Cases where there is no disclosure of collection and use rules
There is no privacy policy in the App, or there are no rules for collecting and using personal information in the privacy policy;
Interpretation: The privacy policy cannot be found in the APP or the privacy policy does not include the rules for the collection and use of personal information by the APP
When the App runs for the first time, the user is not prompted to read the privacy policy and other collection and use rules through obvious means such as pop-up windows;
Interpretation: When the user opens the APP or registers for the first time, the privacy policy should be displayed, and a basic description should be given, and then "privacy policy" should be used as a link, which can be directly clicked. The APP privacy policy cannot deliberately use gray fonts, small font sizes, etc. to increase the difficulty of reading.
The privacy policy and other collection and use rules are difficult to access. For example, after entering the main interface of the app, it takes more than 4 clicks to access it;
Interpretation: The access path to the privacy policy is too deep, and it can only be accessed after more than 4 operations, or it needs to be searched or consulted with customer service to find it.
It can be set to "My-Settings-About-Privacy Policy".
Privacy policies and other collection and use rules are difficult to read, such as the text is too small and dense, the color is too light, blurred, or the simplified Chinese version is not provided, etc.;
Interpretation: If the font size, color, clarity, etc. of the privacy policy make it difficult for users to read, this item is not in compliance.
The purpose, method and scope of collecting and using personal information are not clearly stated
The purpose, method, scope, etc. of collecting and using personal information by the App (including entrusted third parties or embedded third-party codes and plug-ins) are not listed one by one;
Interpretation: Including self, sdk and third-party code, the purpose, scope and method of collecting information are not listed, all counted. (Supplement: In the first case, the sdk does not apply for permission separately, so the app is responsible. In the second case, the sdk applies for permission separately, and the app constrains the third party through pre-assessment, agreement, agreement, audit and other measures.)
When the purpose, method, and scope of collecting and using personal information change, users are not notified in an appropriate way, including updating the privacy policy and other collection and use rules and reminding users to read them;
Interpretation: The test basically does not involve version changes, so check the privacy policy to see if there are any major changes or privacy permission changes mentioned in it, and the user will be prompted again at runtime.
When applying for permission to collect personal information, or when applying for the collection of sensitive personal information such as user ID numbers, bank account numbers, whereabouts, etc., the user is not informed of the purpose, or the purpose is unclear and difficult to understand;
Interpretation: When collecting personal "sensitive data" (bank card, ID number, whereabouts track), the purpose of collection is simultaneously informed, and the notification method is not limited to pop-up windows, as long as it can be clearly displayed.
After opening the software, when collecting the user's mobile phone number, IMEI, IMIS, device location, photos, media, and file permissions, the purpose must be notified synchronously.
The content of the collection and use rules is obscure, long and cumbersome, and difficult for users to understand, such as using a large number of professional terms, etc.;
Interpretation: The collection and use rules should be easy to understand.
Cases where personal information is collected and used without consent
Start collecting personal information or open the permission to collect personal information before obtaining the user's consent;
Interpretation: After the app is installed, the user collects device identification, mac address, application list, etc. without agreeing to the privacy policy.
After the user expressly disagrees, still collects personal information or opens the permission to collect personal information, or frequently asks for the user's consent, interfering with the user's normal use;
Interpretation: After the user clearly disagrees or clicks X, they cannot frequently prompt for collection, or open permissions without authorization. After the user refuses, a pop-up window will still prompt the user to authorize when the relevant function is not used.
The actual collection of personal information or the open access to collect personal information exceeds the scope of user authorization;
Interpretation: In the first case, the privacy policy does not specify the purpose and scope of collection and use of a certain scene; in the second case, the privacy policy explains a certain scene, but the actual collection by the app exceeds the description.
Solicit consent from users in non-express ways such as choosing to agree to the privacy policy by default;
Interpretation: It is not compliant to take the default check, non-express (registration and login means consent), etc., and you need to actively fill in, click, check and other voluntary actions before you can start collecting personal information.
Change the permission status of personal information that can be collected without the user's consent, such as automatically restoring the permission set by the user to the default state when the App is updated;
Interpretation: The app changes some settings of the user without permission.
Use the user's personal information and algorithm to push information targetedly, and do not provide the option of non-targeted push information;
Interpretation: The function of closing personalized notifications needs to be provided.
