I. How We Collect and Use Your Personal Information
We collect and use Personal Information lawfully, fairly, necessarily, and in good faith for explicit and reasonable purposes. Except for information necessary to provide basic functions or fulfill legal obligations, you may decline to provide information. This may prevent you from using the relevant function but will not affect functions that do not rely on it. The Personal Information Collection List below provides a quick overview of the scenarios, purposes, and data types involved.
Personal Information Collection List
| Collection Scenario | Purpose | Collection Method | Type of Personal Information |
|---|---|---|---|
| Account registration and login | User registration and login | Provided by the user | Mobile number or email address |
| One-click login | Authorized by the user | Mobile number or third-party account information | |
| Content generation services | Provide AI text, image, audio, and video generation | Provided by the user | Input content, including text, images, audio, and video |
| Collect user feedback | Provided by the user | Feedback content | |
| Model training and service improvement | Provided by the user | Input and output content | |
| System permissions | Enable microphone, camera, photos/storage, clipboard, and other functions; see Section 1.3 | Collected after authorization | Recordings, captured images/videos, uploaded files, and clipboard text |
| Payment services | Paid subscriptions | Provided by the user | Payment account and order information |
| Issue invoices | Provided by the user | Email address, invoice title, taxpayer number, and other necessary information | |
| Service security | Protect secure and stable operation and service quality | Automatically collected | Browser and device information, IP address, network status and type, access time, operations, usage, and service logs |
1.1 Account Services
1.1.1 Account Registration and Login
To help you register, log in, and use the Products and services, we collect necessary account information according to the product version, region, service site, and login methods displayed.
- For Mainland China services or mobile-number login, you must provide a mobile number. We use it to send SMS verification codes for registration, login, identity verification, account protection, and necessary service notices.
- For overseas services or email login, you must provide an email address. We use it to send verification codes or service notices for registration, login, identity verification, account protection, and necessary communications.
- If you choose third-party login, such as Google, we obtain only the account information you authorize the provider to share, such as an account identifier, email address, avatar, and nickname. The authorization page controls the actual scope. Refusing authorization prevents use of that login method but does not affect other login methods.
- After registration or login, you may set an avatar, nickname, and linked accounts. Your avatar and nickname may be displayed publicly in the Product.
1.1.2 Verification
When you use an identity-verification function, we may collect real identity information, such as a mobile number, as required by law to protect your or other users’ account security. You may refuse, but the relevant service may then be unavailable without affecting other functions.
| Note: Government-ID real-name verification is not currently mandatory. If laws, regulations, or business needs require such a function later, we will provide separate notice and obtain consent where required. |
|---|
1.2 Content Generation Services
We use generative AI models to provide text, image, audio, and video generation. We collect the source materials and instructions you choose or enter to complete generation tasks, display history, troubleshoot issues, protect service security, review content, and improve the experience.
In particular, when using content-generation functions:
(1) Please do not enter Personal Information that identifies you or another person when it is not necessary for us to provide the service.
(2) If your input contains another person’s Personal Information, obtain lawful authorization before providing it to avoid misuse or disclosure.
(3) When processing audio materials, we may analyze voice feature points to provide the service, but we do not use them to identify a specific natural person.
(4) You must not use deep learning, virtual reality, generative AI, or similar technologies to create, upload, copy, transmit, or disseminate prohibited information, including false news, or misrepresent synthetic content as natural content. Non-authentic information must be conspicuously labeled; otherwise, we may add labels or restrict or suspend the content and account.
1.3 System Permissions
We may request system permissions when needed for a specific function. You may allow or refuse them. Refusal may make that function unavailable but will not affect other functions. Permission names vary by device, system version, and product form.
| Permission/Information | Use Scenario | Information That May Be Collected | Effect of Refusal |
|---|---|---|---|
| Microphone | Voice input and calls, voice cloning, audio recording, and voice conversion | Recordings, voice clips, audio features, transcripts, and voice parameters | Recording, voice input, and voice cloning will be unavailable |
| Camera | Capture images/videos and upload avatars or generation references | Captured images, videos, or related materials | Direct capture will be unavailable; local upload may remain available |
| Photos/media/storage | Upload, save, download, and export media/files; record crash logs | Selected files, save paths, export records, and crash logs | Relevant files cannot be uploaded or saved |
| Clipboard | Recognize copied links, invitation codes, API keys, or quick-import content | Relevant clipboard text, read only when necessary | Quick recognition/import will be unavailable |
| Notifications | Task completion, quota changes, security alerts, and activity notices | Notification status and device push identifier, where applicable | Notifications may not arrive promptly |
| Network | Access services, upload materials, download results, and synchronize history | IP address, network status, and request logs | Functions requiring a network will be unavailable |
1.4 Payment Services
When you purchase credits, quotas, subscriptions, resource packages, paid models, or other paid services, we may collect bank-card type and number, third-party payment-account information, and order/payment information. Bank-card information is sensitive Personal Information necessary for payment. Refusal prevents payment but does not affect other functions.
