隐私权政策

最后更新日期：2026年5月13日｜资料控制者：北京巴拉多多科技有限公司（Beijing Baladuoduo Technology Co., Ltd.，下称「本公司」或「我们」）

English summary: This Privacy Policy explains how Beijing Baladuoduo Technology Co., Ltd. (“we”, “us”) collects, uses, discloses, and protects personal information when you use our official website, customer support channels, and mobile applications we make available to users. It also summarizes your rights (including GDPR-style rights where applicable), how to contact us about privacy, children’s privacy, international transfers, and retention. The detailed rules are provided in the Simplified Chinese sections below.

1. 适用范围

本政策适用于本公司官方网站（下称「本网站」）、您与本公司之商业联络、客户服务、活动报名、求职招募流程，以及由本公司或关联企业以本公司名义通过自有渠道、合作应用市场或其他合法方式发布或运营的移动应用程序（下合称「本服务」）。若各应用程序内另有补充说明，该补充说明与本政策一并适用；如有冲突，于该应用程序范围内以补充说明为准。

1.1 应用程序补充说明 — 一键压图

本节为针对 一键压图（本地照片压缩应用，iOS / Android）的特别说明，依本政策第 1 节优先于通用条款适用：

完全本地处理：一键压图无任何后端服务器。您所选取的照片仅在设备本机内存中压缩，压缩完成后由您选择"保存到相册"或"通过系统分享面板分享"；本公司从未接收、传输或储存您的照片或其任何衍生资料。
不收集任何个人信息：一键压图不收集姓名、电话、电子邮件、账户信息（本应用无账号体系）、IDFA／IDFV／Android Advertising ID／OAID／IMEI 等设备识别码、IP 地址、粗略或精确位置、通讯录、日历、麦克风、网络流量、崩溃日志、分析事件或任何形式的遥测资料；本应用亦不进行用户画像、自动化决策或定向广告。因此本政策第 2、4、5、6、8、10 节所述之资料收集、第三方分享、第三方 SDK、保存期间、当事人权利、加州居民权利等条款，于一键压图范围内无适用对象。
所需操作系统权限：仅以下两项，且严格限于所述用途：
- 读取照片库（iOS NSPhotoLibraryUsageDescription／Android READ_EXTERNAL_STORAGE，仅 Android 12 及以下）：用于系统照片选择器向您展示可选择的照片。iOS 14 及以上版本下，本应用通过苹果 PHPickerViewController（系统级、独立进程）呈现照片选择器，不会主动扫描您的照片库；为符合 Apple App Store 提交期间的静态二进制扫描要求，NSPhotoLibraryUsageDescription 仍会随应用提交。
- 写入照片库（iOS NSPhotoLibraryAddUsageDescription／Android WRITE_EXTERNAL_STORAGE，仅 Android 9 及以下适用）：仅当您主动点击"保存"时，将压缩结果写回您的相册。
本机偏好设定：仅以系统标准偏好存储（iOS NSUserDefaults／Android SharedPreferences）保存：压缩质量、输出格式、上次目标大小、目标单位（KB／MB）、初次引导完成标志、界面语言、明暗主题。卸载应用即一并清除。
第三方组件：仅采用纯本机运行的开源组件（如 Flutter 框架、libjpeg-turbo、libwebp 等），均不包含任何遥测、分析、广告或网络功能；本应用不接入任何第三方 SDK 处理者。
iOS 隐私清单：依苹果要求，本应用随附 PrivacyInfo.xcprivacy，声明未进行追踪、未收集任何资料类型，并申报四项"必要原因 API"用途：NSUserDefaults（理由 CA92.1，存储 App 自有设定）、FileTimestamp（理由 C617.1，读取 App 自身资源包文件）、SystemBootTime（理由 35F9.1，Flutter 引擎使用）、DiskSpace（理由 85F4.1，计算缓存空间）。
儿童隐私：因不收集任何资料，一键压图适合各年龄层使用，符合美国《儿童在线隐私保护法》（COPPA）及欧盟 GDPR 关于 16 岁以下未成年人（或成员国订定之更低年龄）之资料处理要求。
账号与资料删除：本应用无账号；如需移除全部本机资料，请直接卸载应用。
联络方式：关于一键压图的隐私咨询请寄 service@baladuoduo.com。

