重點摘要
我們只收集運行服務所需的資料:帳號資訊、對話及您分享的音樂偏好。
我們絕不向任何人出售您的個人資料。
我們不以您的對話訓練 AI 模型。
您的訊息僅被發送至 AI 供應商(OpenAI、Anthropic、Google)以生成回答,均受嚴格資料協議保護。
您始終在與 AI 對話,而非真人。技術團隊僅在技術或安全需要時查閱對話,絕不用於商業目的。
您可隨時查閱、刪除資料或退出 AI 建檔,請電郵 legal-masternotes@igmusictech.com。
最低年齡為 13 歲。13 至 15 歲用戶需家長同意。家長可隨時要求刪除子女資料。
本隱私政策說明炎上音樂科技有限公司(「我們」)在您使用大師說(Masternotes)應用程式及相關服務(「服務」)時,如何處理您的個人資料——包括我們收集哪些資料、為何收集、與誰共享,以及您享有哪些權利。
1. 關於我們
炎上音樂科技有限公司(「我們」)是一家在香港特別行政區成立的科技公司,致力於為全球古典音樂社群提供數碼化解決方案。我們是大師說(Masternotes)應用程式及相關服務(「服務」)的資料控制者。本隱私政策說明我們在您使用服務時如何處理您的個人資料——包括我們收集哪些資料、為何收集、與誰共享,以及您享有哪些權利。
如有任何疑問,請電郵 legal-masternotes@igmusictech.com。最新版本政策始終可在 https://igmusictech.com/legal/masternotes-privacy/ 查閱。
2. 我們收集的資料
2.1 帳號與身份資料
當您建立帳號時,我們會收集識別您身份及個性化體驗所需的基本資料。
| 資料 | 用途 | 儲存位置 |
|---|---|---|
| 用戶 ID(UUID) | 帳號識別 | Supabase Auth |
| 電子郵件地址 | 登入及通訊 | Supabase Auth |
| 顯示名稱(選填) | 個性化設定 | Supabase Auth |
| 頭像圖片(選填) | 個人資料顯示 | Supabase Storage |
| 語言偏好 | 介面語言設定 | Supabase Auth |
| 密碼(已雜湊) | 僅用於身份驗證——我們無法查看 | Supabase Auth |
2.2 對話與訊息
我們儲存與您帳號關聯的所有對話及訊息,這是驅動對話記錄並讓 AI 提供個性化回答的基礎。
| 資料 | 說明 | 法律依據(GDPR) |
|---|---|---|
| 對話元數據 | 標題、篩選條件、時間戳記 | 合約履行 — 第 6(1)(b) 條 |
| 訊息內容 | 您的訊息及 AI 回答的完整文字 | 合約履行 — 第 6(1)(b) 條 |
| AI 引用資料 | AI 所參考的知識庫條目 | 合約履行 — 第 6(1)(b) 條 |
| 請求狀態 | 串流狀態、錯誤標誌 | 合法利益 — 第 6(1)(f) 條 |
2.3 您的音樂偏好檔案(自動化資料建檔)
注意:我們的 AI 會自動建立您的音樂偏好檔案。您有權反對此類處理,詳見下方。
在對話過程中,我們的 AI 會自動記錄關於您的資訊,例如您喜愛的作曲家、關注的演奏家或對特定曲目的熟悉程度,並將這些推斷資料存儲以讓未來的對話更貼合您的喜好。
此做法屬於 GDPR 第 22 條下的自動化資料建檔。您可隨時要求我們停止,發送電郵後我們將在 30 天內刪除所有推斷資料。
| 欄位 | 內容 | 示例 |
|---|---|---|
| fact(事實) | 偏好描述 | 偏好布倫德爾的錄音 |
