Privacy Policy

Last Updated: September 1, 2025

1. Introduction

TAO Translation Service ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our translation API service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, company name, and billing information when you create an account
• Translation Content: Text content submitted for translation through our API
• GLCV Data: Glossary and control vocabulary terms you configure
• API Keys: Authentication tokens generated for API access

2.2 Information Automatically Collected

• Usage Data: API request logs, translation metrics, tier usage patterns
• Technical Data: IP addresses, request headers, response times
• Performance Metrics: Latency data, cache hit rates, error logs

3. How We Use Your Information

We use the collected information for the following purposes:

• Providing translation services through our API
• Processing and managing your account
• Improving translation quality and accuracy
• Monitoring and preventing abuse of our services
• Analyzing usage patterns to optimize performance
• Communicating service updates and changes
• Complying with legal obligations

4. Data Processing and Storage

4.1 Translation Processing

Your translation content is processed through our multi-tier system using various AI models. We implement the following safeguards:

• Content is processed in memory and not permanently stored unless explicitly requested
• Translation history is retained for 30 days by default (configurable per account tier)
• GLCV configurations are encrypted and stored securely

4.2 Data Retention

• Translation Content: 30 days (Discovery tier), 90 days (Professional), Customizable (Enterprise)
• Account Data: Duration of account plus 90 days after deletion
• Usage Logs: 12 months for analytics and debugging
• Performance Metrics: 6 months for optimization

5. Data Security

We implement industry-standard security measures including:

• TLS encryption for all API communications
• Encryption at rest for sensitive data
• JWT-based authentication with role-based access control
• HMAC-signed webhooks with replay protection
• Automated secret rotation
• Regular security audits and penetration testing
• Two-factor authentication for admin accounts

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following situations:

• Service Providers: With third-party AI model providers for translation processing
• Legal Requirements: When required by law or to respond to legal process
• Business Transfers: In connection with merger, acquisition, or sale of assets
• Consent: With your explicit consent for specific purposes

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where applicable.

8. Your Rights

Depending on your location, you may have the following rights:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data
• Portability: Receive your data in a structured format
• Objection: Object to certain processing activities
• Restriction: Limit how we use your data

9. European Users

For users in the European Economic Area (EEA), we process personal data based on the following legal grounds:

• Contract performance for providing translation services
• Legitimate interests for service improvement and security
• Legal obligations for compliance requirements
• Consent where explicitly provided

10. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt-out of the sale of personal information (which we do not engage in).

11. Data Protection Officer

For privacy-related inquiries or to exercise your rights, contact our Data Protection Officer at:

Email: privacy@toanother.one
Address: TAO, Privacy Department
[Your Company Address]

12. Children's Privacy

Our service is not directed to individuals under 16. We do not knowingly collect personal information from children under 16.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through our service.

14. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: privacy@toanother.one
Website: https://toanother.one
Support: https://support.toanother.one