隐私政策

生效日期:2026年5月1日

本《隐私政策》("政策")适用于春水Live("我们"、"本平台")对您个人信息的处理活动。本政策不涵盖用户在平台上创建的内容中所包含的个人信息——该等内容由创作者本人作为控制者承担相应义务。

如果您在使用本平台前对本政策有任何疑问或异议,请勿注册或使用本平台。如已注册并继续使用,视为您理解并同意本政策。

如需联系,请发送邮件至 [email protected]

1. 我们如何收集您的信息

我们通过以下方式收集您的个人信息:

  • 您主动提供:注册账号时填写的邮箱、用户名、密码(加密存储)、头像;在创作工具中创建的角色卡、Braindance、Preset;与 AI 角色的对话内容;提交客服工单或举报时提供的信息。
  • 自动收集:当您访问本平台时,我们通过 Cookie、本地存储、日志等技术自动收集您的登录状态、显示偏好、IP 地址、设备信息、浏览行为、错误日志等。
  • 第三方传输:当您通过 Google、Telegram 等第三方账号登录时,我们会接收对方平台向我们传输的基本身份信息(如邮箱、昵称、头像)。

2. 我们收集的信息及处理目的

下表说明我们收集的个人信息类别、处理目的、法律依据(GDPR)以及保留期限:

信息类别处理目的法律依据保留期限
账号信息(邮箱、用户名、密码哈希、头像、登录设备/IP)提供注册、登录、账号管理履行合同账号有效期内;注销后 30 天硬删除
用户创作(角色卡、Braindance、Preset、评论、论坛帖)提供创作、发布、社交功能履行合同账号有效期内;公开内容注销后保留(已生效的许可)
对话历史提供 AI 对话、上下文记忆、历史回顾履行合同账号有效期内;注销后 30 天硬删除
支付信息(订单号、金额、时间;卡号由第三方支付商处理,本平台不存储处理充值/订阅,开具发票履行合同 + 法律义务(税务/反洗钱)法律要求期限(一般 5 年)
Cookie 与行为埋点维持登录态、个性化、产品改进、错误诊断合法利益默认 12 个月;可在浏览器设置中清除
客服工单 / 举报内容处理客户支持与社区治理合法利益 + 法律义务工单关闭后 12 个月
安全日志(反欺诈、反垃圾)保护服务和用户安全合法利益 + 法律义务12 个月

敏感信息:请勿向本平台提交政府证件号码(如身份证、护照、社保号)、完整银行卡号、医疗记录等敏感个人信息。如您在创作内容或对话中提交此类信息,我们不对其特别处理,您应自行承担相应风险。

非个人信息:经匿名化或聚合处理后无法识别个人身份的统计数据(如平台总访问量、模型调用分布等),不再视为个人信息,我们可不受本政策限制地使用。

3. 我们如何共享您的信息

我们不会向任何第三方出售您的个人信息。我们仅在以下情形与第三方共享:

  • AI 模型供应商:为提供 AI 对话功能,您的对话内容会传输至所选的模型供应商进行推理。当前合作的供应商包括 OpenAI(GPT 系列)、Anthropic(Claude 系列)、Google(Gemini、DALL·E)等。这些供应商均承诺不将您的对话用于训练其模型。
  • 支付服务商:处理充值与订阅的第三方支付通道(如易支付)。我们不向其传输与支付无关的个人信息。
  • 基础设施服务商:云主机、CDN(Cloudflare)、邮件投递(Resend)等技术服务商,仅在为提供服务所必需的范围内访问数据。
  • 法律要求:当法律法规、法院命令、行政机关要求时,我们会按法律要求范围披露相关信息。
  • 业务变更:若发生合并、收购或资产转让,您的信息可能作为业务资产的一部分被转移,受让方将继续受本政策约束。

4. 跨境数据传输

部分 AI 模型供应商及基础设施服务商位于中国境外(包括美国、欧盟)。当您的个人信息向境外传输时,我们将依据中华人民共和国《个人信息保护法》、欧盟《通用数据保护条例》(GDPR)的标准合同条款(SCCs)等机制提供适当保障。

5. 您的权利

5.1 适用于所有用户

  • 访问权:您可以查看您的账号信息、创作内容、对话记录。
  • 更正权:您可以随时在个人设置中更正不准确的信息。
  • 注销权:您可以在账号设置中申请注销账号。账号注销后 30 天内可恢复;超过 30 天后,您的账号信息和对话历史将被硬删除(法律保留义务除外)。

5.2 欧盟 / 英国居民(GDPR / UK GDPR)

除上述权利外,您还享有:

  • 数据可携带权:要求以结构化、常用且机器可读的格式获取您的数据。
  • 限制处理权:在特定情形下要求我们限制对您信息的处理。
  • 反对权:您可以反对基于合法利益的处理活动。
  • 撤回同意权:对于基于您同意的处理活动,您可以随时撤回同意,但不影响撤回前的合法性。
  • 向监管机构投诉权:您有权向所在国数据保护监管机构投诉。

如需行使上述权利,请发送邮件至 [email protected]

5.3 加州居民(CCPA / CPRA)

加州居民另享有:

  • 知情权:了解我们在过去 12 个月内收集、使用、共享、出售或分享的个人信息类别及其目的。
  • 删除权:要求删除我们收集的关于您的个人信息(受法律例外情形限制)。
  • 禁止出售或分享权(Do Not Sell or Share):本平台不出售也不向第三方分享您的个人信息用于跨上下文行为广告,您无需主动 opt-out。
  • 限制使用敏感个人信息权:您可要求我们将敏感个人信息的使用限制在提供服务所必需的范围内。
  • 非歧视权:行使上述权利不会导致您在价格或服务质量上受到歧视。

如需行使加州权利,请发送邮件至 [email protected],主题注明 "CCPA Request"。

6. 未成年人保护

本平台不面向未满 22 周岁的个人。如果您未满 22 周岁,请勿提交您的个人信息或注册账号。如果我们发现我们在未经监护人同意的情况下收集了未满 22 周岁个人的信息,我们将尽快删除该等信息。

监护人如发现被监护人未经同意使用本平台,请联系 [email protected] 申请删除。

7. 信息安全

我们采取业界通行的技术与管理措施保护您的个人信息:

  • 密码使用 Argon2id 算法加密存储;
  • 传输层采用 TLS 加密;
  • 数据库访问受权限分级控制,定期审计;
  • 关键操作记录审计日志。

尽管我们已采取上述措施,但请理解互联网传输不可能绝对安全。请妥善保管您的账号密码,不要与他人共享。

8. Cookie 使用

我们使用以下类别的 Cookie:

  • 必要 Cookie:用于维持您的登录会话、CSRF 防护、负载均衡等,不可关闭。
  • 功能 Cookie:保存您的显示偏好(语言、主题)。
  • 分析 Cookie:帮助我们了解产品使用情况,持续改进。

您可以通过浏览器设置管理或清除 Cookie。禁用必要 Cookie 可能导致本平台无法正常使用。

9. 政策变更

如本政策发生重大变更,我们将通过站内通知或邮件方式告知您。继续使用本平台即表示您接受变更后的政策。

10. 联系我们

如对本政策有任何疑问、投诉或建议,请联系:

春水Live 隐私团队
邮箱:[email protected]

Privacy Policy

Effective: May 1, 2026

This Privacy Policy ("Policy") applies to the processing of your personal information by 春水Live ("we", "us", "our"). This Policy does not cover personal information contained in user-generated content on the platform — that content is the responsibility of the creator as its respective controller.

If you have questions or objections to this Policy, please do not register or use the platform. Registration and continued use constitute your acknowledgment of and agreement to this Policy.

For inquiries, contact [email protected].

1. How We Collect Your Information

We collect personal information through the following channels:

  • You provide it directly: when you register an account (email, username, hashed password, avatar), when you create content (characters, Braindances, presets), when you chat with AI characters, and when you submit support tickets or reports.
  • Automated collection: when you visit the platform we automatically collect login state, display preferences, IP address, device information, browsing behavior, and error logs via cookies, local storage, and server logs.
  • Third-party sign-in: when you sign in via Google, Telegram, etc., we receive basic identity information (email, display name, avatar) from those providers.

2. What We Collect and Why

CategoryPurposeLawful basis (GDPR)Retention
Account data (email, username, password hash, avatar, device/IP)Provide registration, login, account managementContractLifetime of account; hard-deleted 30 days after closure
User-generated content (characters, Braindances, presets, comments, forum posts)Provide creation, publishing, social featuresContractLifetime of account; public content remains under the granted license after closure
Conversation historyProvide AI chat, context memory, history reviewContractLifetime of account; hard-deleted 30 days after closure
Payment data (order ID, amount, timestamp; card numbers are processed by third-party payment providers and not stored by us)Process top-ups / subscriptions, issue invoicesContract + Legal obligation (tax / AML)Statutory retention (typically 5 years)
Cookies and behavioral telemetryMaintain login session, personalization, product improvement, error diagnosisLegitimate interests12 months by default; clearable via browser settings
Support tickets / reportsCustomer support, community moderationLegitimate interests + Legal obligation12 months after ticket closure
Security logs (fraud / spam prevention)Protect service and user safetyLegitimate interests + Legal obligation12 months

Sensitive information: do not submit government identifiers (ID, passport, SSN), full bank card numbers, or medical records. If you include such data in your content or chats, we do not apply special handling and you bear the associated risk.

