Skip to main content
Updated Date: June 1, 2026 This Privacy Policy applies to the BizyAir Services operated and provided by BizyAir (hereinafter referred to as “BizyAir,” “we,” “us,” or the “Company”). Welcome to BizyAir, an artificial intelligence Platform that provides API Services, workflow tools, model Services, developer tools, documentation, and related products (collectively, the “Services”). This Privacy Policy applies to our collection, use, storage, sharing, disclosure, transfer, and protection of Personal Data when you access or use the BizyAir Services provided through bizyair.ai, the console, APIs, SDKs, documentation pages, mobile pages, emails, event pages, or other official channels. We attach great importance to the privacy and Personal Data protection of users (“you”). Before you register for, log in to, access, call APIs, or use our Services, please carefully read and fully understand this Privacy Policy. If you do not agree to any part of this Privacy Policy, you should stop accessing or using our Services. Your continued access to or use of our Services means that by using the Services, you acknowledge that that we will process the relevant Personal Data in accordance with this Privacy Policy. Revisions To continuously improve BizyAir’s products, technical capabilities, and service experience, we may update this Privacy Policy from time to time. The updated Privacy Policy will be made available to you through website announcements, console notices, in-site messages, pop-up prompts, banner reminders, email, SMS, documentation pages, service status pages, or other commercially reasonable means. For material changes involving the purposes of Personal Data processing, processing methods, recipients of sharing, user rights, cross-border transfers, or contact information, we will use reasonable efforts to provide more prominent notice. After the revised Privacy Policy becomes effective, your continued access to or use of our Services will be deemed as your acceptance of the updated Privacy Policy. Contact Us If you have any questions about this Privacy Policy, Personal Data processing activities, third-party data transfers, data rights requests, complaints, or security matters, please contact us by email at contact@bizyair.ai. We will respond within the period required by applicable law, generally within no more than 30 days. Overview This Privacy Policy will help you understand:
  1. Definitions
  2. Our Role
  3. Personal Data We Collect
  4. Interaction Data & User Content
  5. Model Training
  6. Cookies
  7. Sharing Personal Data
  8. Third-Party Services
  9. Cross-border transfers
  10. Data Retention
  11. Your Privacy Rights
  12. Children’s Privacy
  13. Data Security
  14. Data Accuracy
  15. Notices
  16. Third-Party Rights

