Privacy Protection and Data Processing Terms
Effective Date: June 1, 2026
Version: 2.0
Brand: Aimegoo
[Introduction and Core Commitment]
This Platform deeply recognizes that psychological and emotional interaction data, as well as deep-thought records, constitute the highest level of personal privacy assets in cyberspace. We shall implement, with the most stringent architecture, the core principles of the Personal Information Protection Law of the People's Republic of China ("PIPL"), the Data Security Law of the People's Republic of China, the Cybersecurity Law of the People's Republic of China, the Interim Measures for the Management of Generative Artificial Intelligence Services, and the Interim Measures for the Management of AI Anthropomorphic Interactive Services, among other laws and regulations.
These Privacy Protection and Data Processing Terms (hereinafter referred to as "these Privacy Terms") set forth in detail and transparently the scope of collection, purposes of processing, rules for cross-module data transfer, encryption protection, and destruction mechanisms regarding your personal information during your use of this Platform.
> Please pay special attention: These Privacy Terms contain provisions marked in bold font concerning "Separate Consent and Authorization for the Processing of Sensitive Personal Information" and "Statutory Exemption for Disclosure in Life-Health Emergency Situations." Please read them carefully word by word.
Article 1: Scope of Collection and Purposes of Processing of Personal Information
During your use of the various module services of this Platform, based on system operation and functional requirements, we need to collect and process information in the following dimensions:
1.1 Basic Registration and Security Risk Control Information
| Information Category | Specific Content | Purpose of Collection | Legal Basis |
|---|---|---|---|
| Registered mobile phone number or social account information | Mobile phone number or real-name authenticated social account ID | Fulfilling statutory obligations for real-name registration under the Cybersecurity Law; account creation and security assurance | Article 24 of the Cybersecurity Law; Article 13, Paragraph 1, Item 2 of PIPL (necessary for contract) |
| Device and network information | IP address, device model, operating system version, login timestamps, device identifiers | Ensuring system security operation; investigating malicious attacks; user behavior auditing | Article 13, Paragraph 1, Item 2 of PIPL (necessary for contract); Item 3 (statutory obligation) |
| Log information | Operation behavior logs, feature usage frequency, error information | Service optimization, fault troubleshooting, security auditing | Article 13, Paragraph 1, Item 2 of PIPL |
Consequences of Refusal to Provide: The above basic information is a fundamental prerequisite for system operation. If you refuse to provide it, you will be unable to register or use any functions of this Platform.
1.2 Interaction Data for Each Module (Sensitive Personal Information)
1.2.1 General Interaction Data (All Modules)
| Information Category | Specific Content |
|---|---|
| Conversation text | Natural language text content voluntarily input by you in each module |
| Voice input | If you use the voice input function, we collect fragments of your voice (used solely for real-time speech-to-text conversion; the original audio is deleted immediately after conversion) |
| Image input | If you upload images, we temporarily process the image content to understand your input (the image itself is not retained after processing; only the necessary text description is retained) |
| Interaction behavior data | Conversation duration, conversation time periods, module switching behavior, feature usage frequency |
1.2.2 Module-Specific Data
| Module | Additional Information Collected | Purpose of Collection |
|---|---|---|
| Wren | Emotional labels, psychological preference profiles, conversation topic classification, pattern features extracted from long-term conversations | Maintaining the coherence and long-term memory context of AI conversations; precise matching of personalized psychological content |
| Luna | Sleep time preferences, relaxation content preferences, meditation duration and frequency, self-assessed sleep quality | Personalized relaxation plan recommendations; sleep improvement trend tracking |
| Cam | Professional field information, workplace role preferences, career development stage goals (if voluntarily provided by the user) | Targeted workplace strategy suggestions; continuity of career development thinking in conversations |
| Jude | Relationship type preferences, communication pattern labels, relationship topic classifications (if voluntarily provided by the user) | Personalized adaptation of relationship pattern analysis frameworks; continuity of long-term relationship exploration |
Legal Characterization Statement: The above interaction data, particularly information concerning your emotional state, psychological characteristics, sleep conditions, career difficulties, relationship patterns, etc., is strictly classified as sensitive personal information under the law (Article 28 of PIPL). We collect such information solely to maintain the coherence of AI conversations and personalized services, and never for any other purpose.
