Skip to main content

GMI Cloud Privacy Policy

Effective Date: February 26, 2025 (Last Updated)

Introduction

GMI Cloud US Inc. as well as its parents, affiliates and subsidiaries (collectively, “GMI Cloud”, “we” or “us”) is a US-based provider of dedicated and serverless LLM (Large Language Model) endpoints. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use and safeguard it, and your rights regarding this information.

By using GMI Cloud’s services, you agree to the practices described in this Policy.

Information We Collect

We only collect data that is necessary to provide and improve our services. This includes:

  • Personal Account Information:
    When you create an account or sign up for our services, we collect information such as your name, email address, organization, and contact details. This information helps us identify you and communicate with you (e.g., for account verification or customer support). Please do not provide us with any sensitive personal identifiers like Social Security numbers or government ID numbers.

  • API Usage Logs and Technical Data:
    We automatically log certain usage information when you interact with our LLM endpoints or website. This may include details like your IP address, browser type, device information, timestamps of API calls, and usage metrics. These logs help us monitor service performance, ensure reliability, prevent fraud, and analyze usage patterns.

  • Payment and Billing Information:
    If you make a purchase or subscribe to a paid plan, we (or our payment processor) collect billing details. This includes your payment method information (such as credit card number, billing name, and billing address).

  • No Sensitive Personal Data:
    Please do not provide us with any sensitive personal information. This means we do not want or need any data about your race, ethnicity, religious or philosophical beliefs, health or medical information, genetic or biometric identifiers, sexual orientation, or political opinions​.

How We Use Your Information

We use the collected information for the following purposes, all aimed at operating and improving our services and your experience, or as disclosed to you prior to such processing taking place:

  • Providing and Improving the Service:
    We process your personal and usage data to deliver the services you request and to maintain and improve our platform’s performance and features. For example, we use usage logs to monitor system stability, troubleshoot issues, and ensure our LLM endpoints function correctly​. This helps us refine our models and infrastructure to better meet user needs.

  • Account Management and Customer Support:
    Your account information is used to manage your user account (e.g., authentication and account settings) and to provide customer support. We may use your contact details to respond to your inquiries, notify you about important account or service updates, and assist with any issues or requests you have.

  • Billing and Payments:
    We use payment and transaction data to process subscriptions, usage-based billing, send invoices/receipts, and keep accurate financial records​. For instance, usage logs might be used to calculate billing for API calls, and payment information is used to charge for the service. This is done to fulfill our contract with you (providing the paid service you signed up for) and for our legitimate business record-keeping. We may share your personal information with third-party service providers acting on our behalf to help us operate our Services. For instance, payments are handled by a certified third-party payment processor, and we receive only confirmation of payment or a tokenized transaction ID.

  • Communications and Updates:
    We may contact you with service-related announcements, administrative messages, or important security notices (for example, informing you about changes to our terms or system maintenance). We might also send occasional product updates, newsletters, or offers about new features if you have not opted out of such communications. We may send you marketing or promotional emails if you have an existing relationship with us or have consented, and you can unsubscribe at any time (see Your Rights below).

  • Analytics and Service Enhancement:
    We analyze usage data (in aggregate form) to understand how our services are used and to make data-driven improvements. This includes tracking which features are most popular, how users navigate our website or API, and where improvements or optimizations are needed. For example, we might look at API usage volume to plan capacity, or analyze error rates to improve reliability. These analytics do not intend to read your personal content; rather, we look at metadata and trends.

  • Security and Fraud Prevention:
    Information (like IP addresses and usage patterns) is used to protect our services and our users. We monitor for suspicious or abusive activity to prevent unauthorized access, DDoS attacks, misuse of our API, or fraud​. If we detect potential security issues or violations of our terms, we may use relevant data to investigate and mitigate the problem. This purpose is essential to keeping the platform safe and secure for everyone.

