Noba — Privacy Policy / 隱私政策
Status: v1.0 — 自行修訂版本(2026-04-22),上架前由使用者最終確認。後續修訂以本服務公告為準。 Last updated / 最後更新: 2026-04-22 Effective date / 生效日期: 2026-04-22
中文版(繁體)
1. 前言
本隱私政策說明 Noba(「本服務」)如何收集、使用、儲存、分享您的個人資料。當您使用本服務時,即表示您已閱讀並理解本政策。
本政策同時適用於歐盟 GDPR、加州 CCPA/CPRA、台灣《個人資料保護法》等相關法規要求。
2. 我們收集的資料
2.1 您主動提供的資料
- 註冊資訊:Email 地址、密碼(加密儲存,我們無法取得明文)。
- 個人設定:偏好語言、學習等級、介面語言。
2.2 使用服務時自動產生的資料
- 學習記錄:
- 已完成課程、章節進度
- SRS 複習狀態(下一次複習時間、難易度指數 EF 等)
- 累計 XP、連續學習天數(streak)、hearts 數量
- 錯誤記錄(哪些題目答錯、發音弱點音素)
- 裝置與技術資訊:
- 作業系統版本(Android 版本)
- App 版本
- 裝置 ID(由 Google Play Services 或 AdMob 提供)
- 當機報告與效能記錄(匿名化)
2.3 語音資料(僅於您使用發音評分時)
- 錄音檔:當您使用發音練習或情境對話語音輸入時,錄音會傳送至 AI 模型(Google Gemini 或 OpenAI Whisper)進行評分。
- 保留期限:錄音檔於評分完成後立即刪除,最長保留不超過 30 天(僅於異常除錯時短期暫存,事後清除)。
- 我們不主動將您的錄音用於訓練 AI 模型;第三方 AI 供應商(Google Gemini、OpenAI Whisper,見第 4 節)的資料使用依其自身隱私政策,您可逕至各供應商官方頁查閱最新規範。
2.4 付費與訂閱資料
- 訂閱狀態與 tier 等級(由 RevenueCat 管理)。
- 我們不儲存您的信用卡號或支付明細,所有付款資訊由 Google Play Billing 處理。
2.5 廣告識別資料
- 若您使用免費版並觀看廣告,AdMob 會使用裝置廣告 ID(Advertising ID)提供相關服務。
- 您可於 App 設定或 Android 系統設定中關閉個人化廣告;關閉後仍會看到廣告,但不再基於您的興趣個人化。
- 關閉個人化廣告不影響您的訂閱狀態,也不影響您使用本服務的任何功能。
3. 我們如何使用您的資料
- 提供服務:驗證身分、記錄學習進度、同步多裝置資料。
- 個人化學習:根據您的錯誤記錄推薦複習項目、調整熟練度評估、產生 16 週學習預測(Tier D)。
- 改善 AI 評分:彙整發音評分結果(非錄音本身)分析模型準確度,改善判分邏輯。
- 客戶支援:回應您的客服詢問。
- 法律合規:依法令要求配合政府或司法機關調查。
- 廣告投放:於免費版中顯示廣告(Tier 付費用戶不顯示)。
4. 第三方服務與資料分享
我們使用以下第三方服務。您的部分資料會傳送至這些供應商以提供功能:
| 供應商 | 用途 | 傳送資料 | 隱私政策 |
|---|---|---|---|
| Supabase | 後端資料庫、使用者認證 | Email、學習記錄、訂閱狀態 | https://supabase.com/privacy |
| Google Gemini | AI 對話、文本評分 | 對話內容、錄音檔(即時評分後刪除) | https://policies.google.com/privacy |
| OpenAI Whisper | 語音轉文字(STT) | 錄音檔(評分後即刪除) | https://openai.com/policies/privacy-policy |
| RevenueCat | 訂閱狀態管理 | 匿名使用者 ID、訂閱事件 | https://www.revenuecat.com/privacy |
| Google Play Billing | 付款處理 | 訂閱購買事件 | https://policies.google.com/privacy |
| Google AdMob | 免費版廣告投放 | 裝置廣告 ID、粗略地理位置、App 使用情境 | https://policies.google.com/privacy |
| Google UMP | 廣告同意管理(EEA/UK 用戶) | 同意選擇偏好 | https://policies.google.com/privacy |
- 我們不販售您的個人資料(no sale of personal information under CCPA/CPRA)。
- 我們不分享您的學習記錄給廣告商進行再行銷。
