Privacy Policy隐私政策
This document is provided for transparency and is not legal advice.本文件用于信息透明,不构成法律意见。
1. Who we are1. 我们是谁
Dodoa LLC is a company registered in the State of Wyoming, United States. We are the controller of the personal information described here. For any privacy question or request, contact contact@dodoa.ai.Dodoa LLC 是在美国怀俄明州注册的公司,是本文所述个人信息的"处理者/控制者"。任何隐私相关问题或请求,请联系 contact@dodoa.ai。
2. What we collect2. 我们收集什么
We collect only what the assessment and product need. By stage:我们只收集评估与产品所需的信息。按阶段划分:
Assessment answers评估问卷答案
Your responses to the questionnaire — industry, revenue band, product/SKU counts, store and channel counts, the countries you operate in and sell into, turnover and aging figures, margin trend, current tooling, how often you review your numbers, and your free-text descriptions of your headache and goals.您对问卷的回答——所属行业、营收区间、产品/SKU 数量、门店与渠道数量、经营所在国家及销售目标国家、周转与库龄数据、毛利趋势、现有工具、查看数据的频率,以及您对"最头疼的问题""目标"的文字描述。
Contact details联系方式
At the end of the assessment: your name, brand/company name, email, and (optionally) WeChat ID and phone number — together with the consent you give to be contacted and analyzed.在评估末尾:您的姓名、品牌/公司名称、邮箱,以及(可选)微信号和电话——连同您给予的"同意被联系与分析"的授权。
Uploaded files (paid users)上传的文件(付费用户)
If you purchase the Deep Diagnostic, you may optionally upload business files such as inventory or sales exports so we can analyze them for you. You upload these only if you choose to.若您购买"深度诊断",可选择上传库存或销售导出等业务文件,供我们为您分析。是否上传完全由您决定。
Voice recordings (paid users)语音录音(付费用户)
Paid users may record short voice notes (up to 180 seconds) instead of typing. We transcribe these to text to analyze them. The transcript is what we work from.付费用户可录制简短语音(最长 180 秒)代替打字。我们会将其转写为文字以便分析。我们实际使用的是转写文本。
Payment information支付信息
When you pay, our payment processors handle your card or wallet details directly. We do not see or store full card numbers. We retain a record that a payment was made, the amount, and basic transaction metadata.当您付款时,由支付服务商直接处理您的银行卡或钱包信息。我们不会看到或保存完整卡号。我们仅保留"已付款"的记录、金额及基本交易元数据。
Security & abuse-prevention signals安全与防滥用信号
To protect the free assessment from abuse, we process your IP address (via Cloudflare's CF-Connecting-IP header), a Cloudflare Turnstile anti-bot check, and basic request logs.为防止免费评估被滥用,我们会处理您的 IP 地址(通过 Cloudflare 的 CF-Connecting-IP 标头)、Cloudflare Turnstile 人机校验,以及基本的请求日志。
3. Why we use it & our legal basis3. 使用目的与法律依据
- To produce your assessment result — the free archetype read and, if purchased, the Deep Diagnostic. Basis: your consent (PIPL); consent / performance of a contract (GDPR).生成您的评估结果——免费的"类型判断"及(如购买)深度诊断。依据:您的同意(PIPL);同意/合同履行(GDPR)。
- To contact you about your result, a trial, or a deeper analysis. Basis: your consent.就您的结果、试用或更深入分析与您联系。依据:您的同意。
- To take payment and deliver paid services. Basis: performance of a contract.收取费用并交付付费服务。依据:合同履行。
- To keep the service secure and prevent abuse. Basis: our legitimate interest (GDPR); necessity for service security (PIPL).保障服务安全、防止滥用。依据:我们的正当利益(GDPR);服务安全之必要(PIPL)。
We do not sell your personal information, and we do not use it for advertising.我们不会出售您的个人信息,也不会将其用于广告。
4. AI processing of your data4. 对您数据的 AI 处理
Your assessment answers (and, for paid users, your transcribed voice notes and uploaded files) are sent to Anthropic's Claude API to generate your written analysis. We instruct the model to ground its output in the figures you provide and not to invent precision. We do not use your data to train AI models, and our AI processor does not train on it under our agreement.您的评估答案(付费用户还包括转写后的语音与上传文件)会发送至 Anthropic 的 Claude API 以生成您的书面分析。我们要求模型严格基于您提供的数字,不得编造精度。我们不会用您的数据训练 AI 模型;依据协议,我们的 AI 服务商也不会用其训练。
5. Who we share it with (processors)5. 我们与谁共享(受托处理方)
We use a small set of trusted service providers, each acting on our instructions under its own privacy terms:我们使用一小批可信服务商,各自依其隐私条款、按我们的指示处理数据:
