Privacy Policy
Last updated: June 7, 2026
This Privacy Policy explains how SNAPRE GROUP LTD collects, uses, discloses, retains, and protects personal information in connection with YouClio websites, web applications, mobile applications, APIs, AI workspaces, chat, agents, long-term memory, subscriptions, AI credits, integrations, notifications, and support services.
When SNAPRE GROUP LTD decides the purposes and means of processing personal information, we generally act as a controller. When you or your organization submit personal information to a workspace, integration, or API and instruct us to process it only to provide the Service, we may act as a service provider or processor.
If you do not agree with this Policy, do not use the Service. By using the Service or submitting information, you understand that we process information as described here.
Index
- 1. Information you provide
- 2. Information collected automatically
- 3. Information from third parties
- 4. How we use information
- 5. AI, search, and provider processing
- 6. How we disclose information
- 7. Retention, deletion, and export
- 8. Security
- 9. International transfers
- 10. Your choices and rights
- 11. Children and sensitive information
- 12. Policy changes
1. Information you provide
We collect information you provide directly, including account email, display name, avatar, language, theme, time zone, password hash, login codes, OAuth authorization information, preferences, support requests, feedback, and invoice or billing contact information.
We also process content you create or submit in YouClio, including product ideas, project names, project descriptions, target users, problem statements, stage, links, context, chat history, workspace memory, agent tasks, agent run summaries, source references, files, search queries, scrape results, outputs, comments, and other content you choose to save.
If you connect bots or third-party integrations, we process information needed to configure and run them, such as Telegram tokens, Weixin login state, Feishu App IDs and secrets, DingTalk client secrets, Slack signing secrets, Discord public keys, channel IDs, user IDs, inbound messages, outbound replies, context tokens, push device tokens, and related logs.
2. Information collected automatically
When you access or use the Service, we automatically collect device, browser, application, network, and usage information, such as IP address, country, city, time zone, user agent, sessions, login time, last used time, device status, errors, performance, requests, feature usage, billing events, AI credit consumption, provider usage, model, operation type, and security logs.
We use cookies, session cookies, local preferences, logs, analytics tools, and similar technologies to keep you signed in, remember settings, protect accounts, detect abuse, analyze product usage, and improve the Service. Browser settings may limit some cookies, but doing so may affect login, preferences, or security features.
3. Information from third parties
If you sign in through Google, GitHub, or another OAuth provider, we receive information the provider allows to be shared, such as email, verification status, display name, avatar, provider account ID, scope, and authorization state.
If you buy subscriptions or credits, we receive limited billing account, subscription, order, invoice, receipt, product, price, transaction, refund, status, tax, and payment event information from Stripe, App Store, or other payment channels. We generally do not receive full payment card numbers.
If you enable search, scraping, AI models, messaging platforms, or notification integrations, we may receive results, status, errors, usage, sources, messages, or delivery receipts from the relevant providers to complete the feature you requested.
4. How we use information
We use information to provide, maintain, secure, and improve the Service, including account creation, authentication, sessions, workspace processing, AI output generation, public-source search, web scraping, long-term memory, agent workflows, integration messaging, push notifications, payments, entitlements, credit consumption, support, and troubleshooting.
We also use information to prevent fraud, abuse, spam, security incidents, unauthorized access, and violations of our Terms; analyze product performance and usage trends; develop features; perform contracts; and comply with legal, tax, accounting, payment, regulatory, and dispute obligations.
- We do not sell personal information.
- We do not use private workspace content to train our own foundation models.
- We may use aggregated, de-identified, or anonymized information to analyze service performance, plan capacity, improve pricing, and evaluate feature quality.
5. AI, search, and provider processing
To generate replies, PMF calls, source summaries, task recommendations, search results, or scrape results, we may send necessary content to OpenAI, OpenRouter, model providers you select, search providers, web-scraping providers, and related infrastructure providers. Sent content may include prompts, chat history, workspace context, sources, webpage URLs, model parameters, outputs, errors, and usage information.
Third-party providers process data under their applicable terms, data processing agreements, retention policies, and your or SNAPRE GROUP LTD's settings. Different models or providers may have different practices for logs, retention, content review, abuse detection, and international transfers.
For enterprise customers or sensitive use cases, you should confirm model providers, retention settings, data processing agreements, and compliance requirements before use.
7. Retention, deletion, and export
We retain information for as long as needed to provide the Service, perform contracts, resolve disputes, enforce Terms, protect security, and meet legal, tax, accounting, payment, and audit requirements. Retention periods vary by data type.
Account profiles, workspace content, chat history, memory, agent logs, integration configuration, subscriptions, orders, credit ledgers, refunds, and provider usage records may be retained for product, billing, audit, security, and compliance needs. After account deletion or integration disconnection, some data may be deleted or de-identified from active systems, while backups, logs, transaction records, and legally retained data may remain through normal cycles.
You may request access, correction, export, or deletion of some information through product features or support. If information cannot be deleted immediately, we limit the purpose of retention and delete or de-identify it when no longer needed.
8. Security
We use reasonable technical and organizational measures to protect information, including access controls, token hashing, session revocation, authentication, logging, provider separation, least privilege, and security monitoring. No system can be guaranteed to be completely secure.
You should use strong passwords, protect email and devices, review OAuth and third-party integrations carefully, revoke unused sessions and bot tokens, and avoid entering unnecessary sensitive information into workspaces.
9. International transfers
SNAPRE GROUP LTD, its providers, and third-party integrations may process and store information outside your country or region. Data protection laws may differ across jurisdictions. Where required by applicable law, we use contractual, technical, or organizational measures to protect cross-border transfers.
10. Your choices and rights
Depending on where you live, you may have rights to request access, correction, deletion, export, restriction, objection, withdrawal of consent, account closure, opt-out of marketing email, or to complain about personal information processing. You can also manage language, theme, sessions, connected accounts, and some integrations in account settings.
We may need to verify your identity or account authority before handling requests. Some requests may be limited by security, billing, audit, legal obligations, backups, disputes, fraud prevention, third-party platform limits, or protecting others' rights.
11. Children and sensitive information
YouClio is not directed to people under 18, and SNAPRE GROUP LTD does not knowingly collect personal information from children. Contact us if you believe a child has provided personal information to us.
Unless the Service specifically asks for it and you have a lawful basis, do not submit health information, biometric information, full payment card data, government IDs, precise location, protected-category information, children's information, customer secrets, third-party credentials, or other highly sensitive information to YouClio or SNAPRE GROUP LTD.
12. Policy changes
We may update this Privacy Policy from time to time. The updated version will show a new last updated date. For material changes, we will provide notice where reasonably practical through in-product notices, email, website updates, or other means. Continued use of the Service means you understand the updated Policy.
Contact
For access, deletion, export, enterprise DPAs, security questionnaires, or privacy support, contact the YouClio support team at SNAPRE GROUP LTD.
contact@youclio.com