Product Data Flow and Security Boundaries
As shown below, EcoTrain consists of the training-side environment, communication security layer, server-side center, user-facing layer, and operations management with audit protection. The training side only reports parameter information, task status, and other data required for training status monitoring, training acceleration, and early stopping control. It does not upload raw training samples, label plaintext, model weights, or business documents. The communication link establishes a trusted connection through encrypted transmission, certificate validation, and key protection. Within the authorized scope, the server performs status analysis, policy matching, anomaly prompts, and early stopping recommendations. The operations management layer is responsible for API services, logging, task isolation, tenant management, and runtime monitoring, ensuring clear boundaries between different users, tasks, and projects.

Information We Collect
To provide status monitoring, training acceleration, early stopping control, and related functions, the product only needs training process parameters, status information, authentication and access control information, API call results, and hardware device information. It does not need access to the training data itself. The actual collection scope can be further narrowed based on deployment mode and user configuration.
| Information Category | Included Content | Purpose |
|---|---|---|
| Training parameter information | Task ID, epochs, training steps, runtime | Display training progress, maintain monitoring context, generate alert records |
| Training status information | Statistics or status information such as loss, learning rate, and gradient state | Identify convergence trends, optimize the training process, generate training recommendations |
| Authentication and access control information | User ID, API KEY, certificate-related validation information | Confirm access identity, restrict unauthorized access, distinguish user or task permissions |
| API call results | API call results, such as process heartbeat information | Troubleshooting, runtime audit, and stability assurance |
| Hardware device information | Compute hardware type and compute hardware quantity | Billing |
Information We Do Not Collect
Unless explicitly configured or separately provided by the user in a specific deployment, debugging, or support scenario, the product does not collect the following information:
- Raw training samples, dataset files, sample label plaintext, or plaintext user business data.
- Model weights, checkpoints, complete parameter files, or raw files that can reconstruct model assets.
- User code repositories, business documents, private knowledge bases, or other data sources unrelated to training monitoring.
- Plaintext sensitive credentials such as user IDs, API KEYs, or certificate private keys.
- Unredacted raw logs containing personal information, trade secrets, or sensitive content.
Data Use Restrictions
Runtime status information collected by the product is used only to provide training status monitoring, training acceleration, early stopping control, training recommendation generation, system stability maintenance, security audit, and user support. Without explicit user authorization, we will not use collected user-related data to train other models, sell it to third parties, or use it for commercial purposes unrelated to this product's service purpose.
