Privacy Policy for AI OCR

Effective Date: [November 14, 2025]

Welcome to AI OCR, provided by Orion Studio Pte. Ltd. and its affiliates. We prioritize the privacy and security of your data. This Privacy Policy details the information we collect, use, and share about you when you use our websites and applications, collectively referred to as "Our Services".

1.What data do we collect?

We collect different types of information depending on how you interact with the App and the services provided. This may include information you voluntarily provide, data automatically collected through your device, and information received from third parties.

1.1 Voluntarily Provided Information

1.1.1 Registration Information

If you sign in using a third-party login method (such as Google Sign-In), we receive limited profile information from that provider, including:

Your name (if available)
Your email address
Your profile image (if provided)
A unique user identifier generated by the login provider

We do not receive your password, phone number, or authentication credentials.
All authentication is handled securely by the third-party login provider.

1.1.2 Local Files Stored on Your Device

Files that you create, import, or manage within the App—such as handwritten notes, documents, images, or PDFs—are stored locally on your device.

These files are not uploaded to our servers.
They are not transmitted to us.
We do not have access to these files unless you explicitly initiate an OCR or file-upload action.
We do not collect, view, store, or retain your locally stored content.

All local content remains under your full control.

1.1.3 User-Generated Content Processed for OCR or Document Conversion

When you intentionally upload a document, image, or file to use the OCR (optical character recognition) or document-conversion features, the App processes this content strictly for the specific request you make.

The workflow includes:

(a) Temporary Transmission for Processing

Your uploaded content is transmitted securely and in encrypted form to our contracted OCR processing provider only when you initiate an OCR or conversion request.

(b) Processing Exclusively for Your Requested Purpose

The provider processes the file solely to:

Extract text
Convert the document
Generate the output you requested

No profiling, analytics, training, or secondary data use is performed on your content.

Neither the App nor the OCR provider retains, stores, indexes, or preserves any uploaded content after the requested operation is completed.
The OCR provider automatically deletes the file immediately after processing—typically within seconds or minutes—based on automated deletion protocols.

(d) No Human Access

Your uploaded content is not viewed or accessed by any personnel.
Processing is entirely automated.

(e) No Copies Stored by the App

The App does not store or retain the files you upload.
Only the processing result (e.g., extracted text or converted file) is returned to your device and remains under your control.

(f) User-Initiated Uploads Only

Files stored on your device are never transmitted unless you explicitly upload them for OCR or conversion.
No background or automatic transmission occurs.

This workflow is designed to comply with global data-protection standards, including GDPR principles of purpose limitation, data minimization, and storage limitation.

1.1.4 Transaction Information

If you make purchases or subscribe to premium features, we may receive transaction-related information such as:

Purchase time and date
Product or subscription type
Renewal and expiration data

Payment credentials (including card numbers) are managed exclusively by third-party payment processors and are not accessible to us.

1.1.5 Contact Information

If you contact our support team or submit feedback, we may collect:

Your email address
The content of your message
Any attachments you voluntarily provide

This information is used solely to respond to your inquiry.

1.2 Automatically Collected Information

1.2.1 Device and Technical Data

To ensure the App functions properly and securely, we automatically collect:

Device model
Operating system version
IP address
Approximate location (derived from IP address)
App usage statistics
Diagnostic data such as crash logs, performance data, and error reports

This data is used for service optimization, security, and troubleshooting.

1.2.2 Cookies (Website Only)

If you visit our website, we may use cookies and similar technologies to:

Enhance user experience
Remember preferences
Analyze website usage

These cookies do not collect Personal Data unless you voluntarily provide it through forms.

1.3 Information Received from Third Parties

1.3.1 Social Login Providers

If you choose to sign in through a third-party identity provider (such as Google), we may receive the registration-related information described in Section 1.1.1.

1.3.2 Service Partners and Payment Providers

We may receive limited information from partners such as:

Payment processors (to confirm purchases)
Analytics services (to improve performance)
Cloud service providers (only when you choose to use them)

This information is used solely to support service delivery and compliance.

1.3.3 Other Sources

Where permitted by applicable law, we may receive publicly available information to prevent fraud, maintain account integrity, and support security measures.

2.How we use your data?

a. Service Provision: We use your information to fulfill service requests and for internal functions like troubleshooting and research.

b. Service Improvement: We improve and develop our services and conduct product development.

c. Safety and Security: Enhancing the safety of Our Services and detecting abuse, fraud, and illegal activities.

d. Communication: Using your data to communicate with you about updates and changes.

e. Legal Compliance: To meet our legal responsibilities.

f. Other Uses: We use your information for additional purposes based on legal justification.

These purposes do not involve using your documents, images, or OCR inputs for analytics, product training, or service optimization.

3.Security of Your Data

a. Security Measures: We prioritize the security of your data by implementing standard industry practices such as encryption and secure authentication mechanisms.

b. Incident Response: In the event of a data incident, we will inform you according to legal requirements about the incident details, potential impacts, measures taken, and suggestions for risk mitigation through various communication methods. If individual notification is impractical, we will issue a public Security Notice.

c. Ongoing Security Management: We maintain a high level of data security oversight through a dedicated data security commission led by a Data Protection Officer. This commission coordinates data security processes and conducts regular risk assessments. For more details or to contact our Data Protection Officer, email support@notein.cn.

4.How We Store Your Personal Data

a. Data Collection and Use: We collect, store, and use your personal data in compliance with this Privacy Policy and applicable laws, regardless of where it is processed.

b. Local and Cloud Storage: Your data is stored locally on your device. We do not store the files you upload for OCR processing on our servers.
Limited account-related information may be stored on our servers as necessary to operate the service, but your documents, images, and OCR inputs remain on your device unless you explicitly upload them for processing.

c. Compliance Across Jurisdictions: We adhere to data privacy laws specific to your location, ensuring that our data handling practices conform to both local and international regulations.

5.How We Share Your Personal Data

We respect your data privacy and share your information only under specific circumstances:

a. With Your Consent:We share your data with third parties only after obtaining your explicit consent, as permitted by law.

b. For Legal Reasons: We may share your data when required by law or to respond to legal processes.

c. With Affiliates: Your data may be shared within our corporate group for legitimate and explicit purposes, and only the necessary data is shared.

d. With Third Parties: We may share limited technical or transactional data with service providers strictly as needed to operate the App (such as payment processors or analytics services).
We do not upload or share your files, OCR inputs, or locally stored content with any storage providers or advertisers.

We ensure all data sharing is lawful and secure, accompanied by strict non-disclosure and data processing agreements with third parties. We recommend reviewing the privacy policies of any third-party services you use.

6.Your Rights and Choices Regarding Data

a. Access, Correction, and Portability: You can manage your basic account data directly in the app. You also have the right to request a copy of your data in a readable format by contacting us.

b. Withdraw Consent: You may revoke consent by adjusting the app or device settings, which may affect service functionality.

c. Deletion: You can request account deletion or remove specific data stored on your device using the App’s local file management features.
Deletion requests can be made under certain conditions, such as no longer needing the data or unlawful processing.

d. Restrict Processing: If you wish to limit how your data is processed, contact us. You can request this where your data is unlawfully processed, or if you need it retained for legal claims or contest its accuracy.

How to Delete Your Account: If you wish to delete your AI OCR account, please contact us at support@notein.cn. Our support team will guide you through the process and confirm the deletion of your account and all associated data.

Note: To protect your privacy and the privacy of others, identity verification may be required for these requests. Requests can be denied if they risk the privacy of others or are unlawful.

7. How We Process Children's Data

Our services are not designed for individuals under 16, and we do not intentionally collect data from anyone in this age group. We take the protection of children's information seriously. If you suspect that we have inadvertently collected information from someone under 16 without parental consent, please contact our Data Protection Officer at support@notein.cn for immediate action to address the issue and remove the data if necessary.

8.Cross-border Data Transfers

To deliver our services globally, we comply with applicable data protection laws in your region for managing personal data.
For residents of California, for instance, account-related personal data (such as login, subscription, or technical information) is stored solely within the United States. This does not include your documents, images, or OCR inputs, as the App does not store these files on its servers.

If necessary, we may transfer certain personal data across borders to ensure service provision, taking appropriate technical and organizational measures to protect your data as outlined in this Privacy Policy.

For data transfers from the European Economic Area (EEA), the UK, or Switzerland, we utilize legally recognized mechanisms, such as Standard Contractual Clauses (SCCs), and rely on the European Commission’s adequacy decisions where applicable.

9.Change to This Privacy Policy

We reserve the right to update this Privacy Policy periodically. Significant changes will be communicated to you through notices or, when legally required, we will seek your consent. Always check the "last updated" date at the top of this policy for the most current version. We may notify you of changes by updating the date at the top of the Privacy Policy on AI OCR or by providing more direct notifications, such as in-app alerts.

10.How to Contact Us

If you have questions or concerns about this Privacy Policy or how your data is handled, please reach out to our Data Protection Officer. You can email us at support@notein.cn for any inquiries or complaints regarding your personal data.

11.Additional Notice for California Residents (CCPA Compliance)

Under the California Consumer Privacy Act (CCPA), we prioritize your privacy rights. We collect personal identifiers, transaction details, and activity information but do not sell your personal information. As a California resident, you have the right to know about our data practices, request copies of your personal information, and request deletion of your data under specific circumstances. For any requests or to opt out of data processing, contact us at support@notein.cn. Verification is required for personal information requests, and we respond within 45 days.

12.Additional Notice for EU/UK Data Protection Representative (GDPR Article 27)

Orion Studio Pte. Ltd. (trading as AI OCR) has appointed DataRep as its Data Protection Representative for the purposes of GDPR in the EU/EEA and the UK.

If you are located in the EU/EEA or the United Kingdom and wish to contact us specifically regarding your GDPR/UK GDPR data-subject rights, you may contact our representative using the details below. Please include “AI OCR” in the subject line so your request can be correctly routed.

EU Representative

DataRep
The Cube, Monahan Road
Cork, T12 H1XY, Republic of Ireland
Email: datarequest@datarep.com
Webform: https://www.datarep.com/data-request

UK Representative

DataRep
107–111 Fleet Street
London, EC4A 2AB, United Kingdom
Email: datarequest@datarep.com
Webform: https://www.datarep.com/data-request

For all general enquiries—including product feedback, technical issues, account questions, or non-GDPR privacy matters—please contact AI OCR directly at:
Email: support@notein.cn

Such enquiries will not be handled by our EU/UK representative. DataRep cannot assist with product issues, refunds, account questions, or technical support.

13.Additional Notice for Brazilian Residents (LGPD Compliance)

Under Brazil's Lei Geral de Proteção de Dados (LGPD), we ensure robust privacy protections. We process your personal information based on legal bases such as consent, compliance with legal obligations, or our legitimate interests, ensuring they do not override your fundamental rights. As a Brazilian resident, you have rights to access, correct, and request deletion of your data, oppose certain processing, and request data portability. Complaints can be made to the ANPD if you believe your data is mishandled. Information transfers outside Brazil apply only to account-related data and technical information.
Your documents, images, and OCR inputs are not stored or transferred internationally.