隐私政策
生效日期:2026年4月21日 · 符合 GDPR、CCPA/CPRA、PIPL
本政策说明 AIRR(以下简称"我们")如何收集、使用、存储、共享和保护您在使用 airrapp.cn(以下简称"本服务")时的个人信息。
核心承诺: 我们不会将您提交的任何答案或自然语言文本用于训练 AI 模型、不会出售您的数据、不会用于广告定向。
1. 我们收集哪些信息
1.1 您主动提交的信息
- 登录与账户信息:当您使用 QQ / 微信登录时,我们通过腾讯 QQ 互联开放平台 / 微信开放平台获取并保存您的第三方账号唯一标识(openid / unionid)、昵称与头像,用于创建与识别您的账户
- 邮箱:您为接收订单确认、生成结果或客服回复而提供的电子邮箱
- 问卷答案:AI 同行书答题流中的选择与自然语言补充
- 基础信息:您主动填写的身份、职业、工作状态、工具使用情况等信息
- 支付信息:由微信支付、支付宝、Gumroad 或其他支付服务商在结账时处理;我们仅接收订单号、金额、支付状态等必要记录
1.2 自动收集的信息
- 技术日志:IP 地址(经 Cloudflare 处理后仅保留区域级)、User-Agent、访问时间戳、访问路径
- 本地存储:您的草稿与报告缓存(存在您浏览器 localStorage 中,不上传)
- Cookie:见下文 §5
1.3 我们不收集的信息
我们不收集您的信用卡号、姓名、身份证、位置、通讯录、人脸/声纹或任何生物识别数据。
1.4 敏感个人信息与单独同意
敏感个人信息单独告知与同意:问卷中涉及的税前收入、房贷比例、家庭情况、可支撑时长、深夜心事等,属《个人信息保护法》定义的敏感个人信息(财产信息及可能反映心理状态的信息)。我们仅在生成本次《AI 同行书》所必需的范围内处理。默认情况下,答题内容仅用于本次生成;仅当您登录并完成生成后,我们会保存一份用于跨设备「重新生成」的答题与校准信息(已去除您输入时的原始草稿),仅供您本人重新生成使用,您可随时在「个人中心 → 历史记录」删除或注销清除。在答题涉及上述内容前,页面会请您单独勾选确认同意;您也可以拒绝填写该类问题,这不影响您使用其他功能,但可能影响生成结果的针对性。
2. 我们为什么收集(法律依据)
| 目的 | 数据 | GDPR 法律依据 |
|---|
| 账户登录与身份核验 | QQ/微信 openid·unionid、昵称、头像 | 合同履行 Art. 6(1)(b) / PIPL 告知同意 |
| 生成个性化 AI 数字内容 | 问卷答案 + 基础信息 | 合同履行 Art. 6(1)(b) |
| 发送订单确认/客服回复 | 邮箱 | 合同履行 Art. 6(1)(b) |
| 安全风控与反滥用 | IP、UA、访问日志 | 合法利益 Art. 6(1)(f) |
| 合规义务(税务/反欺诈) | 订单与 IP | 法律义务 Art. 6(1)(c) |
3. 子处理者 (Sub-processors)
我们使用以下服务商帮助提供本服务。签署 Data Processing Agreement 并限定其仅按我们的指令处理数据:
| 服务商 | 用途 | 位置 |
|---|
| Cloudflare, Inc. | CDN、DNS、边缘计算 (Workers/KV)、DDoS 防护 | US / 全球边缘 |
| 腾讯(QQ 互联开放平台 / 微信开放平台) | 第三方账号登录与身份核验 | 中国 |
| 微信支付 / 支付宝 | 国内支付处理、订单状态回调 | 中国 |
| Gumroad | 海外支付处理、收据、税务合规 | US / 海外 |
| DeepSeek(深度求索)官方接口 | 面向境内用户的 AI 推理生成 | 中国 |
| 境外大模型服务商(如 OpenAI、Anthropic 等) | 面向境外用户的 AI 推理生成 | 境外 |
您的问卷文本会以请求-响应的形式传入 AI 服务商用于本次内容生成。我们不会将您的答案用于训练任何 AI 模型。
模型与地区说明:面向境内用户,我们使用 DeepSeek 官方接口生成内容;面向境外用户,则使用相应的境外大模型服务商。相关生成式 AI 服务备案 / 算法备案事宜正在按规定办理与核实中。无论使用哪类模型,您的问卷文本仅用于本次内容生成,不用于训练。
4. 保留与删除
- 账户信息(第三方登录标识、昵称、头像):在您账户存续期间保留;为履行《网络安全法》等法定留存义务,相关用户注册与登录日志按法律法规要求留存。
- 问卷答案:默认仅用于即时生成报告。未登录时不在我们服务器持久化存储;登录并完成生成后,见下方「生成原料」条目。
