Privacy Policy
Yuto International Group Limited (Yutong International Group Co., Ltd., referred to as "YutoAI", "the Company", "we", "us", or "our") values user privacy and personal data protection. This Privacy Policy applies when you access, register for, purchase, top up, log in to, or use YutoAI websites, products, APIs, applications, checkout functions, and related services.
We use Hong Kong's Personal Data (Privacy) Ordinance (Cap. 486) and other applicable Hong Kong laws as the basic compliance framework for personal data protection. By accessing or using the service, you confirm that you have read and understood this Privacy Policy. If you do not agree, please stop using the service.
1. Who We Are
Company name: Yuto International Group Limited
English name: Yutong International Group Co., Ltd.
Brand name: YutoAI
Place of registration: Hong Kong Special Administrative Region
Contact email: [email protected]
2. Information We Collect
We collect and process information lawfully, fairly, necessarily, and with data minimization in mind. This may include account and contact information such as email address, username, phone number, login information, account ID, company name, contact person information, and support records; order and transaction information such as order number, purchased products, plan type, amount, currency, payment status, refund records, invoice information, billing information, transaction time, payment channel, and necessary risk-control information; usage information such as access time, pages visited, click records, feature usage, model call records, API request status, quota consumption, error logs, device information, browser type, operating system, IP address, network environment, language setting, region, and technical logs; user inputs, uploads, and generated content; enterprise service information; and support or feedback information.
3. How We Use Information
We may use collected information to create, verify, and manage accounts; provide, maintain, operate, deliver, and improve the service; process orders, payments, refunds, billing, invoices, and customer support; provide AI chat, API calls, file processing, image generation, text generation, academic assistance, and related functions; perform identity verification, access control, quota management, billing, rate limiting, and risk control; protect system, account, payment, API, and platform security; detect and prevent fraud, abuse, attacks, illegal activity, infringement, spam, malicious registration, and abnormal transactions; troubleshoot, analyze performance, fix errors, and optimize experience; handle complaints, disputes, infringement notices, refund requests, and compliance reviews; comply with applicable law, regulatory requirements, court orders, law-enforcement assistance, and other legal obligations; and send service notices, order reminders, security alerts, agreement updates, product changes, or necessary operational messages.
4. AI Content and Model Processing
To provide AI services, we may need to read, analyze, transmit, cache, store, filter, review for risk control, or debug your inputs, uploaded files, prompts, conversations, API requests, generated results, and related context. If you use services connected to third-party models, your inputs, request parameters, files, or necessary context may be sent to the relevant model providers or infrastructure providers for processing. Please do not upload or input sensitive personal information, trade secrets, confidential files, account passwords, payment credentials, identity documents, medical information, minors' information, or other highly sensitive materials unless necessary for your use of the service and you have lawful authorization.
5. Whether We Use User Content to Train Models
Unless expressly stated, authorized by you, or separately agreed in an enterprise contract, YutoAI will not use content submitted by enterprise customers through APIs, private deployments, or enterprise services to train public models. For ordinary online services, we may use necessary data after de-identification, anonymization, or minimization for product safety, quality analysis, error fixing, abuse detection, and service experience improvement. We do not sell your personal information to unrelated third parties. If a future service uses user content for model training or product improvement, we will explain this through product pages, settings, agreements, or other reasonable methods and obtain necessary consent where required by law.
6. Information Sharing and Third-party Services
We do not sell your personal information to unrelated third parties. To provide the service, we may share or entrust information processing within the necessary scope to cloud, server, database, CDN, storage, and security providers; AI model, API, inference, and technical infrastructure providers; payment providers, banks, card networks, acquiring institutions, settlement institutions, and risk-control providers; email, SMS, notification, customer service, ticketing, and analytics providers; legal, audit, accounting, compliance, dispute-handling, and professional advisers; and regulators, law-enforcement agencies, courts, or other authorities legally entitled to request disclosure. We require relevant third parties to process information only for specific purposes and to adopt reasonable security measures.
