PRIVACY POLICYEffective as of: 6/15/2023
This privacy policy (“Privacy Policy”) explains how information about you is collected, used and disclosed by Paladin Max, Inc. and its affiliates (“GPT-trainer,” the “Company”, “we”, “our” or “us”). This Privacy Policy applies to information we collect when you use our websites https://www.gpt-trainer.com (the “Site”) and other online products and services (collectively, our “Services”).
By downloading, accessing, using and/or interacting with our Services, you agree and expressly consent to our collection, use and disclosure of the information that you provide as described in this Privacy Policy. This Privacy Policy is incorporated by reference into the Terms of Service available at https://www.gpt-trainer.com/terms (our “Terms of Service”) and is subject to the provisions of the Terms of Service. Capitalized terms used but not defined in this Privacy Policy shall have the meaning ascribed to such terms in our Terms of Service. If you have any concerns about providing information to us or the use of that information as described in this Privacy Policy you should not use our Services.
Modifications
Because we are always looking for new and innovative ways to help you achieve your goals in connection with the use of our Services, this Privacy Policy may change over time, so please review it frequently. The effective date at the top indicates the last time this Privacy Policy was modified. If we modify the terms of this Privacy Policy, we will notify you by push notification, and/or by posting a notice on our website thirty (30) days prior to the effective date of the changes. If we are required by applicable data protection laws to give you enhanced notice or seek your consent for any such changes, we will do so. You can see when this policy was last updated by checking the “last updated” date displayed at the top of this policy. Any revised Privacy Policy will supersede all previous privacy policies.
Contact Us
If you have any questions about this Privacy Policy, please contact us by emailing us at hello@gpt-trainer.com or by writing to us at:
Paladin Max, Inc.
712 Bancroft Road #925
Walnut Creek, CA 94598
Email: hello@gpt-trainer.com
Table of Contents
- Personal Information We Collect
- How We Collect Information
- How And Why We Use Your Personal Information
- Ways You Might Share Your Personal Information Through Our Services
- Where Your Personal Information Is Held
- How Long Your Personal Information Is Kept
- Your Personal Information Rights
- How your imported data is used
- How To Exercise Your Rights
- Your Controls
- Permission Authorizations
- How We Respond to Do Not Track Signals
- Our Policies Regarding Children
- Filing a Complaint
- Extra Help
1. Personal Information We Collect
We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household or natural person:
| Categories of Personal Information | Specific Types Collected |
| Identifiers | Real name, username, internet protocol address, email address, account password |
| Internet or other similar network activity | Information on a consumer’s interaction with a website, application, or advertisement |
| Professional or employment related information | Current occupation |
| Inferences drawn from Personal Information | Profiles reflecting a person’s behavior and attitudes |
| User-Generated Profiles and Content | User profiles, avatar, or text information. |
| Device information | Unique device identifiers, and country of access |
| Software information | Operating system and version |
| User information | A user’s browser type, timestamp, time zone setting and location, browser plug-in types and versions, user content data, user activity, user interactions, and pages visited |
| Cookies | The small data files stored on your hard drive or in device memory that help us to improve our Services and your experience, see which areas and features of our Services are popular, and count visits. For more information about cookies, and how to disable them, please see Section 9 (Your Controls) below. |
| Web Beacons | Also known as “tracking pixels,” electronic images that may be used in our Services or emails to help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon. |
| Various tracking technologies | Such as local shared objects (also referred to as “Flash Cookies”) and HTML5 local storage that operate similarly to cookies in the way they are stored on your device and can be used to store certain information about your activities and preferences across different services and sessions. |
| Publicly available information | User information from sites like LinkedIn, Google Scholar, or ArXiv |
2. How We Collect Information
We collect information that you chose to provide to us, for example, when you create an account, manage your user profile, participate in any interactive features of our Services, request customer support or otherwise communicate with us. In some cases, information may be automatically collected from you when you interact with our website or Services. We only collect personal information that is necessary for providing our products and services in accordance with the principles of legitimacy, legality, necessity and good faith.
