Privacy Policy

WalkColor · Last updated: May 22, 2026

WalkColor ("the App") takes your privacy seriously. This policy explains how we handle your information.

What We Never Collect

Under no circumstances does the App collect or upload:

• Your photos or any image content
• Any text you type into your artwork
• Name, email, phone number, or any personally identifiable information
• Precise location, contacts, or address book

Photos you import are always processed locally and never uploaded. Any text you add in your artwork is replaced with a placeholder before the "Style Code Sharing" feature transmits data — your actual text never leaves your device.

Style Code Sharing (Optional Feature)

When you actively use "Generate Style Code" to share your artwork, the App uploads the following to our server (AWS, US West):

• A parametric description of your composition: block position/color, decoration shape types/positions/colors, layout parameters
• Composition template ID (e.g. 3:4, 1:1)
• Font family names (names only, no glyph data)

The upload does not include:

• Your source photo or any image data
• Any text you typed (the client replaces all text with placeholders before upload)
• Any personally identifiable information

The generated Style Code is a short string (e.g. kitty2604). Anyone with this code can download and apply this composition to their own photo. Your photos are never visible to others.

To remove a Style Code you generated, or to report inappropriate content shared by others, use the "Report / Feedback" link at the bottom of the in-app Guide. We respond to all reports within 24 hours.

Usage Analytics

To improve the product and diagnose issues, the App collects anonymous usage data through an industry-standard third-party product analytics service. This includes:

• Device model, iOS version, app version
• An anonymous session identifier (randomly generated UUID, not linked to your real identity)
• Feature usage events (e.g. "photo imported", "export completed", "block tab switched") with non-sensitive parameters such as image dimensions and export duration
• Crash and diagnostic data: stack info on app crashes (error type, function name), main-thread location on ANR events, used for bug triage. Contains no personal identifiers.

The data is used solely for product improvement and troubleshooting, never for advertising, and is never shared with any other party. The servers used for this purpose are located outside mainland China.

A toggle to disable usage analytics will be added to the in-app Settings in a future release. In the meantime, you may email us at the address below to opt out.

Photo Library Access

The App requests access to your photo library solely to:

• Import photos for editing
• Save exported images, videos, or Live Photos to your library

Your photos are processed locally on your device and are never uploaded to any server.

Sensor Usage

The App uses the device's accelerometer for a single purpose only:

• Shake-to-feedback: when you shake the device while using the App, a confirmation dialog appears asking whether you want to submit feedback. You may permanently disable this feature by tapping "Don't show again" in the confirmation dialog.

Implementation details:

• The accelerometer listener is registered only while the App is in the foreground; it is unregistered immediately when the App enters the background or is closed.
• Raw accelerometer readings (instantaneous X / Y / Z axis values) are used only in local device memory for shake gesture detection. They are never logged, stored, or uploaded to any server.
• The App does not use any other type of sensor (gyroscope, magnetometer, heart rate, fingerprint, pedometer, Wi-Fi / Bluetooth scan list, etc.).
• The App does not read IMEI, IMSI, device MAC address, SUPI, SUCI, installed-application list, precise location, contacts, call logs, calendar, SMS, phone number, microphone audio, clipboard content, or any other personal information.

The accelerometer is a permission-free sensor on Android (no runtime permission prompt), but the App commits to using it solely for the disclosed purpose above.

Security Measures We Take to Protect Your Information

Even though the App only processes data locally and does not upload photo content, we safeguard your personal information through the following measures:

1. Access Control & Least Privilege. The App strictly follows the principle of least privilege, requesting only the system permissions required for core functionality (photo library read, media file write) and the accelerometer used for the Shake-to-feedback feature (permission-free, foreground-only). We do not request contacts, precise location, phone, SMS, IMEI / MAC address / installed-app list, or other permissions and personal information unrelated to core features. The purpose and trigger of each permission are transparent to users, who may revoke access at any time via system settings.

2. Data Encryption & Storage Security. User creations are saved as JSON files in the app's private sandbox directory, accessible only to this app; anonymous session identifiers are stored locally via EncryptedSharedPreferences (AES-256); no identifiable user information is written to public storage.

3. Encryption in Transit. All network requests (auto-update version checks, anonymous analytics) are forced over HTTPS + TLS 1.2 or above; no plaintext HTTP transmission is used.

4. Identity Verification. The App requires no account registration or login, so there is no user identity data requiring authentication; permission operations rely on system-level identity verification (e.g., device unlock).

5. Malicious Code Prevention. Application code is hosted in a managed repository and released via automated CI/CD pipelines; third-party dependencies are all industry-recognized components (AndroidX, Google Play Services, PostHog SDK, etc.) and undergo static analysis and automated testing before release.

6. Security Audit & Incident Response. We periodically review third-party SDKs' data collection behavior to confirm compliance with this policy; in the event of a security incident or data breach, we will publish a notice on this page within 72 hours and contact affected users via the support email below.

No Accounts or Login

The App does not require registration or login, and does not collect names, email addresses, or any identity information.

Children's Privacy

The App is not directed at children under 13 and does not knowingly collect any information from children.

Policy Updates

If this policy changes, we will post the updated version on this page with a revised date.

Developer / Operator Information

Different distribution channels of this application are operated by the following entities. All versions share the same privacy policy and data handling standards; no personal information is shared between these operating entities:

▸ Android (Xiaomi App Store)
Package: com.dianbo.walkcolor
Operator: Wuhan Dianbo Culture Media Co., Ltd.
ICP filing: 鄂ICP备2026019311号-2A
Contact: hi@tldrio.com

▸ Android (HONOR app store)
Package: com.dianbo.honor
Operator: Wuhan Dianbo Culture Media Co., Ltd.
ICP filing: 鄂ICP备2026019311号-3A
Contact: hi@tldrio.com

▸ Android (Huawei / vivo app stores)
Package: com.walkcolor.android
Operator: Yukang Tian (individual developer)
ICP filing: 鄂ICP备2026007066号-3A
Contact: hi@tldrio.com

▸ Android (OPPO app store)
Package: com.walkcolor.oppo
Operator: Yukang Tian (individual developer)
ICP filing: 鄂ICP备2026007066号-4A
Contact: hi@tldrio.com

▸ iOS (Apple App Store)
Operator: Yukang Tian (individual developer)
Contact: hi@tldrio.com

Support

If you have any questions about this privacy policy or need help with the App, please contact us:

hi@tldrio.com