2. 我们收集的资料类型

视您使用之本服务而定，我们可能收集下列类型资料（并非全部项目均适用于每一位使用者）：

身份与联络资料：姓名、职称、公司名称、电话、电子邮件、邮寄地址。
账户资料：注册时使用的手机号或电子邮箱、密码哈希、昵称、头像、绑定的第三方账号识别码（如适用）。
账务与交易资料：订单、出货、保修、退款与客服记录（如适用）。支付环节的银行卡号、CVV 等敏感支付信息由具备合法资质的支付机构直接收集与处理，本公司不储存。
技术与使用资料：IP 地址、浏览器类型、设备型号、操作系统版本、粗略地理位置（例如国家／地区层级）、存取时间、页面浏览记录、错误与崩溃报告。
应用程序相关资料：若您使用本公司之移动应用程序，依各应用程序功能可能包含设备识别码（例如 iOS IDFV／IDFA、Android Advertising ID、OAID／IMEI 之一）、应用程序版本、互动事件、效能与诊断记录。若应用程序涉及相机、相册、麦克风、蓝牙、近场通讯、健康或精确位置等敏感权限，我们仅在取得适法同意且为提供该功能所必要之范围内处理，并于产品下载或介绍页面及应用程序内说明用途。
通讯内容：您主动寄送之电子邮件、表单内容、客服对话记录。

我们不会收集与本服务无关的敏感个人信息（例如生物识别、宗教信仰、行踪轨迹等），除非取得您单独、明确的同意。

3. 处理目的与法规依据

我们基于下列目的处理您的资料，并在适用法域内依「履行契约」、「合法利益」、「同意」或「法定义务」等依据为之：

提供、运维与改善本网站与移动应用程序；
回复咨询、提供客户与技术支持；
履行法规义务（例如税务、会计、配合主管机关合法调查）；
信息安全、欺诈防制、争议处理与权利行使；
经您同意之营销与问卷调查（您得随时撤回同意）。

4. 资料分享与受托处理者

我们不会以营销或其他对价目的「出售」您的个人资料。我们可能于以下情形分享资料：

服务供应商：云端托管、电子邮件与通讯、分析与崩溃报告、客户关系管理、信息安全等受托厂商，于契约约束下仅得依指示处理资料。
关联企业：于集团内部为营运与支持目的之合法分享。
法规或权利保护：于法令要求、法院命令、政府机关合法请求，或为侦测、预防非法活动与保护使用者安全所必要时。
企业交易：若发生并购、分割、资产收购等，依法于受让方承继义务之前提下移转。

涉及跨境传输时，我们将依适用法令采取适当保障措施（例如标准契约条款或其他合法机制）。

4.1 关于 iOS 跟踪与广告标识符（App Tracking Transparency）

当本公司发布的 iOS 应用程序需要读取广告标识符 IDFA、或在 App 与第三方网站／App 之间跨场景跟踪您时，我们将依据《Apple App Store 审核指南》5.1.2 与 Apple 平台政策，在首次使用相关功能前通过系统级 ATT 弹窗征求您的同意。在您选择"请求 App 不跟踪（Ask App Not to Track）"或之后于「设置」→「隐私与安全」→「跟踪」中关闭授权时，我们：

不再读取 IDFA，归因仅采用 SKAdNetwork、AdAttributionKit 或汇总聚合方式；
不与第三方共享可用于跨 App、跨网站重新识别您的标识符；
不会因为您拒绝跟踪而阻止您使用 App 的核心功能。

在 Android 平台上，我们对 Advertising ID 的使用同样限于您未通过"删除广告 ID"或"重置广告 ID"撤回授权前；并遵循 Google Play 关于 Advertising ID 的开发者政策。

5. 我们使用的第三方 SDK 与服务（按场景列示）

下列清单按"功能场景"列示我们及合作 App 中常见的第三方 SDK 与处理者类别；具体到某一应用程序实际嵌入了哪些 SDK，以该应用程序的「应用内隐私说明」或上架页面公示为准。

