LangGenius, Inc. Privacy Policy
最終更新: 2026年6月30日
LangGenius, Inc. (“LangGenius,” “we,” “us,” or “our”) provides AI-powered products and services, including but not limited to Dify (including Dify Cloud, Dify Enterprise, and Dify Community), Nod, and other applications we may offer from time to time (collectively, the “Services”). Throughout this Privacy Policy (“Policy”), references to “we,” “us,” and “our” refer to LangGenius and its affiliates. By using any of our Services, you acknowledge and agree that LangGenius is the entity responsible for the collection, use, and protection of your personal information as described in this Policy.
This Policy describes how we handle your personal information when we act as a data controller — that is, when we determine the purposes and means of processing. This Policy does not apply to the extent we process personal information as a data processor on behalf of our enterprise customers, which is governed by our Data Processing Agreement (DPA).
Please carefully read this Policy before you use or submit any information through or in connection with the Services. If you do not agree with this Policy, please do not access or use our Services or interact with any other aspect of our business. Unless otherwise required by laws in your residence, by using our Services, you accept our privacy practices described in this Policy.
What information we collect about you?
We collect and store personal information that you directly provide us through our Site, when using our Services, and other ways:
Information you provide to us
We collect and store personal information that you provide to us directly when using our Services, as well as through other means (such as user support requests, social media interactions, surveys or promotions, job applications, and interactions on our websites and at events). The information we collect includes:
As Prospective, Enterprise Versions and Community Customers
Business Contact and Transactional Information: If you are a prospective customer or an existing enterprise version customer, we may collect your business contact details (such as name, business email address and employer name) and, where applicable, your purchase history. We use this information to manage our relationship with you and for direct marketing purposes. You may opt out of direct marketing at any time as described in Section “How to access and control your information” below.
SaaS Customers (e.g., Dify Cloud, Nod)
Account and profile information. When you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services, we collect information about you which includes without limitation your name, business telephone number and your email address, passwords, language preference and similar security information used for authentication and account access. You may also choose to provide us with a display name, profile photo, job title, and other details to your profile information to be displayed in our Services. We may also use the contact information for marketing purposes, you may opt out of direct marketing at any time as described in Section “How to access and control your information” below.
Content and AI interaction data. When you use any of our Services that include AI features, we collect the content you submit to and receive from AI systems, including: prompts, questions, instructions, and other inputs you provide; documents, files, and knowledge base content you upload; and AI-generated outputs and responses. If you use a service that includes application building and workflow configuration capabilities, we also collect your application configurations and workflows.
Content provided by you through community platforms, instant messaging tools, or our website: We also collect other content that you submit to us for operation of website channels (such as social media or social networking sites). For example, when you provide feedback or participate in any interactive features, surveys, contests, promotions, sweepstakes, events, or activities, you provide content to us through phone, community interaction, IM services, etc. (such as GitHub, Twitter, Discord, WeChat, Slack, etc.)
Information provided through our support channels: Through our user support, you can choose to submit information about any issues you encounter while using our services. You may contact us through email, third-party IM tools to directly communicate with our support team. You will be asked to provide your contact information such as your email address, a summary of the issue you are facing, and any additional documents, screenshots, or information that may help to resolve the problem.
Payment and billing information: When you use certain paid services on our Services, we collect your payment and billing information, including your payment transaction and your billing address. You may also be required to provide credit card information to third-party secure payment processing service providers (such as Stripe). We do not store your credit card information.
Information we collect automatically when you use the Services
All Customers (including Prospective, Enterprise Versions, Community, and SaaS Customers)
Geolocation Data: Based on your device settings, we may collect geolocation data when you access our website and use our products. For example, we may use your IP address to infer your approximate location.
Cookies and Other Tracking Technologies: We and our third-party partners, such as our advertising and analytics partners, use various common technologies to provide functionality and identify you across different services and devices. Such technologies typically include tracking pixels, JavaScript, and various “local storage data” technologies, such as cookies and local storage. Such data may include text, personal information (such as your IP address), and information about how you use our services, depending on the technologies we use. For the purposes of this policy, we collectively refer to the cookies and other technologies identified here as “Cookies.” Most web browsers have a feature to block cookies. You can also choose to clear all cookies stored on your computer. Please refer to the LangGenius, Inc. Cookie Policy.
