Back to Home

Privacy Policy / 隐私政策

CHUNBINGTANG (春冰糖) / HappyMilk Ltd · https://chunbingtang.com

Privacy Policy (English)

Last Updated: April 29, 2026
Effective Date: April 29, 2026
Controller: CHUNBINGTANG / HappyMilk Ltd ("we", "us", or "our")
Scope: This Privacy Policy applies to all iOS applications developed by us and distributed via the Apple App Store (each, the "App") and to our website at https://chunbingtang.com.

1. About This Policy

We respect your privacy and are committed to handling your personal information lawfully and transparently. This Policy explains what information we collect, how we use and protect it, and what rights you have.

This Policy is a generic template covering the full range of features that may appear across our App portfolio. Provisions marked "where applicable" only take effect for a given App if that App actually integrates the corresponding feature, permission, or third-party service. Where an App does not integrate such feature or SDK, the corresponding provision does not apply.

If supplemental terms inside a specific App conflict with this Policy, the supplemental terms control with respect to the feature they address; this Policy continues to govern all other matters.

2. Who We Are and How to Contact Us

  • Developer: CHUNBINGTANG / HappyMilk Ltd
  • Website: https://chunbingtang.com
  • Contact email: report@happymilk.ltd
  • Postal address: {{POSTAL_ADDRESS}}
  • Data protection contact: {{DPO_CONTACT}} (default routing through the contact email above)

For any question regarding this Policy, our processing of personal information, or to exercise your rights, please contact us at the email above.

3. What Information We Collect

We collect information only as necessary to provide the App, ensure security, comply with law, and operate within the scope of your consent. We follow the principle of data minimization.

3.1 Information You Provide

CategoryLeaves your device?PurposeLinked to identity?Used for tracking?
Media you create, edit, import, or select inside the App (videos, images, audio)No (stored locally by default; only leaves the device if you choose to export, share, or upload)To provide editing, saving, and playback featuresNoNo
Text input (project names, notes, report descriptions, etc.)No (stored locally by default)To provide features; to handle feedback or reports you initiateNoNo
Email content you send via system components such as MFMailCompose (where applicable)Yes — sent from your own email account to us or to a recipient you designateTo respond to feedback, reports, or appealsOnly as you include in your messageNo

3.2 Device Permissions

The App requests the following permissions only after explicit prompts and only when needed. You may revoke any permission at any time in iOS Settings.

PermissionPurposeLeaves device?
Microphone (where applicable)Recording voice commands or audioNo (processed locally by default)
Camera (where applicable)Capturing video or photos for editingNo (processed locally by default)
Photo Library (where applicable)Reading media you select; saving edited results backNo (accessed only on this device)
Speech Recognition via Apple Speech Framework (where applicable)Converting your voice commands into text to drive editing functionsDepends on Apple Speech Framework mode: on-device recognition is processed locally; otherwise Apple servers may be involved (governed by Apple's privacy policy)
Location (where applicable)Used only when location-based features or advertising compliance require itDepends on use case
Push Notifications (where applicable)Delivering completion, subscription, or campaign notificationsRouted via Apple Push Notification Service

3.3 Device and Log Information (where applicable)

Collected only when relevant SDKs or diagnostic features are integrated, including but not limited to: device model, OS version, language and time zone, App version, crash stack traces, performance metrics, and approximate IP address. Such data is used for diagnostics, stability, and security, and is not used to identify you personally.

3.4 Advertising Data (where applicable)

Where the App displays ads, the following data may be processed. We obtain your explicit consent through Apple's App Tracking Transparency (ATT) framework before any tracking begins.

  • Identifier for Advertisers (IDFA), only if you allow tracking via the ATT prompt;
  • Ad interaction data (impressions, clicks, install attribution);
  • Coarse device information (model, OS version, language, approximate IP);
  • Approximate location (coarse, typically inferred from IP; no precise GPS coordinates), where applicable;
  • Non-identifying identifiers generated by ad SDKs.

If you decline the ATT prompt, the App will continue to function and you will see non-personalized ads.

