隐私政策

Privacy Policy

生效日期 / Effective Date: 2026-03-08  |  版本 / Version: 2.0

1. 信息收集 / Information Collection

我们需要收集您的某些信息以提供服务,包括:

  • 账户信息: 您的电子邮箱地址、密码(bcrypt 加密存储)、昵称。
  • 使用数据: 学习进度、测验成绩、收听历史、收藏记录。
  • 儿童信息: 为了提供个性化学习体验,我们仅收集必要的儿童昵称和年龄段信息(由家长提供并授权)。
  • 设备信息: 浏览器类型、语言偏好、访问时间戳(仅用于安全审计)。

We collect certain information to provide our services, including:

  • Account Information: Your email address, password (bcrypt-encrypted), and nickname.
  • Usage Data: Learning progress, quiz scores, listening history, and favorites.
  • Children's Information: To provide personalized learning, we only collect indispensable child nicknames and age bands (provided and authorized by parents).
  • Device Information: Browser type, language preference, access timestamps (for security audit only).

2. 信息使用 / How We Use Information

我们使用收集的信息来:

  • 提供、维护和改进我们的服务。
  • 向家长发送孩子的学习周报(如已订阅)。
  • 处理订阅和付款。
  • 发送服务通知和更新。
  • 进行安全审计和防范欺诈。

We use the collected information to:

  • Provide, maintain, and improve our services.
  • Send weekly learning reports to parents (if subscribed).
  • Process subscriptions and payments.
  • Send service notifications and updates.
  • Conduct security audits and fraud prevention.

3. 信息共享与第三方服务 / Information Sharing & Third-Party Services

我们承诺保护您的隐私。我们绝不出售您的个人信息。我们仅在以下情况共享信息:

  • Stripe: 支付处理,仅传输必要的交易信息。
  • Resend: 邮件服务,用于会员验证和周报发送。
  • Cloudflare R2/CDN: 内容分发,不传输个人信息。
  • 法律要求: 在法律要求或为了保护我们权利的情况下。

We are committed to protecting your privacy. We never sell your personal information. We only share information in the following circumstances:

  • Stripe: Payment processing — only necessary transaction data is shared.
  • Resend: Email service for account verification and weekly reports.
  • Cloudflare R2/CDN: Content delivery — no personal data is transmitted.
  • Legal Requirements: When required by law or to protect our rights.

4. 儿童隐私保护(COPPA / GDPR-K) / Children's Privacy (COPPA / GDPR-K)

TongShiGo 致力于保护儿童隐私,并遵守美国《儿童在线隐私保护法》(COPPA) 和欧盟《通用数据保护条例》中关于儿童的条款:

  • 本服务面向家长,并在家长监督下供儿童使用。
  • 我们不会直接向 13 岁以下儿童收集个人信息。
  • 所有儿童档案信息(昵称、年龄段、偏好)均由家长提供并授权。
  • 我们遵循最小化数据原则,仅收集提供服务所必需的最低限度信息。
  • 我们不会向儿童推销广告或展示第三方广告。
  • 家长可以随时请求访问、更正或删除其孩子的个人信息。

TongShiGo is committed to children's privacy and complies with COPPA (Children's Online Privacy Protection Act) and GDPR provisions for children:

  • Our services are directed to parents and intended for use by children under parental supervision.
  • We do not directly collect personal information from children under 13.
  • All child profile data (nickname, age band, preferences) is provided and authorized by parents.
  • We follow data minimization principles, collecting only the minimum necessary information.
  • We do not market to children or display third-party advertising.
  • Parents may request access to, correction of, or deletion of their child's personal information at any time.

5. 数据删除与账户注销 / Data Deletion & Account Closure

您有权随时请求删除您的个人数据:

  • 家长可通过家长中心移除孩子档案,使其不再出现在日常学习流程中。
  • 如需永久删除关联个人数据或完全注销账户,请发送邮件至 info@tongshigo.com,我们将在 30 天内完成处理。
  • 在法律要求、争议处理或防欺诈所必需的范围内,我们可能保留有限记录;其余个人数据将被删除或匿名化。

You have the right to request deletion of your personal data at any time:

  • Parents can remove child profiles from the Parent Center so they no longer appear in everyday learning flows.
  • To permanently delete related personal data or fully close your account, email info@tongshigo.com — we will process within 30 days.
  • Where required for legal obligations, dispute handling, or fraud prevention, we may retain limited records; other personal data will be deleted or anonymized.

6. 跨境数据传输 / Cross-Border Data Transfer

TongShiGo 服务面向全球用户,您的数据可能存储和处理于以下地区:

  • 美国(Render 托管、Stripe 支付)
  • Cloudflare 全球边缘网络(内容分发)

我们确保所有跨境传输均符合适用的数据保护法律,包括标准合同条款 (SCC) 和其他适当的安全措施。

TongShiGo serves global users. Your data may be stored and processed in:

  • United States (Render hosting, Stripe payments)
  • Cloudflare global edge network (content delivery)

We ensure all cross-border transfers comply with applicable data protection laws, including Standard Contractual Clauses (SCC) and other appropriate safeguards.

7. Cookie 使用 / Cookies

我们使用必要性 Cookie(会话管理、用户偏好如语言和主题设置)。我们不使用追踪型或广告型 Cookie。您可以在浏览器中管理 Cookie 设置,但禁用 Cookie 可能会影响登录和偏好记忆功能。

We use essential cookies (session management, user preferences such as language and theme). We do not use tracking or advertising cookies. You can manage cookie settings in your browser, but disabling cookies may affect login and preference features.

8. 数据安全 / Data Security

我们采取行业标准的安全措施保护您的数据,包括:

  • 密码 bcrypt 加密存储
  • HTTPS 全站加密传输
  • CSRF 令牌防护
  • 会话安全管理与登录审计

We implement industry-standard security measures including:

  • Bcrypt password hashing
  • HTTPS encryption for all traffic
  • CSRF token protection
  • Session security management and login auditing

9. 政策变更 / Policy Changes

我们可能会不定期更新本隐私政策。重大变更将通过注册邮箱通知您。继续使用服务即表示您同意更新后的政策。

We may update this Privacy Policy periodically. Significant changes will be communicated via your registered email. Continued use of the service constitutes acceptance of the updated policy.

10. 联系我们 / Contact Us

如果您对您的隐私有任何担忧或需要行使您的数据权利,请联系我们:info@tongshigo.com

If you have any concerns about your privacy or wish to exercise your data rights, please contact us at: info@tongshigo.com

🎧