SaaS Customers
When you use our services (including browsing our website and taking certain actions within the service), we may also collect information about you.
Your Use of the Services: When you access any of our services and interact with them, we may track certain information about you, including but not limited to the features you use; your login times, feature usage, the links you click on; the type, size, and filenames of attachments you upload to the services; and how you interact or click on our product services.
Device and Connection Information: We collect information about the devices you use to access our services, such as your computer, phone, tablet, or other devices. This type of device information also includes your connection type and settings when installing, accessing, updating, or using our services. We also collect information about your operating system, browser type, URL of referring/exit pages, IP address, device identifiers, and crash data through your device.
For on-premise deployments, we do not collect the above information through the product itself, but may receive basic connection and version data through license verification and product update services. When you visit our websites, documentation, or support channels, this section applies regardless of your deployment type.
Information we receive from other sources
We receive information about you from other service users, our partners, and third-party service providers, social media platforms, and public databases. We may combine this information with the information we collect through other means. This helps us update and improve our records, identify new customers, create more personalized advertising, and recommend services that you may be interested in. When asked to provide personal information, you may refuse. However, if you choose not to provide the information required for certain products, these products or some of their features may not be available or may not function properly.
We are not responsible for the data policies and procedures or content of any third party. We recommend that you review the privacy policies of each website you visit.
2. How we use information we collect?
We collect and process personal information about you as necessary to provide the Services you use, operate our Sites and business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests as described in this Policy and in our notices to you.
For example, we may use any of the categories of personal information we describe above to:
- Operate, optimize, maintain and improve our internal operations, systems, Sites, and Services.
- Understand you and your preferences to enhance your experience and enjoyment using our Sites and Services, to provide recommendations, to solicit feedback, and to better market and advertise to you.
- Monitor and analyze user interactions with our Sites and Services to identify trends, usage, and activity patterns.
- Respond to your comments and questions and provide technical support or customer service.
- Provide and deliver the Services you request.
- Comply with applicable laws, rules, or regulations and cooperate and defend legal claims and audits.
- Communicate with you about promotions, upcoming events, and other news about products and services offered by LangGenius and our partners.
- Plan and host corporate events.
- Protect the Sites and Services, and investigate and deter against fraudulent, unauthorized, or illegal activity.
- Authenticate and manage your account.
About AI interaction data. LangGenius is a platform company. We do not train AI models ourselves, and we will not use your AI interaction data for model training. How your AI interaction data is used depends on the type of service you use:
If you use a service where you select your own AI model provider and supply your own API key, your AI interaction data is transmitted directly to your chosen provider for processing. Whether such data is used for model training depends on the agreement between you and that provider, and we bear no responsibility for such use.
If you use a service where AI models are selected and managed by us, your AI interaction data is processed by AI model providers acting as our Sub-processors. Under the data processing agreements we have entered into with these providers, they are prohibited from using your data for model training or their own purposes. Please refer to our Sub-processor List for details of such providers.
We may also use such information in any other way we may describe when you provide the information or for any other purpose with your consent, legitimate business purposes, or any other legal basis as permitted by applicable laws.
How we share information we collect?
We may share your personal information with your consent. We may also share any category of personal information described above:
Sharing with our business partners and other third-party service providers. We share information with third parties who help us operate, provide, improve, integrate, customize, support, and market our services. For example, to provide services to you, we may share information with third-party service partners who provide consulting support. We work with third-party service providers who provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analytics, and other services to us. Such services may require the service provider to access or use information about you. If a service provider needs to access information about you to act on our behalf in performing services, they will do so under our close instruction and adopt appropriate security and confidentiality procedures to protect your information. This includes AI model providers who process your AI interaction data on our behalf as described in Section 2. For details of such providers, please refer to our Sub-processor List.
Sharing with potential buyers and advisors. If there is a company sale, merger, reorganization, dissolution, similar event, or measures taken in anticipation of such an event (such as due diligence in a transaction), your personal information may (in accordance with applicable law) be shared with our advisors and any potential buyer’s advisors and be transferred to the new owner of the business.
