版本发布日期：2025年01月10日
Issuance date: January 10, 2025

版本生效日期：2025年01月10日
Effective date: January 10, 2025

中信银行股份有限公司（注册地址及联系地址：北京市朝阳区光华路10号院1号楼6-30层、32-42层；以下简称“我行”或“我们”））非常重视用户的隐私和个人信息保护，同时我行承诺依法采取相应的安全保护措施来保护您的个人信息。您使用我行电子银行服务时，我行将按照中信银行电子银行隐私政策（以下简称“本政策”）处理您的个人信息。本政策与您所使用的我行电子银行服务以及该服务所包括的各种业务功能息息相关，希望您在使用我行的产品或服务前仔细阅读，并确认您已经充分理解本政策所写明的内容，并按照本政策的指引做出您认为适当的选择。对于涉及到您的权益及免除、限制我行责任等重要内容，这些条款已采用字体加粗形式提示您特别注意。在阅读过程中如您对本政策内容有任何疑问、意见或建议，请联系我行。如果您未满 18 周岁，请在父母或其他监护人的陪同下阅读本政策，并特别注意未成年人使用条款。
China CITIC Bank Co., Ltd. (registered address and contact address: Floor 32-42, Floor 6-30, Building 1, No.10 Courtyard, Guanghua Road, Chaoyang District Beijing, Beijing; hereinafter referred to as “we”, “us” or “our”) attaches great importance to the privacy and the protection of personal information of users. We undertake to take appropriate security measures according to law to protect your personal information. When you use our e-banking services, we will process your personal information in accordance with the E-Banking Privacy Policy of China CITIC Bank (hereinafter referred to as “this Policy”). This Policy is closely related to our e-banking services and various business functions included therein you use. We hope you can read it carefully before using our products or services, and acknowledge that you have fully understood the contents contained herein, so that you can make an informed choice under the guidance of this Policy. Important clauses relating to your rights, exemption and limitation of our liabilities have been highlighted in bold to draw your attention. If you have any questions, comments or suggestions about the content of this Policy, please feel free to contact us. If you are under the age of 18, please read this Policy in the presence of your parent or other guardian, and pay special attention to the terms of use for minors.

本政策将帮助您了解以下内容：
This Policy will help you understand the following contents:

一、我行如何收集和使用您的个人信息
I. How we collect and use your personal information

二、我行如何使用Cookie技术
II. How we use Cookies

三、我行如何存储和保护您的个人信息
III. How we store and protect your personal information

四、我行如何共享、转让和公开披露您的个人信息
IV. How we share, transfer, and publicly disclose your personal information

五、您如何行使您的权利
V. How you exercise your rights

六、我行如何处理未成年人信息
VI. How we process the personal information of minors

七、本政策的适用及更新
VII. Application and update of this Policy

八、本政策的语言
VIII. Language of this Policy

九、如何联系我行
Ⅸ. How to contact us

十、附录
X. Appendix

一、我行如何收集和使用您的个人信息
I. How we collect and use your personal information

（一）信息如何收集
(I) How to collect information

为向您提供服务并确保您的电子银行服务（网上银行服务、手机银行服务、门户网站服务和微信银行服务）安全，在您使用电子银行服务过程中，我行会收集您在使用服务过程中主动输入或因使用服务而产生的信息：
To provide you with services and ensure the security of your using of our e-banking services (online banking service, mobile banking service, portal website service and WeChat banking service), we will collect information entered by you during your use of or generated by your use of our e-banking services.

1.当您开通电子银行服务时，依据法律法规及监管要求，我行会收集您的手机号码、短信验证码，以帮助您完成电子银行注册。如果您拒绝提供这些信息，您可能无法开通电子银行或无法正常使用我行的服务。
1. When you sign up for e-banking services, according to laws, regulations and regulatory requirements, we will collect your mobile phone number and SMS verification code to help you complete e-banking registration. If you refuse to provide such information, you may not be able to sign up for e-banking services or use our services normally.

2.当您使用电子银行功能或服务时，在下列情形中，您可以选择是否向我行提供或授权我行收集相应服务所需的个人信息。如您拒绝提供部分功能或服务所需信息，您可能无法使用相应部分功能或服务，但这不影响您正常使用电子银行的其他功能或服务。
2. When you use e-banking functions or services, you can choose whether to provide us with or authorize us to collect personal information required for the corresponding service in the following situations. Your refusal to provide information required for some functions or services may prevent you from using such functions or services, but this will not affect your normal use of other e-banking functions or services.

（1）在您注册成为我行用户时，您需提供您本人的手机号码，并设置登录密码，我行将通过发送短信验证码的方式来验证您的身份是否有效。
(1) When you register as a user with us, you need to provide your own mobile phone number and set a login password, and we will verify whether your identity is valid by sending you an SMS verification code.

在您使用我行服务时，您需提供您本人的手机号码，我行将通过发送短信验证码的方式来验证您的身份是否有效。根据相关法律法规的规定，您需通过身份基本信息多重交叉验证后方可使用我行的部分服务（包括：转账汇款、支付、购买理财产品、基金、保险、信托及资管计划、贷款、出国金融），如果您需使用此类服务，则需提供更多信息（包括：姓名、证件、卡号、手机号）以完成身份基本信息多重交叉验证。同时，为了验证您提供信息的准确性和完整性，我行会与合法留存您的信息的国家机关、金融机构、企事业单位进行核对；如在验证核对过程中我行需要向前述验证机构收集您的信息，我行会依照法律法规的规定要求相关验证机构说明其个人信息来源，并对其个人信息来源的合法性进行确认、了解上述机构已获得的个人信息处理的授权同意范围。
When you use our services, you need to provide your own mobile phone number, and we will verify whether your identity is valid by sending you an SMS verification code. According to relevant laws and regulations, you need to go through multifactor authentication before you can use some of our services (including money transfer and remittance, payment, purchase of wealth management products, fund, insurance, trust and asset management plans, loan and overseas finance). If you need to use such services, you need to provide more information (including name, ID certificate, card number and mobile phone number) to complete multifactor authentication. Meanwhile, to verify the accuracy and completeness of the information you provide, we will check with the state agencies, financial institutions, enterprises and institutions that legally retain your information. If we need to collect your information from the aforementioned verification agencies during the verification process, we will require the relevant verification agencies to explain the source of their personal information in accordance with laws and regulations, confirm the legitimacy of the source of personal information, and learn about the scope of authorization and consent for the processing of personal information that such agencies have obtained.

（2）当您选择通过登录名、登录密码登录时，您可以使用登录手机号/身份证号/银行卡号/邮箱、登录密码登录，我行将对您提供的登录信息进行有效性核验。如您忘记登录密码需要重置时，我们需要验证您的身份信息，包括手机号码、证件号码、银行卡号、邮箱（仅在使用邮箱找回登录密码时验证）、姓名、证件类型、短信验证码、交易密码（或信用卡有效期、卡背标识）、新登录密码。如您不提供以上信息，您将无法找回登录密码，但这不影响您正常使用未登录情况下可用的电子银行功能或服务。
(2) When you choose to log in with your login name and password, you can do that with your mobile phone number/ID number/bank card number/email account and password, and we will verify the validity of the login information you provide. If you forget your login password and need to reset it, we need to verify your identity information, including mobile phone number, ID certificate number, bank card number, email address (to be verified only when you use the email address to recover the login password), name, ID certificate type, SMS verification code, transaction password (or expiration date of credit card, symbol on the back of card) and new login password. If you do not provide the above information, you will not be able to retrieve your login password, but this will not affect your normal use of e-banking functions or services available to you without logging into an account.