Definitions

1.1 In this Privacy Policy, the following words and expressions have the meanings set out below: a. “Data Protection Laws” means the relevant laws and regulations applicable to our processing of Personal Data, including but not limited to the Hong Kong Personal Data (Privacy) Ordinance and the data protection, privacy, and cybersecurity laws and regulations of other relevant jurisdictions. b. “Personal Data” means data relating to a natural person, whether true or not, from which that natural person can be identified, either from that data itself or from that data and other information that we have or are likely to have access to. c. “Processing” means any operation or set of operations performed on Personal Data, including but not limited to collection, recording, storage, organization, adaptation, modification, retrieval, use, analysis, sharing, disclosure, transmission, restriction, deletion, anonymization, or destruction. d. “Platform” means BizyAir’s official website, international site, console, APIs, SDKs, documentation, applications, service status pages, and other official channels through which we provide the Services. e. “Services” means the artificial intelligence model calling, inference Services, workflow Services, developer tools, API Services, computing power or resource scheduling Services, account management, billing and settlement, technical support, customer service, and other related product features provided by BizyAir. f. “Account” means a user account, enterprise account, team account, organization account, project account, or other identity identifier created or assigned to you for accessing or using the BizyAir Services. g. “API Key” means the access credential, key, token, identity code, or other authentication information generated, assigned, or provided by BizyAir to you or your account for identifying your account, calling APIs, accessing model Services, using developer tools, managing resources, or performing other Platform functions. An API Key may be associated with your account, project, organization, usage, billing, permissions, and security settings. You should properly safeguard your API Key and are responsible for the operations, requests, calls, data transmissions, and charges initiated through your API Key, unless such operations are caused by BizyAir. h. “Interaction Data” means data submitted, uploaded, entered, generated, fed back, modified, processed, stored, downloaded, or distributed by you or your end users in the course of using the BizyAir Services, including but not limited to prompts, text, images, audio, video, code, files, datasets, workflow configurations, plugin configurations, model inputs, model outputs, API request content, API response content, debugging information, business data, and customer data. i. “User Content” means any content that you upload, enter, submit, create, generate, publish, store, share, or transmit through the Services, including content that may be included in Interaction Data. User Content may contain Personal Data, trade secrets, confidential information, intellectual property content, or third-party data. j. “Third-Party Model Service Provider” means a third-party service provider that cooperates with BizyAir to provide model inference, model hosting, model calling, content generation, speech, image, video, vector, reranking, recognition, moderation, storage, computing, or other AI capabilities to BizyAir or BizyAir users. k. “Third-Party Services” means websites, applications, models, plugins, SDKs, APIs, payment Services, identity authentication Services, cloud Services, data analytics Services, customer support Services, or other external Services that are not independently operated or controlled by BizyAir but may be integrated with, connected to, or jointly provide functionality with the BizyAir Services. l. “Assets” or “Platform Assets” means resources, entitlements, and data objects that you create, upload, configure, obtain, purchase, manage, or use in the course of using the BizyAir Services, including but not limited to account balances, top-up credits, vouchers, package entitlements, calling quotas, computing resources, projects, model configurations, workflows, API Keys, access tokens, applications, files, logs, model input and output records, team member permissions, bills, orders, invoices, and other resources related to your account or use of the Services. m. “Asset Management” means your viewing, creation, configuration, use, allocation, transfer, update, deletion, deactivation, renewal, top-up, consumption, settlement, permission control, or security management of Platform Assets through the BizyAir Platform. To implement Asset Management functions, we may process Personal Data related to your account, identity authentication, permission configurations, transaction records, usage records, billing information, security logs, and operation records. n. “Actions” means access, browsing, registration, login, authentication, purchase, top-up, calling, uploading, entering, generation, downloading, sharing, configuration, management, deletion, feedback, ticket submission, participation in events, and other operations using the Services that are performed by you or through your account, API Key, access token, device, or network environment on the BizyAir Platform. o. “Operation Records” means behavioral logs and event information generated by you in the course of using the BizyAir Services or automatically recorded by the system, including but not limited to login time, login IP address, device information, pages accessed, API call records, project configuration changes, API Key creation or deactivation records, permission change records, Asset usage records, order and billing operation records, security verification records, error logs, and abnormal behavior records. p. “Announcement” means a notice, statement, rule, prompt, or update published by BizyAir to users through one or more reasonable means, including but not limited to website announcements, console notices, in-site messages, pop-up prompts, banner reminders, email, SMS, customer service notices, documentation pages, service status pages, community channels, or other commercially reasonable means that we consider appropriate. 1.2 Terms not defined in this Privacy Policy shall be interpreted in accordance with the context, the Terms of Service, and applicable law. In the event of any conflict between this Privacy Policy and mandatory local legal requirements, the local legal requirements shall prevail.

Our Role

2.1 When you create an account, access the website, purchase Services, communicate with us, participate in events, or when we process your Personal Data for account management, billing, security, compliance, marketing, and customer support purposes, we generally act as the Controller or in a similar role with respect to the relevant Personal Data, determining the purposes and means of processing. 2.2 When you submit, upload, or call Interaction Data through the BizyAir Services, and such Interaction Data contains Personal Data of you or your end users, you may be the Controller of such Personal Data under applicable law, and we may act as your Processor or service provider, processing such data in accordance with your instructions, the Terms of Service, a data processing agreement, or specific product rules. 2.3 You shall ensure that you have the right to provide, upload, or transmit Interaction Data to BizyAir, and that you have provided necessary notices to the relevant individuals, obtained necessary consents, or have another lawful basis for processing in accordance with applicable law. 2.4 If you use the Services on behalf of an enterprise, organization, or other entity, you confirm that you have authority to accept this Privacy Policy on behalf of that entity and shall ensure that such entity and its authorized users comply with this Privacy Policy and applicable Data Protection Laws. 2.5 If you use the BizyAir Services on behalf of an enterprise, organization, or institution and, due to applicable Data Protection Laws or internal compliance requirements, need to execute a data processing agreement, supplemental terms, or obtain information regarding third-party processing, you may contact us using the contact details provided in this Policy. We will evaluate and respond to your request within a commercially reasonable scope.

Personal Data We Collect

When you access, register for, log in to, call APIs, or use the Services, we will collect and use your Personal Data within the scope permitted by applicable Data Protection Laws and based on lawful grounds such as providing the Services, performing a contract, complying with legal obligations, protecting legitimate rights and interests, ensuring service security, or your consent.

