Privacy Policy

1. OUR COMMITMENT TO PRIVACY

This Privacy Policy explains how we collect, use, store, and protect your data when you use our Service. We are committed to not selling or distributing your data to third parties.

OUR CORE PRIVACY PROMISE: We will never sell, rent, lease, or otherwise distribute your personal information, contact details, or any data collected through our Service to third parties for marketing, advertising, or any commercial purposes. Your data remains yours and is used solely to provide our Service to you.

2. DATA WE COLLECT

We collect only the minimum data necessary to provide our Service and maintain account functionality. All data collection is transparent and purposeful.

2.1 ACCOUNT INFORMATION. When you create an account, we collect your email address and basic profile information through Google Firebase Authentication. This information is used solely for account management, authentication, and communication about your account.

2.2 USAGE DATA. We collect usage data to manage account limits and billing, including:

• Model usage counts per user account
• Daily and monthly usage limits tracking
• Account tier and subscription status

This usage data is tied to your user account and is used solely for service management and billing purposes.

2.3 CONTENT DATA. Your conversations, chat logs, and user-generated content are stored in our backend infrastructure (Google Firestore). This data is used solely for providing the chat functionality you request.

2.4 TECHNICAL DATA. We automatically collect certain technical information when you use our Service, including IP addresses, browser information, and device characteristics. This data is used for security purposes, fraud prevention, and service optimization.

3. HOW WE PROTECT YOUR DATA

We implement security measures to protect your data. Our Service is hosted on Vercel, which provides encryption for data in transit (HTTPS/TLS) and at rest. Data stored in Google Firestore is encrypted using Google's encryption infrastructure.

3.1 ENCRYPTION. Data transmitted to and from our Service is encrypted in transit using HTTPS/TLS. Data stored in Google Firestore is encrypted at rest using Google's encryption standards. We rely on Vercel and Google's encryption infrastructure for data protection.

3.2 ACCESS CONTROLS. Access to user data is limited to what is necessary to provide the Service. We use Google Firebase Authentication for account access control.

3.3 DATA MINIMIZATION. We collect only the data necessary to provide our Service.

4. OUR DATA SHARING AND DISTRIBUTION POLICY

4.1 ABSOLUTE NON-DISTRIBUTION POLICY. We will never intentionally distribute, share, sell, rent, lease, or otherwise transfer your personal information, contact details, chat logs, or any other data collected through our Service to any third parties. This prohibition is absolute and applies to all current and future business activities.

4.2 EXCEPTIONS TO NON-DISTRIBUTION POLICY. The only exceptions to our non-distribution policy are:

• Legal Requirements: When required by law, court order, or government regulation
• Account Security: To protect against fraud, security threats, or account abuse
• Service Providers: To essential service providers who are bound by strict confidentiality agreements and data processing agreements (such as Google for infrastructure services)
• User Consent: When you explicitly consent to specific data sharing

4.3 THIRD-PARTY SERVICE PROVIDERS. We may engage third-party service providers for essential Service operations. All such providers are carefully selected and must comply with our data protection standards and applicable privacy laws. We require all providers to maintain the same level of data protection as we do.

5. GOOGLE BACKEND INFRASTRUCTURE AND USER RESPONSIBILITY

5.1 GOOGLE'S ROLE IN OUR SERVICE. Our Service utilizes Google (Firebase) as its backend infrastructure provider. This includes:

• Google Firebase Authentication for user login and account management
• Google Firestore for secure data storage and database operations
• Google Firebase Admin SDK for server-side processing
• Google Cloud Platform services for hosting and infrastructure

5.2 USER ACCOUNT MANAGEMENT. Your account authentication and login process is managed entirely by Google Firebase Authentication. This allows you to access your account from any device or location where you can authenticate with Google. Google maintains the authentication infrastructure and handles login security.

5.3 USER RESPONSIBILITY FOR GOOGLE SERVICES. While we select and configure Google services to meet high security and privacy standards, you acknowledge that Google maintains and operates the underlying infrastructure. You are responsible for any security incidents, data breaches, service outages, or other issues that may arise from Google's infrastructure, including but not limited to:

• Authentication system compromises or failures
• Google account security breaches
• Google service outages or disruptions
• Changes to Google's policies or terms
• Google's data processing and privacy practices
• Cross-border data transfers by Google
• Google's compliance with international privacy laws

5.4 GOOGLE'S PRIVACY PRACTICES. Google's privacy practices and data handling are governed by Google's Privacy Policy and Terms of Service. You are responsible for reviewing and understanding Google's privacy policies, as they apply to the authentication and infrastructure services we use.

