AIGolfChat Privacy Policy
Last Updated: August 23, 2025
Welcome to AIGolfChat ("the App", "Service", "We", "Us", or "Our"), operated by Beijing Xiyao Technology Co., Ltd. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application. Please read this policy carefully. By using the App, you agree to the terms outlined here.
1. Information We Collect
We may collect the following types of information:
- Personal Data: If you register an account, we may collect your name, email address, and Golf-related information, comprising height, swing type, injury status, and personal information including uploaded photographs of physical posture and other contact details.
- Usage Data: We automatically collect information about how you interact with the App, such as session duration, features used, and device information (e.g., device model, OS version).
- Location Data: If you enable location services, we may collect GPS data to provide location-based features (e.g., golf course recommendations).
- User Content: Photos, videos, and other content you upload for analysis by our AI system.
- Cookies & Analytics: We use third-party tools (e.g., Google Analytics) to improve the App's performance.
2. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data based on:
- Consent: For processing photos/videos/biometric data and sending marketing communications
- Contractual Necessity: For providing the services you request
- Legitimate Interests: For service improvement and security, with appropriate balancing tests
- Legal Obligations: Where required by applicable laws
3. How We Use Your Information
We use the collected data to:
- Provide and improve the App's functionality.
- Respond to user inquiries and support requests.
- Analyze usage trends to enhance user experience.
- Comply with legal obligations (e.g., GDPR, CCPA).
- Personalize your experience and provide relevant content.
4. Data Sharing & Disclosure
We do not sell your personal data. However, we may share information with:
- Service Providers: Third-party vendors who assist with analytics, hosting, or customer support (under strict data processing agreements).
- Legal Authorities: If required by law (e.g., court orders, government requests).
- Business Transfers: In connection with any merger, sale of company assets, or acquisition.
5. International Data Transfers
Your data may be processed outside your country (e.g., in the U.S. or EU), but we ensure compliance with applicable privacy laws:
- For EEA data transfers, we use Standard Contractual Clauses with supplementary measures where needed
- We only transfer data to jurisdictions with adequate protection or appropriate safeguards
Our Alibaba Cloud ECS server is hosted in the Frankfurt, Germany region, ensuring all data remains within the EU to comply with GDPR data residency requirements. Alibaba Cloud’s Frankfurt infrastructure adheres to key international standards, including ISO 27001, ISO 27018, and Germany’s C5 attestation. We also use Google Firebase for data storage, ensuring it also complies with GDPR through EU data processing terms and safeguards. As our data processor, Alibaba Cloud provides GDPR-compliant data processing agreements (DPA) with EU Standard Contractual Clauses. While both providers secure their infrastructure, we remain responsible for securing our application and data access.Your data will only be retained for the minimum necessary service period, not exceeding 15 years.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal data.
- Restrict or object to processing of your data.
- Data portability (where technically feasible).
- Opt out of marketing communications.
- Withdraw consent (where applicable).
- Lodge a complaint with a data protection authority (e.g., UK ICO, German BfDI).
To exercise these rights, contact our Data Protection Officer at dpo@xtimeai.com.
7. Data Retention
We retain your personal data only as long as necessary to:
- Provide services you requested
- Comply with legal obligations
- Resolve disputes
- Enforce our agreements
Account data is deleted within 30 days of account closure. Backup data may persist for up to 60 days.
8. Data Security
We implement industry-standard measures including:
- Encryption of data in transit and at rest
- Regular security audits
- Access controls and authentication protocols
- Employee training on data protection
However, no method is 100% secure. Please use strong passwords and enable two-factor authentication where available.
9. Children's Privacy
The App is not intended for users under 16. We do not knowingly collect data from children under 16. If we become aware of such collection, we will take steps to delete the information.
10. Third-Party Services
The App may contain links to third-party websites/services with their own privacy policies. We are not responsible for their practices.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notice at least 30 days before changes take effect. Continued use after changes constitutes acceptance.
12. Contact Us
For questions or data requests:
- General inquiries: support@xtimeai.com
- Data Protection Officer: dpo@xtimeai.com
- Postal: Beijing Xiyao Technology Company Co., Ltd, Room 104, 1st Floor, Building 15, No. 98 Lianshihu West Road, Mentougou District, Beijing, China