3.1 Information You Voluntarily Provide

a. account registration and login. When you create a BizyAir account, log in to the Platform, or use a third-party account to log in, we may collect your name, nickname, avatar, email address, mobile phone number, account ID, company name, job title, country or region, login credentials, authentication status, and information that you authorize a third-party Platform to provide to us. For example, when you log in through Google or another third-party identity service, we may receive basic account information provided by that third-party Platform. b. Subscriptions, purchases, top-ups, and payments. When you purchase, subscribe to, top up, or use paid Services, we may collect order information, billing address, invoice information, payment status, payment records, package type, usage information, promotional information, tax information, and necessary payment verification information. Actual payment processing may be completed by third-party payment service providers, such as Stripe or other providers. We generally do not directly store full bank card numbers, payment account passwords, or payment security codes; the relevant payment data will be processed by payment service providers in accordance with their privacy policies and security standards. c. API, project, and Asset Management information. When you create projects, generate API Keys, configure models, manage workflows, allocate permissions, view bills, manage quotas, or use other Asset Management functions, we may collect project names, API Key identifiers, permission configurations, calling quotas, usage records, billing records, Operation Records, security settings, and related configuration data. d. Customer support and communications information. When you contact us by email, online customer service, support ticket, community, meeting, or other means, we may collect your contact information, communication content, issue descriptions, log files, screenshots, audio and video recordings, meeting records, feedback, and information related to troubleshooting, in order to respond to your requests, resolve faults, improve the Services, and maintain customer relationships. e. Survey, event, and marketing interaction information. When you participate in questionnaires, prize draws, testing programs, community events, online or offline meetings, promotional activities, or cooperation projects, we may collect your name, email address, phone number, company, job title, country or region, event participation records, feedback, and information necessary for issuing rewards. f. Content you choose to upload or submit. When you use model calling, workflows, file uploads, content generation, debugging, feedback, or other AI functions, you may provide Interaction Data to us. Interaction Data may contain Personal Data or sensitive information. Please avoid uploading unnecessary Personal Data, sensitive Personal Data, trade secrets, or third-party data that you have no right to process.

3.2 Information We Collect Automatically

a. Device and network information. To ensure service security, stable operation, and compatibility, we may automatically collect device model, operating system, browser type, language settings, time zone, screen resolution, IP address, network type, access time, referral page, pages accessed, session identifiers, device identifiers, and approximate geolocation information. b. Logs and usage information. We may collect the frequency with which you use the Services, feature clicks, page views, API request records, request time, response time, call status, error codes, consumed quota, performance metrics, crash data, latency information, model or service version, workflow execution status, and other service interaction logs. c. Security and risk control information. To protect the legitimate rights and interests of you, other users, the Platform, and the public, we may collect information related to account security, identity verification, abnormal logins, API abuse detection, fraud prevention, cyberattack protection, crawler identification, model abuse prevention, content safety, and compliance review. d. Notice and marketing information. Where permitted by applicable law or with your consent, we may send you product updates, service notices, security alerts, billing notices, event information, or marketing content by email, SMS, telephone, in-site messages, console notices, or other means. You may opt out of receiving marketing information by following the unsubscribe method in the notice or by contacting us. Service-essential notices, security notices, billing notices, and legal notices may not be fully cancellable.

3.3 Information We Obtain from Third Parties

To provide, maintain, improve, and protect the Services, we may obtain information relating to you from affiliates, partners, Third-Party Model Service Providers, identity authentication service providers, payment service providers, data analytics service providers, cloud service providers, marketing Platforms, security and risk control service providers, enterprise customers, administrators, or public sources. We will receive and process such information only to the extent permitted by applicable law, agreed by contract, authorized by you, or necessary for the Services, and will take commercially reasonable measures to protect the relevant Personal Data.

