Introduction

1. Scope of Application

This Policy applies to services provided through the ACT Agent website (actagent.com), related applications, API interfaces, and any other methods.

2. Information Collection

2.1 Information You Provide Directly

• (a)Registration Information: When you create an account, we collect your email address, username, password, and other information you choose to provide.
• (b)Profile Information: You may choose to provide personal information such as name, avatar, company name, position, etc.
• (c)Payment Information: When you make a top-up, we collect payment information through third-party payment service providers, but we do not store sensitive payment information such as complete payment card numbers.
• (d)Communication Content: Requests you submit through the Services, uploaded files, and content of interactions with agents.
• (e)Feedback Information: Feedback, evaluations, problem reports, and other information you provide.

2.2 Automatically Collected Information

• (a)Device Information: Includes device model, operating system version, unique device identifier, IP address, browser type and language, etc.
• (b)Usage Data: Includes the time you access services, usage duration, functions used, click records, page browsing history, etc.
• (c)Log Information: Includes service operation logs, error logs, performance data, etc.
• (d)Cookies and Similar Technologies: We use cookies and similar technologies to identify your device, remember your preferences, and analyze usage patterns.

2.3 Information Obtained from Third Parties

• (a)Social Media: If you log in through social media accounts, we may obtain limited information from these services.
• (b)Third-Party Services: When we integrate third-party services through MCP (Model Context Protocol), we may obtain necessary information from these services.

3. Information Use

The information we collect is used for the following purposes:

• (a)Providing Services: Process and respond to user requests, provide agent functions.
• (b)Account Management: Create and manage user accounts, verify user identity.
• (c)Service Improvement: Analyze usage patterns, improve service quality, develop new features.
• (d)Security Protection: Detect and prevent fraud, abuse, and security issues.
• (e)Communication: Send you important notices, service updates, security alerts.
• (f)Personalization: Provide personalized experiences based on your usage habits.
• (g)Legal Compliance: Comply with laws and regulations, enforce our Terms of Service.

4. Technical Architecture of Information Processing

4.1 Third-Party Model Processing

Since ACT Agent is based on multiple third-party large language models (LLMs), some of your request data may be transmitted to corresponding model providers:

• (a)Request Content: The prompts you input, contextual information, and file content may be sent to selected third-party model service providers for processing.
• (b)Data Processing Standards: We select partners with strict privacy protection policies whenever possible, but we cannot completely control how third parties process data.
• (c)Sensitive Information Recommendations: To avoid privacy risks, we recommend that you do not process highly sensitive or confidential information through the Services.

4.2 MCP Service Integration

Some functions integrate external tools and services through Model Context Protocol (MCP):

• (a)Data Transmission: When executing specific tasks, necessary information will be sent to corresponding MCP service providers.
• (b)Service Selection: We select reputable third-party services with comprehensive privacy protection measures.

4.3 Data Processing Locations

• (a)Our Servers: All user account data and usage records are stored on servers within China.
• (b)Third-Party Servers: Data processing locations for third-party models and MCP services follow the policies of respective providers and may be located within or outside China.

5. Information Sharing and Disclosure

5.1 Information We Will Not Share

We will not sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Circumstances for Possible Sharing

We may share your information in the following circumstances:

• (a)Service Providers: Share necessary information with third-party service providers who help us operate services, process payments, and provide customer support.
• (b)Third-Party Model Providers: Share request content with selected third-party large language model providers to implement AI functions.
• (c)MCP Service Providers: Share necessary information with MCP service providers to execute specific tasks.
• (d)Legal Requirements: Disclose information according to laws, regulations, legal procedures, or government requirements.
• (e)Protecting Rights: To protect the rights, property, and safety of us, users, or the public.
• (f)Business Transfers: In the event of company mergers, acquisitions, or asset sales.
• (g)With Consent: When you have given explicit consent.

5.3 Anonymized Information Sharing

We may share anonymized information that cannot identify individuals for purposes such as statistical analysis and product improvement.

6. Data Security

6.1 Security Measures

We take reasonable technical and organizational measures to protect your personal information:

• (a)Encrypted Transmission: Use TLS/SSL encryption technology to protect data transmission.
• (b)Access Control: Implement strict access control and permission management.
• (c)Data Desensitization: Desensitize sensitive information.
• (d)Security Audits: Conduct regular security audits and vulnerability scans.
• (e)Employee Training: Train employees on privacy protection.

6.2 Security Limitations

Please note that no security measures are absolutely reliable. We cannot guarantee absolute security of information.