（3）如您在手机银行中选择通过指纹、声纹、刷脸功能进行登录、转账或支付，需向我行提供您的指纹、声音和/或人脸图像信息。您可以通过手机银行“安全中心”开启或关闭相关功能。我行不会采集您的指纹，您的指纹仅保存在您授权采集指纹设备上。我行征得您的明示同意后采集的声纹信息和人脸信息，将加密存储于我行信息系统后台数据库中。
(3) If you choose to log in, transfer money or make payment via fingerprint, voiceprint or facial recognition functions in mobile banking, you need to provide us with your fingerprint, voice and/or face image. You can turn on or off related functions in the “Security Center” of mobile banking. We will not collect your fingerprint, which will only be stored on the device which is authorized by you to collect fingerprints. The voiceprint and face feature information collected by us with your express consent will be encrypted and stored in the background database of our information system.

对于某些品牌或型号的手机终端自身的本地生物特征认证功能，如人脸识别功能，其生物识别信息由手机终端提供商进行处理，我行不留存或以其他任何方式处理您应用手机终端相关功能中的信息。
For the local biometric authentication capabilities on mobile terminals of certain brands or models, such as face recognition, the biometric information is processed by the mobile terminal provider, and we will not retain or otherwise process the information stored in the relevant functions of your mobile terminal.

（4）当您使用经授权的第三方账号（如微信/苹果ID/支付宝等）登录手机银行时，我行可能会在您的授权范围内从第三方获取您授权共享的账号信息（如头像、昵称）。您可以选择是否授权我行收集并在您同意授权及本政策后将您的第三方账号与您的中信通行证进行绑定，同时请您详细阅读相关第三方的隐私政策和/或客户（注册）协议。您可以在手机银行“设置”功能中，通过“中信通行证设置”开启或关闭第三方账号登录功能，并同步查询第三方账号绑定历史。
(4) When you log in to mobile banking with an authorized third-party account (such as WeChat /Apple ID/Alipay), we may obtain the account information (such as avatar, nickname) whose sharing is permitted by you to share from a third party within the scope of your authorization. You can choose whether to authorize us to collect information and bind your third-party account to your CITIC Pass after you agree to the granting of permission and this Policy. Meanwhile, please read the privacy policy and/or customer (registration) agreement of the relevant third party carefully. You can turn on or off the third-party account login and query the third-party account binding history via the “CITIC Pass Settings” under the “Settings” function of mobile banking.

请您注意，上述第三方账号服务商可能有自己的隐私政策，且它们的使用不受本政策的约束。如果您同意第三方账号服务商收集信息而导致您的合法权益受到损害的，由相关第三方账号服务商承担相应的法律责任。
Please note that the above-mentioned third-party account service providers may have their privacy policies, and the use thereof is not bound by this Policy. If your legal rights are damaged due to your consent to the collection of information by a third-party account service provider, the relevant third-party account service provider shall bear the resulting legal responsibilities.

（5）当您使用手机银行的手机号转账（移动、电信和联通手机号）、话费充值和汇款短信通知等涉及通讯录的功能时，我行仅获取您从通讯录中点选的联系人信息，并进行加密传输以防恶意截取。拒绝授权后，手机号转账等功能仍可以使用，但需要手工输入手机号码。手机银行仅读取并记录指定电话号码，不读取您的全量通讯录，我行后台系统仅储存指定电话号码。
(5) When you use the functions involving phonebook on mobile banking, such as transfer via mobile phone number (that from China Mobile, China Telecom or China Unicom), phone bill recharge, and SMS notification for remittance, we only obtain the information of the contacts selected by you from the phonebook, and transmit it in an encrypted manner to prevent malicious interception. If you refuse to grant permission, transfer via mobile phone number and other functions are still available, but the mobile phone number needs to be entered manually. Mobile banking only reads and records designated mobile phone numbers, but does not read the full phonebook. Our background system only stores designated mobile phone numbers.

（6）当您使用转账汇款、账号支付、二维码支付、手机号转账、他行卡转入等收付款功能时，您需要提供对手方的手机号码、姓名、银行卡卡号/账号信息，并可能需要提供您的姓名、手机号码、证件类型及证件号码信息，以便于验证身份及使用上述功能的支付服务。此外，我行还会收集您的相关收付款交易记录以便于您查询。有关具体事项按您注册手机银行时同意签署的《中信银行电子银行个人客户服务协议》执行。
(6) When you use such collection and payment functions as transfer and remittance, payment via account number, payment via QR code, transfer via mobile phone number and transfer from cards of other banks, you need to provide the mobile phone number, name, bank card number/account information of the counterparty, and may be required to provide your name, mobile phone number, ID certificate type and ID certificate number to verify your identity and use the payment services of the above functions. In addition, we will also collect transaction records relating to your payments or receipts for the convenience of your inquiry. For relevant specific matters, the E-banking Personal Customer Service Agreement of China CITIC Bank that you agree to sign when you register for mobile banking shall apply.

（7）当您使用个人外汇服务（包括结售汇、跨境汇款）时基于国家外汇管理局《金融机构外汇业务数据采集规范》要求，我行需要收集您的姓名、证件号码、开户行、银行卡号信息，并需要您授权我行提供给国家外汇管理局。同时，当您使用跨境汇款功能时，按照SWIFT（Society for Worldwide Interbank Financial Telecommunications，环球同业银行金融电讯协会）报文要求，您需要提供您的汇款人名称、汇款人地址、付款账号、手机号码及收款方的收款人姓名、收款账号、收款行信息。我行手机银行会在得到您的授权后，将该信息传递至境外机构，包括环球同业银行金融电讯协会（SWIFT）、代理银行、收款银行。
(7) When you use personal foreign exchange services (including foreign exchange settlement and sales, cross-border remittances), as required by the Foreign Exchange Transaction Data Collection Rules for Financial Institutions of the State Administration of Foreign Exchange, we need to collect your name, ID certificate number, opening bank and bank card number, and you are required to authorize us to provide such information to the State Administration of Foreign Exchange. Furthermore, when you use the cross-border remittance function, you are required to provide the remitter’s name, remitter’s address, payment account number, mobile phone number, and the payee’s name, payee’s account number and receiving bank of the beneficiary, according to the message requirements of the Society for Worldwide Interbank Financial Telecommunications (SWIFT). After obtaining your authorization, our mobile banking will transmit the information to overseas institutions, including SWIFT, correspondent banks and receiving banks.

