VDX.LIFE Privacy Policy
VDX.LIFE Privacy Policy
Thank you for choosing VDX.LIFE (hereinafter referred to as "VDX.LIFE", "we", "us", or "this service"). We deeply understand the importance of personal information security and will protect your privacy in accordance with applicable laws and regulations. This privacy policy explains how we collect, use, store, share, and protect your personal information when you use VDX.LIFE applications and related services, as well as the control rights you have.
If you have any questions, comments, or suggestions about this privacy policy, please contact us at support@clearealm.com (Business hours: Monday to Friday 10:00-18:00).
I. Scope of Application
1. This privacy policy applies to all products and services provided by VDX.LIFE that you access or use through VDX.LIFE mobile apps, H5 pages, PWA, mini-programs, and any official channels that may be added in the future.
2. If you access VDX.LIFE through third-party channels (such as partner mini-programs, third-party login), this policy only applies to VDX.LIFE's processing of your personal information. Third parties may separately collect or process your personal information, and you should also pay attention to the third party's privacy policy.
3. For enterprise customers and partners, we will agree on corresponding privacy terms in separately signed agreements or terms. If such agreements conflict with this policy, the separate agreement shall prevail.
II. Personal Information We Collect
We collect information based on the purposes of providing core functions, fulfilling legal obligations, and ensuring security. VDX.LIFE currently supports email account and Google account login. You can choose the most suitable authentication method. To facilitate the generation of personalized astrological and strategic analysis, we need you to provide basic information including date of birth, time of birth, place of birth, country/region of birth, gender, avatar, nickname, and registered email. If you refuse to provide or the information is incomplete, it may result in core functions being unavailable or inaccurate analysis results. You can independently decide whether to authorize other optional data.
1. Account Registration and Login
• Basic Identity Information: Email address, login password or verification code, Google account ID Token.
• Avatar and Nickname: Used for personalized display and report generation.
• Authentication Status: Remember me/auto-login markers, login timestamps, calibration status.
• Third-Party Login Information: When you use Google login, we only obtain necessary information provided by Google (such as email, nickname, avatar) and follow its authorization scope.
2. User Profile and Astrological Calibration
• Basic Astrological Information: Name or nickname, date of birth, time of birth, place of birth, country/region of birth, gender.
• Strategic Preference Configuration: Strategic goals, life themes, personality tags.
• Temporary User Data: If you experience as a guest, we will generate a temporary user ID for you and store the experience data you submit.
3. Decision and Strategic Services
• Decision Question Input: Decision descriptions, background information, supplementary materials you submit.
• AI Inference Results and Scoring: We will save generation records, hit rate feedback, strategic review content to provide you with continuous optimization services.
4. Social Galaxy and Relationship Analysis
• Friend Information: Friend name/nickname, role, relationship tags, birth information (if provided by you or friends), avatar, interaction history.
• Invitation Data: Invitation scenarios, invitee contact information (such as email), invitation links.
• Report Content: Generated graphic analysis, strategy suggestions, member lists.
5. Transaction and Billing Information
• Order Data: Order number, package name, purchase quantity, amount, discount information.
• Payment Information: Payment channel (currently PayPal), transaction serial number, payment status. We do not store your complete payment card information.
• Invoicing and Compliance: Invoice title, tax number, delivery method, etc. collected according to legal requirements.
6. Usage and Device Information
• Log Information: Login logs, operation records, error logs, crash records.
• Device Information: Device model, operating system, browser type, screen resolution, network type.
• Geographic Information: Country or region inferred through IP/timezone for adapting to GDPR, CCPA, and other regulatory requirements (does not involve precise location).
• Cookies and Local Storage: Used to maintain login status, save language preferences, record privacy compliance choices.
7. Other Possible Collection Situations
• Customer Support: Consultations, feedback, attachments, or recordings you submit to customer service.
• Legal Compliance Requirements: To meet regulatory requirements, we may collect other information related to you within the scope permitted by law.
III. How We Use Personal Information
We will only use your personal information for the following purposes:
1. Provide and Maintain Services: Complete registration and login, identity calibration, AI analysis, decision reports, social relationship analysis, and other core functions.
2. Billing and Fulfillment: Process orders, deliver digital benefits, provide after-sales service.
3. Security Assurance: Identify abnormal logins, prevent fraud, detect abuse, fix system failures.
4. Improve Experience: Train models, iterate features, conduct A/B testing based on anonymized or de-identified data.
5. Compliance and Regulation: Respond to regulatory inspections, execute court judgments, handle user complaints.
6. User Communication: Send you service notifications, update reminders, compliance notices (such as privacy policy changes). Without your consent, we will not send you marketing information unrelated to VDX.LIFE.
When we use your personal information beyond the above purposes, we will obtain your explicit consent again.
IV. Legal Basis for Processing Personal Information and Cross-Border Transfer
1. Legal Basis (GDPR Article 6):
- Necessary for Contract Performance: To provide you with astrological analysis, AI decisions, social galaxy, and other core functions, we must process the basic information you provide.
- Consent: When we send you marketing information, use optional cookies, or call third-party analytics services, we will do so after obtaining your authorization, and you can withdraw at any time.
- Legal Obligation: When we need to provide information based on tax, regulatory, or law enforcement requirements, we will process related data based on legal obligations.
- Legitimate Interests: To improve product security and performance, prevent fraud, and conduct product iterations, we carry out necessary statistics and analysis based on legitimate interests, minimizing impact.
2. Cross-Border Transfer: Our servers are mainly deployed in the Hong Kong Special Administrative Region of China and other necessary service nodes. For data subjects located in the European Economic Area (EEA), the United Kingdom, or California, when information needs to be transferred overseas, we will ensure data security by signing EU Standard Contractual Clauses (SCC), implementing equivalent data protection measures, and access controls. You can contact us at support@clearealm.com to obtain copies of relevant safeguard measures.
V. How We Share and Transfer Personal Information
### 1. Sharing
We will not sell your personal information to any third party, and will only share it in the following necessary situations:
• Fulfill Contracts or Provide Services: The third-party services we currently use are as follows (including function descriptions and privacy policy links):
- Google Login (Google LLC): Used to complete Google account OAuth authentication and assist you in logging in or registering. Shared data includes account identifiers, email, avatar, and other information within the authorization scope returned by Google. Privacy Policy: https://policies.google.com/privacy
- PayPal Payment (PayPal Holdings, Inc.): Used to process order payments. Shared data includes order amount, order number, payment status, and other transaction-related information. We do not store complete payment card information. Privacy Policy: https://www.paypal.com/webapps/mpp/ua/privacy-full
- ipapi Geolocation Service (ipapi GmbH): Used to determine location through IP address to fulfill GDPR, CCPA, and other privacy compliance requirements. Shared data includes device IP address and other necessary information for location. Privacy Policy: https://ipapi.co/privacy/
• Legal and Regulatory Requirements: Provide as required by laws, regulations, administrative/judicial authorities.
• With Your Consent: Other sharing scenarios you explicitly authorize (such as joint activities, third-party analytics).
We will sign strict data processing agreements with sharing partners, requiring them to process your information only for the entrusted purpose and protect data security.
### 2. Transfer
Unless we obtain your explicit consent, we will not transfer your personal information to third parties. In the event of mergers, acquisitions, asset restructuring, etc., we will require the transferee to continue to be bound by this policy, or re-obtain your consent.
### 3. Public Disclosure
We will only publicly disclose your information under the premise permitted by law and for legitimate and reasonable purposes, and will take compliant security measures (such as desensitization, anonymization) before disclosure.
VI. How We Store and Protect Personal Information
1. Storage Location: Under the premise permitted by law, we will save your information on cloud servers in the Hong Kong Special Administrative Region of China or other necessary nodes for providing services. For cross-border transfers, we will follow applicable laws (such as GDPR, CCPA) to execute certification or sign standard contractual clauses.
2. Storage Period: Generally, we will save your information for the shortest period required by the service. After the storage period expires, we will delete or anonymize it, unless otherwise required by law.
3. Security Measures: We take access control, data encryption, transmission encryption, minimum permissions, audit logs, and other measures to protect your information security; we also regularly conduct security training and emergency drills.
4. Security Incident Handling: When personal information security incidents occur, we will promptly notify you and report to regulatory authorities in accordance with legal requirements, including incident situation, possible impact, measures taken, and remediation suggestions.
VII. Cookies and Similar Technologies
1. Purpose of Use: To ensure the normal operation of VDX.LIFE core functions, remember your login status, save language preferences, present privacy compliance prompts, and count anonymized usage, we will use cookies, local storage, pixel tags, and other similar technologies on your device. Some of these cookies are necessary for basic services. If disabled, you may not be able to log in or use some functions.
