Privacy Policy

1. Scope

This Privacy Policy applies to your access to and use of Bayzic's features and services (including website browsing, account registration, Workspace data analysis, and subscription purchases; and, if provided in the future, API or similar interface services).

This Policy does not apply to third-party websites, services, or privacy practices that we do not control (for example, third-party links you may visit via our website). When you leave the Service or use third-party services, please review their privacy policies on your own.

2. Definitions

• Personal Information: Information related to an identified or identifiable natural person, such as email address, IP address, account ID, and similar identifiers.
• Workspace Data: Tabular data you paste/input when using analysis services, field-mapping configurations, and analysis parameters.
• Usage Data: Technical data automatically generated during your use of the Service, such as access timestamps, browser type, page paths, language preference, time zone, and error logs.

"Workspace Data" in this Privacy Policy corresponds to "User Data" in the Terms of Service. "Usage Data / Logs and Technical Information" corresponds to the technical logs recorded for security and troubleshooting as described in the Terms of Service.

3. Information We Collect

3.1 Information You Provide

• Account and Verification Information: When you register or log in, we collect your email address. To verify your identity, we process OTP codes and generate session identifiers.
• Workspace Data: To provide analysis services, you may paste or input tabular data. You are responsible for the content of Workspace Data; we process such data only to the extent necessary to provide the Service.
• Customer Support: When you contact the support team, we may collect the feedback, screenshots, or contact details you provide.

3.2 Information We Collect Automatically

To support service operation, security, and troubleshooting, we automatically collect:

• Logs and Technical Information: Including IP address, browser type, access time, page path, language preference, time zone, and error logs.
• Cookies and Similar Technologies: We use only cookies necessary to maintain login status, ensure security, and support core functions (for example, session identifiers and security/anti-fraud technical markers). We do not use cookies for advertising delivery, cross-site tracking, or profiling. You may delete or restrict cookies via browser settings, but doing so may prevent login or make certain core features unavailable.
• Optional Error/Event Reporting (If You Enable It): This is an optional feature and may not be enabled by default; availability is subject to product pages/account settings. Only when you proactively enable this feature in the product interface, or provide/specify your own receiving endpoint address, may the client report necessary error information or runtime events to the endpoint you specify (for example, your own logging system or monitoring service address), so that you can troubleshoot issues yourself. Reported content is typically technical information (such as timestamps, page paths, browser type, error stack/error codes, session-related identifiers, and similar data), configured and sent based on a minimum-necessary principle. You should ensure that your specified endpoint is lawful and secure, and you are responsible for third-party processing, access control, and compliance obligations arising from it. Unless you proactively provide relevant information to us during troubleshooting communications (for example, screenshots, log excerpts, or forwarded error content), such optional reporting information will not be sent to us by default.
• Browser Local Storage: We may use browser local storage (localStorage/sessionStorage) to store session state or temporary Workspace state information. When you log out, the system may clear some local cache and session information. You may also clear site data in browser settings, but doing so may require you to log in again or may cause loss of temporary state that has not been exported.

3.3 Information from Third Parties

• Payment and Subscription Information: Our payment process is handled by third-party payment providers. We may receive necessary information related to your order (such as subscription status, order ID, and purchase date), but we do not collect or store your full card number or bank account information. We only receive or share information necessary to complete the transaction (for example, order ID, subscription status, purchase date, email), and we do not store your bank card/payment card information.

4. How We Use Information

We process your information only to the extent necessary to provide the Service, ensure security, and comply with applicable legal obligations, including:

1. Providing Core Services: Verifying your identity for login, processing your Workspace Data, and returning Analysis Results.
2. Account Management: Managing your subscription status, quota limits, and handling email change requests.
3. Security and Abuse Prevention: Using IP addresses and logs to identify abnormal logins, prevent bulk crawling, DDoS attacks, and fraud.
4. Communications: Sending necessary notices related to account verification, subscription status, and service operation (such as login OTP codes, subscription changes, and maintenance announcements).
5. Compliance and Legal Obligations: Meeting tax, audit, and other applicable legal requirements.

We do not use your Personal Information or Workspace Data for targeted advertising or cross-site tracking.

5. Sharing and Disclosure

We do not sell your Personal Information. However, we may share necessary information with third parties in the following cases:

5.1 Service Providers

We select trusted third-party companies to support our operations. These providers process data only to the extent necessary and are subject to confidentiality obligations, such as providing cloud infrastructure, payment services, and related technical support to run our servers, databases, and backend services. They process necessary information only under our instructions and for the purpose of providing the relevant services, and we restrict access through contractual terms, access controls, and similar measures. We share information only as necessary and follow a data-minimization principle.