3.5 Third-Party Content Services (where applicable)

The App may call public-domain content services (e.g., Pexels, Pixabay) to display stock videos or images. Only minimal query parameters (such as keywords, pagination, or orientation) are sent to those services. We do not upload your personal content, media files, or identifiable information to these services. Their handling of any data is governed by their own privacy policies.

3.6 Local Persistence (does not leave your device)

To enable project management, favorites, history, blocked lists, and preferences, the App stores data locally on your device using UserDefaults and the file system. Such data is not uploaded to our servers by default and can be deleted by uninstalling the App or using in-App clear options.

4. How We Use Information

  • To provide and maintain App features and services;
  • To respond to your requests, feedback, or reports;
  • To diagnose issues and improve performance and stability;
  • To prevent fraud, abuse, and security incidents;
  • To comply with applicable laws or lawful requests from public authorities;
  • To deliver and measure advertising within the scope of your consent;
  • To deliver and renew in-App purchases and subscriptions (where applicable).

5. Third-Party SDKs and Services

The following is a list of third-party components that may be used. Whether a particular App actually integrates a given service is reflected in that App's "About" page or App Store privacy details. Each third party is responsible for its own data processing; please review their policies as well.

5.1 Apple Platform Services

  • Apple App Tracking Transparency (ATT);
  • Apple Speech Framework (where applicable);
  • PhotoKit / PhotosPicker (where applicable);
  • Apple App Analytics (where enabled);
  • Apple Push Notification Service (APNs) (where applicable);
  • Sign in with Apple (where applicable);
  • iCloud (where applicable);
  • StoreKit for in-App purchases and subscriptions (where applicable);
  • Apple Search Ads Attribution (where applicable).

5.2 Advertising SDKs (where applicable)

Advertising SDKs may process IDFA, device information, ad interactions, and approximate location for ad delivery and frequency capping. The exact data scope and retention periods are governed by each vendor's policy.

5.3 Analytics and Crash Diagnostics (where applicable)

5.4 Third-Party Content Sources (where applicable)

6. App Tracking Transparency (ATT)

The first time the App needs to use IDFA for cross-app tracking, iOS will display a system-level ATT prompt for you to make a free choice.

  • If you "Allow Tracking", we and our advertising partners may use IDFA to deliver personalized ads and measure attribution;
  • If you "Ask App Not to Track", the App remains fully functional, you will receive non-personalized ads, and we will not track you across apps via IDFA;
  • You may withdraw or grant this permission at any time in iOS Settings > Privacy & Security > Tracking.

7. Cookies and Similar Technologies

iOS apps do not use browser cookies. We may use UserDefaults, Keychain, the file system, and SDK-managed local caches to store preferences, recognize sessions, deduplicate ad displays, and count App launches. Such local storage is not shared across apps and can be cleared by uninstalling the App.

8. Sharing and Disclosure

We do not sell your personal information. We share or disclose information only:

  • With your explicit consent;
  • With the service providers listed in Section 5, on a minimum-necessary basis;
  • To comply with applicable laws, court orders, administrative orders, or other lawful requests;
  • To protect the rights, property, or safety of us, our users, or the public;
  • In connection with a merger, acquisition, or asset transfer, in which case we will provide prominent notice.

9. International Data Transfers

Because we and our service providers may operate servers in mainland China, the United States, the European Union, or other jurisdictions, your data may be transferred and processed outside your country of residence. We ensure equivalent protection through:

  • For EU/UK users: reliance on the EU Standard Contractual Clauses (SCCs), the UK IDTA, or other recognized lawful mechanisms;
  • For mainland China users: where Article 38 of the Personal Information Protection Law applies, fulfillment of the corresponding consent, impact assessment, and filing/certification obligations;
  • Selecting partners that maintain comparable data protection standards and binding them through contractual obligations.

10. Data Retention and Deletion

  • Local data on your device: retained until you uninstall the App or actively clear it;
  • Email content you send to us: retained for as long as reasonably necessary to address the matter, generally no more than 24 months unless required otherwise by law;
  • Data collected by third-party SDKs: retained according to each vendor's policy;
  • Where a longer retention period is required by law, that period applies.

