天章墨青 MochingCode - 隐私承诺
MochingCode - Privacy Policy
Version 4.0 | June 2026
天章墨青 MochingCode —— 隐私承诺 版本 V4.0 | 发布日期:2026年6月
客服邮箱 / 数据保护负责人邮箱:vip@qingyunmeihui.com
本隐私承诺(以下简称"本政策")适用于天章墨青 MochingCode(下称"墨青""Moching" 或"本软件")。墨青是一款 AI 原生桌面开发平台,提供智能对话、代码辅助、内容处 理、模型调用、终端命令执行、屏幕感知与键鼠操控、浏览器自动化、Office 办公 AI 集成、Skills 扩展市场、集团多机管理与运维等服务。
我方严格依照《中华人民共和国网络安全法》《中华人民共和国个人信息保护法》《中华 人民共和国数据安全法》《移动互联网应用程序信息服务管理规定》及通用数据保护条例 (GDPR)等法律法规,收集、使用、存储、传输和保护用户信息。
安装、登录、使用本软件,即表示您已完整阅读并同意本隐私承诺全部条款;若不同意, 请立即停止使用并卸载本软件。
2.1 主动收集的信息
(1)设备与运行信息 为保障软件正常运行、故障排查、版本优化、安全风控,自动收集:操作系统类型及版 本、设备型号、软件运行日志、功能使用频率、运行性能指标、异常报错信息。本类信 息仅用于服务运维,不会单独关联用户真实身份对外泄露。 数据留存期限:设备及运行日志自生成之日起最长留存 90 天,到期自动清理。
(2)用户自主提交内容 您在软件内主动输入的对话文本、代码内容、指令、上传文件、自定义配置等,属于用 户自主提交数据,仅用于实时响应您的操作请求、完成对应功能服务。
(3)账户信息 收集注册邮箱、用户名、加密密码哈希值,仅用于账户身份鉴权与服务权限匹配,不对 外共享。
(4)接口与密钥信息 您填写的 AI 模型 API Key、接口地址、私有配置等敏感密钥信息,为用户自行向第三方 服务商申请、独立保管的凭证,全程仅加密存储于您本地设备。我方无任何渠道获取、 读取、存储、传输用户的 API Key 或任何密钥凭证。密钥的保管、使用、安全风险全 部由您自行承担,与我方无关。
2.2 我们不会收集的信息
(1)本软件不会主动扫描、窃取、读取设备内私密文件、相册、通讯录、短信、浏览器 本地记录、第三方软件数据、隐私文件夹内容; (2)未经您单独明示授权,绝不访问软件安装目录以外的本地文件、系统目录; (3)不会在后台静默收集用户行为轨迹、上网记录、社交内容等无关隐私数据。
2.3 敏感权限单独授权说明
本软件包含多项敏感权限,所有敏感权限均采用单独弹窗授权模式,不与整体协议捆绑: (1)文件读写权限:仅在您主动使用文件操作功能时申请,授权后仅访问您指定目录; (2)屏幕感知、截图、键鼠操控权限:属高敏感权限,需您手动确认授权,仅在启动对 应自动化功能时生效; (3)浏览器自动化、剪贴板读写权限:使用对应功能前单独弹窗告知风险并获取授权; (4)您可随时在软件设置或系统权限管理中关闭已授权权限,关闭后对应功能将无法使 用,但不影响软件其他功能正常运行。
2.4 信息使用通用规则
所有收集的用户信息仅用于:提供软件服务、功能迭代优化、故障修复、安全风险防控。 未经您书面明示许可,我方绝不会将您的个人数据、对话内容、代码资料、文件信息出 售、出租、无偿共享给任何第三方。
3.1 数据存储规则
(1)本地数据(核心) 软件配置、使用记录、对话历史、会话内容、知识库、记忆条目、本地缓存、数据库文 件等,默认存储路径: - Windows:%LocalAppData%\Moching\ - macOS:~/Library/Application Support/Moching/ - Linux:~/.local/share/Moching/
本地数据完全由用户自主掌控,我方无任何远程读取、修改、删除权限。数据格式为 SQLite 数据库及普通本地文件,您可使用标准 SQLite 工具自行导出、备份、清理。
(2)云端数据 墨青不搭建独立的远程用户业务数据存储服务器。所有用户业务数据、对话内容、文件 资料均不云端留存。仅账户基础鉴权信息做必要的云端存储。
(3)数据出境说明(对接境外模型专用) 若您选择接入境外 AI 模型 API,您提交的对话、代码、指令等数据将按照您指定的接口 规则传输至境外服务商: a. 数据出境为用户自主选择行为,选择境外模型前软件将单独弹窗告知出境风险并获 取您的明示同意; b. 我方仅做数据转发通道,不截留、不缓存出境数据; c. 境外数据安全、隐私规则由对应境外服务商负责,请您提前查阅第三方隐私政策; d. 因用户自主选择境外模型导致的数据安全风险,由用户自行承担。
3.2 数据留存与销毁
