Privacy Policy & Disclaimer

Welcome to LunaMare AI services. This Privacy Policy and Disclaimer explains how we collect, use, store, and protect your personal information, as well as the relevant responsibilities and limitations when you use our services.

Scope of Application: This statement applies to the personal data processing activities involved when you use our websites, services, applications, and related products.

Legal Basis: We strictly comply with Hong Kong's Personal Data (Privacy) Ordinance (PDPO), General Data Protection Regulation (GDPR), and other applicable data protection laws and regulations to protect your personal data security.

Data Protection Officer: Our company has appointed a Data Protection Officer to oversee personal data protection matters and ensure compliance with relevant regulations.

2.1 Directly Collected Information

• Contact Information: Name, email address, phone number, company name
• Account Information: Username, password, profile settings
• Business Information: Industry category, company size, business requirements
• Communication Records: Communications with our customer service or sales teams

2.2 Automatically Collected Information

• Technical Information: IP address, browser type, operating system, device information
• Usage Information: Pages visited, click behavior, time spent, usage patterns
• Location Information: Approximate geographic location based on IP address (not precise location)

2.3 Third-Party Source Information

• Public information from social media platforms
• Information provided by business partners
• Business information from public databases

3.1 Primary Purposes

• Service Provision: Providing AI solutions and technical services to you
• Account Management: Creating and managing your user account
• Customer Support: Responding to your inquiries and providing technical support
• Service Improvement: Analyzing usage patterns to improve our service quality

3.2 Marketing Purposes

• Sending product updates and new feature notifications
• Providing personalized service recommendations
• Inviting participation in events, webinars, or surveys
• Sending industry information and technical content

3.3 Legal Purposes

• Complying with applicable legal and regulatory requirements
• Protecting our legitimate rights and security
• Preventing fraud and abuse
• Assisting law enforcement agencies in legitimate investigations

We do not sell, lease, or otherwise commercially exploit your personal data. We will only share your information with third parties under the following circumstances:

4.1 Authorized Sharing

• With your explicit consent
• According to your instructions

4.2 Service Providers

• Cloud service providers (such as AWS, Azure)
• Customer relationship management system vendors
• Email service providers
• Analytics and monitoring service providers

4.3 Legal Requirements

• In response to court orders or government agency requests
• To protect our or others' rights, property, or safety
• To prevent or investigate suspected illegal activities

4.4 Corporate Transactions

• In the case of merger, acquisition, or asset sale
• During reorganization or bankruptcy proceedings

5.1 Technical Protection Measures

• Encryption Technology: Using SSL/TLS for transmission encryption and AES for storage encryption
• Access Control: Implementing multi-factor authentication and role-based access control
• Network Security: Deploying firewalls, intrusion detection and prevention systems
• Regular Audits: Conducting security assessments and penetration testing

5.2 Administrative Protection Measures

• Employee data protection training and confidentiality agreements
• Principle of least privilege and separation of duties
• Data processing activity records and monitoring
• Incident response and notification procedures

5.3 Data Retention

• Retaining your personal data only for the necessary period
• Determining retention periods according to legal requirements or business needs
• Securely deleting data that is no longer needed
• Regularly reviewing and purging expired data

Under Hong Kong's Personal Data (Privacy) Ordinance and other applicable data protection laws, you have the following rights:

6.0 Basic Rights Under Hong Kong PDPO

• Right of Access: To access whether we hold your personal data and to access such data
• Right of Correction: To request correction of any inaccurate personal data
• Right to Complaint: To make complaints to the Office of the Privacy Commissioner for Personal Data in Hong Kong
• Right to Refuse: To refuse consent to processing of your personal data in certain circumstances

6.1 Right of Access

• Understanding how we process your personal data
• Obtaining a copy of your personal data that we hold

6.2 Right of Rectification

• Requesting correction of inaccurate personal data
• Requesting completion of incomplete personal data

6.3 Right of Erasure

• Requesting deletion of your personal data in specific circumstances
• Requesting cessation of processing when consent is withdrawn

6.4 Right to Restrict Processing

• Restricting our processing of your personal data in specific circumstances
• Suspending data processing during dispute resolution periods

6.5 Right to Data Portability

• Obtaining your personal data in a structured, commonly used format
• Transmitting data to other service providers

6.6 Right to Object

• Objecting to data processing based on legitimate interests
• Objecting to data processing for marketing purposes at any time

7.1 Cookie Usage

We use cookies and similar technologies to improve your browsing experience, analyze website usage, and provide personalized content.

7.2 Cookie Types

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: To understand how users use our website
• Functional Cookies: To remember your preference settings
• Marketing Cookies: To provide relevant advertisements and content

7.3 Cookie Management

You can control cookie usage through your browser settings. For detailed information, please refer to our Cookie Policy.

8.1 Transfer Scope

We may transfer your personal data to countries or regions outside the Hong Kong Special Administrative Region, including but not limited to the United States and European Union member states, to provide services or support.

8.2 Protection Measures

• Ensuring recipient countries or regions have adequate data protection standards
• Signing standard contractual clauses or other legal instruments with recipients
• Implementing technical and organizational measures to ensure data security
• Regularly assessing and monitoring the security of cross-border transfers

9.1 Age Restrictions

In accordance with Hong Kong's Personal Data (Privacy) Ordinance, we pay special attention to protecting minors' personal data. Our services are primarily targeted at business users, and we do not intentionally collect personal data from individuals under 18 years of age.

9.2 Parental Consent

If we need to collect personal data from individuals under 18 years of age, we will first obtain explicit consent from their parents or legal guardians.

9.3 Accidental Collection

If we discover that we have accidentally collected personal data from minors without proper authorization, we will immediately take steps to delete such information. If you believe we may hold your child's personal data, please contact our Data Protection Officer.

10.1 Service Nature

Our AI services are provided "as is" without guarantees of continuity, accuracy, completeness, or reliability. AI technology has inherent limitations, and the results generated are for reference only and should not be the sole basis for final decisions.

10.2 Content Disclaimer

• AI-Generated Content: Any content, recommendations, or analysis results generated by AI systems do not represent our company's position or guarantees
• Accuracy Statement: We do not assume responsibility for the accuracy, applicability, or completeness of AI outputs
• Third-Party Content: Third-party content, links, or information included in our services are for reference only
• Example Content: Examples and demonstration content in product displays are for illustrative purposes only

10.3 Technical Disclaimer

• Service suspensions due to system maintenance, network interruptions, or technical failures
• Force majeure events (natural disasters, government actions, wars, etc.) affecting service provision
• System failures or service interruptions by third-party service providers
• User equipment, network environment, or software compatibility issues

10.4 Usage Risks

Users understand and agree that using our services involves certain risks, including but not limited to:

• Uncertainty and potential bias in AI analysis results
• Risks of business decisions relying on AI recommendations
• Technical limitations in data processing
• Unknown risk factors of emerging technologies

11.1 Damage Limitation

To the maximum extent permitted by law, LunaMare AI shall not be liable for any direct, indirect, incidental, special, punitive, or consequential damages arising from the use or inability to use our services.

11.2 Monetary Limitation

• Our total liability shall not exceed the fees you paid to us in the 12 months prior to the incident
• For free service users, our liability limit is HKD 0
• This limitation applies to liability under contract, tort, or any other legal theory

11.3 Exclusions

We do not assume liability for losses caused by the following circumstances:

• User violation of terms of service or improper use of services
• User failure to protect account security or password breaches
• Third-party actions or negligence
• Force majeure events or government actions
• Business decisions made by users based on AI outputs

11.4 Legal Reservations

The above disclaimer and limitation clauses do not affect your non-waivable rights under Hong Kong law. If any clause is deemed invalid, other clauses remain valid.

12.1 Update Notifications

We may update this privacy policy from time to time. For significant changes, we will:

• Post update notifications on our website
• Notify registered users via email
• Display prominent notifications in our services
• Request your re-consent when necessary

12.2 Effective Date

Updated policies will take effect immediately upon publication unless otherwise stated. Continued use of our services indicates your acceptance of the updated policy.

13.1 Data Protection Contact

13.2 Response Time

We commit to responding to your inquiries or requests within 30 days of receipt. For urgent matters, please indicate "URGENT" in the email subject line.