User-Specified Receiving Endpoint (If You Enable It): If you, as a user, enable the optional feature to report errors/events to your specified endpoint, such information will be sent to the endpoint you provide. That endpoint is outside our control, and subsequent processing is governed by your arrangements and the endpoint service's rules.

5.2 Legal Requirements

If required by laws and regulations, court orders, or mandatory requests by government authorities, or to protect the rights, property, or safety of Bayzic, users, or the public (for example, preventing fraud), we may disclose your information.

5.3 Business Transfers

If a merger, acquisition, asset sale, or restructuring occurs, user information may be transferred as part of the assets. We will require the recipient to process such information under standards no lower than this Policy, or we will provide you with appropriate notice.

6. International Data Transfers

Bayzic provides services globally. Therefore, your Personal Information and Workspace Data may be transferred to servers outside your country/region for storage and processing (for example, the United States, Hong Kong, or other regions where we deploy cloud infrastructure). Data protection laws in such regions may differ from those in your jurisdiction.

We conduct cross-border storage and processing only to the extent necessary to provide the Service, and we use appropriate technical and contractual measures to protect your information. Regions for cross-border storage and processing may change as our infrastructure deployment changes, but we will continue to follow necessity and data-minimization principles and apply corresponding safeguards.

7. Data Retention

• Workspace Data: We retain the minimum necessary data related to the analysis process only for the period needed to provide the Service, troubleshoot, and ensure security, and we will delete or anonymize it when no longer needed. We do not use your Workspace Data for advertising. Unless you expressly consent otherwise, we will not use Workspace Data to train general-purpose public models. Workspace Data may be temporarily stored during processing to complete computations, generate results, troubleshoot, and protect security; we control scope and duration under a minimum-necessary principle. Retention duration may vary depending on feature type and troubleshooting/security needs, and will be subject to product pages or account settings/descriptions; data will be deleted or anonymized after it exceeds the necessary period.
• Account Information: We retain account information while your account is active, or for the period necessary to provide the Service, handle disputes, and comply with legal obligations.
• Transaction Records: Even if you delete your account, we may retain order and payment records for a longer period to comply with tax and financial audit requirements. Data that is expired or no longer necessary will be securely deleted or anonymized.

8. Children's Privacy

The Service is not intended for minors. We do not knowingly collect Personal Information from minors. If you believe that a minor has provided information to us, please contact us and we will take reasonable steps to verify and delete the relevant information.

9. Data Security

We use industry-standard security measures to protect your information, including strict backend access controls and a least-privilege approach.

Although we use reasonable security measures, internet transmission may still involve risks. If a security incident occurs, we will take reasonable steps in accordance with applicable laws and the impact of the incident, and we will notify affected users where required by law or where reasonably feasible.

10. Policy Updates

We may update this Privacy Policy from time to time to reflect business changes or legal requirements. For material changes, we may notify you through prominent notices on the website/console (for example, announcement pages or on-page prompts) or by other reasonable means, and we will update the "Last Updated" date on this page. We recommend that you review this page and announcement pages periodically to stay informed of the latest Policy content.

You may also contact us to request access, correction, or deletion; we will handle such requests in accordance with applicable laws and account security requirements.

11. Your Rights and Choices

To the extent permitted by applicable law, you may submit the following requests using the contact method provided in "Contact Us":

• Access and Copy: Request access to and a copy of the Personal Information we hold related to your account;
• Correction: Request correction of inaccurate or incomplete information;
• Deletion / Account Closure: Request deletion of information or closure of your account, subject to legal and security requirements;
• Withdraw Consent: For optional features based on your consent (for example, "optional error/event reporting"), you may disable them at any time in product settings; after disabling, we will no longer send new reports to your specified endpoint.

We may require you to provide necessary information to verify account ownership, and we will process requests within a reasonable period. For legal obligations, security audits, or dispute handling, we may retain certain necessary records (for example, orders and payment records), as described under "Data Retention."

12. Contact Us

If you have any questions, suggestions, or complaints about this Privacy Policy or Personal Information processing, please contact our privacy compliance team:

• Email: support@bayzic.com
• Website: bayzic.com
• Interpretation and dispute resolution of this Privacy Policy shall follow the governing law and dispute resolution provisions in the Terms of Service.