1. Purpose
gagasoft ("Company") processes only the minimum personal data required to provide AI Router. This policy explains what we process, why we process it, how long we keep it, and how users can exercise their rights.
2. Data We Process
| Data category | Purpose | Retention |
|---|---|---|
| Advertising ID or Android ID based user identifier (X-USER-UUID), OS, app version, language | User identification, service delivery, compatibility management, operation analytics | Until account deletion or service end, unless longer retention is required by law |
| IP address and country | Regional operation, abuse prevention, security monitoring | Until account deletion or service end, unless longer retention is required by law |
| FCM token (push notification token) | Sending service notifications such as quota recharge notices | Until token refresh or deletion request |
| Install referrer | Attribution and marketing performance analysis | During service operation unless legal obligations require otherwise |
| Chat messages, chat history, message reports | AI response generation, conversation history features, quality and operations handling | Until deleted by user or account cleanup |
| Email address entered for support, export, or deletion requests | Responding to user requests and account/data operations | Processed for request handling and retained only as required for legal/dispute handling |
| Payment and subscription data (product ID, order ID, purchase token, receipts, metadata) | Paid feature access, subscription management, restore/refund handling, accounting | Up to 5 years where required by applicable e-commerce and tax laws |
| Crash, analytics, and ad related telemetry (Firebase Analytics, Crashlytics, AdMob) | Stability, diagnostics, ad delivery, and performance measurement | According to partner policy and applicable law |
| Security and abuse-prevention logs | Security monitoring, abuse prevention, and operational integrity | Up to 12 months |
3. How Data Is Collected
- Automatically when the app and APIs are used (headers, logs, device identifiers)
- Directly from user input (chat content, support/deletion/export requests)
- During payment and subscription workflows
- From integrated SDKs and service providers
4. Third-Party Processing
To run the service, data may be processed through third-party providers, including:
- AI processing: OpenAI, Google Vertex AI (Gemini), and other model providers
- Notifications and telemetry: Google Firebase (Cloud Messaging, Analytics, Crashlytics)
- Advertising: Google AdMob
- Payments and subscriptions: Google Play Billing, Apple App Store, external payment processors
- Infrastructure: Amazon Web Services (AWS)
- Operational messaging and export handling: Slack and Gmail APIs
Each provider processes data under its own policies and legal obligations.
5. User Rights
- You can clear chat history in-app.
- You can request chat export (available by product tier where applicable).
- You can request account/data cleanup or deletion with your user code.
- You can request access, correction, or deletion through the contact channel below.
6. Deletion Procedure
Data is deleted without undue delay when it is no longer needed, unless legal retention applies. Electronic records are deleted using methods intended to prevent recovery.
7. Security Measures
- Access control based on minimum-necessary privileges
- Operational monitoring and abuse detection
- Transport protection (for example HTTPS) and internal safeguards
8. Children's Data
The Company applies child data protection measures required by applicable law. Legal guardians may request access, correction, or deletion in accordance with legal requirements.
9. Policy Updates
This policy may be updated when legal requirements, product features, or operations change. Material updates will be posted on this page with the effective date.
10. Contact
For privacy questions and data requests:
Email: topclass.meeting@gmail.com