(1)本地所有业务数据由您自行管理、备份、删除; (2)卸载本软件时,默认同步清理 Moching 目录下全部本地缓存与业务数据; (3)我方云端仅留存账户鉴权信息,账户注销后云端信息将在 7 个工作日内彻底删除。
3.3 传输安全
本软件所有网络数据交互全程采用 HTTPS/TLS 1.3 加密协议传输,防止数据在传输过程 中被窃取、篡改、劫持。
4.1 内置 AI 能力
本软件可能集成或接入 AI 大模型服务(以实际发布版本为准),提供智能问答、代码编写、逻辑分析等 服务。您发送至 AI 模型的内容仅经您指定的 API 传递至对应服务商,我方不在传输链 路中记录、缓存、转发相关内容。AI 交互内容仅用于单次服务响应,不会用于模型训 练、商业推广、用户画像分析。
4.2 第三方模型 / 接口
您可自主接入本地部署模型(如 Ollama)、第三方公有云 API 等外部服务: (1)使用本地部署模型时,所有数据全程留存本地,建议企业处理敏感代码、涉密资料 时优先使用本地模型; (2)您自行对接的第三方平台、模型、接口,其数据安全、隐私政策、合规责任由第三 方主体承担,请您仔细阅读对应第三方条款。
4.3 第三方工具与 SDK
本软件使用 Tauri、React、Playwright、Python 等开源组件,各组件遵循其自身开源 许可协议。所有合作第三方均需遵守国内个人信息保护法律法规,不得超范围收集用户 信息。开源协议完整文本可在软件【设置-关于我们-开源声明】中查看。
4.4 第三方技能(Skills)安装与使用
(1)第三方技能文件全部存储于用户本地设备; (2)我方不对第三方技能的安全性、合法性、隐私行为、功能质量作出担保; (3)若您发现第三方技能存在窃取数据、恶意行为,可通过官方渠道举报; (4)安装、运行第三方技能产生的一切风险由使用人自行承担。
墨青桌面客户端仅使用本地缓存文件、会话标记维持软件基础运行,不使用任何用户追 踪类 Cookie,不上报用户浏览轨迹、使用偏好等隐私信息。
浏览器自动化功能使用独立的 Playwright 浏览器实例,与您日常使用的浏览器完全隔 离,互不共享数据、Cookie 及记录。
(1)本软件面向全年龄段用户开放,若您为未满 18 周岁的未成年人,请在监护人陪同、 指导下使用; (2)我方对未成年人信息遵循最小必要原则收集与使用,不主动向未成年人推送高危自 动化、批量运维等高风险功能; (3)监护人如发现未成年人未经许可使用本软件或提交个人敏感信息,可联系我方申请 查看、删除对应数据; (4)严禁未成年人利用本软件实施网络攻击、数据窃取、违规爬虫等违法行为。
您作为本软件用户,依法享有以下权利: (1)知情权——有权知晓我方收集数据的类型、用途、存储方式及传输范围; (2)访问权——可向官方申请获取本人账户相关数据副本; (3)查询权——可在本文档标注的本地目录内自行查看全部本地存储数据; (4)删除权——可手动删除本地目录数据,或使用 SQLite 工具精准导出、删除指定内 容;账户注销后云端数据按规则清除; (5)撤回同意权——可随时关闭权限授权、停止使用并卸载本软件; (6)数据可携带权——可通过 SQLite 格式导出本地数据,实现数据迁移; (7)账户注销——可通过官方客服渠道申请账户注销,注销后云端账户信息按时销毁。
8.1 安全防护措施
(1)我方建立完整的数据安全管理制度与内部权限管控体系; (2)本地数据受操作系统文件权限保护,API Key 等密钥采用本地高强度加密存储; (3)定期开展安全审计、漏洞扫描、风险排查,防范数据泄露、丢失、滥用; (4)因我方平台自身安全漏洞直接导致用户数据泄露的,我方将依法承担相应责任。
8.2 适用法律法规
本政策严格遵循以下法规及规范: (1)《中华人民共和国网络安全法》 (2)《中华人民共和国个人信息保护法》 (3)《中华人民共和国数据安全法》 (4)《移动互联网应用程序信息服务管理规定》 (5)《数据出境安全评估办法》 (6)通用数据保护条例(GDPR,适配海外使用场景)
(1)我方因业务调整、法律法规更新,有权修订本隐私承诺; (2)涉及用户重大权益、权限规则、数据规则的变更,将通过客户端弹窗或绑定邮箱提 前 15 天告知; (3)条款更新后继续使用本软件,即视为接受修订后的全部条款。
10.1 联系方式
服务热线:400-0127-572 客服 / 数据保护负责人邮箱:vip@qingyunmeihui.com
10.2 处理规则
(1)若您发现本软件存在违规收集信息、隐私泄露、违反本承诺等问题,可通过以上渠 道提交投诉或咨询; (2)我方在收到用户反馈后 15 个工作日内完成核查、处理并回复; (3)涉及权限争议、数据误删、账户异常等问题,可同步提交申诉材料。
本隐私承诺中任何条款被有管辖权的机关认定为无效或不可执行的,不影响其余条款的 效力与可执行性。
MochingCode — Privacy Policy Version 4.0 | Published: June 2026
