1. 概述
SmartReply(以下简称"本产品")是一款 X(Twitter)AI 辅助回帖工具,提供 Chrome 浏览器扩展程序和 iOS 键盘应用两种形态。本政策说明本产品如何收集、使用和保护您的数据。
核心原则:本产品不建立任何用于收集用户数据的服务器。您的数据只在您的设备和您自己选择的 AI 服务之间流动。
2. 收集的数据
2.1 本地存储的配置信息
- API Key:您输入的第三方 AI 服务密钥存储在您的设备本地(Chrome:
chrome.storage.local;iOS:设备沙盒存储),仅在调用您选择的 AI 服务时发送给该服务用于鉴权。 - 偏好设置:AI 提供商、模型、回帖风格、语言设置等均存储在本地。
- 诊断日志:用于调试的本地日志,仅保存在设备上,不会外传。
- 最近结果:最近 5 次生成记录、最近一次图片翻译结果仅保存在设备本地,便于您恢复查看。
2.2 发送至第三方 AI 服务的数据
当您使用"生成回复"功能时,以下内容会发送至您指定的 AI 服务提供商(如 OpenAI、Google Gemini、Anthropic、智谱 AI 等):
- 当前查看的 X (Twitter) 帖子文本内容
- 帖子中的图片(以 Base64 编码发送,仅限您设置的数量上限)
- 您在"使用我的回复"功能中输入的文字
插件界面会在使用这些功能前明确提示上述传输。使用自定义 HTTPS API 地址时,Chrome 会单独询问您是否允许访问该地址。
上述数据的处理方式由各 AI 服务商的隐私政策约束,请参阅其对应政策:
3. 本产品不收集的数据
- ❌ 不追踪用户身份或行为
- ❌ 不把 API Key 发送给 SmartReply 自有服务器或与功能无关的第三方
- ❌ 不存储帖子内容至本产品服务器
- ❌ 不使用 Cookie 或第三方分析工具
- ❌ 不访问与 X (Twitter) 无关的任何网页内容(Chrome 扩展)
4. iOS 键盘特别说明
本产品的 iOS 键盘扩展请求了"完全访问权限"(Full Access),原因如下:
- 需要通过网络向您指定的 AI 服务发送请求以生成回复
- 需要与主 App 通过 App Group 共享您保存的配置信息(API Key、模型选择等)
重要声明:即使开启完全访问权限,本产品也不会记录您的击键数据,不会收集与 SmartReply 功能无关的任何文字内容。
5. 数据安全
- API Key 存储于设备本地,仅在请求您选择的 AI 服务时通过 HTTPS 发送给该服务
- 所有对 AI 服务的请求均通过 HTTPS 加密传输
- 本产品从不在传输链路中插入代理或中间人
本地数据会一直保留,直到您点击插件中的"清除全部本地数据"、清理扩展存储或卸载插件。第三方 AI 服务对已发送数据的保留规则,以其自身条款和隐私政策为准。
6. Chrome 网上应用店数据使用承诺
SmartReply 对通过 Chrome API 获得的信息的使用遵守 Chrome 网上应用店用户数据政策,包括 Limited Use(有限使用)要求。相关信息只用于提供商店页面和插件界面中明确说明的回复生成与翻译功能。
7. 儿童隐私
本产品不面向 13 岁(或您所在地区适用年龄)以下的儿童,不会有意收集未成年人数据。
8. 联系方式
如对本隐私政策有任何疑问,请通过以下方式联系我们:
- GitHub Issues:github.com/QKJIN/smartreplyx
9. 政策更新
本政策如有重大变更,我们将在应用商店更新日志或产品内通知中说明。继续使用本产品即表示您接受最新版本政策。
1. Overview
SmartReply is an AI-assisted reply tool for X (Twitter), available as a Chrome extension and an iOS keyboard app. This policy explains how we handle your data.
Core principle: SmartReply operates no servers for collecting user data. Your data flows only between your device and the AI service you choose.
2. Data We Handle
2.1 Locally stored settings
- API Keys: Stored on your device (Chrome:
chrome.storage.local; iOS: sandboxed device storage) and sent only to the AI service you choose when needed for authentication. - Preferences: AI provider, model, reply style, language settings — all local.
- Diagnostic logs: Local debug logs, never transmitted.
- Recent results: The five most recent generations and the latest image translation result are kept locally so you can restore them.
2.2 Data sent to third-party AI services
When you generate a reply, the following is sent to the AI provider you configured (e.g. OpenAI, Google Gemini, Anthropic, Zhipu AI):
- The text content of the X (Twitter) post you are viewing
- Images from the post (Base64-encoded, up to your configured limit)
- Text you type in the "Use My Reply" input field
The extension displays this disclosure before these features are used. If you enter a custom HTTPS API address, Chrome separately asks you to approve access to that address.
How each provider handles this data is governed by their own privacy policies:
- OpenAI Privacy Policy
- Google Privacy Policy (Gemini)
- Anthropic Privacy Policy
- Zhipu AI Privacy Agreement
3. Data We Do NOT Collect
- ❌ No user tracking or behavioral analytics
- ❌ API Keys are never sent to SmartReply-operated servers or unrelated third parties
- ❌ Post content is never stored on SmartReply servers
- ❌ No cookies or third-party analytics
- ❌ Chrome extension does not read any page outside X (Twitter)
4. iOS Keyboard — Full Access
The iOS keyboard extension requests Full Access for the following reasons:
- To make network requests to your chosen AI service to generate replies
- To share your saved settings (API Key, model selection, etc.) with the main app via App Group
Important: Even with Full Access enabled, SmartReply never logs keystrokes or collects any text content unrelated to its SmartReply features.
5. Data Security
- API Keys are stored locally and are sent only to the AI service you choose over HTTPS when making a request
- All requests to AI services use HTTPS
- SmartReply never inserts a proxy or man-in-the-middle in the request chain
Local data remains until you select "Clear all local data," clear the extension's storage, or uninstall the extension. Data sent to an AI provider is retained according to that provider's own terms and privacy policy.
6. Chrome Web Store Limited Use
SmartReply's use of information received from Chrome APIs complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. We use this information only to provide the reply generation and translation features described in the extension and its store listing.
7. Children's Privacy
SmartReply is not directed at children under 13 (or the applicable age in your jurisdiction) and does not knowingly collect data from minors.
8. Contact
- GitHub Issues: github.com/QKJIN/smartreplyx
9. Policy Updates
Material changes will be communicated via App Store release notes or in-app notices. Continued use constitutes acceptance of the updated policy.