（8）当您使用手机银行提供的实名认证服务时，您需提供您的姓名、证件类型、证件号码、银行卡号/账号，并可能需要提供刷脸认证信息，我行还会通过验证账号/卡密码方式对有关信息进行有效性核验。
(8) When you use the real-name authentication service provided by our mobile banking, you need to provide your name, ID certificate type, ID certificate number and bank card number/account number, and may need to provide the information for facial recognition authentication. We will verify the validity of the relevant information through account number verification/card password.

（9）当您使用手机银行提供的搜索服务时，我行会收集您的搜索关键词信息，以便为您提供更为精准的搜索结果。当您的搜索关键词信息无法单独识别您的身份时，该信息不属于您的个人信息，为了给您和其他用户提供更高效的搜索服务，我行有权对其进行使用；只有当您的搜索关键词信息与您的其他信息相互结合使用并可以识别您的身份时，则在结合使用期间，我行会将您的搜索关键词信息作为您的个人信息，与您的搜索历史记录一同按照本政策对其进行处理与保护。
(9) When you use the search service provided by mobile banking, we will collect your search keywords to provide you with more accurate search results. If your search keywords cannot identify you alone, such information is not your personal information. To provide you and other users with more efficient search services, we have the right to use such information. Only when your search keywords can identify you if used in combination with other information about you, your search keywords will be treated as your personal information during the combined use, and processed and protected together with your search history according to this Policy.

（10）当您使用网点预约、城市服务基于地理位置的功能时，我行会收集您的位置信息，目的是为了向您提供所在位置的相应服务。
(10) When you use branch appointment and location-based city services, we will collect your location information to provide you with the services available at your location.

（11）当您通过手机银行进行信息管理时，包括修改登录密码、指纹/人脸转账支付操作，我行会验证您的原登录密码、交易密码、预留手机号短信验证码。您可以通过手机银行“安全中心”解除设备绑定。
(11) When you manage information through mobile banking, including changing login password or payment/transfer via fingerprint/face recognition, we will verify your original login password, transaction password, reserved mobile phone number and SMS verification code. You can unbind the device through the “Security Center” of mobile banking.

（12）当您使用非柜面渠道动账提醒功能时，我行会收集您的账户信息及交易信息，以便及时向您发送账户资金变动及相关交易通知。
(12) When you use the transaction reminder through non-counter channels, we will collect your account and transaction information to send you timely notifications of the movement of funds and related transactions in your account.

（13）当您使用网上银行、手机银行服务时，我行会收集您的交易信息，形成收款人名册，以简化您的转账操作；如您选择手机短信动态口令作为安全认证工具，我行将向您的签约手机号发送手机短信动态口令，用以网上银行、手机银行交易验证。
(13) When you use online banking and mobile banking services, we will collect your transaction information and create a list of payees to simplify your transfer operations. If you choose to use an SMS dynamic password as a security authentication tool, we will send an SMS dynamic password to your mobile phone number signed up for online banking and mobile banking transaction verification.

（14）当您使用中信银行App在商家进行消费时，我行需要按照法律法规及监管规定对商家进行管理，防范套现或欺诈风险，因此，我行将直接收集或向商家收集您的交易信息，包括交易金额、交易对象、交易商品、交易时间、订单信息（如有）。
(14) When you make purchases from merchants on the China CITIC Bank App, we need to manage merchants in accordance with laws, regulations and regulatory requirements to prevent cash-out or fraud risks. Therefore, we will collect directly or from merchants your transaction information, including transaction amount, transaction object, transacted commodity, transaction time, and order information (if any).

（15）为了给您提供更好的使用体验，我行会根据您的设备信息（包括：设备平台、设备厂商、设备品牌、设备型号、系统版本、移动设备识别码、设备唯一标识符IDFA/OAID/AAID、设备序列号、运行应用进程信息）、服务日志，经过去标识化处理后，提取您的偏好特征，并基于特征标签的用户画像，用于提供商品信息的最优展示方式以及推送相关内容和服务。用户画像中对个人信息主体的特征描述不包含淫秽、色情、赌博、迷信、恐怖、暴力的内容，不包含表达对民族、种族、宗教、残疾、疾病歧视的内容。 用户画像不会侵害您的合法权益，不会用于危害公家安全、宣扬恐怖主义、民族歧视及其他扰乱社会经济秩序等行为。请注意，用户画像无法精准识别特定自然人身份信息，单独的设备信息、服务日志信息亦无法识别特定自然人身份。如果我行将这类非个人信息与其他信息结合用于识别特定自然人身份，或者将其与个人信息结合使用，则在结合使用期间，这类非个人信息将被视为个人信息，除取得您授权或法律法规另有规定外，我行会将这类信息做匿名化、去标识化处理。
(15) To provide you with a better user experience, we will extract the characteristics of your preferences based on your device information (including device platform, device manufacturer, device brand, device model, system version, mobile equipment identifier, unique device identifier IDFA/OAID/AAID, device serial number, running application and process information) and service logs after de-identification, and rely on user portrait based on characteristic tags to display commodity information in an optimal manner and push related content and services. The description of the characteristics of the personal information subject in the user portrait shall not include obscene, pornographic, gambling, superstitious, terrorist or violent content, or content that indicates discrimination against ethnicity, race, religion, disability or disease. The user portrait will not infringe upon your legitimate rights and interests, and will not be used in a way that may endanger public safety, advocate terrorism or ethnic discrimination, or disrupt the socio-economic order. Please note that the user portrait cannot accurately identify a specific natural person, and separate device information and service log information cannot identify a specific natural person, either. If we combine such non-personal information with other information to identify a specific natural person, or use it in combination with personal information, such non-personal information will be treated as personal information during the combined use. Unless authorized by you or otherwise stipulated by laws and regulations, we will anonymize and de-identify such information.

（16）您在预订如影票、机票、火车票、酒店、景区门票、租车、办理签证时，您还可能需要根据国家法律法规及监管要求或服务提供方（如票务销售方、酒店、旅行社及其授权的代理方、基础电信运营商、移动转售运营商）的要求提供您的实名信息，这些实名信息可能包括您的身份信息（您的身份证、军官证、护照、驾驶证载明您身份的证件复印件或号码）、姓名、电话号码。这些订单中将还可能包含您的行程、酒店地址、预订人身份信息、驾驶员信息、乘机人姓名及证件号、发票配送地址信息、根据签证政策需要您提供的其它个人信息、联系人姓名及电话号码信息。
(16) When you book movie tickets, air tickets, railway tickets, hotels, or tourism entrance tickets, rent cars or apply for a visa, you may also need to provide your real-name information in accordance with national laws, regulations and regulatory requirements or as required by service providers (such as ticket sellers, hotels, travel agencies and their authorized agents, basic telecom operators, mobile telecommunications resale service providers), which may include your identity information (copy and number of your ID card, military officer’s certificate, passport, driver’s license, and other documents stating your identity), name and mobile phone number. These orders may contain your itinerary, hotel address, booker’s identity information, driver information, passenger name and ID number, invoice delivery address information, other personal information required from you according to the relevant visa policy, contact name and phone number.

