隐私政策 / Privacy Policy

生效日期 / Effective Date: 2026-01-24

最后更新 / Last Updated: 2026-01-24

概述 / Overview

欢迎使用我们的AI性格测评与玄学服务平台（以下简称"本服务"）。本隐私政策说明了我们如何收集、使用、存储和保护您的个人信息。

Welcome to our AI Personality Assessment and Metaphysical Services platform (the "Services"). This Privacy Policy explains how we collect, use, store, and protect your personal information.

本政策适用于以下产品 / This policy applies to:

AI MBTI性格测试 / AI MBTI Personality Test
AI解梦 / AI Dream Interpretation
AI占星 / AI Astrology
AI八字 / AI Bazi Analysis
AI小六壬 / AI Xiaoliuren Divination
K线解读 / Kline Reading

数据安全保障 / Data Security Measures

我们如何保护您的隐私？/ How do we protect your privacy?

我们深知您对隐私的关注。以下是我们实施的具体技术措施，确保您的数据安全：

We understand your privacy concerns. Here are the specific technical measures we implement to ensure your data security:

1. 端到端加密 / End-to-End Encryption

措施 / Measure	说明 / Description
AES-256-GCM 加密	所有对话记录在存储前使用军事级加密算法加密 / All conversation records are encrypted using military-grade encryption before storage
密钥分离存储	加密密钥与数据库分开存储，互相隔离 / Encryption keys are stored separately from the database
数据库入侵保护	即使数据库被非法访问，对话内容也无法被读取 / Even if the database is compromised, conversation content cannot be read

2. 行级安全策略 / Row-Level Security (RLS)

措施 / Measure	说明 / Description
数据库层强制隔离	在数据库层面强制执行用户数据隔离策略 / User data isolation is enforced at the database level
用户数据隔离	每个用户只能访问自己的数据，技术上无法跨用户访问 / Each user can only access their own data; cross-user access is technically impossible
应用漏洞防护	即使应用程序存在漏洞，也无法绕过数据库级别的访问控制 / Even if application vulnerabilities exist, database-level access controls cannot be bypassed

3. 最小权限原则 / Principle of Least Privilege

措施 / Measure	说明 / Description
管理员无权查看原文	后台管理员无法查看用户对话原文内容 / Backend administrators cannot view original user conversation content
内存中处理	AI 分析仅在内存中进行，不存储任何中间结果 / AI analysis is performed only in memory; no intermediate results are stored
日志自动脱敏	系统日志自动过滤并脱敏，不记录用户ID和对话内容 / System logs are automatically filtered and anonymized; user IDs and conversation content are not logged

4. 第三方AI处理 / Third-Party AI Processing

措施 / Measure	说明 / Description
API调用模式	AI 分析通过 Google/Anthropic 官方 API 进行 / AI analysis is conducted through official Google/Anthropic APIs
不训练模型	我们不使用您的数据训练任何AI模型 / We do NOT use your data to train any AI models
不保留训练数据	API调用后不保留任何数据用于模型改进 / No data is retained for model improvement after API calls
HTTPS加密传输	所有API调用均使用HTTPS加密传输 / All API calls use HTTPS encrypted transmission

5. 用户控制权 / User Control

您对自己的数据拥有完全控制权 / You have complete control over your data:

权利 / Right	说明 / Description
数据导出	随时可以导出所有个人数据（JSON格式）/ Export all personal data anytime (JSON format)
账户删除	随时可以永久删除账户和所有关联数据 / Permanently delete your account and all associated data anytime
彻底清除	删除操作不可逆，数据将从所有系统中彻底清除 / Deletion is irreversible; data is completely purged from all systems

1. 我们收集的信息 / Information We Collect

1.1 您主动提供的信息 / Information You Provide

信息类型 / Type	说明 / Description	用途 / Purpose
账户信息 / Account Info	邮箱、用户名、头像 / Email, username, avatar	账户管理与登录 / Account management
出生信息 / Birth Info	出生日期、时间、地点 / Birth date, time, location	占星、八字等服务所需 / Required for astrology, bazi services
对话内容 / Conversation Content	与AI的聊天记录 / Chat history with AI	提供个性化服务 / Personalized service delivery
测评结果 / Assessment Results	MBTI类型、性格分析报告 / MBTI type, personality reports	保存您的测评历史 / Save your assessment history
语音输入 / Voice Input	语音消息（如使用语音功能）/ Voice messages (if using voice feature)	转文字并分析语音特征 / Transcription and audio signal analysis

1.2 自动收集的信息 / Information Collected Automatically

设备信息: 设备类型、操作系统、浏览器类型、屏幕分辨率
使用数据: 访问时间、页面浏览、功能使用情况
IP地址: 用于安全保护和大致地理位置
Cookie与类似技术: 用于维持登录状态和分析服务使用情况
Device Information: Device type, operating system, browser type, screen resolution
Usage Data: Access time, page views, feature usage
IP Address: For security and approximate geolocation
Cookies and Similar Technologies: For maintaining login status and analytics

1.3 敏感个人信息声明 / Sensitive Personal Information Notice

根据中国《个人信息保护法》(PIPL) 和其他适用法规，出生日期、出生地点等信息可能被视为敏感个人信息。我们仅在您明确同意并为提供服务所必需时收集此类信息。

Under China's Personal Information Protection Law (PIPL) and other applicable regulations, birth date, birth location, and similar information may be considered sensitive personal information. We only collect such information with your explicit consent and when necessary to provide our services.