Interaction Data & User Content

4.1 BizyAir primarily provides AI applications, workflows, model Services, and other related technical Services. By using the Services, you acknowledge that that, in order to complete model inference, content generation, file processing, speech recognition, image generation, workflow execution, security review, troubleshooting, or other service functions, the Interaction Data you submit may be transmitted to BizyAir’s servers, cloud infrastructure, affiliates, service providers, or Third-Party Model Service Providers for processing. 4.2 In certain service scenarios, BizyAir may not independently provide the underlying model capabilities, but may cooperate with Third-Party Model Service Providers, cloud service providers, or technology partners. To complete a call request initiated by you, we may need to transmit your input content, uploaded files, workflow configurations, call parameters, contextual information, model outputs, error logs, account identifiers, or other necessary data to such third parties. 4.3 We will select third-party service providers according to commercially reasonable standards and, through contracts, data processing agreements, confidentiality obligations, security requirements, or other reasonable measures, require them to process the relevant data only to the extent necessary to provide Services to BizyAir or to you. However, you understand that different third-party service providers may be located in different countries or regions and may be subject to different Data Protection Laws and technical standards. 4.4 You shall ensure that you have the right to submit Interaction Data to BizyAir and to allow BizyAir and necessary third-party service providers to process such data for the purpose of providing the Services. If Interaction Data contains Personal Data of your end users, employees, customers, or other third parties, you are responsible for providing necessary notices, obtaining necessary consents, or ensuring that another lawful basis exists. 4.5 You may not submit to BizyAir any data whose processing is prohibited by law, data that you have no right to process, or data that violates the Terms of Service, acceptable use policies, third-party rights, export controls, sanctions regulations, intellectual property rules, or applicable law. We or our third-party partners may conduct automated security review of your input content to prevent the generation of illegal or harmful content. 4.6 With respect to content that you choose to publicly publish, share through links, submit to public communities, public model repositories, public workflows, public templates, or other public areas, other users or third parties may be able to access, use, copy, download, or save such content. Please carefully decide whether to make any content public. 4.7 Unless otherwise provided by laws and regulations, otherwise agreed in service rules, or otherwise agreed in writing by the parties, we have no obligation to store your Interaction Data for a long term. You should back up, export, or delete the relevant data in a timely manner according to your own business needs.

Model Training

5.1 Unless expressly authorized by the user, BizyAir will not use user input content, uploaded content, workflow data, or model output content to train BizyAir’s own Foundation Models. Because some BizyAir Services may be provided or supported by Third-Party Model Service Providers, cloud service providers, or technology partners, such third parties’ processing of relevant data may be governed by their own terms, privacy policies, or data processing rules. We will use commercially reasonable efforts to select third-party service providers that make reasonable data protection commitments and, where practicable, require them to process data only for providing the relevant Services; however, unless we make a separate express commitment, BizyAir does not guarantee that all third-party service providers will not use the relevant data for their model improvement, training, security research, or service optimization. 5.2 To clarify, the foregoing “training Foundation Models” does not include the following processing activities that are necessary or reasonable for providing, maintaining, protecting, and improving the Services: a. Temporary processing conducted to complete a model call, workflow execution, file processing, content generation, or other service request initiated by you; b. Viewing or analyzing relevant data to troubleshoot faults, debug errors, restore Services, respond to customer service requests, or handle billing disputes; c. Automated or manual review conducted to detect and prevent fraud, abuse, attacks, illegal acts, policy-violating content, or security risks; d. Using aggregated, anonymized, or de-identified data for statistical analysis, capacity planning, performance optimization, product improvement, security research, or service quality assessment, provided that such data cannot reasonably identify you or your end users; e. Situations where you proactively submit feedback, ratings, error reports, test samples, improvement suggestions, or expressly opt in to a model improvement program; f. Processing required by laws and regulations, regulatory authorities, court orders, or applicable compliance obligations. 5.3 If in the future we intend to use users’ non-public Interaction Data for Foundation Model training and such use exceeds the scope of this Policy or your existing authorization, we will obtain your authorization before such use through console settings, a separate agreement, pop-up confirmation, written authorization, or other explicit means, or provide an opt-out mechanism that meets legal requirements. 5.4 If a specific Third-Party Model Service, plugin, application, or integration feature used by you is expressly provided directly by a third party, whether the relevant third party uses your data for model improvement, training, or security research may be governed by its own terms and privacy policy. We will, within a reasonable scope, inform you of the applicable rules of the relevant Third-Party Service.

Cookies

6.1 When you access or use the Platform, we may use cookies, pixel tags, local storage, SDKs, log identifiers, and similar technologies to enable account login, identity authentication, security protection, preference settings, traffic analysis, performance optimization, marketing measurement, and service improvement. 6.2 Cookies and similar technologies may help us remember your login status, language preferences, account settings, search records, access paths, and usage habits, thereby improving access efficiency and user experience. 6.3 You may manage, restrict, or reject cookies through your browser settings. However, if you disable certain cookies, some service functions may not operate properly, such as account login, console access, API documentation experience, payment settlement, or security verification. 6.4 If we use third-party analytics, advertising, or marketing tools, such third parties may collect information relating to your access or interactions through cookies or similar technologies. We will provide necessary notice or choice mechanisms in accordance with applicable law.