（17）当您使用中信银行App进行生活缴费或者查询时，如电子社保卡查询、水电费缴费等，我行可能会收集您的身份证件信息、电话号码、住址，并可能需要您授权打开相应的电话权限、通讯录权限，以为您提供更好的服务。
(17) When you spend on living necessities or make inquiries on the China CITIC Bank App, such as electronic social security card inquiry and payment of utility bills, we may collect your identity certificate information, phone number and address, and may require you to grant corresponding phone and phonebook permissions to provide you with better services.

（18）当您通过中信银行电子银行渠道（包括手机银行、网上银行、门户网站、微信银行、小程序，下同）办理申请借记卡或申请/激活信用卡业务时，我行需要您的姓名、证件类型、证件信息、手机号、邮寄地址、银行卡号，以便验证您的身份的真实性。
(18) When you apply for a debit card or apply for/activate a credit card through China CITIC Bank’s e-banking channels (including mobile banking, online banking, portal website, WeChat banking and applet; the same below), we require you to provide your name, ID certificate type, ID certificate information, mobile phone number, mailing address and bank card number to verify the authenticity of your identity.

（19）当您通过中信银行App、中信银行微信公众号、中信银行微信小程序、中信银行发啦微信小程序使用信用卡相关服务时，我行可能需要您的姓名、证件类型、证件信息、手机号、邮寄地址、信用卡号、信用卡额度信息、积分信息、权益信息、年费信息、账单信息，以为您提供更好的服务。
(19) When you use services related to credit cards through the China CITIC Bank App, China CITIC Bank WeChat Official Account, China CITIC Bank WeChat Applet, or China CITIC Bank Fala WeChat Applet, we may require you to provide your name, ID certificate type, ID certificate information, mobile phone number, mailing address, credit card number, credit card line, points, rights, annual fee and bill information to provide you with better services.

（20）当您通过手机银行开薪易功能或中信银行发啦微信小程序使用工资卡办理功能时，我行可能会收集您的姓名、性别、国籍、职业、联系地址、手机号码、证件类型、证件号码、身份证件有效期限、发证机关和税收居民身份，并可能需要您授权打开相机权限，以便验证您的身份的真实性并为您提供更好的服务。
(20) When you apply for a payroll card through the Kaixinyi function of mobile banking or China CITIC Bank Fala WeChat Applet, we may collect your name, gender, nationality, occupation, contact address, mobile phone number, ID certificate type, ID certificate number, validity term and issuing authority of ID certificate and tax residence status, and may require you to allow camera access to verify the authenticity of your identity and provide you with better services.

(21)当您使用中信银行发啦微信小程序接受您所就职企业推送的开卡/绑卡任务进行工资卡办理、工资卡绑定时，我行将依据与您所就职的企业签订的相关合作协议的约定，向您所就职的企业提供您办理/绑定工资卡时在我行预留的手机号、姓名、证件号和银行卡号。
(21) When you use China CITIC Bank Fala WeChat Applet to process the payroll card application or binding tasks pushed by your employer, we will, pursuant to the terms of the relevant cooperation agreement signed with your employer, provide your employer with the mobile phone number, name, ID number, and bank card number reserved at us when you apply for or bind the payroll card.

（22）当您通过中信银行电子银行渠道办理电子账户开通业务时，我行可能会收集您的姓名、性别、国籍、职业、联系地址、手机号码、证件类型、证件号码、身份证件有效期限、发证机关和税收居民身份，并可能需要您授权打开相机权限，以便验证您的身份的真实性并为您提供更好的服务。
(22) When you open an electronic account through China CITIC Bank’s e-banking channels, we may collect your name, gender, nationality, occupation, contact address, mobile phone number, ID certificate type, ID certificate number, validity term and issuing authority of ID certificate and tax residence status, and may require you to allow camera access to verify the authenticity of your identity and provide you with better services.

（23）当您通过中信银行电子银行渠道办理贷款业务时，我行可能会收集您的个人信息，包括姓名、性别、国籍、职业、联系地址、手机号码、证件类型、证件号码、身份证件有效期限、发证机关和税收居民身份，并可能需要您授权打开相机权限，以便通过影像采集、人脸识别等手段验证您的身份真实性并为您提供更好的服务。
(23) When you apply for loans through China CITIC Bank’s e-banking channels, we may collect your personal information, including name, gender, nationality, occupation, contact address, mobile phone number, ID certificate type, ID certificate number, validity term and issuing authority of ID certificate and tax residence status, and may require you to allow camera access to verify the authenticity of your identity by image acquisition, face recognition and other means and provide you with better services.

（24）当您使用中信银行电子银行渠道参加问卷调研时，我行可能会收集您的个人信息，包括年龄、性别、职业，以及您对我行相关产品的使用体验感受，对于收集到的个人信息，仅用于用户体验改善及提升。
(24) When you participate in a questionnaire survey through China CITIC Bank’s e-banking channels, we may collect your personal information, including age, gender and occupation, as well as your experience and feeling in using CITIC’s related products. The personal information collected is only used to improve and enhance the user experience.

（25）当您使用中信银行App中第三方提供的服务时，第三方可能会申请获取您的地理位置、手机号等个人信息；在向第三方提交个人信息之前，请您认真阅读这些第三方的个人信息保护政策。如您已明示同意该第三方可以获取您的个人信息，我行将授予该第三方获得相关信息接口，其可以通过该接口获得您的相关个人信息；对于您在使用第三方提供的服务时主动提供给第三方的相关信息，我行将视为您允许该第三方获取上述此类信息；对于您在使用该第三方服务时产生的信息，应由您与该第三方依法约定上述信息的收集和使用事项。
(25) When you use the services provided by a third party on the China CITIC Bank App, the third party may apply for access to your geographical location, mobile phone number and other personal information. Before submitting personal information to third parties, please carefully read their personal information protection policies. If you have expressly agreed to the access to your personal information by the third party, we will grant the third party interface access to obtain relevant information, through which the third party can obtain your relevant personal information; Your provision of relevant information to the third party when using the services provided by it will be considered as your permission to the third party to obtain the above-mentioned information. You should agree with the third party on the collection and use of the information generated during your use of the third-party service in accordance with the law.

（26）当您在中信银行App上进行人脸识别以核实身份时，您的人脸图像信息会通过摄像头进行采集。如您通过微信小程序使用我行人脸识别服务，我行将在征得您的明示同意后，通过摄像头采集您的识别过程中的音、视频，并存储于我行信息系统后台数据库中。在身份识别与核实过程中，我行通过有权机关（包括但不限于中国人民银行、公安部及其授权机构）查询及使用您的身份信息及人脸照片信息，在必要时，我行会将您的人脸信息发送至上述机构进行核验并接收验证结果。有关具体事项按照您在进行人脸识别时签署的《中信银行人脸识别验证服务用户授权书》执行。
(26) When you verify your identity through face recognition on the China CITIC Bank App, your face image will be collected through the camera. If you use our face recognition service through the WeChat applet, we will collect your audio and video during the recognition process through the camera with your express consent, and store them in the background database of our information system. During the identity recognition and verification process, we will query and use your identity information and facial image data through authorized authorities (including but not limited to the People’s Bank of China, the Ministry of Public Security, and their designated agencies). If necessary, we will transmit your facial image data to these agencies for verification and receive the results. Specific matters will be subject to the “User Authorization Agreement of China CITIC Bank for Facial Recognition Verification Service” that you sign during the facial recognition process.