In particular, and in the past twelve (12) months, we collected the following categories of personal information by:
| Categories of Personal Information | How We Collect It |
| Identifiers | Directly from you When a user signs in using Google Automatically from you when you request support |
| Internet or other similar network activity | Automatically from you when you use our Services |
| Professional or employment related information | Directly from you |
| Inferences drawn from Personal Information | Automatically from you when you use our Services |
| User-Generated Profiles and Content | Directly from you |
| Device information | Automatically from you when you use our Services or request support From our Third Party Sources |
| Software information | Automatically from you when you use our Services From our Third Party Sources |
| User information | Automatically from you when you use our Services From our Third Party Sources |
| Cookies | Automatically from you when you use our Services. For more information about cookies, and how to disable them, please see Section 9 (Your Controls) below |
| Web Beacons | Automatically from you when you use our Services |
| Various tracking technologies | Automatically from you when you use our Services. Information about disabling or deleting information contained in Flash Cookies can be found here |
| Publicly available information | Directly from you From publicly accessible sources |
3. How And Why We Use Your Personal Information
We will only use your personal information for achieving the purposes listed in this Privacy Policy. Before using your personal information beyond the purposes outlined in this Privacy Policy, we will inform you in a timely and reasonable manner and:
- Obtain your consent
- Explain why we would like to use your personal information
We only use your personal information when we have a proper reason for doing so, such as:
- When you have given us your consent
- For the performance of our contract with you or to take steps at your request before entering into a contract, including:
- To provide our Services to you
- To update and enhance our customer records
- For our legitimate interests or those of a third party, including:
- To prevent and detect fraud
- To prevent unauthorized access and modification to systems
- To update and enhance our records
- To ensure our business policies are adhered to (such as those covering security and internet use)
- To ensure safe working practices, staff administration and assessments
- For our operational reasons, such as improving efficiency, training, and quality control
- For statistical analysis to help us manage our business, such as in relation to customer base, product range or other efficiency measures
- To conduct external audits and quality checks
- To comply with our legal and regulatory obligations, including:
- To update and enhance our records
- To file statutory returns
- To conduct external audits and quality checks
Because we are continuously improving our products and Services, we may launch optimization functions from time to time which may increase or change the scope, purpose and/or method of collecting and using your personal information. In the event any optimization functions increase or change the scope, purpose, and/or method of collecting and using your personal information, we will clearly explain it to you by updating this Privacy Policy, provide for a pop-up window or on-site letter, and give you the option to agree. You have the right to refuse to agree, but if we are restricted from using the personal information necessary to realize the updated services or functions, we may not be able to provide you with the updated services and/or functions or may not be able to achieve the effect of the updated services. The basic functions of our Services will not be affected by our launch of optimization functions.
In particular, and over the past twelve (12) months, we collected and used the below types of personal information in the following contexts for the following reasons:
| Context of Use | Personal Information Collected | Used… |
| Account registration | Full name (optional), email, password, and professional or employment information | With your consent |
| Account management | Full name (optional), email, password, and professional or employment information | With your consent |
| Customer service and dispute resolution | We may need you to provide name, email and other contact information, city / region information help you solve problems We may collect your communication information with us (including text / picture / audio and video / call record form) and other necessary information related to your request | With your consent For the performance of our contract To comply with our legal and regulatory obligations For our legitimate interest of documenting recurring issues so we can better optimize your experience |
4. Ways You Might Share Your Personal Information Through Our Services
Social Sharing Features. Our Services may offer social sharing features and other integrated tools which let you share actions you take on our Services with other media, and vice versa. The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the entities that provide such features.
5. Where Your Personal Information Is Held
We store information about users on servers primarily located in Oregon, United States of America. If you are accessing our Services from outside of the United States of America, please know personal information you submit may be transferred to and stored on servers in the United States of America. The data protection and other laws of the United States of America and/or other countries might not be as comprehensive as those in your country. By submitting your data and/or using our Services, you acknowledge that your data might be transferred, stored and processed in and to the United States of America.
