “ChatOn” software application for mobile devices (the “App”, “our App”).

When we refer to personal data (or personal information) we mean any information of any kind relating to a natural person who can be identified, directly or indirectly, in particular by reference to such data.

It is a natural person who can be identified directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social status.

Our Privacy policy applies to all users, and others who access the App (“Users”).

PLEASE READ THE FOLLOWING PRIVACY POLICY, FOR INFORMATION REGARDING THE WAYS YOUR PERSONAL INFORMATION MAY BE PROCESSED, CAREFULLY. WHEN YOU USE THE APP YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS.

IF YOU ARE A CALIFORNIA RESIDENT PLEASE READ THE FOLLOWING IMPORTANT NOTICE

Under the California Consumer Privacy Act of 2018 (CCPA) California residents shall have the right to request:

  • the categories of personal information that is processed;

  • the categories of sources from which personal information is obtained;

  • the purpose for processing of user personal data;

  • the list and categories of third parties with whom we may share your personal information;

  • the specific pieces of personal information that we might have obtained about a particular user provided that the data provided in the request is reliable enough and allows to identify the user.

Please use the navigation links through this Privacy policy:

PERSONAL INFORMATION

All about the categories of information, its sources and purposes of processing >>

Please mind that according to CCPA personal information does not include de-identified or aggregated consumer information.

SHARING

How your information can be shared >>

Please note that all third parties that are engaged in processing user data are service providers that use such information on the basis of agreement and pursuant to business purpose.

OPT-OUT OPTIONS

If you don’t want us to process your personal information any more please contact us through the contact form. In most cases there is no way to maintain the App’s further operating without functional data therefore you will be advised to remove the App from your device.

If you don’t want us to share device identifiers and geolocation data with service providers please check your device settings to opt out as described below >>

REQUESTS

To submit a verifiable consumer request for access, portability or deletion of personal data please contact us through the contact form. Please include in the text of your appeal the wording "Your rights to maintain confidentiality in the state of California”.

When submitting a verifiable request, you should be ready to:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: name, address, city, state, and zip code and email address. We may use this information to surface a series of security questions to you to verify your identity. If you are making a request through an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney, signed by you.

  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We will not be able to respond to your request or provide you with personal information if we cannot: (i) verify your identity or authority to make the request; or (ii) confirm that the personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also carry out checks, including with third party identity verification services, to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scam request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the purpose described above and delete after the purpose is fulfilled.

We try to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Please note that we are only required to respond to two requests per customer each year.

EQUAL RIGHTS

Nothing in the way we deal with your request shall be interpreted as discrimination, which means that we will not set up different pricing or products, or different level or quality of services for you, if you choose to exercise your rights. However, in some circumstances, we may not be able to provide services if you choose to delete your personal information from our records.

SALE OF DATA

We do not sell any of your personal data to third parties.

II. INFORMATION WE PROCESS

There are several categories of information that can be processed.

Functional Information

We ask for and process the following information when you use the App. This information is necessary for the adequate performance of the contract between you and us. Without such information it is impossible to provide complete functionality of the App and perform the requested services.

  • Your Email Address is recorded if you purchased a subscription on the App’s Website and want to use the premium features of the App. In this case you have to sign in into your ChatOn account if you already have one or create a new account within the App.

    We also record your email address if you create a ChatOn account by providing your email address (“enter your email” option on the Account page) and going through a verification process. You may also choose to sign in to the App with your Apple or Google account using the “Continue with Apple” or “Continue with Google” button on the Account page. In this case the information related to your Apple ID/Google account credentials shall be used to sign in to your ChatOn account.

    Please note that we DO NOT access, use, store or share your Google user data. Authorization is performed via OAuth 2.0 which is a safe protocol implemented by Google to access Google API and obtain access tokens for users. Google API allows you to sign in to our App using your Google Account. If you have any inquiries regarding how your user data is used via Google API, you should address Google directly (please check Section IV for contact details).

    We use your email address to identify your subscription purchases and send you invoices for them. Your email address may also be used for a different purpose, please check the subsection “Email Communications” of this Privacy policy.

