From 7688dbb5cacfa59971b4b527d31409698ce422ad Mon Sep 17 00:00:00 2001 From: Fankesyooni Date: Tue, 26 Apr 2022 00:41:55 +0800 Subject: [PATCH] Update README.md/PRIVACY.md --- PRIVACY.md | 359 +++++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 4 + 2 files changed, 363 insertions(+) create mode 100644 PRIVACY.md diff --git a/PRIVACY.md b/PRIVACY.md new file mode 100644 index 0000000..476bac5 --- /dev/null +++ b/PRIVACY.md @@ -0,0 +1,359 @@ +### ColorOS 通知图标增强 隐私政策 + +> 简体中文 + +版本:1.0 + +修订与生效日期:2022年4月25日 + +#### 前言 + +为帮助您使用 ColorOS 通知图标增强产品(以下简称“本产品”)或服务,我们可能收集与提供服务相关的设备信息或申请设备权限,您有权拒绝或撤回授权; + +我们采取了互联网业内标准的技术措施和数据安全措施来保护您的设备信息安全; + +除非再次征得您的同意,我们不会将您的设备信息用于本政策未载明的其他目的; + +在阅读本协议前,请确认您已年满 18 岁,否则请在父母的陪同下阅读本协议。 + +#### 目录 + +``` +1. 引言 +2. 本产品处理设备信息的法律依据 +3. 我们如何收集和使用您的设备信息 +3.1 向您提供本产品和/或服务的核心业务功能 +3.2 征得授权同意的例外 +4. 我们如何转让、公开披露您的设备信息 +4.1 转让您的设备信息 +4.2 公开披露 +4.3 共享、转让、公开披露设备信息授权同意的例外 +5. 您管理设备信息的权利 +5.1 设备权限调用 +6. 如何更新与修改本政策 +7. 争议解决 +8. 名词解释 +``` + +1. 引言 + +【特别提示】 + +请您在使用我们的各项产品和/或服务前,仔细阅读并充分理解本政策。一旦您使用或继续使用本产品/服务,即表示您同意我们按照本政策处理您的相关信息。 + +2. 本产品处理设备信息的法律依据 + +如果您是中华人民共和国大陆地区的用户,我们将依据《中华人民共和国网络安全法》、《信息安全技术 个人信息安全规范》(GB/T 35273-2017)以及其他相关法律法规收集和使用您的设备信息或申请设备权限,为您提供本产品或服务。 我们通常只会在征得您同意的情况下收集您的设备信息。 + +3. 我们如何收集和使用您的设备信息 + +我们会遵循正当、合法、必要的原则,出于本政策所述的以下目的,收集和使用您在使用服务过程中主动提供或因使用本产品和/或服务而产生的设备信息。如果我们要将您的设备信息用于本政策未载明的其它用途,或基于特定目的将收集而来的信息用于其他目的,我们将以合理的方式向您告知,并在使用前再次征得您的同意。 + +3.1 向您提供本产品和/或服务的核心业务功能 + +为实现 本产品的核心业务功能,我们可能需要向您收集设备信息。以下将详细列出 本产品的核心业务功能及为实现该功能所需收集的设备信息,若您拒绝收集,则无法使用该服务。 + +查看设备中的所有应用信息。 本产品会读取您的设备应用列表; + +搜索功能。 当您使用 本产品提供的搜索功能时,我们可能会使用应用数据缓存,收集您设备上的信息并进行本地存储。 该信息通常无法单独识别您的个人身份。 + +3.2 征得授权同意的例外 + +根据相关法律法规的规定,在以下情形中,我们可以在不征得您的授权同意的情况下收集、使用一些必要的设备信息: + +``` +a. 与国家安全、国防安全直接相关的; +b. 与公共安全、公共卫生、重大公共利益直接相关的; +c. 与犯罪侦查、起诉、审判和判决执行等直接相关的; +d. 出于维护您或其他个人的生命、财产等重大合法权益但又很难得到本人同意的; +e. 所收集的设备信息是您自行向社会公众公开的; +f. 从合法公开披露的信息中收集到您的设备信息,如从合法的新闻报道、政府信息公开等渠道; +g. 根据您的要求签订和履行合同所必需的; +h. 用于维护 本产品的产品和/或服务的安全稳定运行所必需的,例如发现、处置产品或服务的故障; +i. 法律法规规定的其他情形。 +``` + +4. 我们如何共享、转让、公开披露您的设备信息 + +4.1 转让您的设备信息 + +除非获取您的明确同意,我们不会将您的设备信息转让给任何公司、组织或个人。 + +4.2 公开披露 + +除非获取您的明确同意,我们不会公开披露您的设备信息。 + +4.3 共享、转让、公开披露设备信息授权同意的例外 + +根据相关法律法规的规定,在以下情形中,我们可以在不征得您的授权同意的情况下共享、转让、公开披露您的设备信息: + +``` +A. 与国家安全、国防安全有关的; +B. 与公共安全、公共卫生、重大公共利益有关的; +C. 与犯罪侦查、起诉、审判和判决执行等有关的; +D. 出于维护您或其他个人的生命、财产等重大合法权益但又很难得到本人同意的; +E. 您自行向社会公众公开的设备信息; +F. 从合法公开披露的信息中收集到的设备信息的,如合法的新闻报道、政府信息公开等渠道。 +G. 法律法规规定的其他情形。 +``` + +根据法律规定,共享、转让经去标识化处理的设备信息,且确保数据接收方无法复原并重新识别设备信息主体的,不属于设备信息的对外共享、转让及公开披露行为,对此类数据的保存及处理将无需另行向您通知并征得您的同意。 + +5. 您管理设备信息的权利 + +5.1 设备权限调用 + +我们在提供服务的过程中,可能需要您开通一些设备权限,例如网络连接、查看设备应用列表等访问权限。 您也可以在设备的【设置】功能中随时选择关闭部分或者全部权限,从而拒绝我们收集您相应的设备信息。在不同设备中,权限显示方式及关闭方式可能有所不同,具体请参考设备及系统开发方说明或指引。 + +6. 如何更新与修改本政策 + +6.1 本政策为本产品的重要组成部分。 本产品保留不时更新或修改本政策的权利。 + +6.2 未经您明确同意,我们不会削减您按照本政策所应享有的权利。我们会通过 App 客户端推送通知、弹窗形式等合理方式通知您,以便您能及时了解本政策所做的任何变更。 + +6.3 对于重大变更,视具体情况我们 可能还会提供更为显著的通知 说明本政策的具体变更内容。 重大变更包括但不限于: + +``` +A. 我们的服务模式发生重大变化。如处理设备信息的目的、处理的设备信息类型、设备信息的使用方式等; +B. 我们在所有权结构、组织架构等方面发生重大变化。如业务调整、破产并购等引起的所有者变更等; +C. 设备信息共享、转让或公开披露的主要对象发生变化; +D. 您参与设备信息处理方面的权利及其行使方式发生重大变化; +E. 我们负责处理设备信息安全的责任部门、联络方式及投诉渠道发生变化; +F. 设备信息安全影响评估报告表明存在高风险时。 +``` + +6.4 若您不同意修改后的隐私政策,您有权并应立即停止使用 本产品的服务。如果您继续使用 本产品的服务,则视为您接受 本产品对本政策相关条款所做的修改。 + +7. 争议解决 + +7.1 如果您认为我们的设备信息处理行为损害了您的合法权益,您也可向有关政府部门进行反映。 + +8. 名词解释 + +本隐私政策中使用到的名词,在通常意义中有如下定义: + +设备信息: 设备信息是指以电子或者其他方式记录的能够单独或者与其他信息结合识别设备身份的各种信息,包括但不限于设备的品牌、型号、系统版本、 唯一设备标识符、 网络 IP 地址、Cookie等; + +设备: 设备是指可用于访问本产品和/或服务的装置,例如台式计算机、笔记本电脑、平板电脑或智能手机。 唯一设备标识符: 唯一设备标识符(专属 ID 或 UUID)是指由设备制造商编入到设备中的一串字符,可用于以独有方式标识相应设备(例如手机的 IMEI +号)。唯一设备标识符有多种用途,其中可在不能使用 Cookie(例如在移动应用程序中)时用以提供广告。 + +IP 地址: 每台上网的设备都会指定一个编号,称为互联网协议 ( IP ) 地址。这些编号通常都是根据地理区域指定的。