Privacy Policy Example
To better mitigate the risks associated with incomplete privacy statements, we recommend adding a “Privacy Policy Statement” in apps that have integrated the Device Fingerprinting SDK. After customers have become familiar with and consented to the privacy terms, product functionalities can then be invoked. An example of the statement’s content is as follows:
Privacy Policy (Content subject to modification by the enterprise as per actual circumstances)
When you use “Your Product Name“ products and related functionality services, in order to ensure the normal operation of the software, we collect information such as your device model, device operating system type, device operating system version, device brand, device screen size, device battery level, and device charging status. After anonymizing this information, it is used to establish a device fingerprinting model to implement security and risk control technology. The following are the essential information we must collect to provide product services and ensure the proper operation of the product:
System | Third Party | Purpose | The Scope of Information Collection |
---|---|---|---|
iOS | GeeTest Device Fingerprinting SDK | Establish a device fingerprinting model, detect device risk status, and ensure business security | 1. Device Information: Operation system, device model, device brand, device screen size, IDFA, IDFV, and location information, etc. 2. Device Environment Information: jailbreaking identification, emulator identification, debugging identification, etc. 3. Other Information: Installation package name, and more.” |
Android | GeeTest Device Fingerprinting SDK | Establish a device fingerprinting model, detect device risk status, and ensure business security | 1. Device Information: Operation system, device model, device brand, device screen size, IDFA, IDFV, and location information, etc. 2. Device Environment Information: rooting identification, emulator identification, debugging identification, etc. 3. Other Information: Installation package name, and more.” |
How we protect your user information
In order to safeguard information security for you and your users’, we will take reasonable physical, electronic, and managerial security measures in line with industry standards to protect your information and make every reasonable effort to ensure that your and your users’ information is not leaked, damaged, or lost:
We will use encryption, de-identification technology, anonymization, and other reasonable and feasible means that meet or exceed industry standards to protect your personal information, and employ security measures to prevent malicious attacks on your personal information.
We have dedicated management departments and data security procedures in place to ensure the security of your personal information. We implement strict data usage and access policies, ensuring that only authorized personnel can access your personal information. We conduct regular security education and training for staff and perform security audits of data and technology as needed.
The information we collect is stored in secure operational environments not accessible to the public. To prevent unauthorized access to your information, we store it on servers protected by firewalls and possibly encryption. However, it’s important to understand that there are no absolutely foolproof security measures on the internet. Even though we make significant efforts, it is still possible that we cannot completely eliminate the risk of illegal access to your personal information. Additionally, due to the inability to verify the accuracy of statements made by others, we may be deceived by unreliable, misleading, or illegal information.
In the unfortunate event of a personal information security breach, we will notify you in accordance with legal requirements. This notification will include the basic details of the security incident and potential impacts, measures we have taken or will take to address the issue, recommendations for you and your users to prevent and mitigate risks, and remedial actions for you and your users. We will communicate this information to you and your users through methods such as email, postal mail, telephone, push notifications, and, when it is challenging to individually inform data subjects, we will reasonably and effectively issue public announcements. Additionally, we will report the handling of personal information security incidents to regulatory authorities as required.