AIGolfChat Privacy Policy

Welcome to AIGolfChat ("the App", "Service", "We", "Us", or "Our"), operated by Beijing Xiyao Technology Co., Ltd. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application. Please read this policy carefully. By using the App, you agree to the terms outlined here.

1. Information We Collect

We may collect the following types of information:

• Personal Data: If you register an account, we may collect your name, email address, and other contact details.
• Usage Data: We automatically collect information about how you interact with the App, such as session duration, features used, and device information (e.g., device model, OS version).
• Location Data: If you enable location services, we may collect GPS data to provide location-based features (e.g., golf course recommendations).
• User Content: Photos, videos, and other content you upload for analysis by our AI system.
• Cookies & Analytics: We use third-party tools (e.g., Google Analytics) to improve the App's performance.

2. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

• Consent: For processing photos/videos/biometric data and sending marketing communications
• Contractual Necessity: For providing the services you request
• Legitimate Interests: For service improvement and security, with appropriate balancing tests
• Legal Obligations: Where required by applicable laws

3. How We Use Your Information

We use the collected data to:

• Provide and improve the App's functionality.
• Respond to user inquiries and support requests.
• Analyze usage trends to enhance user experience.
• Comply with legal obligations (e.g., GDPR, CCPA).
• Personalize your experience and provide relevant content.

4. Data Sharing & Disclosure

We do not sell your personal data. However, we may share information with:

• Service Providers: Third-party vendors who assist with analytics, hosting, or customer support (under strict data processing agreements).
• Legal Authorities: If required by law (e.g., court orders, government requests).
• Business Transfers: In connection with any merger, sale of company assets, or acquisition.

5. International Data Transfers

Your data may be processed outside your country (e.g., in the U.S. or EU), but we ensure compliance with applicable privacy laws:

• For EEA data transfers, we use Standard Contractual Clauses with supplementary measures where needed
• We only transfer data to jurisdictions with adequate protection or appropriate safeguards

We store and process user-submitted content (including questions, photos, and videos) through ​​Alibaba Cloud’s data centers in Japan​​. Alibaba Cloud maintains the following compliance certifications:

• ​​ISO 27001/27701​​ (Information Security & Privacy Management)
​​
• GDPR Standard Contractual Clauses (SCCs)​​ for international data transfers
​​
• Japanese Personal Information Protection Commission (PPC)​​ certification
• Your data will only be retained for the ​​minimum necessary service period​​, not exceeding ​​15 years​​.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access, correct, or delete your personal data.
• Restrict or object to processing of your data.
• Data portability (where technically feasible).
• Opt out of marketing communications.
• Withdraw consent (where applicable).
• Lodge a complaint with a data protection authority (e.g., UK ICO, German BfDI).

To exercise these rights, contact our Data Protection Officer at dpo@xtimeai.com.

7. Data Retention

We retain your personal data only as long as necessary to:

• Provide services you requested
• Comply with legal obligations
• Resolve disputes
• Enforce our agreements

Account data is deleted within 30 days of account closure. Backup data may persist for up to 60 days.

8. Data Security

We implement industry-standard measures including:

• Encryption of data in transit and at rest
• Regular security audits
• Access controls and authentication protocols
• Employee training on data protection

However, no method is 100% secure. Please use strong passwords and enable two-factor authentication where available.

9. Children's Privacy

The App is not intended for users under 16. We do not knowingly collect data from children under 16. If we become aware of such collection, we will take steps to delete the information.

10. Third-Party Services

The App may contain links to third-party websites/services with their own privacy policies. We are not responsible for their practices.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notice at least 30 days before changes take effect. Continued use after changes constitutes acceptance.

12. Contact Us

For questions or data requests:

• General inquiries: support@xtimeai.com
• Data Protection Officer: dpo@xtimeai.com
• Postal: Beijing Xiyao Technology Company Co., Ltd, Room 104, 1st Floor, Building 15, No. 98 Lianshihu West Road, Mentougou District, Beijing, China