| category(類別) | preference(偏好)/ taste(品味)/ familiarity(熟悉度)/ other(其他) | preference |
| confidence(置信度) | AI 置信分數(0.0 至 1.0) | 0.85 |
如需退出或刪除音樂偏好檔案,請電郵 legal-masternotes@igmusictech.com,我們將在 30 天內回覆。
2.4 使用及技術資料
我們收集少量技術資料以確保服務順暢運行及防止濫用。
| 資料 | 用途 | 保留期限 |
|---|---|---|
| 請求頻率限制狀態 | 防止濫用 | 滾動 7 天窗口 |
| LLM 使用日誌(僅限管理員) | 成本管理 | 12 個月後自動清除 |
| IP 位址 | 匿名請求頻率限制 | 不作持久性儲存 |
| JWT 令牌 | 維持登入狀態 | iOS Keychain,與會話綁定 |
2.5 我們不收集的資料
我們不收集:裝置識別碼(IDFA/IDFV)、地理位置、推送通知令牌、相機或麥克風存取、通訊錄或支付卡資訊。目前版本未整合任何第三方分析 SDK。
3. 資料處理依據
對於歐盟或英國用戶,以下是我們依據 GDPR 對各項資料處理活動的法律依據。
| 處理活動 | 法律依據 | GDPR 條款 |
|---|---|---|
| 帳號建立及身份驗證 | 合約履行 | 第 6(1)(b) 條 |
| 儲存對話及訊息 | 合約履行 | 第 6(1)(b) 條 |
| AI 個性化建檔 | 合法利益 | 第 6(1)(f) 條 |
| 安全及防止濫用 | 合法利益 | 第 6(1)(f) 條 |
| LLM 使用日誌(管理員) | 合法利益 | 第 6(1)(f) 條 |
4. 資料共享
我們不出售您的資料。我們僅與運行大師說所必需的服務供應商共享,且各供應商均受資料處理協議(DPA)約束。
| 供應商 | 服務 | 傳輸的資料 | 隱私政策 |
|---|---|---|---|
| OpenAI | LLM 及嵌入向量 | 訊息內容 | openai.com/policies/privacy |
| Anthropic | LLM(Claude) | 訊息內容 | anthropic.com/privacy |
| Google Gemini | LLM(Gemini Flash) | 訊息內容 | policies.google.com/privacy |
| Supabase | 資料庫、身份驗證、儲存 | 所有用戶及內容資料 | supabase.com/privacy |
| Wikimedia Foundation | Wikipedia API | 搜尋關鍵詞(不含帳號資料) | foundation.wikimedia.org/wiki/Privacy_policy |
關於 Wikipedia:當您的問題超出我們知識庫範疇時,AI 會向 Wikipedia API 發送搜尋詞(不含個人資料)以獲取相關百科內容。Wikipedia 內容採用 CC BY-SA 4.0 授權,應用程式中始終提供來源連結。
5. AI 與您的資料
5.1 不以您的對話訓練 AI 模型
我們不使用您的對話來訓練或微調任何 AI 模型。
您的訊息僅被發送至 OpenAI、Anthropic 及 Google,用於即時生成回答。我們絕不以您的對話內容訓練、微調或改善任何 AI 模型,包括我們自己的系統。
依據我們與各供應商的標準 API 協議,API 調用默認不用於模型訓練。您可查閱各供應商的政策:OpenAI、Anthropic、Google。
5.2 我們的員工會查閱您的對話嗎?
