Privacy & Safety

Controller and Contact

1.1 Data Controller: MaiForge Ltd. (“MaiForge,” “we,” “us,” “our”).
1.2 Service: MaiEcho (the “Service”).
1.3 Privacy Contact / DPO (if designated): privacy@maiecho.ai
1.4 If a Data Protection Officer (DPO) or EU/UK representative is required for specific jurisdictions, the relevant contact details will be published in this Policy or the Service.

2. Scope; Relationship to Trust Center

2.1 This Policy describes how we collect, use, disclose, and retain personal data in connection with the Service.
2.2 The MaiEcho Trust Center may summarize privacy and security commitments in a readable format. This Policy is the detailed legal document linked from the Service.
2.3 Where mandatory laws apply (e.g., GDPR/CCPA/Taiwan PDPA), users keep the statutory rights provided by those laws.

3. Service Modes (Guest Mode vs. Member Mode)

3.1 Guest Mode (Anonymous First). The Service is designed to allow users to start without creating an account. In Guest Mode, we process minimal data needed to deliver the session and maintain continuity during the session.
3.2 Member Mode. If users create an account, the Service may store conversation history, reflections, preferences, and micro-action tracking to support continuity and personalized coaching features.
3.3 Users can choose what to share in either mode.

4. Data We Collect

We collect the categories below.

4.1 Account Data (Member Mode)

• Email address.

• Authentication identifiers and account metadata (e.g., user ID, login events, token identifiers, account status).

• Subscription/billing status (if applicable).

4.2 User Content

• Chat logs, reflection entries, prompts, and messages submitted to the Service.

• Micro-action tracking entries and related notes saved in the Service.

• Content users choose to store, export, or mark for review.

Security design note: user content stored in our systems is designed to use encryption in transit and to implement encryption-at-rest where feasible, along with access controls and least-privilege practices.

4.3 Usage and Security Data

• Device/browser information and app interaction data (e.g., pages viewed, feature usage, clicks, session activity).

• Timestamps, diagnostic logs, performance metrics, and security signals.

• IP address may be processed for security, fraud prevention, rate limiting, and service delivery. Approximate location may be inferred from IP.

4.4 Cookies and Similar Technologies

• Essential cookies for authentication, session integrity, security, and core service operation.

• Analytics cookies only if enabled. Where required, we use a consent mechanism for non-essential cookies (see Section 9).

4.5 Payment Data (If Applicable)
Payments are typically handled by a payment processor. We generally receive limited data (e.g., plan, payment status, transaction IDs) rather than full card details.

4.6 Support and Communications
Information provided through support requests, feedback, surveys, or communications, depending on what users share.

4.7 Sensitive Data (User Choice)
The Service is intended for reflection and decision support. Users control what they submit. Users can reduce privacy risk by avoiding sensitive information such as medical records, government IDs, financial account numbers, or other people’s sensitive personal data.

5. Sources of Data

5.1 From users: when users use the Service, create accounts, submit content, or contact support.
5.2 From devices/browsers: via usage logs and cookies (as applicable).
5.3 From service providers: vendors supporting hosting, analytics, authentication, payments, and security.

6. Purposes of Processing (Purpose Limitation)

We process personal data for the following purposes:

6.1 Provide and operate the Service (session delivery, account creation, authentication, feature delivery, continuity/memory features where enabled).
6.2 Maintain safety and security (monitoring, fraud prevention, rate limiting, detecting prompt injection/jailbreak attempts, investigating incidents).
6.3 Prevent abuse and enforce Terms (misuse detection, policy enforcement).
6.4 Support and communications (responding to inquiries, handling user requests).
6.5 Improve and develop the Service (debugging, quality measurement, product analytics; where feasible using aggregated/de-identified, pseudonymized, or minimal data approaches).
6.6 Compliance and legal (meeting legal obligations, responding to lawful requests, protecting rights, safety, and property).

7. Legal Bases (GDPR/EEA/UK and Similar Frameworks)

Where GDPR/EEA/UK (or similar laws) apply, we rely on one or more legal bases:

7.1 Contract — to provide the Service requested.
7.2 Legitimate interests — to secure and improve the Service, prevent abuse, and maintain reliability (balanced against user rights).
7.3 Consent — where required (e.g., certain analytics cookies; certain marketing communications).
7.4 Legal obligation — to comply with applicable laws and lawful requests.