11. Your Rights

Subject to applicable law, you have the following rights:

  • Right to be informed and to access;
  • Right to rectification;
  • Right to erasure (the "right to be forgotten");
  • Right to restrict and object to processing;
  • Right to withdraw consent (without affecting prior lawful processing);
  • Right to data portability;
  • Right not to be subject to solely automated decision-making;
  • Right to lodge a complaint with a supervisory authority.

To exercise these rights, please email report@happymilk.ltd. We will respond within 30 days of receiving your request; where extension is genuinely necessary, we will inform you in writing within that period.

12. Children's and Minors' Privacy

The App is not directed to children under 13, in accordance with the U.S. Children's Online Privacy Protection Act (COPPA). It is also not directed to minors under 14, in accordance with the Law of the People's Republic of China on the Protection of Minors and related rules. We do not knowingly collect personal information from such individuals. If you are a parent or guardian and believe such an individual has provided us with personal information without your consent, please contact us at report@happymilk.ltd and we will delete it promptly upon verification.

For any App listed under Apple's "Kids Category" (where applicable), we additionally comply with Apple's special requirements, including not integrating third-party tracking-based advertising, not collecting behavioral analytics, and restricting external links and purchase flows.

13. Security

  • Network communication between the client, our servers, and SDK endpoints uses HTTPS/TLS encryption;
  • We collect and retain data on a minimum-necessary basis;
  • Internal access is controlled and audited;
  • We periodically assess security risks and respond to vulnerability disclosures.

Note that no Internet transmission can be guaranteed 100% secure. In the event of a security incident, we will notify affected users and regulators in accordance with applicable law.

14. Changes to This Policy

We may update this Policy from time to time to reflect legal, product, or compliance changes. Material changes will be communicated through in-App notices, website announcements, or other contact channels you have provided; non-material changes will be reflected by updating the "Last Updated" date at the top of this page. Your continued use of the App constitutes acceptance of the updated Policy.

15. Governing Law and Jurisdiction-Specific Rights

This Policy is governed by the laws of your country or region of residence. The following provisions supplement, but do not replace, the rest of this Policy for users in specific jurisdictions:

  • EU / UK users (GDPR / UK GDPR): You have the rights set forth in Articles 15–22 GDPR, including access, rectification, erasure, restriction, portability, objection, and not being subject to automated decision-making. You also have the right to lodge a complaint with the supervisory authority in your member state. Our legal bases for processing include contractual necessity, legitimate interests, legal obligations, and your consent (where applicable).
  • California users (CCPA / CPRA): You have the rights to know, access, correct, delete, and limit the use of sensitive personal information, as well as the right to opt out of the "sale" or "sharing" of personal information ("Do Not Sell or Share My Personal Information"). We do not currently sell your personal information. To exercise your rights, please email report@happymilk.ltd.
  • Mainland China users: This Policy follows the Personal Information Protection Law, the Data Security Law, the Cybersecurity Law, and related rules. Where the processing involves sensitive personal information (such as location, where necessary) or cross-border data transfer, we will obtain your separate consent or complete the corresponding statutory procedures.

16. Contact and Complaints

If you have any question, complaint, or suggestion regarding this Policy, please contact us:

We will respond to your request within 30 days. If you believe our response does not adequately address your concern, you have the right to lodge a complaint with the competent supervisory authority or seek judicial remedies in a court of competent jurisdiction.

↓ 查看中文版

隐私政策(中文版)

最后更新日期:2026 年 4 月 29 日
生效日期:2026 年 4 月 29 日
适用主体:CHUNBINGTANG(春冰糖)/ HappyMilk Ltd(以下简称"我们")
适用范围:本政策适用于由我们开发并通过 Apple App Store 发布的全部 iOS 应用程序(以下简称"本应用"),以及我们的官方网站 https://chunbingtang.com

1. 关于本政策

我们尊重并依法保护您的个人信息。本政策旨在以清晰的方式向您说明:我们会收集哪些信息、如何使用与保护这些信息、以及您依法享有的权利。

本政策为通用模板,适用于我们旗下多款 App。具体到您正在使用的某一款 App,本政策中标注"如适用"的条款仅在该 App 实际涉及相应功能或第三方服务时生效。如该 App 未集成相关功能或 SDK,则对应条款不适用。