1.3 Emergency Contact Information (Sensitive Personal Information)
| Item | Description |
|---|---|
| Scope of Collection | Emergency contact name, relationship to you, real mobile phone number |
| Method of Collection | Voluntarily filled in or updated by you in [Settings - Security Center - Emergency Contact] |
| Purpose of Processing | Used solely for contact when a Level 1 or Level 2 crisis is triggered, to protect your life safety (see Article 3 of the Platform Disclaimer and Service Agreement for details) |
| Legal Basis | Article 13, Paragraph 1, Item 1 of PIPL (obtaining individual consent); also based on Article 13, Paragraph 1, Item 3 (necessary for protecting the life and health of a natural person in an emergency) |
| Storage Requirements | Highest level of encrypted storage, completely isolated from conversation data |
| Sharing Restrictions | Never used for any commercial marketing, advertising push, or sharing with third parties without statutory emergency grounds |
Your Prior Guarantee Obligation: Before providing the above emergency contact information to the Platform, you must ensure that you have obtained the explicit consent of such emergency contact to allow the Platform to contact them in the event of a sudden crisis. Any disputes or controversies arising from your breach of this guarantee shall be solely borne by you.
1.4 Separate Consent for Processing of Sensitive Personal Information
When you click to agree to these Privacy Terms at the registration screen or before using relevant functions, you shall be deemed to have given your Separate Consent regarding the processing of the above sensitive personal information.
We solemnly commit that:
- If you refuse to provide interaction data, only the corresponding module's AI conversation functions will be unable to be provided normally; this will not affect your ability to browse the Platform's public content or use other non-conversation functions
- You may withdraw your consent at any time (see Article 6 "Your Rights")
Article 2: Dual-Track Management of the Data Lifecycle
To fully respect the differentiated privacy boundary needs of different users, this Platform provides a dual-track option in terms of data transfer and cloud storage. You may switch between options at any time independently through the client-side backend management panel.
2.1 Track 1: Ephemeral Mode (Physical-Level Data Destruction)
If you place extreme importance on the concealment of digital footprints, you may proactively enable "Ephemeral Mode" .
Implementation Standards:
- The destruction implemented under this mode is physical-level hard overwrite deletion (Hard Delete) , not merely front-end hiding or database-level soft deletion (Soft Delete)
- Once your client confirms successful receipt of the AI-generated conversation response, or you actively close the current temporary conversation window, the system will within milliseconds completely and physically erase the associated conversation records from the cloud storage medium
Orphan Data Prevention Mechanism:
- To prevent scenarios such as client network disconnection or process crashes where the destruction instruction may not be delivered, the backend system is configured with a high-frequency periodic巡检 (Cron Job) task
- This task will periodically scan and forcibly destroy all redundant data fragments bearing the "Ephemeral" marker that have exceeded a very short retention time threshold
Applicable Modules: All modules support Ephemeral Mode.
2.2 Track 2: Historical Data Retention and Personalization Mode
If you actively disable the "Ephemeral" function and wish to obtain AI assistance with growth coherence and long-term memory depth, this Platform will securely retain your historical interaction data.
Automated Decision-Making and Personalization Matching Description:
- In this mode, the system will perform semantic analysis and pattern extraction on your conversation data
- Based on the analysis results, the system will provide you with personalized content recommendations (such as specific emotional relief content, exercises suitable for your current development stage, reading recommendations matching your profile, etc.)
- Scope of personalized content for each module:
| Module | Examples of Personalized Content |
|---|---|
| Psych (Wen Yan) | Recommending corresponding psychoeducational content or exercises targeting recurring issues you raise |
| Sleep (Mu Mian) | Recommending personalized guided meditations based on your sleep patterns and preferences |
| Workplace (Yi Zhi) | Providing targeted strategic frameworks based on your career stage |
| Relations (Ling Xi) | Recommending directions for relationship pattern exploration based on your areas of focus |
Right to Opt Out and Commitment Against Manipulation:
- The above analysis and recommendations legally constitute "automated decision-making using personal information"
- The Platform solemnly commits: such automated decision-making is used solely to improve service matching efficiency, and will never use your psychological profile for commercial advertising push, nor implement any differential treatment or "price discrimination" practices
- You have an absolute right to refuse: you may disable this function at any time with one click in [Settings - Privacy and Security Management - Personalized Content Push]. After disabling, the system will revert to a general conversation mode without long-term historical memory
Article 3: Cross-Module Data Isolation and Sharing Rules
3.1 Default Data Isolation Between Modules
Important Design Principle: The four modules (Psych, Sleep, Workplace, Relations) of this Platform implement data isolation by default at the technical architecture level.
