隐私政策

生效日期: 2026-03-31Meridian Protocol

1. 概述

1. Overview

欢迎使用子午线协议 (Meridian Protocol)（以下简称“本平台”或“我们”）。我们深知个人信息及企业商业数据对您的重要性。本《隐私政策》旨在向您说明我们在您访问本平台网站、使用我们的 API 及相关人工智能生成服务时，如何收集、使用、存储、共享和保护您的数据。当您点击同意或实际使用本服务时，即视为您已阅读并同意本政策的全部内容。

Welcome to Meridian Protocol ("the Platform" or "we"). We understand the importance of personal information and enterprise business data to you. This Privacy Policy explains how we collect, use, store, share, and protect your data when you visit our website, use our APIs, and related AI generation services. By clicking agree or actually using the Services, you are deemed to have read and agreed to the entire content of this Policy.

2. 我们如何收集您的信息

2. Information Collection

在您使用本平台的过程中，我们仅会出于合法、正当、必要的目的收集以下信息： • 账户注册信息：您的电子邮箱地址、显示姓名及密码。 • 用户输入与业务数据 (Customer Content)：您输入的提示词（Prompts）、上传的文档、图纸、图片以及系统生成的输出内容（Outputs）。 • 使用与日志数据：您的操作日志、IP 地址、设备信息、浏览器类型、API 调用频率及算力积分（Credits）消耗记录。 • 支付信息：当您订阅付费服务时，您的支付将由第三方支付机构（Stripe）处理。我们不直接收集或存储您的完整信用卡号，仅接收支付状态及必要的账单信息。

We collect the following information only for lawful, legitimate, and necessary purposes: • Account Registration Information: Your email address, display name, and password. • User Input and Business Data (Customer Content): Prompts you enter, uploaded documents, blueprints, images, and system-generated outputs. • Usage and Log Data: Operation logs, IP addresses, device information, browser types, API call frequency, and compute credits consumption records. • Payment Information: Processed by a third-party payment institution (Stripe). We do not directly collect or store your full credit card number, only receiving payment status and necessary billing information.

3. 我们如何使用您的信息

3. Information Usage

我们收集的信息将仅用于以下目的：向您提供、维护和改进本平台的核心功能与服务；处理您的交易、管理算力积分及发送账单通知；进行身份验证、客户服务、安全防范、诈骗监测及存档和备份；履行适用的法律法规及监管要求。

The information we collect will only be used to: provide, maintain, and improve our core functions and services; process your transactions, manage compute credits, and send billing notices; conduct identity verification, customer service, security prevention, fraud monitoring, archiving, and backups; and comply with applicable laws and regulatory requirements.

4. AI 模型训练与数据保密承诺

4. AI Model Training and Data Confidentiality

我们深知商业机密对企业客户的极端重要性。本平台通过调用第三方顶级大语言模型 API（包括但不限于 Google Gemini、Anthropic Claude）为您提供生成服务。我们郑重承诺：子午线协议 (Meridian Protocol) 绝不会使用您的任何输入数据（Prompts）、上传的文件或生成的业务内容（Outputs）来训练、微调或改进我们的基础人工智能模型。我们与所有第三方 AI 供应商均签署了严格的“零数据保留（Zero Data Retention）”企业级数据处理协议，确保您的数据仅在提供实时生成服务时被短暂处理，绝不会被第三方用于任何模型训练目的。

We understand the critical importance of trade secrets to our enterprise customers. The Platform provides generation services by calling top-tier third-party Large Language Model APIs (including Google Gemini, Anthropic Claude). We solemnly promise: Meridian Protocol will NEVER use any of your input data (Prompts), uploaded files, or generated business content (Outputs) to train, fine-tune, or improve our foundational AI models. We have executed strict "Zero Data Retention" enterprise agreements with all third-party AI providers, ensuring your data is only processed ephemerally to provide real-time generation services and will never be used by third parties for any model training purposes.

5. 数据存储与跨境传输

5. Data Storage and Cross-Border Transfer

子午线协议 (Meridian Protocol) 致力于为您提供全球化的商业与合规 AI 服务。我们的核心基础设施（包括数据库与计算节点）部署于中国香港特别行政区。当您使用本服务时，您明确同意您的个人信息及业务数据将被加密传输并安全存储于我们在中国香港的云服务器（由 Vercel 及 Supabase 提供支持）中。我们将严格遵守适用的数据保护法律（包括《中华人民共和国个人信息保护法》），采取行业标准的安全防护措施（如 TLS 1.3 传输加密与行级数据物理隔离 RLS），确保您的数据在跨境传输与存储过程中的绝对安全。

Meridian Protocol is committed to providing global business and compliance AI services. Our core infrastructure is deployed in the Hong Kong Special Administrative Region, China. By using the Services, you explicitly consent to the encrypted transfer and secure storage of your personal information and business data on our cloud servers located in Hong Kong (powered by Vercel and Supabase). We strictly comply with applicable data protection laws (including the PIPL of China) and employ industry-standard security measures (such as TLS 1.3 encryption and Row Level Security data isolation) to ensure the absolute security of your data during cross-border transfer and storage.

