在任何细则之前，我先把底线讲清楚：

• 最小化收集。我只收集确实需要的信息，用完即止。
• 透明。你可以随时看到我在收集什么、为什么收集、保存在哪里。
• 不出售、不共享、不做第二用途。你的数据不会被用于广告、不会被转卖、不会被用于训练与辅导无关的模型。
• 你拥有你的内容。作业正文、评论、档案 —— 产权在你，你随时可以带走或要求删除。
• 本人对接。没有运营、没有外包客服，接触你数据的始终是我本人。

Before any fine print, here's the floor I stand on:

• Minimum collection. I collect only what the service actually needs, and stop when the need ends.
• Transparency. You can see at any time what I collect, why, and where it lives.
• No sale, no sharing, no secondary use. Your data is never sold, never rented to advertisers, and never used to train models unrelated to tutoring you.
• You own your content. Drafts, comments, profile — the rights are yours; take it out or delete it whenever you want.
• Handled by me, personally. There is no operations team, no outsourced support. The only human touching your data is me.

为了让后台跑起来，以下信息会被收集和保存：

• 账号信息。登录邮箱、加密后的密码（或 Google 登录返回的最小标识符）。
• 资料字段。你自己填写的显示名称与可选的个人说明。显示名称会代替邮箱在页面可见处出现。
• 作业内容。由导师（也就是我）代你建立、编辑的作业稿件与进度状态。
• 评论与留言。你在章节下主动发送的文字，连同发送时间与作者身份。
• 必要的日志。Supabase 与 Cloudflare 生成的、用于防止滥用和排障的访问日志，保留期有限。

我 不 收集：浏览器指纹、第三方广告 ID、跨站追踪、位置 GPS、麦克风、摄像头、通讯录。

To run the portal, the following is collected and stored:

• Account data. Your sign-in email, your hashed password (or the minimum identifier returned by Google sign-in).
• Profile fields. The display name and optional headline you choose. The display name replaces your email wherever your identity appears publicly in the app.
• Assignment content. Draft text and status that your tutor (me) builds and edits on your behalf.
• Comments. The messages you send on each section, with their timestamp and author.
• Essential logs. Access logs generated by Supabase and Cloudflare for abuse prevention and debugging, kept for a limited period.

I do not collect: browser fingerprints, advertising identifiers, cross-site trackers, GPS, microphone, camera, or contact lists.

收集到的信息只用于一件事：让你能够在这里完成你的那份辅导。具体而言：

• 把作业正文、进度、里程碑和留言呈现给你与导师本人。
• 把评论连接到对应的章节与作者，生成可阅读的讨论串。
• 在你变更资料或密码时做必要的身份验证。
• 排查服务故障、识别明显的滥用尝试。

我 不 用你的数据：投放广告、生成任何形式的用户画像、未经同意做市场分析、训练与辅导服务无关的 AI 模型。

Collected data is used for exactly one thing: letting you get your tutoring done here. Concretely:

• To render your drafts, progress, milestones and comments for you and your tutor.
• To attach comments to the right section and author, producing a readable thread.
• To authenticate you when you change your profile or password.
• To debug service issues and catch obvious abuse.

I do not use your data to serve ads, build profiles, run market analytics without consent, or train AI models unrelated to tutoring.

• 不把你的邮箱、姓名、写作内容卖给任何第三方。
• 不把你的评论或作业截图发到公开平台做案例宣传，除非事先书面征得你同意并做好脱敏。
• 不对同学之间互相暴露登录邮箱 —— 公开可见的位置只出现你选的显示名称。
• 不把数据上传到中国大陆以外不受监管的第三方服务；基础设施固定使用 Supabase 与 Cloudflare。

• We never sell your email, name or written work to any third party.
• We never take screenshots of your comments or drafts to promote the studio, unless you give prior written consent and the content is properly anonymised.
• Students never see each other's sign-in emails — only the display name you chose appears in public surfaces.
• We never move data to unregulated third-party services; the stack is fixed to Supabase and Cloudflare.