This means:
- Your conversation records in the Psych module will not automatically appear in the Sleep, Workplace, or Relations modules
- The AI characters of each module will not automatically know the content of your conversations in other modules
- Each module maintains an independent conversation context
3.2 Prerequisites for Cross-Module Data Sharing
Your data will be shared between modules only when all of the following conditions are fully satisfied:
1. You have actively triggered a module switch suggestion: The AI character of the current module suggests switching to another module
2. You have explicitly agreed to the sharing: Before switching, the system displays an authorization confirmation interface, clearly informing you of the scope and purpose of the data to be shared
3. You click to confirm authorization: You actively choose "Agree and Continue"
Sharing is limited to: The minimum necessary information required to achieve service continuity between modules (such as the topic summary and basic background of the current conversation), not including the complete conversation history.
3.3 Data Isolation for Third-Party Psychological Counselors
When, under system guidance, you decide to contact a third-party professional psychological counselor affiliated with the Platform:
1. Default Blocking: Your AI conversation records and psychological analysis files are in an absolutely blocked state by default and will not be automatically synchronized to the counselor
2. Express Authorization: Data may be transmitted only after you personally sign a "Consent Letter for Data Transfer to Third Parties"
3. Controllable Scope of Transfer: You may choose which data to transfer (complete records, summary, or no transfer)
4. Encrypted Transmission: Data transmission uses asymmetric encryption channels
5. One-Time Authorization: Each transmission requires separate authorization; no default ongoing authorization is established
3.4 Statutory Disclosure in Emergency Situations (Highest Exemption for Life and Health)
[Core Legal Statement]
Pursuant to Article 13, Paragraph 1, Item 3 of the Personal Information Protection Law of the People's Republic of China regarding the provision that it is "necessary to protect the life and health of a natural person in an emergency," as well as the requirements of the Interim Measures for the Management of AI Anthropomorphic Interactive Services and other regulations:
When the Platform's built-in suicide prevention and intent risk monitoring algorithm comprehensively determines that you are in a Level 1 or Level 2 extreme crisis state (i.e., there is a very high probability of imminent suicide, self-harm, or behavior endangering the life or health of others), the Platform has the right and is obligated to, without your reconfirmation and without the need to obtain your real-time authorization or consent, directly take the following data disclosure actions:
1. Notify your reserved emergency contact of your real name and risk status
2. Unconditionally transfer and disclose your registered identity information, summary of recent abnormal interaction data, real-time IP address, and geographic location to the local public security authorities (110) and emergency medical services (120)
Post-Event Notification: After the emergency crisis alert is lifted, the Platform will, within a reasonable time permitted by law, provide you with an after-the-fact追溯 (retroactive) notification through in-platform messages or SMS, informing you of the circumstances of the disclosure and sharing of your personal information to external parties under the emergency situation.
Article 4: Data Storage, Transmission, and Security Guarantees
4.1 Data Storage Location
All of your personal information and system logs are encrypted and stored within the territory of the People's Republic of China on compliant cloud service server clusters. This Platform is not currently involved in any cross-border transmission of personal information.
If, due to future business development needs, data export becomes necessary, we will strictly follow the provisions of Chapter 3 of PIPL and the Measures for Security Assessment of Data Export, implementing security assessments, signing standard contracts, and completing the necessary compliance procedures.
