Calbank 隐私政策Calbank Privacy Policy

本隐私政策说明 宁波卡银智能科技有限公司（Ningbo Kayin Intelligent Tech Co.,Ltd.，以下简称“Calbank”“我们”）在你使用 Calbank 移动应用、相关 API 以及配套服务（统称“本服务”）时，如何收集、使用、存储和共享你的个人信息。This Privacy Policy describes how Ningbo Kayin Intelligent Tech Co.,Ltd. (宁波卡银智能科技有限公司, "Calbank", "we", "us", or "our") collects, uses, stores, and shares personal information when you use the Calbank mobile application, related APIs, and connected services (collectively, the "Service").

• 运营主体：宁波卡银智能科技有限公司；Legal entity: Ningbo Kayin Intelligent Tech Co.,Ltd.;
• 英文名称：Ningbo Kayin Intelligent Tech Co.,Ltd.；Chinese legal name: 宁波卡银智能科技有限公司;
• 隐私邮箱：info@calbanks.com；Privacy email: info@calbanks.com;
• 注册地址：浙江省宁波市镇海区骆驼街道福业街55号3-1-12-29室Registered address: 浙江省宁波市镇海区骆驼街道福业街55号3-1-12-29室

本隐私政策适用于：This Privacy Policy applies to:

• Calbank iOS 应用；the Calbank iOS application;
• Calbank 后端 API 与云服务；Calbank backend APIs and cloud services;
• 餐食图片存储与同步服务；meal image storage and synchronization services;
• 你主动开启的可选集成能力，例如 Apple 登录、推送通知、Apple Health / HealthKit。optional integrations that you choose to enable, such as Sign in with Apple, push notifications, and Apple Health / HealthKit.

对于 Apple、Supabase、AI 模型提供方等第三方独立提供的服务，其处理规则原则上由其各自隐私政策约束；但在“我们如何共享信息”一节列明的范围内，这些第三方也可能代表我们处理你的信息。It does not apply to third-party services that you access separately, including Apple, Supabase, or AI model providers, except as described in the section called "How We Share Information."

我们可能收集以下类别的信息。We collect the following categories of information.

3.1 账号与公开资料信息3.1 Account and profile information

当你创建或使用账号时，我们及我们的身份认证提供方可能会处理：When you create or use an account, we and our authentication providers may process:

• 账号标识符；your account identifier;
• 电子邮箱（取决于你使用的登录方式）；your email address, depending on the sign-in method you use;
• 显示名称或用户名；your display name or username;
• 头像图片及头像 URL；your avatar image and avatar URL;
• 来自身份提供方的账号元数据，例如你使用 Apple 登录并同意提供时的姓名信息。account metadata received from your identity provider, such as your name when you use Sign in with Apple and choose to share it.

在当前实现中，部分 profile 信息可能被视为公开资料，尤其是用户名和头像 URL。Some profile information may be public inside the Service. In the current implementation, usernames and avatar URLs are treated as public profile data.

3.2 健康、身体资料与目标信息3.2 Health, profile, and goal information

如果你主动提供，我们可能处理：If you choose to provide it, we may process:

• 出生日期或生日；date of birth or birthday;
• 年龄；age;
• 性别信息；sex or gender information;
• 身高、体重；height and weight;
• 目标体重；target weight;
• 活动水平；activity level;
• 每日热量目标；calorie goal;
• 估算的 BMR 和 TDEE；estimated BMR and TDEE;
• 目标类型，例如维持、减重或增重。goal information such as maintaining, losing, or gaining weight.

由于 Calbank 是营养和热量管理产品，上述信息中的一部分在适用法律下可能属于健康相关信息或敏感个人信息。Because Calbank is a nutrition and calorie tracking product, some of this information may be considered health-related or sensitive personal information under applicable law.

