Version update tips:
Welcome to use the GPTBOTS.AI products and/or services provided by Metaverse Cloud PTE.LTD. GPTBOTS.AI platform aims to provide you with AT-related products and/or services through our own AI products and the third-party products/services that we access.
- I. How we collect and use your personal information
- III. Authorization and consent of end users
- IV. How we share, transfer or disclose yourpersonal information
- V. How we store your personal information
- VI. How we protect your personal information
- VII. How you exercise the rights in personal information
- VIII. How we process children’s personal information
- X. How you contact us
- XI. Other legal basis for processing your personal information (only for EEA)
- Schedule 1: Definitions of Key Terms
I. How we collect and use your personal information
(I) Personal information obtained by us when you use our products/services We may need to collect and use your relevant personal information to achieve the basic business functions of our platform. The following will provide a detailed list of our basic business functions and the type of information necessary for achieving these functions, and we will collect and use such personal information only with your consent:
2. When you use our paid services/products, we will collect your [order information, billing address, billing contact of your GPTBOTS.AI account, and payment information], so that we can send you invoices and complete the payment process for your orders.
3. Input Information of users: When you use our products/services, we will collect your personal information, if any, contained in the [input content, uploaded files or feedback] (collectively, “Input Information”) that you provide to our services for outputting the content meeting your needs. If you do not provide such information, you will be unable to use our corresponding services/products. Please note that we will not retain Input Information that can be used to infer a user’s identity, nor do we create the user profile based on the user’s Input Information and usage. You may also use voice input, in which case you are required to grant microphone permissions, otherwise you will be unable to input content via voice.
4. Communication Information: If you contact us by means of communication, we may collect your [name, contact information, and any messages you send to us during the communication (“Communication Information”)] in order to verify your identity and solve the problems you raise.
5. When you browse or log in to use our products/services, we may collect your user-side system time, time zone, and IP address. By doing so, we can count user traffic based on user-side system time, time zone and IP address and conduct data analysis to keep our system secure.
6. When you use our "WorkSpace" service, we will collect your [operational behavior data and conversation data using Bot]. You agree that the Bot creator used in the "Workspace" has the right to view all the conversation data of your Bot use for the Bot creator to optimize and improve its Bot functions. You can choose to refuse, but if you refuse you will not be able to use this service
7. We will collect your [Cookie information] to identify the login user. We will also collect the [browser language type] you select when you use the services, and switch the corresponding website language based on the language you select, so that you can read and use our services. In addition, we collect [User-Agent information] to recognize the [browser type and version] and ensure compatibility with browser API, thereby enhancing your experience when using our platform’s services.
8. We may aggregate or de-identify your personal information and Input Information based on the information collected as described above so that it may no longer be used to identify you and use such aggregated information to analyze the effectiveness of our services, thereby improving and adding features to our services. We may analyze the general behavior and characteristics of our users from time to time based on the information collected as described above, summarize and analyze such data, and share with third parties, publish or publicly disclose such summary information. You should understand that such summary information does not belong to users’ personal information because it cannot identify specific individuals, and we will not re-identify individuals from such summary information.
(II) Your personal information obtained by us from third parties
2. We may obtain and appropriately use publicly available information about you through webpage and other public channels, or obtain from third parties the business information that your company has publicly disclosed, so as to help us better understand our customer base, such as your industry, and the scale and website URL of your company.
When you use our services, we will store small data files called Cookies on your computer or mobile device in order to ensure the normal operation of our website. Cookies usually contain identifiers, site names and some numbers and characters. The main functions of Cookies are to facilitate your use of our platform’s products and/services and help our website count unique visitors. With Cookies, we can provide you with more personalized services and allow you to set specific service options. When you use our platform’s products and/or services, we will send Cookies to your device. When you interact with services provided by us to partners, we allow Cookies (or other anonymous identifiers) to be sent to our servers.
For more information about the types of Cookies we use, reasons and how to control Cookies, please refer to AboutCookies.org .
III. Authorization and consent of end users
This Section applies to third parties (partners) who are our business partners. You should be aware that you may access/integrate/apply our GPTBOTS.AI services into your products/services, and your end users may provide personal information when using your products/services, in which case you, as the data processor (controller) of the end users’ personal information, will at your sole discretion determine the type and scope of personal information collected from end users and processed, and methods of collection and processing, etc., and whether to entrust us to process the personal information about end users provided by you. You acknowledge and agree that we will provide data processing services based on your instructions, but we cannot control/ determine how you collect, use and provide data belonging to your end users.