- 生成的报告:默认在生成完成后 30 天内自动从我们服务器删除,您浏览器 localStorage 中的副本由您自行控制;若您在报告页主动点击「保存到账户」,该报告将作为历史记录长期保留,直至您在「个人中心 → 历史记录」中删除或注销账户,保存份数不限。
- AI 同行书正文:当您处于登录状态并完成生成时,我们会将AI 生成的同行书正文自动同步至您的账户,以便您在不同设备的历史记录中重新查看;该正文长期保留,直至您在「个人中心 → 历史记录」中删除或注销账户。未登录时仅保存在本设备浏览器 localStorage 中,不上传。
- 生成原料(答题与校准信息):当您处于登录状态并完成生成时,我们会随正文一并保存一份用于跨设备「重新生成」的答题与校准信息(含您的问卷选择/补充与中场方向校准,已去除您输入时的原始草稿),仅供您本人在任意设备重新生成使用;长期保留,直至您在「个人中心 → 历史记录」中删除或注销账户(注销时同步删除)。未登录时仅保存在本设备浏览器 localStorage 中,不上传。
- 订单记录(含邮箱):基于税务/反欺诈义务保留 7 年。
- 技术日志:Cloudflare 侧保留 ≤ 30 天(依法配合监管所需的日志按法律法规要求留存)。
您可随时发邮件至 support@airrapp.com 请求提前删除。
5. Cookie & 类似技术
本站不使用第三方广告/追踪 Cookie。仅使用:
- 严格必要的本地存储(localStorage)保存草稿、报告缓存、语言偏好、支付会话引用;不属于 EU Cookie 法严格意义的 Cookie,无需同意横幅。
- Cloudflare __cf_bm Cookie:由 Cloudflare 用于机器人风控,有效期约 30 分钟。
6. 您的权利
EU / 英国 / 加州居民及其他法域用户在适用法律下享有以下权利:
- 访问 (Right to access):获取我们持有的您的数据副本
- 更正 (Right to rectification)
- 删除 / 被遗忘 (Right to erasure)
- 限制处理 (Right to restrict processing)
- 数据可携 (Right to data portability)
- 反对自动化决策 (Right to object to automated decisions)
- 加州居民:拒绝"出售/共享"(我们不出售,但您仍可明示拒绝)
行权方式:发邮件到 support@airrapp.com,30 天内回复。我们不会因您行权而歧视您。
7. 未成年人
本服务不面向 14 周岁以下未成年人;不满 18 周岁的未成年人请在监护人同意下使用。面向欧盟用户,我们同样不面向 16 岁以下用户。若您发现未达上述年龄的未成年人向我们提交了数据,请立即联系我们删除。
8. 跨境数据传输
由于使用 Cloudflare 边缘网络与境外 AI 服务商,您的部分数据可能被传输到您所在国家/地区以外处理。我们通过以下机制确保合规:
- 与子处理者签署欧盟标准合同条款 (SCCs)
- 数据最小化(仅传输为本次报告所需的内容)
- 传输全程 TLS 加密
9. 数据安全
我们采取行业标准的安全措施:全站 HTTPS、TLS 1.3、Cloudflare DDoS 防护、JWT 签名令牌、敏感密钥通过 Cloudflare Workers Secrets 管理(开发者不可见)。尽管如此,互联网传输无法保证 100% 安全,请您妥善保管设备与支付邮箱。
10. 数据泄露通知
若发生影响您权利的数据泄露,我们将在知悉后 72 小时内通过注册邮箱通知您,并向相关监管机构报告。
11. 本政策的变更
我们可能不时更新本政策。重大变更将在首页公告并更新本页"生效日期"。
12. 联系我们 / DPO
数据保护相关事宜:support@airrapp.com(也作为数据保护联系点 DPO 邮箱)
公司主体与联系地址以 公司主体信息 页面和备案信息为准。
Privacy Policy
Effective date: April 21, 2026 · GDPR · CCPA/CPRA · PIPL compliant
This policy describes how AIRR ("we", "us") collects, uses, stores, shares, and protects your personal information when you use airrapp.cn (the "Service").