6. How Long Your Personal Information Is Kept
Typically, we will keep your personal information while you have an account with us or while we are providing Services to you. Thereafter, we will keep your personal information for as long as is necessary to respond to your questions, complaints, claims or as required by law. We will not retain your personal information for longer than necessary for the purposes set out in this policy. How Your Personal Information Is Kept Secure
How Your Personal Information Is Kept Secure:
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and subject to a duty of confidentiality. We continually test our systems and in the process of securing SOC II and ISO 27001 certifications, which means we follow top industry standards for information security. We use reasonable security measures to protect your personal information aligned with the Center for Internet Security’s Critical Security Controls (The 18 CIS Critical Security Controls). We adopt encryption technology to protect your personal information. We have established special management regulations, procedures and organizations to safeguard the security of the personal information we collect. We hold security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal information. In the event of a personal information security incident, we will initiate the emergency plan for security incidents, report to the relevant government authorities at the earliest convenience, inform you of the basic situation of the security incident, the treatment measures and remedies we will take or have taken as well as our advice for you, via announcements, push notifications or emails. If it is difficult to inform every user, we will issue the warning through public announcements. Notwithstanding the security measures that have been taken and the legal requirements that have been implemented, we still cannot guarantee the security of your personal information when communicating through unsafe channels. Therefore, you should also take measures to ensure the security of your personal information, such as changing your account password regularly. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
7. Your Personal Information Rights
You have specific rights regarding your personal information, which are described in this section. You or an authorized agent acting on your behalf may exercise your personal information rights by submitting a verifiable request (see Section 8 (How To Exercise Your Rights) below). If an authorized agent submits a request to know or delete your personal information, we require you to:
- Provide your authorized agent with signed permission to exercise your rights and choices
- Verify your identity directly with us
- Directly confirm with us your authorized agent has permission to submit the request
| Your Right To… | Details of Your Right |
| Know About Our Practices With Respect To Your Personal Information | We will inform you of:
|
| Access Your Personal Information in a Portable Format | You can access the personal information submitted to us at any time. Upon a verifiable request, we will deliver a copy of your personal information to you or another entity free of charge and in a readily useable format. |
| Correct Your Personal Information | In the event you discover the personal information we have about you is incorrect, on receipt of a verifiable request we will correct such information. |
| Delete Your Personal Information | Subject to certain exceptions permitted by applicable law, on receipt of a verifiable request we will delete your personal information from our records. We encourage you to inform us and submit a verifiable request to delete your personal information if:
|
| Restrict Us From Processing Your Personal Information | You have the right to require us to restrict processing of your personal information in certain circumstances, such as when you submit to us a verifiable request to correct your personal information. You can also exercise control over certain types of use of your personal information, such as ancillary personal information, in Section 9 (Your Controls) below. |
| Withdraw Your Permission Authorizations | Some functions of the Services we provide require us to obtain relevant permissions on your device (including but not limited to microphone and camera). You can withdraw the continued authorization of such permissions at any time. Please see Section 10 (Permission Authorizations) below. You should understand that after you withdraw your authorization, we cannot continue to provide you with specific functions or services corresponding to the withdrawal of your authorization. However, your decision to withdraw your permission authorizations will not affect the previous personal information processing activities based on your authorization. |
| Cancel Your Account | You may cancel your account with us anytime through a verifiable request or by writing us at the email or physical address listed at the top of this Privacy Policy. After you cancel your account, (i) you will no longer be able to log in and use our products and services with this account; (ii) all rights and interests such as the rights and interests that have been generated but not consumed during the use of our products and services and future overdue interests will be cleared; (iii) the contents, information, data, records under the account will be deleted or anonymized (unless otherwise stipulated by laws and regulations or required by the regulatory authorities); (iv) after the cancellation of account is completed, it cannot be recovered. |
8. How your imported data is used
In order to enable generative AI capabilities within Our Services, we may share information you provide to us through direct upload, manual input, or third-party integrations (e.g., Google Drive, Slack) with large language model (LLM) partners. Data you share with us may, in unmarked chunks, be submitted to our LLM partners for context when generating a response. We will never send your documents in their complete original form to any other organization, including our LLM partners.
We currently partner with the following companies as LLM providers:
- OpenAI OpCo, LLC (https://openai.com/policies/privacy-policy)
As we neither fine-tune nor operate large language models (LLMs) of our own, we do NOT use any data we collect from you for training LLMs. Our Services use retrieval-augmented generation (RAG) technology, which does not re-train or modify the LLMs themselves in any way. We make use of LLMs from OpenAI via their public-facing API. OpenAI has explicitly stated that it does not use data sent to it via API for training LLMs. Details can be found in OpenAI’s enterprise privacy policy here: https://openai.com/enterprise-privacy. 9. How To Exercise Your Rights To exercise the access, data portability, correction, and deletion rights
We make use of LLMs from OpenAI via their public-facing API. OpenAI has explicitly stated that it does not use data sent to it via API for training LLMs. Details can be found in OpenAI’s enterprise privacy policy here: https://openai.com/enterprise-privacy
9. How To Exercise Your Rights
To exercise the access, data portability, correction, and deletion rights described above please submit a verifiable request to us emailing us at hello@gpt-trainer.com.
Only you, or a person authorized by law to act on your behalf, may make a verifiable request related to your personal information. You may only make a verifiable request for access or data portability twice within a twelve (12) month period. The verifiable request must:
- Come from the email address which you used to sign up for your account with us so we may reasonably verify you are the person about whom we collected personal information about
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
We endeavor to respond to any verifiable request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period required in writing. We will send you confirmation of receipt of any verifiable request within ten (10) business days of its receipt.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by the method you submitted your request.