Sharing information to maintain compliance with laws and regulations. We may share information as required by law or subpoena, or if we reasonably believe that such action is necessary to comply with applicable laws or the reasonable requests of law enforcement, enforce our terms of service, or protect the security or integrity of our website and products, or to exercise or protect the rights, property, or personal safety of our customers, users, or others.
Sharing with our data processors and sub-processors. We may entrust third-party data processors (referred to as “contractors” or “sub-processors” under applicable laws) with the processing of your personal information to the extent necessary to achieve the purposes described in Section 2 of this Policy. We will assess whether such processors meet our selection criteria, enter into appropriate data processing agreements, and ensure that they will properly manage your information in accordance with our instructions and applicable data protection laws.
Data Retention and Security
We retain personal information for as long as necessary for the purposes for which the personal information is processed and for longer periods as necessary for us to comply with applicable laws. For example, we retain your account information for as long as your account is active or as needed to provide you with Services you have requested or authorized, including maintaining and improving the performance of the Services and protecting system security. We also retain personal data as needed to maintain appropriate business and financial records, protect our legal interests, resolve disputes, or comply with legal or regulatory requirements. Thereafter, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will store your personal information using appropriate security measures and take appropriate steps designed to isolate it from any further processing until deletion is possible.
Data Transfers
The information collected through our website and our products may be stored and processed in any country/region where LangGenius or its affiliated companies or service providers maintain facilities, including your region, the United States, Australia, Canada, China, and the European Economic Area and the United Kingdom. Our choice of processing location is to ensure efficient operations, improve performance, and create redundancy to protect data in the event of disruptions or other issues. We take measures to ensure that the data we collect in accordance with this Privacy Policy is processed in compliance with this Privacy Policy and applicable laws, regardless of where the data is located.
If you reside in European Economic Area, the UK, and Switzerland
When we transfer personal information from the European Economic Area, the UK, and Switzerland to the United States or other countries/regions where the European Commission has not determined their laws provide adequate data protection, we use legal mechanisms designed to help ensure your rights and protections, including contracts. Specifically, our website servers are located in the United States, and our affiliates, partners, third parties, and service providers operate in the United States, European Economic Area, and China. This means that when we collect your personal information, we may process it in any of these countries. However, we have taken appropriate safeguards to require that your personal information is protected in accordance with this privacy policy. The main safeguard relied upon by LangGenius is the Standard Contractual Clauses for Data Protection approved by the European Commission. For more information about these mechanisms, please contact us using the detailed contact information provided in the “How to Contact Us” section below.
If you reside in Japan
We may provide Your Information to third parties in the United States or other countries/regions. Specifically, our website servers are located in the United States, and our affiliates, partners, third parties, and service providers operate in the United States, European Economic Area, and China. These countries may not have systems for protecting personal information that are at an equivalent level as that of Japan. However, we will only provide personal information to parties that have established a system to ensure implementation of measures equivalent to those required under Japan’s Act on the Protection of Personal Information, and that are taking necessary measures to continuously maintain said compliant system. We shall provide information related to the said necessary measures upon request. If you would like such information, please send an inquiry via the information provided in “How to Contact Us” section below. For information on the personal information protection systems of each destination country/region, please refer to the “Survey on the Systems, etc. Concerning the Protection of Personal Information in Foreign Countries” published by the Personal Information Protection Commission of Japan (https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku).
LangGenius cares about the security of your information and takes reasonable and appropriate technical and organizational measures designed to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction of personal information. However, no security system is impenetrable, and we cannot guarantee the security of our systems or your information.
The safety management measures we implement include, among others, the following:
Organizational measures: appointment of a personal information protection manager, and the establishment and periodic review of internal rules for the handling of personal information.
Human measures: provision of education and training to employees regarding the protection of personal information.
Physical measures: we do not maintain our own physical servers or similar equipment and instead use cloud services, managing access to cloud assets under a zero-trust model.
Technical measures: encryption of communications and data, access control, and detection and prevention of unauthorized access.
How to access and control your information?
You have certain rights regarding your personal information (including “retained personal data” as defined under Japan’s Act on the Protection of Personal Information), subject to the applicable laws. These may include the following rights to:
- Access your personal information: You have the right to ask us to confirm whether we are processing your personal information, and, where that is the case, access to the personal information and receive information on how your data is processed as well as ask us to provide a copy of your personal information.
- Rectify your personal information: You have the right to have any incorrect, incomplete or inaccurate data we hold about you corrected.
- Erase your personal information: You have the right to ask us to delete your personal information when, for example, the data we hold on to you is no longer needed or when your data has been processed unlawfully. If you reside in Japan, please be aware that we may only cease using or delete your personal information upon request if it is no longer necessary for our business, if a data breach has occurred, or if the processing is likely to harm your rights or interests.
- Object to processing: You have the right to object to the processing of your personal information and request us to cease processing of it if, for example, this data is being processed for the purpose of direct marketing or where we are relying on a legitimate interest (or those of a third party). Under certain circumstances, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Restrict the processing: You have the right to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the accuracy of the personal information; (b) if our use of the data is illegal but you do not want it erased; (c) if you require us to hold the data even if we no longer need it as you require it to establish, exercise or defend legal claims; or (d) if you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Receive your personal information in a usable electronic format and transmit it to a third party (right to data portability): If we are processing your personal information based on your consent or a contract, you can ask to receive your personal information in a structured, commonly used and machine-readable format. Without any obstacle from us, you can also ask us to transmit those data to another controller.
- Withdraw consent: Where we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we will no longer process that personal information, but we may be unable to continue providing certain products or services to you for which the personal information was sought. At the time you withdraw your consent, we will advise you if this is the case.
- Lodge a complaint: You have the right to lodge a complaint with a supervisory authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement if you believe that our processing of your personal information infringes applicable data protection laws. See “How to contact us” section below for contact information.
- Opt-out of communications: By using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database, you may opt-out of receiving promotional communications from us. You will continue to receive transactional messages from us regarding our Services even after you opt-out from receiving promotional messages from us. You can opt-out of some notification messages in your account settings. Please note, you will continue to receive generic ads.
- Send “Do Not Track” Signals: Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Our Services do not currently respond to browser DNT signals since there is not yet a common understanding of how to interpret the DNT signal. You can use the range of other tools we provide to control data collection and use, including the ability to opt-out of receiving marketing from us as described above.
- Right to Access sharing records (for individuals residing in Japan): You may request disclosure of records concerning the sharing of your personal information to third parties. We will assist you in identifying the specific records to ensure a smooth request process.
- Right to cease 3rd party sharing (for individuals residing in Japan): You may request that we stop providing your personal information to third parties if such provision violates applicable laws, including cases where we fail to obtain your required consent or fail to comply with international transfer regulations under the applicable laws.
These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data (such as where tax authorities require us to retain it) or where it is needed for the proper performance of a contract. Under certain circumstances, this may mean that we are able to retain data even if you withdraw your consent.
To exercise any of these rights or to submit a data request, please visit our dedicated Data Request Portal at https://langgeniusinc.gdprlocal.com/eu (for individuals residing in EEA). Through this portal, you can:
- Submit requests related to accessing, rectifying, or erasing your personal information
- Object to processing or request restrictions on processing
- Request data portability
- Withdraw consent for data processing
- Update your communication preferences
When submitting a request, please provide sufficient information to identify yourself and the specific action you’re requesting. We will respond to your request within the timeframe required by applicable law. In some cases, we may need to verify your identity or request additional information to process your request accurately.
For individuals residing in Japan: with respect to your retained personal data, you may request disclosure, correction, suspension of use, erasure, or suspension of provision to third parties. To make such a request, please email privacy@dify.ai. After we verify your identity, we will respond within the period prescribed by law (in principle, within two weeks of receiving the request). No fee will be charged for a request for disclosure.
For individuals residing in other jurisdictions, please email privacy@dify.ai.
Our policy toward children
Our Services are NOT directed to children under the age of 18 and we do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will promptly delete such personal data from our systems. If you become aware or have reason to believe that a child has provided us with personal information through our Services, please contact us at privacy@dify.ai and we will delete that information from our databases.
