Launch App

Privacy Policy

Last updated: May 8, 2026

These documents are generic drafts for early-stage use only. They are not legal advice and may not meet requirements in your jurisdictions. Replace bracketed placeholders with your legal entity details and have a qualified lawyer review before you rely on them commercially, especially if you serve customers in the EU, UK, or regulated industries.

This Privacy Policy describes how Yirar.com("we", "us") collects, uses, stores, and shares personal data when you use the Yirar websites and product services (collectively, the "Services"). By using the Services, you acknowledge this notice.

1. Who we are

The data controller for personal data processed through the Services is Yirar.com, with contact details: Hong Kong SAR. Privacy enquiries: support@yirar.com.

2. Scope

This policy applies to visitors of our marketing website and to registered users of the Yirar application (including workspace members). If your employer or organisation provisions access, they may have separate agreements that also apply.

3. Personal data we collect

We may process categories of information including:

  • Account and identity: name, email address, authentication identifiers (for example Google Sign-In subject ID), passkey or security-related metadata needed to operate sign-in.

  • Workspace and collaboration data: workspace membership, roles, and content you or your team create in the product (for example goals, issues, labels, comments, attachments metadata, board or mind map structure, and related project information).

  • Technical and usage data: IP address, approximate location derived for analytics consent where we show a banner, device and browser type, logs, timestamps, and diagnostics needed to secure and operate the Services.

  • Support and communications: messages you send us (for example feedback or support requests).

  • Marketing site: cookie and analytics data as described under Cookies and analytics.

4. How we use personal data

We use personal data to:

  • Provide, operate, and improve the Services (including syncing data across devices and workspace members).

  • Authenticate users, prevent fraud and abuse, and protect security.

  • Provide optional product features you choose to use (for example AI-assisted features where available).

  • Communicate about the Services, respond to requests, and comply with legal obligations.

  • Measure aggregate usage of our marketing site where permitted (see Cookies and analytics).

We do not sell your personal data in the conventional sense of selling lists of individuals to advertisers. We may use subprocessors (such as cloud hosting and email providers) who process data on our instructions.

5. Legal bases (EEA, UK, and similar regimes)

Where laws such as the GDPR or UK GDPR apply, we rely on appropriate bases including: performance of a contract (providing the Services you requested); legitimate interests (security, product improvement, proportionate analytics where allowed); consent where we ask for it (for example non-essential cookies in regions where we show a consent banner); and legal obligations.

6. AI and automated features

If you use features that send portions of your workspace content to AI services, we process that content to generate responses for you. Such processing is governed by our agreements with infrastructure providers and by this Policy. Do not submit highly sensitive personal data unless your organisation permits it.

7. Retention

We retain personal data for as long as your account is active, as needed to provide the Services, and as required by law. When you delete content or your account, we delete or anonymise data within a reasonable period subject to backup and legal retention needs. Exact retention periods may be refined in product documentation or enterprise agreements.

8. International transfers

We operate globally and may process data in Hong Kong and other countries where we or our subprocessors maintain infrastructure. Where required, we use appropriate safeguards (for example contractual clauses). Ask us for details relevant to your jurisdiction.

9. Security

We implement technical and organisational measures appropriate to the nature of the Services. No method of transmission or storage is completely secure.

10. Your rights

Depending on where you live, you may have rights to access, rectify, delete, restrict, or object to certain processing, and to lodge a complaint with a supervisory authority. To exercise rights, contact support@yirar.com. We may need to verify your request.

11. Children

The Services are not directed at children under the age where parental consent is required in your region. Do not register if you do not meet the minimum age.

12. Cookies and analytics

On our marketing website (and where implemented), we may use cookies or similar technologies. In some regions we estimate your country from your IP address to decide whether to show an analytics consent banner. That lookup may involve third-party geo services; we use the result for consent routing, not for individual profiling.

Where consent is required and you accept analytics, we may use Google Analytics 4 to understand aggregate traffic. You can withdraw consent where the product provides cookie preferences.

13. Changes

We may update this Policy from time to time. We will post the updated version on this page and revise the "Last updated" date. Material changes may require additional notice where the law requires.

14. Contact

Questions about this Policy: support@yirar.com. Postal: Hong Kong SAR.

Terms of Service · Back to home