1. 适用范围与运营者
本政策适用于 Inking iOS/iPadOS 应用、相关后端服务以及本法律与支持网站。本政策中的“我们”指以 Yansoul 名义运营 Inking 的独立开发者。若有隐私问题,可发送邮件至 1150001740@qq.com。
2. 我们处理的信息
你写下和创建的内容
- 日记文字与回信:手写识别在你的设备上完成。为了生成回信,识别后的文字、有限的近期对话上下文以及回复所需的语言和排版提示会发送到我们的服务。
- 记忆与角色设置:为了让后续回信保持连续,我们可能保存你的日记文字、回信、你选择的角色设定,以及从这些内容中提炼的摘要、记忆和偏好。
- 原始笔迹:原始笔迹图像、笔画坐标和手写轨迹保留在设备端,不会作为日记内容上传。服务可能收到不含笔迹内容的汇总指标,例如笔画数、点数与书写时长,用于可靠性和体验分析。
设备、账户与诊断信息
- 随机生成的安装或设备标识、日记编号、会话标识与用于鉴权的技术凭据。
- App 版本、系统版本、设备型号、时区、请求状态、耗时、错误信息以及有限的交互事件。
- 服务与托管基础设施可能在安全日志中处理 IP 地址、请求时间和常规网络元数据,用于防滥用、速率限制、故障排查和安全保护。
- 用于确认请求来自正版 App 的 Apple App Attest 相关验证数据。
Apple 账户与购买
- 当你使用“通过 Apple 登录”时,我们处理 Apple 提供的不可读账户标识及登录验证信息。Inking 目前不通过此流程请求你的姓名或电子邮箱。
- 购买由 Apple 处理。我们会处理产品标识、交易标识、购买与订阅状态、到账墨水和相关时间,以完成交付、恢复购买、防止重复入账并保留必要的交易记录。我们不会收到完整的支付卡信息。
你主动联系我们时
我们会处理你的邮件地址、日记编号、问题描述以及你主动提供的附件,用于回应支持或隐私请求。请勿发送 API 密钥、完整 Apple 登录令牌或支付凭据。
3. 我们为何处理这些信息
- 识别输入、生成回信并维持日记对话的连续性;
- 创建、同步、恢复和保护你的日记账户;
- 交付墨水、同步订阅状态、恢复购买并处理交易争议;
- 监测性能、排查故障、防止欺诈和滥用并保障服务安全;
- 回应支持、删除、访问或其他隐私请求;
- 履行法律义务并维护我们的合法权益。
4. 信息如何被共享和处理
我们仅在提供或保护服务所需的范围内与以下服务处理者共享信息:
- AI 服务提供商:根据服务区域和运行配置,识别后的日记文字及有限上下文可能由 DeepSeek 或经 OpenRouter 提供的模型处理,以生成回信。
- Apple:用于登录验证、App Attest、App Store 交易、订阅管理与退款流程。
- 基础设施提供商:数据库、计算、日志、域名与内容分发服务,包括用于不同服务区域的 Vercel、Cloudflare 和阿里云相关基础设施。
- 法律与安全:若法律要求,或为保护用户、公众、服务和开发者的权利与安全,我们可能披露必要信息。
我们不会出售或出租个人数据,不会将日记内容用于第三方广告,也不会进行跨 App 或跨网站广告追踪。
本法律与支持网站不运行 JavaScript,不设置分析或广告 Cookie。网站托管服务仍可能为交付和安全目的生成标准网络日志。
5. 存储、跨境与保留
数据可能根据你所使用的服务区域,在中国大陆或其他地区的基础设施中处理。服务提供商所在地可能与你所在地区不同;我们会采取适用于服务的合同、访问控制和传输保护措施。
我们不会对所有数据采用同一个固定保留期限。日记和账户数据通常会在提供连续记忆、维护账户或直至有效删除请求所需的期间保留;安全日志、支持记录及交易账本会在防欺诈、争议处理、会计或法律要求所需的期间保留。备份中的数据可能在正常轮换周期后才被清除。
6. 删除与其他选择
- 已登录账户:可在 Inking 的“设置 → Apple 账户 → 删除账户”中发起删除。删除不可恢复。
- 存在订阅或购买记录:请先在 Apple 账户中管理或取消有效订阅。若购买历史导致自动删除暂时无法完成,请通过支持邮箱联系我们;为防欺诈、交易核对、争议处理或法律义务所必需的记录可能继续保留。
- 匿名日记:你可以删除 App 来移除设备端内容;如需处理服务端日记,请联系我们,并提供 App 设置中显示的日记编号以及足以定位请求的非敏感信息。
- 隐私权利:根据你所在地法律,你可能有权请求访问、更正、删除、限制处理、导出或反对某些处理。我们可能需要验证请求人与相关日记的关系。
完整步骤见账户与数据删除说明。
7. 安全
我们使用 HTTPS 传输、访问控制、设备端 Keychain、App Attest 以及适当的服务端安全措施保护信息。部分敏感服务端字段可使用加密存储;但 Inking 不是端到端加密服务,我们也无法保证任何系统绝对安全。请勿在日记中写入密码、银行卡完整号码或其他不必要的高敏感凭据。
8. 儿童隐私
Inking 不面向未达到当地可独立同意数字服务年龄的儿童。若你认为儿童在未经适当同意的情况下向我们提供了信息,请联系我们,我们会评估并采取适当措施。
9. 本政策的更新
当产品、处理方式或法律要求发生变化时,我们可能更新本政策。重大变化会通过 App 内提示或其他适当方式告知,并在本页更新生效日期。
10. 联系我们
隐私、数据或账户删除请求:1150001740@qq.com。请在主题中注明“Inking 隐私请求”。
1. Scope and operator
This Policy applies to the Inking iOS/iPadOS app, its related backend services, and this legal and support website. “We” means the independent developer operating Inking under the Yansoul name. For privacy questions, email 1150001740@qq.com.
