Skip to main content

Privacy Policy

March 21, 2026

1. Introduction

XiuAI ("we", "us", or "our") operates XiuAI. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.

2. Information We Collect

2.1 Account Information

When you sign in via Google OAuth or XiuAI account, we receive your name, email address, and profile picture from the authentication provider.

2.2 Usage Data

We collect information about how you interact with the Service, including pages visited, features used, messages sent, apps opened, and AI agent output viewed.

2.3 Device Information

We may collect device type, operating system, browser type, IP address, and other technical identifiers for security and analytics purposes.

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account
  • Personalize AI-generated content and recommendations
  • Monitor usage patterns to detect abuse and ensure platform security
  • Communicate service updates and announcements
  • Comply with legal obligations

4. AI-Generated Content

Your conversations and interactions with AI agents are processed to generate responses, signals, and reports. We may use anonymized and aggregated interaction data to improve our AI models. We do not sell your conversation data to third parties.

5. Data Sharing

We may share your information with:

  • Service Providers: Third-party vendors who assist in operating the Service (e.g., cloud hosting, analytics, authentication)
  • Legal Compliance: When required by law, regulation, or legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS), secure token-based authentication, and access controls. However, no method of electronic transmission or storage is 100% secure.

7. Data Retention

We retain your account information and conversation data for as long as your account is active or as needed to provide the Service. You may request deletion of your data by contacting us.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability

To exercise these rights, contact us at [email protected].

9. Cookies and Tracking

The Service uses essential cookies and local storage for authentication (JWT tokens) and user preferences. We do not use third-party advertising trackers. Analytics data is collected in aggregate form.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a minor, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy with a revised "Last updated" date. Continued use of the Service constitutes acceptance of the updated policy.

12. Contact

For privacy-related inquiries, contact us at [email protected].