2. Type Classification:
- Essential Cookies: Used to maintain identity verification, session management, page rendering, and security protection.
- Functional Cookies: Used to save language, theme, guide status, and other personalized configurations to improve user experience.
- Analytical Cookies: Used for anonymized statistics and performance analysis to help us identify product issues and optimize service quality.
3. Management Methods: You can clear or restrict cookies in browser or device privacy settings, or use the Cookie/privacy settings tools we provide (such as pop-ups, "Privacy and Compliance" entry in settings page) to adjust choices. Please note that disabling essential cookies may cause VDX.LIFE to fail to operate normally.
4. Third-Party Cookies: When we integrate third-party services (such as payment, statistics, sharing), the corresponding service providers may place cookies or local storage. We will require partners to comply with privacy protection obligations and recommend that you check third-party privacy policies to understand their data processing methods.
VIII. Your Rights
We respect your control over personal information. You have the following rights:
1. Access and Copy: Obtain a copy of your personal information through account settings or by contacting customer service.
2. Correction: If you find information is inaccurate, you can modify it yourself or contact customer service for assistance.
3. Deletion: Under conditions that meet legal requirements, you can request us to delete relevant personal information.
4. Withdraw Authorization: You can withdraw authorization for certain non-core functions, but this may affect the use of related services.
5. Account Cancellation: Submit an application through the "Logout/Account Cancellation" process in the app or by contacting customer service. After cancellation, we will delete or anonymize your information, except as otherwise required by law.
6. Automated Decision Explanation: When our services affect your rights based on algorithm output (such as decision suggestions), you have the right to request reasonable explanations from us and, when necessary, provide channels for manual review.
7. GDPR Exclusive Rights: If you are located in the EU or UK, you can exercise data portability rights, restriction of processing rights, objection to processing rights, and the right to complain to regulatory authorities.
8. CCPA Exclusive Rights: If you are a California resident, you can (1) request us to disclose the categories and sources of personal information collected, used, and disclosed; (2) request deletion of specific personal information; (3) have the right to opt out of "selling or sharing personal information" (we currently do not sell or share your personal information for third-party advertising purposes, so no additional opt-out entry is needed); (4) limit the use of sensitive personal information; (5) not be discriminated against for exercising rights.
9. Identity Verification and Response Time: When you submit a request, we may need to verify your account, email, or other information to confirm identity. We usually respond within 30 days (45 days for California residents). If processing time needs to be extended, we will notify you in advance.
We will complete your request within a reasonable period (generally not exceeding 30 days) after verifying your identity. In some scenarios (such as involving others' rights, legal restrictions), we may not be able to meet all your requirements and will explain the reasons.
IX. Ways to Exercise Data Rights
1. Submission Method: You can submit requests for access, correction, deletion, restriction, or withdrawal of authorization through the "Settings - Privacy and Compliance" entry in the app or by sending an email to support@clearealm.com. Please indicate the request type, registration information, and data scope involved in the email.
2. California Do Not Sell/Share: We do not sell or share your personal information for third-party advertising purposes, so there is no need to submit a separate "Do Not Sell or Share" application. If you still have questions, please contact us at support@clearealm.com.
3. Proxy Requests: If you authorize others to apply on your behalf, please provide legally valid authorization documents and your identity information for our verification.
4. Appeals and Complaints: If you are dissatisfied with our processing results, you can file an appeal with your local regulatory authority or court. EU users can contact their local data protection authority, and California users can contact the California Privacy Protection Agency.
X. Minor Protection
VDX.LIFE is primarily intended for adult use. If you are under 18 years old, please read and accept this policy under the guidance of your legal guardian, and ensure that you have obtained the guardian's permission. If we find that minors have provided personal information without guardian authorization, we will take measures to delete or anonymize it as soon as possible.
XI. Policy Updates
This privacy policy may be updated due to business development or changes in laws and regulations. We will notify you of major changes through in-app notifications, pop-ups, or other prominent means, and seek your consent within a reasonable period before they take effect.
If you continue to use our services after this policy is updated, it means you agree to be bound by the updated policy. If you do not agree with the updated content, you can stop using and cancel your account.
XII. Contact Us
If you have any questions, comments, or complaints about this policy or personal information protection matters, please contact us through the following methods:
Email: support@clearealm.com
Business Hours: Monday to Friday 10:00-18:00
We will reply as soon as possible after receiving your request (generally within 15 business days). If you are not satisfied with our response, you can file a complaint with your local data protection regulatory authority or other competent authority.