Changes to our policy
We may modify this Policy from time to time, and changes may apply to any personal information we already hold about you, as well as any new personal information collected after the Policy is modified. If we make changes, we will notify you by revising the date at the top of this Policy. We will provide you with advanced and more prominent notice if we make any material changes to how we collect, use or disclose your personal information that impacts your rights under this Policy. Unless otherwise required by laws in your residence, your continued access or use of our Services after receiving the notice of changes, constitutes your acknowledgement that you accept the updated Policy.
In addition, we may provide you with real-time disclosures or additional information about the personal information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your personal information. If you disagree with any changes to this Policy, you will need to stop using the Services and deactivate your account(s), as outlined above.
Lawful basis for processing personal information (EEA, UK and Switzerland)
This section below is specifically for you if you are located in the European Economic Area (EEA), United Kingdom or Switzerland. LangGenius is the data controller of your personal information when we use it as described in these Lawful Basis for Processing Personal Information, meaning that we determine and are responsible for how your personal information is processed.
Personal Information You Provide to Us
We collect the following categories of personal information that you submit directly to us when you use the Service:
(a) Contact information, such as first name, last name and email address, your employer (only if you are our enterprise customer and we need to identify your role)
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| When you create an account and access the Service as an individual, we use this information to set up and authenticate your account on the Service. | - The processing is necessary for the performance of a contract with you and to take steps prior to entering into a contract with you, namely our Terms of Service. - The processing is necessary for our legitimate interests. |
| We use this information to communicate with you, including sending service-related communications. | - The processing is necessary for the performance of a contract with you, namely our Terms of Service. |
| We use this information to deal with enquiries and complaints made by or about you relating to the Service. | - The processing is necessary for our legitimate interests, namely administering the Service, and for communicating with you effectively to respond to your queries or complaints. - The processing is necessary for the performance of a contract with you, namely our Terms of Service. |
| We use this information to send you marketing communications in accordance with your preferences. | - We will use your personal information in this way to the extent you have given us consent to do so. - The processing is necessary for our legitimate interests. |
Recipients of Contact Information:
We may share this information with the following service providers through the provision of the Service: Amazon Web Services (AWS), Google Workspace.
(b) Your registration / account information. When you create an account and access the Service as an individual, if you use an email to sign up to the service we will collect your email address, and also your language preferences. If you use Github or Google, we use single sign-on (“SSO”) such as Github and Google to allow a user to authenticate their account using one set of login information. The data we receive is dependent on your privacy settings with the social network.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use this information to create your account on the Service. | - The processing is necessary for our legitimate interests. - The processing is necessary for the performance of a contract with you, namely our Terms of Service. |
Recipients of your registration/account information:
We may share this information with the following service providers through the provision of the Service: Github, Google, AWS.
(c) Payment transaction and billing information. When you make a purchase through your account on the Service, we collect information such as your billing address and Tax ID and other information such as date and time of your transaction and products / services purchased. We may also collect your purchase history if your are our existing enterprise customer to send you marketing communications.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use this information to process your orders through the Service and collect payment. | The processing is necessary for the performance of a contract. |
| We use this information to verify your identity in connection with the detection and prevention of fraud or financial crime. | The processing is necessary for our and third parties’ legitimate interests, namely the detection and prevention of fraud and financial crime. |
| We use this information to send you marketing communications in accordance with your purchase history | - We will use your personal information in this way to the extent you have given us consent to do so. - The processing is necessary for our legitimate interests. |
Recipients of payment transaction and billing information:
We may share this information with the following service providers through the provision of the Service: Stripe, AWS.