6. AI MODEL PROVIDER INTERACTIONS

6.1 OUR ROLE AS A PLATFORM. just4o.chat is a platform service that provides access to AI models. We are not the developers, owners, or operators of the underlying AI models. Our Service acts as an intermediary between users and AI model providers, primarily OpenAI.

6.2 DATA TRANSMISSION TO MODEL PROVIDERS. When you submit queries or prompts through our Service, your input data is transmitted to the AI model provider's servers for processing. This transmission is necessary for the Service to function and provide AI responses.

6.3 MODEL PROVIDER DATA HANDLING. AI model providers have their own privacy policies and data handling practices. You acknowledge that:

• Your queries are processed on the model provider's infrastructure
• The model provider may retain your data for training, improvement, or operational purposes
• The model provider's privacy practices apply to data processed on their servers
• You are responsible for understanding and accepting the model provider's terms

6.4 OPENAI SPECIFIC CONSIDERATIONS. For OpenAI-powered models, your data handling is subject to OpenAI's privacy policy and terms of service. OpenAI may use data for model training and improvement purposes. You are responsible for reviewing OpenAI's policies and determining your comfort level with their data practices.

6.5 DATA RETENTION IN OUR SYSTEMS. We do not permanently store AI-generated responses or maintain detailed logs of model outputs beyond temporary session management. User input messages may be retained in our Google infrastructure as part of conversation history, but AI processing outputs are not stored long-term by our Service.

7. INTERNATIONAL DATA TRANSFERS

7.1 CROSS-BORDER DATA TRANSFERS. Your data may be transferred to and processed in countries other than your own, including countries that may not have the same data protection laws as your country of residence. These transfers occur because:

• Our infrastructure is hosted on Google's global cloud platform
• AI model providers operate servers in multiple jurisdictions
• Our Service is accessible worldwide

7.2 ADEQUACY AND SAFEGUARDS. We ensure that all international data transfers are conducted in compliance with applicable data protection laws. This includes implementing appropriate safeguards such as standard contractual clauses, adequacy decisions, and other legally recognized transfer mechanisms.

7.3 YOUR RIGHTS REGARDING TRANSFERS. You have the right to obtain information about the safeguards we implement for international data transfers. Please contact us if you require more details about specific transfer mechanisms.

8. YOUR RIGHTS AND CHOICES

8.1 ACCESS TO YOUR DATA. You have the right to access the personal data we hold about you. You can view and download your chat history, account information, and other stored data through the Service interface.

8.2 DATA PORTABILITY. You can export your data in a portable format at any time. This includes your chat logs, project data, and account information.

8.3 DATA CORRECTION. You can update or correct your account information and personal data through the Service settings.

8.4 DATA DELETION. You can delete your account and all associated data at any time. Upon deletion, we will permanently remove your data from our systems, subject to legal retention requirements.

8.5 OPT-OUT RIGHTS. You can opt out of non-essential data collection and processing. However, some data collection is necessary for the Service to function.

8.6 COMPLAINT RIGHTS. If you believe your privacy rights have been violated, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

9. DATA RETENTION

9.1 ACTIVE ACCOUNT DATA. We retain your data for as long as your account is active or as needed to provide the Service. Chat logs and conversation history are retained until you delete them or close your account.

9.2 ACCOUNT CLOSURE. When you close your account, we delete your personal data within 30 days, subject to legal retention requirements.

9.3 LEGAL RETENTION. We may retain certain data longer if required by law, for legal proceedings, or to resolve disputes.

10. COOKIES AND TRACKING

10.1 COOKIE USAGE. We use cookies and similar technologies to enhance your experience and provide the Service. Cookies are small text files stored on your device.

10.2 TYPES OF COOKIES. We use:

• Essential Cookies: Required for the Service to function
• Authentication Cookies: For secure login and session management
• Analytics Cookies: To understand Service usage and improve performance

10.3 COOKIE MANAGEMENT. You can control cookie settings through your browser. However, disabling certain cookies may affect Service functionality.

10.4 THIRD-PARTY COOKIES. Some third-party services may set cookies on our Service. We do not control these cookies and they are subject to the third party's privacy policy.

11. CHILDREN'S PRIVACY

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

12. CHANGES TO THIS PRIVACY POLICY

12.1 POLICY UPDATES. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

12.2 NOTICE OF CHANGES. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Providing in-Service notifications

12.3 EFFECTIVE DATE. Changes take effect immediately upon posting, unless otherwise specified. Your continued use of the Service constitutes acceptance of the updated policy.

13. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact us at: just4ochat@gmail.com

For data protection inquiries or to exercise your rights, please contact our Data Protection Officer at: just4ochat@gmail.com