Core commitments: We do not use your submitted answers or free-form text to train AI models. We do not sell your data. We do not use it for ad targeting.
1. What we collect
1.1 Information you actively provide
- Login & account info: when you sign in with QQ or WeChat, we obtain and store your third-party account identifier (openid / unionid), nickname, and avatar via Tencent QQ Connect / WeChat Open Platform to create and recognize your account
- Email: the email address you provide to receive order confirmations, generated results, or support replies
- Questionnaire answers: choices and free-form text submitted in the AI Companion Letter flow
- Basic info: identity, role, work context, AI-tool usage, and other information you voluntarily provide
- Payment info: handled by WeChat Pay, Alipay, Gumroad, or other payment providers; we receive only necessary order records such as order ID, amount, and payment status
1.2 Automatically collected
- Technical logs: IP (region-level via Cloudflare), User-Agent, timestamp, access path
- Local storage: draft & report cache (stored in your browser localStorage — not uploaded)
- Cookies: see §5 below
1.3 What we do NOT collect
We do not collect your credit-card number, legal name, ID, location, contacts, face/voice, or any biometric data.
1.4 Sensitive personal information & separate consent
Separate notice and consent for sensitive personal information: Questions involving pre-tax income, mortgage ratio, family situation, runway, and late-night worries are sensitive personal information under China's PIPL (financial information and information that may reflect mental state). We process it only as necessary to generate your current AI Companion Letter. By default answers are used for this generation only; only after you sign in and a generation completes do we store a copy of your answers and calibration used for cross-device regeneration (with your raw input drafts removed), for your own regeneration use only, deletable any time under Personal Center → History or by closing your account. Before such questions, the page asks you to tick a separate consent. You may decline these questions; this does not affect other features but may reduce how tailored the result is.
2. Why we collect (legal basis)
| Purpose | Data | GDPR basis |
|---|
| Account login & identity verification | QQ/WeChat openid·unionid, nickname, avatar | Contract, Art. 6(1)(b) / PIPL consent |
| Generate personalized AI digital content | Answers + basic info | Contract, Art. 6(1)(b) |
| Send order/receipt/support emails | Email | Contract, Art. 6(1)(b) |
| Security / anti-abuse | IP, UA, logs | Legitimate interest, Art. 6(1)(f) |
| Legal obligation (tax, anti-fraud) | Orders + IP | Legal obligation, Art. 6(1)(c) |
3. Sub-processors
We rely on the following vendors under signed Data Processing Agreements, restricted to processing data only on our instructions:
| Vendor | Purpose | Location |
|---|
| Cloudflare, Inc. | CDN, DNS, edge compute (Workers/KV), DDoS | US / global edge |
| Tencent (QQ Connect / WeChat Open Platform) | Third-party account login & identity verification | China |
| WeChat Pay / Alipay | Mainland China payment processing and order-status callbacks | China |
| Gumroad | Overseas payment processing, receipts, tax compliance | US / overseas |
| DeepSeek official API | AI inference for users in mainland China | China |
| Overseas model providers (e.g. OpenAI, Anthropic) | AI inference for overseas users | Overseas |
Your questionnaire text is transmitted to AI service providers in request-response form for the current generation only. We do not use your answers to train any AI model.