  • User Content (i. e. the text you enter into the message field, PDF-files you attach and send to the App, as well as any text, other content generated by AI via the App). Subject to your compliance with certain rules and restrictions outlined in our Terms of Use, you may dispose of, use, share, otherwise exploit your User Content for your own purposes. However, any use of User Content is at your sole risk, i. e. you assume and bear all risks and responsibility associated with your use of User Content. It is your sole responsibility to ensure compliance with the applicable laws while using the User Content. Please note that we engage third party service providers - OpenAI, L.L.C., Stability AI, Ltd. and Anthropic, PBC - for the purpose of processing and creation of AI-generated User Content. If you choose to try the “Ask the Web” feature, your Input Content will be processed by our third-party service providers - Microsoft Corporation and Google LLC - for the purposes of obtaining Internet search results pertinent to your Input Content and updating your Output Content accordingly. Please check Section IV to learn more about the privacy policy and practices of OpenAI, L.L.C., Anthropic, PBC, Stability AI, Ltd., Microsoft Corporation and Google LLC.

  • Contact Information (name, e-mail address, as well as any other content included in the email) which you may fill in by yourself when you contact us via email, support form. We collect, store and process it by our cloud storage provider (Amazon.com, Inc.). We use such information to respond effectively to your inquiry, fulfill your requests, send you communications that you request and perform the requested services.

Information That Is Processed Automatically

On the basis of your permission we use third-party automatic data processing technologies (advertising or analytics tools) to analyze certain information sent by your device via our App (Identity For Advertisers). Some integrated advertising or analytics tools (check Section IV to see the list of them) launch automated processing of your personal data, including profiling, which means any form of automated processing of personal data used to evaluate certain personal aspects relating to you, in particular to analyze or predict aspects concerning your personal preferences, interests, behavior, location or movements (see the list of data described below). Processing information through automatic data processing technologies starts automatically once you allow our App to track your activity. You can withdraw your permission at any time - please check opt-out options in Section VIII below.

We may process some information about your device and your user behavior on the ground of our legitimate interest. This information falls within categories of data described above in Subsection “Information That Is Processed Automatically”, it is generally non-personal, i.e. it does not, on its own, permit direct association with any specific individual, and we may access it only in aggregated form. We use this information for improving our App and giving our users the best experience.

  • Device Details. When you use a mobile device to access our App, some of the details about your device are reported, including “device identifiers”. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device (but not your personality). Device identifier enables generalized reporting or personalized content and ads by the third parties.

    What data can be processed:

    • Information about the device itself: type of your device, type of operating system and its version, model and manufacturer, screen size, screen density, orientation, audio volume and battery, battery life, loading time, latency, framerate, device memory usage.

    • Information about the Internet connection: mobile carrier, network provider, network type, IP address, timestamp and duration of sessions, speed, browser.

    • Location-related information: IP address, the country code/ region/ state/ city associated with your SIM card or your device, language setting, time zone, neighboring commercial points of interest (eg. “coffee shop”).

    • Other device identifiers: e.g. user identifiers (if they are set up by the App’s developer).

  • Information about the applications. Name, API key (identifier for application), version, properties of our App can be reported for automated processing and analysis. Some services also record the list of applications and/or processes which are installed or run on your device.

  • Cookies and similar technologies. When you use the App, cookies and similar technologies may be used (pixels, web beacons, scripts). A cookie is a text file containing small amounts of information which is downloaded to your device when you access the App. The text file is then sent back to the server each time you use the App. This enables us to operate the App more effectively. For example, we will know how many users access specific areas or features within our App and which links or ads they clicked on. We use this aggregated information to understand and optimize how our App is used, improve our marketing efforts, and provide content and features that are of interest to you. We may ask advertisers or other partners to serve ads or services to the App, which may use cookies or similar technologies.

  • Log file information. Log file information is automatically reported each time you make a request to access the App. It can also be provided when the App is installed on your device. When you use our App, analytics tools automatically record certain log file information, including time and date when you start and stop using the App, and how you interact with the App.

  • Ad-related information. The following data might be reported about the ads you can view: the date and time a particular ad is served; a record if that ad was “clicked” or if it was shown as a “conversion” event; what the ad offer is about; what type of ad it is (e.g., text, image, or video); which ad placement is involved (where the ad offer is displayed within the App); whether you respond to the ad.

  • In-App events. When you use our App, analytics tools automatically record in-App information (tutorial steps, leveling up, payments, in-app purchases, custom events, progression events, method of limiting the processing of user data).