• 传输加密。所有访问通过 HTTPS，浏览器与服务器之间使用 TLS 加密。
• 数据库权限。Supabase 上启用了行级安全（Row Level Security）：学员只能访问被分配给自己的作业与评论；导师权限严格限定在我本人的邮箱。
• 密码存储。密码哈希由 Supabase Auth 管理，我本人无法查看你的明文密码。
• 平台。前端托管在 Cloudflare Pages，并设置了 X-Frame-Options、X-Content-Type-Options、Referrer-Policy 与 Permissions-Policy 等安全头，禁用摄像头、麦克风与定位权限。

• Encryption in transit. All requests run over HTTPS with TLS.
• Database policies. Row Level Security is enforced on Supabase: students only see assignments and comments allocated to them; tutor privileges are scoped strictly to my own email.
• Password storage. Password hashing is handled by Supabase Auth; I cannot read your plaintext password.
• Platform. The front end is hosted on Cloudflare Pages with X-Frame-Options, X-Content-Type-Options, Referrer-Policy and Permissions-Policy headers that disable camera, microphone and geolocation by default.

保留的原则是：只要你还在用，就保留；你说停，就删。

• 你的作业内容和评论在辅导期间内保留。结束辅导后 90 天 内，我会把你的作业从后台清空，只保留结算所需的最小记录（姓名首字母 + 起止日期）。
• 你随时可以要求立即删除账户与全部内容。我会在 7 个工作日内完成并回复你确认。
• 由于 Supabase 与 Cloudflare 的备份机制，删除请求可能在其后台备份中滞留至多 30 天，此后自动过期。

The retention rule is simple: keep it while you're using it, delete it when you ask.

• Drafts and comments are kept for the duration of the engagement. Within 90 days after tutoring ends I wipe your assignment data, keeping only the minimum record needed for accounting (initials and engagement dates).
• You may request immediate account and content deletion at any time. I'll complete it and confirm back within 7 working days.
• Because Supabase and Cloudflare run rolling backups, copies may persist in their backup systems for up to 30 days before expiring.

不管你的居住地是否在 GDPR、UK GDPR、CCPA 或中国《个人信息保护法》覆盖范围内，我都对全部学员一视同仁，按上述最高标准执行以下权利：

• 访问权。随时向我申请你账户下的全部数据副本。
• 更正权。发现数据不准，告诉我，我就改。
• 删除权（被遗忘权）。要求彻底删除账户与内容。
• 携带权。以 JSON 或 PDF 形式导出你的作业内容。
• 撤回同意权。随时撤回你之前给出的任何展示或宣传授权。
• 不被自动决策影响的权利。我不对你做任何自动化评分、评级或画像。

Regardless of whether you're covered by GDPR, UK GDPR, CCPA or China's PIPL, I extend the same top-tier rights to every student:

• Right of access. Ask me for a copy of all data under your account at any time.
• Right to rectification. If something is wrong, tell me and it gets corrected.
• Right to erasure (to be forgotten). Request full deletion of the account and its content.
• Right to portability. Export your drafts as JSON or PDF.
• Right to withdraw consent. Revoke any display or promotional permission you previously granted.
• Freedom from automated decisions. I do not run automated grading, ranking, or profiling on you.