如本政策与某一 App 内的补充政策存在不一致,以该补充政策针对相应功能的特别说明为准;其他事项仍以本政策为准。

2. 我们是谁,如何联系我们

  • 开发者主体:CHUNBINGTANG(春冰糖)/ HappyMilk Ltd
  • 官方网站:https://chunbingtang.com
  • 统一联系邮箱:report@happymilk.ltd
  • 邮寄地址:{{POSTAL_ADDRESS}}
  • 数据保护联系人:{{DPO_CONTACT}}(默认通过上述邮箱联系)

就本政策、个人信息处理或您行使法定权利的任何问题,请通过上述邮箱与我们联系。

3. 我们收集哪些信息

我们仅在为您提供功能、保障安全、履行法律义务及在您同意范围内开展业务所必需时,才会收集相应信息。我们坚持最小必要原则

3.1 您主动提供的内容

信息类型是否离开设备用途是否与身份关联是否用于追踪
您在本应用内创建、编辑、导入或选择的媒体文件(视频、图片、音频)否(默认仅保存在本机;除非您主动选择导出、分享或上传)提供编辑、保存、播放等核心功能
文本输入(项目名称、注释、举报描述等)否(默认仅保存在本机)提供功能;处理用户主动发起的反馈或举报
您主动通过 MFMailCompose 等系统组件发起的邮件内容(如适用)是(邮件由您本人邮件账户发出至我们或您指定的收件人)响应反馈、处理举报与申诉仅在您邮件中提供的范围内

3.2 设备权限相关信息

本应用仅在向您明确请求并获得授权后调用以下权限。您可随时在 iOS"设置"中关闭授权。

权限用途是否离开设备
麦克风(如适用)录制语音命令或音频内容否(默认本地处理)
相机(如适用)拍摄视频或照片以供编辑否(默认本地处理)
相册 / 照片库(如适用)读取您选择的媒体;将编辑结果保存回相册否(仅在本设备内访问)
语音识别(如适用,基于 Apple Speech Framework)将您发出的语音命令转为文字以驱动编辑功能取决于 Apple Speech Framework 的处理模式;如启用设备端识别则本地完成,否则可能由 Apple 服务器处理(受 Apple 隐私政策约束)
位置信息(如适用)仅在涉及定位类功能或广告合规要求时使用视具体场景而定
通知(如适用)向您推送任务完成、订阅、活动等通知由 Apple Push Notification Service 转发

3.3 设备与日志信息(如适用)

仅在我们集成相应 SDK 或诊断功能时收集,包括但不限于:设备型号、操作系统版本、语言与时区、应用版本、崩溃堆栈、性能指标、近似 IP 地址。该等信息用于诊断故障、改进稳定性与安全防护,不用于识别您的真实身份。

3.4 广告相关信息(如适用)

当本应用展示广告时,可能涉及以下数据处理。我们会通过 Apple App Tracking Transparency(ATT)框架在追踪发生前征得您的明确同意。

  • 广告标识符(IDFA)—— 仅在您通过 ATT 弹窗同意"允许追踪"后获取;
  • 广告交互数据(曝光、点击、安装归因等);
  • 设备粗粒度信息(设备型号、操作系统版本、语言、近似 IP);
  • 近似位置(粗粒度,通常基于 IP,不获取精确 GPS 坐标),如适用;
  • 由广告 SDK 自行生成的非身份化标识符。

如您拒绝 ATT 追踪请求,本应用仍可正常使用,您将看到非个性化广告。

3.5 第三方内容服务返回的素材(如适用)

本应用可能调用第三方公开素材服务(如 Pexels、Pixabay 等)以向您展示公共图库视频或图片。该类调用仅向第三方发送必要的查询参数(如关键词、分页、内容方向);我们不会向其上传您的个人内容、媒体文件或可识别身份的信息。第三方对其服务的数据处理遵循其自身隐私政策。

3.6 本地持久化数据(不离开设备)

为提供项目管理、收藏、历史记录、屏蔽列表、偏好设置等功能,本应用会通过 UserDefaults 与本地文件系统在您的设备上存储相应数据。该等数据默认不会上传至我们的服务器,您可通过卸载本应用或在应用内执行清除操作将其删除。

4. 我们如何使用这些信息

  • 提供并维护本应用的功能与服务;
  • 响应您的请求、反馈或举报;
  • 诊断故障、改善性能与稳定性;
  • 防范欺诈、滥用、违规及保障网络安全;
  • 履行法律法规要求或配合行政、司法机关的合法要求;
  • 在您同意的范围内展示广告并衡量广告效果;
  • 对涉及内购、订阅的功能进行交付与续期管理(如适用)。

5. 第三方 SDK 与服务

下列服务为本应用可能使用的第三方组件清单。具体到某一 App,是否实际集成请参见该 App 的"关于"页面或 App Store 隐私详情。每项服务由相应第三方负责其数据处理,建议您一并查阅其隐私政策。

5.1 Apple 平台服务

  • Apple App Tracking Transparency(ATT)—— 用于在启用追踪前征得同意;
  • Apple Speech Framework —— 用于语音识别(如适用);
  • PhotoKit / PhotosPicker —— 用于访问您选择的照片或视频(如适用);
  • Apple App Analytics —— Apple 提供的匿名化使用情况统计(如启用);
  • Apple Push Notification Service(APNs)—— 用于消息推送(如适用);
  • Apple Sign In —— 用于第三方登录(如适用);
  • iCloud —— 用于跨设备同步(如适用);
  • StoreKit —— 用于内购与订阅(如适用);
  • Apple Search Ads Attribution —— 用于广告归因(如适用)。

5.2 广告 SDK(如适用)

广告 SDK 可能处理 IDFA、设备信息、广告交互、近似位置等数据用于广告投放与频次控制。具体数据范围及保留期请以各 SDK 厂商政策为准。

5.3 分析与崩溃诊断(如适用)

5.4 第三方内容来源(如适用)

6. App Tracking Transparency(ATT)说明

当本应用首次需要使用 IDFA 进行跨应用追踪时,iOS 会弹出系统级 ATT 提示框,由您自主选择是否"允许追踪"。

  • 若您选择"允许":我们及合作的广告 SDK 可使用 IDFA 提供个性化广告与归因衡量;
  • 若您选择"要求 App 不追踪":本应用仍可正常使用,您将看到的是非个性化广告,且我们不会通过 IDFA 跨应用追踪您;
  • 您可随时在"iOS 设置 > 隐私与安全 > 追踪"中撤回或重新授予该权限。

7. Cookie 与类似技术

iOS 应用本身不使用浏览器 Cookie。我们可能在本设备使用 UserDefaults、Keychain、文件系统、SDK 自身缓存等本地存储手段,用途包括:保存您的偏好、识别会话、记录已展示广告以避免重复、统计应用打开次数等。该等本地存储不会跨应用共享,您可通过卸载本应用予以清除。

8. 数据共享与披露

我们不会出售您的个人信息。仅在以下情形下我们才会共享或披露相关信息:

  • 取得您的明确同意;
  • 与本政策"第三方 SDK 与服务"一节列示的服务提供方共享必要的最小数据;
  • 为履行法律法规、法院命令、行政命令或其他合法要求;
  • 为保护我们、用户或公众的合法权利、财产与安全;
  • 因业务合并、收购或资产转让而发生主体变更,届时我们将以显著方式通知您。

9. 数据跨境传输

由于我们及合作的第三方服务商可能在中国大陆、美国、欧盟或其他国家与地区运营服务器,您的部分数据可能被传输至您所在国家以外的地区进行存储或处理。我们将通过以下方式确保其受到与本政策同等水平的保护:

  • 对欧盟/英国用户:依赖欧盟标准合同条款(SCC)、英国 IDTA 或其他经认可的合法机制;
  • 对中国大陆用户:在适用《个人信息保护法》第 38 条所规定的出境情形时,履行相应的同意获取、影响评估与备案/认证义务;
  • 选择具备同等数据保护水平的合作伙伴,并在合同中明确数据保护义务。

10. 数据保留与删除

  • 本设备本地数据:保留至您卸载本应用或在应用内主动清除为止;
  • 您主动发送给我们的邮件内容:在解决您所提出事项所必需的合理期限内保留,一般不超过 24 个月,法律另有要求的除外;
  • 第三方 SDK 自行收集的数据:保留期限以相应厂商政策为准;
  • 法律法规要求保留期限更长的,按法律法规规定执行。

11. 您的权利

在适用法律允许的范围内,您享有以下权利:

  • 知情权与访问权;
  • 更正权;
  • 删除权(包括"被遗忘权");
  • 限制处理与反对处理的权利;
  • 撤回同意的权利(不影响撤回前已进行处理的合法性);
  • 数据可携带权;
  • 不受仅基于自动化决策结果约束的权利;
  • 向监管机构投诉的权利。

如需行使上述权利,请发送邮件至 report@happymilk.ltd。我们将在收到请求后30 日内予以回复;如确有特殊情形需要延期,将在该期限内书面告知您原因。

12. 儿童与未成年人隐私

本应用不面向 13 岁以下儿童,遵循美国《儿童在线隐私保护法》(COPPA);同时不面向 14 岁以下未成年人,遵循《中华人民共和国未成年人保护法》及相关规定。我们不会有意收集上述群体的个人信息。如您是上述群体的监护人,发现相关人员未经您同意向我们提供了个人信息,请通过 report@happymilk.ltd 与我们联系,我们将在核实后立即删除

对于在 Apple App Store 上线时归类为"儿童类(Kids Category)"的 App(如适用),我们将额外遵守 Apple 关于儿童类 App 的特别要求,包括但不限于:不集成第三方追踪型广告、不收集行为分析数据、对外部链接与购买行为加以限制。

13. 安全保障措施

  • 客户端与服务器及 SDK 端的网络通信使用 HTTPS / TLS 加密;
  • 遵循最小必要原则收集与保留数据;
  • 对内部访问采取权限控制与审计;
  • 定期评估安全风险并响应漏洞披露。

请注意,互联网传输无法保证 100% 安全。在不可避免的安全事件发生时,我们将依照适用法律及时通知受影响用户与监管机构。

14. 政策变更与通知

我们可能根据法律变化、产品迭代或合规需要不时更新本政策。重大变更将通过应用内提示、官网公告或您预留的联系方式通知您;非重大变更我们将通过更新页顶"最后更新日期"予以体现。继续使用本应用即视为您接受更新后的政策。

15. 适用法律与特别权利

本政策的解释与执行适用您所在国家或地区的法律。下列条款为针对特定司法辖区用户的补充说明:

  • 欧盟 / 英国(GDPR / UK GDPR)用户:您享有 GDPR 第 15–22 条规定的全部权利,包括访问、更正、删除、限制、可携带、反对及不受自动化决策约束的权利;您亦有权向您所在成员国的数据保护监管机构投诉。我们处理您个人数据的法律基础包括合同必要性、合法利益、法律义务及您的同意(如适用)。
  • 美国加州(CCPA / CPRA)用户:您享有知情、访问、更正、删除及限制使用敏感个人信息的权利,您有权对个人信息的"出售"或"分享"行使拒绝权。我们目前不出售您的个人信息。如需行使上述权利,请发送邮件至 report@happymilk.ltd
  • 中华人民共和国大陆用户:本政策遵循《个人信息保护法》《数据安全法》《网络安全法》及相关规定。涉及敏感个人信息处理或数据出境的,我们将单独取得您的同意或履行相应法定程序。

16. 联系方式与投诉渠道

如对本政策有任何疑问、投诉或建议,请通过以下方式联系我们:

我们将在收到您的请求后 30 日内回复。如您认为我们的处理未能满足您的合理诉求,您有权向所在地有管辖权的监管机构投诉,或通过有管辖权的司法机关寻求救济。

↑ Back to English

© CHUNBINGTANG / HappyMilk Ltd. All rights reserved. · Terms of Service · chunbingtang.com