Together 隐私政策 Together Privacy Policy
最后更新日期:2026 年 5 月 7 日 Last Updated: May 7, 2026
1. 适用范围 1. Scope
本政策适用于 Together 应用及其后端服务(包括 `https://server.togetherwe.top`)在你使用账号、关系绑定、记录上传、照片管理、提醒推送等功能时对个人信息的处理。
This policy applies to the Together app and backend services (including `https://server.togetherwe.top`) when processing personal data for account, bonding, records, photo management, and reminder notifications.
2. 我们收集的信息 2. Data We Collect
- 账号信息:邮箱、登录凭证(密码或 OTP 验证流程)、第三方登录标识(如 Apple 登录令牌验证结果)、用户 ID。
- 档案信息:昵称、性别、头像地址、是否完成引导状态。
- 内容数据:你上传或创建的照片、记录、评论、贴纸/表情、场景及其封面。
- 关系与协作数据:绑定关系、配对码、邀请/请求状态、共同内容关联信息(如 bondId)。
- 设备与推送数据:设备推送令牌、设备类型、设备名称、推送发送状态。
- 技术与日志数据:请求路径、请求/响应概要、错误日志、基础性能耗时日志(日志对密码和 token 做了脱敏处理)。
- Account data: email, authentication credentials (password or OTP flow), third-party auth identifiers (such as Apple sign-in token verification result), and user ID.
- Profile data: display name, gender, avatar URL, and onboarding completion status.
- Content data: photos, records, comments, stickers/emojis, scenarios, and scenario cover media that you upload or create.
- Relationship and collaboration data: bond relationship, pair code, request/invitation status, and shared content linkage (such as bondId).
- Device and push data: device push token, device type, device name, and push delivery results.
- Technical and log data: request paths, request/response previews, error logs, and performance timing logs (passwords and tokens are redacted in logs).
3. 我们如何使用这些信息 3. How We Use Data
- 完成注册、登录、身份校验、账号安全保护和会话管理。
- 提供核心产品能力:绑定关系、记录管理、照片存取、场景管理、头像和虚拟形象上传。
- 发送系统通知与提醒(例如关系互动提醒、内容相关通知)。
- 处理客服排错、故障修复、性能优化与反滥用风控。
- 在你发起删除账号时,执行账号与关联资源清理流程。
- To provide sign-up, sign-in, identity verification, account security, and session handling.
- To deliver core features: bonding, records, photo storage/retrieval, scenario management, avatar and virtual avatar uploads.
- To send service notifications and reminders (such as relationship and content-related notifications).
- To support troubleshooting, incident response, performance optimization, and abuse prevention.
- To process account deletion and clean up related resources when requested by you.
4. 第三方服务与数据共享 4. Third-Party Services and Sharing
我们不会出售你的个人信息。仅在实现服务所必需时,与以下类型的服务提供商共享最小必要数据:
We do not sell your personal data. We only share the minimum necessary data with service providers required to run the service:
- Supabase:用于身份认证与业务数据库存储(如用户档案、关系、记录元数据等)。
- Supabase: for authentication and application database storage (for example user profile, relationship, and record metadata).
- 腾讯云对象存储(COS):用于存储头像、照片、缩略图及相关媒体对象。
- Tencent Cloud Object Storage (COS): for avatars, photos, thumbnails, and related media objects.
- Apple Push Notification Service (APNs):用于向 iOS 设备发送推送通知(包括设备令牌和通知载荷)。
- Apple Push Notification Service (APNs): for iOS push delivery (including device tokens and notification payloads).
如果未来启用新的通知渠道(如 Android FCM),我们会在本政策中更新相应第三方说明。
If new notification channels (for example Android FCM) are enabled in the future, this policy will be updated accordingly.
5. 存储期限与删除机制 5. Retention and Deletion
- 我们在实现服务目的所需期间内保留你的数据,或按法律法规要求保留。
- 你可通过应用账号删除流程请求删除账号。
- 账号删除时,系统会尝试清理与你账号/关系关联的头像、场景封面、照片媒体对象及业务数据,并删除认证用户。
- 出于审计、安全或法律义务,部分日志可能在有限期限内保留后再删除或匿名化。
- We retain data only as long as needed for service purposes or as required by applicable laws.
- You can request account deletion through in-app account deletion flow.
- During deletion, the system attempts to remove account/bond-related avatars, scenario covers, photo media objects, related business records, and auth user records.
- Some logs may be retained for a limited period for security, audit, or legal obligations, then deleted or anonymized.
6. 你的权利与选择 6. Your Rights and Choices
- 访问和更新:你可查看并更新个人资料(如昵称、头像、性别)。
- 撤回与关闭:你可注销/删除账号并取消设备推送令牌。
- 删除请求:你可要求删除个人信息(在法律要求保留的范围内可能例外)。
- 通知管理:你可在设备系统设置中关闭通知权限。
- Access and update: you can view and update profile fields (for example name, avatar, gender).
- Withdraw and close: you can delete your account and unregister device push tokens.
- Deletion request: you may request deletion of personal data, subject to legal retention exceptions.
- Notification controls: you can disable notifications in your device system settings.
7. 安全措施 7. Security Measures
- 使用鉴权机制与访问控制限制未授权访问。
- 对请求日志中的常见敏感字段(如 password、token)进行脱敏。
- 对上传内容进行类型和大小校验,降低恶意上传风险。
- Authentication and access control are used to prevent unauthorized access.
- Common sensitive fields (for example password and token) are redacted in logs.
- Upload file type and size validation is applied to reduce malicious upload risk.
我们会持续改进技术与管理措施,但任何互联网传输或存储都无法保证绝对安全。
We continuously improve technical and organizational safeguards, but no internet transmission or storage can be guaranteed as absolutely secure.
8. 未成年人 8. Children
本服务不面向法律意义上的未成年人。若你认为未成年人在未经监护人同意的情况下提交了个人信息,请联系我们处理删除。
This service is not intended for children under applicable law. If you believe a child submitted personal data without guardian consent, please contact us for removal.
9. 政策更新 9. Policy Updates
我们可能根据产品功能、法律法规或服务供应商变化更新本政策。更新后版本将发布于本页面,并以“最后更新日期”标注生效时间。
We may update this policy based on product changes, legal requirements, or service provider updates. Updated versions will be posted on this page with a revised "Last Updated" date.
10. 联系我们 10. Contact Us
如需行使隐私权利或咨询本政策,请通过产品方公布的官方联系方式或应用内反馈渠道联系我们。
For privacy requests or questions about this policy, please contact us through official channels published by the product team or in-app feedback.