我們的技術團隊在必要時可查閱對話內容——例如排查您回報的技術故障、處理投訴或進行安全審查。
此類查閱受嚴格的內部權限政策管控,絕不用於商業分析、廣告、市場推廣或修復已報告問題以外的任何產品目的。
5.3 您始終在與 AI 對話
大師說是 AI 應用程式,您始終在與人工智能對話,而非真人。對話中的所有回答均由 AI 生成,沒有真人會實時查看或回覆您的訊息。如您直接詢問,我們的 AI 會明確說明自己是 AI。
此披露依據歐盟 AI 法案第 50(3) 條(要求 AI 聊天機器人公開其 AI 性質)作出,該義務自 2026 年 8 月 2 日起適用。
6. 資料保留期限
| 資料類別 | 保留期限 | 刪除時機 |
|---|---|---|
| 帳號及身份資料 | 帳號存續期間 | 帳號刪除時 |
| 對話及訊息 | 帳號存續期間 | 帳號刪除時 |
| AI 音樂偏好事實 | 帳號存續期間 | 帳號或檔案刪除請求時 |
| LLM 使用日誌(管理員) | 12 個月 | 自動清除 |
| 請求頻率限制狀態 | 滾動 7 天窗口 | 自動過期 |
| IP 位址 | 不予儲存 | 從不持久化 |
7. 您的權利
根據您所在地區,您享有以下部分或全部權利。如需行使,請電郵 legal-masternotes@igmusictech.com,我們將在 30 天內回覆。
| 權利 | 說明 | 適用法律 |
|---|---|---|
| 查閱 | 獲取您個人資料的副本 | GDPR / CCPA / PDPO |
| 更正 | 更正不準確的資料 | GDPR / PDPO |
| 刪除 | 要求刪除您的資料 | GDPR / CCPA / PDPO |
| 可攜性 | 以可攜格式接收您的資料 | GDPR |
| 反對建檔 | 停止對您音樂偏好的 AI 建檔 | GDPR 第 21 條 |
| 拒絕資料出售 | 我們不出售資料——此權利自動獲得滿足 | CCPA |
您亦可向當地資料保護機構提出投訴,例如英國居民可聯絡 ICO(ico.org.uk),歐盟用戶可聯絡所在國監管機構。
8. 資料安全
我們重視資料安全,目前的安全措施包括:Supabase 中所有用戶資料表實施行級安全(RLS)控制;會話令牌存儲於 iOS Keychain;加密密碼存儲(我們無法查看);上傳文件的路徑隔離存儲;服務重啟即清除的服務端緩存。
沒有任何系統能做到絕對安全。如發生影響您權利的資料洩露事件,我們將依法通知您及相關機構。
9. 跨境資料傳輸
當您的訊息由 OpenAI、Anthropic 或 Google 處理時,資料可能被傳輸至美國並在當地處理。此類傳輸受各供應商 DPA 管轄,其中包含歐盟標準合同條款(SCCs)及(視情況)英國充分性機制。
10. 最低年齡及兒童隱私
大師說適用於 13 歲及以上的用戶。13 至 15 歲的用戶必須由父母或監護人在使用服務前代其審閱並同意本條款。13 至 15 歲用戶使用本應用程式即確認其父母或監護人已給予同意。
我們不會故意收集 13 歲以下兒童的個人資料。如您認為有 13 歲以下兒童建立了帳號,請聯絡 legal-masternotes@igmusictech.com,我們將立即刪除。
10.1 13 至 15 歲用戶的特別保護
對於 16 歲以下用戶,我們將提供額外的隱私保護措施:
- 我們不向 16 歲以下用戶投放定向廣告或建立商業檔案。
- 16 歲以下用戶的 AI 音樂偏好檔案(第 2.3 節)僅用於改善該用戶本人的使用體驗,不用於商業建檔或第三方共享。
- 父母或監護人可隨時透過電郵 legal-masternotes@igmusictech.com 要求查閱、更正或刪除子女的資料。
- 如發現 13 歲以下用戶建立了帳號,我們將立即刪除該帳號及所有相關資料。
COPPA通知(美國用戶):如您是 13 歲以下美國用戶,您不得使用本服務。我們不會故意收集 13 歲以下兒童的個人資料。如您認為我們在不知情的情況下收集了此類資料,請聯絡 legal-masternotes@igmusictech.com 立即刪除。
11. 即將推出的功能
我們未來可能推出以下功能。如有推出,我們將更新本政策並至少提前 14 天通知您。
11.1 訂閱及付款
我們可能推出通過 Apple 應用內購買系統處理的付費訂閱計劃。我們不會接收或存儲您的支付卡資訊,所有交易均由 Apple 處理。訂閱狀態(計劃類型、續訂日期)將存儲在您的帳號中。
11.2 第三方登錄
我們可能新增社交登錄選項。依 Apple App Store 指引,在 iOS 上提供其他社交登錄的同時必須同時提供 Sign in with Apple。
| 供應商 | 接收的資料 | 備注 |
|---|---|---|
| Sign in with Apple | 姓名(選填)、電子郵件或 Apple 中繼地址、Apple ID | Apple 可能以中繼地址取代真實電子郵件 |
| 其他社交登錄(待定) | 姓名、電子郵件、個人資料圖片、供應商用戶 ID | 僅基本個人資料——不存取通訊錄、帖子或訊息 |
第三方登錄接收的所有資料均存儲於 Supabase Auth,受與帳號其他資料相同的保護。您可隨時通過 Apple ID 設置或相關供應商的帳號設置撤銷授權。
11.3 使用分析
我們未來可能加入使用分析功能以改善產品。如有此計劃,我們將在本政策中說明分析供應商,並依法提供適當通知及退出選項。
12. 政策更新
我們可能不時更新本隱私政策。重大變更將在生效前至少 14 天通過應用內通知或電郵告知您。最新版本始終可在以下網址查閱:https://igmusictech.com/legal/masternotes-privacy/
13. 適用法律及聯絡
本政策受香港特別行政區法律管轄,包括《個人資料(私隱)條例》(第 486 章)。對於歐盟/EEA 及英國用戶,GDPR 及 UK GDPR 亦同時適用。
| 資料控制者 | 炎上音樂科技有限公司(Ignition Musictech Limited) |
| 司法管轄區 | 香港特別行政區 |
| 聯絡方式 | legal-masternotes@igmusictech.com |
| 政策網址 | https://igmusictech.com/legal/masternotes-privacy/ |
| 生效日期 | 2026 年 6 月 1 日 |
Key Points
We only collect what we need — your account details, conversations, and music preferences you share with us.
