This Privacy Policy explains how DeepWave Co., Ltd. (also known as “DeepWave,” “we,” “us,” or “our”) collects, uses, shares, and protects personal data when you use our websites, mobile applications, and related services (collectively, the “Services”).

1) What data do we collect?

We may collect the following categories of personal data (depending on how you use the Services):

A. Account and identity data

• Personal identification information such as name, email address, phone number, and other contact details.
• If you sign in using a third-party identity provider (e.g., Google or Microsoft), we may receive basic profile information (such as name, email address, and profile photo) as permitted by your settings and consent.

B. Transaction and subscription data

• Purchase and subscription records, billing-related metadata, and transaction history (note: payment card details are typically processed by secure payment processors and are not stored by us directly unless explicitly stated).

C. Content and service usage data

• User-generated audio content and related analysis records processed specifically to provide the requested Services.
• Technical and usage information such as device information, browser type, app version, IP address, log data, and diagnostics information.

D. Cookies and similar technologies

• Information collected via cookies or similar technologies when you use or view our website (see the “Cookies” sections below).

2) How do we collect your data?

You directly provide DeepWave with most of the data we collect. We collect data when you:

• Register for an account or use our Services.
• Place an order or purchase a subscription for our products or services.
• Contact customer support, complete surveys, or provide feedback.
• Use or view our website via your browser’s cookies.

We may also receive your data indirectly from:

• Business cards exchanged at events or meetings.
• Publicly available contact information you choose to make available (for example, contact details on a public profile page).

3) How will we use your data?

DeepWave collects and uses your data for the following purposes:

• Provide and operate the Services, including creating and managing your account.
• Process purchases and subscriptions, manage billing, and provide customer support.
• Improve our Services, including troubleshooting, analytics, and service performance.
• Protect the security and integrity of the Services, including detecting and preventing fraud, abuse, and security incidents.
• Communicate with you about service updates, administrative messages, and important notices.
• Send marketing communications (where permitted and subject to your choices), such as special offers or information about other products and services we think you might like.
• Comply with legal obligations and enforce our terms.

4) With whom do we share, transfer, or disclose your data?

DeepWave may share, transfer, or disclose personal data (including Google user data obtained via Google Sign-In) only for the purposes described in this Privacy Policy and only to the extent necessary.

We may share your data with the following categories of recipients:

1. Identity and authentication providers: To enable sign-in, account verification, and security checks when you choose to use third-party identity providers (e.g., Google or Microsoft). The data involved is typically limited to basic profile information such as name, email address, and profile photo, as permitted by your settings and consent.
2. Infrastructure and hosting service providers: To host, store, back up, and deliver our Services (e.g., servers, databases, infrastructure, monitoring).
3. Payment and subscription processing partners: To process purchases/subscriptions, handle billing, manage renewals, and prevent fraud (e.g., app store platforms, payment processors, and related compliance partners).
4. Customer support and communications service providers: To provide customer service, respond to inquiries, send service-related notices, and manage support tickets.
5. Analytics, diagnostics, and security service providers: To measure service performance, troubleshoot errors, improve reliability, and protect against abuse or security incidents. Where feasible, we use aggregated or de-identified data.
6. Legal, compliance, and protection purposes: To comply with applicable laws and lawful requests, enforce our terms, protect our rights, safety, and property, and respond to claims or disputes (e.g., courts, regulators, law enforcement, auditors, legal counsel).
7. Business transfers: If DeepWave is involved in a merger, acquisition, restructuring, financing, or sale of assets, your data may be transferred as part of that transaction, subject to appropriate safeguards and notice where required.

Important Notice regarding Google User Data: We do not sell your personal data. We do not share Google user data with advertising partners, and we do not use Google user data obtained via Google Sign-In for advertising personalization.

5) How do we store your data?

DeepWave securely stores your data on servers located in Taipei, Taiwan. We implement appropriate security measures to protect the Services and your personal data. These measures may include firewalls, anti-virus systems, access controls, and other necessary safeguards. Only authorized personnel can access personal information, and relevant personnel are bound by confidentiality obligations. Violations of confidentiality obligations may be subject to applicable laws and internal disciplinary action.

Data Security and Protection
We implement industry-standard technical and organizational measures to protect user data obtained through third-party identity providers, including Google and Microsoft, from unauthorized access, disclosure, alteration, or destruction.

Secure transmission:
All data exchanged between our application, users, and third-party identity providers is encrypted in transit using HTTPS (TLS 1.2 or higher).

Secure storage:
We minimize the storage of authentication credentials. OAuth access tokens are used only during the active authentication or API request session and are not stored long-term. If any authentication-related identifiers are stored, they are protected using encryption at rest and strict access controls.

Access control and least privilege:
Access to authentication data is strictly limited to authorized services and personnel based on the principle of least privilege, and protected by authentication, authorization, and audit logging.

Purpose limitation:
Data obtained through Single Sign-On (SSO) and third-party APIs (e.g., Google Calendar) is used solely for user authentication, account linking, and service functionality explicitly requested by the user. For example, calendar data is used only to identify meeting schedules and related information needed to join meetings. OAuth scopes for third-party services are limited to read-only access.

Data retention and deletion:
Authentication data is retained only for as long as necessary to maintain user accounts and provide the service, and is deleted or anonymized upon account deletion or when no longer required.

Security monitoring and incident response:
We continuously monitor our systems for potential security threats and maintain incident response procedures to address unauthorized access or data breaches.

6) Marketing

DeepWave would like to send you information about products and services of ours that we think you might like. If you have agreed to receive marketing, you may always opt out at a later date. You have the right at any time to stop DeepWave from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please let us know via email (email address: service@dwave.cc).

7) What are your data protection rights?

DeepWave would like to make sure you are fully aware of all of your data protection rights. Depending on your jurisdiction, you may have the following rights:

• The right to access - You have the right to request DeepWave for copies of your personal data.
• The right to rectification - You have the right to request that DeepWave correct any information you believe is inaccurate. You also have the right to request DeepWave to complete information you believe is incomplete.
• The right to erasure - You have the right to request that DeepWave erase your personal data, under certain conditions.
• The right to restrict processing - You have the right to request that DeepWave restrict the processing of your personal data, under certain conditions.
• The right to object to processing - You have the right to object to DeepWave’s processing of your personal data, under certain conditions.
• The right to data portability - You have the right to request that DeepWave transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we will respond within a reasonable time period and in accordance with applicable law. If you would like to exercise any of these rights, please contact us at our email: service@dwave.cc

8) What are cookies?

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology. For further information, visit allaboutcookies.org.

9) How do we use cookies?

DeepWave uses cookies in a range of ways to improve your experience on our website, including:

• Keeping you signed in (where applicable)
• Understanding how you use our website so we can improve performance and usability

10) What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

• Functionality - DeepWave uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
• Advertising - DeepWave uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. DeepWave sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.

11) How to manage your cookies

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

12) Privacy policies of other websites

The DeepWave website contains links to other websites. Our privacy policy applies only to our Services, so if you click on a link to another website, you should read their privacy policy.

13) Changes to our privacy policy

Our Company keeps its privacy policy under regular review and places any updates on this web page. The last updated date is shown at the top of this Privacy Policy.

14) How to contact us

If you have any questions about DeepWave’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us. Email us at: service@dwave.cc

15) How to contact the appropriate authority

Should you wish to report a complaint or if you feel that DeepWave has not addressed your concern in a satisfactory manner, you may contact the relevant data protection or privacy authority in your jurisdiction. Email: sung.yeh@dwave.cc