  • Legal Compliance:
    If necessary, we will use and retain your information to comply with legal obligations, resolve disputes, enforce our Terms of Service, or protect our legal rights. For example, we may keep certain transaction records for legal, tax and accounting requirements, or use your data to respond to a lawful request by authorities if required by law. This ensures we meet any regulatory requirements that apply to our business.

  • Other Business Purposes (Internal Only):
    We may use your information for internal purposes such as auditing, data analysis, or research to improve GMI Cloud’s services. For instance, we might test new features using anonymized data or evaluate the effectiveness of our marketing campaigns using aggregated information​.

Data Sharing and Disclosure

We understand the importance of keeping your information secure and confidential. Subject to the terms and conditions set forth in this Policy, we do not share, sell, or rent your personal data to third parties for their own use​. In plain terms, we do not give or sell your information to outside companies for marketing or any other independent purpose. Your data is used only by GMI Cloud and its service providers, as described below:

  • Service Providers (Processors):
    We may share certain data with trusted third-party service providers to help us run our services. This includes, for example, cloud hosting providers (for data storage and servers), payment processors (to handle billing transactions), or email service providers (to send account notifications).

  • Legal Requirements and Protection:
    We may disclose personal information if we are compelled to do so by law or a valid legal process (such as a court order, subpoena, or government demand). If a law enforcement or regulatory agency requests your data, our policy is to review the request carefully and only comply if required by applicable law​. Additionally, we may share information if necessary to enforce our Terms of Service or to protect the rights, property, or safety of GMI Cloud, our customers, or others. This could include sharing information with law enforcement to investigate fraud or security threats.

  • Business Transfers:
    If GMI Cloud is involved in a merger, acquisition, bankruptcy, or sale of all or a portion of its assets, personal data may be transferred to the successor entity as part of that transaction. If this happens, we will ensure your data remains subject to the same protections outlined in this policy, and we will notify users as required by law of any change in data ownership.

  • Internal Access Controls:
    Within GMI Cloud, we limit access to your information to those employees or contractors who need it to perform their job (for example, support staff troubleshooting an issue). Our employees are bound by confidentiality agreements, so they should understand the importance of safeguarding customer information​.

Your Rights and Choices

We believe you should have control over your personal information. Depending on where you live (for example, in the United States or the European Union), you may have certain rights under privacy laws. GMI Cloud extends these core rights to our users with respect to transparency and fairness. These rights include:

  • Right to Access:
    You have the right to request a copy of the personal data we hold about you. We will provide you with a summary of the information we have, how it is used, and who it may have been disclosed to, as required by law​.

  • Right to Correction (Rectification):
    If any of your personal details are inaccurate or outdated (such as a misspelled name or an old email address), you have the right to correct or update them. You can usually do this by logging into your account settings, or by contacting us for assistance. We want to make sure your information is correct and up-to-date.

  • Right to Deletion:
    You can request that we delete your personal data. This is sometimes called the “Right to be Forgotten.” You might exercise this right if you decide to close your account or simply want your information removed. We will honor such requests by deleting your data from our systems (except for information we are required to keep for legal or billing reasons set forth in this Policy)​. Do note that once deleted, your data (including your account and any stored content) cannot be recovered, so be sure that is what you want.

  • Right to Opt Out of Analytics/Tracking:
    We use analytics cookies (as described below). If you wish to opt out of analytics tracking, you can configure your web browser to block or delete cookies, including the Google Analytics cookie. (See the Cookies and Tracking section for more details.) You may also use Google’s own opt-out tools for Analytics.

  • Right to Data Portability:
    In certain cases, if applicable laws require, you may request that we provide your personal data in a commonly used, machine-readable format, so you can transfer it to another service provider.

  • Right to Withdraw Consent:
    If we rely on your consent for any particular data processing (for example, if you agreed to a survey or optional data sharing), you have the right to change your mind and withdraw that consent at any time. Withdrawing consent will not affect the legality of what we did with your data while we had consent, and it will not affect processing under other legal bases.

