Privacy Policy — Pocket Guide

Effective date: June 11, 2026

This policy applies to the iOS application "Pocket Guide" (問導遊), developed by Fermata ("we", "us"). Our principle is simple: we collect only what is necessary to provide the service, and we never sell your personal data.

1. Information We Collect

1.1 Anonymous identifier

There is no sign-up. The app uses Firebase Anonymous Authentication, which means we never ask for — and never receive — your name, email address, or any other contact information. Firebase simply assigns your installation a randomly generated anonymous identifier, which we use solely to manage service quotas and prevent abuse.

1.2 Images and voice

The app's core feature is real-time spoken narration: images from your camera (photos you take, and live camera frames while you hold to record) and voice questions you ask are sent directly from your device to our third-party AI service provider (currently Google's Gemini API) to generate live tour-guide responses.

Your images and voice are never stored on our servers — our backend only issues short-lived access tokens and never sees or handles your photos or audio. The only exception is a feedback report you actively choose to submit (see section 1.4).
Images and voice are used only to generate the narration in that moment, never for advertising or marketing.
Our AI provider's handling of this data is governed by its own privacy policy and API terms (currently the Google Privacy Policy).
If you allow location access, your approximate GPS coordinates are attached to narration requests so explanations can reflect where you are. If you submit a feedback report, the coordinates of that session are included.

1.3 Usage records

To manage service quotas and prevent abuse, we record how many narration sessions you start and when (stored in Google Firestore). These records contain counts and timestamps only — no photo or conversation content.

1.4 Feedback reports

When you actively rate a narration (thumbs up or thumbs down), the image frames and the conversation transcript of that narration session are uploaded to us and used to improve the service. Your original voice recordings are never uploaded — only the text transcript of the conversation. Feedback reports are tied to your anonymous identifier and are covered by the deletion process in section 5.

2. Device Permissions

Camera — to photograph what you want explained. No images are captured without your action.
Microphone — to receive your spoken questions, active only during a narration session.
Location — to make narration aware of where you are. Read as a one-shot when you start a narration; never tracked in the background.
Speech Recognition — to convert your voice to text on your device (live captions and voice feedback). Only the resulting text is uploaded, and only where this policy says so.

You can revoke these permissions anytime in iOS Settings; the related features will stop working.

3. How We Use Information

We use the information we collect only to:

provide real-time image recognition and spoken narration;
verify requests and manage service quotas;
keep the service secure and prevent abuse;
improve service quality, using de-identified statistics only.

We do not sell or rent your personal data, and we do not use it for third-party advertising.

4. Third-Party Services

Google Firebase (authentication, database, anonymous usage analytics & crash reporting) — Privacy and Security in Firebase
AI model provider (image analysis & voice narration) — currently the Google Gemini API (Google Privacy Policy)

If we switch or add service providers, we will update this page before the change takes effect.

5. Data Retention & Deletion

Usage records are tied only to your anonymous identifier and are retained while the service operates.
You can delete your data at any time directly in the app (Settings → Advanced → Delete My Data). This immediately deletes your feedback, submitted reports (including images and transcripts), and custom quota settings. To prevent abuse, today's usage count is kept until the end of the day. You may also email us for deletion requests.
Deleting the app removes the anonymous identifier from your device; it cannot be re-associated with you afterwards.

6. Children's Privacy

This app is not directed at children under 13. If we learn that we have collected personal information from a child without parental consent, we will delete it promptly.

7. Security

All network traffic is encrypted (HTTPS / WSS). Access to the AI service uses short-lived tokens with usage and expiry limits, minimizing exposure.

8. Changes to This Policy

We may update this policy from time to time. Material changes will be announced in the app or on this page, and take effect when posted here.