IP 地址通常可用于识别设备连接至互联网时所在的位置。 + +信息收集技术: 我们在《ColorOS 通知图标增强 隐私政策》中所述的“自动收集”包括以下方式: A. Cookie(曲奇档案) Cookie 是您浏览网页时,网站服务器放在客户端(您的计算机、移动电话或其他智能终端内)里面的一个小小的文本文件,当您再次访问相应网站时,网站就可通过 +Cookie 识别您的浏览器。Cookie 可能会存储用户偏好及其他信息。您可以将浏览器配置为拒绝所有 Cookie 或在网站发送 Cookie 时显示提示。不过,如果没有 Cookie,某些网站功能或服务可能无法正常工作。 B. Web beacon(网络信标) Web beacon +是装嵌在网站或电邮内的电子图像文件案或其他技术,可用于计算访客数目、记录您是否及何时阅览电邮或网站,或用以使用某些 Cookie。 C. Log files(日志文件) Log files 储存自动收集的若干数据。该等数据包括互联网协议( IP )地址、浏览器类型、互联网服务提供商( +ISP )、引用/退出页面、操作系统、日期/时间戳和点击流数据等。 D. ET Tag(实体标签) ET Tag 是在互联网浏览器与互联网服务器之间背后传送的 HTTP 协议标头,可代替 Cookie,用以追踪个别使用者,使我们可更深入地了解和改善我们的服务。 E. JavaScript +JavaScript 是一种编程语言,用于制作更具互动性和动态的网页。JavaScript 可以设定 Cookie、阅读 Cookie 及删除 Cookie。 + +算法: 计算机在执行解题运算时遵循的流程或一系列规则。 + +应用数据缓存: 应用数据缓存是指设备上的一种数据存储机制。使用它有很多好处,例如,可让网络应用在未连接互联网的情况下运行,以及可通过提高内容加载速度来改善相关应用的性能。 + +非个人身份信息: 记录的与用户相关的信息,但实际上不可直接或间接识别您身份的信息,包括经过去标识化、匿名化处理或化名方式提供的设备信息。 + +去标识化: 指通过对设备信息的技术处理,使其在不借助额外信息的情况下,无法识别设备信息主体的过程。 + +匿名化: 指通过对设备信息的技术处理,使得设备信息主体无法被识别,且处理后的信息不能被复原的过程。 + +服务器日志: 与大多数网站一样,我们的服务器会自动记录您在访问网站时所发出的网页请求。这些“服务器日志”通常包括您的网络请求、互联网协议地址、浏览器类型、浏览器语言、请求的日期和时间及可以唯一识别您的浏览器的一个或多个 Cookie。 + +### ColorOSNotifyIcon Privacy Policy + +> English + +Version: 1.0 + +Amendment and effective date: April 25, 2022 + +#### Preface + +In order to help you use ColorOSNotifyIcon products (hereinafter referred to as "this product") or services, we may collect device information +related to the provision of services or apply for device permissions, and you have the right to refuse or withdraw authorization; + +We have adopted technical measures and data security measures that are standard in the Internet industry to protect the security of your device +information; + +Unless we obtain your consent again, we will not use your device information for other purposes not specified in this policy; + +Before reading this agreement, please confirm that you are at least 18 years old, otherwise please read this agreement with your parents. + +#### content + +```` +1 Introduction +2. Legal basis for this product to process device information +3. How we collect and use your device information +3.1 Provide you with the core business functions of this product and/or service +3.2 Exceptions to Authorized Consent +4. How we transfer and publicly disclose your device information +4.1 Transfer your device information +4.2 Public disclosure +4.3 Exceptions to Authorization and Consent for Sharing, Transfer, and Public Disclosure of Device Information +5. Your Right to Manage Device Information +5.1 Device permission call +6. How to update and modify this policy +7. Dispute Resolution +8. Glossary +```` + +1 Introduction + +【Special Note】 + +Please read and fully understand this policy before using our products and/or services. Once you use or continue to use this product/service, you +agree that we will process your relevant information in accordance with this policy. + +2. Legal basis for this product to process device information + +If you are a user in the mainland of the People's Republic of China, we will collect and use your Device information or apply for device +permissions to provide you with this product or service. We generally only collect your device information with your consent. + +3. How we collect and use your device information + +We will follow the principles of legitimacy, lawfulness, and necessity, and for the following purposes described in this policy, to collect and +use the device information that you actively provide during the use of the service or that arises from the use of this product and/or service. If +we want to use your device information for other purposes not specified in this policy, or