4.2 Data Retention Period
| Data Type | Retention Period | Description |
|---|---|---|
| Conversation data under Ephemeral Mode | Instant physical destruction | Hard deletion at millisecond level, no backup retained |
| Conversation data under Retention Mode | Duration of account existence | Cleared upon account cancellation |
| Basic registration information | Duration of account existence + 6 months after cancellation | Pursuant to Article 21 of the Cybersecurity Law regarding log retention |
| Network access logs | Not less than 6 months | Pursuant to mandatory requirements of the Cybersecurity Law and other regulations |
| Emergency contact information | Duration of account existence | You may delete or update at any time; cleared upon account cancellation |
Data Processing After Account Cancellation:
- Emotional profiles, personalized analysis labels, sensitive psychological interaction data → Irreversible anonymization cleansing or complete physical deletion
- Underlying network access logs → Automatically cleared after retention for not less than 6 months as required by law
- Data that must be retained under other laws and regulations is excluded
4.3 Technical Security Measures
This Platform adopts the following technical measures to ensure the security of your data:
| Security Level | Specific Measures |
|---|---|
| Transmission Security | Full-chain TLS 1.3 encrypted transmission; API interface anti-replay attack mechanism |
| Storage Security | AES-256 static encryption; hierarchical key management; HSM hardware security module protection |
| Access Control | Role-based minimum privilege principle (RBAC); JWT token two-factor authentication; all operations留有 (retain) audit logs |
| Data Isolation | Database row-level security (RLS) — each user's data is forcibly isolated at the database level, preventing cross-user batch access even in the event of system vulnerabilities |
| Security Audit | Regular third-party penetration testing; 7×24 security monitoring; automatic alerting and blocking of abnormal access behavior |
| Disaster Recovery | Multi-availability-zone异地 (off-site) real-time backup; RPO ≤ 15 minutes, RTO ≤ 4 hours |
4.4 Data Security Incident Emergency Response
In the event of a data security incident (including but not limited to data breach, data tampering, data loss), the Platform will:
1. Immediately activate the emergency response plan, taking measures to control the situation and eliminate hazards
2. Report to the relevant competent authorities within 72 hours
3. Promptly notify affected users, informing them of the basic circumstances of the incident, possible impacts, measures already taken, and recommended courses of action
Article 5: Special Provisions for the Protection of Minors
Given that deep emotional exploration and psychological intervention require participants to possess mature cognitive abilities and psychological defense mechanisms, and that AI anthropomorphic interaction may induce irreversible risks such as excessive emotional dependency and social cognitive偏差 (bias) in minors whose mental faculties are still developing, this Platform enforces strict identity access thresholds:
5.1 Minimum Age of Use
This Platform strictly serves only adults aged 18 and above. Minors are strictly prohibited from registering for or using this system.
- The Platform does not provide any form of "minor mode"
- Real-name authentication age verification is implemented at the registration stage
5.2 Discovery and Handling of Minor Data
If the Platform discovers, through the following means, that personal information of a minor may have been collected by mistake:
1. Failure of real-name authentication age verification
2. Identification of suspected minor characteristics through big data behavioral models (such as language patterns, usage time periods, etc.)
3. A lawful warning notice submitted to the Platform by a legal guardian or other person
After verification, the Platform has the right to take the following measures without prior notice:
- Immediately forcibly cancel the account
- Immediately initiate highest-priority physical destruction procedures for all interaction data associated with the account
- Permanently refuse re-registration using the same identity information
5.3 Rights of Guardians
If you are the guardian of a minor and discover that the minor has used this Platform and provided personal information without your consent, please contact us through the contact information in Article 9 of these Privacy Terms, and we will immediately take deletion measures.
Article 6: Your Rights Regarding Personal Information
Pursuant to the statutory rights granted to you by the Personal Information Protection Law, you have inalienable control rights over any personal information you have retained on this Platform. You may exercise the following rights at any time through the dedicated interfaces within the Platform APP at [Settings - Account and Security] and [Privacy Management]:
6.1 List of Rights
| Right | Description | Means of Exercise |
|---|---|---|
| Right of Access | Access your historical conversation records and psychological profile reports retained on the Platform | [Settings - Privacy Management - Data Access] |
| Right of Portability | One-click export of your data (supports JSON/Markdown format) | [Settings - Privacy Management - Data Export] |
| Right of Rectification | Modify bound mobile phone number, emergency contact information, etc. | [Settings - Account and Security] / [Settings - Security Center] |
| Right to Supplement | Supplement incomplete personal information | Edit interface for the corresponding information |
| Right to Withdraw Consent | Withdraw separate consent for the processing of sensitive personal information | [Settings - Privacy Management - Authorization Management] |
| Right of Erasure | Delete specific conversation records one by one or batch clear data | [Settings - Privacy Management - Data Deletion] |
| Right to Cancel Account | Cancel account and completely delete all data | [Settings - Account and Security - Cancel Account] |
| Right to Refuse Automated Decision-Making | Disable personalized content push | [Settings - Privacy Management - Personalized Content Push] |
| Right to Complain | File a complaint with the Platform DPO or regulatory authorities | [Settings - Help & Feedback] or the contact information in Article 9 of these Terms |
6.2 Response Timeframe
- General cases: Respond and fulfill your request within 15 working days
- Special circumstances: If extended processing time is required, we will promptly inform you of the reason for the extension and the expected completion time
6.3 Exceptions to Rights
In accordance with PIPL and relevant regulations, the Platform may not be able to fully satisfy your deletion request in the following circumstances:
- Data that laws and regulations require the Platform to retain (such as the statutory retention period for network logs)
- The existence of incomplete transactions or unfulfilled contractual obligations
- The existence of ongoing dispute resolution or legal proceedings
Article 7: Use of Cookies and Similar Technologies
7.1 Scope of Use
This Platform may use cookies and similar technologies (such as LocalStorage, SessionStorage) on the web version (Web) for the following purposes:
| Purpose | Description | Is It Necessary |
|---|---|---|
| Session Maintenance | Maintain your login status | Yes - Necessary |
| Security Verification | Security protection such as CSRF attack prevention | Yes - Necessary |
| Preference Settings | Remember your interface preference settings | Optional - Functional |
| Usage Analytics | Anonymous statistical analysis of feature usage to optimize the product | No - Optional |
7.2 Refusing Cookies
You may set your browser to refuse cookies, but this may result in certain functions that rely on cookies not working properly (such as maintaining a login session).