（27）当您使用中信银行App认购、申购以及定期投资我行自主发行的存款产品、理财产品，或我行代销的由基金（子）公司、理财子公司、保险公司、保险资产管理机构、证券（子）公司、期货（子）公司、信托公司、金融资产投资公司等资管产品管理机构发行的资产管理产品时，按照监管机构与国家有权机关要求，我行将会收集您的业务资料，包括姓名、出生日期、证件信息、个人生物识别信息、通信通讯联系方式、住址、银行卡号/账号、国籍、婚姻状况、学历、职务、收入、邮编、电子邮箱、手机号、税收居民身份信息、客户风险承受能力等级、交易信息、分红方式（如有）、投资者信息、录音录像信息（如有）、交易流程中涉及的交易快照、个人资产信息等购买产品所需的最少必要信息，由中信银行存储、使用和传递给产品管理机构，以便完成资产管理产品的购买以及后续服务的提供。请关注产品说明书或购买协议中披露的产品管理机构名称和联系方式。
(27) When you use the China CITIC Bank App to subscribe, purchase, or regularly invest in deposit products and wealth management products independently issued by us, or asset management products issued by fund companies (or subsidiaries), wealth management companies (or subsidiaries), insurance companies, insurance asset management institutions, securities companies (or subsidiaries), futures companies (or subsidiaries), trust companies, financial asset investment companies, or other asset management product management institutions but distributed by us, we will collect the minimum necessary information required for the purchase of products, including your name, date of birth, identity details, personal biometric data, contact information, address, bank card/account number, nationality, marital status, education level, job title, income, postal code, email address, mobile phone number, tax residency information, risk tolerance level, transaction details, dividend distribution method (if any), investor information, audio/video recordings (if applicable), transaction snapshots involved in the process, personal asset information, and other relevant details. This information will be stored, used, and transmitted by China CITIC Bank to the respective product management institutions to complete the purchase of asset management products and the provision of follow-up services. Please pay attention to the names and contact details of the product management institutions disclosed in the product manual or purchase agreement.

（28）当您使用中信银行App办理家族信托、保险金信托、家庭服务信托等财富管理服务信托和公益慈善信托业务时，我行作为推介机构，将会收集您本人及相关当事人（包括监察人、保单受益人/被保险人及信托受益人）的个人身份信息（国籍（税务居民身份）、地址（通讯地址、工作地址、居住地址）、工作职业（社会身份）、婚姻现状、子女状况、其他近亲属状况、居留权、身份证件信息）、个人财产信息、收入来源、其他您本人交付的用于设立信托的信息/材料、信托合同、指令信息、交易记录、服务记录，由中信银行存储、使用和传递给相关合作机构。您可点击查阅《合作机构名称和联系方式》了解合作机构详情。我们会在您申请办理本业务之前单独征求您的同意，具体详见该业务的个人信息处理规则。
(28) When you use the China CITIC Bank App to handle family trusts, life insurance trusts, family service trusts, or other wealth management service trusts and charitable and public welfare trusts, we, as a promotion agency, will collect the personal identity information (nationality (tax residency status), address (address for communication, work, and residence), employment (social identity), marital status, child-related details, other immediate family conditions, residence permits, and identity document details), personal property information, sources of income, other information/materials you provide for establishing the trust, trust contracts, instructions, transaction records, and service records of you and relevant parties (including supervisors, policy beneficiaries/insured persons, and trust beneficiaries). This information will be stored, used, and transmitted by China CITIC Bank to relevant partners. You can click to view the “Names and Contact Information of Partners” for more details about the partners. We will seek your consent before you apply for these services. For further details, please refer to the personal information processing rules applicable to these services.

（29）当您在中信银行App上使用语音服务时，您的声音信息会通过麦克风进行采集。如您通过人工客服使用我行语音服务，我行将在征得您的明示同意后，通过麦克风采集您的声音信息，对于收集到的声音信息，仅用于识别您的意图。我行仅在法律、法规、监管要求的期限内，以及为实现本政策声明的目的所必须的最短时限内保留您的声音信息。
(29) When you use the voice service on the China CITIC Bank App, your voice information will be collected through the microphone. If you use our voice service through human customer service, we will collect your voice information through the microphone with your express consent, and the voice information collected will be used only for the purpose of identifying your intention. We will only retain your voice information for a period required by laws, regulations and regulatory requirements, or for the shortest period required to achieve the purposes stated herein.

（30）当您使用手机银行智慧缴费功能或智慧缴费小程序时，我行会收集您的姓名、手机号码、短信验证码、证件类型、证件号码、银行卡号/账号，用于智慧缴费登录、缴费信息查询、在线缴费、缴费记录查询、关联缴费人、代收签约/解约用途。
(30) When you use the Smart Payment function of mobile banking or the Smart Payment Applet, we will collect your name, mobile phone number, SMS verification code, ID certificate type, ID certificate number, and bank card/account number for purposes such as Smart Payment login, bill inquiry, online payment, payment record lookup, payer association, and signing/unsubscribing for collection services.

（31）当您使用手机银行工会费、团费交纳功能或团费通小程序时，我行会收集您的姓名、手机号码、证件类型、证件号码、短信验证码、银行卡号/账号，用于工会费、团费交纳信息查询和工会费、团费交纳用途。
(31) When you use the Union Fee or League Membership Due Payment function of mobile banking or the League Membership Due Applet, we will collect your name, mobile phone number, ID certificate type, ID certificate number, SMS verification code, and bank card/account number for purposes such as querying union fee and league due payment information and paying union fees and league dues.

（32）当您使用手机银行党费交纳功能或党费通小程序时，我行会收集您的姓名、手机号码、证件类型、证件号码、短信验证码、银行卡号/账号，用于党费交纳信息查询和党费交纳用途。
(32) When you use the Party Membership Due Payment function of mobile banking or the Party Membership Due Applet, we will collect your name, mobile phone number, ID certificate type, ID certificate number, SMS verification code, and bank card/account number for querying Party membership due payment information and paying Party membership dues.

（33）当您使用全付通小程序时，我行会收集您的手机号、地理位置、银行卡号/账号，用于验证您的身份、为您展示附近商户信息及使用相关支付服务。
(33) When you use the All-Pay Applet, we will collect your mobile phone number, geographic location, and bank card/account number to verify your identity, display nearby merchant information, and provide related payment services.