use the collected information for other purposes based +on a specific purpose, we will inform you in a reasonable manner and ask again before use with your consent. + +3.1 Provide you with the core business functions of this product and/or service + +In order to implement the core business functions of this product, we may need to collect device information from you. The following will list in +detail the core business functions of this product and the device information that needs to be collected to achieve this function. If you refuse +to collect, you cannot use the service. + +View all app information on the device. This product will read your device application list; + +searching feature. When you use the search function provided by this product, we may use application data cache, collect information on your +device and store it locally. This information generally does not individually identify you as an individual. + +3.2 Exceptions to Authorized Consent + +According to relevant laws and regulations, we may collect and use some necessary device information without your authorization and consent under +the following circumstances: + +```` +a. Directly related to national security and national defense security; +b. Directly related to public safety, public health, and major public interests; +c. Directly related to criminal investigation, prosecution, trial and execution of judgments; +d. In order to protect your or other personal life, property and other major legitimate rights and interests, but it is difficult to obtain my consent; +e. The collected device information is disclosed to the public by you; +f. Your device information is collected from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels; +g. Necessary to enter into and perform a contract at your request; +h. Necessary to maintain the safe and stable operation of the products and/or services of this product, such as finding and disposing of faults in the products or services; +i. Other situations stipulated by laws and regulations. +```` + +4. How we share, transfer, and publicly disclose your device information + +4.1 Transfer your device information + +We will not transfer your device information to any company, organization or individual without your express consent. + +4.2 Public disclosure + +We will not publicly disclose your device information without your express consent. + +4.3 Exceptions to Authorization and Consent for Sharing, Transfer, and Public Disclosure of Device Information + +According to relevant laws and regulations, we may share, transfer and publicly disclose your device information without your authorization and +consent in the following circumstances: + +```` +A. Related to national security and national defense security; +B. Related to public safety, public health, and major public interests; +C. Related to criminal investigation, prosecution, trial and execution of judgments; +D. In order to protect your or other personal life, property and other major legitimate rights and interests, but it is difficult to obtain my consent; +E. The device information that you disclose to the public by yourself; +F. Device information collected from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels. +G. Other situations stipulated by laws and regulations. +```` + +According to the law, sharing and transferring de-identified device information and ensuring that the data recipient cannot restore and +re-identify the subject of the device information is not an act of external sharing, transfer and public disclosure of device information. +Storage and processing will not be required to notify you and