2. Information we process
Content you write and create
- Diary text and replies: handwriting recognition happens on your device. To generate a reply, recognized text, limited recent conversation context, and necessary language and layout hints are sent to our service.
- Memory and persona settings: to keep later replies coherent, we may store diary text, replies, your selected persona settings, and summaries, memories, or preferences derived from that content.
- Raw handwriting: raw handwriting images, stroke coordinates, and handwriting paths remain on the device and are not uploaded as diary content. The service may receive content-free aggregate metrics such as stroke count, point count, and writing duration for reliability and experience analysis.
Device, account, and diagnostic information
- Random installation or device identifiers, diary codes, session identifiers, and technical credentials used for authentication.
- App version, operating system version, device model, time zone, request status, latency, errors, and limited interaction events.
- Our service and hosting infrastructure may process IP addresses, request times, and standard network metadata in security logs for abuse prevention, rate limiting, troubleshooting, and service security.
- Apple App Attest verification data used to confirm that requests come from a genuine instance of the app.
Apple account and purchases
- When you use Sign in with Apple, we process the opaque account identifier and authentication information supplied by Apple. Inking currently does not request your name or email through this flow.
- Purchases are processed by Apple. We process product and transaction identifiers, purchase and subscription status, delivered ink, and related timestamps to fulfill purchases, restore access, prevent duplicate credit, and maintain necessary transaction records. We do not receive your full payment-card details.
When you contact us
We process your email address, diary code, problem description, and any attachments you choose to provide so we can answer support or privacy requests. Do not send API keys, full Apple authentication tokens, or payment credentials.
3. Why we process information
- Recognize input, generate replies, and maintain conversational continuity;
- Create, synchronize, restore, and protect your diary account;
- Deliver ink, synchronize subscriptions, restore purchases, and handle transaction disputes;
- Measure reliability, troubleshoot errors, prevent fraud or abuse, and secure the service;
- Respond to support, deletion, access, and other privacy requests; and
- Meet legal obligations and protect legitimate rights.
4. How information is shared and processed
We share information only as needed to provide or protect the service with these processors:
- AI providers: depending on service region and runtime configuration, recognized diary text and limited context may be processed by DeepSeek or by models made available through OpenRouter to generate a reply.
- Apple: for authentication, App Attest, App Store transactions, subscription management, and refund processes.
- Infrastructure providers: database, compute, logging, domain, and content-delivery services, including Vercel, Cloudflare, and Alibaba Cloud infrastructure used for different service regions.
- Legal and safety disclosures: where required by law, or when necessary to protect users, the public, the service, or the developer’s rights and safety.
We do not sell or rent personal data, use diary content for third-party advertising, or engage in cross-app or cross-site advertising tracking.
This legal and support website runs no JavaScript and sets no analytics or advertising cookies. Its hosting provider may still generate standard network logs for delivery and security.
5. Storage, international processing, and retention
Depending on the service region you use, information may be processed on infrastructure in mainland China or other locations. A provider’s location may differ from yours; we use access controls, transfer protections, and contractual safeguards appropriate to the service.
We do not apply one fixed retention period to every data category. Diary and account data is generally retained while needed to provide continuous memory, maintain the account, or until a valid deletion request is completed. Security logs, support records, and transaction ledgers may be retained as needed for fraud prevention, dispute handling, accounting, or legal obligations. Data in backups may remain until the normal backup rotation completes.
6. Deletion and your choices
- Signed-in accounts: start deletion in Inking under “Settings → Apple Account → Delete Account.” Deletion cannot be undone.
- Subscriptions or purchase records: first manage or cancel any active subscription in your Apple account. If purchase history prevents automated deletion from completing, contact our support email. Records required for fraud prevention, transaction reconciliation, disputes, or legal obligations may be retained.
- Anonymous diaries: deleting the app removes on-device content. To request deletion of server-side diary data, contact us with the diary code shown in the app’s settings and enough non-sensitive information to locate the request.
- Privacy rights: depending on local law, you may request access, correction, deletion, restriction, portability, or objection to certain processing. We may need to verify your relationship to the relevant diary.
See Account and Data Deletion for complete steps.
7. Security
We use HTTPS in transit, access controls, the on-device Keychain, App Attest, and appropriate server-side safeguards. Certain sensitive server-side fields may be encrypted at rest. Inking is not an end-to-end encrypted service, and no system can be guaranteed completely secure. Do not put passwords, full payment-card numbers, or unnecessary highly sensitive credentials in your diary.
8. Children’s privacy
Inking is not directed to children below the age at which they may independently consent to a digital service in their location. If you believe a child provided information without appropriate consent, contact us so we can assess and take appropriate action.
9. Changes to this Policy
We may update this Policy when the product, processing practices, or legal requirements change. We will provide an in-app notice or another appropriate notice for material changes and update the effective date on this page.
10. Contact
For privacy, data, or account-deletion requests, email 1150001740@qq.com with “Inking Privacy Request” in the subject line.