Home

Privacy Policy

Last Updated: Dec 26, 2025

01. Introduction

Welcome to XinYu Intelligence. We are committed to protecting your privacy globally. This policy explains our "Stateless Localization" protocol.

02. Our Core "Stateless" Protocol

Unlike traditional Cloud AI, XinYu uses a hybrid architecture for sovereignty:

  • Local Storage (Your Device)Prompts, history, and sessions are stored in your browser's IndexedDB. We do not upload or store your creations.
  • Cloud Storage (Our Servers)We only store minimal data for service: User ID, Email, and Balance ($ USD).

03. Data We Collect

We collect limited categories for service provision:

  • Account Info: Email address upon login.
  • Financial Info: Processed by Stripe. We only record balance history, no raw card data.
  • Technical Data: Anonymized IP/Browser info for optimization.

Personal Data Protection: We strictly adhere to applicable laws for data collection and processing.

04. Data Usage

We only use your information for the following purposes:

  • To manage your account balance and deduct generation costs.
  • To communicate with partners (e.g., fal.ai) via API to fulfill your generation requests.
  • To provide customer support and prevent fraud.
  • To ensure the platform complies with legal and regulatory requirements.

05. Your Rights (GDPR & CCPA Rights)

Right to Access & Export

You can view your cloud balance at any time. Since your works are stored locally, you can export or download your history directly from your browser.

Right to Delete (Right to be Forgotten)

You can request deletion of your cloud account. You can delete all locally stored works at any time by clearing your browser cache or operating within the platform.

Data Minimization

We only collect the minimum data required to run the billing system.

Right to Refuse Automated Decision-Making

Our AI enhancement features only assist creation and will not unfairly profile users.

06. Third Party Services

To achieve high-performance generation and payment, we partner with trusted providers:

  • fal.ai (Compute Engine): Processes generation requests. They only receive generation instructions and do not directly associate your personal identity data.
  • Stripe (Payment Gateway): Processes all USD top-up transactions, compliant with PCI-DSS security standards.
  • Google (Translation Support): Used to provide multi-language interface switching.

07. Data Security

We use industry-standard encryption technologies (SSL/TLS) to protect data transmission. Since your creations are stored locally, you are the primary security guardian of your work. We recommend regular backups of important local session data.

08. Cross-Border Transmission

As a global AI studio, your billing data may be processed on servers outside your country of residence. We ensure that all cross-border transmissions comply with appropriate legal protective measures.

09. Privacy for Minors

This platform is not intended for minors under the age of 18. If we discover that we have collected personal information from minors, we will delete it immediately.

10. Policy Changes

We may update this policy from time to time. Any significant changes will be notified to you via platform announcements or email.

11. Contact

If you have any questions about this policy or your privacy, please contact us via:

Email: support@xinyuai.app

Website: xinyuai.app