obtain your consent. + +5. Your Right to Manage Device Information + +5.1 Device permission call + +In the process of providing services, we may require you to activate some device permissions, such as network connection, viewing device +application list and other access permissions. You can also choose to turn off some or all permissions at any time in the [Settings] function of +the device, thereby refusing us to collect your corresponding device information. In different devices, the display method and closing method of +permissions may be different. For details, please refer to the instructions or guidelines of the device and system developers. + +6. How to update and modify this policy + +6.1 This policy is an important part of this product. This product reserves the right to update or modify this policy from time to time. + +6.2 We will not reduce your rights under this Policy without your express consent. We will notify you through reasonable means such as app client +push notifications and pop-up windows, so that you can keep abreast of any changes to this policy. + +6.3 For major changes, we may also provide a more prominent notice to explain the specific changes to this policy as the case may be. Significant +changes include, but are not limited to: + +```` +A. Significant changes to our service model. Such as the purpose of processing device information, the type of device information processed, the way of using device information, etc.; +B. We have made significant changes in our ownership structure, organizational structure, etc. Such as changes in owners caused by business adjustments, bankruptcy mergers and acquisitions, etc.; +C. The main object of equipment information sharing, transfer or public disclosure has changed; +D. Significant changes in your rights to participate in the processing of device information and the way you exercise it; +E. The responsible department, contact information and complaint channel that we are responsible for handling equipment information security have changed; +F. When the equipment information security impact assessment report indicates that there is a high risk. +```` + +6.4 If you do not agree with the revised Privacy Policy, you have the right and should immediately stop using the services of this product. If +you continue to use the services of this product, it is deemed that you accept the modifications made by this product to the relevant terms of +this policy. + +7. Dispute Resolution + +7.1 If you believe that our device information processing has damaged your legitimate rights and interests, you can also report to the relevant +government departments. + +8. Glossary + +Terms used in this Privacy Policy have the following definitions in their usual meanings: + +Device information: Device information refers to various information recorded electronically or in other ways that can identify the identity of +the device alone or in combination with other information, including but not limited to the brand, model, system version, unique device +identifier, network IP address of the device , Cookies, etc.; + +Device: A device is a device that can be used to access the Product and/or Service, such as a desktop computer, laptop, tablet or smartphone. +Unique Device Identifier: A Unique Device Identifier (Unique ID or UUID) is a string of characters programmed into a device by the device +manufacturer that can be used to uniquely identify the device (such as the IMEI of a mobile phone) +No). Unique device identifiers are used for a variety of purposes, including serving advertisements when cookies cannot be used, such as in +mobile