6. 第三方服务提供商

6. Third-Party Service Providers

为了向您提供稳定、高效的服务，我们集成了以下受信任的第三方服务。这些第三方仅在提供特定服务所必需的范围内处理您的数据，且受严格的保密协议约束： • 云基础设施与数据存储：Vercel Inc., Supabase Inc. • AI 模型推理：Google LLC, Anthropic PBC, Fal.ai • 支付与订阅处理：Stripe, Inc. • 网站分析：Baidu Analytics（百度统计，仅收集匿名访问数据用于优化网站体验，不与您的身份关联）。

To provide you with stable and efficient services, we integrate the following trusted third-party services. These third parties process your data only to the extent necessary to provide their specific services and are bound by strict confidentiality agreements: • Cloud Infrastructure & Storage: Vercel Inc., Supabase Inc. • AI Model Inference: Google LLC, Anthropic PBC, Fal.ai • Payment Processing: Stripe, Inc. • Analytics: Baidu Analytics (Collects only anonymous visit data to optimize website experience, not linked to your identity).

7. 数据保留与删除

7. Data Retention and Deletion

当您主动删除账户或业务数据时，系统将采用“软删除”（Soft Delete）机制以防止意外丢失。您的数据将在标记删除后的 30 天内从我们的活动数据库中隔离，并在 90 天后从备份系统中彻底物理清除。法律法规另有规定要求延长保留期限的除外。

When you actively delete your account or business data, the system employs a "Soft Delete" mechanism to prevent accidental loss. Your data will be isolated from our active database for 30 days after being marked for deletion, and will be permanently physically purged from backup systems after 90 days, unless a longer retention period is required by law.

8. 组织用户与授权成员数据权责

8. Organization and Authorized Users

如果您作为“授权成员”（如员工）加入了一个“组织用户”（如您的雇主或企业）的工作区，您在此工作区内产生的所有输入、输出及操作日志均属于该“组织用户”的控制数据。组织用户的管理员有权访问、修改、导出或删除您的这些数据，并有权限制或注销您的访问权限。在此场景下，本平台仅作为“数据处理者（Data Processor）”，组织用户为“数据控制者（Data Controller）”。您对上述数据的任何隐私权利主张（如删除请求），应直接向您的组织管理员提出。

If you join an "Organization" workspace (e.g., your employer or enterprise) as an "Authorized User" (e.g., an employee), all inputs, outputs, and operation logs generated by you within this workspace are considered data controlled by the "Organization". The administrators of the Organization have the right to access, modify, export, or delete such data, and to restrict or terminate your access. In this scenario, the Platform acts solely as a "Data Processor", and the Organization is the "Data Controller". Any privacy rights requests (e.g., deletion requests) regarding such data should be directed to your Organization's administrator.

9. 您的数据权利

9. Your Data Rights

根据适用法律，您对您的个人数据享有以下权利：访问权、更正权、删除权（被遗忘权）、限制处理权及数据可携权。如需行使上述权利，请通过本政策底部的联系方式与我们联系。

Subject to applicable law, you have the following rights regarding your personal data: the right to access, rectification, erasure (right to be forgotten), restriction of processing, and data portability. To exercise these rights, please contact us using the contact information at the bottom of this Policy.

10. 未成年人保护

10. Protection of Minors

本平台主要面向具备完全民事行为能力的企业及成年用户。我们不会有意收集未满 18 周岁未成年人的个人信息。如果您是未成年人，请勿注册或使用本服务。

The Platform is primarily intended for enterprises and adult users with full civil capacity. We do not intentionally collect personal information from minors under the age of 18. If you are a minor, please do not register or use the Services.

11. 隐私政策的更新

11. Updates to Privacy Policy

我们可能适时修订本隐私政策。当条款发生重大变更时，我们会在您登录时通过弹窗、站内信或向您的注册邮箱发送邮件等方式进行显著通知。您继续使用本服务即表示您同意受修订后的隐私政策约束。

We may revise this Privacy Policy from time to time. When material changes are made, we will provide prominent notice via pop-ups upon login, site messages, or emails to your registered address. Your continued use of the Services constitutes your agreement to be bound by the revised Privacy Policy.

12. 联系我们

12. Contact Us

如您对本隐私政策或数据安全有任何疑问、意见或建议，请联系我们的隐私合规团队：privacy@meridian-protocol.com

If you have any questions, comments, or suggestions regarding this Privacy Policy or data security, please contact our privacy compliance team at: privacy@meridian-protocol.com

子午线协议 — 隐私合规privacy@meridian-protocol.com