1. you have informed end users of the following and obtained their full, necessary and explicit authorization, consent and permission: you will collect and use the end users’ personal information necessary for providing services, and entrust us to process their personal information (including its transmission and storage in Singapore). Meanwhile, you shall fully inform end users of the risks involved in such entrusted processing and obtain their express consent;
3. You have complied with and will continue to comply with applicable laws, regulations, and regulatory requirements, including but not limited to developing and publishing relevant policies regarding the protection of personal information and privacy;
IV. How we share transfer or disclose your personal information
We will not share your personal information with any third party, except for the following circumstances:
1. With your express consent. We will share your personal information with other parties after obtaining your express consent;
2. We may share your personal information in accordance with applicable laws, regulations, legal procedures, or governmental requirements, including national security, emergency services or law enforcement requirements;
3. It is necessary to provide your personal information to a third party for protecting your or the public’s interests, property or safety to the extent required or allowed by law;
4. You disclose the personal information to the public by yourself, or we can obtain the personal information from other lawful public channels.
6. In order to provide you with more comprehensive and high-quality products and/or services, certain
functions may be provided by our service partners, such as third-party service providers, contractors or agents. We may entrust these service partners to process certain personal information on our behalf. For example, third-party suppliers may send emails or push notifications, or conduct statistical analysis of de-identified information on our behalf.
We will not transfer your personal information to any company, organization and individual, unless:
1. With your express consent; or
2. You disclose the personal information to the public by yourself, or we can obtain the personal information from other lawful public channels.
We will request the aforementioned third party through agreements or otherwise to take proper confidentiality and security measures when they handle personal information.
(III) Public disclosure
Subject to applicable laws and regulations, we will not publicly disclose your personal information without your express consent.
V. How we store your personal information
(I) Storage location
In principle, we will store your personal information on servers located in Singapore. However, considering that we may access third-party products/services, the content you input while using our products/services may be transmitted to and stored in data storage centers located outside Singapore and is used by a third party. The data storage centers established and the data-processing rules for different third-party products/services can be available at the official websites of those third-party products/services.
If you are our registered user, you agree to the cross-border transmission and storage of your personal information. Cross-border transmission may involve certain data security risks in the process of transmission, and you agree that you will bear all risks and liabilities arising therefrom.
If you are our business partner and when you access/integrate/apply our GPTBOTS.AI services into your products/services, the personal information of your end users, if any, may be transmitted internationally. We strongly recommend that you seek professional advice and take appropriate measures to ensure that such cross-border transmission complies with the regulatory requirements on data cross-border transmission in your country or region. You agree that you will actively fulfill the legal obligations on data cross-border transmission, including informing the end users, obtaining their express consent, conducting security assessments of cross-border transmission and personal information protection certification, in accordance with the laws of your country or region. Otherwise, you will bear all risks and liabilities related to outbound transfer of data arising therefrom. In particular, when cross-border transmission involves countries or regions such as the European Union, Russia, India, and the United States, please note the regulatory requirements on personal information of these countries and regions. You agree to solely bear the risks and liabilities arising from cross-border transmission.
(II) Storage period
We will keep your and/or end users’ personal information within the shortest time as required by laws and regulations only for the purposes as set forth herein, and will delete or anonymize such personal information, if any, upon expiration of such storage period. However, subject to applicable laws and regulations, we may extend the storage period of your and/or your end users’ personal information for defending litigation, safeguarding public interest and protecting personal property or legitimate rights.
VI. How we protect your personal information
1. We have taken safety precautions meeting the industry standards to protect the information you provide and prevent data from unauthorized access, disclosure, use, alternation, damage or loss. We will take reasonably practicable measures to keep your data secure. For example, data exchange between your browser and the “services” will be protected by SSL encryption; we will also provide https for our website; we will use encryption technology to ensure confidentiality of data; we will deploy trusted protection mechanisms to prevent data from being maliciously attacked; we will implement access control mechanisms to ensure that only authorized personnel can access personal information; and we will regularly organize security and privacy protection training courses to enhance employees’ awareness of the importance of personal information protection.
2. Our data security capabilities: We have established security defenses based on data life cycle that cover data collection, transmission, storage, use, circulation, archiving, deletion and other data processing stages.
3. We will take reasonably practicable measures to avoid collecting unrelated personal information. We will store your personal information only within the period necessary for achieving the purposes as set forth herein and take technical measures such as encryption for the stored information. v
4. The internet has no absolute security, and email, instant messaging, and other forms of communication with other users are not encrypted, so we strongly recommend that you should not send personal information through such means. Please use complicated password and regularly change it to help us guarantee the security of your account.
5. No internet environment is completely safe, so we will do our best to ensure the security of any information you send to us. We have used necessary and reasonable efforts, but there may exist a risk of personal damage, property, reputation and other losses posed to you and your users due to theft, illegal occupation or misuse of data. You have been aware of such risk and voluntarily assume it.