3.当您使用中信银行App的功能或服务时，在某些特定使用场景下，我行可能会使用具有相应业务资质及能力的第三方服务商提供的软件服务工具包（简称“SDK”）来为您提供服务。中信银行App中接入的第三方服务商的SDK的情况如下：
3. When you use the functions or services of the China CITIC Bank App we may use software development kits (“SDKs”) provided by qualified and competent third-party service providers to serve you, in certain specific usage scenarios. The SDKs of third-party service providers accessed by the China CITIC Bank App are listed as follows:

（1）小米推送SDK（小米科技有限责任公司，联系方式：4001005678）：为了向您及时推送服务通知，小米推送SDK需要申请您的手机终端的存储权限、网络通讯权限、电话状态权限、震动权限和获取任务信息权限，来获取该终端的设备信息、应用信息、推送SDK版本号、网络信息、消息发送结果、通知栏状态和锁屏状态，用于实现小米手机的App推送服务。当APP打开或关闭时您均能够接受消息推送信息。https://dev.mi.com/console/doc/detail?pId=1822。
(1) Xiaomi Push SDK (Xiaomi Technology Co., Ltd. Tel: 4001005678). To push service notifications to you without delay, Xiaomi Push SDK needs to apply for the memory, network communication, phone state, vibration and obtaining task information permissions of your mobile terminal to obtain its device information, application information, push SDK version number, network information, result of message delivery, notification bar status and screen lock state to enable the App push service on Xiaomi mobile phones. You can receive push notifications when the APP is opened or closed. https://dev.mi.com/console/doc/detail?pId=1822.

（2）华为推送SDK（华为软件技术有限公司，联系方式：950800）：为了向您及时推送服务通知，我们使用了华为推送SDK，该SDK需要获取您的手机终端唯一标志信息（IMEI号）、网络通讯权限，用于实现华为手机的App的推送服务。当APP打开或关闭时您均能够接受消息推送信息。https://developer.huawei.com/。。
(2) Huawei Push SDK (Huawei Software Technology Co., Ltd. Tel: 950800). To push service notifications to you without delay, we use the Huawei Push SDK. The SDK needs to obtain the unique identifier (IMEI number) and network communication permission of your mobile terminal to enable the App push service on Huawei mobile phones. You can receive push notifications when the APP is opened or closed. https://developer.huawei.com/.

（3）极光推送SDK（深圳市和讯华谷信息技术有限公司，联系方式：4008882376）：为了向您及时推送服务通知，实现App推送服务，极光推送SDK需要申请您的手机终端的网络访问权限、设备信息权限和位置权限，来获取设备参数及系统信息(设备类型、设备型号、系统版本及相关硬件信息)，用于识别用户的设备类型、设备型号、系统版本等，确保消息准确下发；获取设备标识符（IMEI、IDFA、Android ID、GAID、 MAC、OAID、VAID、AAID、IMSI、MEID、UAID、硬件序列号信息、ICCID、SIM信息），用于识别唯一用户，保证推送的精准送达及推送信息的准确统计；获取网络信息(IP 地址、WiFi 信息、基站信息、DNS地址、DHCP地址、SSID、BSSID)与位置信息（经纬度），用于优化SDK与极光服务器的网络连接请求，保证服务的稳定性和连续性，同时实现区域推送功能；获取应用列表信息(应用崩溃信息、通知开关状态、APP 应用列表及活跃状态、APP 应用页面信息、APP 功能事件相关信息)，当一个设备有多个 APP 的推送链路同时活跃时，我们采用合并链路技术，随机合并成一条链路，以达到为用户省电省流量的目的；获取推送日志信息，以便开发者查询使用推送服务记录，了解推送信息送达的情况，调整推送策略。另外，为了避免网络波动影响消息送达，该SDK在建立长连接、重新连接、更新配置或数据上报时，会进行网络状态判断（包括App处于静默或后台时）。当APP打开或关闭时您均能够接受消息推送信息。https://www.jiguang.cn/license/privacy。
(3) Jiguang Push SDK (Shenzhen Hexun Huagu Information Technology Co., Ltd. Tel: 4008882376). To push service notifications to you without delay and enable App push service, Jiguang Push SDK needs to apply for thenetwork access, device information and location permissions of your mobile terminal to obtain device parameters and system information (device type, device model, system version, and related hardware information), which will be used to identify the user’s device type, device model, system version, etc., to ensure accurate message delivery; obtain device identifiers (IMEI, IDFA, Android ID, GAID, MAC, OAID, VAID, AAID, IMSI, MEID, UAID, hardware serial number, ICCID, SIM information), which will be used to identify unique users, to ensure accurate delivery of push and accurate statistics of push messages; obtain network information (IP address, WiFi information, base station information, DNS address, DHCP address, SSID, BSSID) and location information (latitude and longitude), which will be used to optimize the network connection request between the SDK and the Jiguang server, to ensure the stability and continuity of the service, and enable the regional push function; obtain the application list information (APP crash information, notification switch status, APP list and active status, APP page information, APP function event related information): when multiple APP push links are active at the same time on one device, we use merging link technology to randomly merge them into one link to save electricity and traffic for users; obtain push log information so that developers can query and use push service records, understand the delivery status of push messages, and adjust push strategies. In addition, to avoid the impact of network churns on message delivery, the SDK will determine the network state when it establishes a long-running connection, reconnects, updates configurations, or reports data (including when the App is silent or goes background). You can receive push notifications when the APP is opened or closed. https://www.jiguang.cn/license/privacy.

（4）OPPO推送SDK（广东欢太科技有限公司，联系方式：9501）：为了向您及时推送服务通知，我们使用了OPPO推送SDK，该SDK需要获取您的自定义接收消息权限，网络通讯权限，用于实现OPPO手机的App推送服务。当APP打开或关闭时您均能够接受消息推送信息。https://open.oppomobile.com/new/developmentDoc/info?id=10288。
(4) OPPO Push SDK (Guangdong OPPO Mobile Telecommunications Corp. Ltd. Tel: 9501). To push service notifications to you without delay, we use the OPPO push SDK. The SDK needs to obtain your custom message receipt and network communication permissions to enable the App push service on OPPO mobile phones. You can receive push notifications when the APP is opened or closed. https://open.oppomobile.com/new/developmentDoc/info?id=10288.

（5）VIVO推送SDK（维沃通信科技有限公司，联系方式：4006789688）：为了向您及时推送服务通知，我们使用了VIVO推送SDK，该SDK需要获取您的存储权限、网络通讯权限，用于实现VIVO手机的App推送服务。当APP打开或关闭时您均能够接受消息推送信息。https://dev.vivo.com.cn/documentCenter/doc/652。
(5) VIVO Push SDK (Vivo Communication Technology Co., Ltd. Tel: 4006789688). To push service notifications to you without delay, we use the VIVO push SDK. The SDK needs to obtain your memory and network communication permissions to enable the App push service on VIVO mobile phones. You can receive push notifications when the APP is opened or closed. https://dev.vivo.com.cn/documentCenter/doc/652.

（6）魅族推送SDK（珠海市魅族通讯设备有限公司，联系方式：400-788-3333）：为了向您及时推送服务通知，我们使用了魅族推送SDK，该SDK需要获取您的电话状态权限、网络通讯权限，用于实现魅族手机的App推送服务。当APP打开或关闭时您均能够接受消息推送信息。http://open.flyme.cn/docs?id=202。
(6) Meizu Push SDK (Zhuhai Meizu Communication Equipment Co., Ltd. Tel: 400-788-3333). To push service notifications to you without delay, we use the Meizu push SDK. The SDK needs to obtain your phone state and network communication permissions to enable the App push service on Meizu mobile phones. You can receive push notifications when the APP is opened or closed. http://open.flyme.cn/docs?id=202.