(d) Chat, comments and opinions. When you contact us directly, e.g. by email or phone or through our feedback form we will record your comments and opinions.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| When you contact us about your own individual account, or contact us as a prospective customer, we use this information to address your questions, issues and concerns. | The processing is necessary for our legitimate interests, namely communicating with you and responding to queries, complaints and concerns. |
Recipients of Chat, comments and opinions:
We may share this information with the following service providers through the provision of the Service: Google Workspace, AWS
(e) Information received from third parties, such as social networks. If you interact with us through a social network, we may receive information from the social network such as your name, profile information, and any other information you permit the social network to share with third parties.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use this information to reshare content created through the use of the Service. | The processing is necessary for our legitimate interests (to develop our service and inform our marketing strategy). The processing is necessary for the performance of a contract with you, namely our Terms of Service. |
(f) Content and AI interaction data. When you use any of our Services that include AI features, we collect the content you submit to and receive from AI systems, including: prompts, questions, instructions, and other inputs you provide; documents, files, and knowledge base content you upload; and AI-generated outputs and responses. If you use a service that includes application building capabilities, we also collect your application configurations and workflows.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use this information to provide AI-powered features and Services you request, including processing your inputs and generating outputs. | The processing is necessary for the performance of a contract with you, namely our Terms of Service. |
| We use this information to monitor and improve the security, reliability, and performance of our AI Services. | The processing is necessary for our legitimate interests, namely maintaining the security and integrity of the Service. |
Recipients of content and AI interaction data: We may share this information with AI model providers acting as our sub-processors for the purpose of providing AI features. Please refer to our Sub-processor List for details of such providers.
Information we collect about your Use of the Site and Service
We also automatically collect the following personal information about how you access and use the Service, and information about the device you use to access the Service:
(a) Approximate Location information. When you visit our Service, we may collect information about your location. This information may be derived from your IP address.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use information to present the Service to you on your device, including localizing features of the Service. | The processing is necessary for performance of a contract with you, namely our Terms of Service. If you access the Service as an authorized user of another customer, the processing is necessary for our and the customer’s legitimate interests, namely presenting the Service to you on your device. |
Recipients of approximate local Information:
We may share this information with the following service providers through the provision of the Service: Metabase, Cloudflare, and AWS.
(b) Information about how you access and use the Service. For example, the time you access the Service and how long you use it for, the approximate location that you access the Service from, the site from which you came, our product website pages you visited, our product feature you used, and other actions you take on the Service.
| How we may use the Personal Information | Legal Bases for Processing |
|---|---|
| We use information about how you use and connect to the Service to present the Service to you on your device. | The processing is necessary for performance of a contract with you, namely our Terms of Service. If you access the Service as an authorized user of another customer, the processing is necessary for our and the customer’s legitimate interests, namely presenting the Service to you on your device. |
| We use this information to monitor and improve the Service and business, resolve issues and to inform the development of new products and services. | We will only use your personal information in this way to the extent you give us your consent to do so. |
| We use this information to identify and detect multiple attempts to access the Service to detect fraudulent use of the Service, attempts to breach the security of the Service and to ensure that the Service does not get overloaded. | The processing is necessary for our legitimate interests, namely maintaining the security and integrity of the Service. |
Recipients of information about how you access and use the Service:
We may share this information with the following service providers through the provision of the Service: Metabase, Cloudflare, and AWS.
We may anonymize and aggregate any of the personal information we collect (so that it does not directly identify you). We may use anonymized information for purposes that include testing our IT systems, research, data analysis, improving the Service. We may also share such anonymized and aggregated information with others.
U.S. Privacy Protection
The section supplements the information contained in the LangGenius, Inc Privacy Policy for California residents, as indicated below. For the purpose of this Section for California residents, “Personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
- Categories of personal information about you that we collect
| Category | We Collect |
|---|---|
| 1. Identifiers Name, Email, Employer’s name, IP Address, Information Received from 3rd Parties, etc. |
Yes |
| 2. Categories of Personal Information in Cal. Civ. Code Section 1798.80(e) Name, Email address, Employer’s name, Financial Information (Payment Transaction, Billing Information, etc.), Chat, Comments and Opinions, etc. |
Yes |
| 3. Commercial Information Payment transaction, Purchase History, etc. |
Yes |
| 4. Internet or Other Electronic Network Activity Information Usage Data (login times, feature usage, interaction data), Language Preferences, etc. |
Yes |
| 5. Geolocation data Country |
Yes |
| 6. Audio, electronic, visual, thermal, olfactory, or similar information Chat, Comments and Opinions, etc. |
Yes |
| 7. Professional or Employment-Related Information Name, Email address, Employer’s name, etc. |
Yes |
- Categories of sources from which personal information is collected
We have collected Personal Information from the following categories of sources:
- You/Your Devices: You or your devices directly.
