Sigmob SDK 合规指引 Guide for Compliance
Sigmob SDK 接入规范
开发者接入 Sigmob SDK 需要符合以下接入规范。
| 合规事项 | 标准要求 | 接入指南 |
|---|---|---|
| SDK初始化时机和授权 | 应当在APP登录注册页面及APP首次运行时,通过弹窗、文本链接及附件等简洁明显且易于访问的方式,应当以清晰易懂的语言告知用户个人信息处理规则,由用户在充分知情的前提下,作出自愿明确的意思表示。 | 1. 以下行为需要在 用户明确同意App的隐私政策、用户协议、服务条款之后进行 a) 初始化Sigmob SDK; b) 采集和上报用户信息(尤其注意Android_ID、MAC地址、硬件序列号、应用安装列表等用户信息); c) 申请涉及用户信息的敏感设备权限; d) 弹出系统弹窗向用户申请权限; 2. 需要在App处于激活状态时,才可以请求/调用 Sigmob 相关服务 |
| 隐私政策、共享清单等需披露接入Sigmob服务的情况 | 如果通过嵌入第三方SDK等方式将个人信息传输至第三方服务器,开发者应在产品第三方SDK目录、隐私声明中,披露其所接入的第三方 SDK名称和隐私政策的官网地址。 | 开发者在产品中集成Sigmob SDK后,Sigmob SDK的正常运行会收集必要的用户信息用于广告投放、归因监测等目的。 请开发者根据集成Sigmob SDK的实际情况,在官网指引、App第三方SDK目录、隐私声明中,根据接入Sigmob SDK的情况披露功能模块、数据交互内容等。建议考虑使用如下模板: 名称:Sigmob SDK (SDK内部会被com.sigmob、com.czhj 两个组件功能使用,建议开发者在隐私声明处将上述两个包名依次列举) 第三方名称:北京创智汇聚科技股份有限公司 使用目的:广告投放、广告归因、广告反作弊。 个人信息类型:粗略位置信息、设备信息(如设备制造商、设备型号、操作系统版本等)、设备标识符(如IMEI、AndroidID、OAID、IDFA等)、应用信息(宿主应用的包名、版本号)、广告数据(如曝光、点击数据等)。 SDK 个人信息保护规则链接:Sigmob SDK 用户隐私政策 |
| 广告一键关闭 | App在向用户展示广告和信息弹窗,或者用户在浏览广告和信息弹窗过程中,都需要存在“关闭 X”或者“跳过”按钮,并且点击后立即关闭广告展示。 | 自渲染广告:需要开发者自行渲染关闭按钮,当关闭点击发生时,将本条广告在布局中移除。 |
| 自渲染广告需配置明确的广告标识、保证广告内容和广告样式合法合规。 | 广告内容应符合《广告法》等法律法规的规定和政策要求。 | 3. 请确保在自渲染广告中自行添加明确的广告标识,请勿使用任何技术手段修改、删除广告标识,包括但不限于广告标识的大小、位置、颜色等,否则由此带来的后果,由开发者自己负责。 4. 开发者不得自行更改、调整Sigmob提供的广告内容和广告样式,包括但不限于重叠展示广告、更改广告元素、调整点击热区范围、配置虚假按钮等可能影响用户体验、诱导用户点击的所有违规行为,否则由此带来的后果,由开发者自己负责 |
| 接入应用下载广告和开屏广告等需满足相应的合规要求 | APP在用户终端弹出广告或者其他与终端软件功能无关的信息窗口的,应当以显著的方式向用户提供关闭或者退出窗口的功能标识,不得欺骗误导强迫下载、安装、使用 APP。 | 5. Android请升级 SDK 至最新版本,其中自渲染广告,请在用户下载应用之前,向用户明示待下载应用的名称、开发者、应用包大小、隐私政策、权限列表、功能介绍、版本等信息。 6. 若开发者展示Sigmob提供的广告内容,应合规展示Sigmob提供的应用下载广告、开屏广告的广告内容、样式等合规配置,或按照Sigmob不时通知或更新的平台规则进行广告合规配置,开发者不应自行更改、调整腾讯Sigmob的合规配置,否则由此带来的后果,由开发者自己负责。 |
| 个性化广告关闭功能 | 开发者应遵循法律法规要求,在客户端为用户创建可便捷查找的个性化广告关闭按钮 | 7. 开发者应应遵循法律法规要求,在客户端为用户创建可便捷查找的个性化广告关闭按钮; 8. 用户点击关闭按钮后调用Sigmob SDK 个性化推荐关闭接口,保证个性化广告关闭功能真实有效. |
| Compliance | requirements | Guide |
|---|---|---|
| SDK initialization timing and authorization | shall inform users of the rules of handling personal information in clear and understandable language through simple, obvious and easily accessible means such as pop-up Windows, text links and attachments on the login and registration page of the APP and the first operation of the APP, and users shall make voluntary and clear representations of their intentions on the premise of full knowledge. | 1. The following behaviors shall be carried out after the user explicitly agrees to the privacy policy, user agreement, and service terms of the App. a) Initialize Sigmob SDK; b) Collect and report user information (especially user information such as Android_ID, MAC address, hardware serial number, app installation list, etc.); c) Apply for permissions of sensitive devices involving user information; d) Pop up a system pop-up window to request permission from the user; 2. Only when the App is active can it request/invoke Sigmob related services |
| Privacy policy, sharing list, etc. need to disclose access to Sigmob service | If td transmits personal information to a third-party server by embedding a third-party SDK, the developer shall disclose the name of the third-party SDK and the official website address of the privacy policy in the third-party SDK directory and privacy statement of the product. | After developers integrate Sigmob SDK into their products, the normal operation of Sigmob SDK will collect necessary user information for advertising, attribution monitoring and other purposes. According to the actual situation of Sigmob SDK integration, developers are requested to disclose function modules, data interaction content, etc., according to the access situation of Sigmob SDK in the official website guidelines, App third-party SDK directory, and privacy statement. The following template is recommended to consider: name: Sigmob SDK (The SDK will be used by com.sigmob and com.czhj two component functions, it is recommended that developers list the above two package names in order in the privacy statement) Third party name: Sigmob Technology Co., Ltd. Purpose of use: advertising, advertising attribution, advertising anti-cheating. Personal Information type: Rough location information, device information (such as device manufacturer, device model, operating system version, etc.), device identifiers (such as IMEI, AndroidID, OAID, IDFA, etc.), app information (host app package name, version number), advertising data (such as exposure, click data, etc.). SDK Personal Information Protection Rules Link: Sigmob SDK user privacy policy |