We never sell your data to anyone.
We do NOT use your conversations to train AI models.
Your messages go to AI providers (OpenAI, Anthropic, Google) only to generate your responses — under strict data agreements.
You're always chatting with AI, not a human. Our team may access conversation logs only for technical or security reasons — never commercial.
You can request a copy of your data, delete it, or opt out of AI profiling at any time — email legal-masternotes@igmusictech.com.
Minimum age is 13. Users aged 13–15 require parental consent. Parents can request data deletion at any time.
This Privacy Policy explains how Ignition Musictech Limited ("we", "us", "our") handles your personal data when you use the Masternotes app and related services (the "Service"). It covers what we collect, why we collect it, who we share it with, and your rights.
1. Who We Are
Ignition Musictech Limited ("we", "us", "our") is a technology company incorporated in the Hong Kong Special Administrative Region, dedicated to providing digital solutions for the global classical music community. We are the data controller for the Masternotes (大師說) app and related services (the "Service"). This Privacy Policy explains how we handle your personal data when you use the Service — what we collect, why we collect it, who we share it with, and your rights.
If you have any questions, please email legal-masternotes@igmusictech.com. The current version of this Policy is always available at https://igmusictech.com/legal/masternotes-privacy/.
2. What We Collect
2.1 Account & Identity Data
When you create an account, we collect the basics needed to identify you and personalise your experience.
| Data | Why | Stored in |
|---|---|---|
| User ID (UUID) | Identify your account | Supabase Auth |
| Email address | Login and communications | Supabase Auth |
| Display name (optional) | Personalisation | Supabase Auth |
| Avatar image (optional) | Profile display | Supabase Storage |
| Language preference | App language setting | Supabase Auth |
| Password (hashed) | Authentication only — not visible to us | Supabase Auth |
2.2 Conversations & Messages
We store all conversations and messages linked to your account. This powers your conversation history and lets our AI give you personalised responses.
| Data | Description | Legal Basis (GDPR) |
|---|---|---|
| Conversation metadata | Title, filters, timestamps | Contract — Art. 6(1)(b) |
| Message content | Full text of your messages and AI responses | Contract — Art. 6(1)(b) |
| AI citations | Knowledge base entries the AI referenced | Contract — Art. 6(1)(b) |
| Request status | Streaming state, error flags | Legitimate interest — Art. 6(1)(f) |
2.3 Your Music Profile (Automated Profiling)
Heads up: our AI automatically builds a profile of your music preferences. You have the right to object — see below.
While you chat, our AI quietly notices things about you — like which composers you love, which performers you follow, or how familiar you are with certain repertoire. These inferred facts are saved to make future conversations more relevant.
This is automated profiling under GDPR Article 22. You can ask us to stop at any time — email us and we'll delete all inferred profile data within 30 days.
| Field | Content | Example |
|---|---|---|
| fact | Preference description | Prefers Brendel recordings |
| category | preference / taste / familiarity / other | preference |
| confidence | AI confidence score (0.0 to 1.0) | 0.85 |
To opt out or delete your music profile: email legal-masternotes@igmusictech.com. We respond within 30 days.