8. How AI Processing Works (Third-Party Model Providers)

8.1 Processing flow. When a user submits input, relevant portions may be sent to AI model providers to generate a response, which is returned through the Service.
8.2 Data minimization. We aim to send only what is reasonably necessary for response generation and service security.
8.3 Provider handling can vary. AI providers process data under their contractual terms and applicable policies. Retention and permitted uses can vary by provider, plan, and configuration.
8.4 General model training (Excluded from General Model Training). When using commercial/enterprise APIs, provider programs commonly state that customer API data is not used to train general models by default. Where feasible, we select settings and contractual terms designed to limit use beyond service delivery and security.
8.5 Optional personalization (User Opt-In). If the Service offers an explicit opt-in option to use user content to improve the user’s personalized experience (e.g., personalization features), such use will occur only when:
(a) the user provides clear authorization, and
(b) the Service provides a corresponding control/setting.
Users can withdraw that authorization through the Service controls (where available) or by contacting us.
8.6 Human access controls. Access to user content is restricted via role-based access control and least privilege. Access may occur only when needed to: provide requested support, investigate security issues, comply with law, or maintain the Service.
8.7 No legal-effect automated decisions. The Service is not designed to make automated decisions that produce legal or similarly significant effects about users.

9. Cookies and Consent

9.1 Essential cookies. Used for authentication, session integrity, and security.
9.2 Analytics cookies (if enabled). Used to understand usage and improve the Service. Where required, a consent mechanism will be provided to accept or decline non-essential cookies.
9.3 Managing preferences. Users can manage cookies through browser settings and (where available) in-app controls.

10. Sharing and Disclosures

We disclose personal data only as described below.

10.1 Service Providers (Processors/Subprocessors)
We may share data with vendors that process data on our behalf to deliver the Service, such as:

• AI providers: OpenAI, Anthropic (commercial/enterprise APIs)

• Database/Auth: Supabase

• Hosting/Edge: Vercel

• Payments (if applicable): Stripe

10.2 Legal, Safety, and Compliance
We may disclose data to comply with law, respond to lawful requests, enforce Terms, and protect rights, safety, and property.

10.3 Business Transfers
Data may be disclosed as part of a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards.

10.4 With User Direction
Disclosures may occur when users enable integrations, request exports, or instruct sharing.

11. International Transfers

11.1 The Service and our vendors may process data in multiple countries.
11.2 Where required, safeguards designed for cross-border transfers are used (e.g., Standard Contractual Clauses (SCCs) or equivalent mechanisms), plus supplemental measures when appropriate.

12. Data Retention (Deletion and Backups)

12.1 Active use. Account data and user content are typically retained while needed to provide the Service and continuity features (especially in Member Mode).
12.2 Deletion requests. When users request deletion of an account or records, we remove data from active systems within a reasonable period, subject to verification and legal requirements.
12.3 Backups and security logs. Encrypted backups and certain security logs may persist for limited periods due to backup cycles, disaster recovery, and provider operations (often up to ~30 days; sometimes longer if required by law or provider policy), and then overwrite/expire.
12.4 Legal holds. Retention may extend where required to comply with law, resolve disputes, or enforce agreements.

13. Security Measures (Architectural Isolation)

13.1 We implement measures designed to protect personal data, which may include encryption in transit, encryption-at-rest where feasible, access controls, least privilege, monitoring, and secure operational practices.
13.2 The Service is designed with permission isolation principles (e.g., row-level access controls) to reduce the risk of unauthorized access in normal workflows.
13.3 Security risk can be reduced; residual risk can remain. Users can strengthen account security by using strong passwords and protecting credentials.

14. Your Rights

14.1 GDPR/EEA/UK and Similar Laws
Where applicable, rights may include: access, rectification, deletion (subject to legal exceptions), portability (for certain data), restriction, objection, withdrawal of consent (where consent applies), and lodging a complaint with a supervisory authority.

14.2 California Privacy Disclosures (CCPA/CPRA)
Where applicable:

• Categories collected: identifiers (e.g., email), internet/network activity (usage/device data), and user content submitted.

• Purposes: see Section 6.

• Disclosures: to service providers for business purposes (Section 10).

• Sale/sharing: the Service is typically operated without selling personal information for money. If cross-context behavioral advertising is used in a way that qualifies as “sale” or “sharing,” an opt-out mechanism will be provided (e.g., “Do Not Sell or Share My Personal Information”).

• Rights: right to know, delete, correct, opt-out of sale/sharing where applicable, and non-discrimination for exercising rights.

14.3 Taiwan PDPA Rights
Where Taiwan PDPA applies, rights may include inquiry/access, copy requests, supplementation/correction, cessation of collection/processing/use, and deletion, subject to legal requirements.

14.4 How to Exercise Rights
Requests can be submitted via privacy@maiecho.ai. Verification may be required to protect account security.

15. Children

15.1 The Service is intended for adults and follows the age threshold stated in the Terms (typically 18+ or age of majority).
15.2 If we learn that child data was collected inconsistently with applicable law, we will take steps designed to address the issue, which may include deletion.

16. Changes to This Policy

16.1 We may update this Policy to reflect changes in the Service, law, or vendor practices.
16.2 Notice may be provided via the Service, website posting, or email where available. The header shows the current version and dates.

17. Contact

Privacy: privacy@maiecho.ai
Legal: legal@maiecho.ai