- 除上述服務供應商外,僅在下列情形可能分享您的資料:
- 經您明確同意
- 依法律、法院命令、政府合法要求
- 保護本服務、使用者或第三人之權益、財產或安全
- 公司合併、收購或資產轉讓時(會另行通知您)
5. 資料儲存地點與跨境傳輸
- 主要資料儲存於 Supabase(預設區域:視 Supabase 專案配置而定,通常為美國或歐洲)(目前部署於 [Supabase 專案 region,詳見 App 設定頁])。
- 部分第三方服務可能將資料傳輸至美國或其他國家。
- 我們採用業界標準加密(TLS 1.2+)保護傳輸中資料。
- 如您位於歐盟/英國,相關資料跨境傳輸依循 GDPR 第 44-49 條(如標準契約條款 SCC)。
6. 資料保留期間
- 學習記錄:帳號使用中持續保留。
- 錄音檔:評分後立即刪除,最多 30 天。
- 客服信件:結案後保留 2 年。
- 法律或稅務記錄:依適用法令保留(如台灣稅務法令 5-7 年)。
- 帳號刪除後:於 30 天內完全清除您的個人資料(備份資料於合理週期內銷毀)。
7. 您的權利
7.1 所有使用者共通權利
- 存取權(Access):查看我們持有您的個人資料。
- 更正權(Rectification):修正不正確的資料。
- 刪除權(Erasure / Right to be forgotten):要求刪除帳號及個人資料。
- 可攜權(Data Portability):匯出學習記錄為機器可讀格式(JSON/CSV)。
- 撤回同意權:撤回您先前同意的資料處理。
行使方式:於 App「設定 → 帳號」操作,或寄信至下方聯絡 email。
7.2 GDPR 專屬權利(歐盟/英國/EEA 用戶)
- 反對權(Object):反對基於合法利益的資料處理。
- 限制處理權(Restriction):要求暫時停止處理您的資料。
- 不受自動化決策拘束:本服務的學習推薦、熟練度評估、發音診斷使用自動化演算法協助個人化,但不會對您產生法律效力或重大影響(GDPR Art 22 意義下)。
- 向監管機關申訴:您可向所在國資料保護主管機關申訴(如英國 ICO、德國 BfDI)。
7.3 CCPA/CPRA 專屬權利(加州用戶)
- 知情權:要求揭露我們過去 12 個月收集、使用、分享您個人資料的類別。
- 刪除權:要求刪除個人資料(部分法律要求保留者除外)。
- 不受歧視權:行使隱私權不會導致您在本服務中受到差別待遇。
- 選擇退出販售/分享:我們不販售個人資料,故無此情境;但您可關閉個人化廣告。
- 限制敏感個資使用:您可要求限制我們使用敏感個資的目的。
7.4 台灣《個資法》權利
依台灣《個人資料保護法》第 3 條(當事人權利)、第 10 條(停止蒐集處理利用)、第 11 條(更正補充),您享有查詢、閱覽、製給複本、補充或更正、停止蒐集處理利用、刪除之權利,並得書面通知本服務行使。
8. Cookie 與追蹤技術
- 本 App 為原生行動應用程式,不使用傳統 HTTP Cookie。
- 使用 Android AdvertisingId 提供廣告服務;您可於 Android「設定 → Google → 廣告」重設或關閉個人化廣告。
- AdMob 可能於您同意後存取粗略地理位置以提供地區相關廣告。歐盟/英國/EEA 用戶首次啟動時會顯示 UMP 同意彈窗。
9. 兒童隱私(COPPA / 13 歲以下)
- 本服務非刻意針對 13 歲以下兒童設計。
- 若發現我們在未經可驗證的家長同意下收集了 13 歲以下兒童的個人資料,將立即刪除。
- 家長若發現子女未經同意使用本服務,請聯繫我們刪除相關資料。
- 13-18 歲用戶須由家長/法定監護人同意本政策與服務條款後方可使用。
10. 資料安全
我們採取以下措施保護您的資料:
- 傳輸加密(TLS 1.2+)
- 資料庫靜態加密(由 Supabase 提供)
- 密碼使用單向雜湊(bcrypt 或等同強度演算法)
- 存取控制(Row-Level Security)
- 定期備份與災難復原計畫
然而,沒有任何網路或儲存系統能保證 100% 安全。如發生資料外洩事件,我們將依適用法令於知悉後 72 小時內通知受影響使用者與主管機關。
11. 政策修改
- 本政策得隨時修訂。
- 重大變更(如新增第三方分享、變更資料用途)將於生效前至少 30 天以 App 內公告或 Email 通知您。
- 繼續使用本服務視為接受修訂後政策。
12. 聯絡方式
如您對本政策有疑問,或欲行使個資權利:
- Email: support@jollylife.net
- 資料保護負責人(DPO, 如適用): 不適用(個人開發者,規模未達 GDPR Art 37 強制要求)
- 營運者: 獨立開發者 Wei-Chieh Huang(商家品牌:Jollylife)
- 地址: 台灣(Taiwan, R.O.C.)