2.4 Usage & Technical Data
We collect minimal technical data to keep the Service running smoothly and prevent abuse.
| Data | Purpose | Retention |
|---|---|---|
| Rate limit state | Prevent abuse | Rolling 7-day window |
| LLM usage logs (admin only) | Cost management | 12 months, then purged |
| IP address | Rate limiting (anonymous) | Not persisted |
| JWT tokens | Keep you logged in | iOS Keychain, session-bound |
2.5 What We Don't Collect
We don't collect: device identifiers (IDFA/IDFV), location data, push notification tokens, camera or microphone access, your contacts, or payment card details. The current version has no third-party analytics SDKs.
3. Why We Process Your Data
For users in the EU or UK, here is the legal basis for each processing activity under the GDPR.
| Processing Activity | Legal Basis | GDPR Article |
|---|---|---|
| Account creation & authentication | Contract performance | Art. 6(1)(b) |
| Storing conversations & messages | Contract performance | Art. 6(1)(b) |
| AI personalisation profiling | Legitimate interest | Art. 6(1)(f) |
| Security & abuse prevention | Legitimate interest | Art. 6(1)(f) |
| LLM usage logging (admin) | Legitimate interest | Art. 6(1)(f) |
4. Who We Share Your Data With
We don't sell your data. We share it only with the service providers necessary to run Masternotes, each bound by a Data Processing Agreement (DPA).
| Provider | Service | Data Sent | Privacy Policy |
|---|---|---|---|
| OpenAI | LLM + embeddings | Message content | openai.com/policies/privacy |
| Anthropic | LLM (Claude) | Message content | anthropic.com/privacy |
| Google Gemini | LLM (Gemini Flash) | Message content | policies.google.com/privacy |
| Supabase | Database, Auth, Storage | All user & content data | supabase.com/privacy |
| Wikimedia Foundation | Wikipedia API | Search query terms only (no account data) | foundation.wikimedia.org/wiki/Privacy_policy |
About Wikipedia: When your question needs information beyond our knowledge base, our AI sends search terms (not your personal data) to the Wikipedia API to fetch relevant encyclopaedic content. Wikipedia content is licensed under CC BY-SA 4.0; source links are always shown in the app.
5. AI & Your Data
5.1 We Don't Train on Your Conversations
We do NOT use your conversations to train or fine-tune any AI model.
Your messages are sent to OpenAI, Anthropic, and Google only to generate your responses in real time. We never use your conversation content to train, fine-tune, or improve any AI model — including our own systems.
Under standard API agreements with these providers, API calls are not used for model training by default. You can review each provider's policy: OpenAI, Anthropic, Google.
5.2 Can Our Team Read Your Conversations?
Our technical team may access conversation content when strictly necessary — for example, to investigate a technical error you've reported, respond to a complaint, or conduct a security review.
Access is controlled by strict internal permission policies. It is never used for commercial analysis, advertising, marketing, or any product purpose beyond fixing reported issues.
5.3 You're Always Talking to AI
Masternotes is an AI app. You are always chatting with artificial intelligence, not a human. All responses in the chat are generated by AI. No human sees or replies to your messages in real time. Our AI will always identify itself as AI if you ask directly.
This disclosure is made in compliance with Article 50(3) of the EU AI Act, which requires AI chatbots to be transparent about their AI nature. This obligation applies from 2 August 2026.
6. How Long We Keep Your Data
| Data Category | Retention Period | When Deleted |
|---|---|---|
| Account & identity data | For the life of your account | When you delete your account |
| Conversations & messages | For the life of your account | When you delete your account |
| AI music profile facts | For the life of your account | On account or profile deletion request |
| LLM usage logs (admin) | 12 months | Automated purge |
| Rate limit state | 7-day rolling window | Automated expiry |
| IP address | Not stored | Never persisted |
7. Your Rights
Depending on where you live, you have some or all of the rights listed below. To exercise any of them, email legal-masternotes@igmusictech.com. We respond within 30 days.
| Right | What it means | Applies under |
|---|---|---|
| Access | Get a copy of your personal data | GDPR / CCPA / PDPO |
| Correction | Fix inaccurate data | GDPR / PDPO |
| Deletion | Ask us to delete your data | GDPR / CCPA / PDPO |
| Portability | Receive your data in a portable format | GDPR |
| Object to profiling | Stop AI profiling of your music preferences | GDPR Art. 21 |
| Opt out of data sale | We do not sell data — this right is automatically satisfied | CCPA |
You can also lodge a complaint with your local data protection authority — e.g. the ICO (ico.org.uk) for UK residents, or your EU supervisory authority.