You may exercise these rights by contacting us (see Contact Us at the end of this Policy). For certain requests, we will need to verify your identity to ensure we’re protecting your privacy by not giving your data to someone else. We will respond to your request within the timeframe required by applicable law. These rights are subject to some exceptions; for instance, we might not delete data that we are required to keep by law, or we might decline a request if it jeopardizes the privacy of others. Our goal is to honor your requests and provide you with transparency and control over your information​ (If you are a resident of California or certain US states with privacy laws, you may have additional rights under those laws, like the California Consumer Privacy Act).

Data Retention

How long do we keep your information? We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law​. This means that we keep your information for no longer than is justified to run our business or provide our services to you. Once data is no longer needed, we aim to delete it or anonymize it.

  • Active Accounts:
    If you have an active account with GMI Cloud, we will retain your data so that we can continue to provide the service to you. This includes retaining your account information, settings, and usage logs as needed to operate the service (for example, to maintain your account login and to track your usage for billing). We periodically review what we store and delete what is not needed.

  • Account Deletion or Inactivity:
    If you choose to delete your account (or if your account becomes inactive for an extended period), we will initiate the deletion of your personal data. Upon account cancellation, your content and personal information will become inaccessible and will be scheduled for removal from our systems. We may retain a record of your account email or transaction history after deletion to the extent needed for legal compliance (as noted below).

  • Specific Data Types:
    Certain types of data have longer retention periods. For instance, billing records might be kept for several years as required by tax laws. We strive to apply the minimum retention necessary for each category of data. If we anonymize data (so it can no longer be linked to you), we might retain it longer for statistical purposes, since it no longer constitutes personal information.

  • Legal and Business Obligations:
    Even after you delete your account or request deletion, we may need to retain some information for a period of time to comply with laws or legitimate business obligations​. For example, we are required to keep financial transaction records (invoices, payment history) for a certain number of years for tax and accounting reasons. Similarly, we may retain logs if we believe in good faith that they are needed to investigate fraud or security incidents or to resolve future legal disputes.

Data Security and Compliance

GMI Cloud takes the security of your data very seriously. We have implemented a robust set of technical and organizational measures to safeguard your personal information from unauthorized access, disclosure, or destruction. Here are some key aspects of our security program:

  • Encryption:
    We aim to make sure your data transmitted between our servers and your device is encrypted using industry-standard encryption protocols (HTTPS/TLS). Likewise, we encrypt personal data at rest in our databases and storage systems​.

  • Access Controls:
    We restrict access to personal data strictly on a need-to-know basis. Only authorized GMI Cloud personnel (or authorized service providers) who require access to your information to perform their duties are permitted to do so, and they are subject to confidentiality obligations​. We generally use role-based access controls, require strong authentication for our staff, and log and monitor access to sensitive systems.

  • Network & Application Security:
    Our platform is secured by firewalls and other network security measures to prevent unauthorized intrusions. We regularly update our software and infrastructure to patch vulnerabilities. We run security scans and penetration tests to identify and fix potential weaknesses. We also employ systems for detecting and blocking suspicious activities.

  • Data Redundancy and Backup:
    We maintain secure backups and redundancies of critical data to ensure reliability and to prevent data loss​. Backups are encrypted and stored in secure locations. In case of a server failure or other incident, these measures help protect the integrity and availability of your data. Our backup retention is time-limited, and backup data is subject to the same privacy protections as live data.

  • Monitoring and Auditing:
    GMI Cloud continuously monitors its systems for security events and has an incident response plan in place. If we become aware that any security breach were to occur, we would promptly inform affected users and take all reasonably needed steps to mitigate the issue, in accordance with applicable laws.