2. AI与大语言模型处理说明 / AI and LLM Processing Disclosure

2.1 AI服务提供商 / AI Service Providers

我们使用以下AI服务处理您的对话内容：

We use the following AI services to process your conversations:

服务商 / Provider	用途 / Purpose	隐私政策 / Privacy Policy
Google (Gemini)	主要对话AI / Primary conversation AI	Google Privacy Policy
Anthropic (Claude)	高级对话AI / Premium conversation AI	Anthropic Privacy Policy

2.2 数据处理方式 / How Data is Processed

对话传输: 您的对话内容会被发送至上述AI服务进行处理
不用于训练: 我们通过API调用AI服务，您的数据不会被用于训练这些AI模型
流式处理: 对话采用流式传输，减少数据暂存
语音处理: 如使用语音功能，语音会被转换为文字，并提取语速、语调等特征用于性格分析
Conversation Transmission: Your conversation content is sent to the above AI services for processing
Not Used for Training: We use API calls; your data is NOT used to train these AI models
Streaming: Conversations use streaming transmission to minimize data caching
Voice Processing: If using voice features, audio is transcribed to text and audio characteristics (pace, tone) are extracted for personality analysis

2.3 AI生成内容声明 / AI-Generated Content Notice

本服务的所有分析结果均由AI生成。AI可能产生不准确、不完整或带有偏见的内容。请勿将AI生成的内容作为重要决策的唯一依据。

All analysis results in this service are AI-generated. AI may produce inaccurate, incomplete, or biased content. Do not rely solely on AI-generated content for important decisions.

3. 信息使用目的 / How We Use Your Information

我们使用您的信息用于以下目的：

We use your information for the following purposes:

提供服务: 进行性格测评、生成分析报告
账户管理: 维护您的账户和测评历史
服务改进: 分析使用模式以改进服务质量
技术支持: 响应您的问题和反馈
安全保护: 检测和防止欺诈、滥用行为
合规要求: 遵守适用法律法规
Service Delivery: Conduct personality assessments, generate analysis reports
Account Management: Maintain your account and assessment history
Service Improvement: Analyze usage patterns to improve service quality
Technical Support: Respond to your questions and feedback
Security: Detect and prevent fraud and abuse
Legal Compliance: Comply with applicable laws and regulations

4. 数据存储与安全 / Data Storage and Security

4.1 存储服务 / Storage Services

服务 / Service	类型 / Type	数据中心位置 / Data Center
Supabase	数据库 / Database	美国（或您选择的区域）/ US (or your selected region)
Vercel	应用托管 / App Hosting	全球边缘节点 / Global edge network

4.2 安全措施 / Security Measures

传输加密: 所有数据传输使用HTTPS/TLS加密
存储加密: 数据库采用静态加密
访问控制: 严格的权限管理和审计日志
定期审查: 定期进行安全评估和漏洞修复
Encryption in Transit: All data transmission uses HTTPS/TLS encryption
Encryption at Rest: Database uses encryption at rest
Access Control: Strict permission management and audit logs
Regular Review: Regular security assessments and vulnerability remediation

4.3 数据保留期限 / Data Retention

数据类型 / Data Type	保留期限 / Retention Period
账户信息 / Account Info	账户存续期间 + 删除后30天 / Account lifetime + 30 days after deletion
对话记录 / Chat History	1年（或账户删除时）/ 1 year (or upon account deletion)
测评结果 / Assessment Results	账户存续期间 / Account lifetime
使用日志 / Usage Logs	90天 / 90 days
语音数据 / Voice Data	处理完成后立即删除原始音频 / Original audio deleted immediately after processing

5. 信息共享与披露 / Information Sharing and Disclosure

5.1 我们不会出售您的个人信息 / We Do Not Sell Your Personal Information

我们绝不会出售、出租或交易您的个人信息给第三方用于营销目的。

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 第三方服务提供商 / Third-Party Service Providers

我们可能与以下类型的服务提供商共享必要的信息：

We may share necessary information with the following types of service providers:

云服务提供商: Supabase, Vercel（数据存储和托管）
AI服务提供商: Google, Anthropic（AI处理）
分析服务: PostHog（匿名使用分析）
支付服务: [支付提供商名称]（如适用）
Cloud Providers: Supabase, Vercel (data storage and hosting)
AI Providers: Google, Anthropic (AI processing)
Analytics: PostHog (anonymized usage analytics)
Payment Services: [Payment Provider Name] (if applicable)

