PRIVACY · 隐私
隐私政策
Privacy Policy
本政策说明 Zaelume(造境)如何处理你在账户登录与 AI 商品视觉创作过程中提供的数据。生效日期:2026 年 7 月 16 日。
中文
1. 我们收集哪些信息
当你使用 Zaelume 时,我们可能处理以下信息:
- 账户信息:用户名、邮箱地址、加密后的密码、登录会话、邀请码使用记录及账户点数。
- Google 登录信息:如果你选择 Google 登录,我们仅接收建立账户所需的 Google 用户标识、已验证邮箱和显示名称。我们不会读取你的 Gmail、Google Drive、通讯录或日历。
- 创作内容:你上传的商品图片、填写的创作要求、生成任务参数、AI 生成结果及相关文件元数据。
- 运行与安全信息:必要的请求时间、浏览器及设备信息、IP 地址、安全事件和错误日志,用于保障服务、防止滥用和排查故障。
2. 我们如何使用信息
我们仅将信息用于提供和改进你请求的服务,包括创建和保护账户、验证登录、执行商品图生成、管理点数、保存和交付作品、发送验证码及额度等交易性通知、提供客户支持,以及维护系统安全与合规。
Google 用户数据:仅用于账户注册、身份验证和登录。我们不会出售 Google 用户数据,不会将其用于广告,也不会访问登录所需基本身份信息之外的 Google 产品数据。
3. 信息存储与共享
账户和任务元数据保存在受控数据库中;上传原图与生成结果保存在私有对象存储中。为完成服务,我们可能向承担必要处理工作的服务提供商传输有限数据,例如 Google(身份验证)、Resend(交易邮件)、Cloudflare(网络与私有文件存储)以及 AI 图像生成服务提供商。这些提供商仅在履行其服务所需范围内处理数据。
除提供服务、遵守法律要求、保护用户或平台安全,或在取得你的明确同意外,我们不会向其他第三方出售、出租或披露你的个人信息。
4. 保存期限与删除
我们在提供服务、维护账户、安全审计及履行法律义务所需期间保存数据。用户删除的作品可能进入最长 7 天的回收期,之后安排永久删除;备份和安全日志可能在受限周期内继续保留。你可以通过 [email protected] 申请访问、更正或删除账户及相关个人信息。
5. 安全措施
我们采用 HTTPS 传输、密码哈希、服务端访问控制、私有文件存储、短时下载授权、最小权限密钥和操作日志等措施。互联网服务无法保证绝对安全;如发现疑似安全问题,请及时联系我们。
6. Cookie 与会话
我们使用必要的 Cookie 保存登录会话并防止跨站请求攻击。这些 Cookie 是账户登录和安全运行所必需的,不用于跨站广告追踪。
7. 跨境处理、未成年人和政策更新
服务提供商可能在你所在国家或地区之外处理数据,我们会采取合理措施保护相关信息。Zaelume 不面向未满 18 周岁的儿童主动提供服务。我们可能因功能或法律变化更新本政策,并在本页面标注新的生效日期;重大变化会通过合理方式通知。
8. 联系我们
对本政策、Google 登录数据或数据权利有任何问题,请发送邮件至 [email protected]。
English
1. Information we collect
We may process account details, including your username, email address, hashed password, session records, invitation usage and credit balance; the product images and instructions you submit; generated outputs and task metadata; and limited device, IP, security and error-log data required to operate and protect the service.
If you choose Google Sign-In, we receive only the Google user identifier, verified email address and display name required to create or access your account. We do not access Gmail, Google Drive, contacts or calendar data.
2. How we use information
We use information to provide authentication, AI product-visual generation, credit accounting, private file delivery, transactional emails, customer support, abuse prevention, security and service improvement. Google user data is used only for registration and authentication. We do not sell it, use it for advertising or access Google product data beyond the basic identity data required for sign-in.
3. Storage and disclosure
Account and task metadata is stored in controlled databases, while uploaded and generated images are kept in private object storage. Limited data may be processed by vendors that help us deliver the service, including Google for authentication, Resend for transactional email, Cloudflare for network and private file infrastructure, and AI image-generation providers. They receive data only as needed to perform those services.
We do not sell or rent personal information. We disclose it only to provide the requested service, comply with law, protect users or the platform, or with your consent.
4. Retention, deletion and security
We retain information for as long as necessary to provide the service, secure accounts and meet legal obligations. Deleted works may remain in a recycle period of up to seven days before scheduled permanent deletion; restricted backups and security logs may remain for a limited period. We use HTTPS, password hashing, access controls, private storage and time-limited file access. No internet service can guarantee absolute security.
5. Cookies, international processing and children
Essential cookies maintain your session and protect against cross-site request attacks; they are not used for cross-site advertising. Vendors may process data outside your country, subject to reasonable safeguards. Zaelume is not directed to children under 18.
6. Your choices and contact
You may request access, correction or deletion of your account data, or ask about Google Sign-In data, by emailing [email protected]. We may update this policy as the service or law changes and will post the new effective date here.