Misleading users to agree to collect personal information or to open the authority to collect personal information by fraud, deception or other improper means, such as deliberately deceiving or concealing the real purpose of collecting and using personal information;
Interpretation: Using business as an excuse to collect unnecessary personal privacy. Or the purpose of collection and use is not disclosed truthfully, and users are deceived into opening permissions.
Failure to provide users with the means and means to withdraw their consent to the collection of personal information;
Interpretation: The withdrawal here refers to the withdrawal of some personal information (some business functions correspond to the withdrawal of personal information.)
Collect and use personal information in violation of the stated collection and use rules;
Interpretation: The actual collected information exceeds the information in the privacy policy statement.
The case of collecting personal information irrelevant to the services provided in violation of the principle of necessity
The type of personal information collected or the permission to collect personal information opened is not related to existing business functions;
Interpretation: The personal information collected by the app cannot exceed the needs of its business functions (see the description of the business functions.)
Refusal to provide business functions because the user does not agree to collect unnecessary personal information or open unnecessary permissions;
Interpretation: The app (Douyin) does not provide address book and location functions and should still work normally.
The personal information collected by the app for new business functions exceeds the scope of the user's original consent. If the user does not agree, the original business functions will be refused, except for the new business functions that replace the original business functions;
Interpretation: Some software refuses to provide original business functions when they do not agree to permissions that are not related to business functions. (change) (or explain the necessity of the authority for the business)
The frequency of collecting personal information exceeds the actual needs of business functions;
Interpretation: If the positioning frequency is high, it becomes a track of whereabouts.
Compulsoryly require users to agree to collect personal information only for the purpose of improving service quality, enhancing user experience, directional push information, developing new products, etc.;
Interpretation: If the user voluntarily agrees to collect information based on such purposes, the app can still collect it, but if the user does not agree, the app must not compel the collection or refuse to provide business functions.
The user is required to agree to open multiple permissions that can collect personal information at one time. If the user does not agree, it cannot be used.
Interpretation: Phone, location, address book, photo album, storage, and camera require consent together. If you do not agree, you cannot use the app. This situation is not compliant.
When providing personal information to others without consent
Without the user's consent or anonymization, the app client directly provides personal information to third parties, including providing personal information to third parties through third-party codes and plug-ins embedded in the client;
Interpretation: "both, also" means that the two items must be satisfied at the same time to meet this item.
Without the user's consent or anonymization, after the data is transmitted to the App background server, the collected personal information is provided to a third party;
Interpretation: Shared transfers are neither user-consented nor anonymized. (Volcano video is mentioned in Douyin).
The app accesses third-party applications and provides personal information to third-party applications without the user's consent.
Interpretation: Provide personal information to third-party entities such as mini programs, official accounts, and service applications without consent.
Cases where the function of deleting or correcting personal information is not provided in accordance with the law
Failure to provide effective correction, deletion of personal information and cancellation of user account functions;
Interpretation: For personal information, it is necessary to provide the function of changing and deleting, or to state the operation method and method in the privacy policy. For account cancellation, functions should also be provided or methods and methods should be explained in the privacy policy.
Setting unnecessary or unreasonable conditions for correcting, deleting personal information or canceling user accounts;
Interpretation: Risk control can be done, but unreasonable terms cannot be set, such as the need to hold a photo of the ID card, the front and back of the ID card, face information, etc.
Although the functions of correcting, deleting personal information, and canceling user accounts are provided, but the corresponding operations of the user are not responded to in a timely manner, and manual processing is required, it is not within the promised time limit (the promised time limit shall not exceed 15 working days, and if there is no promised time limit, 15 working days shall be charged. working days) to complete the verification and processing;
Interpretation: In the first case, you cannot log in after logging out; in the second case, you cannot verify.
User operations such as correction, deletion of personal information, or cancellation of user accounts have been completed, but the app background has not been completed;
Interpretation: After logout, you can still log in as unqualified, but you cannot log in after logout, and it is generally unknown whether the background data is still stored.
Failure to establish and publish channels for personal information security complaints and reports, or failure to accept and handle within the promised time limit (the promised time limit shall not exceed 15 working days, or within 15 working days if there is no promised time limit).
Interpretation: Apps that do not provide functions, have no description in the privacy policy, and fail to respond within the promised deadline are unqualified.
Infringement of the lawful rights and interests of minors in cyberspace
Collect and use personal information of minors under the age of 14 (including) without the consent of their guardians
Using the information and algorithms of minors under the age of 14 (including) to carry out targeted push activities such as personalized push news, current affairs information, advertisements, etc. without the consent of the guardian