Service Hotline: 400-0127-572 Customer Service / Data Protection Officer Email: vip@qingyunmeihui.com
This Privacy Policy ("Policy") applies to MochingCode (hereinafter "Moching" or "the Software"). MochingCode is an AI-native desktop development platform providing intelligent conversation, code assistance, content processing, model invocation, terminal command execution, screen perception and keyboard/mouse control, browser automation, Office AI integration, Skills marketplace, and enterprise multi-device management services.
We strictly comply with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law, the Data Security Law, the Regulations on Mobile Internet Application Information Services, and the General Data Protection Regulation (GDPR) in collecting, using, storing, transmitting, and protecting user information.
By installing, logging in, or using this Software, you confirm that you have fully read and agreed to all terms of this Privacy Policy. If you do not agree, please immediately stop using and uninstall the Software.
2.1 Information Actively Collected
(1) Device and Runtime Information To ensure proper software operation, troubleshooting, version optimization, and security risk control, we automatically collect: OS type and version, device model, runtime logs, feature usage frequency, performance metrics, and error reports. Such information is used solely for service operations and will not be associated with user identity for external disclosure. Data Retention: Device and runtime logs are retained for a maximum of 90 days from generation, after which they are automatically purged.
(2) User-Submitted Content Conversation text, code, commands, uploaded files, and custom configurations you actively input within the Software are user-submitted data, used solely to respond to your requests and deliver the corresponding services.
(3) Account Information Registration email, username, and encrypted password hash are collected solely for account authentication and service authorization, and are not shared externally.