applications. + +IP Address: Every device that goes online is assigned a number called an Internet Protocol (IP) address. These numbers are usually assigned by +geographic area. An IP address can often be used to identify where a device is connected to the Internet. + +Information collection technology: The "automatic collection" described in the "ColorOSNotifyIcon Privacy Policy" includes the following methods: +A. Cookie (cookie file) Cookie is when you browse the web, the website server places it on the client (your A small text file in a computer, +mobile phone or other intelligent terminal), when you visit the corresponding website again, the website can pass Cookies identify your browser. +Cookies may store user preferences and other information. You can configure your browser to refuse all cookies or to display a prompt when a +website sends a cookie. However, some website features or services may not function properly without cookies. B. Web beacon (web beacon) +Web beacon An electronic image file or other technology embedded in a website or email that can be used to count visitors, record whether and +when you view an email or website, or to use certain cookies. C. Log files Log files store certain data collected automatically. This data +includes Internet Protocol (IP) address, browser type, Internet Service Provider ( +ISP), referring/exit pages, operating system, date/time stamp and clickstream data, etc. D. ET Tag (Entity Tag) ET Tag is an HTTP protocol header +transmitted behind the Internet browser and Internet server, which can replace cookies to track individual users, so that we can better +understand and improve our Serve. E. JavaScript JavaScript is a programming language used to make more interactive and dynamic web pages. +JavaScript can set cookies, read cookies and delete cookies. + +Algorithm: A process or set of rules that a computer follows when performing a problem-solving operation. + +App data cache: App data cache refers to a data storage mechanism on the device. There are many benefits to using it, such as allowing web +applications to run without an internet connection, and improving the performance of related applications by increasing the speed of content +loading. + +Non-Personally Identifiable Information: Information that is recorded about a user but does not actually identify you directly or indirectly, +including device information that has been de-identified, anonymized, or provided under a pseudonym. + +De-identification: refers to the process of technical processing of device information to make it impossible to identify the subject of device +information without the aid of additional information. + +Anonymization: refers to the process in which the subject of the device information cannot be identified and the processed information cannot be +recovered through the technical processing of the device information. + +Server Logs: Like most websites, our servers automatically log the web page requests you make while visiting the website. These "server logs" +typically include your web request, internet protocol address, browser type, browser language, date and time of the request, and one or more +cookies that uniquely identify your browser. \ No newline at end of file diff --git a/README.md b/README.md index d05a453..a40caab 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,10 @@ Optimize notification icons for ColorOS and adapt to native notification icon sp - 工作不易,无意外情况此项目将继续维护下去,提供更多可能,欢迎打赏。

+## 隐私政策 + +- [PRIVACY](https://github.com/fankes/ColorOSNotifyIcon/blob/master/PRIVACY.md) + ## 许可证 - [AGPL-3.0](https://www.gnu.org/licenses/agpl-3.0.html)