Effective Date: February 1, 2026
Version: 1.0.0
1. Introduction
This Privacy Policy explains how Shanxi Lightning Shark Technology Co., Ltd. (hereinafter referred to as "we", "us", or "our") collects, uses, stores, shares, and protects your personal information when you use the SharkSay App (hereinafter referred to as "the Application").
We strictly comply with the "Personal Information Protection Law of the People's Republic of China" (PIPL), the "Cybersecurity Law," the "Data Security Law," and other relevant regulations.
2. How We Collect Your Information
2.1 Information You Actively Provide
Account Information: Phone number, nickname, avatar, personal bio, and password.
Identity Verification: Phone number, Apple ID identifier (if applicable).
Location Information: Latitude and longitude.
2.2 Information We Automatically Collect
Device Information: Device model, operating system version, unique device identifiers (IMEI/IDFA/OAID), and application version number.
Log Information: IP address, access time, browsing history, operation logs, and crash reports (collected via Umeng Statistics SDK).
Location Information: GPS coordinates, Wi-Fi location, and base station location (via Amap SDK).
Usage Scenarios: Map display, nearby attraction recommendations, location tagging, and itinerary planning.
Permission Control: The Application will explain the purpose of obtaining location permissions (e.g., recommending nearby scenic spots, navigation services) through a pop-up before you actively trigger related functions. We only collect location information after you grant system location permissions. You can disable permissions in system settings at any time; however, some functions may become unavailable.
2.3 Information Obtained from Third Parties
We obtain your OpenID, nickname, and avatar from WeChat (with your authorization) when you log in via WeChat.
We obtain the anonymous identifier provided by Apple when you use "Sign in with Apple."
2.4 Camera and Storage Permissions
Camera Permission: Used for taking photos/videos for content posting and scanning QR codes.
Storage Permission: Used for saving images locally and reading the album to upload content.
Microphone Permission: Used for recording audio and voice input (where applicable).
2.5 Background and Silent Collection
When the app is in the background or in a silent state, we may continue to collect:
Location Information: For continuous navigation and automatic tour guide switching (only when you actively enable navigation or track recording functions).
Device Identifiers: For push notifications and security risk control.
Network Status: For reconnection and data synchronization.
You can turn off background location in settings.
2.6 Principle of Minimization
We strictly follow the principle of minimum necessity for background collection:
Background location is collected only when you are actively using related functions (e.g., playing a scenic spot guide).
The frequency of background collection does not exceed the minimum frequency necessary to realize the function.
You can turn off background running permissions in system settings at any time.
2.7 Clipboard Information
When you use functions such as app feedback, pasting links, identifying codes, or importing content, we read the clipboard content only when you actively click the relevant button to facilitate quick input. This information is used only to complete the current operation and is not automatically acquired in the background or used for other purposes.
2.8 Third-party SDK Processing (Push Notifications)
To provide you with message reminders, activity notifications, system announcements, and order status alerts, we have integrated the Umeng+ Push SDK.
When you use push functions, the Umeng+ Push SDK may collect and process:
Device Identifiers: Android ID/IDFA/IDFV/OAID/OpenUDID/GUID/IMEI/IMSI/ICCID, network information, location information (optional), and application list (optional).
Purpose: Device identification, push delivery, message de-duplication, risk control, and service stability.
Method: Automatically acquired via SDK interface.
Scope: Only used for push-related services.
The above information is processed by Umeng+. For details, please refer to: Umeng Privacy Policy.
2.9 Third-party SDK (Payment Services)
To implement payment functions, we integrate the Alipay SDK (Provider: Alipay (Hangzhou) Information Technology Co., Ltd.).
The SDK may collect: Mutable unique device identifiers, basic device information, software installation list, and network information.
Purpose: To ensure account and fund security, stable operation of payment services, and to fulfill anti-money laundering and anti-fraud legal obligations.
For details, please refer to: Alipay App Payment SDK Privacy Policy.
2.10 Third-party SDK (Network Optimization)
We integrate the HTTPDNS-android SDK (Provider: Hangzhou Alibaba Cloud Intelligent Technology Co., Ltd.) to optimize network links.
Collected Information: Brand, model, system version, and network type.
Purpose: Realize basic domain name resolution and cache results during network switching.
2.11 Third-party SDK (Manufacturer Push)
We integrate push SDKs from OPPO, vivo, Xiaomi, Honor, and Meizu to provide system-level message reminders.
Collected Information: Device model, OS version, unique device identifiers, and network information.
Purpose: Device identification, push delivery, and stability.
Please refer to the respective manufacturer's privacy policies for specific rules.
2.12 Third-party SDK (Map & Location)
We integrate Amap (Gaode) SDKs for map display, navigation, and route planning.
1) [Location Information] (Sensitive): GPS coordinates, Wi-Fi scan results (SSID, BSSID), base station info, and IP address.
2) [Device Identifiers]: MAC address, OAID.
Purpose: Positioning, navigation, and location accuracy optimization.
For details, see: Amap Privacy Policy.
2.13 Third-party SDK (Social Services)
We integrate WeChat OpenSDK for login functions (Provider: Shenzhen Tencent Computer Systems Co., Ltd.).
Collected Information: Device model, OS version, and unique identifiers.
Purpose: WeChat login and identity verification.
3. How We Use Your Information
| Purpose | Personal Information Type | Legal Basis |
|---|---|---|
| Registration & Login | Phone number, WeChat OpenID, Apple ID | Contractual Necessity |
| Content & Social Features | Posted photos/videos, location, following relationships | Contractual Necessity |
| Personalized Recommendations | Browsing history, location info, interest tags | User Consent |
| Map & Navigation | Real-time location, destination info | Contractual Necessity |
| Payment Processing | Order info, payment channel identifiers | Contractual Necessity |
| Customer Service & Security | Contact info, device info, logs | Contract/Legitimate Interest |
| Analysis & Optimization | Device model, operation logs, crash info | Consent/Legitimate Interest |
4. Information Storage and Protection
4.1 Storage Location: Your personal information is stored within the territory of the People's Republic of China (Alibaba Cloud Servers).
4.2 Storage Period: Account info is kept until account cancellation; transaction records for 5 years; logs for 6 months, unless otherwise required by law.
4.3 Security Measures: We use SSL/TLS encryption for transmission and AES/RSA for storing sensitive payment data. We implement strict access controls and regular security audits.
5. Information Sharing and Disclosure
We do not sell your personal information. We only share data with SDK providers listed above to realize specific functions under the principles of minimization and necessity.
6. Your Rights
6.1 Access & Correction: View and modify account info in the "Personal Center."
6.2 Deletion: You may request deletion if the processing purpose is achieved, the service is stopped, or you withdraw consent.
6.3 Withdrawal of Consent: You may disable push notifications or location services in system settings at any time.
6.4 Account Cancellation: Submit an application via "Settings > Account & Security > Cancel Account." Data will be deleted or anonymized upon cancellation.
6.5 Response Time: We will respond within 15 working days (up to 30 for complex cases).
7. Children's Privacy
This application is not intended for children under 14. If we discover we have collected information from a child, we will delete it immediately.
8. Cross-border Data Transfer
Currently, your data is processed within China. If international transfer is required, we will obtain separate consent.
9. Policy Updates
We may revise this policy. Significant changes will be announced prominently in the app and may require re-obtained consent.
10. Contact Us
Privacy Officer: Feng Jianlin
Email: service@shandiansha.com
Phone: +86 13934556338
Complaints: You may also contact the Cyberspace Administration or local regulatory departments.