6.3 Data Breach Notification

If a data breach occurs, we will notify you promptly in accordance with relevant laws and regulations.

7. Data Retention

7.1 Retention Period

We retain your personal information only for the period necessary to achieve the purposes described in this Policy:

• (a)Account Data: During the validity of your account and for 180 days after account closure.
• (b)Usage Records: Typically retained for 180 days for service improvement and security analysis.
• (c)Legal Requirements: Retain necessary information as required by laws and regulations.

7.2 Deletion Policy

You can request deletion of your personal information at any time, but some information may be retained due to legal requirements or legitimate business needs.

8. Children's Privacy

Our services are not directed at children under 16. If we discover that we have inadvertently collected personal information from children, we will delete it as soon as possible. If you are a parent or guardian and believe your child has provided us with personal information, please contact us using the contact information in Section 12.

9. Your Rights

According to applicable laws, you may have the following rights:

• (a)Right to Access: Request access to your personal information held by us.
• (b)Right to Rectification: Request correction of inaccurate or incomplete personal information.
• (c)Right to Erasure: Request deletion of your personal information.
• (d)Right to Restriction of Processing: Request restriction of processing of your personal information.
• (e)Right to Data Portability: Request receipt of your personal information in a structured, commonly used format.
• (f)Right to Object: Object to processing of your personal information.
• (g)Right to Withdraw Consent: Withdraw consent you have given at any time.

9.1 Exercising Rights

To exercise the above rights, please contact us using the contact information in Section 12. We will respond to your request within the time required by laws and regulations.

9.2 Identity Verification

To protect your privacy, we may need to verify your identity before processing certain requests.

9.3 Exceptions

In some cases, we may be unable to fulfill your request, such as when laws require information retention, protection of others' rights, or responding to legal claims.

10. International Data Transfers

Since services may involve international data transfers, we ensure appropriate protective measures are taken:

• (a)Standard Contractual Clauses: Sign agreements with overseas service providers containing standard contractual clauses.
• (b)Security Guarantees: Ensure data recipients provide adequate data protection levels.

11. Cookies and Similar Technologies

11.1 Technologies We Use

We use cookies and similar technologies to:

• (a)Remember your preferences and settings
• (b)Analyze service usage
• (c)Provide personalized experiences
• (d)Improve service security

11.2 Managing Settings

Most browsers allow you to control cookies:

• (a)Accept or Reject: You can set your browser to reject all cookies or prompt you when cookies are sent.
• (b)Delete Cookies: You can delete cookies in your browser at any time.

11.3 Impact of Disabling

Disabling certain cookies may affect normal functionality of the Services.

12. Third-Party Links and Services

The Services may contain links to third-party websites or integrate third-party services. This Policy does not apply to these third parties. We recommend reading their privacy policies.

13. Changes to Privacy Policy

We may update this Policy from time to time. The updated Policy will be published on the website with an updated "Last Updated" date. Significant changes will be notified to you via email or in-app notifications. Continued use of the Services indicates your acceptance of the updated Policy.

14. Contact Us

If you have any questions, comments, or suggestions about this Policy, or wish to exercise your rights, please contact us through:

Company Name: Mingda Network Technology Development (Qingdao) Co., Ltd.

Data Protection Contact: act@actagent.com

Customer Support: support@actagent.com

Office Address: 6th Floor, Building B, Chuangzhi Plaza, Pingdu City, Shandong Province, China

Official Website: https://actagent.com

We typically respond within 15 working days after receiving inquiries.

15. Complaint Channels

If you are dissatisfied with our privacy practices, you may file a complaint with relevant data protection authorities.

Appendix: Additional Privacy Notes for Specific Functions

A. Privacy Considerations for AI-Generated Content

(a) Training Data Exclusion: By default, your request content and generated content are not used to train third-party large language models unless you explicitly consent.

(b) Content Review: We may review certain content to ensure compliance with Terms of Service but minimize human contact with your data.

(c) Output Storage: Generated content may be stored for a limited time for your subsequent access.

B. Special Handling for Enterprise Accounts

For enterprise accounts, we provide:

(a) Data Isolation: Ensure enterprise data is isolated from other user data.

(b) Administrator Controls: Enterprise administrators can manage team members' data access permissions.

(c) Data Export: Provide data export tools for convenient enterprise data management.

C. Privacy Terms for Developer APIs

Developers using services through APIs must also comply with:

(a) End User Consent: Ensure end users understand and consent to data transmission through APIs.

(b) Usage Restrictions: Do not collect sensitive personal information through APIs.

(c) Security Requirements: Implement appropriate security measures to protect data transmitted through APIs.