SDK Developer Personal Information Protection Compliance Guide

We sincerely thank you for integrating and using Baidu's Software Development Kits (SDKs) into your mobile applications.
Baidu is deeply committed to protecting user personal information, including that of end users of mobile applications that integrate Baidu log service software development kit (hereinafter referred to as "Baidu SDK"), and hereby formulates the Baidu Service SDK Personal Information Protection Compliance Developer Guidelines for your reference when you integrate and use Baidu SDK in your mobile applications (hereinafter referred to as "mobile applications").

I. Basic requirements for personal information protection compliance

To integrate and use Baidu SDK in the developed mobile applications, you must first comply with the following basic requirements for personal information protection compliance:

1. You shall abide by all applicable laws, regulations and regulatory documents related to the collection and use of personal information of end users, including but not limited to the Cyber Security Law, the Rules on Identifying Illegal Collection/Use of Personal Information by Apps, the MIIT Notification on Special Campaign Against APP Violations of Users' Rights and Interests (MIIT Letter [2019] No.337), and the MIIT Notification on Further Regulating APP Data Practices (MIIT Letter [2020] No.164), etc., to protect the personal information security of users.
   
2. You shall inform the end users of the integration and use of Baidu SDK services in mobile applications, as well as the collection, use and protection rules of Baidu SDK for end users' necessary personal information (see Log Service SDK Privacy Policies for details) in a prominent position of mobile applications or in other ways that can reach the end users (see Part II "How to Inform End Users" and Part III "Example of Notification" of these guidelines for details), and obtain the complete, legal and valid authorization of the end user for Baidu SDK to collect and use their personal information during the use of Baidu SDK service. If the end user is a minor under 14, you must obtain the complete, legal and valid authorization from his parents or other guardians for Baidu SDK to collect and use the end user’s personal information during the use of Baidu SDK service.
   
3. You shall provide end users with easy user rights realization mechanisms, including access, correction, deletion of their personal information, revocation or change of their authorization, cancellation of their individual accounts.
   
4. You must ensure that, during the first launch of the mobile application, end users read and agree to the mobile application's privacy policies before initializing the Baidu SDK to collect their information.

In addition to meeting these fundamental requirements for personal information protection, you must also comply with the privacy policies of the Baidu SDK integrated into and utilized by your mobile application.

II. How to Inform End Users

To help you clearly inform end users about the collection, use and protection of Baidu SDK personal information, we provide you with the following notification methods for your reference:

1. Inform end users that the corresponding function/service is provided by Baidu SDK in the clause of “Personal Information Sharing”or“Integrated Third Party's SDK” of mobile application privacy policies, and display the correspondingBaidu SDK privacy policy link inform end users of the type, purpose and use of the their personal information collected and used by Baidu SDK Present mobile application privacy policies to users throughonline display of protocols when users open the mobile application for the first time or on the registration/login page of the mobile application, and obtain the explicit consent of end users**(for example, click Agree or tick √).
   
2. Inform end users that the corresponding function/service is provided by Baidu SDK in the clause of“Personal Information Sharing” or“Integrated Third Party's SDK” of mobile application privacy policies, and list the type, purpose and use of the end users’ personal information collected and used interms or forms by reference to the contents of Baidu SDK privacy policies. Present mobile application privacy policies to users throughonline display of protocols when users open the mobile application for the first time or on the registration/login page of the mobile application, and obtain the explicit consent of end users**(for example, click Agree or tick √).
   
3. When end users open/use the corresponding function/service in the mobile application for the first time, display the corresponding Baidu SDK privacy policy linkby pop-up windows or page prompts to inform end users that the corresponding function/service is provided by Baidu SDK as well as the type, purpose and use of the end users’ personal information collected and used by Baidu SDK to provide the corresponding function/service, and obtain the explicit consent of end users(for example, click Agree or tick √).

III. Example of Notification

To help you clearly inform end users about protection rules of Baidu SDK personal information, we provide you with the following notification method example for your reference:

Example A

To provide log service, we have integrated the Log Service SDK. When providing you with log service, the Log Service SDK needs to collect and use your necessary personal information. For the types, purposes and uses of personal information collected and used by the Log Service SDK, and how the Log Service SDK will protect the collected and used personal information, please read the Log Service SDK Privacy Policies carefully.

Example B

For the realization of App corresponding functions and the safe and stable operation of the application, we may access the third-party SDK to achieve related purposes. The specific access to the third-party SDK is listed as follows:

Example C

To provide log service, we have integrated the Log Service SDK. When providing you with log service, the Log Service SDK collects and uses your wifi status, device model and ip address to detect network quality, device performance and SDK communication quality. Please read the Log Service SDK Privacy Policies carefully for details.

Example D

For the realization of App corresponding functions and the safe and stable operation of the application, we may access the third-party SDK to achieve related purposes. The specific access to the third-party SDK is listed as follows:

IV. Compliance Notices for Use of SDK Service

1. Before utilizing Baidu SDK, you must thoroughly review the relevant protocols, this compliance guide, the user agreement, privacy policies, and other related documents, and conduct a self-assessment of the privacy policies of your application and its practices regarding the collection, storage, use, and sharing of personal information.
2. You must acknowledge and confirm that the Baidu SDK collects personal information, and that this data collection is necessary and aligned with the objectives of our collaboration.
3. You commit to formulating and publishing your application's privacy policies in accordance with relevant regulations. These policies must provide clear, explicit, and prominent explanations regarding the necessity, scope, methods, and purposes of collecting personal information through the SDK. Additionally, you are required to ensure that when your application is launched for the first time, users are clearly prompted with a pop-up or similar compliance mechanism to read the privacy policies, and obtain their lawful authorizations before the Baidu SDK is initialized to begin collecting and processing personal information.
4. You have thoroughly read and understood the Baidu SDK platform agreements, cooperation guidelines, privacy policies, and access documents, and you commit that during your usage of Baidu SDK services, you have secured continuous and valid user consent for the collection, use, processing, sharing, and transfer of their personal information by Baidu SDK. You also guarantee not to breach any applicable national laws, regulations, standards, or the mutual agreements made between both parties.
5. If your app caters to children or minors under the age of 14, you commit to complying with laws and regulations on the protection of children's personal information and minors' rights, taking appropriate measures, and ensuring you have obtained consent from their guardians.
6. If you breach Baidu SDK platform agreements, cooperation guidelines, privacy policies, or access terms, resulting in claims from your users or third parties against Baidu or leading to any legal disputes, you will take full responsibility for resolving such issues. You are obligated to compensate for any losses caused to Baidu or its related entities.
7. You guarantee that during and after the cooperation period, all data obtained from Baidu SDK will be kept strictly confidential. You will not provide, leak, or disclose this data to any third party without proper authorization. All necessary legal measures will be taken to prevent data from being distributed, disseminated, disclosed, copied, misused, or accessed by unauthorized personnel, avoiding any unauthorized use of the data outside the scope of the cooperation agreement.