If we cannot comply with a verifiable request, we will explain our reasons to you in writing, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another without hindrance.
Typically, you will not have to pay a fee to access your personal information or to exercise any of your privacy rights. However, except in relation to consent withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing the request. We may also refuse to comply with your request in such circumstances.
We may decline to comply with your request under the following circumstances, and in accordance with applicable laws and regulations:
- Where it is related to our obligations under law and/or regulation
- Where it is related to national security and national defense security
- Where it is related to public safety, public health and major public interests
- Where it is related to criminal investigation, prosecution, and trial
- Where there is sufficient evidence to show that you have subjective malice or abuse of rights
- Where responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals and organizations
- Where trade secrets are involved
- Other conditions stipulated by laws and regulations
10. Your Controls
We give you control over our use and collection of your personal information. In this section, we detail your controls.
| Control | Details |
| Our Use Of Your Personal Information | You can restrict our further use of your personal information by contacting us at hello@gpt-trainer.com. In the event you request us not to use your personal information any further, we will halt processing of your personal information unless necessary for the performance of our contract with you, or if processing is necessary to comply with a legal obligation or to protect the rights and interests of ourselves or a third party. |
| Promotional Communications | You can opt-out of receiving promotional communications from us by contacting us at hello@gpt-trainer.com. If you opt out, we may still send you administrative, transactional, or other messages, such as those about your account or our ongoing business relations including but not limited to administrative confirmations, order confirmations, and important updates regarding our Services and notices regarding this Privacy Policy and our Terms of Service. |
| Cookies | A “cookie” is a small package of data downloaded onto your computer when you access our website. You can turn off cookies by setting your browser to remove or reject browser cookies. Please note that if you remove or reject cookies, this could affect the availability and functionality of our Services. |
| Push Notifications | Push notifications are short messages from us that appear as a pop-up on your browser. You can turn off cookies by setting your browser to remove or reject browser cookies. Please note that if you remove or reject cookies, this could affect the availability and functionality of our Services. |
We will not discriminate against you for exercising any of your controls or rights over your personal information. Unless otherwise permitted, when you exercise your controls or rights over your personal information, we will not:
- Deny you services
- Charge you different prices or rates for services, including through discounts or other benefits, or by imposing penalties
- Provide you a different level or quality of services
- Suggest that you may receive a different price or rate for services or a different level or quality of services
11. Permission Authorizations
In order to provide you with convenient and high-quality services, we may request some permissions on your device. When you use the corresponding function, you will see a pop-up reminder requesting your authorization to access certain device functions. You can choose to turn off some or all permissions in the setting function of the client or device. The methods for granting or withdrawing permissions may be different in different devices.
| Authorization | Services and Functions |
| Camera authorization | You can use the camera to capture and upload videos and pictures |
| Microphone authorization | You can send voice messages, conduct live video, live interaction, and complete the shooting and publishing of audio and video content |
12. How We Respond to Do Not Track Signals
Because consumers are often unaware that their do not track beacons are active, do not track frequently does not reflect the actual preferences of our users. We currently do not respond to Do Not Track signals. In the meantime, you may opt out of certain types of tracking, including certain analytics and tailored advertising by changing your cookie settings.
13. Our Policies Regarding Children
As set out in our Terms of Service (available at https://www.gpt-trainer.com/terms), you must be at least 18 years old or have the requisite power and authority to access and/or use our Services. If you are still a minor (i.e., under 18 years old), you must obtain the consent of your parent or legal guardian to use our Services.
If you are the legal guardian of a minor, please pay attention to whether the minor uses our Services or provides his or her personal information after obtaining your authorization and approval. If you have questions about the personal information of the minor under your guardianship, please contact us at hello@gpt-trainer.com or write to our address listed at the beginning of this Policy.
Our Services are not intended for children under the age of thirteen (13) or the minimum age in the relevant territory if that age is older than thirteen (13) (the “Child” or “Children”), and we do not knowingly collect any personal information from such Children. Children should not use or attempt to use our Services, and if you are a Child, please do not attempt to use our Services or send any information about yourself to the Company.
In the event that we learn that we have inadvertently gathered personal information from a Child, we will take reasonable measures to delete such information from our records. Parents who believe that we might have gathered any information from or about a Child may submit a request to delete such information to hello@gpt-trainer.com or write to our address listed at the beginning of this Policy.
14. Filing a Complaint
We hope that we can resolve any query or concern you raise about our use of your personal information. If you would like to make a complaint regarding our privacy practices, please contact us at hello@gpt-trainer.com.