Privacy Policy

1. Introduction and Scope

socialistic.ai (the "Service") is operated by haitai social ("haitai social", "we", "us", or "our"). This Privacy Policy applies to all personal data collected through the Service at https://socialistic.haitai-social.com, including the web application and APIs. By using the Service you acknowledge the practices described here. If you do not agree, you should stop using the Service.

2. Roles

One account can act in two roles depending on the context:

• Consumer You are a consumer when you visit a Skill published by someone else, upload files to it, or start a conversation with it.
• Creator You are a creator when you publish a Skill, configure its API key or hosting mode, or manage it from your Skills page.

The same account can switch between roles at any time. Sections labeled "Creator" or "Consumer" apply only when you act in that role; unlabeled sections apply to both.

3. Service Architecture

The Service runs across a Next.js web and API layer hosted on Vercel; skill-execution agents ("Goose agents") on virtual private servers managed by haitai social; and authentication, database, and storage from Supabase. Each component processes personal data only as needed to perform its function, and communication between components is encrypted in transit with HTTPS/TLS.

4. Data We Collect

• 4.1 Account and authentication data. When you sign in, we receive and store profile information from the method you choose — currently Google, GitHub, or WeChat, or a one-time email sign-in link. Depending on the method, this may include your display name, email address, avatar image, and a unique identifier from the provider. We never receive or store a password.
• 4.2 User content.
  • Creators: Skill metadata (source URL, title, description, configuration) and, in Own key or creator-provided modes, your LLM API key or subscription credentials. Creators may also choose hosted mode, which requires no key at all — the platform makes requests through the public OpenRouter API on their behalf.
  • Consumers: files and links submitted on the cold-start surface, and the messages exchanged in conversation sessions.
• 4.3 Telemetry and usage data. We collect product analytics through PostHog (pages viewed, interface interactions, feature events, session duration, referral source) and standard server logs (IP address, user-agent, timestamps, response codes, request URIs), used only for operating, monitoring, and debugging the Service.
• 4.4 Credit and transaction data. If you use credits, we store your wallet balance and an append-only ledger of credit movements — hosted-usage charges and promotional grants — including the amount, reason, counterparty, and what authorized each movement.

5. How We Use Your Data

We process your personal data for these purposes:

• Authenticate you and maintain your account.
• Render and distribute the Skill cards you create.
• Provision and manage agent sessions for conversations.
• Transmit your messages to the LLM provider configured for a Skill.
• Operate the credit system and keep an auditable record of credit movements.
• Diagnose errors and maintain stability.
• Comply with legal obligations.

We do not sell, rent, or license personal data. We do not use your messages, uploaded files, or conversation history to train or improve any machine-learning model.

6. Data Flow During Skill Execution

When you use a Skill, your input — text, uploaded files, code, and URLs — is sent to the LLM provider configured for that Skill. The call uses either the creator's own API key (Own key mode) or the platform's key (hosted mode).

The provider returns a response. Both your input and the response are stored in our database (Supabase) so the conversation can continue across turns. Uploaded files are stored in Supabase Storage.

We do not inspect, analyze, or mine the content of your conversations or files for any purpose beyond delivering the Service. Each LLM provider's own privacy policy governs how it handles the data it receives.

Data handling by mode

In all modes, your input and the LLM response are stored in the platform database (Supabase). Uploaded files are stored in Supabase Storage. You can see which mode applies when you start a session.

Creators: in Own key or creator-provided modes, your API key is stored on the platform and transmitted to the agent runtime over encrypted connections to serve LLM calls. Consumer conversations routed through your key are visible to your LLM provider. If you choose hosted mode, no key is needed — the platform uses its own key to make requests through OpenRouter.

7. LLM API Key Security

We know an API key is sensitive. Creators may choose hosted mode, which requires no key at all — the platform makes LLM requests through the public OpenRouter API on their behalf. If you choose to use Own key mode, this is how your key is protected:

• Your key is never visible to consumers, to other creators, or to anyone you share your Skill with. It never appears in a shared page, URL, share surface, or conversation. Only you, signed in to your own account, can view or change it.
• Your key is stored on our servers solely to serve LLM calls for your Skill, and is transmitted only over encrypted (HTTPS/TLS) connections between the browser, our servers, and the agent runtime.
• Access to the systems that hold your key is limited to authorized personnel on a need-to-know basis. You can change, remove, or rotate your key at any time from your skill configuration; removing it immediately stops the Skill from being shareable. All data in transit between clients, our servers, and internal components is protected with TLS.

8. Credit and Financial Data

The credits ledger is the authoritative, append-only record of every credit movement; your wallet balance is a cached read of that ledger. We retain ledger and transaction records for as long as needed to provide the Service, resolve disputes, and meet legal and accounting obligations, which may extend beyond account closure.