(4) API Keys and Endpoint Information AI model API Keys, endpoint addresses, and private configurations are credentials you independently apply for and manage with third-party service providers. Such information is stored exclusively on your local device in encrypted form. We have no channel whatsoever to obtain, read, store, or transmit any user API Keys or secret credentials. Security risks arising from key custody, usage, or leakage are entirely your responsibility and bear no relation to us.
2.2 Information We Do NOT Collect
(1) We do not scan, steal, or read private files, photo albums, contacts, SMS, browser local records, third-party application data, or private folder contents on your device; (2) Without your explicit separate authorization, we will never access local files or system directories outside the Software installation directory; (3) We do not silently collect browsing history, online behavior trails, social content, or other unrelated private data in the background.
2.3 Sensitive Permission Authorization
This Software includes several sensitive permissions, all of which require separate pop-up authorization and are not bundled with the overall agreement: (1) File read/write: requested only when you actively use file operations; access is limited to your designated directories after authorization; (2) Screen perception, screenshot, keyboard/mouse control: high-sensitivity permissions requiring manual confirmation, effective only when the corresponding automation feature is launched; (3) Browser automation, clipboard read/write: separate pop-up notification of risks and authorization before use; (4) You may revoke any authorized permission at any time in Software settings or system permission management; revoking will disable the corresponding feature without affecting other Software functions.
2.4 General Rules for Information Use
All collected user information is used solely for: providing Software services, iterative optimization, fault repair, and security risk control. Without your explicit written permission, we will never sell, rent, or share your personal data, conversation content, code, or files with any third party.
3. Data Storage, Transmission, and Security
3.1 Data Storage
(1) Local Data (Core) Software configurations, usage records, conversation history, session content, knowledge base, memory entries, local cache, and database files are stored by default at: - Windows: %LocalAppData%\Moching\ - macOS: ~/Library/Application Support/Moching/ - Linux: ~/.local/share/Moching/
Local data is entirely under user control. We have no remote read, modify, or delete access. Data is stored in SQLite databases and plain local files; you may export, back up, or clean data using standard SQLite tools.
(2) Cloud Data MochingCode does not maintain independent remote servers for user business data. All user business data, conversation content, and files are NOT stored in the cloud. Only basic account authentication information is stored on our servers as necessary.
(3) Cross-Border Data Transfer (For Overseas Model Access) If you choose to connect to overseas AI model APIs, your submitted conversations, code, and commands will be transmitted to overseas service providers per your specified API configuration: a. Cross-border data transfer is a user-initiated choice; the Software will display a separate pop-up to inform you of risks and obtain explicit consent before connecting to overseas models; b. We serve only as a data forwarding channel and do not intercept or cache outbound data; c. Overseas data security and privacy rules are the responsibility of the respective overseas service provider; please review their privacy policies; d. Data security risks arising from your voluntary choice of overseas models are borne entirely by you.
3.2 Data Retention and Deletion
(1) All local business data is managed, backed up, and deleted by you; (2) Uninstalling the Software will by default clear all local cache and business data in the Moching directory; (3) Our cloud servers retain only account authentication information, which will be completely deleted within 7 business days after account cancellation.
3.3 Transmission Security
All network data interactions use HTTPS/TLS 1.3 encrypted protocols throughout, preventing data interception, tampering, or hijacking during transmission.
4. AI Models and Third-Party Services
4.1 Built-in AI Capabilities
The Software may integrate or connect to AI large model services (subject to actual released version), providing intelligent Q&A, code writing, and logical analysis services. Content you send to AI models is transmitted only through your designated API to the corresponding service provider. We do not record, cache, or forward such content in the transmission chain. AI interaction content is used only for single-session responses and will NOT be used for model training, commercial promotion, or user profiling.
4.2 Third-Party Models / APIs
You may independently connect local deployment models (e.g., Ollama), third-party public cloud APIs, or other external services: (1) When using locally deployed models, all data remains entirely local; enterprises are advised to prioritize local models for sensitive code; (2) Data security, privacy policies, and compliance responsibilities of third-party platforms you connect are borne by those third parties; please review their respective terms.