（7）荣耀推送SDK（深圳荣耀软件技术有限公司，联系方式：95030）：为了向您及时推送服务通知，我们使用了荣耀推送SDK，该SDK需要获取您的设备标识符（AAID、PushToken）、网络通讯权限，用于实现荣耀手机的APP推送服务。当APP打开或关闭时您均能够接受消息推送信息。https://developer.hihonor.com/cn/。
(7) Honor Push SDK (Shenzhen Honor Software Technologies Co., Ltd., Tel: 95030). To push service notifications to you without delay, we use the Honor Push SDK. The SDK needs to obtain your device identifiers (AAID, PushToken) and network communication permission to enable the App push service on Honor mobile phones. You can receive push notifications when the APP is opened or closed. https://developer.hihonor.com/cn/.

（8）性能监控SDK（北京博睿宏远数据科技股份有限公司，联系电话：4006808085）：为了向您提供性能监控服务，我们使用了性能监控SDK，该SDK需要获取您的电话状态权限、定位权限、蓝牙权限、网络通讯权限和存储权限，来获取该终端的设备信息：Android ID、IMSI、IMEI、蓝牙状态、运行应用进程信息，用于收集App崩溃信息，判断用户GPS状态，收集手机银行App崩溃信息、App内H5性能问题定位分析或网络通信异常信息，定位用户所属省份，提升运行稳定性。另外，为了记录App网络环境，该SDK会持续监测设备网络质量（包括App处于静默或后台时）。https://doc.bonree.com/sdk/help/privacy_policy/privacy_policy.html。
(8) Performance Monitoring SDK (Beijing Borui Hongyuan Data Technology Co., Ltd. Tel: 4006808085). To provide you with the performance monitoring service, we use the performance monitoring SDK. The SDK needs to obtain the phone state, location, Bluetooth, network communication and memory permissions of your mobile terminal to obtain its device information (Android ID, IMSI, IMEI) and running and application process information, collect App crash information, judge the user’s GPS status, collect the crash information, H5 performance problem location and analysis or abnormal network communication information of the mobile banking App, and locate the province where the user resides, thus improving the running stability. In addition, to record the App’s network environment, the SDK will continue to monitor the device’s network quality (including when the App is silent or goes background). https://doc.bonree.com/sdk/help/privacy_policy/privacy_policy.html.

（9）百度地图SDK（北京百度网讯科技有限公司，联系方式：4000998998）：为了向您提供基于位置的服务，百度地图SDK需要申请您的手机终端的定位权限、网络通讯权限、存储权限和传感器权限，来获取该终端的WI-FI状态、电话状态、网络类型、WI-FI DHCP信息、BSSID、位置信息、Mac地址、网络状态、IP地址列表、应用安装列表和运行应用进程信息，用于实现定位功能。https://lbsyun.baidu.com/index.php?title=openprivacy。
(9) Baidu Map SDK (Beijing Baidu Netcom Science and Technology Co., Ltd. Tel: 4000998998). To provide you with location-based services, Baidu Map SDK needs to apply for the location, network communication, memory and sensor permissions of your mobile terminal to obtain its WI-FI status, phone state, network type, WI-FI DHCP information, BSSID, location information, MAC address, network state, IP address list, application installation list and running application process information to enable the location function.https://lbsyun.baidu.com/index.php?title=openprivacy.

（10）电子社保卡SDK（金保信社保卡科技有限公司，联系方式：4006062540868）：该SDK中引用了平安云SDK（平安科技（深圳）有限公司，联系方式：4001518800）、娜迦加固SDK（北京娜迦信息科技发展有限公司，联系方式：010-53604725）。为了向您提供电子社保卡相关服务，上述SDK需要收集您的姓名、社会保障号、手机号，同时会申请获取您的手机终端的存储权限、网络通讯权限、相机权限、震动权限和屏幕保持权限，用于实现电子社保卡相关功能。https://ssc.mohrss.gov.cn/protocol-h5/index.html#/protocol/1?client=5。
(10) Electronic Social Security Card SDK (Jinbaoxin Social Security Card Technology Co., Ltd. Tel: 4006062540868), Ping An Cloud SDK (Ping An Technology (Shenzhen) Co., Ltd. Tel: 4001518800), Naga Reinforcement SDK (Beijing Naga Information Technology Development Co., Ltd. Tel: 010-53604725). To provide you with services related to electronic social security cards, the above three SDKs need to collect your name, social security number and mobile phone number, and will apply for memory, network communication, camera, vibration and screen holding permissions of your mobile terminal to enable functions related to electronic social security cards. https://ssc.mohrss.gov.cn/protocol-h5/index.html#/protocol/1?client=5.

（11）声网音视频SDK（上海兆言网络科技有限公司，联系方式：4006326626）：为了向您提供视频客服服务，声网音视频SDK需要获取您的手机终端的相机权限和麦克风权限，用于实现视频对话功能。https://www.agora.io/cn/privacy-policy。
(11) Agora Audio and Video SDK (Shanghai Zhaoyan Network Technology Co., Ltd. Tel: 4006326626). To provide you with video customer service, the Agora Audio and Video SDK needs to obtain the camera and microphone permissions of your mobile terminal to enable the video conversation function. https://www.agora.io/cn/privacy-policy.

（12）微信SDK（深圳市腾讯计算机系统有限公司，联系方式:4006700700）：为了方便您使用分享功能，微信SDK需要申请您的手机终端的电话状态权限和网络通讯权限，来获取该终端的设备信息（Mac地址、应用安装列表）和网络信息，用于实现一键分享功能。当APP关闭时，您能够通过微信内分享信息打开手机银行APP。https://support.weixin.qq.com/cgi-bin/mmsupportacctnodeweb-bin/pages/RYiYJkLOrQwu0nb8。
(12) WeChat SDK (Shenzhen Tencent Computer Systems Company Limited. Tel: 4006700700). To facilitate your use of sharing function, the WeChat SDK needs to apply for the phone state and network communication permissions of your mobile terminal to obtain its device information (Mac address, application installation list) and network information to enable the one-click sharing function. When the APP is closed, you can open the Mobile Banking APP by sharing information within WeChat. https://support.weixin.qq.com/cgi-bin/mmsupportacctnodeweb-bin/pages/RYiYJkLOrQwu0nb8.

（13）支付宝SDK（支付宝（杭州）信息技术有限公司，联系方式：4007585858）：为了方便您使用分享功能、口碑领券功能，支付宝SDK需要申请您的手机终端的存储权限。https://opendocs.alipay.com/open/54/01g6qm。
(13) Alipay SDK (Alipay (Hangzhou) Information Technology Co., Ltd. Tel: 4007585858). To facilitate your use of the sharing, word of mouse voucher collection functions, the Alipay SDK needs to apply for the memory permission of your mobile terminal. https://opendocs.alipay.com/open/54/01g6qm.