9. Third-Party Data Recipients

• 9.1 Identity providers. Google LLC, GitHub, Inc., and/or Tencent (for WeChat sign-in) receive and process authentication data when you choose to sign in through them.
• 9.2 LLM providers. When a Skill runs, consumer messages and attached content are sent to the third-party LLM provider configured for that Skill — in hosted mode, the platform selects the provider; in creator-provided modes, the creator's own key or subscription routes the call. We do not control how those providers handle data.
• 9.3 Infrastructure and service providers. Vercel, Inc. (hosting and CDN), Supabase, Inc. (database, authentication, storage, and delivery of email sign-in links), and PostHog, Inc. (product analytics). Each acts as a data processor on our instructions under its own data processing agreement.

We do not disclose personal data to advertisers or data brokers, or to any third party for marketing purposes.

10. Data Retention

Account data is kept while your account is active. Skill metadata, conversation history, and uploaded files are kept until you delete them or close your account. After that, data is removed from active systems within 30 days. Encrypted backups are purged within 90 days.

Credit ledger and transaction records may be retained longer to meet legal, accounting, and dispute-resolution obligations.

11. Your Rights and Choices

Subject to applicable law, you may access the personal data we hold about you, request correction or deletion, object to or restrict certain processing, and request a portable copy. You can delete your Skills at any time from your skills page, and you can contact us to exercise any right or to request account deletion. We respond to verified requests within thirty (30) days or as the law requires.

/me/skills · official@tinkerland.app

12. Cookies and Tracking

The Service uses a small set of first-party cookies strictly necessary for authentication sessions, language preference, and recording your response to the pay-willingness question. PostHog sets a first-party analytics cookie for visitor deduplication; you can block it via your browser settings without losing core functionality. We do not use third-party advertising cookies or cross-site tracking.

13. Children's Privacy

The Service is not directed to, and we do not knowingly collect personal data from, anyone under thirteen (13) or under the age of digital consent in their jurisdiction. If we learn we have collected such data, we will promptly delete it.

14. Abuse Reports and Investigations

If you report abuse, or are the subject of a report, we process the information in the report — including the Skills, accounts, and evidence involved — to investigate and act on it. We treat a reporter's identity as confidential and do not disclose it to the reported party. We retain investigation and enforcement records for as long as needed to keep the Service safe, handle appeals, and meet legal obligations.

15. Legal Basis for Processing

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction that requires a legal basis, we rely on the following grounds:

• Contract performance. Processing necessary to provide the Service you signed up for — account authentication, Skill rendering and distribution, agent session management, message transmission to the LLM provider, and credit system operation.
• Legitimate interest. Processing necessary for our legitimate business interests, where those interests are not overridden by your rights — product analytics and telemetry, error diagnosis and stability, abuse investigation, and service security.
• Legal obligation. Processing necessary to comply with applicable law — regulatory compliance and retention of financial records.
• Consent. Where we rely on your consent (e.g. the PostHog analytics cookie), you may withdraw it at any time by adjusting your browser settings. Withdrawal does not affect processing carried out before the withdrawal.

16. International Data Transfers

The Service is operated from servers located in the United States. If you access the Service from outside the US, your personal data is transferred to and processed in the US.

For transfers from the EEA, the UK, or Switzerland, we rely on the Standard Contractual Clauses (SCCs) published by the European Commission, supplemented by additional technical and organizational measures where appropriate.

Our principal sub-processors and their locations: Vercel, Inc. (US — hosting and CDN), Supabase, Inc. (US — database, authentication, storage), PostHog, Inc. (US/EU — product analytics). LLM provider locations vary by the Skill's hosting configuration.

17. Jurisdiction-Specific Rights

Depending on where you live, you may have additional rights under local data protection law. This section supplements — but does not replace — section 11.

• 17.1 European Economic Area and United Kingdom. Under the GDPR / UK GDPR you may: access your data, request rectification or erasure, restrict or object to processing, request data portability, and withdraw consent at any time. You also have the right to lodge a complaint with your local supervisory authority. The data controller is haitai social.
• 17.2 California (CCPA / CPRA). California residents may: know what personal information we collect and how it is used, request deletion, and opt out of any sale or sharing. We do not sell personal information. We do not discriminate against you for exercising these rights.
• 17.3 China (PIPL). Under the Personal Information Protection Law you may: know about and decide on the processing of your personal information, restrict or refuse processing, request access, portability, correction, and deletion. Cross-border transfers are based on your informed consent provided at sign-up.

18. Modifications to This Policy

We may modify this Privacy Policy at any time. If we make a material change, we will update the "Effective" date above and, where practicable, give notice through the Service. Your continued use of the Service after a revised policy is posted constitutes acceptance.

19. Service Continuity

The Service is operated on a commercially reasonable, best-effort basis. We do not guarantee uninterrupted availability and may modify, suspend, or discontinue any part of the Service at any time, subject to Section 18 on material changes.

20. Contact

For questions or requests about this Privacy Policy or our data practices, email us at the address below.

official@tinkerland.app