Information provided automatically to advertising or analytics tools does not generally come to our control, therefore we cannot be responsible for processing such information. Please mind that some services are engaged in personal data profiling and may obtain information related to your personality and/or your device by using technologies that do not belong to our scope of responsibility. In case when your user ID is linked to your Facebook account, Facebook may use your device information in association with categorized data that were already recorded in its databases (eg. your age, gender or other demographic indication). We do not control, supervise or stand surety for how the third parties process your personal data, that might be collected by their own means (not through our App). Any information request regarding the disclosure of your personal information should be directed to such third parties (see Section IV).

Payment Information

Our e-commerce provider (Apple) is responsible for billing, processing and charging for in-app purchases, handles your personal information and keeps it absolutely safe and secure. This information is processed as part of the performance of the contract between you and us. We cannot access or use your credit or debit card information.

You may access the applicable “in-app” purchase rules and policies directly from the app stores.

Email Communications

If you purchased a subscription on the App’s Website and activated it via “Sign In with Apple” in the App, we may use your email address to send you communications (newsletters) regarding special subscription offers, new features and functionalities and other news related to the App on the grounds of our legitimate interest. Sending you newsletters will allow you to stay up to date and receive the latest news about the App, including about the best price offers. You also hereby acknowledge and accept the treatment of some categories of your personal data (i. e. the information about your name that you provide us, subscription purchase date, geolocation data, activity information, etc.) for market analysis activities, particularly for the purpose of delivering you targeted communications (newsletters) that most align with your needs and interests. You may also unsubscribe, opt-out of receiving communications to your email address at any time by using the resignation link provided in each email you receive from us. Your unsubscribe request shall be honored within a reasonable period of time.

III. THE PURPOSES OF PROCESSING YOUR PERSONAL DATA

Our mission is to constantly improve our App and provide you with new experiences. As part of this mission, we use your information for the following purposes:

(a) To make our service available. We use functional information and information that is processed automatically to provide you with all requested services.

(b) To improve, test and monitor the effectiveness of our App. We use information that is processed automatically to better understand user behavior and trends, detect potential outages and technical issues, to operate, protect, improve, and optimize our App.

(c) To provide you with interest-based (behavioral) advertising or other targeted content. We may use information that is processed automatically for marketing purposes (to show ads that may be of interest to you based on your preferences). We provide personalized content and information to you, which can include online ads or other forms of marketing.

(d) To communicate with you. We use the contact information we have to communicate with you through newsletters, i.e. to send you marketing notifications, receive your feedback about our App experience, and let you know about our policies and terms. We also use your information to respond to you when you contact us.

(e) To prevent fraud and spam, to enforce the law. We really want our App to be free of spam and fraudulent content so that you feel safe and free. We may use your information to prevent, detect, and investigate fraud, security breaches, potentially prohibited or illegal activities, protect our trademarks and enforce our Terms of Use.

If any new purposes for processing your personal data arise we will let you know we start to process information on that other purpose by introducing the corresponding changes to this Privacy policy.

IV. SHARING OF YOUR INFORMATION

We will share your information with third parties only in the ways that are described in this Privacy policy. We adhere to the U.S. Digital Advertising Alliance’s Self-Regulatory Principles for the Mobile Environment.

Please note that while integrating external services we choose third parties that can assure they apply all necessary technical and organizational measures to protect user personal data. However, we cannot guarantee the security of any information transmitted from us to any such third party. We are not responsible for any accidental loss or unauthorized access to your personal data through a fault of third parties.

We will not rent or sell your personal data to any third parties, but we may share your information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that provide automatic data processing technologies for the App. We do not control or influence these third parties’ tracking technologies or how they may be used.

We may also share certain information such as cookie data with third-party advertising partners. This information allows third-party ad networks, inter alia, to deliver targeted advertisements that they believe will be of most interest to you.

We may engage the following third-party service providers in order to provide us with necessary infrastructure for delivery and improvement of our services:

Entity name Services performed Entity location Link to Privacy Policy
Amazon.com, Inc. Cloud storage provider U.S.A.

https://services.amazon.com/privacy-policy.html

https://aws.amazon.com/compliance/data-privacy-faq/?nc1=h_ls

Amplitude Inc. Analytics service provider U.S.A. https://amplitude.com/privacy
Anthropic, PBC AI-generated content provider U.S.A. https://console.anthropic.com/legal/privacy
To learn more information about applicable license terms with respect to User Content, visit https://console.anthropic.com/legal/terms
AppsFlyer Inc. Analytics service provider U.S.A. https://www.appsflyer.com/legal/services-privacy-policy/
Firebase (Google LLC) User authentication, analytics and marketing service provider U.S.A.

https://policies.google.com/privacy

https://firebase.google.com/support/privacy?hl=en

Facebook (Meta Platforms Inc.) Analytics / ad management service provider U.S.A.

https://www.facebook.com/privacy/explanation

Google LLC Internet search results provider U.S.A.

https://policies.google.com/privacy

Microsoft Corporation Internet search results provider U.S.A.

https://privacy.microsoft.com/en-us/privacystatement

OpenAI, L.L.C. AI-generated content provider U.S.A. https://openai.com/privacy/
To learn more information about applicable license terms with respect to User Content, visit https://openai.com/terms/
Stability AI Ltd. AI-generated content provider UK

https://stability.ai/privacy-policy

Qonversion Inc. In-App subscription implementation and revenue analytics service U.S.A. https://qonversion.io/page/privacy

In case you want to learn more about the services and privacy options (including opt-out) please consult the correspondent websites and privacy policies.

Our App may contain links to third-party websites/services or you may access the App from a third-party site. We are not responsible for the privacy practices of these third-party sites or services linked to or from our App, including the information or content contained within them.

We may disclose your personal information if it is needed for objective reasons, due to the public interest or in other unforeseen circumstances:

  • as required by law;

  • when we believe, in good faith, that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

  • if we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via prominent notice in our App of any change in ownership or your personal information usage, as well as any choices you may have regarding your personal information.

V. INTERNATIONAL DATA TRANSFERS

We work in the cross-border area and provide our App to our Users around the world.

We and third-party organizations that provide automatic data processing technologies for the App or our third-party advertising partners may transfer the automatically processed information across borders and from your country or jurisdiction to other countries or jurisdictions around the world.

If you are located in the European Union or other regions with laws governing data processing that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as in your jurisdiction.

This means that your personal information can be transferred to a third country, a territory or one or more specified sectors within that third country, or to the international organization where data protection and confidentiality regulations may not provide the same level of protection of personal data as your country does.

We try to make sure that the recipient of any personal data provides a proper protection of the personal data received, in accordance with the current legislation on the protection of such information. By using the App, you agree that we may transfer your personal data to any third country, a territory or one or more specified sectors within that third country, or to the international organization.

For the purposes of data storage, we recourse to the services of the hosting organizations. We take your privacy seriously and, therefore, encrypt your personal data - if possible - before sending it to the hosting organizations for the purposes of its storage. Please note that we cooperate only with those hosting organizations that have passed our security and reliability check.

VI. HOW LONG WE USE YOUR PERSONAL DATA

We generally retain your personal information for as long as is necessary for performing the functional service of the App and to comply with our legal obligations. If you no longer want us to use your information that we physically access and store, you can request that we erase your personal information and close your account.

However, some data may still be stored for a certain time period (but no longer than the storage purpose requires) if information is necessary to comply with legal obligation (taxation, accounting, audit) or in order to maintain safety and data backup settings, prevent fraud or other malicious acts.

VII. EXERCISING YOUR RIGHTS

Applicable data protection laws give you certain rights regarding your personal information. You have the following options in relation to your personal information that was collected:

  • Data Access and Portability. You can request copies of your personal information.

  • Change or Correct Data. Where you cannot update data by yourself through your account, you have the right to ask to correct, change, update or rectify your data.

  • Data Retention and Deletion. The user data is generally retained for as long as your user profile is in existence or as it is needed to provide the relevant services. However, specific retention times can vary based on context of the processing performed. You have the right to ask to delete all or some of the personal data that is held about you.

  • Restriction of Processing. Under certain circumstances, you may have the right to limit the ways in which your personal information is used.

  • Exercising the right to know about data sharing. You have the right to know whether your data is shared with third parties. Detailed information on this issue is contained in section IV of the present Privacy policy, however, if you have further questions in this regard, you can contact us at any time.

To exercise any of the rights described above, you can contact us through contact form. Please bear in mind that we ensure the above mentioned rights only with respect to the information that we physically access and store.

You also have the right to lodge a complaint with your local data protection or a supervisory authority if you reasonably believe that your rights under applicable data protection laws have been breached. Please note that when you exercise your right to lodge a complaint with your local data protection or a supervisory authority, you may be required to provide additional information and support your complaint with sufficient objective evidence. By lodging a complaint you agree to provide sufficient explanation as to what you believe impaired your rights. Additionally, in some cases prior to lodging a complaint with your local data protection or a supervisory authority, you may be required to send your initial claim directly to us and ask for clarifications if necessary.

When your personal information is processed automatically you may object to such processing in some circumstances. Where your personal information is processed for direct marketing purposes, you may ask to cease processing your data for these direct marketing purposes. In order to exercise your right please contact the third party services listed in the Section IV of this Privacy policy to learn how you can object to processing your data. Most of them have clear instructions on their privacy pages, functional API or other options.

If you are located in the European Union, you may address our representative when you have questions on privacy issues: Konrad Gutowski, privacy@aiby.com.

VIII. HOW TO OPT OUT

Opt-out of marketing tracking

You can manage your activity tracking permissions. Inter alia, if you do not want third-party service providers to use the personalized ads on the basis of your interests please follow the instructions below:

  • Go to Settings > Privacy & Security (or “Privacy” in earlier versions of iOS) > Tracking, then tap to turn off or turn on permission to track for a specific app. You can also control whether apps can ask for permission to track your activity. If you do not want to be asked for your permission, or do not want apps to access your device’s Advertising Identifier, go to Settings > Privacy & Security (or “Privacy” in earlier versions of iOS) > Tracking and then disable the “Allow Apps to Request to Track” switch. If you turn off "Allow Apps to Request to Track", you will not get prompts from apps that want to track your activity. Each app that asks for permission to track while this setting is turned off will be treated as if you tapped “Ask App Not to Track”. Please find additional information here: https://support.apple.com/en-us/HT212025 or in the Settings > Privacy & Security (or “Privacy” in earlier versions of iOS) > Tracking section on your device. If you want to disable Apple’s ad targeting, go to Settings > Privacy & Security (or “Privacy” in earlier versions of iOS) > Apple Advertising, then set the “Personalized Ads” switch to the “off” position. Please find additional information here: https://support.apple.com/en-us/HT202074

You can also visit https://youradchoices.com for the same purpose.

Please mind that when you opt out of certain interest based advertising, you may still continue to receive contextual ads based on other non-personal information, such as ads related to the content of other digital products you are using.

Opt-out of Location Data Processing

If you do not want third-party service providers to use your precise location data, or street-level location information about you please follow the instructions below:

  • iOS 11 or later: turn Location Services off for the applicable Product via the menu “Settings > Privacy > Location Services”. Then select the applicable App and set the “Share My Location” status to “Never”. Please see additional information here: https://support.apple.com/en-us/HT203033.

IX. SECURITY

The security of your personal information is highly important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information.

We implement appropriate technical and organizational measures, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the processing. We seek your personal data to be encrypted with proper and strong encryption algorithms, including hashing where possible.

Unfortunately, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We do our best to protect your personal data, nevertheless, we cannot guarantee its absolute security. In the event that your personal information is compromised as a breach of security, we will promptly notify you in compliance with applicable law.

If you have any questions about the security of our App, you can contact us through the contact form displayed below.

X. CHILDREN’S PRIVACY

Our App is not intended for children. Therefore, we do not knowingly or intentionally collect or solicit any personal information from children. For the purposes of this Section X the terms “child” and/or “children” in the context of data processing activities may be interpreted on a case-by-case basis as prescribed by applicable data protection laws. No one who is considered a “child” under applicable data protection laws is allowed to directly provide any personal information to the App.

As a general rule we consider a person under the age of 16 to be regarded as “a child” until we have legal grounds to conclude that a person under 16 should be treated as an adult as per provisions of local data protection rules or based on the parent authorization provided to us directly.

Solely the holders of parental responsibility are liable for preventing their children from providing personal information via the App without relevant verifiable parental consent. If we learn that we have collected personal information from a child without verification of the holder of parental responsibility for a child, we will erase that information as quickly as possible. If you reasonably believe that we might have any information from or about a child, or a child has directly provided us with personal information via the App without verifiable parental consent, please contact us.

XI. CHANGES TO THE PRIVACY POLICY

This Privacy policy is updated regularly.

Whenever we change this Privacy policy, we will post those changes to this Privacy policy and other places that we consider appropriate. Additional forms of notice of modifications or updates as appropriate under the circumstances may be provided to you.

XII. HOW TO CONTACT US

If you have any questions about this Privacy policy, please feel free to contact us via support form.