5.3 法律要求披露 / Legal Disclosure

在以下情况下，我们可能披露您的信息：

遵守法律义务或法院命令
保护我们的合法权益
保护用户或公众的安全

We may disclose your information when:

Required by law or court order
To protect our legal rights
To protect the safety of users or the public

6. 您的权利 / Your Rights

6.1 适用于所有用户 / For All Users

您有权：

访问: 获取我们持有的您的个人信息副本
更正: 要求更正不准确的信息
删除: 要求删除您的个人信息
导出: 以可机读格式获取您的数据
撤回同意: 随时撤回您对数据处理的同意

You have the right to:

Access: Obtain a copy of your personal information we hold
Correction: Request correction of inaccurate information
Deletion: Request deletion of your personal information
Export: Obtain your data in a machine-readable format
Withdraw Consent: Withdraw your consent to data processing at any time

6.2 中国用户额外权利 (PIPL) / Additional Rights for Users in China (PIPL)

根据《个人信息保护法》，您还有权：

拒绝基于自动化决策的个人信息处理
要求说明自动化决策的规则
对死者近亲属的个人信息行使权利

Under the Personal Information Protection Law, you also have the right to:

Refuse automated decision-making based on personal information
Request explanation of automated decision-making rules
Exercise rights over personal information of deceased close relatives

6.3 欧盟用户额外权利 (GDPR) / Additional Rights for EU Users (GDPR)

数据可携带权
限制处理权
反对权
向监管机构投诉的权利
Right to data portability
Right to restriction of processing
Right to object
Right to lodge a complaint with a supervisory authority

6.4 加州用户额外权利 (CCPA) / Additional Rights for California Users (CCPA)

知情权：了解收集了哪些个人信息
删除权：要求删除个人信息
不歧视权：行使权利不会受到歧视对待
Right to Know: What personal information is collected
Right to Delete: Request deletion of personal information
Right to Non-Discrimination: No discriminatory treatment for exercising rights

6.5 如何行使您的权利 / How to Exercise Your Rights

账户设置: 在应用内的"设置"中管理您的数据
数据导出: 使用应用内的"导出数据"功能
账户删除: 使用应用内的"删除账户"功能
联系我们: 发送请求至 [privacy@your-domain.com]
Account Settings: Manage your data in the "Settings" section of the app
Data Export: Use the "Export Data" feature in the app
Account Deletion: Use the "Delete Account" feature in the app
Contact Us: Send requests to [privacy@your-domain.com]

7. 未成年人保护 / Protection of Minors

本服务不面向16岁以下的用户。我们不会故意收集16岁以下未成年人的个人信息。如果您发现我们可能收集了未成年人的信息，请立即联系我们。

This service is not intended for users under 16 years of age. We do not knowingly collect personal information from minors under 16. If you believe we may have collected information from a minor, please contact us immediately.

8. 跨境数据传输 / Cross-Border Data Transfer

由于我们使用的AI服务和云服务可能位于中国境外，您的数据可能被传输至其他国家/地区。我们会确保：

采取适当的数据保护措施
选择符合相关数据保护法规的服务提供商
在必要时获取您的单独同意

As our AI services and cloud services may be located outside of China, your data may be transferred to other countries/regions. We ensure:

Appropriate data protection measures are taken
Service providers comply with relevant data protection regulations
Your separate consent is obtained when necessary

9. Cookie政策 / Cookie Policy

我们使用Cookie和类似技术来：

维持您的登录状态
记住您的偏好设置
分析服务使用情况
改进用户体验

您可以通过浏览器设置管理Cookie偏好。禁用Cookie可能影响部分功能的正常使用。

We use cookies and similar technologies to:

Maintain your login status
Remember your preferences
Analyze service usage
Improve user experience

You can manage cookie preferences through your browser settings. Disabling cookies may affect the functionality of some features.

10. 政策更新 / Policy Updates

我们可能会不时更新本隐私政策。重大变更时，我们会：

在应用内发布通知
通过邮件通知注册用户
更新本页面顶部的"最后更新"日期

继续使用本服务即表示您接受更新后的政策。

We may update this Privacy Policy from time to time. For significant changes, we will:

Post a notice in the app
Notify registered users by email
Update the "Last Updated" date at the top of this page

Continued use of the Services constitutes acceptance of the updated policy.

11. 联系我们 / Contact Us

如果您对本隐私政策有任何疑问或需要行使您的权利，请通过以下方式联系我们：

If you have any questions about this Privacy Policy or need to exercise your rights, please contact us:

邮箱 / Email: [privacy@your-domain.com]
地址 / Address: [您的公司地址 / Your Company Address]
数据保护负责人 / Data Protection Officer: [DPO联系方式 / DPO Contact]

我们将在收到请求后15个工作日内响应。

We will respond within 15 business days of receiving your request.

本隐私政策的中文版本与英文版本如有歧义，以中文版本为准。

In case of any discrepancy between the Chinese and English versions of this Privacy Policy, the Chinese version shall prevail.