账号登录：微信开放平台 SDK、QQ 互联 SDK、Apple Sign in with Apple、Google Sign-In；用途：第三方登录授权；处理信息：开放账号识别码（OpenID／UnionID）、昵称与头像（经您同意时）。
支付：微信支付 SDK、支付宝 SDK、Apple In-App Purchase、Google Play Billing；用途：完成订单收款；处理信息：订单号、金额、支付状态。
消息推送：苹果 APNs、Google Firebase Cloud Messaging、华为 HMS Push、小米 Push、OPPO Push、vivo Push、个推（GeTui）；用途：下发系统通知；处理信息：设备推送令牌、应用版本、设备型号。
分析与崩溃：Google Analytics for Firebase、Firebase Crashlytics、友盟 U-App（Umeng）、Sentry；用途：统计活跃、定位崩溃与性能问题；处理信息：脱敏后的设备识别码、网络类型、堆栈日志、事件名。
地图与定位（仅在使用相关功能时）：高德开放平台、百度地图、Apple MapKit、Google Maps SDK；处理信息：粗略或精确位置（取得权限时）。
视频与多媒体（仅在相关业务中）：抖音开放平台 SDK、阿里云点播、腾讯云直播；处理信息：上传内容元数据、播放心跳。

我们与上述受托方均签订数据处理协议，约束其仅为约定目的处理数据；如该等服务涉及跨境传输，我们将采用标准合同、加密传输与最小化原则等保障措施。

6. 保存期间

我们仅在达成收集目的所需期间内保存个人资料，并依法令或正当业务需求延长保存。一般情况下：

账号档案：账号有效期间持续保存，注销后于 15 个工作日内完成线上系统的删除或匿名化，备份系统于 不超过 90 天内随轮替覆写；
订单、发票与支付记录：依《电子商务法》《会计法》《税收征收管理法》等法规，通常保存 不少于 5 年；
登录与风控日志：通常保存 180 天；
客服与意见反馈记录：通常保存 2 年；
已匿名化的统计数据：因不再属于个人信息，可长期用于业务分析。

逾保存期间后，将删除或以去识别化方式处理。

7. 资料安全

我们采取合理且符合业界惯例的技术与管理措施（包括传输加密、储存加密、访问控制、最小授权、入侵检测与定期审计），以保护个人资料免于未经授权之存取、揭露、变更或毁损。任何网络传输或储存方式均无法保证百分之百安全；若您发现疑似漏洞，请立即联络我们。

8. 您的权利

在适用法令范围内，您得就个人资料行使以下权利（部分权利需验证身份）：

查询、阅览、制给复本；
更正或补充；
删除、限制处理、资料可携；
反对基于合法利益之处理；
撤回同意（不影响撤回前依同意所为处理之合法性）。

若您位于欧洲经济区、英国或其他赋予类似权利之法域，亦得向主管监管机关申诉。

9. 账号与数据删除

本公司发布的移动应用程序均提供应用内的账号注销与数据删除入口；您也可以通过书面方式向我们提出删除请求。删除范围、保留期限与处理时限请参见独立公示的账号与数据删除页面。

10. 加州居民（CCPA／CPRA 摘要）

若适用加州消费者隐私法规，您得依法享有知悉、删除、更正、选择退出「出售」或「分享」个人信息及限制敏感个人信息使用等权利。我们不以金钱对价「出售」个人信息。如需行使权利，请使用下方联络方式；我们将依法验证请求。

11. 儿童隐私

本服务主要面向企业客户与一般成年使用者，并非面向 14 岁以下儿童设计。若您为儿童或青少年，请在监护人同意与陪同下使用。若我们得知在未适法同意下收集了儿童个人资料，将尽快删除。若您为家长或监护人并认为我们持有您子女的资料，请与我们联系。

12. 第三方应用市场

当您通过第三方应用市场（例如 Apple App Store、Google Play、华为应用市场、小米应用商店、OPPO 软件商店、vivo 应用商店、应用宝等）下载、安装本公司应用程序时，该平台运营者可能依照其隐私政策处理与设备、账户或支付流程相关的信息。该等处理适用相应平台的规则与声明；为更好了解您的权利与义务，建议您同时阅读平台提供的条款与隐私说明。

13. Cookie 与类似技术

本网站可能使用 Cookie 或类似技术以维持运作、分析流量或改善体验。详见我们的 Cookie 政策。

14. 政策修订

我们得随时修订本政策；重大变更时将于本网站或应用程序内显著公告。更新后之版本自公告时起或条款载明之生效日适用。

15. 联络方式（资料当事人请求与一般隐私咨询）

北京巴拉多多科技有限公司（Beijing Baladuoduo Technology Co., Ltd.）

为处理您的请求，我们可能要求您提供可验证身份之信息；于法定期限内回复。

Privacy Policy

Last updated: May 13, 2026 | Data controller: Beijing Baladuoduo Technology Co., Ltd. (“we”, “us”, or “the Company”).