3.3 餐食、食物、营养与图片数据3.3 Meal, food, nutrition, and image data

当你手动记录餐食，或使用 AI 辅助识别功能时，我们可能处理：When you log meals manually or through AI-assisted flows, we may process:

• meal 记录，包括餐型、时间、备注和删除状态；meal records, including meal type, time, notes, and deletion state;
• food 记录，包括食物名称、描述、配料、本地化名称、重量和营养值；food records, including food names, descriptions, ingredients, localized names, weights, and nutrition values;
• 营养数值，例如热量、蛋白质、碳水、脂肪、纤维、糖和钠；nutritional values such as calories, protein, carbohydrates, fat, fiber, sugar, and sodium;
• 餐食图片及其引用；meal photos and image references;
• 图片上传路径与存储引用；image upload paths and storage references;
• AI 生成的菜名、食物描述、配料与营养识别结果；AI-generated dish names, food descriptions, ingredients, and nutrition output;
• 用于防重的请求标识符和幂等键。request identifiers and idempotency keys used to prevent duplicate analysis.

3.4 餐食图片中的位置元数据3.4 Location metadata from meal photos

如果餐食图片本身包含 GPS 元数据，或你的设备被配置为在拍摄餐食图片时附加位置元数据，我们可能会处理从图片中解析出的位置信息，包括与 food 记录关联的精确地理坐标点。If a meal photo includes GPS metadata, or if your device is configured to attach location metadata to captured meal photos, we may process location metadata derived from the image, including a precise geographic point associated with the food record.

这并不表示我们持续进行后台定位跟踪；它是与你主动拍摄或上传的餐食图片相关的照片元数据处理。We do not describe this as continuous background location tracking. Instead, this is photo metadata processing associated with the meal image you choose to capture or upload.

3.5 设备、应用与使用信息3.5 Device, app, and usage information

为了运行服务、保障安全并支持推送通知，我们可能会处理：To operate the Service, maintain security, and support push notifications, we may process:

• 安装标识符；installation identifier;
• 平台与操作系统版本；platform and operating system version;
• App 版本号与构建号；app version and build number;
• 设备型号；device model;
• 语言地区与时区；locale and timezone;
• 推送通知 token；push notification token;
• 首次出现、最近出现、最近登录、最近登出等时间戳；timestamps such as first seen, last seen, last login, and last logout;
• 登录、前台激活、登出、push token 更新等设备事件。device activity events such as login, foreground, logout, and push token update.

3.6 HealthKit / Apple Health 数据3.6 HealthKit / Apple Health data

如果你选择连接 Apple Health / HealthKit，我们可能会在你授权的范围内读取或写入以下类别：If you choose to connect Apple Health / HealthKit, we may read or write the categories you authorize, such as:

• 生日、性别、身高、体重；birthday, sex, height, and body weight;
• 每日活动能量；daily active energy;
• 每日体重；daily body mass;
• 摄入热量、蛋白质、碳水和脂肪；dietary energy, protein, carbohydrates, and fat;
• 与 meal 记录关联的营养导出样本。exported nutrition samples associated with your meal records.

HealthKit 访问是可选功能，由 Apple 系统权限和 App 内开关共同控制。HealthKit access is optional and controlled by Apple permission settings and in-app feature toggles.

3.7 诊断、日志与支持数据3.7 Diagnostics, logs, and support data

我们还可能处理运营和诊断信息，例如：We may process operational and diagnostic information such as:

• 请求标识符；request identifiers;
• 用于排查链路的用户标识符；user identifiers used for traceability;
• API 路径、请求方法、状态码与耗时；API paths, methods, status codes, and latency;
• 有限的文件元数据，例如上传文件名和文件大小；limited file metadata such as uploaded filename and file size;
• 设备侧调试日志和网络日志；device-side debug and network logs;
• 错误详情和排障上下文。error details and troubleshooting context.