  • International Data Transfers:
    The personal data we collect is generally stored and processed on servers located in the U.S. and Taiwan. However, we do operate globally and may process and transfer your personal data to other companies of GMI Cloud worldwide, or to third parties around the world, for the purposes described in this Policy and specifically to ensure we can materially fulfill our agreement with you or answer to your requests, or upon your consent when applicable. If you are accessing our services from the European Union or another region with data protection laws, we want you to know that we take steps to ensure your information we transfer receives an adequate level of protection even when we transfer your information outside of your home country. We implement the security measures and rights outlined in this Policy as required by applicable laws. This means that no matter where you’re from, we aim to handle your data securely and lawfully. If you have questions about international data transfers, please contact us.

Cookies and Tracking Technologies

Like most websites and cloud services, we use cookies and similar tracking technologies to ensure our service works correctly and to enhance your experience. Below are what you need to know about our use of cookies:

  • What Are Cookies?
    Cookies are small text files stored on your device by your web browser. They are used to remember information about your visit, such as your preferences or login status, and to recognize you upon return. We also use related technologies like web beacons or local storage for similar purposes.

  • How We Use Cookies:
    GMI Cloud uses cookies primarily for functionality and analytics. For example, when you log into your account, a session cookie keeps you logged in as you navigate between pages – this is essential for the service to work. We also use cookies to gather analytics about how users interact with our website. We may use Google Analytics to anonymously analyze website traffic and usage patterns​. Google Analytics sets cookies that help us count visitors, see which pages or docs are viewed most, and understand overall user behavior on our site. We intend to use this information in aggregate form. The analytics data helps us improve site content, identify areas of interest, and enhance usability.

  • Cookie Consent and Preferences:
    Currently, users cannot manage cookie preferences on our website via a dedicated tool or banner​. We do not have a pop-up that lets you selectively enable or disable categories of cookies, and we use cookies in limited ways as described herein. By using our site and services, you consent to our use of cookies as outlined in this Policy. If you prefer not to accept cookies, you have the option to disable or delete them through your browser settings. Most browsers allow you to block third-party cookies or all cookies, and you can also clear cookies at any time. Please note that if you disable all cookies, some essential features of our service (like staying logged in) may not function properly. There is also an opt-out browser add-on available from Google to disable Google Analytics specifically, if you wish.

  • Do Not Track:
    Some browsers have a “Do Not Track” (DNT) feature that sends a signal to websites that you do not want to be tracked. At this time, our site may not respond differently to a DNT signal since we do not engage in cross-site tracking in the first place.

Third-Party Sites

Our Service may contain links to other websites, products, or services that we do not own and are not operated by us. If you click a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit before providing any information to them.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services, and this Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. If you have any questions about how these other sites or services use information from or about you, you should contact them directly.

Contact Us

Your privacy is important to us, and we welcome any questions or concerns you might have about this Policy or our data practices. If you would like to exercise any of your rights (access, correction, deletion, etc.), or if you have questions about how we handle your personal information, please contact us:

We will respond as promptly as possible, and at least within any timeframes required by law. If you contact us to exercise a privacy right, we may need to verify your identity for security purposes (to ensure we do not disclose data to the wrong person). Verification might involve confirming information we already have on file (please do not provide any sensitive information like passwords).

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may also have the right to contact your local data protection authority. For EU residents, this would be your country’s supervisory authority. For California residents, you can reach out to the California Attorney General’s office. We would appreciate the chance to address your concerns directly first, but you absolutely have the right to seek help from regulators as well.

Updates to This Policy

We may update this Privacy Policy from time to time at our sole discretion to reflect changes in our practices or relevant laws. If we make material changes, we will notify you by email or through a notice on our website. The “Last Updated” date at the top will always indicate when the latest changes were made. We encourage you to review this Policy periodically to stay informed about how we are protecting your information. If you continue to use GMI Cloud after an update, it means you accept the revised policy.

Thank you for reading our Privacy Policy. We are committed to protecting your data and being transparent about our practices. Your trust is important to us, and we aim to take commercially reasonable actions to maintain it.

Feel free to modify or extend this Markdown as needed for your project.