Sharing Personal Data

7.1 You acknowledge and agree that the Personal Data you provide to us may be disclosed and/or transferred to the following third parties, and that such third parties may use or process such Personal Data in Hong Kong or outside Hong Kong for the purposes described above or for other purposes permitted or required by law: a. Affiliates. We may share necessary Personal Data with affiliates in order to provide unified account, technical, customer support, security, operations, finance, compliance, and management Services. b. Third-Party Model Service Providers and technology partners. Because BizyAir primarily provides calling and AI Services, we may share necessary Interaction Data, call parameters, logs, or account identifiers with Third-Party Model Service Providers, cloud service providers, inference service providers, content moderation service providers, vector database service providers, storage service providers, or other technology partners in order to complete the Services requested by you. c. Service providers. We may entrust third-party service providers to process Personal Data on our behalf, including cloud computing, server hosting, data storage, content delivery, payment, billing, invoicing, identity verification, login, security and risk control, customer support, support tickets, email, SMS, notices, data analytics, performance monitoring, error tracking, audit, legal, financial, tax, and professional advisory Services. d. Payment and transaction service providers. When you purchase, top up, or subscribe to the Services, we may share necessary transaction information with payment service providers, banks, card networks, anti-fraud service providers, tax service providers, and invoicing service providers in order to complete payment, refunds, reconciliation, tax processing, and dispute resolution. e. Enterprise customers, organizations, and administrators. If your account belongs to an enterprise, team, or organization account, or if you register using a company email address and join an enterprise account, the relevant enterprise customer or administrator may be able to access and manage your account information, projects, permissions, usage, logs, bills, workflows, API Key configurations, and content generated under the enterprise account, depending on account settings and the parties’ agreement. f. Business partners. When you choose to use partner integrations, third-party models, plugins, application marketplaces, joint events, or other cooperative Services, we may share necessary information with the relevant partners based on your usage choices, authorization, or service necessity. g. Government, regulatory authorities, and law enforcement agencies. If applicable law, court orders, regulatory requirements, law enforcement procedures, or lawful government requests require us to disclose Personal Data, we may disclose the relevant information in accordance with law. We may also disclose information where necessary to protect the legitimate rights and interests of us, users, the public, or third parties. h. Business transfers. In the event of a merger, acquisition, financing, restructuring, bankruptcy, asset sale, business transfer, or similar transaction, we may disclose or transfer Personal Data to the buyer, successor, investor, or their advisers as part of the relevant transaction, provided that we will require the recipient to continue to provide reasonable protection. i. Professional advisers. We may disclose necessary Personal Data to lawyers, auditors, accountants, insurers, or other professional advisers in order to obtain professional Services, maintain legitimate rights and interests, handle disputes, or comply with compliance obligations. 7.2 We will require service providers that process Personal Data on our behalf to process Personal Data in accordance with our instructions and to assume appropriate confidentiality, security, and data protection obligations. 7.3 Because BizyAir’s Services may involve third-party models, cloud infrastructure, inference Services, storage Services, payment Services, and other technology service providers, specific service providers may change from time to time based on product functionality, availability, cost, performance, security, region, and business cooperation. We will explain to you, within a reasonable scope, the categories, purposes, and necessity of third-party processing. If you wish to learn about the categories of third-party service providers related to the Services you use or obtain more information, you may contact us using the contact details provided in this Privacy Policy.

Third-Party Services

8.1 The Platform may contain links to third-party websites, applications, models, plugins, communities, documentation, payment pages, identity authentication pages, open-source projects, or other Third-Party Services. Some service functions may also be provided directly by third parties. 8.2 When you access, use, authorize, or connect to Third-Party Services, the relevant third parties may directly collect, use, store, share, or process your Personal Data. Such third parties’ data processing activities are not governed by this Privacy Policy, but are subject to their own privacy policies, terms of service, data processing agreements, and security rules. 8.3 For Third-Party Services that you proactively choose to connect to, call, or authorize, you should independently assess the legality, security, stability, and data processing rules of such Third-Party Services. We recommend that you carefully read their privacy policies and terms of service before providing any Personal Data to any third party or authorizing any third party to access your information. 8.4 To the maximum extent permitted by applicable law, we are not responsible for Third-Party Services’ processing of your Personal Data, unless such responsibility cannot be excluded by law or is directly caused by us.