9. Contact

Questions about this policy or your data: support@fermatalabs.co

「問導遊」隱私權政策

生效日期：2026 年 6 月 11 日

本政策適用於 Fermata（以下稱「我們」）開發的 iOS 應用程式「問導遊」（以下稱「本 App」）。我們的原則很簡單： 只蒐集提供服務所必需的資訊，不販售您的個人資料。

一、我們蒐集的資訊

1. 匿名識別碼

本 App 無需註冊。我們使用 Firebase 匿名驗證（Anonymous Authentication），不會要求、也不會取得您的姓名、電子郵件或任何聯絡資訊。Firebase 只會為您的安裝隨機產生一組匿名識別碼，僅用於管理服務額度與防止濫用。

2. 影像與語音

本 App 的核心功能是即時語音導覽：您拍攝的照片、長按錄影時的即時畫面，與您說出的語音提問，會由您的裝置直接傳送至我們的第三方 AI 服務供應商（目前為 Google Gemini API）進行即時分析與語音回應。

影像與語音不會儲存在我們的伺服器——我們的伺服器僅負責核發短效存取權杖，看不到、也不會經手您的照片或語音內容。唯一例外是您主動送出的回饋回報（見第 4 點）。
影像與語音僅用於產生當下的導覽回應，不用於廣告或行銷。
該供應商對資料的處理方式，受其自身的隱私權政策與 API 服務條款約束（目前適用 Google 隱私權政策）。
若您允許定位權限，導覽請求會附上您的概略 GPS 座標，讓解說更貼近您所在的地點；您主動送出回饋回報時，該次座標也會一併附上。

3. 使用紀錄

為了管理服務額度與防止濫用，我們會記錄您使用導覽功能的次數與時間（儲存於 Google Firestore）。此紀錄僅包含次數與時間戳記，不包含您的照片或對話內容。

4. 回饋回報

當您主動為導覽內容評分（按讚或倒讚）時，該次導覽的影像畫面與對話文字會上傳給我們，用於改進服務品質。您的原始語音錄音不會被上傳—— 僅包含對話的文字紀錄。回饋回報與您的匿名識別碼綁定，適用第五節的刪除流程。

二、裝置權限

相機：用於拍攝您想了解的景物。未經您拍攝，App 不會擷取任何影像。
麥克風：用於接收您的語音提問。僅在導覽進行中啟用。
定位：用於讓導覽貼近您所在的地點。僅在您啟動導覽時讀取一次，不會在背景持續追蹤。
語音辨識：用於在您的裝置上將語音轉為文字（即時字幕與語音回饋）。僅在本政策載明之處上傳轉換後的文字。

您可以隨時在 iOS「設定」中關閉上述權限，但相關功能將無法使用。

三、資訊的使用方式

我們僅將蒐集的資訊用於：

提供即時影像辨識與語音導覽服務；
驗證請求與管理服務額度；
維護服務安全、防止濫用；
改善服務品質（僅使用去識別化的統計數據）。

我們不會販售、出租您的個人資料，也不會將其用於第三方廣告。

四、第三方服務

本 App 使用以下第三方服務，其各自的隱私權政策如下：

Google Firebase（驗證、資料庫、匿名使用統計與當機回報）—— Firebase 隱私權說明
AI 模型服務（影像分析與語音導覽）——目前為 Google Gemini API（Google 隱私權政策）

若我們更換或新增服務供應商，會在變更生效前更新本頁。

五、資料保存與刪除

使用紀錄僅與您的匿名識別碼綁定，會在服務營運期間保存。
您可以隨時直接在 App 內刪除您的資料（設定 → 進階設定 → 刪除我的資料）：意見回饋、回報內容（含影像與對話文字）與專屬額度設定會立即刪除。為防止濫用，今日的使用次數計數會保留到今天結束。您也可以來信提出刪除請求。
刪除 App 即會移除您裝置上的匿名識別碼，之後該識別碼無法再與您產生關聯。

六、兒童隱私

本 App 並非以未滿 13 歲兒童為對象。若我們發現在未經家長同意的情況下蒐集了兒童的個人資訊，將會儘速刪除。

七、資料安全

所有網路傳輸均經過加密（HTTPS / WSS）。對 AI 服務的存取採用短效權杖機制，權杖具有使用次數與時效限制，以降低資料外洩風險。

八、政策變更

我們可能不時更新本政策。重大變更時，會透過 App 內公告或本頁面通知您。更新後的政策自公布於本頁面時生效。

九、聯絡我們

若您對本政策或您的個人資料有任何疑問，歡迎來信： support@fermatalabs.co