To issue an invoice, we may collect one or more of the following as necessary: email address, invoice title, taxpayer number, company address and phone, bank and account details, special-invoice evidence, and authorization evidence. If information is refused or incorrect, we cannot issue the invoice until correct and necessary information is provided.
1.5 Feedback
For inquiries, feedback, complaints, or business cooperation, we may collect and retain your name, contact details, email, phone, WeChat, account information, feedback, and supporting materials to contact you, verify and resolve issues, provide support, improve products, and advance cooperation. Refusal may prevent us from responding promptly.
1.6 Service Security
To protect account, service, content, and transaction security and operational quality, we may collect device and browser information, OS version, device identifiers, IP address, network status, language, access time, click and feature-use records, task status, error and crash logs, performance data, risk-control records, and violation records for identity verification, risk detection, anti-fraud, content security, troubleshooting, statistics, and audit.
1.7 Model Improvement
After secure encryption, de-identification, or anonymization that prevents re-identification, we may analyze inputs, outputs, feedback, usage behavior, task status, and performance data for model training and improvement, product experience, security evaluation, benchmarking, troubleshooting, internal audit, and research.
If you do not want us to continue using all or part of authorized content, use the contact methods in this Policy to withdraw authorization.
1.8 Generated-Content Safety Review
To meet requirements for generative AI, deep synthesis, and AI-generated content labels, we may conduct automated or manual review of inputs, outputs, generation tasks, and publication/export behavior, and add visible labels, invisible labels, metadata, or other rights-management information.
Where unlawful, infringing, abusive, review-evasion, or other risks are found, we may refuse generation, provide warnings, remove or delete content, report to authorities, or assist investigations.
1.9 Exceptions to Consent
Under applicable laws and regulations, consent is not required in the following circumstances:
- Necessary to enter into or perform a contract at your request;
- Related to our performance of legal or regulatory obligations;
- Directly related to national security or national defense;
- Directly related to public security, public health, or major public interests;
- Directly related to criminal investigation, prosecution, trial, or enforcement;
- Necessary to protect your or another person’s life, property, or other major lawful interests where consent is difficult to obtain;
- Processing information you made public or that was otherwise lawfully disclosed within a reasonable scope;
- Other circumstances provided by law.
Please note that information that cannot identify you alone or together with other information is not Personal Information under the law. If information can identify you alone or together with other information, or data not linked to a specific person is combined with your other Personal Information, we will process and protect it as Personal Information under this Policy.
1.10 Open Platform/API Services
When you register for, authenticate, or use our open platform, APIs, developer console, or enterprise administration backend, we may collect and use the following information according to the service scenario:
(1) Developer/enterprise authentication information: developer account details, real name, mobile number, email address, identification number, and other necessary identity information. For enterprise use, this may include the enterprise name, unified social credit code, authentication materials, and the names and contact details of the legal representative, contact person, or administrator. Identification numbers may be sensitive Personal Information. Refusal may prevent use of authentication or API functions but does not affect unrelated services.
Note: Personal or enterprise real-name verification is not currently required for open-platform/API services. If introduced later, we will provide separate notice and obtain consent where required.
(2) Open-platform/API usage information: API keys, call records and times, models used, request status, token/quota consumption, error logs, bills, orders, and transaction information for calls, permissions, quotas, billing, operations, security, troubleshooting, disputes, and legal compliance.
(3) Service and marketing notices: mobile numbers, email addresses, or other contact details may be used for feature updates, product notices, security alerts, bills, service changes, marketing, or events. Marketing messages will include a lawful unsubscribe or opt-out method.
This collection and processing applies only when you register for, authenticate, or use open-platform/API services. It does not apply if you do not use those services.