Models & regions: For users in mainland China we generate content via DeepSeek's official API; for overseas users we use the corresponding overseas model providers. The related generative-AI service filing / algorithm filing is being processed and verified. Regardless of which model is used, your questionnaire text is used for the current generation only and never for training.
4. Retention & deletion
- Account info (third-party login ID, nickname, avatar): retained while your account is active; user registration and login logs are retained as required by the PRC Cybersecurity Law and other applicable regulations.
- Questionnaire answers: by default used only to generate your report on the fly. Not persisted on our servers when you are not signed in; when you sign in and a generation completes, see the "Generation inputs" item below.
- Generated reports: by default automatically deleted from our servers within 30 days after generation, with the copy in your browser localStorage under your control. If you explicitly click "Save to account" on the report page, that report is retained as history until you delete it under Personal Center → History, or close your account, with no limit on the number saved.
- AI companion letter text: when you are signed in and a generation completes, we automatically sync the AI-generated letter text to your account so you can re-read it from your history on any device; this text is retained until you delete it under Personal Center → History, or close your account. When not signed in, it stays only in this device's browser localStorage and is not uploaded.
- Generation inputs (answers & calibration): when you are signed in and a generation completes, we store alongside the letter a copy of the answers and calibration used for cross-device regeneration (your questionnaire choices/notes and mid-point direction calibration, with your raw input drafts removed), used only for your own regeneration on any device; retained until you delete it under Personal Center → History, or close your account (deleted when you close your account). When not signed in, it stays only in this device's browser localStorage and is not uploaded.
- Order records (incl. email): retained 7 years for tax/anti-fraud obligations.
- Technical logs: ≤ 30 days at Cloudflare (logs required for lawful regulatory cooperation are retained per applicable law).
Email support@airrapp.com any time to request earlier deletion.
5. Cookies & similar tech
We use no third-party advertising or tracking cookies. Only:
- Strictly necessary localStorage for draft, report cache, language preference, and payment session reference — not cookies under EU law; no banner required.
- Cloudflare __cf_bm cookie: ~30 min, bot-management only.
6. Your rights
Depending on your jurisdiction (EEA/UK/California/others), you have rights to:
- Access a copy of your data
- Rectify inaccuracies
- Erase / be forgotten
- Restrict processing
- Data portability
- Object to automated decisions
- California: opt out of "sale/sharing" (we never sell, but you may confirm explicitly)
To exercise: email support@airrapp.com. We reply within 30 days and will not discriminate against you for exercising a right.
7. Children
The Service is not directed at minors under 14 (per China's PIPL); minors under 18 should use it with guardian consent. For EU users, the Service is also not directed at users under 16. If you believe a minor below these ages submitted data, contact us to delete immediately.
8. International data transfers
Because we rely on Cloudflare's global edge and overseas AI vendors, your data may be processed outside your country. We ensure compliance via:
- EU Standard Contractual Clauses (SCCs) with sub-processors;
- Data minimization (only what is necessary for this generation);
- TLS encryption end-to-end in transit.
9. Security
We use HTTPS everywhere, TLS 1.3, Cloudflare DDoS, JWT signed tokens, and Cloudflare Workers Secrets for key management (invisible to developers). Still, no Internet transmission is 100% secure — please protect your device and payment email.
10. Breach notification
Upon becoming aware of a breach affecting your rights, we will notify you through your registered email and report to regulators within 72 hours.
11. Changes to this policy
We may update this policy occasionally. Material changes will be posted on the homepage and the "Effective date" above will be updated.
12. Contact / DPO
Data-protection matters: support@airrapp.com (also serves as DPO contact).
Company information and address are listed on the Company Information page and official filing records where applicable.