这间工作室欢迎所有真心想把课程走完的同学。我不会根据以下任何一项决定是否接收你、是否认真对待你、是否保持同样的耐心：

• 种族、民族、国籍、肤色、语言或口音；
• 宗教信仰或无宗教立场；
• 性别、性别认同或表达；
• 性倾向；
• 年龄；
• 婚姻、怀孕或家庭状况；
• 残疾与神经多样性（包括 ADHD、自闭症谱系、读写障碍等）；
• 家庭经济状况或第一代大学生背景；
• 政治观点（在不对他人人身构成仇恨或伤害的前提下）。

This studio welcomes every student who genuinely wants to finish their work. None of the following affects whether I take you on, how seriously I take you, or how much patience I bring:

• Race, ethnicity, nationality, skin colour, language or accent;
• Religion or lack thereof;
• Gender, gender identity or gender expression;
• Sexual orientation;
• Age;
• Marital, pregnancy or family status;
• Disability and neurodivergence — including ADHD, autism spectrum, dyslexia and others;
• Socioeconomic background or being a first-generation university student;
• Political views (provided they do not constitute hate or harm toward other people).

Kaka SQA 对 LGBTQIA+ 同学明确且公开地表示欢迎。

• 你是同性恋、双性恋、跨性别、非二元、酷儿、无性恋、间性人 —— 在这里，以上任何一项都不构成"需要解释"的身份，你不需要出柜才能被正常对待。
• 使用你真正的名字和代词是基本操作，不是照顾。若系统上你旧名字还在，告诉我，我改。
• 作业正文、评论区、沟通场合，任何恐同、恐跨、羞辱性别表达或性取向的言论 —— 不管来自谁 —— 都会被我直接制止。
• 跨性别同学：所在学校要求用法律姓名的场合（如某些提交系统），我会协助你区分"法律姓名"与"你希望被称呼的名字"，只在必要时调用前者。
• 如果你是处在不安全环境中的学员（家庭、室友、原所在组织），你可以要求我把和你的通讯标注、日程提醒隐藏、或以另一种身份代号处理 —— 我认真对待。

Kaka SQA is explicitly and publicly welcoming of LGBTQIA+ students.

• Gay, lesbian, bisexual, trans, non-binary, queer, asexual, intersex — none of these require an explanation here, and you do not need to come out to be taken seriously.
• Using your real name and pronouns is baseline, not accommodation. If a former name is still hanging around in the system, tell me and I'll update it.
• In drafts, comments, and everyday communication, homophobic, transphobic, or otherwise demeaning remarks toward a person's gender or orientation — from anyone — will be stopped directly.
• For trans students: where your institution requires a legal name (e.g. certain submission systems), I'll help you separate "legal name" from "name you're called by" and only use the former where strictly necessary.
• If you're in an unsafe environment (family, housemates, former organisation), you can ask me to flag our chat channel, hide calendar notifications, or use an alternate alias for you. I take that seriously.

• 页面按照 WCAG 2.1 AA 的原则设计：语义化结构、对比度足够、支持键盘与屏幕阅读器。
• 字号由系统字体继承，可跟随操作系统"放大文本"设置；不使用固定像素锁定正文。
• 支持操作系统深色模式；prefers-reduced-motion 打开时所有动画会关闭。
• 如果在使用中遇到任何阻碍（截图读不出、焦点顺序乱、键盘陷阱等），告诉我，我修。

• Pages follow WCAG 2.1 AA principles: semantic structure, sufficient contrast, keyboard and screen-reader support.
• Type size inherits from the system font stack and follows your OS "larger text" setting; body copy is not pinned to fixed pixels.
• Dark mode follows the operating system; animations are turned off when prefers-reduced-motion is on.
• If anything blocks you — unreadable image, broken focus order, keyboard trap — tell me and I'll fix it.

Kaka SQA 主要服务本科与研究生阶段的同学。如果你未满 16 周岁，请由你的父母或法定监护人在知情并同意的前提下代你联系我；我可能会要求你的监护人先与我单独确认。

Kaka SQA primarily serves undergraduate and postgraduate students. If you are under 16, please have a parent or legal guardian contact me with their informed consent; I may need to speak with your guardian first.

关于数据、隐私、权利行使、投诉或任何包容性方面的问题，直接联系我本人：

For questions about data, privacy, exercising your rights, complaints, or anything related to inclusion, contact me directly: