Welcome to Xiaoya (the "App"). We take your privacy seriously and are committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the rights you have over it.
Please read this policy carefully before using the App. By continuing to use the App, you agree to the practices described here.
1. Information We Collect
We collect only the minimum information necessary to provide the service:
•Account Information: When you sign in with Apple, Apple provides an anonymous user identifier and, optionally, an email address (you may use the Hide My Email feature). We do not collect your real name unless you provide it.
•Chat Content: Your conversations with Xiaoya are stored in a local database on your device and are not automatically synced to the cloud. To generate AI replies, messages are sent to an AI service over an encrypted connection. We cannot control the data-retention practices of third-party AI providers, so please exercise caution when sharing highly sensitive information.
•Local Notification Data: Reminders you set (e.g., Xiaoya's proactive check-ins) are stored only on your device and are never uploaded to our servers.
•App Preferences: Interface preferences such as dark mode and theme selection are stored locally in AsyncStorage on your device.
2. How We Use Your Information
We use your information solely for the following purposes:
•To provide the AI conversation service and generate personalized companion replies
•To perform local vector search over your conversation history to improve continuity and memory
•To schedule local notifications for greetings and check-ins at times you permit
•To authenticate your account and manage your session
We do not sell, rent, or share your personal information with any third party for commercial marketing purposes.
3. Data Storage & Security
•Local Storage: Chat history and vector data are stored in a SQLite database on your device. They are never automatically uploaded or synced to the cloud.
•Account Data: Account information is securely hosted by Supabase, a SOC 2 Type II-compliant cloud provider, with geographic data isolation.
•Transmission Security: All communications with our servers use TLS encryption to protect data in transit.
•AI Processing: Conversation content is forwarded via OpenRouter to an AI model to generate replies. We transmit only the necessary recent turns. Third-party AI providers' data-handling practices are governed by their own privacy policies and are beyond our control.
4. Your Rights & Choices
You have full control over your data:
•Access & Export: Go to Settings → Privacy → Export Chat History to export all your conversations as a text file at any time.
•Delete Local Data: Go to Settings → Privacy → Clear Chat History to permanently erase all local conversations. This action cannot be undone.
•Delete Account: Go to Settings → Account → More → Delete Account to permanently delete your account and all associated data.
•Notification Permissions: You can disable push notifications at any time in iOS Settings → Xiaoya.
5. Children's Privacy
The App is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will delete it immediately.
6. California Privacy Rights (CCPA)
California residents have the right to know what personal information is collected, the right to delete personal information, and the right to opt out of the sale of personal information.
We do not sell or share your personal information as defined under the California Consumer Privacy Act (CCPA). To exercise your rights, please contact us using the information below.
7. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through an in-app notice or email in advance. The updated policy takes effect upon publication. We encourage you to review this page periodically.
8. Contact Us
If you have any questions, comments, or requests regarding this Privacy Policy, please contact us:
欢迎使用晓雅(以下简称「本应用」)。我们深知您的隐私对您的重要性,并致力于保护您的个人信息安全。本隐私政策说明了我们收集哪些数据、如何使用这些数据,以及您拥有的权利。
请在使用本应用前仔细阅读本政策。继续使用即表示您同意本政策所述内容。
1. 我们收集的信息
我们仅收集提供服务所必需的最少量信息:
•账号信息:通过「使用 Apple 登录」时,Apple 会提供您的匿名用户标识符及可选的电子邮件地址(可使用隐藏邮件功能)。我们不会收集您的真实姓名,除非您主动提供。
•聊天内容:您与晓雅的对话内容存储在您设备本地的数据库中,不会自动同步到云端。为了生成 AI 回复,每条消息会通过加密通道发送至 AI 服务进行处理;第三方 AI 服务商的数据保留策略不在我们的控制范围内,建议您在发送高度敏感信息时保持谨慎。
•本地通知数据:您设置的提醒事项仅存储在本设备上,不会上传至服务器。
•应用偏好设置:深色模式、主题选择等界面偏好仅存储在本设备的 AsyncStorage 中。
2. 信息的使用方式
我们使用您的信息仅用于以下目的:
•提供 AI 对话服务,生成个性化的情感陪伴回复
•基于本地对话历史的向量检索,提升对话的连贯性与记忆感
•调度本地通知,在您允许的时间发送问候与关怀
•账号身份验证与会话管理
我们不会将您的个人信息出售、租借或共享给任何第三方用于商业营销目的。
3. 数据存储与安全
•本地存储:聊天记录与向量数据存储在您设备的 SQLite 数据库中,不会自动上传或同步到云端。
•账号数据:账号信息由 Supabase(SOC 2 Type II 合规标准云服务商)安全托管,数据存储于受地理隔离保护的服务器。
•传输安全:所有与服务器的通信均使用 TLS 加密协议,确保数据在传输过程中的安全性。
•AI 处理:对话内容经由 OpenRouter 转发至 AI 模型生成回复,我们仅传输必要的历史轮次。第三方 AI 服务商的数据处理方式受其自身隐私政策约束,超出我们的控制范围。
4. 您的权利与选择
您对自己的数据拥有完全的控制权:
•查看与导出:在「设置 → 隐私与私密 → 导出聊天记录」中,您可以随时将全部对话记录导出为文本文件。
•清空本地数据:在「设置 → 隐私与私密 → 清空聊天记录」中,您可以一键删除本设备上的所有聊天记录,此操作不可恢复。
•注销账号:在「设置 → 账号与权益 → 更多 → 注销账号」中,您可以永久删除您的账号及所有关联数据。
•通知权限:您可以随时在 iOS「设置 → 晓雅」中关闭推送通知权限。
5. 儿童隐私保护
本应用不面向 13 周岁以下的儿童。我们不会主动收集未成年人的个人信息。如果您认为我们无意中收集了未成年人的信息,请通过下方联系方式告知我们,我们将立即予以删除。
6. 政策变更
我们可能会不时更新本隐私政策。重大变更发生时,我们将通过应用内通知或邮件提前告知您。更新后的政策在发布后即时生效。建议您定期查阅本页面了解最新内容。
7. 联系我们
如您对本隐私政策有任何疑问、意见或请求,请通过以下方式联系我们: