ErudAite, Inc. (“we”, “our”, or “us”) collects, uses, and discloses personal information (the “Personal Information”) in the course of providing our translation diagnostic service “CATER v2” (the “Service(s)”). This Privacy Policy (this “Policy”) explains how we process the Personal Information and protects the privacy of data subjects residing outside Japan in accordance with the laws and regulations applicable to such processing (the “Applicable Laws”, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) where applicable).
For data subjects residing in Japan, the CATER Privacy Policy (Japanese) applies.
The Service is provided as part of the ErudAite product family. When you sign in, authentication is handled by the ErudAite account that is shared with ErudAite Stand By Me (“SBM”). The SBM Privacy Policy applies in conjunction with this Policy.
We collect the following categories of Personal Information, lawfully and transparently, to the extent necessary to provide the Service:
id.erudaite.ai) shared with SBM.Even when you use the Basic (quick) mode as a guest without signing in, we still process the input data and a minimal set of service-usage data described above.
Personal Information is processed within the scope of our legitimate business purposes and only to the extent necessary to achieve the following purposes:
Because the Service is a translation diagnostic, the input text you submit is necessarily transmitted to third-party LLM providers via the Vercel AI Gateway operated by Vercel Inc. These providers may operate servers located outside Japan (primarily in the United States), and include without limitation:
We use commercially reasonable contractual and configuration measures to ensure that LLM providers do not use your input data as training data for their underlying models.
Card-payment data for on-demand purchases is transmitted to Stripe, Inc. (United States) through the ErudAite Account Service. Stripe’s privacy policy applies to such data.
We use Vercel Inc. for hosting, Google LLC (Firebase) for authentication, and Upstash, Inc. for the Redis-based deterministic cache. These processors handle Personal Information only within the scope set out in this Policy and under our supervision.
Where the data protection laws of the recipient’s jurisdiction do not provide the same standard of protection as those of your jurisdiction, we will examine the eligibility of the recipient and confirm that appropriate security measures are in place.
Where permitted under the Applicable Laws, you may request disclosure, correction, addition, deletion, restriction of processing, suspension of use, suspension of provision to third parties, or data portability, of your Personal Information by contacting us via the channels in “4. To Contact Us” below. Where you signed up via SBM, account closure must be performed via SBM; closing your SBM account will simultaneously sign you out of CATER.
You may withdraw your consent for us to collect, use or disclose your Personal Information at any time, without affecting the lawfulness of processing carried out before withdrawal. Withdrawing consent may, however, prevent us from providing some or all of the Service.
You may have the right to lodge a complaint with your local data protection authority or with a court of law under the Applicable Laws if your data protection rights are violated.
We use only strictly necessary cookies for session management, authentication, and protection of billing round-trips. We do not use tracking, analytics, or advertising cookies.
We do not use your Personal Information for automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you. Diagnostic scores produced by the Service are intended as decision support and not as a substitute for human judgement.
The Service is intended for individuals aged 13 or older. Account creation and age verification are handled by SBM (https://sbm.erudaite.ai/signup?from=cater), and the SBM Terms and Privacy Policy govern those procedures. Under the GDPR, where a user is below the age threshold defined by the applicable EU Member State, processing based on consent shall be lawful only if and to the extent that consent is given or authorized by the holder of parental responsibility.
If we learn that we have collected Personal Information from a child below the relevant threshold without the necessary parental consent, we will take steps to delete that information promptly. Parents or guardians may contact us using the channels in “4. To Contact Us” below.
We have established a management system and implemented appropriate organisational, human, physical, and technical security measures to protect Personal Information from unauthorized access, loss, destruction, falsification, leakage, etc.
For academic reproducibility and to reduce the cost of processing identical inputs, the Service caches the output of each pipeline stage in a deterministic cache, keyed by a hash of the input text and configuration parameters.
Inquiries regarding our processing of Personal Information are welcomed at the following channels:
ErudAite, Inc., Privacy Team
We may update this Policy from time to time as part of our ongoing review of how Personal Information is managed, protected, and processed. Material changes will be announced on the Service or our corporate website. The updated Policy becomes effective when published on the Service.