This English version is provided for convenience. If there is any inconsistency with the Chinese text, the Chinese version shall prevail to the extent permitted by law.

1. Scope

This Policy applies to our official website, business contacts, customer service, events, recruitment, and mobile applications published or operated by us or our affiliates under our name through lawful channels. Supplemental notices inside an application apply together with this Policy; where they conflict, the supplemental notice governs for that application.

1.1 Application supplement — Slimage

This section is a supplemental notice for Slimage (on-device photo compression app, iOS / Android). Under Section 1 above, it prevails over the general provisions for that app:

Fully on-device processing. Slimage has no backend server. Photos you select are compressed in device memory only; the resulting bytes are then either saved to your photo library or shared via the system share sheet at your explicit action. We never receive, transmit, or store your photos or any derivative data.
No personal information collected. Slimage does not collect names, phone numbers, email addresses, account information (the app has no accounts), device identifiers (IDFA, IDFV, Android Advertising ID, OAID, IMEI, MAC address), IP address, coarse or precise location, contacts, calendar, microphone input, network traffic, crash logs, analytics events, or any form of telemetry. There is no profiling, automated decision-making, or targeted advertising. Accordingly, Sections 2, 4, 5, 6, 8, and 10 of this Policy (collection, sharing, third-party SDKs, retention, data-subject rights, California rights) have no records to act upon within the scope of Slimage.
Operating-system permissions requested (limited strictly to the stated purposes):
- Read photo library (iOS NSPhotoLibraryUsageDescription / Android READ_EXTERNAL_STORAGE, Android 12 and below only): so the system photo picker can present photos for you to choose from. On iOS 14 and later, the app uses Apple’s PHPickerViewController, an out-of-process system picker that does not scan your photo library. NSPhotoLibraryUsageDescription is still shipped to satisfy Apple’s binary static-analysis check performed during App Store submission.
- Write to photo library (iOS NSPhotoLibraryAddUsageDescription / Android WRITE_EXTERNAL_STORAGE on Android 9 and below): only when you tap “Save” to write the compressed result back to your library.
Local preferences: stored only via the operating system’s standard preference storage (iOS NSUserDefaults / Android SharedPreferences): chosen quality, output format, last target size, target unit (KB or MB), onboarding-completion flag, language, and theme. All cleared when you uninstall the app.
Third-party components: only on-device open-source components (such as the Flutter framework, libjpeg-turbo, libwebp). None contain telemetry, analytics, advertising, or any network functionality. We have no third-party data processors.
iOS Privacy Manifest: the app ships with a PrivacyInfo.xcprivacy declaring no tracking, no data types collected, and four “required-reason API” usages: NSUserDefaults (reason CA92.1 — the app’s own settings), FileTimestamp (reason C617.1 — files inside the app bundle), SystemBootTime (reason 35F9.1 — Flutter engine), DiskSpace (reason 85F4.1 — computing cache size).
Children’s privacy: because no data is collected, Slimage is suitable for all ages and complies with COPPA (U.S.) and GDPR child-protection thresholds (under 16, or the lower age set by your EU member state) by holding no data on any user.
Account and data deletion: the app has no user accounts. To remove all on-device data, uninstall the app.
Contact: for any privacy question regarding Slimage, email service@baladuoduo.com.

2. Types of information

Depending on the service, we may collect identity and contact data; account data (registration phone or email, password hashes, nickname, avatar, third-party login identifiers); transaction data (orders, refunds, support records — sensitive payment data such as full card numbers and CVV are processed by licensed payment institutions and are not stored by us); technical and usage data (IP address, device model, OS version, coarse location, access logs, crash reports); app-related data (device identifiers such as IDFV/IDFA, Android Advertising ID, OAID; app version; interaction events; performance and diagnostic logs); and communications you send to us. Sensitive permissions (camera, photo library, microphone, Bluetooth, NFC, health data, precise location, etc.) are accessed only with your consent and only to provide the corresponding feature.

3. Purposes and legal bases

We process data to provide and improve services, respond to inquiries, comply with law, protect security, prevent fraud, resolve disputes, and—where you consent—for marketing and surveys (you may withdraw consent at any time).

4. Sharing and processors

We do not sell your personal information. We may share data with service providers under contract, affiliates where permitted, authorities when required by law, and successors in a business transaction subject to applicable law. Cross-border transfers use appropriate safeguards where required.

4.1 iOS App Tracking Transparency & Android Advertising ID

Where our iOS apps need to read the IDFA or to track you across other apps and websites, we will request your permission through Apple’s system-level App Tracking Transparency (ATT) prompt before using the feature, in line with App Store Review Guideline 5.1.2 and Apple platform policies. If you choose “Ask App Not to Track,” or later disable tracking under Settings → Privacy & Security → Tracking, we will:

stop reading IDFA and rely on SKAdNetwork, AdAttributionKit, or aggregated attribution;
not share identifiers usable to re-identify you across apps or websites with third parties;
not block access to the core features of the app because you declined tracking.

On Android, our use of the Advertising ID is similarly limited until you reset or delete the Advertising ID, and follows Google Play’s developer policies for Advertising ID.

5. Third-party SDKs and services

The following are categories of SDKs that our apps may integrate. The exact SDKs used by a given app are disclosed in that app’s in-app privacy notice or store listing.

Authentication: WeChat Open Platform, QQ Connect, Sign in with Apple, Google Sign-In — used for third-party login; processes OpenID/UnionID, nickname, and avatar (with consent).
Payments: WeChat Pay, Alipay, Apple In-App Purchase, Google Play Billing — used to complete orders; processes order ID, amount, and status.
Push notifications: Apple APNs, Firebase Cloud Messaging, Huawei HMS Push, Mi Push, OPPO Push, vivo Push, GeTui — used to deliver notifications; processes device push tokens, app version, and device model.
Analytics & crash reporting: Google Analytics for Firebase, Firebase Crashlytics, Umeng U-App, Sentry — used for active-user statistics and crash/performance triage; processes pseudonymous device identifiers, network type, stack traces, and event names.
Maps and location (only when used): Amap, Baidu Maps, Apple MapKit, Google Maps SDK — processes coarse or precise location with permission.
Media (where applicable): Douyin Open Platform SDK, Alibaba Cloud VOD, Tencent Cloud Live — processes upload metadata and playback heartbeats.

We sign data processing agreements with these processors, and apply standard contractual clauses, encryption-in-transit and minimization where transfers cross borders.

6. Retention

Account profile data is kept while the account is active and removed within 15 business days of deletion, with backup overwrite within 90 days. Orders, invoices and payment records are kept for at least 5 years as required by law. Login and risk-control logs are kept for 180 days; support and feedback records for 2 years. Anonymized aggregate data may be kept indefinitely as it is no longer personal data.

7. Security

We implement reasonable technical and organizational measures (encryption in transit and at rest, access control, least privilege, intrusion detection, periodic audits). No method of transmission or storage is 100% secure; please report suspected issues promptly.

8. Your rights

Where applicable law grants rights (such as access, correction, deletion, restriction, portability, objection, and withdrawal of consent), you may exercise them by contacting us. We may verify your identity before responding.

9. Account & data deletion

Our mobile apps provide an in-app account deletion path, and you may also submit a request in writing. The scope, retention exceptions and processing timeline are documented on our standalone Account & Data Deletion page.

10. California residents

If California privacy laws apply, you may have additional rights regarding access, deletion, correction, “sale/sharing,” and sensitive information. We do not sell personal information for money.

11. Children

Our services are intended for adults and business customers and are not designed for children under 14. If you believe we collected a child’s information without proper consent, contact us and we will take appropriate steps.

12. Third-party app marketplaces

When you download our apps through third-party marketplaces (Apple App Store, Google Play, Huawei AppGallery, Mi Store, OPPO Software Store, vivo App Store, Tencent MyApp), those operators may process information under their own policies and rules. Please review their terms and privacy notices.

13. Cookies

We may use cookies and similar technologies as described in our Cookie Policy.

14. Changes

We may update this Policy and will post material changes on this site or within relevant applications.

15. Contact

Beijing Baladuoduo Technology Co., Ltd.

Registered / correspondence address: Suite 1123-21, Block 2, 10/F, Building 15, No. 15 Fangzhuang South Road, Fengtai District, Beijing, China
Phone: +86 18612723292
Email: service@baladuoduo.com

We may ask for information reasonably necessary to verify requests and will respond within statutory or reasonable timelines.