# 02B Compliance / Policy Boundary — aieditorrsp.net - task_id: t_d0e18f2a - tenant: site-aieditorrsp-20260528 - project_slug: aieditorrsp - fixed_domain: aieditorrsp.net - site_name: AI Editor RSP - primary_keyword: AI image editor with prompt - positioning: prompt-based AI photo editor + reusable style prompt library - prepared_by: 墨盾 - last_updated_utc: 2026-05-28 - verdict: CONDITIONAL_GO_TO_PRD_COPY_DESIGN_BUILD 不是正式法律意见;这是上线前产品合规与政策边界交付。涉及高风险人脸、生物识别、未成年人、深伪、版权争议、支付/税务争议时,建议上线前找执业律师复核。 ## 1. 结论 可以继续做,但必须按“中风险 AI 生成/上传工具”处理,不能按纯静态工具站处理。 P0 可以上线的前提: 1. 首页和工具页明确:用户只能上传自己有权使用的图片。 2. API key 只在服务端/Worker 侧调用;不得暴露在浏览器。 3. 明确禁止:名人/公众人物模仿、政治人物、未成年人性化、成人/非自愿编辑、证件/水印/文档篡改、第三方品牌/IP/赛事/电影/游戏角色 prompt pack。 4. 不使用 “RSP Editing AI”“official RSP editing”“rspediting” 作为 SEO/品牌主文案。 5. 不承诺 guaranteed face match、100% identity preservation、copyright-free commercial use、unlimited generations。 6. Privacy / Terms / Cookie / Refund 页面必须上线;至少路由:`/privacy`、`/terms`、`/cookie-policy`、`/refund`。 7. 支付若进入 P0/P1:Stripe Checkout 必须启用自动税、账单地址、税号收集;价格页不得写 unlimited。 ## 2. 风险等级 风险等级:🟡 中风险。 原因: - 用户上传图片,可能包含个人照片、肖像、EXIF/文件元数据。 - 调用第三方 AI 图片编辑/生成服务,涉及输入图片、prompt、输出图传输。 - 可能保存生成历史、结果图片、额度/账户数据。 - 未来可能接 Stripe 订阅/credits。 - 方向接近“人像/头像/社媒图”,容易触发肖像权、版权、深伪、非自愿编辑和商业使用误导。 不按 🔴 高风险处理的前提: - P0 不做身份验证/KYC/证件编辑。 - P0 不做医疗、金融、法律、儿童产品。 - P0 不做人脸识别、生物识别识别、年龄/性别/种族/健康推断。 - P0 不提供 deepfake/换脸/裸露生成/非自愿亲密图像功能。 ## 3. 商标 / 品牌 / SEO 边界 ### 3.1 固定域名风险 aieditorrsp.net 可继续使用,但只作为品牌域名。RSP 建议解释为 Reusable Style Prompts。 必须避免: - 把站点叫 “RSP Editing AI”。 - 标题/H1/meta 使用 “official RSP Editing”。 - 暗示与 rspediting.com、GameJolt/Tumblr 上的 RSP Editing AI、Instagram RSP editing 内容生态有关联。 - 复刻 RSP Editing/RSP prompt 资源站的素材、模板包、页面结构、名称体系。 允许: - AI Editor RSP - Reusable Style Prompts - AI image editor with prompt templates - prompt-based AI image editor - AI photo prompt editor Footer / Terms 推荐声明: > AI Editor RSP is an independent product. It is not affiliated with, endorsed by, or sponsored by RSP Editing, ChatGPT, OpenAI, Google, Gemini, Nano Banana, Picsart, Media.io, or any other third-party brand mentioned for descriptive purposes. ### 3.2 第三方品牌词使用 允许描述性提及: - “ChatGPT photo editing prompts” 作为用户搜索意图/教育内容。 - “Gemini / Nano Banana / Picsart / Media.io” 仅在比较、教程或兼容性说明中作 nominative fair use。 禁止: - “ChatGPT official photo editor” - “Gemini certified editor” - “Nano Banana official prompts” - 使用第三方 logo、官方图标、商标色做背书式设计。 - 在 prompt pack 中使用明星、电影、游戏、动漫、赛事、宗教人物/神像等受保护形象或容易引发争议的风格包。 ## 4. P0 Allowed / Disallowed Policy ### 4.1 P0 允许范围 允许用户: - 上传自己有权使用的 JPG/PNG/WebP 图片。 - 做一般人像美化、光影、色调、背景替换、产品图背景、社媒头像、职业头像风格、旧照片修复。 - 使用通用风格 prompt:cinematic portrait、studio lighting、product background、color grading、professional headshot、social avatar、old photo restore。 - 复制/保存通用 prompt 模板。 - 下载输出图,前提是遵守用户自己的上传权利、第三方模型条款和适用法律。 ### 4.2 P0 禁止范围 必须在 Terms、上传页、prompt guardrail、FAQ 中禁止: 1. 违法/侵权内容 - 上传没有权利使用的图片。 - 侵犯版权、商标、肖像权、隐私权、公开权的编辑。 - 擅自使用明星、网红、公众人物、运动员、影视/游戏/动漫角色形象。 - 伪造品牌广告、官方背书、赛事素材、平台认证。 2. 深伪/非自愿/成人内容 - 非自愿亲密图像、裸露生成、性化编辑。 - 儿童/未成年人性化或任何儿童不当内容。 - 伪造真实人物做误导性、羞辱性、骚扰性、诈骗性内容。 - 换脸、身份冒充、政治人物或公众人物误导性编辑。 3. 欺诈/证件/安全 - 身份证、护照、驾照、账单、发票、合同、成绩单、证明文件编辑。 - 水印移除、签名伪造、证据篡改、截图造假。 - 钓鱼、诈骗、恶意广告素材、规避审核素材。 4. 高风险敏感推断 - 通过图片推断健康、种族、宗教、性取向、政治立场、信用、犯罪倾向。 - 生物识别识别或人脸识别数据库匹配。 5. 平台滥用 - 自动化批量生成垃圾内容。 - 绕过费率限制、共享账号、滥用免费额度。 - 上传恶意文件或试图攻击模型/服务。 ## 5. Prohibited Claims / Copy Red Lines ### 5.1 禁止使用 - guaranteed face match - 100% accurate identity preservation - always keeps your face the same - copyright-free commercial use - safe for all commercial use - official RSP editing - official ChatGPT / Gemini / Nano Banana editor - no restrictions - unlimited generations - unlimited credits - watermark remover - ID/passport/document editor - deepfake maker - celebrity prompt pack - IPL prompt pack / movie-star prompt pack / anime character prompt pack - approved by OpenAI / Google / Picsart / Media.io - deletes everything instantly(除非实现和供应商都支持) ### 5.2 允许使用,但需谨慎 - “Designed to help preserve the main subject” - “Results vary by source photo, prompt, and model” - “Use outputs according to your rights and the model provider’s terms” - “Commercial use may depend on your input rights, selected model, and applicable law” - “We do not store full payment card details on our servers; payments are processed by Stripe” - “Free daily credits are limited and may change to prevent abuse” ## 6. Data Flow / Privacy Architecture ### 6.1 预期数据流 P0/P1 预计处理: - 用户输入:上传图片、prompt、prompt builder 选择项、负面提示词、输出尺寸/用途。 - 技术数据:IP、User-Agent、设备/浏览器、Cloudflare request logs、错误日志、rate limit key。 - 账户数据(如启用登录):邮箱、登录 provider ID、账户状态、credits。 - 生成数据:生成请求、输出图片 URL、结果预览、下载记录、generation_id。 - 支付数据(如启用 Stripe):customer_id、checkout_session_id、subscription/credit purchase metadata、tax/subtotal/total,不保存完整卡号。 - 分析数据:GA4/Clarity/Bing/Plausible 或同类事件,如 upload_start、prompt_select、generate_success、upgrade_click。 ### 6.2 数据最小化要求 - 默认不要永久保存用户上传原图,除非产品明确需要 history/account gallery。 - 如需保存输出图,优先设置自动过期:例如匿名用户 24 小时、登录用户 30 天或用户手动删除。 - 生成日志只保存排障/计费/反滥用必要字段;不要保存完整敏感图片内容到日志。 - EXIF/GPS 元数据应在上传处理时剥离或不用于产品功能。 - 管理后台不得展示不必要的用户原图;如需排障,应做最小权限和访问日志。 ### 6.3 第三方服务清单(待最终技术栈确认) 必须在 Privacy Policy 中披露: - Cloudflare: hosting, CDN, DNS, security, Workers, D1/KV/R2 if used, logs. - AI image provider: [待确认:OpenAI / Google / Replicate / fal.ai / Stability / other],处理上传图片、prompt、输出图。 - Stripe: payment processing, tax calculation, invoices, subscription/credit purchases if paid flow ships. - Analytics: [待确认:GA4 / Microsoft Clarity / Bing / Plausible / PostHog]。 - Email/auth: [待确认:Resend / Google OAuth / Clerk / Supabase / Auth.js]。 - Error monitoring: [待确认:Sentry or none]。 ### 6.4 Legal Basis table(EU/UK 用户) | Data type | Purpose | Lawful basis | Third parties | Suggested retention | Deletion | |---|---|---|---|---|---| | Uploaded image | Provide image editing/generation | Contract | AI provider, Cloudflare/R2 if stored | Anonymous: 24h or not stored; logged-in: 30d unless user saves | User can request deletion | | Prompt / generation request | Generate/edit image and improve prompt flow | Contract | AI provider, app DB/logs | Same as generation record; avoid indefinite full prompt retention | User can delete/request deletion | | Output image | Preview/download/history | Contract | AI provider, R2/CDN if stored | 24h anonymous; 30d account; configurable | User can delete/request deletion | | Email/account ID | Login, credits, support | Contract / Legitimate Interests | Auth/email provider | Account lifetime + limited audit retention | User can delete account | | Payment metadata | Orders, refunds, tax, subscriptions | Contract / Legal Obligation | Stripe | As required for tax/accounting/audit | Limited deletion; legal records may remain | | IP/User-Agent/security logs | Rate limits, abuse prevention, security | Legitimate Interests | Cloudflare, logs | 30–90d recommended | Usually not item-level deleted | | Analytics events | Product analytics and funnel measurement | Consent or Legitimate Interests depending region/tool | GA4/Clarity/Plausible/etc. | Per tool settings | Opt-out/withdraw consent if applicable | | Support messages | Customer support | Contract / Legitimate Interests | Email/helpdesk | Support lifetime + audit window | User can request deletion | ## 7. AI Content Safety Controls ### 7.1 Product/UI controls Required P0 UI safety controls: - Upload helper text: “Upload images you own or have permission to use.” - Prompt box warning: “Do not request celebrity/public figure impersonation, explicit content, document edits, or watermark removal.” - Unsafe prompt blocked state in design: must exist and be implemented. - Result disclaimer near download: “AI results may vary. You are responsible for your input rights and output use.” - Report/contact link for abuse complaints. ### 7.2 Technical controls Required P0/P1 guardrails: - Server-side prompt moderation keyword rules for obvious unsafe requests. - Upload MIME and size validation. - File extension is not enough; verify content type. - Rate limit by user_id where available, otherwise IP/session/device fingerprint with care. - Free quota abuse controls before public launch. - Optional Turnstile for anonymous generation if abuse appears. - Log blocked category counts without storing sensitive full image data. Minimum block keyword/category examples: - celebrity, famous actor, politician, president, prime minister, public figure, deepfake, face swap, nude, naked, explicit, NSFW, minor, child, passport, ID card, driver license, invoice, receipt, watermark remove, forged, fake document, signature. Do not rely only on keyword filters. Treat them as first pass; provider safety filters still apply. ## 8. Privacy Policy Draft Route: `/privacy` Alias: `/privacy-policy` → 308 to `/privacy` Recommended page copy skeleton: ```markdown # Privacy Policy Last updated: May 28, 2026 AI Editor RSP (“we”, “us”, or “our”) is operated by Nextfield Labs LLC, Wyoming, USA. This Privacy Policy explains how we collect, use, disclose, and protect information when you use aieditorrsp.net. ## Information We Collect We may collect: - Images you upload for editing. - Text prompts, prompt builder selections, and generation settings. - Generated outputs and generation metadata, such as generation ID, timestamp, and credit usage. - Account information, such as email address, if you create an account or sign in. - Payment metadata if you purchase credits or a subscription. Payments are processed by Stripe. We do not store full payment card details on our servers. - Technical information such as IP address, browser, device, logs, security events, and usage events. - Support messages you send to us. ## How We Use Information We use information to: - Provide image editing and prompt-based generation features. - Display, download, and manage generated results. - Operate credits, rate limits, fraud prevention, and abuse controls. - Process payments, refunds, invoices, taxes, and subscriptions where applicable. - Improve reliability, debug errors, analyze usage, and protect the service. - Respond to support, legal, and security requests. ## User Content and AI Providers To provide image editing, we may send your uploaded image, prompt, and generation settings to third-party AI service providers. The selected AI provider is [待确认]. Provider processing, retention, and model training practices may be governed by that provider’s terms and privacy policy. We will not promise that uploaded images are never processed by third parties unless the implementation supports that. ## Retention Unless otherwise stated in the product, we aim to keep uploaded images and generated outputs only as long as needed to provide the service, enable downloads, prevent abuse, and resolve support issues. Anonymous generations should be deleted or expire after a short period, such as 24 hours. Logged-in account history, if offered, may be retained until you delete it or close your account. Security, payment, tax, and audit records may be retained longer where necessary. ## Cookies and Analytics We use necessary cookies and similar technologies to operate the site, remember sessions, secure the service, and process payments. If we use analytics tools such as Google Analytics, Microsoft Clarity, Plausible, or similar tools, we will disclose them in our Cookie Policy and, where required, ask for consent before loading non-essential cookies. ## Payments If paid plans or credits are offered, payments are processed by Stripe. Stripe may collect payment details, billing address, tax information, and transaction data under its own terms and privacy policy. ## Legal Bases for EU/UK Users Where applicable, we process personal data based on contract, legitimate interests, consent, and legal obligations, depending on the processing activity. ## Your Rights Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal data. You may also withdraw consent for non-essential cookies or marketing where applicable. Contact us at [待确认 contact email]. ## Children The service is not intended for children under 13, or under the age required by local law. Users under 18 should use the service only with parental or guardian permission. We prohibit sexualized or exploitative content involving minors. ## International Transfers We operate from the United States and use service providers that may process data in the United States or other countries. ## Security We use reasonable technical and organizational measures to protect data, including server-side API calls, access controls, and abuse prevention. No online service is perfectly secure. ## Changes We may update this Privacy Policy. The updated version will be posted with a new “Last updated” date. ## Contact Contact: [待确认 contact email] Operator: Nextfield Labs LLC, Wyoming, USA ``` ## 9. Terms of Service Draft Route: `/terms` Alias: `/terms-of-service` → 308 to `/terms` Recommended page copy skeleton: ```markdown # Terms of Service Last updated: May 28, 2026 These Terms govern your use of AI Editor RSP at aieditorrsp.net. By using the service, you agree to these Terms. ## Service AI Editor RSP provides prompt-based image editing tools and reusable style prompt templates. AI outputs are probabilistic and may vary by source image, prompt, model, and provider availability. ## Eligibility You must be at least 13 years old, or the minimum age required in your jurisdiction. If you are under 18, you should use the service only with permission from a parent or guardian. ## Your Content You are responsible for the images, prompts, and other content you upload or submit. You represent that you have the necessary rights and permissions to use your inputs and to request the edits you submit. You retain your rights in your original inputs. Subject to your compliance with these Terms, you may use generated outputs as permitted by applicable law and the relevant AI provider terms. We do not guarantee that outputs are unique, copyrightable, free from third-party rights, or suitable for all commercial uses. ## Prohibited Uses You may not use the service to: - Violate laws or third-party rights, including copyright, trademark, privacy, publicity, or image rights. - Create or request non-consensual intimate images, sexual content involving minors, harassment, threats, hate, or exploitative content. - Impersonate public figures, politicians, celebrities, private individuals, brands, or institutions in a misleading way. - Create deepfakes, face swaps, or deceptive identity edits. - Edit IDs, passports, driver licenses, invoices, receipts, contracts, screenshots, watermarks, signatures, or evidence-like documents. - Remove watermarks or rights-management information. - Generate malware, phishing, fraud, scams, or deceptive ads. - Abuse free credits, bypass limits, scrape the service, or attack the service. We may block prompts, remove outputs, suspend access, or refuse service if we believe use violates these Terms or creates legal, safety, or platform risk. ## AI Output Disclaimer AI results may be inaccurate, unexpected, or unsuitable. Face, identity, pose, composition, and style preservation are not guaranteed. You are responsible for reviewing outputs before using or publishing them. ## Third-Party Services The service may use Cloudflare, AI model providers, Stripe, analytics providers, authentication/email providers, and other vendors. Their services may be governed by their own terms. ## Payments, Credits, and Subscriptions If we offer paid credits or subscriptions, prices, credit limits, renewal terms, taxes, and cancellation rules will be disclosed before checkout. Credits and plans are not unlimited. Taxes may be calculated and added at checkout. Payments are processed by Stripe. ## Refunds Refunds are governed by our Refund Policy at /refund. ## Intellectual Property The site, software, design, templates, copy, and brand elements are owned by us or our licensors. You may not copy, resell, scrape, or repackage the service or prompt library as a competing product. ## No Affiliation AI Editor RSP is independent and is not affiliated with, endorsed by, or sponsored by RSP Editing, ChatGPT, OpenAI, Google, Gemini, Nano Banana, Picsart, Media.io, or other third-party brands. ## Availability We may change, suspend, rate limit, or discontinue features. AI providers may fail, change policies, or reject requests. ## Limitation of Liability To the fullest extent permitted by law, the service is provided “as is” and “as available.” We are not liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for loss of profits, data, goodwill, or business opportunities. Our total liability is limited to the amount you paid for the service in the 3 months before the claim, or USD $100 if you paid nothing, where legally permitted. ## Indemnity You agree to indemnify and hold us harmless from claims arising from your inputs, outputs, use of the service, violation of these Terms, or infringement of third-party rights. ## Governing Law These Terms are governed by the laws of Wyoming, USA, without regard to conflict-of-law rules. ## Contact Contact: [待确认 contact email] Operator: Nextfield Labs LLC, Wyoming, USA ``` ## 10. Cookie Policy Draft Route: `/cookie-policy` Recommended page copy skeleton: ```markdown # Cookie Policy Last updated: May 28, 2026 This Cookie Policy explains how AI Editor RSP uses cookies and similar technologies on aieditorrsp.net. ## What Are Cookies Cookies are small files stored on your device. Similar technologies include local storage, pixels, tags, and SDKs. ## Types of Cookies We Use ### Strictly Necessary Used to operate the site, keep sessions secure, prevent abuse, remember credit limits, process checkout, route traffic, and protect the service through Cloudflare. These cannot be disabled through our cookie banner because the site may not work without them. ### Functional Used to remember non-essential preferences such as prompt builder settings, theme, recent prompt choices, or UI state. ### Analytics Used to understand site usage, funnels, errors, and product performance, such as page views, prompt selection, upload success, generation success/error, download clicks, and upgrade clicks. Tools may include [待确认: GA4 / Microsoft Clarity / Plausible / PostHog / Bing]. In regions where consent is required, these should not load before consent. ### Payment and Fraud Prevention Stripe and related payment services may set cookies or collect device/payment signals during checkout for fraud prevention, tax, and payment processing. ## Managing Cookies You can manage cookies in your browser settings. If we use non-essential analytics or marketing cookies in a region that requires consent, you can accept, reject, or change choices through the cookie banner or preference link. ## Do Not Track Some browsers send “Do Not Track” signals. There is no uniform industry standard for responding to these signals. Where required by law, we will provide applicable opt-out controls. ## Contact Contact: [待确认 contact email] ``` Cookie implementation requirement: - If only Cloudflare necessary cookies + Plausible cookieless analytics: cookie banner may be lightweight or not required depending target market; still disclose. - If GA4, Microsoft Clarity, ad pixels, retargeting, or heatmap cookies load for EU/UK users: use consent banner and block non-essential scripts before consent. - Clarity can capture session behavior; mask sensitive fields and avoid recording uploaded images/prompt text where possible. ## 11. Refund Policy Draft Route: `/refund` Pricing is not final. Use this draft once 墨账 confirms pricing/credits. ```markdown # Refund Policy Last updated: May 28, 2026 This Refund Policy applies to purchases made on aieditorrsp.net. ## Free Credits Free credits, trials, demos, or promotional credits have no cash value and are not refundable. ## Paid Credits Unused paid credit packs may be eligible for a refund within [待确认: 7 or 14 days] after purchase if no or minimal credits have been used. Used credits are generally not refundable because AI generation costs are incurred when a request is processed. ## Subscriptions If subscriptions are offered, you may cancel future renewals through the billing portal or account settings. Cancellation stops future billing but does not automatically refund the current billing period unless required by law or expressly stated at checkout. ## Failed or Duplicate Charges If you believe you were charged by mistake, charged twice, or could not access purchased credits, contact us at [待确认 contact email] with your payment email and order ID. We will review and respond within [待确认: 5–10 business days]. ## Taxes Taxes, VAT, GST, or sales tax may be calculated at checkout. Tax refunds, where applicable, are processed through the payment provider and may depend on local law and payment provider rules. ## Abuse and Policy Violations We may deny refunds where credits were used for prohibited content, abuse, fraud, chargeback misuse, or attempts to bypass limits. ## How to Request a Refund Contact: [待确认 contact email] Include: account email, order ID, purchase date, and reason for request. ``` Recommended default if paid P0 ships: 7-day refund window for unused or mostly unused credit packs/subscription first payments; no refund for consumed AI generation credits except duplicate/failure cases. Align final policy with 墨账 pricing. ## 12. Payment / Stripe / Tax Requirements If paid credits or subscriptions ship in P0/P1: Hard requirements: - No “unlimited” wording in Free, Pro, Lifetime, or credit packs. - Price page must disclose: renewal period, credit amount, reset/expiry, cancellation path, refund window, taxes may apply. - Stripe Checkout must use: - `automatic_tax: { enabled: true }` - `billing_address_collection: 'required'` - `tax_id_collection: { enabled: true }` - Customer Portal for cancellations if subscriptions are used. - Store and report `subtotal`, `tax`, `total` separately. - Tax collected is tax payable, not product revenue. - Do not store full card details. - Receipts/invoices should be available through Stripe. Checkout copy requirement: > Taxes may be calculated and added at checkout. AI generation credits are capped and may be consumed when a generation request is processed. ## 13. Page / Route Contract for Compliance Required legal routes: - `/privacy` — index allowed - `/privacy-policy` — 308 redirect to `/privacy` - `/terms` — index allowed - `/terms-of-service` — 308 redirect to `/terms` - `/cookie-policy` — index/noindex acceptable; footer-visible - `/refund` — index/noindex acceptable; footer-visible if paid plans exist - `/contact` — required before launch; index/noindex acceptable Required footer links: - Privacy - Terms - Cookie Policy - Refund Policy if paid/credits exists - Contact - No affiliation disclaimer if third-party brands mentioned on page ## 14. Prompt Library / SEO Content Guardrails Indexable prompt pages may only ship if each page has real value and safe scope: - unique prompt formula - variables/placeholders - allowed use case - what to keep same - negative constraints - example generated/owned image or clearly marked demo - copy/apply CTA - safety note Noindex until fixed: - thin prompt pages with generic copy - pages relying on celebrity/IP/sports/movie/game/religious-festival trend prompts - pages using third-party thumbnails, competitor examples, or scraped prompt packs - pages claiming “official”, “complete”, “copyright-free”, “100% accurate” Prompt page disclaimer: > Use this prompt only with images you own or have permission to edit. Avoid public figures, private individuals without consent, protected characters, and misleading commercial use. ## 15. Example Assets / Before-After Images Allowed: - AI-generated sample people/products that do not resemble real celebrities or private persons. - Self-owned photos with documented permission. - Original product mockups or generic objects. - Before/after pairs generated specifically for this site. Disallowed: - celebrity photos - sports league/IP imagery - movie/game/anime characters - religious/personality imagery - competitor screenshots used as examples - scraped Instagram/Pinterest/YouTube thumbnails - stock photos without license tracking Asset manifest requirement for design/build: - filename/path - source - license/ownership - allowed use - whether model-generated - whether it depicts a real person - whether commercial use is allowed ## 16. Contact / Company Details Needed [待确认] before public launch: - Contact email for legal/privacy/support. Recommended: support@aieditorrsp.net or legal@aieditorrsp.net after MX setup. - Whether user accounts ship in P0. - Whether generation history is stored and default retention period. - Final AI provider and provider data/training/retention terms. - Final analytics stack and whether cookie banner is needed. - Final pricing/refund terms from 墨账. - Whether commercial use is allowed by chosen image provider. Do not block PRD/design/build on these if downstream marks them as `[待确认]`, but do block public launch if legal pages still contain unresolved placeholders. ## 17. Implementation Acceptance Checklist Build/QA must verify: Policy pages: - `/privacy` returns 200 and has Last updated, company, contact email, AI provider disclosure, retention, user rights. - `/terms` returns 200 and has prohibited uses, no affiliation, AI output disclaimer, payment/credits terms if paid. - `/cookie-policy` returns 200 and matches actual analytics/cookie behavior. - `/refund` returns 200 if any paid plan/credits exist. - `/privacy-policy` and `/terms-of-service` 308 redirect correctly. UI safety: - Upload area says users need rights/permission. - Prompt input warns against unsafe categories. - Unsafe prompt blocked state exists. - Download/result screen includes rights/output disclaimer. - Free limit reached state avoids dark patterns. Technical: - AI provider calls are server-side only. - API keys are not present in client bundle. - Upload validation checks MIME, size, and supported types. - Rate limit/free quota works. - Logs do not store raw sensitive content unnecessarily. - R2/output retention matches Privacy copy. - Cookie banner blocks non-essential analytics before consent if required. Copy/IP: - No “official RSP Editing”, “RSP Editing AI”, “guaranteed face match”, “unlimited”, or “copyright-free commercial use”. - No celebrity/IP/religion/sports/movie/game/anime prompt packs in P0. - No third-party logos used as endorsement. - Footer no-affiliation disclaimer visible. Payment if enabled: - Stripe Checkout uses automatic tax, billing address, tax ID collection. - Price page and checkout disclose credits, renewal, cancellation, refunds, taxes. - No unlimited credits. - `subtotal/tax/total` tracked separately. ## 18. Residual Risks 1. Domain/brand risk: `aieditorrsp` has weak readability and overlaps the RSP editing ecosystem. Mitigation: use RSP only as Reusable Style Prompts and avoid “RSP Editing AI”. 2. Provider retention risk: final AI provider not selected. Mitigation: Privacy must not promise deletion/no training beyond provider terms. 3. Face/identity risk: users may expect exact preservation. Mitigation: UI and Terms must state results vary and identity preservation is not guaranteed. 4. Commercial rights risk: AI output rights depend on input rights and provider terms. Mitigation: do not promise copyright-free commercial use. 5. Abuse risk: anonymous free image generation can be abused. Mitigation: rate limit, Turnstile if needed, prompt moderation, quota controls. 6. Cookie/analytics risk: Clarity/GA may require consent in EU/UK. Mitigation: consent mode or script blocking before consent. 7. Payment/tax risk: if paid credits ship without Stripe Tax config, launch should be blocked. Mitigation: automatic_tax + billing address + tax ID collection. ## 19. Downstream Handoff For 墨策 PRD: - Treat compliance as middle-risk AI upload/generation product. - Keep disallowed categories in PRD acceptance criteria. - Final PRD must specify retention periods and chosen AI provider. For 墨引/墨笔 SEO copy: - Use allowed claims only. - Add no-affiliation and result-variance disclaimers where third-party brands or face/identity language appears. - Do not write IP/celebrity prompt pages. For 墨影 design: - Include unsafe prompt blocked, free limit reached, provider fail, upload warning, result disclaimer states. - Use only owned/generated example assets with manifest. For 墨界/墨枢 build: - Implement legal routes and redirects. - Server-side AI calls only. - Implement quota/rate limits and content guardrails. - Align storage/retention with Privacy copy. For 墨账 pricing: - No unlimited. - Confirm refund window and consumed-credit refund rule. - Confirm Stripe Tax implementation if paid. ## 20. Verification Inputs read: - `/root/.hermes/reports/site-aieditorrsp-20260528/input-brief.md` - `/root/.hermes/reports/site-aieditorrsp-20260528/00-research.md` - `/root/.hermes/reports/site-aieditorrsp-20260528/01-brief-v0.md` - parent handoff from t_5938cbf6 Fresh checks performed 2026-05-28: - Web search for `"RSP Editing AI"`: found existing RSP Editing AI/RSP editing ecosystem references, confirming no-affiliation/trademark-watch requirement. - Web search for `"rspediting" AI photo editing prompts`: found RSP/prompt editing social/content references and PromptPlum/Picsart prompt-library competitors. - Web search for AI provider retention policy: confirmed provider-specific disclosure is required; do not promise more than provider terms. - Web search for Stripe automatic tax Checkout: confirmed automatic tax/billing address/tax ID collection should be included if paid checkout ships. Deliverable path: - `/root/.hermes/reports/site-aieditorrsp-20260528/02b-compliance.md`