8. How We Protect Your Data
We take security seriously. Our current measures include: Row Level Security (RLS) on all user data tables in Supabase; session tokens stored in the iOS Keychain; encrypted password storage (not visible to us); path-based storage isolation for uploaded files; server-side caches cleared on restart.
No system is 100% secure. If a data breach occurs that affects your rights, we'll notify you and the relevant authorities as required by law.
9. International Data Transfers
When your messages are processed by OpenAI, Anthropic, or Google, your data may be transferred to and processed in the United States. These transfers are governed by each provider's DPA, which incorporates EU Standard Contractual Clauses (SCCs) and, where applicable, UK adequacy mechanisms.
10. Minimum Age & Children's Privacy
Masternotes is available to users aged 13 and above. Users aged 13–15 must have a parent or guardian review and agree to these Terms on their behalf before using the Service. By using the app, a user under 16 confirms that their parent or guardian has given consent.
We do not knowingly collect personal data from children under 13. If you believe a child under 13 has created an account, please contact legal-masternotes@igmusictech.com and we will promptly delete it.
10.1 Special Protections for Users Aged 13–15
For users under 16, we apply additional privacy safeguards:
- We do not serve targeted advertising or build commercial profiles for users under 16.
- The AI music profile (Section 2.3) for users under 16 is used only to improve the user's own experience — never for commercial profiling or third-party sharing.
- A parent or guardian may request access to, correction of, or deletion of their child's data at any time by emailing legal-masternotes@igmusictech.com.
- If we discover a user under 13 has created an account, we will delete the account and all associated data immediately.
COPPA Notice (US users): If you are a user under 13 in the United States, you may not use this Service. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently done so, contact legal-masternotes@igmusictech.com for immediate deletion.
11. Future Features
We may add the following features in the future. When we do, we'll update this Policy and give you at least 14 days' notice before changes take effect.
11.1 Subscriptions & Payments
We may offer paid subscription plans processed exclusively through Apple's in-app purchase system. We will never receive or store your payment card details — Apple handles all transactions. Subscription status (plan type, renewal date) will be stored in your account.
11.2 Third-Party Login
We may add social login options. Per Apple's App Store guidelines, Sign in with Apple will always be available whenever any other social login is offered on iOS.
| Provider | Data received | Notes |
|---|---|---|
| Sign in with Apple | Name (optional), email or Apple relay address, Apple ID | Apple may mask your real email with a relay address |
| Other social login (TBD) | Name, email, profile photo, provider user ID | Basic profile only — no access to contacts, posts, or messages |
All data received from third-party logins is stored in Supabase Auth with the same protections as the rest of your account. You can revoke access at any time through your Apple ID settings or the relevant provider's account settings.
11.3 Usage Analytics
We may add analytics in the future to improve the product. If we do, we'll name the provider in this Policy and give you appropriate notice and opt-out options where required by law.
12. Updates to This Policy
We may update this Privacy Policy from time to time. For material changes, we'll give you at least 14 days' notice via in-app notification or email before they take effect. The latest version is always at: https://igmusictech.com/legal/masternotes-privacy/
13. Governing Law & Contact
This Policy is governed by the laws of the Hong Kong Special Administrative Region, including the Personal Data (Privacy) Ordinance (Cap. 486). For users in the EU/EEA or UK, the GDPR and UK GDPR also apply.
| Data Controller | Ignition Musictech Limited (炎上音樂科技有限公司) |
| Jurisdiction | Hong Kong SAR |
| Contact | legal-masternotes@igmusictech.com |
| Policy URL | https://igmusictech.com/legal/masternotes-privacy/ |
| Effective Date | 1 June 2026 |