English Version
1. Introduction
This Privacy Policy explains how Noba (the "Service") collects, uses, stores, and shares your personal data. By using the Service, you acknowledge that you have read and understood this policy.
This policy is designed to comply with GDPR (EU), CCPA/CPRA (California), Taiwan's Personal Data Protection Act, and other applicable regulations.
2. Data We Collect
2.1 Data You Provide
- Registration: Email address, password (stored as a one-way hash; we cannot retrieve the plaintext).
- Preferences: Target language, learning level, interface language.
2.2 Data Generated Automatically
- Learning records:
- Completed lessons, lesson progress
- SRS review state (next-review time, ease factor)
- Accumulated XP, streak, hearts
- Error logs (incorrect answers, pronunciation weaknesses by phoneme)
- Device and technical info:
- OS version (Android)
- App version
- Device identifier (from Google Play Services or AdMob)
- Anonymized crash reports and performance logs
2.3 Audio Data (only when using pronunciation features)
- Voice recordings: When you use pronunciation practice or voice input for scenario chat, audio is sent to AI models (Google Gemini or OpenAI Whisper) for scoring.
- Retention: Recordings are deleted immediately after scoring, with a maximum retention of 30 days for debugging exceptional errors only.
- We do NOT proactively use your recordings to train AI models. Data use by third-party AI providers (Google Gemini, OpenAI Whisper — see Section 4) is governed by their own privacy policies; please refer to each provider's official pages for the latest terms.
2.4 Subscription Data
- Subscription status and tier (managed by RevenueCat).
- We do NOT store your credit card number or payment details; all payment data is handled by Google Play Billing.
2.5 Advertising Identifiers
- For free-tier users viewing ads, AdMob uses the device Advertising ID.
- You can opt out of personalized ads in the app settings or Android system settings. You will still see ads, but they will not be based on your interests.
- Opting out of personalized ads will not affect your subscription status or any feature of the Service.
3. How We Use Your Data
- Service provision: Authentication, progress tracking, multi-device sync.
- Personalized learning: Recommend review items based on error logs, adjust mastery estimates, generate 16-week projections (Tier D).
- AI scoring improvement: Aggregate scoring outcomes (not the raw recordings) to analyze model accuracy.
- Customer support: Respond to your inquiries.
- Legal compliance: Cooperate with lawful government or judicial requests.
- Advertising: Display ads in the free tier (paid tiers see no ads).
4. Third-Party Services and Data Sharing
We use the following third-party services. Some of your data is transmitted to these providers:
| Provider | Purpose | Data Sent | Privacy Policy |
|---|---|---|---|
| Supabase | Backend database, authentication | Email, learning records, subscription status | https://supabase.com/privacy |
| Google Gemini | AI chat, text scoring | Conversation content, audio (deleted after scoring) | https://policies.google.com/privacy |
| OpenAI Whisper | Speech-to-text (STT) | Audio (deleted after scoring) | https://openai.com/policies/privacy-policy |
| RevenueCat | Subscription management | Anonymous user ID, subscription events | https://www.revenuecat.com/privacy |
| Google Play Billing | Payment processing | Purchase events | https://policies.google.com/privacy |
| Google AdMob | Free-tier ads | Advertising ID, coarse location, app context | https://policies.google.com/privacy |
| Google UMP | Ad consent management (EEA/UK) | Consent preferences | https://policies.google.com/privacy |
- We do NOT sell your personal data (no sale under CCPA/CPRA).
- We do NOT share learning records with advertisers for retargeting.