6. After any personal information security incident occurs unfortunately, we will, as required by laws and regulations, promptly inform you of: basic information on the security incident and its possible impacts, handling measures taken or to be taken by us, suggestions that you may solely prevent and reduce risks, remedies granted to you, etc. We will timely inform you of the relevant information on the accident through such methods as email or notification push. If it is difficult to inform the personal information subjects one after another, we will take reasonable and effective methods to make announcements. Meanwhile, we will also actively report the handling progress of personal information security incidents as required by regulatory authorities.
VII. How you exercise the rights in personal information
We attach great importance to your management of personal information and try our best to protect your rights to access, view, copy, modify, supplement and delete personal information, so as to keep your privacy and information secure.
1. Rights to be informed and make decisions
b. If the products cease service or operation, we will promptly stop collecting your personal information, notify you of this situation individually or through an announcement at least thirty calendar days, and delete or anonymize all of your personal information we hold within fifteen business days after the products cease service or operation formally.
2. Right of access
You may directly view or access your personal information on the [Personal Center] at our website, including logging in to your account at any time on the relevant product page to access the personal information related to your account. If you are unable to view or access your personal information on your own or encounter any problem when exercising your right to access data, you can contact us according to the guidelines provided in the Section titled [How you contact us] hereof to request us to provide your personal information.
3. Rights of correction and supplement
If you would like to exercise your rights to correct and supplement data, e.g., you want to edit the corporate/individual information in your account, change your password or add information, you can access the Personal Content of GPTBOTS.AI to perform such operations.
If you are unable to correct or supplement your personal information on your own or encounter any problem when exercising your right to correct or supplement data, you can contact us according to the guidelines provided in the Section titled [How you contact us] hereof to request us to provide your personal information.
4. Right of deletion
You can contact our customer service through emailing firstname.lastname@example.org to request us to delete the personal information you provide if:
(1) we collect and use personal information in violation of laws and regulations;
(2) we collect and use personal information in violation of the agreement between you and us;
(3) we collect and use your personal information without your consent;
(4) we share with or transfer to a third party personal information in violation of laws and regulations or the agreement between you and us, in which case we will immediately stop such act and notify the third party of timely deleting it;
(5) we publicly disclose personal information in violation of laws and regulations or the agreement between you and us, in which case we will immediately stop such act and notify the relevant recipients to delete it;
(6) you no longer use our products or services, or you have cancelled your account; or
(7) we cease to provide you with the products or services.
When deleting the relevant information, we may verify your identity to ensure account security. Once the request for deletion is responded to, your personal information will be deleted within fifteen business days, unless otherwise required by laws and regulations. Please note that if you request us to delete specific personal information about a user, such user may be unable to continue to use our products and services.
5. Withdrawal of your authorization
In general, each of business functions may be realized with some basic personal information collected, and you can contact our customer service by emailing email@example.com to request withdrawing your consent with respect to the collection and use of your personal information. After you withdraw your consent, we will no longer collect and use your relevant personal information. However, please understand that once you withdraw your consent or authorization, we will be unable to continue to provide the specific functions and/or services associated with the withdrawn consent or authorization. If you withdraw your consent, this will not affect our processing of your personal information with your consent prior to such withdrawal.
6. Account cancellation
You may cancel your previously registered account at any time, and you can click "Personal Center" - "Preferences" - "Account Deletion", and follow the relevant operation instructions on the page to delete your account. You should know that cancellation of your GPTBOTS.AI account will make you permanently lose your rights to the account and the data therein. We will provide you with account cancellation services after verifying your identity and fully handling assets in your account through consultations with you. After your GPTBOTS.AI account is cancelled, we will cease to provide you with the products or services and delete or anonymize, upon your request, your personal information within fifteen business days, unless otherwise provided by laws and regulations.
7. Refusal of notification push
We may send marketing messages to your email address or phone number，You can choose not to receive marketing emails/messages from GPTBOTS.AI according to the unsubscribe/opt-out instructions in the received emails/messages, or directly indicate your unwillingness to receive any marketing call from GPTBOTS.AI when receiving the same. You can also contact customer service by emailing firstname.lastname@example.org to opt out of future marketing emails/messages.
8. Protection of deceased individuals’ personal information
After a user (individual only) dies, the user’s close relatives may exercise the rights to access, copy, correct or delete the personal information of the deceased using the contact information as set forth herein for his or her own legitimate and proper interests, unless otherwise arranged by the deceased user during his or her lifetime.
9 Response to your requests above
For the security, we may need to verify your identity before processing your requests. You may need to provide written document or otherwise prove your identity. In principle, we will respond to all of your requests under this Section within fifteen business days after receiving the same and verifying your identity.