4.3 Third-Party Tools and SDKs
This Software uses open-source components including Tauri, React, Playwright, and Python, each governed by their respective open-source licenses. All cooperating third parties must comply with Chinese personal information protection laws and may not collect user information beyond scope. Full open-source license texts are viewable in Software [Settings - About - Open Source Notices].
4.4 Third-Party Skills Installation and Use
(1) All third-party skill files are stored on the user's local device; (2) We make no guarantees regarding the security, legality, privacy behavior, or quality of third-party skills; (3) If you discover data theft or malicious behavior in third-party skills, you may report through official channels; (4) All risks from installing and running third-party skills are borne by the user.
The MochingCode desktop client uses only local cache files and session tokens to maintain basic operations, does NOT use any user-tracking cookies, and does not report browsing trails or usage preferences.
Browser automation uses an isolated Playwright browser instance, completely separate from your daily browser, sharing no data, cookies, or records.
6. Protection of Minors' Personal Information (1) This Software is open to users of all ages; if you are under 18, please use under guardian supervision; (2) We follow the principle of minimal necessity for minors' information and do not proactively promote high-risk automation or batch operations to minors; (3) Guardians who discover unauthorized use by minors or submission of sensitive personal information may contact us to view or delete corresponding data; (4) Minors are strictly prohibited from using this Software for cyberattacks, data theft, illegal crawling, or other unlawful activities.
As a user of this Software, you are entitled to the following rights: (1) Right to Know — learn what data we collect, its purpose, storage method, and transmission scope; (2) Right of Access — apply to obtain a copy of your account-related data; (3) Right to Query — view all locally stored data in the directories specified in this document; (4) Right to Delete — manually delete local directory data or use SQLite tools for precise export/deletion; cloud data will be purged after account cancellation; (5) Right to Withdraw Consent — revoke permissions, stop using, and uninstall the Software at any time; (6) Right to Data Portability — export local data in SQLite format for migration; (7) Account Cancellation — apply through official customer service; cloud account information will be destroyed on schedule after cancellation.
8.1 Security Measures
(1) We maintain comprehensive data security management systems and internal access control; (2) Local data is protected by OS file permissions; API Keys are stored with high-strength local encryption; (3) Regular security audits, vulnerability scans, and risk assessments are conducted to prevent data leaks, loss, or misuse; (4) Where our platform's own security vulnerabilities directly cause user data leaks, we will bear corresponding legal responsibility.
8.2 Applicable Laws and Regulations
This Policy strictly complies with: (1) Cybersecurity Law of the People's Republic of China (2) Personal Information Protection Law of the People's Republic of China (3) Data Security Law of the People's Republic of China (4) Regulations on Mobile Internet Application Information Services (5) Measures for Security Assessment of Cross-Border Data Transfer (6) General Data Protection Regulation (GDPR, for overseas usage scenarios)
(1) We reserve the right to revise this Privacy Policy due to business adjustments or legal/regulatory updates; (2) Changes materially affecting user rights, permission rules, or data rules will be communicated via in-app pop-up or registered email at least 15 days in advance; (3) Continued use of the Software after updates constitutes acceptance of the revised terms.
10. Complaints, Appeals, and Rights Protection
10.1 Contact Information
Entity: Jinan Qingyun Meihui Network Technology Co., Ltd. Address: Room 702-1, Block C, Mingquan Plaza, No. 68 Dikou Road, Tianqiao District, Jinan, Shandong, China Hotline: 400-0127-572 Email / DPO: vip@qingyunmeihui.com
10.2 Processing Rules
(1) If you discover that this Software violates this Policy, unlawfully collects information, or leaks privacy, you may file complaints or inquiries through the above channels; (2) We will complete investigation, processing, and response within 15 business days of receiving user feedback; (3) Issues involving permission disputes, accidental data deletion, or account anomalies may be accompanied by appeal materials.
If any provision of this Privacy Policy is found invalid or unenforceable by a competent authority, the remaining provisions shall remain in full force and effect.
Jinan Qingyun Meihui Network Technology Co., Ltd. June 2026