Non-personal information: anonymized or aggregated statistics that cannot identify you (e.g., total platform traffic, model usage distribution) are not treated as personal information and may be used freely.

3. How We Share Your Information

We do not sell your personal information. We share information with third parties only in the following cases:

  • AI model providers: to provide AI chat, your conversation content is transmitted to your selected model provider for inference. Current providers include OpenAI (GPT family), Anthropic (Claude family), Google (Gemini, DALL·E), and others. These providers contractually commit not to use your conversations to train their models.
  • Payment processors: third-party payment channels (e.g., epay) that process top-ups and subscriptions. We do not transmit payment-unrelated personal information to them.
  • Infrastructure providers: cloud hosting, CDN (Cloudflare), email delivery (Resend), etc., with access strictly limited to what is necessary to provide service.
  • Legal requirements: when required by law, court order, or government authority, we disclose information to the extent legally required.
  • Business transfers: in the event of a merger, acquisition, or asset transfer, your information may be transferred as part of the business assets and the recipient will continue to honor this Policy.

4. Cross-Border Data Transfers

Some AI model providers and infrastructure providers are located outside China (including the United States and the EU). When your personal information is transferred across borders, we provide appropriate safeguards under the PRC Personal Information Protection Law and Standard Contractual Clauses (SCCs) under the EU GDPR.

5. Your Rights

5.1 All Users

  • Access: view your account information, content, and conversation history.
  • Correction: correct inaccurate information in your account settings at any time.
  • Account closure: request account closure in account settings. After closure, you have 30 days to recover the account; after 30 days, your account information and conversation history are hard-deleted (except where legal retention applies).

5.2 EU / UK Residents (GDPR / UK GDPR)

In addition to the above, you have:

  • Data portability: request your data in a structured, commonly used, machine-readable format.
  • Restriction of processing: in specific circumstances, request that we restrict processing of your information.
  • Objection: object to processing based on legitimate interests.
  • Withdrawal of consent: withdraw consent at any time for processing based on consent, without affecting the lawfulness of processing before withdrawal.
  • Complaint to supervisory authority: complain to your local data protection authority.

To exercise these rights, email [email protected].

5.3 California Residents (CCPA / CPRA)

California residents additionally have:

  • Right to know: the categories of personal information we collected, used, shared, sold, or shared in the past 12 months and the purposes.
  • Right to delete: request deletion of the personal information we collected about you (subject to statutory exceptions).
  • Right to opt-out of sale or sharing: we do not sell or share your personal information for cross-context behavioral advertising; no opt-out action is required.
  • Right to limit use of sensitive personal information: request that we limit our use of sensitive personal information to what is necessary to provide service.
  • Right to non-discrimination: exercising these rights will not result in discrimination in price or service quality.

To exercise California rights, email [email protected] with subject "CCPA Request".

6. Children

The platform is not directed to individuals under 22 years of age. If you are under 22, do not submit your personal information or register. If we discover we have collected personal information from a person under 22 without parental consent, we will delete that information as soon as practicable.

Parents or guardians who believe their child is using the platform without consent may contact [email protected] to request deletion.

7. Information Security

We apply industry-standard technical and organizational measures to protect your personal information:

  • passwords stored using Argon2id;
  • TLS encryption in transit;
  • tiered access control over databases with periodic auditing;
  • audit logs for critical operations.

Despite these measures, no transmission over the internet is absolutely secure. Please safeguard your account credentials and do not share them.

8. Cookies

We use the following categories of cookies:

  • Strictly necessary: maintain your login session, CSRF protection, load balancing — cannot be disabled.
  • Functional: save your display preferences (language, theme).
  • Analytics: help us understand product usage and improve.

You may manage or clear cookies via your browser settings. Disabling strictly necessary cookies may prevent the platform from functioning.

9. Changes to This Policy

If we make material changes to this Policy, we will notify you via in-app notice or email. Continued use of the platform constitutes acceptance of the updated Policy.

10. Contact

For questions, complaints, or requests:

春水Live Privacy Team
Email: [email protected]