We generally do not charge any fees for your reasonable requests as described above. We may refuse requests that are unreasonably repetitive, require excessive technical means (such as the development of new systems or fundamental changes to current practices), pose risks to the legitimate rights and interests of others, or are highly unrealistic (such as requests involving information stored on backup tapes).
We will be unable to respond to your requests under any of the following circumstances:
(1) related to our fulfilment of obligations under laws and regulations;
(2) directly related to public security, public health or major public interests;
(3) we have sufficient proof that you have subjective malice or engage in any abuse of rights;
(4) for the purpose of safeguarding your or other individuals’ life, property or other significant legitimate rights and interests, it is hard to obtain your or their consent;
(5) responding to your request will cause serious harm to your legitimate rights and interests, or those of other individuals or organizations; or
(6) involving trade secrets.
If you have any questions regarding the exercise of the rights as described above, you can contact us using the contact details as set forth in Section X hereof.
VIII. How we process children’s personal information
Given the existing technologies and business patterns, it is difficult for us to proactively identify children’s information. If a child’s guardian discovers unauthorized collection of personal information of a child, the guardian may notify us to delete it. If we ourselves discover such situation, we will also proactively delete the information, unless retention of such data is required by law.
1. any material changes in our service mode, such as the purpose of processing personal information, type of processed personal information and how personal information is used;
2. any material changes in our ownership structure, organization structure and others, such as the change of owner due to any business adjustment, bankruptcy, merger or acquisition;
3. the change of the main object which personal information is shared with, transferred to, or publicly disclosed to;
4. any material changes in your rights involved in personal information processing and in how you exercise such rights;
5. the change of our responsible department, contact information and complaint channels for personal information protection; and
6. any high risks as shown in a personal information impact assessment report.
X. How you contact us
We would like to resolve any dispute related to data protection practices between you and us. GPTBOTS.AI has established a special privacy protection group, and you can raise your questions or seek assistance by sending an email to our privacy protection group (email@example.com).
If you have any questions, comments or complaints regarding your account information, personal information or other documentation technologies, or exercise your rights, you can contact us at firstname.lastname@example.org or using any other specified method. In general, we will respond within fifteen business days.
IX. Other legal basis for processing your personal information (only for EEA)
You (the partner) shall give special attention to the following: when you engage in any personal information processing activity, you shall comply with the General Data Protection Regulation (“GDPR”) if you meet any of the following conditions:
(1) you are located in European Economic Area (“EEA”), whether such processing activity take place within the EU;
(2) you provide goods or services (for consideration or free of change) to any individual within the EEA, or monitor his or her behavior within the EEA; or
(3) you are located outside the EEA, but the laws of any EU member states shall apply pursuant to international public law, e.g., embassies or consulates of EEA member states.
If you are from the EEA, the legal basis for our collection and use of the aforementioned personal information will depend on relevant personal information and the specific context in which we collect it.
However, we generally collect personal information only under the following circumstances: when we need the personal information to perform a contract signed between you and us, when the processing is in our legitimate interests and not covered by your data protection rights and interests or fundamental rights and freedoms, or when we have obtained your consent. In certain cases, we may also have a legal obligation to collect personal information from you, or may need the personal information to protect your or others’ vital interests. For example, we may provide your personal information as required by relevant authorities for public safety purposes or respond to requests from law enforcement agencies.
Appendix 1: Keyword definition
The specific words used in this policy is defined as follows:
1. We or GPTBOTS.AI: Metaverse Cloud PTE.LTD.and GPTBots Hong Kong Limited.
2. Affiliates: it refers to a subsidiary company or other affiliated enterprise within the scope of the consolidated statement with Metaverse Cloud PTE.LTD. and GPTBots Hong Kong Limited or other entity which controls, is and will be controlled by or is under common control with GPTBOTS.AI.
3. Control: means the ability directly or indirectly to influence the management of the company referred to, whether through ownership, voting shares, contracts or other means legally identified.
4. You: means the registered user who uses our products and/or services and the purchaser of the paid service.
5. Your End User: An end user who provides the product / service by you (access / integrate / apply our GPTBOTS.AI service to your product / service).
6. This platform: refers to the GPTBOTS.AI platform.
7. Personal Information: Information that is electronically or otherwise recorded that can be used alone or in combination with other information to identify a natural person or to reflect the behavior of a natural person.
8. Personal information subject: It refers to the natural person identified by personal information
9. De-identification: It refers to the technical processing of personal information. The personal information subject cannot be identified without additional information after this processing.
10. Anonymization: It refers to the process of making personal information subject unrecognizable through the technical processing of personal information, and the processed information cannot be recovered.