# HDGP Privacy Policy v1.0 | Field | Value | |-------|--------| | Version | **1.0** | | Effective | 2026-05-20 (draft for publication; confirm before GA) | | Operator | **上海厚德归朴智能科技有限公司** (Shanghai Houde Guipu Intelligent Technology Co., Ltd.) | | Sites | [www.hdgp-protocol.com](https://www.hdgp-protocol.com/), [www.hdgp-protocol.cn](https://www.hdgp-protocol.cn/) (if used), and related static pages | | ICP (CN) | 沪ICP备2026021347号-1 — displayed on CN-facing footers only | | Contact | privacy inquiries: `feedback@hdgp-protocol.com` (or dedicated `privacy@` when enabled) | > **Not legal advice.** This policy describes how we handle information when you visit our **informational websites** and optional **rule-evaluation demo** endpoints. It does not replace a separate agreement with integration customers. --- ## 1. Scope This policy applies to: - Public **marketing / documentation** pages (including `index.html` and `docs/readable/*`). - Optional **browser-based demos** that send sample text to an HDGP Engine endpoint when you click “Run” (see §4). - **Email** if you contact us at published addresses. It does **not** apply to third-party sites (GitHub, social platforms, Core mirror sites). Follow their policies when you leave our domains. --- ## 2. What we collect ### 2.1 Visiting the website (all visitors) Our hosting / CDN / reverse proxy may automatically log: - IP address, request time, URL, user-agent, referrer, HTTP status. We use these logs for **security, abuse prevention, and operations**. Retention is limited (see §6). ### 2.2 Browser storage (no account) We use **`localStorage`** only for: - Theme preference (dark/light). - Language preference (EN/中文). We do **not** use advertising cookies or cross-site tracking pixels in v1.0. If we add analytics later, we will update this policy. ### 2.3 Third-party resources (transitional) Until our own fonts ship, pages may load **Google Fonts** (`fonts.googleapis.com`). That provider may receive your IP and technical metadata. We are migrating to **self-hosted fonts** (see `assets/fonts/`). ### 2.4 Interactive demo (only when you run it) The on-site demo sends **text you type** (and scene metadata you select) to an Engine URL you configure, or—after domestic launch—a **same-origin API path** we publish. - **Purpose**: illustrate rule-based evaluation (allow/modify/block/fuse), not generative AI chat. - **Do not** submit real names, ID numbers, medical records, or other personal data. - We do **not** require login for the demo. If the demo targets **localhost** (default in source today), data stays on **your machine**; we do not receive it. ### 2.5 Email If you email us, we receive what you choose to send. Do not send sensitive personal data unless necessary. --- ## 3. How we use information - Operate and secure the website. - Respond to inquiries and ethics/business contacts. - Improve documentation and conformance tests (aggregated, non-advertising). - Run optional demos when you explicitly trigger them. We do **not** sell personal information. We do **not** use your demo text to train large language models (we do not operate an LLM on this site). --- ## 4. Legal bases (summary) Depending on jurisdiction: **legitimate interests** (security, site operation), **consent** (where required for non-essential storage), and **contract/pre-contract** steps when you request integration. --- ## 5. Sharing We may share logs or demo-related technical data with: - Infrastructure providers (hosting, CDN, email) under contract. - Authorities when required by law. We do not share demo content for advertising. --- ## 6. Retention | Data | Typical retention | |------|-------------------| | Web access logs | ≤ 90 days unless security incident requires longer | | `localStorage` | Until you clear browser data | | Demo payloads (if server-side) | **Short TTL** (target ≤ 7 days) unless audit/legal hold; production config in Runbook | | Email | As needed for the thread, then per internal records policy | --- ## 7. Security We use HTTPS, access controls on servers, and engineering practices described in `SECURITY.md` and security runbooks. No method is 100% secure. --- ## 8. Your rights Depending on applicable law (e.g. PRC Personal Information Protection Law, GDPR where relevant), you may request access, correction, deletion, or restriction regarding personal information we control. Contact **`feedback@hdgp-protocol.com`** (subject: Privacy). We will verify requests reasonably. --- ## 9. Cross-border Primary hosting region should be documented in deployment runbooks. If data leaves mainland China, we will disclose mechanisms required by law (e.g. standard contractual clauses) in an updated policy version. See also: `docs/HDGP_CROSS_BORDER_DEPLOYMENT_NOTES.md` (integration/deployer-facing). --- ## 10. Children Our sites are not directed at children under 14. We do not knowingly collect their data. --- ## 11. Changes We may update this policy. The version number and effective date at the top will change. Material changes will be noted on the website. --- ## 12. Operator contact **上海厚德归朴智能科技有限公司** Shanghai Houde Guipu Intelligent Technology Co., Ltd. --- # 隐私政策 v1.0(中文摘要) | 项目 | 内容 | |------|------| | 版本 | **1.0** | | 运营者 | **上海厚德归朴智能科技有限公司** | | 适用 | 主站静态页面、可选规则评估演示、邮件联系 | | ICP | 沪ICP备2026021347号-1(仅大陆站点页脚展示) | **要点**: 1. **浏览网站**:可能记录 IP、访问时间等日志,用于安全与运维。 2. **本地存储**:仅用 `localStorage` 保存主题/语言,无广告追踪 Cookie(v1.0)。 3. **字体**:过渡期可能使用 Google Fonts;将切换为自建字体。 4. **演示**:仅在你点击运行且 Engine 地址可达时,才会发送你输入的示例文本;**请勿输入真实个人信息**。当前源码默认 `localhost`,数据在你本机。国内上线后若提供同源 API,将在此政策中写明路径与保留期。 5. **不出售**个人信息;**不用**网站演示数据训练大模型。 6. 行使权利或咨询:`feedback@hdgp-protocol.com`(主题注明「隐私」)。 完整英文条款为上文第 1–12 节;冲突时以运营者书面中文说明为准(若另行提供)。