| Ads close with one click | When theApp shows the advertisement and information popup to the user, or when the user browses the advertisement and information popup, there needs to be a "close X" or "Skip" button, and the advertisement display should be closed immediately after clicking. | self-render AD: Developers need to render the close button themselves. When the close click occurs, this AD will be removed from the layout. |
| self-rendering ads need to configure a clear advertising logo to ensure that the advertising content and advertising style are legal. | advertising content should comply with the provisions and policy requirements of the Advertising Law and other laws and regulations. | 3. Please make sure to add a clear advertisement logo in the self-rendered advertisement, and do not use any technical means to modify or delete the advertisement logo, including but not limited to the size, position, color, etc., otherwise the developer shall be responsible for the consequences caused by this. 4. Developers shall not change or adjust the advertisement content and advertisement style provided by Sigmob by themselves, including but not limited to overlapping display ads, changing advertisement elements, adjusting the click hot spot range, configuring fake buttons and other violations that may affect user experience and induce users to click. Otherwise, developers shall be responsible for the consequences resulting therefrom |
| Access application download advertisement and open screen advertisement should meet the corresponding compliance requirements | If the td APP displays advertisements or other information Windows unrelated to the function of the terminal software on the user's terminal, it shall provide the user with the function identification of closing or exiting the window in a prominent way, and shall not deceive, mislead and force the user to download, install or use the APP. | 5. Android Please upgrade the SDK to the latest version, which will render advertisements. Before the user downloads the application, please clarify the name, developer, application package size, privacy policy, permission list, function introduction, version and other information of the application to be downloaded. 1. If the developer displays the advertising content provided by Sigmob, the developer shall comply with the compliance configuration such as the advertisement content and style of the application download advertisement and screen opening advertisement provided by Sigmob, or make the advertisement compliance configuration according to the platform rules notified or updated by Sigmob from time to time. The developer shall not change or adjust the compliance configuration of Tencent Sigmob by itself. Otherwise, the developer is responsible for the consequences. |
| Personalized AD shutdown function | developers should follow the requirements of laws and regulations, and create personalized AD close buttons for users that can be easily found on the client side | 2. Developers should follow the requirements of laws and regulations, and create a personalized AD close button for users that can be easily found on the client side; 3. After the user clicks the close button, the Sigmob SDK will be called to personalize the recommendation close interface to ensure that the personalized advertisement close function is real and effective. |
APP 合规要求
| 合规事项 | 合规要求 | |
|---|---|---|
| 隐私政策与个人信息采集使用 | 1、隐私政策的独立性、易读性 | 1)APP需提供独立的隐私政策; 2)隐私政策需独立成文,不可作为用户协议等说明文件的一部分存在 |
| 2、隐私协议需易于访问并由用户自主选择是否同意 | 1)您的产品隐私政策在用户首次打开您的产品或者在您的产品的注册/登记界面通过协议在线展示的方式向用户展示,此政策应由最终用户自主选择是否同意,不应以默认勾选“同意”的方式取得用户授权。不得存在将多项业务功能和权限打包,要求用户一揽子接受的情形。 2)终端用户进入您的产品主功能界面后,通过4次以内的点击/滑动,能够访问到您的产品隐私政策; | |
| 3、若存在第三方传输个人信息的情况,应向用户明示 | 1)在您的产品隐私政策中“个人信息共享”条款部分或“所集成的第三方SDK情况说明”条款部分告知用户相应功能/服务由Sigmob SDK提供,参考相应Sigmob SDK隐私政策内容列明收集、使用的最终用户个人信息类型、目的及用途,并显示相应Sigmob SDK隐私政策链接,链接请确保为可访问的活链接。可参考Sigmob SDK 隐私政策 (SDK内部会被com.sigmob、com.czhj 两个组件功能使用,建议开发者在隐私声明处将上述两个包名依次列举) | |