- Third parties, such as Social Networks (GitHub, Google, etc.)
- Specific purpose of personal information we collect, use and disclose
Please see “Section 2” How we use information we collect” for the specific purposes.
- Disclosure of your personal information to third parties
We do not sell or share your personal information with third parties for “cross-context behavioral advertising”, and do not have actual knowledge that we sell or share personal information of consumers under 16 years of age.
With respect to the categories of personal information identified above in this Section (1), we disclose your personal information to the following categories of third parties:
| Category | Recipient |
|---|---|
| 1. Identifiers Name, Email, Employer’s name, IP Address, Information Received from 3rd Parties, etc. |
Vendor, service provider |
| 2. Categories of Personal Information in Cal. Civ. Code Section 1798.80(e) Name, Email address, Employer’s name, Financial Information (Payment Transaction, Billing Information, etc.), Chat, Comments and Opinions, etc. |
Vendor, service provider |
| 3. Commercial Information Payment transaction, Purchase History, etc. |
Vendor, service provider |
| 4. Internet or Other Electronic Network Activity Information Usage Data (login times, feature usage, interaction data), Language Preferences, etc. |
Vendor, service provider |
| 5. Geolocation data Country |
Vendor, service provider |
| 6. Audio, electronic, visual, thermal, olfactory, or similar information Chat, Comments and Opinions, etc. |
Vendor, service provider |
| 7. Professional or Employment-Related Information Name, Email address, Employer’s name, etc. |
Vendor, service provider |
- Data Retention
We retain each category of personal information for as long as necessary to fulfill the purposes outlined in this Section, typically until the end of your customer relationship with us, or as required by applicable laws.
- Privacy Rights
- Right to Know and Access. You have the right to request disclosure of the personal information we collect and process. This includes: (1) categories of personal information collected or disclosed; (2) the business purposes for such collection; (3) the categories of sources from which information is originated; (4) the categories of third parties or service providers with whom we share information; and (5) the specific pieces of personal information we maintain about you.
- Right to Delete. Subject to certain legal exceptions (such as legal compliance obligations, etc.), you may request the deletion of your personal information collected by us.
- Right to Correct. You have the right to request the rectification of any inaccurate or incomplete personal information that we maintain.
Identity Verification. To protect your data security, all requests for access, deletion, or correction are subject to identity verification. We will verify your identity using the contact information associated with your account (e.g., email address) in accordance with relevant CCPA/CPRA regulations.
To exercise your rights, please submit your request to privacy@dify.ai.
If you are acting as an authorized agent to make a request to know, delete, correct on behalf of a California resident, you may email us at privacy@dify.ai. Please note that we will require you to attach a written authorization signed by the resident whose Personal Information will be subject to the request.
How to contact us?
Your information is controlled by LangGenius. If you have questions or concerns about how your information is handled, please direct your inquiry to LangGenius, which is responsible for facilitating such inquiries.
LangGenius, Inc., a Delaware registered company (File No. 7358523), USA.
Email: privacy@dify.ai
If you reside in the EEA, the UK, or Switzerland, you may have the right to lodge a complaint with your local supervisory authority for data protection. Use the following contact information and link to find your local supervisory authority.
EU - Ireland Representative
Company Name: Instant EU GDPR Representative Ltd
Name: Adam Brogden
Email: contact@gdprlocal.com
Tel: + 353 15 549 700
Your Reporting Link: https://langgeniusinc.gdprlocal.com/eu
EU Dublin Address:
INSTANT EU GDPR REPRESENTATIVE LIMITED
Office 2 12A Lower Main Street,
Lucan Co. Dublin
K78 X5P8 Ireland
Contact for inquiries regarding the handling of personal information in Japan:
LangGenius K.K. (LangGenius株式会社)
Address: Nihonbashi Front 1F, 3-6-2 Nihonbashi, Chuo-ku, Tokyo, Japan
Representative Director and President: Kiji Marudan










