Privacy Policy

For individuals outside the European Economic Area, United Kingdom, and Switzerland, you can read this version⁠ of our Privacy Policy

We at TaoX AI LTD, (together with our affiliates, “[howone AI]”, “we”, “our” or “us”) respect your privacy and protect your personal data and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Data that we collect from or about you when you use our website, applications, and services (collectively, “Services”).

This Privacy Policy does not apply where howone AI acts as a data processor and processes personal data on behalf of commercial customers using howone AI’s Commercial Services – for example, your employer has provisioned you a Claude for Work account, or you're using an app that is powered on the back-end with howone AI. This Privacy Policy does not apply to content that we process on behalf of customers of our business offerings, such as our API.

This Privacy Policy also describes your privacy rights. More information about your rights, and how to exercise them, is set out in Section 6 (“Your Rights”).

1. Data controller

If you live in the UK, European Economic Area (EEA) or Switzerland, TaoX AI Limited, with its registered office at the UK, is the controller and is responsible for the processing of your Personal Data as described in this Privacy Policy.

2. Personal Data we collect

We collect personal data relating to you (“Personal Data”) as follows:

Personal Data You Provide: We collect Personal Data if you create an account to use our Services or communicate with us as follows:

Account Information: When you create an account with us, we will collect information associated with your account, including your name, contact information, account credentials, date of birth, payment information, and transaction history, (collectively, “Account Information”) from third-parties or from you. When you choose to sign in through third parties’ account (e.g., Google or Github account), we may collect your third parties’ account information (e.g., email, account name, profile etc.).
User Content: When you use our Services, we collect and process the content you submit, including but not limited to any prompts, textual inputs, or code (“User Content”), depending on the features you interact with.

Our Services are primarily designed to process code, scripts, or other technical inputs. While some features may allow you to upload files to enhance functionality (e.g., uploading sample datasets or project files), we do not collect or store such uploaded files unless explicitly stated. Uploaded files are processed temporarily for the purpose of providing the service functionality and are not used for any other purpose. Please do not include or upload any personal, sensitive, or confidential information in your inputs or files. This includes, but is not limited to, names, addresses, contact information, national identification numbers, financial data, health records, or proprietary business information. We do not intend to collect any sensitive or personally identifiable information (PII), and we do not take any steps to verify, extract, or use such information. If we become aware that such data has been submitted in violation of this policy, we reserve the right to delete such content and may suspend or restrict access to the Services to ensure compliance with data protection regulations.

Communication Information: If you communicate with us, such as via email or our pages on social media sites, we may collect Personal Data like your name, contact information, and the contents of the messages you send (“Communication Information”).
Other Information You Provide: We collect other information that you may provide to us, such as when you participate in our events or surveys or provide us with information to establish your identity or age.

Personal Data We Receive from Your Use of the Services: When you visit, use, or interact with the Services, we receive the following information about your visit, use, or interactions (“Technical Information”):

Log Data: We collect information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
Usage Data: We collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
Device Information: We collect information about the device you use to access the Services, such as the name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.
Cookies and Similar Technologies: We use cookies and similar technologies to operate and administer our Services, and improve your experience. If you use our Services without creating an account, we may store some of the information described in this policy with cookies, for example to help maintain your preferences across browsing sessions. For details about our use of cookies,

3. How we use Personal Data

We may use Personal Data for the following purposes:

To provide analyse, and maintain our Services, for example to respond to your questions for our Services;
To improve and develop our Services and conduct research, for example to develop new product features;
To communicate with you, including to send you information about our Services and events, for example about changes or improvements to the Services;
To prevent fraud, illegal activity, or misuses of our Services, and to protect the security of our systems and Services;
To comply with legal obligations and to protect the rights, privacy, safety, or property of our users, or third parties.

We may also aggregate or de-identify Personal Data so that it no longer identifies you and use this information for the purposes described above, such as to analyse the way our Services are being used, to improve and add features to them, and to conduct research. We will maintain and use de-identified information in de-identified form and not attempt to reidentify the information, unless required by law.

4. Disclosure of Personal Data

In certain circumstances we may provide your Personal Information to third parties without further notice to you, unless required by the law:

Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may provide Personal Information to vendors and service providers, including providers of hosting services, customer service vendors, cloud services, email communication software, web analytics services, and other information technology providers, among others. Pursuant to our instructions, these parties will access, process, or store Personal Information only in the course of performing their duties to us.
Legal Requirements: We may share your Personal Information, including information about your interaction with our Services, with government authorities, industry peers, or other third parties (i) if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation.
Other Users and Third Parties You Share Information With: Certain features may allow you to display or share information with other users or third parties.

5. Retention

We’ll retain your Personal Data for only as long as we need in order to provide our Services to you, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations. How long we retain Personal Data will depend on a number of factors, such as:

Our purpose for processing the data (such as whether we need to retain the data to provide our Services);
The amount, nature, and sensitivity of the information;
The potential risk of harm from unauthorized use or disclosure;
Any legal requirements that we are subject to.

6. Your rights

You have the following statutory rights in relation to your Personal Data:

Access your Personal Data and information relating to how it is processed.
Delete your Personal Data from our records.
Rectify or update your Personal Data.
Transfer your Personal Data to a third party (right to data portability).
Restrict how we process your Personal Data.
Object to our processing of your Personal Data.
Withdraw your consent—where we rely on consent as the legal basis for processing at any time.
Lodge a complaint with your local data protection authority (see below).

You can exercise some of these rights through your account. If you are unable to exercise your rights through your account, please submit your request to legal@taoxai.com.

We hope that we are able to address any questions or concerns you may have. If you have any unresolved complaints with us, you can reach out to the UK Information Commissioner’s Office (ICO) https://ico.org.uk/.

7. Children

Our Services are not directed to, or intended for, children under 16. We do not knowingly collect Personal Data from children under 16. If you have reason to believe that a child under 16 has provided Personal Data to us through the Services, please email us at legal@taoxai.com.

8. Security

We implement commercially reasonable technical, administrative, and organizational measures designed to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you provide to the Services.

9. Legal bases for processing

We must have a legal basis for processing all personal data. In this instance, the legal basis is:

Your consent;
Necessity to perform a contract with you, such as processing a user’s prompts to provide a response.
Where necessary for our legitimate interests and those of third parties and broader society, including in developing, improving, or promoting our Services.
Where necessary to comply with a legal obligation, such as fraud prevention, illegal activity, protection of rights, privacy, safety or misuses of our Service.