7. Payment Information
When you purchase YutoAI services, payment may be processed through third-party payment providers, acquiring institutions, banks, card networks, or checkout services. We may receive or store order numbers, payment status, transaction amount, currency, payment time, refund status, transaction reference numbers, and necessary risk-control information, but we generally do not directly store complete bank card numbers, payment account passwords, CVV, or similar sensitive payment credentials. You should also follow the terms and privacy policies of the relevant payment provider.
8. Cookies and Similar Technologies
We may use cookies, local storage, pixel tags, device identifiers, or similar technologies to maintain login status, save language and preference settings, analyze traffic and product usage, identify abnormal access, attacks, fraud, or abuse, and improve website performance and user experience. You may manage or refuse cookies through your browser settings, but some functions may not work properly.
9. Direct Marketing and Notices
We may send service notices, order notices, security alerts, agreement updates, feature changes, and necessary operational messages. If we intend to use your personal data to send marketing messages, we will explain the relevant purpose and provide a refusal or unsubscribe method where required by applicable law. You may unsubscribe through the email method provided or contact [email protected].
10. Cross-border Data Processing
Because YutoAI's business, models, cloud services, payment services, customer support, and technical infrastructure may be distributed across different regions, your information may be stored, processed, or transferred in Hong Kong or other countries and regions. We will take reasonable measures under applicable law to protect your information and require relevant service providers to adopt necessary data protection measures.
11. Data Retention
We retain information only for as long as necessary to achieve the purposes described in this Policy, unless applicable law, accounting, audit, tax, risk-control, security, dispute-handling, or contractual requirements require a longer period. Account information is generally retained while the account exists; order, transaction, billing, refund, and financial records are retained as needed for legal, tax, audit, and dispute purposes; technical logs, security logs, and API call records are retained for a reasonable period for security, billing, troubleshooting, and risk control; information you delete, cancel, or request to delete will be handled after verification under applicable law and system rules; expired or unnecessary information will be deleted, anonymized, or isolated.
12. Data Security
We adopt reasonable technical, administrative, and organizational measures to protect information, including HTTPS encrypted transmission, access control, least-privilege principles, log auditing, API key and account security mechanisms, risk control and anomaly detection, data backup and recovery, and employee and service-provider permission management. However, internet transmission and electronic storage cannot be absolutely secure. Risks caused by user conduct, third-party attacks, force majeure, upstream failures, or other matters outside YutoAI's reasonable control will be handled within the scope permitted by applicable law.
13. Your Rights
Within the scope permitted by applicable law, you may request access to your personal information, correction or update of inaccurate information, deletion of certain personal information, account cancellation, withdrawal of consent, restriction or objection to certain processing, explanation of relevant processing, or complaint handling. You may contact [email protected]. To protect account security, we may require identity verification. Some requests may not be handled immediately due to legal obligations, security and risk control, financial records, dispute handling, technical limits, or contractual performance requirements.
14. Minors
The service is primarily intended for users with full civil capacity. Minors should use the service only after a guardian has read, understood, and agreed to this Privacy Policy and the Terms of Service. If we discover that a minor has provided personal information without appropriate authorization, we will take deletion, restriction, or other reasonable measures under applicable law and actual circumstances.
15. Third-party Links
The service may contain links to third-party websites, applications, payment pages, model services, documents, communities, or other services. Third-party services are independently operated, and their privacy policies, data processing, and security measures are not controlled by YutoAI. You should read their terms and privacy policies before using them.
16. Enterprise Customers and Private Deployment
If you use YutoAI through an enterprise contract, private deployment, custom development, or dedicated service, the specific data processing scope, storage location, access control, confidentiality obligations, security measures, data deletion, audit requirements, and service level are governed by the written contract, data processing agreement, quotation, or supplemental agreement signed by both parties.
17. Updates to This Policy
We may revise this Privacy Policy due to business development, legal or regulatory requirements, technical changes, or product updates. The updated policy will be published on the relevant website page. If an update materially affects your rights or obligations, we will provide notice through reasonable methods. Your continued use of the service after an update means you accept the updated Privacy Policy.