Cross-Border Transfers

9.1 BizyAir provides services to international users. Depending on your location, selected service region, cloud infrastructure, Third-Party Model Service Providers, cooperation service providers, and business operation needs, your Personal Data and Interaction Data may be transferred to, stored in, or processed in jurisdictions outside the country or region in which you are located, including but not limited to Hong Kong, China, Singapore, the United States, the European Union, the United Kingdom, Japan, South Korea, or other regions where cloud Services and partners are located. By using BizyAir, you understand that your data may be transferred across borders in accordance with this Policy. 9.2 When we conduct cross-border transfers, we will take reasonable measures to protect your Personal Data in accordance with applicable law, such as signing data processing agreements, adopting standard contractual clauses, implementing access controls and encryption measures, conducting necessary data transfer assessments, requiring recipients to assume confidentiality and security obligations, or adopting other lawful transfer mechanisms. 9.3 You understand that Data Protection Laws in different countries or regions may differ from the laws of your jurisdiction, but we will protect your Personal Data in accordance with this Privacy Policy and applicable legal requirements. 9.4 If, as an enterprise customer, you have special requirements regarding data storage regions, cross-border transfers, lists of third-party processors, or data processing agreements, please contact us using the contact details provided in this Policy. 9.5 If applicable law requires specific cross-border transfer mechanisms, contractual clauses, risk assessments, or supplementary safeguards, we will take commercially reasonable measures to satisfy the relevant requirements within the applicable scope.

Data Retention

10.1 We retain your Personal Data only for the period necessary to achieve the purposes described in this Privacy Policy. The specific retention period depends on the type and use of the data:
  • account Data: for as long as your account remains active or as long as we need to provide the Services to you.
  • Log and Interaction Data: generally retained for 30 days.
  • Financial Data: retained in accordance with tax and accounting law requirements (generally 5-7 years).
10.2 The retention periods for different types of data may vary and may depend on product functionality, account settings, service rules, contractual agreements, legal requirements, security needs, and technical implementation. For example: a. account information is generally retained for the duration of your account and, after account cancellation, for the necessary period based on legal, compliance, security, and dispute handling needs; b. Records related to orders, top-ups, consumption, bills, invoices, tax, and payments may be retained for a longer period based on accounting, tax, audit, anti-fraud, and dispute handling requirements; c. API call logs, access logs, error logs, security logs, Operation Records, and usage records may be retained for the necessary period for service operation, billing and settlement, troubleshooting, security and risk control, abuse detection, compliance audit, and dispute handling purposes; d. The retention periods for input content, uploaded content, workflow data, model output content, and other Interaction Data submitted by you may vary depending on the specific service function, caching mechanism, account settings, third-party processing rules, service package, contractual agreement, or legal requirement; e. Data that you delete or request to delete may continue to be retained for a limited period due to backup, caching, disaster recovery, security audit, or legal compliance requirements, but we will take reasonable measures to restrict access to and use of such data; f. Data involving violations of laws or regulations, abuse, fraud, security incidents, complaints, disputes, investigations, regulatory requests, or legal proceedings may be retained for the period necessary to handle the relevant matters. 10.3 When Personal Data is no longer necessary for the purposes for which it was collected and we have no legal, compliance, security, tax, accounting, audit, dispute handling, or other reasonable business purpose to continue retaining it, we will delete, anonymize, or take other reasonable measures so that the relevant data can no longer identify you. 10.4 Unless otherwise provided by applicable law, service rules, product descriptions, or a written agreement between the parties, BizyAir does not undertake to permanently retain your Interaction Data. You should back up, export, or delete the relevant data in a timely manner according to your own business needs.

