Compliance Requirements for App Developers to Access the Easemob SDK
With the app supervision gradually enhanced by regulatory agencies, as of July 30, 2021, a total of 1,407 non-compliant apps have been reported to the public, and 377 apps that refuse to perform rectifications have been taken offline. According to national laws and regulations and the law enforcement requirements of regulatory agencies, when an app uses a third-party SDK, the SDK must be indicated in the app privacy policy and the SDK initialization configuration must be delayed in the call sequence to ensure that the SDK cannot be activated for collecting data and providing services until the user agrees to the app privacy policy. In order to help developers of our customers avert compliance risks, Easemob has developed privacy policy compliance requirements, including what privacy policy contents to show and how to show the contents.
1. Privacy Policy Content Compliance
Note: This information collection scope description applies to SDK 3.8.4 and later.
When app developers access Easemob SDK services, the “Third-Party Services”/“Third-Party Partners” in the app privacy policy or personal information protection policy and other relevant public documents should clearly state the purpose, ways and scope of the collection and use of personal information by the Easemob SDK integrated in the app, in accordance with the requirements of laws and regulations of China and related specifications. Easemob provides privacy policy contents in two manners for app developers to adjust their privacy policies in a more efficient and compliant way for personal information protection.
Manner 1. Presenting to users in text
For example: We use the third-party Easemob (Beijing Easemob Technology Co, Ltd. hereinafter referred to as "Easemob") SDK service to provide you with the [ ] function. In order to implement this function properly, you need to authorize the Easemob SDK to provide related services. Upon your authorization, Easemob will collect your relevant personal information. For the types and usage of information collected by Easemob, personal information protection rules, and account cancellation mechanisms, please refer to the User Privacy Agreement (https://www.easemob.com/protocol/en) on the official website (https://www.easemob.com/) of Easemob.
Reference expression 2. Presenting to users in a form
For example: [Your app name] (iOS/android) Details of the third-party SDK
SDK Name | Scenario Description | Type of Personal Information Collected | Third-Party Organization | Third-Party Privacy Policy Link |
---|---|---|---|---|
Hyphenate-chat SDK | One-to-one chat, group chat, chat room | User ID, app ID (application package name), random device ID, device hardware type, device model, system type, SDK version, device network type, and time taken for login. | Beijing Easemob Technology Co, Ltd. | https://www.easemob.com/protocol/en |
2. Privacy Policy Display Form Compliance
It is necessary to add a pop-up window with obvious consent and rejection buttons so that users can choose whether to accept the privacy policy. The “Easemob User Privacy Agreement” link included in the app privacy policy should be available to users.