NICEIBB 隱私政策
(2025年3月4日修訂版)

引言

NICEIBB 嚴格遵循《個人信息保護法》及相關法律法規,秉承數據最小化、透明化、安全可控的核心原則,致力於通過以下隱私保護機制保障您的權益:

  1. 安全可控:採用TLS/SSL加密、匿名化處理等先進技術,建立全生命週期數據安全管理體系。
  2. 自主決策:提供個人信息訪問、更正、刪除及授權撤回功能,保障您對數據的控制權。
  3. 通信保密:依法採用端到端加密技術保護通信內容,未經法定程序不向第三方披露通信記錄。
  4. 最小必要:僅收集與實現服務直接相關且必需的資訊,拒絕非必要數據採集。
  5. 透明可溯:通過分級分類說明、流程圖解等形式,清晰披露數據處理邏輯與用途。
  6. 隱私設計(PbD):在產品研發各環節實施隱私影響評估(PIA),通過默認隱私保護(Privacy by Default)降低風險。

信息收集範圍

  1. 您主動提供的資訊
    身份標識:註冊ID帳號時提交的暱稱、手機號碼。
    內容數據:用戶主頁上傳的頭像、分享的圖文/影片內容。
    交互資訊:參與客服諮詢、線上活動時填寫的問卷(可能含姓名、聯繫方式等)。
  2. 服務使用中自動獲取的資訊
    關聯資訊:其他用戶分享內容中涉及您的肖像、行為數據(經脫敏處理)。
    第三方數據:通過合作方獲取的授權登錄記錄(如第三方服務名稱、登錄時間),以統一管理跨平臺授權。

敏感資訊特別條款
如需收集生物識別、精準定位等敏感資訊,我們將通過單獨彈窗授權獲取明示同意。您有權拒絕提供,該選擇僅影響關聯功能,不限制其他服務使用。

資訊使用目的

  1. 基礎服務:帳戶身份核驗、通信功能維護、交易安全驗證。
  2. 個性化服務:語言/地區偏好設定、定制化內容推薦。
  3. 產品優化:基於系統故障日誌分析提升穩定性,通過用戶行為研究改進交互設計。
  4. 合規義務:依法配合司法機關調查、履行內容安全審核責任。

Cookie與追蹤技術

  1. 功能實現:通過安全Cookie及同類技術實現登錄狀態保持、反作弊機制。
  2. 數據分析:與可信第三方合作(如Google Analytics)進行流量統計,數據均經匿名化處理。
  3. 自主管理:您可通過瀏覽器設定限制或清除Cookie,但可能影響部分核心功能體驗。

您的數據權利

  1. 訪問與更正:通過「帳戶設定-隱私中心」查閱、修改個人資訊。
  2. 刪除與撤回:對非必要留存數據可線上提交刪除申請(3個工作日內處理)。
  3. 投訴與救濟:發現資訊處理違規行為,可郵件至hi@niceibb.com申訴,我們將啟動15日響應機制

身份驗證要求:為保障帳戶安全,敏感操作需通過雙重認證(簡訊+人臉辨識)。

安全防護體系

  1. 技術措施:分佈式防火牆、即時入侵檢測、數據加密存儲(AES-256)。
  2. 管理機制:執行最小權限訪問原則,定期審計員工數據操作日誌。
  3. 應急響應:若發生數據外洩,將在72小時內通過站內信與郵件通知受影響用戶,並向監管機構報備。

未成年人特別條款

  1. 嚴格禁止:未滿18週歲者不得註冊或使用本平臺任何服務。
  2. 監護人權利:疑似未成年帳戶將被凍結並啟動人工核查,監護人可憑法定證明文件要求註銷帳戶。

政策適用範圍與更新

  1. 管轄範圍:本政策適用於niceibb.com及官方客戶端,第三方服務需遵循其獨立隱私條款。
  2. 衝突解決:特定服務(如支付功能)的專項隱私聲明優先於本政策通用條款。
  3. 修訂通知:實質性權利變更將提前30日通過彈窗公告與郵件推送告知,繼續使用視為接受新條款。

NICEIBB 隱私保護委員會
2025年3月4日

NICEIBB Privacy Policy
(Revised Version: March 4, 2025)

Introduction

NICEIBB strictly adheres to the Personal Information Protection Law and relevant regulations, upholding the core principles of data minimization, transparency, and security control to safeguard your rights through the following mechanisms:

  1. Security Control: Implements TLS/SSL encryption, anonymization, and a full lifecycle data security management system.
  2. Autonomy: Provides access, correction, deletion, and authorization revocation for personal data.
  3. Communication Confidentiality: Legally protects communication content with end-to-end encryption; no disclosure to third parties without legal due process.
  4. Data Minimization: Collects only information directly necessary for service delivery.
  5. Transparency: Clearly discloses data processing practices through categorized explanations and visual diagrams.
  6. Privacy by Design: Conducts Privacy Impact Assessments (PIA) during product development and enforces Privacy by Default.

Scope of Data Collection

  1. Information You Provide
    Identity: Nickname, mobile number during account registration.
    Content: Profile photos, shared images/videos on user pages.
    Interaction: Survey responses (e.g., name, contact details) from customer service or events.
  2. Automatically Collected Information
    Associated Data: Your presence in other users' shared content (anonymized).
    Third-Party Data: Records from authorized logins (e.g., service name, login time) for cross-platform management.

Sensitive Data Clause
Collection of biometrics or precise location requires explicit consent via pop-up authorization. You may refuse, which only affects related features.

Purpose of Data Use

  1. Core Services: Account verification, communication maintenance, transaction security.
  2. Personalization: Language/region preferences, customized content recommendations.
  3. Product Optimization: Stability improvements via system log analysis, UX enhancements based on user behavior.
  4. Legal Compliance: Responding to judicial investigations and content moderation obligations.

Cookies and Tracking Technologies

  1. Functionality: Maintains login status and anti-fraud mechanisms via secure cookies.
  2. Analytics: Collaborates with trusted third parties (e.g., Google Analytics) for anonymized traffic analysis.
  3. Control: You may restrict or clear cookies via browser settings, but core features may be affected.

Your Data Rights

  1. Access & Correction: Manage data via Account Settings > Privacy Center.
  2. Deletion & Withdrawal: Submit deletion requests for non-essential data (processed within 3 business days).
  3. Complaints: Report violations to hi@niceibb.com; we will respond within 15 business days.

Authentication: Sensitive operations require two-factor verification (SMS + facial recognition).

Security Measures

  1. Technology: Distributed firewalls, real-time intrusion detection, AES-256 encrypted storage.
  2. Management: Principle of least privilege access, regular audit logs.
  3. Incident Response: Data breach notifications via in-app messages and emails within 72 hours, with regulatory reporting.

Minor Protection

  1. Strict Prohibition: Users under 18 are prohibited from accessing services.
  2. Guardian Rights: Suspected minor accounts are frozen for verification; guardians may request deletion with legal proof.

Scope and Updates

  1. Jurisdiction: Applies to niceibb.com and official apps; third-party services have independent policies.
  2. Conflict Resolution: Service-specific privacy notices (e.g., payments) override general terms.
  3. Revisions: Material changes are announced via pop-ups and emails 30 days prior; continued use implies acceptance.

NICEIBB Privacy Protection Committee
March 4, 2025