This Platform does not use cookies for cross-site tracking or third-party advertising.
Article 8: Updates to the Privacy Terms
8.1 Amendment of Terms
The Platform reserves the right to amend these Privacy Terms from time to time in accordance with changes in laws and regulations, business adjustments, or operational needs. Major changes include but are not limited to:
- Significant changes in the purpose, method, or scope of personal information processing
- Changes in the scope of use of sensitive personal information
- Significant changes in data sharing recipients
- Changes in the manner or means of exercising your rights
- Cross-border data transfer arrangements
8.2 Method of Notification
Major changes will be notified to you through the following means:
- In-platform message or startup pop-up notification (conspicuous location)
- The email address or mobile phone number you provided during registration
- Posting a notice in a conspicuous location on the Platform's official website or within the application for not less than 7 days
8.3 Effect of Continued Use
The amended Privacy Terms shall take effect from the date of the notice. If you do not agree to the amended terms, you have the right to cease using the Services. Your continued use of the Services shall be deemed as your acceptance of the amended terms.
Article 9: Contact Us and Data Protection Officer (DPO)
9.1 Contact Information
If you have any questions, comments, or complaints regarding these Privacy Terms, or wish to exercise your personal information rights, please contact us through the following means:
| Channel | Contact Information |
|---|---|
| Operating Entity | Guangzhou Aimigu Technology Co., Ltd. |
| Data Protection Officer (DPO) Email | luolihuang666@163.com |
| Online Customer Service | [Settings - Help & Feedback] within the Platform |
| Mailing Address of Operator | Room J2123, Building 1, No. 96 Banhe Road, Huangpu District, Guangzhou, China |
| Complaint Email | luolihuang666@163.com |
9.2 Processing Procedure
1. We will acknowledge receipt and initiate the processing procedure within 15 working days after receiving your request
2. For complex requests, the timeframe may be extended to 30 working days, and we will inform you in advance
3. For manifestly unfounded or excessively frequent requests, we may charge reasonable fees or refuse in accordance with the law
9.3 External Complaint Channels
If you are not satisfied with our response, or believe that we have not processed your personal information in accordance with the law, you have the right to file a complaint with the following authorities:
- Cyberspace Administration of China: www.cac.gov.cn
- Ministry of Industry and Information Technology: www.miit.gov.cn
- The cyberspace administration or market supervision department at the place where the Platform operator is located
Appendix: Data Processing Activity Register
Data Mapping Summary Table
| Processing Activity | Data Type | Purpose of Processing | Retention Period | Is It Shared | Legal Basis |
|---|---|---|---|---|---|
| User Registration | Mobile phone number, encrypted password hash | Account creation, real-name authentication | Duration + 6 months | No | Contract necessity + statutory obligation |
| AI Conversation (all modules) | Text, voice, images | Service provision, conversation maintenance | Optional (Ephemeral/Duration) | Emergency exemption (see 3.4) | Separate consent |
| Personalized Recommendation | Analysis labels, preference profiles | Service matching | Duration | No | Separate consent |
| Security Maintenance | IP, device information, logs | System security | 6 months - 1 year | Disclosure to law enforcement | Statutory obligation |
| Emergency Contact | Name, relationship, mobile phone number | Crisis intervention | Duration | Disclosure to contact or law enforcement in emergency | Life and health exemption |
| Third-Party Referral | Authorized conversation summary | Professional counseling衔接 (liaison) | As specified by user | After express user authorization | Separate consent |
> This Platform deeply understands that your inner world is your most valuable privacy. We will protect your trust in us with the highest technical standards, the most rigorous legal compliance, and the most transparent data processing practices.
(The remainder of this page is intentionally left blank)