在生产环境中，如果我们启用了可观测性工具，相关服务提供方还可能处理有限的诊断数据，其中可能包括运营元数据以及为排查模型与服务问题所使用的 AI 输出片段。When enabled in our production environment, our observability tooling may also process limited diagnostic data, which can include operational metadata and excerpts of AI outputs used for debugging model behavior and service reliability.

我们会将个人信息用于：We use personal information to:

• 创建和维护你的账号；create and maintain your account;
• 对你进行身份验证并恢复登录会话；authenticate you and restore your signed-in session;
• 让你记录 meals、foods、收藏项和营养数据；let you log meals, foods, favorites, and nutrition data;
• 使用 AI 分析餐食图片并返回结果；analyze meal images using AI and return results;
• 存储和展示餐食图片与头像；store and display meal photos and avatars;
• 在设备间同步数据，并在你重装 App 或更换设备后恢复数据；synchronize your data across devices and recover data after reinstall or sign-in on a new device;
• 计算营养汇总、趋势和个性化目标；calculate nutrition totals, trends, and personalized goals;
• 管理订阅、权益、访问控制和每日额度；manage subscription, entitlement, access control, and daily usage quota;
• 在你开启时发送推送通知；send push notifications, if enabled;
• 支持你开启的 Apple Health / HealthKit 功能；support Apple Health / HealthKit features that you enable;
• 防止滥用、欺诈、重复请求和异常访问；prevent abuse, fraud, duplicate requests, and service misuse;
• 监控服务健康状态、排查故障并提升稳定性；monitor service health, debug errors, and improve reliability;
• 履行法律义务并执行我们的服务条款。comply with legal obligations and enforce our terms.

5.1 服务提供方5.1 Service providers

我们可能会与代表我们处理数据的服务提供方共享信息，包括：We use service providers that process information on our behalf, including:

• Supabase：用于身份认证、数据库、对象存储及相关基础设施；Supabase for authentication, database, storage, and related infrastructure;
• 由我们配置的 AI 模型或视觉服务提供方，例如 Google Gemini 以及其他已配置的提供方，用于处理图片分析和相关请求；AI model or vision providers configured by us, such as Google Gemini and other configured providers, to process image-based food analysis and related requests;
• Apple：用于 Apple 登录、Apple 推送通知服务，以及你主动开启的 Apple Health / HealthKit 功能；Apple for Sign in with Apple, Apple Push Notification service, and Apple Health / HealthKit features that you enable;
• 帮助我们托管、记录日志、监控、排障和维护服务的基础设施或可观测性服务提供方。hosting, logging, and observability providers that help us operate, secure, and troubleshoot the Service.

5.2 公开资料可见性5.2 Public profile visibility

在当前实现中：In the current implementation:

• 用户名和头像 URL 可能被视为服务内的公开 profile 信息；username and avatar URL may be treated as public profile information inside the Service; and
• 头像图片当前实现中可能通过公开 URL 提供访问，因此任何获取到该链接的人都可能访问该头像。avatar images may be served from a public URL and may be accessible to others who obtain that link.

meal、food、收藏、健康资料、设备追踪记录、额度记录并非设计为公开数据。Meal records, health profiles, favorites, device tracking records, and quota records are not intended to be public.

5.3 法律与安全披露5.3 Legal and safety disclosures

如果我们有合理必要性，我们可能会披露信息以：We may disclose information if reasonably necessary to:

• 遵守法律、监管要求、传票、法院命令或合法请求；comply with law, regulation, subpoena, court order, or lawful request;
• 保护用户、服务或其他人的权利、安全和财产；protect the rights, safety, and security of our users, the Service, or others;
• 发现、调查或防止欺诈、滥用和安全事件。detect, investigate, or prevent fraud, abuse, or security incidents.

5.4 公司交易5.4 Business transfers

如果我们发生合并、收购、融资、重组、破产或资产出售，相关个人信息可能在适用法律允许的范围内作为交易的一部分被转移。If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to applicable law.

为避免歧义：For clarity:

• 公开或潜在可见的信息：用户名、头像 URL，以及你未来主动公开或分享的信息；public or potentially visible information: username, avatar URL, and any information you intentionally publish or share through future community or profile features;
• 私密信息：meal 记录、food 记录、营养值、收藏、健康资料、餐食图片、设备追踪数据、权益与额度记录，以及与账号相关的诊断记录。private information: meal records, food records, nutrition values, favorites, health profiles, meal photos, device tracking data, entitlement and quota records, and diagnostic records tied to your account.

除非法律另有要求或允许，我们会在实现本隐私政策所述目的所必需的期限内保留个人信息。We keep personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.

结合当前实现，示例包括：Examples from the current implementation include:

• 账号、profile、meal、food、收藏、权益和额度相关记录：通常保留至你删除相关内容、删除账号，或在运营/法律目的上不再需要时；account, profile, meal, food, favorites, and quota-related records: generally retained until you delete them, your account is deleted, or retention is no longer needed for operational or legal purposes;
• AI 幂等作业记录：当前设计为约 1 天后过期，并定期清理；AI idempotency job records: currently designed to expire after about 1 day and to be cleaned periodically;
• 服务端请求日志：当前默认按天轮转，并大致保留约 14 份备份；server request logs: currently rotated daily and retained for about 14 backup files by default;
• 设备侧 Pulse 日志：当前配置为最长约 14 天或直到达到存储上限；device-side Pulse logs: currently configured for up to 14 days or the configured storage limit;
• 本地图片缓存和本地数据库：通常保留在你的设备上，直到被清理、覆盖或因卸载 App 而移除，具体受平台行为影响。local image caches and local databases: retained on your device until cleared, overwritten, or removed when you uninstall the app, subject to platform behavior.

在法律允许范围内，我们也可能更长时间保留去标识化、聚合化数据，或保留严格必要的安全审计记录。We may retain de-identified, aggregated, or strictly necessary security records for longer where permitted by law.

如果你位于欧洲经济区、瑞士或英国，我们可能依据以下一个或多个法律基础处理你的个人信息，具体视场景而定：If you are located in the European Economic Area, Switzerland, or the United Kingdom, we rely on one or more of the following legal bases, depending on the processing:

• 履行合同，例如提供记餐、同步和账号功能；performance of a contract, such as providing meal logging, synchronization, and account features;
• 同意，例如你开启 HealthKit、相机、照片访问或推送通知等需要同意的权限时；consent, such as when you enable HealthKit access, camera permissions, photo access, or push notifications where consent is required;
• 合法利益，例如防止滥用、排障、保护基础设施和维持服务稳定性，但前提是这些利益不凌驾于你的权利之上；legitimate interests, such as preventing abuse, debugging the Service, securing infrastructure, and maintaining reliability, provided those interests are not overridden by your rights;
• 遵守法律义务。compliance with legal obligations.

根据你所在州及适用法律，你可能享有以下权利：Depending on where you live, you may have rights under applicable U.S. state privacy laws, including rights to:

• 知悉我们收集、使用、披露或保留了哪些个人信息；know what personal information we collect, use, disclose, or retain;
• 获取个人信息副本；access a copy of personal information;
• 更正不准确的个人信息；correct inaccurate personal information;
• 删除个人信息，但受法定例外限制；delete personal information, subject to exceptions;
• 在适用情况下，对隐私请求被拒进行申诉；appeal certain privacy request denials, where required by law;
• 在行使隐私权时获得平等服务和价格待遇。receive equal service and pricing when exercising applicable rights.

如果你是加州居民，你还可能享有以下权利：If you are a California resident, you may also have the right to:

• 知悉我们收集的个人信息和敏感个人信息类别，以及其使用和披露方式；know the categories of personal information and sensitive personal information we collect and how we use and disclose them;
• 请求删除；request deletion;
• 请求更正；request correction;
• 在适用情况下，限制敏感个人信息的某些使用；limit certain uses of sensitive personal information, where applicable;
• 在适用情况下，选择退出个人信息“出售”以及为跨上下文行为广告而进行的“共享”。opt out of the sale of personal information and the sharing of personal information for cross-context behavioral advertising, where applicable.

