CoolMeowLedger

隐私政策

本政策说明酷喵记账如何处理你在本地记账、登录、共享协作、图片/语音输入、会员订阅以及自定义 AI 配置中涉及的信息。

最后更新：2026 年 4 月 21 日

Privacy Policy

This policy explains how CoolMeowLedger processes information related to local bookkeeping, authentication, collaboration, image or speech input, subscriptions, and custom AI configuration.

Last updated: April 21, 2026

Home Terms

1. 适用范围

本政策适用于酷喵记账 iOS App、与其配套的 Firebase 与 Cloudflare 后端能力、公开邀请落地页，以及 App 内跳转的法律页面。

2. 我们处理哪些信息

账号与登录信息

当你使用邮箱、Apple 或 Google 登录时，我们会处理认证所需信息，例如邮箱地址、登录提供方返回的用户标识、显示名称和头像链接。

账本与协作数据

当你使用共享账本时，我们会处理账本标题、参与人、分类、金额、备注、标签、附件、邀请记录、成员角色、只读状态和同步版本号。

本地内容与附件

你拍照或从相册导入的图片会先落地到本机；如果该账本启用了共享并且你主动同步，相关附件会上传到云端供协作者访问。

订阅与购买状态

如果你使用会员服务，我们会处理与订阅状态同步相关的信息，例如产品标识、交易标识、原始交易标识、会员等级和功能可用状态。

语音与图片输入

当你主动启用语音输入时，App 会临时访问麦克风与语音识别能力，将你当前说出的内容转换为文本。你主动发起图片识别时，图片与提取结果会被用于生成记账内容。

自定义 AI 配置

如果你自己配置了 AI 接口，我们会在本地保存你填写的接口地址、模型名和 API Key，并在你主动使用相关 AI 功能时把请求发送到你指定的服务提供方。

3. 我们如何使用这些信息

完成登录、识别你的账号身份，以及在多设备间恢复你的共享权限状态。
创建、同步、展示和归档共享账本，控制成员的可读/可写权限，并处理邀请链接。
在你主动使用时执行语音输入、图片识别、AI 问答、自定义 AI 请求和附件上传。
完成订阅状态同步、会员功能开关控制、共享账本只读降级和相关异常排查。
执行账号删除、共享账本归档、成员移除和数据生命周期管理。

4. 我们与哪些第三方服务协作

登录与身份：Firebase Authentication、Sign in with Apple、Google Sign-In。
云端同步、附件与公开页面：Cloudflare Workers、Cloudflare D1、Cloudflare R2、Cloudflare Pages，以及必要的 Firebase 身份能力。
会员状态：Apple App Store / StoreKit 及其服务器通知链路。
自定义 AI：如果你自行填写第三方 AI 服务地址，请求会发送到你指定的服务方；这部分由你自行决定是否启用。

5. 共享账本的可见性

加入同一共享账本的成员，可能看到该账本内的标题、备注、金额、分类、附件、参与人昵称、头像、标签、AI 生成结果和部分操作元数据。

如果账本拥有者归档账本，或者拥有者会员降级导致共享失效，账本会进入只读状态，成员仍可查看，但不能继续写入。

6. 存储与保留

未启用共享的本地账本主要保存在你的设备上。启用共享后，账本主数据与必要同步数据会保存到云端，以支持多人协作与多设备同步。

账号删除后，本地账号数据会清除；你作为共享成员的云端成员关系会被移除。你拥有的共享账本会被归档，后续由系统按保留与清理流程自动处理。

7. 你的控制权

你可以修改昵称、头像、备注、标签和账本内容。
你可以选择是否开启共享、是否上传附件、是否启用语音输入、是否使用图片识别和 AI 功能。
你可以退出登录、删除账号、撤销 Google/Apple 登录授权，或取消订阅。

8. 儿童与敏感信息

本服务并非面向儿童设计。请不要主动在备注、附件或自定义 AI 请求中上传不必要的敏感个人信息、医疗信息或受法律特别保护的数据。

9. 政策更新与联系

如果我们调整隐私处理方式，会在本页面更新版本。若你对隐私处理有问题，可通过 App 内反馈渠道或应用商店公开的开发者联系入口联系我们。

1. Scope

This policy applies to the CoolMeowLedger iOS app, its Firebase and Cloudflare backend services, public invitation landing pages, and the legal pages opened from inside the app.

2. Information We Process

Account and authentication data

When you sign in with email, Apple, or Google, we process the data needed for authentication, such as your email address, provider user identifier, display name, and avatar URL.

Bookkeeping and collaboration data

When you use shared books, we process the book title, participants, categories, amounts, notes, tags, attachments, invitations, member roles, read-only state, and sync revision metadata.

Local content and attachments

Images captured with the camera or selected from the photo library are first stored on your device. If a shared book is synced, the related attachment data may be uploaded so collaborators can access it.

Subscription and entitlement data

If you use paid membership features, we process data required to sync subscription status, such as product identifiers, transaction identifiers, original transaction identifiers, plan tier, and feature availability.

Speech and image input

When you explicitly start speech input, the app temporarily uses the microphone and speech recognition service to convert your speech into text. When you explicitly request image recognition, the image and extracted result are used to create bookkeeping content.

Custom AI configuration

If you configure your own AI endpoint, we store the endpoint URL, model name, and API key locally on your device, and requests are sent to the provider you selected only when you actively use AI features.

3. How We Use Information

To authenticate you and restore your collaboration identity across devices.
To create, sync, display, and archive shared books, enforce member permissions, and process invitation links.
To perform speech input, image recognition, AI assistance, custom AI requests, and attachment upload only when you actively trigger those features.
To synchronize subscription status, control feature access, downgrade shared books to read-only when required, and troubleshoot service issues.
To process account deletion, shared-book archival, member removal, and data lifecycle operations.

4. Third-Party Services We Use

Authentication and identity: Firebase Authentication, Sign in with Apple, and Google Sign-In.
Cloud sync, attachments, and public pages: Cloudflare Workers, Cloudflare D1, Cloudflare R2, Cloudflare Pages, and the required Firebase identity services.
Subscriptions: Apple App Store / StoreKit and related server notification flows.
Custom AI providers: if you configure a third-party AI endpoint yourself, requests are sent to that provider under your control.

5. Shared Book Visibility

Members of the same shared book may see that book's title, notes, amounts, categories, attachments, participant display names, avatars, tags, AI-generated results, and certain operational metadata.

If the owner archives a book, or the owner's membership no longer allows collaboration, the shared book may become read-only. Members can still view it but cannot continue writing to it.

6. Storage and Retention

Books that are not shared are primarily stored on your device. Once sharing is enabled, book data and necessary sync metadata are stored in the cloud to support collaboration and multi-device sync.

After account deletion, local account data is removed. Your cloud membership entries are removed, and any shared books owned by your account are archived and later cleaned up according to the app's retention flow.

7. Your Controls

You can edit your nickname, avatar, notes, tags, and book content.
You decide whether to enable sharing, upload attachments, start speech input, use image recognition, or use AI features.
You can sign out, delete your account, revoke Google or Apple sign-in access, and cancel subscriptions.

8. Children and Sensitive Data

This service is not designed for children. Please do not upload unnecessary sensitive personal data, medical data, or specially regulated data through notes, attachments, or custom AI requests.

9. Updates and Contact

If our privacy handling changes, we will update this page. If you have privacy questions, you can contact us through the in-app feedback channel or the developer contact entry shown on the app store listing.