- We may share data only: (a) with your explicit consent; (b) when legally required; (c) to protect rights, property, or safety; (d) in mergers/acquisitions (with notice).
5. Data Storage and Cross-Border Transfers
- Primary data is stored in Supabase (region depends on project configuration, typically US or EU) (currently deployed in [Supabase project region — see in-app Settings]).
- Some third-party services may transfer data to the United States or other countries.
- We use industry-standard encryption (TLS 1.2+) for data in transit.
- For EU/UK users, cross-border transfers comply with GDPR Articles 44–49 (e.g., Standard Contractual Clauses).
6. Data Retention
- Learning records: Retained while your account is active.
- Audio recordings: Deleted immediately after scoring; maximum 30 days.
- Support correspondence: Retained 2 years after case closure.
- Legal/tax records: Retained per applicable law (e.g., 5–7 years under Taiwan tax law).
- Account deletion: All personal data is fully erased within 30 days (backups destroyed within reasonable cycles).
7. Your Rights
7.1 Rights for All Users
- Access: View the personal data we hold about you.
- Rectification: Correct inaccurate data.
- Erasure / Right to be forgotten: Request account and data deletion.
- Data Portability: Export learning records in machine-readable format (JSON/CSV).
- Withdraw Consent: Revoke prior consent for data processing.
Exercise via in-app "Settings → Account" or by emailing us.
7.2 GDPR Rights (EU/UK/EEA users)
- Object: Object to processing based on legitimate interests.
- Restriction: Temporarily halt processing.
- Not subject to automated decision-making: The Service uses automated algorithms to assist with personalization in learning recommendations, mastery estimation, and pronunciation diagnostics, but these do not produce legal effects on you or similarly significantly affect you (within the meaning of GDPR Art. 22).
- Lodge a complaint: You may complain to your national data protection authority (e.g., UK ICO, Germany BfDI).
7.3 CCPA/CPRA Rights (California users)
- Right to Know: Disclosure of categories of personal data collected, used, or shared in the past 12 months.
- Right to Delete: Request deletion (subject to legal retention exceptions).
- Right to Non-Discrimination: No discriminatory treatment for exercising privacy rights.
- Right to Opt-Out of Sale/Sharing: We do not sell data, but you may disable personalized ads.
- Right to Limit Use of Sensitive Data: You may limit how we use sensitive personal info.
7.4 Taiwan PDPA Rights
Under Taiwan's Personal Data Protection Act Article 3 (data subject rights), Article 10 (cessation of collection, processing, and use), and Article 11 (correction and supplementation), you have rights to inquire, review, obtain copies, supplement, correct, suspend processing, and request deletion, and you may exercise these rights by giving us written notice.
8. Cookies and Tracking
- As a native mobile app, we do not use traditional HTTP cookies.
- We use the Android Advertising ID for ad services; you can reset or opt out via Android "Settings → Google → Ads".
- AdMob may access coarse location for region-relevant ads with your consent. EU/UK/EEA users see a UMP consent prompt on first launch.
9. Children's Privacy (COPPA / Under 13)
- The Service is not intentionally designed for children under 13.
- If we discover that we have collected data from a child under 13 without verifiable parental consent, we will delete it immediately.
- Parents who believe their child used the Service without consent should contact us for deletion.
- Users aged 13–18 must have parental/guardian consent to this policy and the Terms of Service.
10. Security
Protections we employ:
- Encryption in transit (TLS 1.2+)
- Encryption at rest (via Supabase)
- Password hashing (bcrypt or equivalent)
- Row-Level Security access controls
- Regular backups and disaster recovery
However, no system is 100% secure. In the event of a data breach, we will notify affected users and authorities within 72 hours of discovery, as required by law.
11. Policy Changes
- We may revise this policy at any time.
- Material changes (e.g., new third-party sharing, new data uses) will be announced at least 30 days in advance via in-app notice or email.
- Continued use after the effective date constitutes acceptance.
12. Contact Us
For questions about this policy or to exercise your rights:
- Email: support@jollylife.net
- Data Protection Officer (if applicable): Not applicable (independent developer; scale does not trigger mandatory DPO appointment under GDPR Art. 37)
- Operator: Independent developer Wei-Chieh Huang (trading as Jollylife)
- Address: Taiwan (R.O.C.)
End of Privacy Policy.