- Anthropic — AI analysis of your answers, voice transcripts, and uploaded files (US).Anthropic——对您的答案、语音转写及上传文件进行 AI 分析(美国)。
- Resend — sending you transactional and result emails (US).Resend——向您发送交易类及结果邮件(美国)。
- Stripe — international card payments. Stripe handles card data directly (US).Stripe——国际银行卡支付。Stripe 直接处理卡信息(美国)。
- WeChat Pay & Alipay — payments within China. They handle wallet/transaction data directly.微信支付与支付宝——中国境内支付。由其直接处理钱包/交易数据。
- Speech-to-text provider (Whisper-class) — transcribing paid voice notes to text.语音转文字服务(Whisper 类)——将付费语音转写为文字。
- Cloudflare — security, anti-bot (Turnstile), and traffic delivery.Cloudflare——安全防护、人机校验(Turnstile)及流量分发。
- Vercel — hosting the public website (dodoa.ai).Vercel——托管公开网站(dodoa.ai)。
- Hetzner — our application server and database (Singapore region).Hetzner——我们的应用服务器与数据库(新加坡区域)。
If you connect a messaging channel (e.g. WhatsApp or Instagram) to the product in future, Meta platforms will be involved for that feature, under Meta's own terms. We will only access what you authorize.若您将来把消息渠道(如 WhatsApp 或 Instagram)接入产品,该功能将涉及 Meta 平台,并适用 Meta 自身条款。我们仅访问您授权的内容。
6. Cross-border transfer6. 跨境传输
Our servers are in Singapore, and several processors are in the United States. If you are in China or the EEA/UK, your information will be transferred and processed outside your country. By giving consent and using the service, you acknowledge this transfer. We use providers that offer recognized safeguards for international data handling.我们的服务器位于新加坡,部分服务商位于美国。若您身处中国或欧洲经济区/英国,您的信息将被传输至并在境外处理。当您给予同意并使用服务时,即知悉并接受该跨境传输。我们选用对国际数据处理提供公认保障措施的服务商。
7. How long we keep it7. 保存期限
| Data数据类型 | Retention保存期限 |
|---|---|
| Assessment answers & free result评估答案与免费结果 | 24 months24 个月 |
| Contact details联系方式 | Until you ask us to delete, or 24 months of inactivity直至您要求删除,或连续 24 个月无互动 |
| Uploaded files (paid)上传文件(付费) | 12 months after your diagnostic is delivered诊断交付后 12 个月 |
| Voice recordings (raw audio)语音录音(原始音频) | Deleted within 30 days of transcription转写后 30 天内删除 |
| Voice transcripts语音转写文本 | 12 months12 个月 |
| Payment & contract records支付与合同记录 | 7 years (legal / accounting obligation)7 年(法律/财务义务) |
| Security & abuse logs安全与防滥用日志 | 90 days90 天 |
When a period ends, we delete or anonymize the data, unless the law requires us to keep it longer.期限届满后,我们会删除或匿名化相关数据,法律要求保留更久者除外。
8. Your rights8. 您的权利
Subject to PIPL and GDPR, you can:在 PIPL 与 GDPR 框架下,您可以:
- Access the personal information we hold about you.查阅我们持有的关于您的个人信息。
- Correct inaccurate information.更正不准确的信息。
- Delete your information (see our Data Deletion page).删除您的信息(见数据删除页面)。
- Withdraw consent at any time, without affecting processing already done.随时撤回同意,不影响此前已进行的处理。
- Obtain a copy of your data in a portable form.以可携带形式获取数据副本。
- Complain to your local data protection authority.向当地数据保护机构投诉。
To exercise any right, email contact@dodoa.ai. We respond within the timeframe required by applicable law.如需行使任何权利,请发邮件至 contact@dodoa.ai。我们将在适用法律要求的时限内回复。
9. Security9. 安全
We protect your data with encryption in transit (HTTPS), access controls, and a hardened server environment. No system is perfectly secure, but we work to keep your information safe and to limit who can access it.我们通过传输加密(HTTPS)、访问控制及加固的服务器环境保护您的数据。没有系统能做到绝对安全,但我们持续努力保护您的信息并限制可访问人员。
10. For business operators (not children)10. 面向生意经营者(非儿童)
Dodoa is a business-to-business service intended for company operators aged 18 or older. It is not directed at children, and we do not knowingly collect their personal information.Dodoa 是面向企业经营者(18 岁及以上)的 B2B 服务,并非面向儿童,我们不会在知情情况下收集儿童的个人信息。
11. Changes11. 变更
We may update this policy. We will change the "Last updated" date above and, for material changes, take reasonable steps to notify you.我们可能更新本政策。届时会更新上方"最近更新"日期;对于重大变更,我们将采取合理方式通知您。
12. Contact12. 联系我们
Dodoa LLC — contact@dodoa.aiDodoa LLC —— contact@dodoa.ai