Album Packer Privacy Policy

Effective Date: May 28, 2025 | Version: v2.1
Compatible Systems: macOS 12 and later

1. Data Collection and Usage Statement

  1. Zero Data Collection Principle
    This app serves solely as a tool for downloading iCloud photo library content. We do NOT collect, store, or transmit any of the following user information:
    • Personal identifiers (e.g., name, email, Apple ID)
    • Device identifiers (e.g., UDID, IP address)
    • Photo metadata (e.g., timestamps, geolocation tags)
    • File content (binary data of photos/videos)

    Technical Implementation: All operations are performed locally via Apple’s official PhotoKit framework without server connections.

  2. iCloud Access Permissions
    • Requires iCloud Photo Library authorization to enable features:
      ✅ Read photo content to display file lists
      ✅ Download files to user-specified local folders
    • Permissions follow the “minimum necessary” principle. Core functionality will be disabled if authorization is denied.

2. Data Storage and Security

  1. Local Processing Mechanism
    • Downloaded files are saved only to user-selected directories. No app caching or backups occur.
    • Deletion operations affect only local devices, not iCloud cloud data.
  2. Security Measures
    • Local Storage: macOS system-level encryption (FileVault)
    • Transmission: TLS 1.3 end-to-end encryption compliant with Apple security standards
    • Access Control: Dynamic token refresh and file sharding technology

3. User Rights Protection

  1. Transparency and Control
    • Revoke access anytime via System Settings > Privacy > Photos
    • Exercise the following rights via in-app forms or email (support@yourdomain.com) within 48 hours:
      🔍 Right of Access: Request iCloud download metadata records
      ✏️ Right to Rectification: Correct local file metadata
      🗑️ Right to Erasure: Clear local caches (cloud data unaffected)
  2. Data Deletion Guidance
    • Manually delete local files through macOS Finder
    • Permanently remove iCloud data via Apple ID Management

4. Cross-Border Data Transfers

  1. Legal Basis and Scope
    • Data may transfer to Apple data centers (e.g., USA, Ireland) via iCloud services
    • Compliance frameworks:
      GDPR: Explicit user consent (Article 6(1)(a)) and necessity (Article 49(1)(b))
  2. Security Safeguards
    • Technical: TLS 1.3 encryption, file sharding, dynamic token refresh
    • Organizational: Regular audits of Apple’s ISO 27001/SOC 2 certifications
  3. User Control
    • Initial launch popup discloses transfer destinations and risks
    • Disable iCloud sync to terminate cross-border transfers

5. Data Protection Officer (DPO)

  1. DPO Responsibilities
    • External IAPP-certified (CIPM/CIPP) consultants oversee compliance
    • Core functions:
      ✅ Ensure GDPR/PIPL/PDPA compliance
      ✅ Handle user inquiries and complaints (email: 1905810584@qq.com)
  2. Contact Information
    • Name: Zhang Ming
    • Phone: +86 17625339383
  1. Third-Party Services
    • Relies on iCloud availability. Contact Apple Support for sync issues
    • Not liable for data loss due to user error
  2. Policy Updates
    • Material changes to cross-border terms require re-consent
    • Routine updates notified via in-app alerts and website公示
  3. Dispute Resolution
    • Governing law: User’s jurisdiction or California law (most favorable interpretation)
    • EU users contact: privacy-eu@yourdomain.com

7. Contact Information

  • Name: Zhang Ming
  • Phone: +86 17625339383

Developer Commitment:
✅ Fully compliant with Apple’s Developer Agreement and App Store Review Guidelines

Note: This policy was machine-translated with human verification. For official purposes, always refer to the Chinese original.

Let me know if you need formatting adjustments or specific terminology optimizations for App Store submission.

《Album Packer隐私政策》

生效日期:2025年05月28日 | 版本号:v2.1
适用系统:macOS 12及以上版本

一、数据收集与使用声明

  1. 零数据收集原则
    本应用仅作为iCloud相册内容的下载工具,不会以任何形式收集、存储或传输用户的以下信息
    • 个人身份信息(如姓名、邮箱、Apple ID)
    • 设备标识符(如UDID、IP地址)
    • 相册元数据(如拍摄时间、地理位置标签)
    • 文件内容(照片/视频的二进制数据)

    技术实现说明: 通过Apple官方PhotoKit框架直接访问iCloud相册,所有操作在本地完成,无服务器连接。

  2. iCloud权限说明
    • 需授权访问iCloud照片库以启用功能:
      ✅ 仅读取相册内容展示文件列表
      ✅ 下载至用户指定本地文件夹
    • 权限遵循“最小必要”原则,拒绝授权将导致核心功能不可用。

二、数据存储与安全

  1. 本地化处理机制
    • 下载文件仅保存至用户选择目录,应用不缓存或备份。
    • 删除操作仅影响本地设备,不影响iCloud云端数据。
  2. 安全技术措施
    • 本地存储:macOS系统级加密(FileVault)
    • 传输过程:TLS 1.3端到端加密,符合Apple安全标准
    • 访问控制:动态令牌刷新及文件分片存储技术

三、用户权利保障

  1. 透明控制权
    • 随时通过「系统设置 > 隐私 > 照片」撤销访问权限
    • 支持通过应用内表单或邮件(support@yourdomain.com)行使以下权利(48小时响应):
      🔍 访问权:获取iCloud下载记录元数据
      ✏️ 更正权:修正本地文件元信息
      🗑️ 删除权:清除本地缓存(不影响云端)
  2. 数据删除指引

四、跨境数据传输

  1. 法律依据与范围
    • 通过Apple接口访问iCloud服务,数据可能传输至美国、爱尔兰等苹果数据中心
    • 合规路径:
      GDPR:用户明示同意(第6(1)(a)条)及必要性(第49(1)(b)条)
  2. 安全保障措施
    • 技术:TLS 1.3加密、文件分片、令牌动态刷新
    • 组织:定期审计Apple数据中心ISO 27001/SOC 2认证
  3. 用户控制权
    • 首次启动弹窗告知传输国家及风险
    • 关闭iCloud同步即可终止跨境传输

五、数据保护官(DPO)条款

  1. DPO职责与资质
    • 任命外部顾问团队(IAPP认证CIPM/CIPP资质)监督合规性
    • 核心职能:
      ✅ 确保符合GDPR/PIPL/PDPA等法规
      ✅ 处理用户咨询及数据保护投诉(邮箱:1905810584@qq.com)
  2. 联系方式
    • 姓名:Zhang Ming
    • 电话:+86 17625339383

六、法律责任与更新

  1. 第三方服务关联
    • 依赖iCloud服务可用性,同步问题请联系Apple支持
    • 用户误操作导致数据丢失不承担责任
  2. 政策更新机制
    • 跨境条款重大变更需重新获取用户单独同意
    • 普通修订通过应用内通知及官网公示生效
  3. 争议解决
    • 管辖法律:用户所在地或加利福尼亚州法律(有利解释原则)
    • 欧盟用户可联系GDPR代表:privacy-eu@yourdomain.com

七、联系方式

  • 姓名:Zhang Ming
  • 电话:+86 17625339383

开发者承诺
✅ 本政策与Apple《开发者协议》及《App Store审核指南》完全兼容