| 4、隐私政策时效性、更新与通知 | 1)应明确标识隐私政策发布、生效或更新日期; 2)如果发生业务功能变更、个人信息出境情况变更、使用目的变更、个人信息保护相关负责人联络方式变更等情形时,隐私政策应进行相应修订,并通过电子邮件、信函、电话、推送通知等方式及时告知用户 | |
| 5、收集个人信息应满足最小必要原则 | 1)实际收集的个人信息类型不得超出隐私政策所述范围; 2)App不应收集与业务功能无任何关系的个人信息; 3)在用户明确拒绝后不得继续频繁索要权限、打扰用户; 4)App更新升级后,不应更改原有的系统权限设置。 | |
| 用户权利 | 1、个性化退出机制 | 1)应当提供拒绝或关闭APP使用个人特征的方式,在用户拒绝或关闭后,不使用此类特征进行信息推送或商业营销。 |
| 2、支持用户注销账号 | 1)提供用户注销账户的明确途径,并在用户注销账号后及时删除其个人信息或进行匿名化处理。 | |
| 3、不得诱导/欺骗/强迫用户跳转、点击、下载 | 1)App弹出广告或者启动其他信息弹窗页面时,应提供显著、有效的关闭或跳过功能,不得利用文字、图片、视频等方式欺骗误导用户跳转至其他页面。 |
APP Compliance requirements
| Compliance | Requirements | |
|---|---|---|
| Privacy policy and use of personal information collection | 1. Independence and legibility of privacy policy | 1) APP should provide an independent privacy policy; 2) The privacy policy should be written independently and should not exist as part of the user agreement and other explanatory documents |
| 2. The privacy agreement should be easy to access and users can choose whether to agree or not. | 1) The privacy policy of your product should be displayed to the user for the first time when the user opens your product or through the online display of the agreement in the registration/registration interface of your product. This policy should be agreed by the end user independently, and should not be authorized by the user by clicking "Agree" by default. There should not be a package of multiple business functions and permissions, requiring users to accept a package. 2) End users can access your product privacy policy by clicking/sliding within 4 times after entering the main functional interface of your product; | |
| 3. In the case of personal information transmission by a third party, the user shall be explicitly notified | 3) Inform users of the corresponding functions/services provided by Sigmob SDK in the "Personal Information Sharing" section or the "Integrated third-party SDK Description" section of your product privacy Policy. Refer to the corresponding Sigmob SDK privacy policy content to specify the type, purpose and purpose of the collected and used end user personal information. And display the corresponding Sigmob SDK privacy policy link, please ensure that the link is a live link accessible. See Sigmob SDK Privacy policy (The SDK will be used by com.sigmob and com.czhj two component functions, it is recommended that developers list the above two package names in order in the privacy statement) | |
| 4. Timeliness, Update and notice of Privacy policy | 1) The date of publishing, effective or updating the privacy policy should be clearly marked; 2) In case of changes in business functions, emigration of personal information, changes in purpose of use, changes in contact information of persons in charge of personal information protection, etc., the Privacy Policy shall be revised accordingly and informed to users in time by E-mail, letter, telephone, push notification, etc | |
| 5. the collection of personal information should meet the minimum necessary principle | 1) The type of personal information actually collected shall not exceed the scope stated in the Privacy Policy; 2) App should not collect personal information that is not related to business functions; 3) Do not continue to ask for permission or disturb users frequently after the user clearly refuses; 4) After the App is updated and upgraded, the original system permission Settings should not be changed. | |
| User rights | 1. Personalized exit mechanism | 5) Methods should be provided to reject or close the use of personal features by the APP, and such features should not be used for information push or commercial marketing after the user rejects or closes the app. |
| 2. Support user logout | 6) Provide a clear way for users to log out of their accounts, and delete or anonymize their personal information in a timely manner after they log out of their accounts. | |
| 3. Shall not induce/deceive/force users to jump, click, download | 7) When the App pops up advertisements or launches other information pop-up pages, it should provide significant and effective closing or skipping functions, and it should not deceive and mislead users to jump to other pages by using words, pictures, videos and other means. |