Your Privacy Rights

Depending on applicable law, you may have one or more of the following rights: a. Right of access. Request a copy of the Personal Data about you that we hold, or information about how we use and disclose your Personal Data. b. Right to rectification. Request correction or updating of inaccurate or incomplete Personal Data. c. Right to deletion. Request deletion of your Personal Data where permitted by applicable law. d. Withdrawal of consent. For processing activities based on your consent, you may withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing activities conducted based on consent before the withdrawal. e. Restriction of or objection to processing. Request restriction of processing or object to our processing of your Personal Data in circumstances provided by applicable law. f. Right to data portability. Request to receive your Personal Data in a structured, commonly used, machine-readable format, or request that we transmit it to another Controller, in circumstances provided by applicable law. g. Right to lodge a complaint. You may lodge a complaint with the relevant data protection supervisory authority in circumstances provided by applicable law. h. Unsubscribe from marketing information. You may choose to stop receiving marketing information through the unsubscribe link in emails, account settings, or by contacting us. Service-essential notices, security notices, billing notices, and legal notices may still be sent. i. Account and data control management. To the extent supported by the Services, you may view, update, export, delete, or manage certain account information, projects, API Keys, team members, permissions, logs, bills, and other data through the console. If you wish to exercise the above rights, please contact us through the method provided in the “Contact Us” section of this Policy. To protect the security of your account and Personal Data, we may need to verify your identity. We will respond to your request within the period required by applicable law. For certain requests, we may be unable to fully satisfy them due to legal, compliance, security, technical, third-party processing, or other legitimate reasons, and we will explain the reasons to you to the extent permitted by law. Depending on the applicable law of your country or region, you may have other Personal Data rights in addition to those listed in this section. We will respond to your requests in accordance with applicable law to the extent reasonably practicable. If the laws of a jurisdiction require us to provide additional notices, rights, or safeguards, we will provide them based on the specific circumstances through this Privacy Policy, supplemental notices, product pages, contractual terms, or other reasonable means.

Children’s Privacy

12.1 BizyAir’s Services are primarily intended for developers, enterprises, organizations, and professional users with full civil capacity. Unless the relevant Services expressly permit it and necessary guardian consent has been obtained, we do not knowingly collect Personal Data from minors under the age of 18 or conduct marketing to them. 12.2 If you are under the age of 18 or the minimum age prescribed in your jurisdiction, please do not use the Services or provide Personal Data to us without the consent of your parent or legal guardian. 12.3 If we discover that we have collected Personal Data of a minor without necessary consent, we will take reasonable measures to delete the relevant information as soon as possible. If you believe that a minor has provided Personal Data to us, please contact us using the contact details provided in this Policy.

Data Security

13.1 We will take appropriate administrative, technical, and physical security measures to protect your Personal Data against unauthorized access, collection, use, disclosure, copying, modification, loss, damage, deletion, or similar risks. 13.2 These measures may include access controls, identity authentication, permission grading, encrypted transmission, log audits, key management, security monitoring, vulnerability management, employee training, vendor management, data minimization, backup, and disaster recovery mechanisms. 13.3 You should also take reasonable measures to protect the security of your account, password, API Key, access token, device, and network environment. Please do not disclose API Keys, passwords, verification codes, or access tokens to any unauthorized third party. 13.4 However, by using the Services, you acknowledge that that Internet transmission and electronic storage methods cannot guarantee absolute security. Although we will continuously review and strengthen security measures, we cannot undertake that your Personal Data will never be accessed, disclosed, or misused without authorization under any circumstances.

Data Accuracy

14.1 You shall ensure that the Personal Data you provide to us is true, accurate, complete, and kept up to date. If your Personal Data changes, please update it promptly through account settings or by contacting us. 14.2 You may view and modify certain Personal Data in the account console. For information that you cannot modify yourself, you may submit a correction request to us using the contact details provided in this Policy. 14.3 If you provide Personal Data to us on behalf of another person or organization, you shall ensure that such data is accurate and that you have the right to provide it to us.

Notices

15.1 We may notify you through Announcements of service changes, rule updates, revisions to the Privacy Policy or Terms of Service, security alerts, billing adjustments, feature changes, system maintenance, service interruptions, compliance requirements, or other important matters related to your use of the Services. 15.2 Announcement methods include but are not limited to website announcements, console notices, in-site messages, pop-up prompts, banner reminders, email, SMS, customer service notices, documentation pages, service status pages, community channels, or other commercially reasonable means. 15.3 Unless otherwise stated in the Announcement, the Announcement will be deemed delivered to you upon publication. For material matters, we will use reasonable efforts to adopt more prominent notice methods.

Third-Party Rights

No individual or entity that is not a party to this Privacy Policy has the right to enforce any provision under this Privacy Policy, unless otherwise mandatorily provided by applicable law.