隐私政策
最后更新:2026-02-19
我们如何对待你的数据
百灵(Ling)采用 100% 本地优先 设计。你的对话记录、记忆、角色描述、排练记录等所有用户数据均存储在你的设备本地,不会上传到我们的任何服务器(我们也没有后端服务器)。
- 数据存储:所有用户数据保存在你设备上的本地数据库中,并可通过系统生物识别(如 Face ID/指纹)保护。
- 数据分享:灵卡分享、导出等功能均在本地完成;分享内容由你主动选择,我们不会自动上传或同步到任何第三方。
- 第三方:我们不会向第三方出售、出租或交易你的个人数据。
AI 服务与数据传输
为提供 AI 对话功能,你发送的消息内容会通过网络直接传输至第三方 AI 服务商进行处理。我们不经手、不存储、不查看这些对话内容。
发送的数据内容
- 当次对话所需的最少上下文(最近若干条消息文本)
- 不会发送你的完整历史记录
- 排练分析发给 AI 的是结构化摘要,不是对话原文
数据接收方
根据你的配置,消息可能被发送到以下任一服务商:
默认可用(应用内置 Key 或用户自行配置)
| 服务商 | 说明 |
|---|
| DeepSeek | 默认主力模型 |
| Kimi (Moonshot) | 国内备选 |
| GLM (Zhipu AI) | 国内备选 |
| Qwen (Tongyi Qianwen) | 国内备选 |
| Doubao (ByteDance) | 国内备选 |
| Spark (iFlytek) | 国内备选 |
| Baichuan | 国内备选 |
用户自行配置后可用(应用不内置、不预设以下服务,需用户主动填入自己的 API Key 才会启用)
| 服务商 | 说明 |
|---|
| Google Gemini | 用户自行配置 Key 后可用 |
| Anthropic Claude | 用户自行配置 Key 后可用 |
| Groq | 用户自行配置 Key 后可用 |
| 用户自定义兼容 API | 用户自行填写 Endpoint、Key 和模型名 |
- 若使用应用内置 API Key,调用直连服务商,我们仅做必要的用量管控。
- 若使用用户自行配置的 Key,调用 100% 直连服务商,零中间层。
- 你可以随时在「我的 > 设置 > API Key 设置」查看和更换当前使用的服务商。
数据用途
- 仅用于生成 AI 回复,不作他用
- 各第三方服务商对数据的处理受其各自隐私政策约束
用户授权
- 首次使用 AI 对话功能时,应用会弹出数据使用说明弹窗,明确告知数据发送对象、内容和用途
- 用户需明确同意后才能使用 AI 功能
- 不同意则无法使用 AI 对话,但不影响本地数据查看
数据收集声明
本应用不设账号登录与云同步。我们不收集、不上传、不存储你的任何个人数据到我们的服务器(我们没有服务器)。你的数据从未离开你的手机,除非你主动导出/分享,或使用 AI 对话功能时消息文本被直连发送至第三方 AI 服务商。
API Key 安全
- API Key 存储在操作系统级安全存储中(iOS Keychain / Android KeyStore / macOS Keychain)
- 不存入本地数据库
- 不通过网络传输给我们的任何服务
联系与更新
若你对隐私处理有疑问,或我们需要更新本政策,会通过应用内「关于」或应用商店页面发布更新说明。继续使用应用即表示你接受当时的隐私政策版本。
Privacy Policy
Last updated: 2026-02-19
How We Treat Your Data
Ling is designed with a 100% local-first architecture. All your data -- conversations, memories, character descriptions, rehearsal records -- is stored entirely on your device. It is never uploaded to any server of ours (we don't have backend servers).
- Data Storage: All user data is saved in a local database on your device, protected by system biometric authentication (Face ID / fingerprint) when enabled.
- Data Sharing: LingCard sharing, export, and other features operate entirely locally. You choose what to share; we never automatically upload or sync to any third party.
- Third Parties: We do not sell, rent, or trade your personal data to any third party.
AI Services & Data Transmission
To provide AI conversation functionality, your message content is transmitted over the network directly to third-party AI service providers for processing. We do not intercept, store, or view any conversation content.
What Data Is Sent
- Minimum context needed for the current conversation (recent messages)
- Your full conversation history is never sent
- Rehearsal analysis sends structured summaries to AI, not raw conversation text
Who Receives the Data
Depending on your configuration, messages may be sent to any of the following providers:
Available by default (built-in key or user-configured)
| Provider | Notes |
|---|
| DeepSeek | Default model |
| Kimi (Moonshot) | Domestic (CN) alternative |
| GLM (Zhipu AI) | Domestic (CN) alternative |
| Qwen (Tongyi Qianwen) | Domestic (CN) alternative |
| Doubao (ByteDance) | Domestic (CN) alternative |
| Spark (iFlytek) | Domestic (CN) alternative |
| Baichuan | Domestic (CN) alternative |
User-configured only (not built-in; only activated when user provides their own API key)
| Provider | Notes |
|---|
| Google Gemini | User-configured key required |
| Anthropic Claude | User-configured key required |
| Groq | User-configured key required |
| Custom Compatible API | User provides endpoint, key, and model name |
- When using the built-in API key, calls go directly to the provider; we only apply usage limits.
- When using a user-configured key, calls are 100% direct with zero intermediary.
- You can view and change your active provider at any time in Me > Settings > API Key Settings.
Purpose of Data Transmission
- Solely to generate AI replies; no other use
- Each third-party provider's handling of data is governed by their own privacy policy
User Consent
- Before using AI conversation features for the first time, the app displays a data usage notice clearly stating what data is sent, to whom, and for what purpose
- You must explicitly agree before AI features can be used
- Declining does not affect access to local data
Data Collection Statement
This app has no account system and no cloud sync. We do not collect, upload, or store any personal data on our servers (we have no servers). Your data never leaves your phone unless you actively export/share it, or when message text is sent directly to a third-party AI provider during AI conversations.
API Key Security
- API keys are stored in OS-level secure storage (iOS Keychain / Android KeyStore / macOS Keychain)
- Keys are never stored in the local database
- Keys are never transmitted to any of our services
Contact & Updates
If you have questions about our privacy practices, or if we need to update this policy, we will publish updates via the "About" section in the app or the app store page. Continued use of the app indicates acceptance of the current privacy policy.