基于当前产品实现，我们目前未发现第三方广告 SDK，也不会主动出售个人信息，或将个人信息用于跨上下文行为广告共享。Based on our current implementation, we do not use third-party advertising SDKs and we do not knowingly sell personal information or share personal information for cross-context behavioral advertising.

你可以通过info@calbanks.com提交隐私请求。本页面的公开地址为https://calbanks.com/privacy。To submit a privacy request, contact us atinfo@calbanks.com. The public URL for this page ishttps://calbanks.com/privacy.

你通常可以：You can generally:

• 在 App 中编辑或删除 profile 字段；edit or delete profile fields in the app;
• 删除 meals、foods 和收藏；delete meals, foods, and favorites from the Service;
• 在 Apple 系统设置中断开或关闭 HealthKit 权限；disconnect or deny HealthKit permissions in Apple settings;
• 在 iOS 设置中关闭推送通知；disable push notifications in iOS settings;
• 在 iOS 设置中撤回相机、照片库和定位权限；revoke camera, photo library, and location permissions in iOS settings;
• 退出登录并卸载 App，以移除设备本地数据，但具体仍受平台行为影响。sign out and uninstall the app to remove local device-side data, subject to platform behavior.

如果你希望删除账号或行使隐私权，请通过info@calbanks.com联系我们。If you want us to delete your account or exercise a privacy right, contactinfo@calbanks.com.

你的信息可能会在你所在国家或地区之外被处理，包括被我们的服务提供方在其运营所在国家或地区处理。在适用法律要求下，我们将采取适当的跨境传输保障措施。Your information may be processed in countries other than your own, including where our service providers operate. Where required, we will use appropriate safeguards for international transfers under applicable law.

我们采取行政、技术和组织措施来保护个人信息。这些措施可能包括已认证访问控制、后端行级访问限制、餐食图片私有存储规则、本地安全存储，以及用于安全与排障的运营日志。We use administrative, technical, and organizational measures designed to protect personal information. These may include authenticated access controls, row-level access restrictions in our backend, private storage rules for meal images, secure local storage for session-related data, and operational logging for security and troubleshooting.

但任何传输或存储方式都不可能绝对安全，我们无法承诺绝对安全。No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

本服务不面向违反适用法律的儿童使用。在需要监护人同意而尚未取得该同意的情况下，我们不会故意收集儿童个人信息。 如果你认为儿童在不适当的情况下向我们提供了个人信息，请通过info@calbanks.com联系我们。The Service is not intended to be used by children in violation of applicable law. We do not knowingly collect personal information from children where parental consent is required and has not been obtained. If you believe a child has provided us personal information inappropriately, contactinfo@calbanks.com.

我们可能会不时更新本隐私政策。如有重大变更，我们会更新“最后更新日期”，并在法律要求的情况下，通过 App 内提示或其他适当方式通知你。We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and, where required, provide additional notice inside the Service or by other appropriate means.

如果你对本隐私政策或我们的隐私实践有任何问题、请求或投诉，请联系：If you have questions, requests, or complaints about this Privacy Policy or our privacy practices, contact:

• 运营主体：宁波卡银智能科技有限公司（Ningbo Kayin Intelligent Tech Co.,Ltd.）；Operator: Ningbo Kayin Intelligent Tech Co.,Ltd. (宁波卡银智能科技有限公司);
• 隐私邮箱：info@calbanks.com；Privacy email: info@calbanks.com;
• 注册地址：浙江省宁波市镇海区骆驼街道福业街55号3-1-12-29室。Registered address: 浙江省宁波市镇海区骆驼街道福业街55号3-1-12-29室.