Netron NAVI 2.0 Intelligent Knowledge Management System Privacy Policy

Last Updated: November 7, 2025

Welcome to the Netron NAVI 2.0 Intelligent Knowledge Management System (the "Service"). This Service is provided by Netron Information Technology Co., Ltd. ("we," "us," or "our"). We are committed to protecting your personal privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our AI services, especially the data we access from your Google and Microsoft accounts with your authorization.

Before using this Service, please read and fully understand this Policy.

1. Information We Collect

To provide our AI Service, we need to collect the following types of information:

• Information You Provide Directly:

• Account Registration Information: When you register for an account, you may provide information such as your name, email address, and password.

• Information You Authorize Us to Access from Google and Microsoft Accounts: The core functionality of this Service requires you to grant us access to your designated Google and Microsoft account data via Google OAuth and Microsoft OAuth authentication. We will only access the following information after obtaining your explicit consent:

• Gmail and Outlook Data:

• Read your emails: To enable our AI to summarize or categorize your emails, we need to access the content, headers, recipients, senders, and attachments of your Gmail and Outlook emails.
• Access your basic profile information: This includes your name and email address, used for account identification and association.

• Information Collected Automatically:

• Usage Logs: When you interact with the Service, we automatically record technical information, such as your browser and device information, access times, and your actions within the Service, for service maintenance, security monitoring, and analysis.

2. How We Use Your Information

We strictly adhere to the principle of "least privilege" and use your information only for the following purposes:

• To Provide, Maintain, and Improve the Service:

• Utilizing the accessed email (Gmail and Outlook) data to perform the core AI functions you request (e.g., email summarization, categorization).
• Personalizing your user experience.
• Diagnosing technical problems and maintaining service security.

• To Communicate with You:

• Sending you service-related notifications, security alerts, and support messages.

• For Compliance and Security:

• Detecting and preventing fraud, abuse, and other harmful activities to protect the rights of you and other users.

3. Information Sharing and Disclosure

We do not sell your personal information to any third party. We only share your information in the following circumstances:

• Service Providers:

• We use major cloud services (AWS, Azure, GCP) as our backend infrastructure. The data you authorize, including content obtained from your emails (Gmail and Outlook), will be securely stored and processed on the respective server storage.

• Legal Requirements:

• When we believe in good faith that disclosing your information is necessary to comply with a legal obligation, protect our rights, or respond to a valid legal request from government authorities.

• Business Transfers:

• If we are involved in a merger, acquisition, or asset sale, your information will not be transferred as part of the assets.

4. Specific Restrictions on Use of Data from Google and Microsoft APIs

This Service's use of user data obtained via Google APIs and the Microsoft Graph API strictly adheres to the Google API Services User Data Policy (including its 'Limited Use requirements') and the relevant developer policies for the Microsoft Services Agreement and Microsoft Graph.

• We only use the data you authorize to provide or improve the core user-facing features of this Service.
• We will never use data obtained from Google APIs or Microsoft APIs for advertising purposes.
• We do not allow humans to read your data unless it is for rare exceptions, such as complying with applicable law or enhancing security.
• We will never transfer your data to any third party (except as described in Section 3 of this Policy).

5. Data Security

We employ industry-standard security measures to protect your data:

• Encryption in Transit: Your data is encrypted using TLS/SSL during transmission between your device and our servers, and between our servers and the Google and Microsoft APIs.
• Encryption at Rest: Your data is stored in an encrypted format on our servers (AWS, Azure, GCP).
• Access Control: We implement strict internal access controls, authorizing only necessary personnel to access your data under specific circumstances.

6. Your Rights and Choices

• Revoke Authorization: You can revoke the Service's access to your third-party accounts at any time through your account settings.

• If you authorized via a Google account, you can remove the Service's access rights at any time by visiting your Google Account security settings page (https://myaccount.google.com/permissions).
• If you authorized via a Microsoft account, you can remove the Service's access rights at any time by visiting your Microsoft Account application permissions page (https://account.live.com/consent/Manage).
• Please note that after revoking authorization, the AI-related functions of the Service that rely on this platform data will no longer be available.

7. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time. If we make material changes, we will notify you via the email address you provided or by posting a prominent notice on the Service's website. We encourage you to review this Policy periodically for the latest information.

8. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

• Email: allen_wu@netron.net
• Address: Netron Information Technology, 5F-2, No. 168, Ruiguang Rd., Neihu Dist., Taipei City, Taiwan