（14）EasyAR SDK（视辰信息科技（上海）有限公司，联系方式：4009010688）：为了向您提供AR扫描服务，EasyAR SDK需要获取您的手机终端的相机权限和网络通讯权限，用于实现AR扫描功能。https://www.easyar.cn/view/privacyPolicy.html。
(14) EasyAR SDK (VisionStar Information Technology Shanghai Co. Ltd. Tel: 4009010688). To provide you with the AR scanning service, the EasyAR SDK needs to obtain the camera and network communication permissions of your mobile terminal to enable the AR scanning function. https://www.easyar.cn/view/privacyPolicy.html.

（15）腾讯ASR SDK（腾讯云计算（北京）有限责任公司，联系方式：95716）：为了向您提供带有语音交互的客服服务，腾讯ASR SDK需要获取您的手机终端的麦克风权限、储存权限和电话状态权限，用于实现语音识别及交互功能。https://cloud.tencent.com/document/product/1093/73072。
(15) Tencent ASR SDK (Tencent Cloud Computing (Beijing) Co., Ltd. Tel: 95716). To provide you with voice interaction customer service, Tencent ASR SDK needs to obtain the microphone, memory and phone state permissions of your mobile terminal to enable voice recognition and interaction functions. https://cloud.tencent.com/document/product/1093/73072.

（16）OCR识别SDK（北京易道博识科技有限公司，联系方式：4009669910）：为了向您提供身份证和银行卡识别服务，OCR识别SDK需要获取您的手机终端的相机权限，用于实现拍照识别功能。https://id.exocr.com/privacy_policy.htm。
(16) OCR SDK (Beijing Yidao Boshi Technology Co., Ltd. Tel: 4009669910). To provide you with ID card and bank card recognition services, the OCR Recognition SDK needs to obtain the camera permission of your mobile terminal to enable the photographing recognition function. https://id.exocr.com/privacy_policy.htm.

（17）FIDO SDK（国民认证科技（北京）有限公司，联系方式：010-82900030）：为了向您提供指纹登录手机银行功能，FIDO SDK需要收集您的手机终端的设备信息，同时会申请获取该终端的电话状态权限、指纹或人脸识别权限，用于实现指纹或人脸识别功能。http://www.gmrz-bj.com/article.php?id=96。
(17) FIDO SDK (National Certified Technology (Beijing) Co., Ltd. Tel: 010-82900030). To provide you with the fingerprint login for the mobile banking function, FIDO SDK needs to collect the device information of your mobile terminal, and apply for its phone state, fingerprint or face recognition permissions to realize the fingerprint or face recognition function. http://www.gmrz-bj.com/article.php?id=96.

（18）蓝牙Key天地融 SDK（天地融科技股份有限公司，联系方式：010-82068888）：为了向您提供我行蓝牙Key天地融相关功能，蓝牙key天地融 SDK需要获取您的手机终端的蓝牙权限，用于实现手机终端与蓝牙Key配对功能。http://www.tendyron.com。
(18) Bluetooth Key Tendyron SDK (Tendyron Corporation, Tel: 010-82068888). To provide you with functions related to our Bluetooth Key Tendyron, the Bluetooth Key Tendyron SDK needs to obtain the Bluetooth permission of your mobile terminal to enable the pairing between the mobile terminal and the Bluetooth Key. http://www.tendyron.com.

（19）蓝牙Key握奇 SDK（北京握奇数据股份有限公司，联系方式：4008186655）：为了向您提供我行蓝牙Key握奇相关功能，蓝牙Key握奇SDK需要获取您的手机终端的蓝牙权限，用于实现手机终端与蓝牙Key配对功能。https://www.watchdata.com.cn/privacy-policy/
(19) Bluetooth Key Watch SDK (Beijing WatchSmart Technologies Co., Ltd. Tel: 4008186655). To provide you with functions related to our Bluetooth Key Watchdata, the Bluetooth Key Watch SDK needs to obtain the Bluetooth permission of your mobile terminal to enable the pairing between the mobile terminal and the Bluetooth Key. https://www.watchdata.com.cn/privacy-policy/.

（20）Face++ SDK（北京旷视科技有限公司，联系方式：4006700866）：为了向您提供更为安全的交易验证手段，Face++ SDK需要获取您的手机终端的相机权限和存储权限，用于实现生物识别功能。https://www.megvii.com/privacy_policy。
(20) Face++ SDK (Beijing Megvii Technology Co., Ltd. Tel: 4006700866). To provide you with a more secure transaction verification method, Face++ SDK needs to obtain the camera and memory permissions of your mobile terminal to enable the biometric identification function. https://www.megvii.com/privacy_policy.

（21）语音播报SDK（科大讯飞股份有限公司，联系方式：4000199199）：为了向您提供语音播报服务，语音播报SDK需要获取您的手机终端的麦克风权限、读写存储权限和网络权限，用于实现语音播报功能。https://www.xfyun.cn/doc/policy/privacy.html。
(21) Voice Broadcast SDK (iFLYTEK Co., Ltd. Tel: 4000199199). To provide you with voice broadcast services, the Voice Broadcast SDK needs to obtain the microphone, read and write memory and network permissions of your mobile terminal to enable the voice broadcast function. https://www.xfyun.cn/doc/policy/privacy.html.

（22）建投开户SDK（中信建投证券股份有限公司，联系方式：4008888108）：该SDK中引用了语音SDK（阿里云计算有限公司，联系方式：4008013260）、思迪SDK（深圳市思迪信息技术股份有限公司，联系方式：0755-86030030）。为了向您提供证券经纪服务，中信建投证券提供的以上SDK需要获取您的定位、相机、相册、麦克风、摄像头、存储权限和网络权限，以及设备信息（设备型号、系统版本、IMEI、IMSI、MEID、MAC地址、BSSID、SSID、Android_ID）、网络类型、运营商信息、SIM信息、IP地址、运行中进程信息、应用安装列表。用于完成开户流程中的手机号注册、身份证拍摄以及视频见证步骤。https://www.csc108.com/doc/gwysxy.pdf。
(22) CSC Account Opening SDK (China Securities Co., Ltd. Tel: 4008888108). The SDK cites Voice SDK (Alibaba Cloud Computing Ltd., Tel: 4008013260), Thinkive SDK (Shenzhen Thinkive Information Technology Co., Ltd., Tel: 0755-86030030). To provide you with securities brokerage services, the above SDKs provided by China Securities Co., Ltd. (CSC) need to obtain your location, camera, album, microphone, camera, memory and network permissions, and device information (device model, system version, IMEI, IMSI, MEID, MAC address, BSSID, SSID, Android_ID), network type, operator information, SIM information, IP address, running process information and application installation list to complete the registration of mobile phone number, ID card photographing and video-witnessing steps in the account opening process. https://www.csc108.com/doc/gwysxy.pdf.

（23）证联监管沙箱 SDK（珠海凡泰极客科技有限责任公司，联系方式：0755-86967467）：该SDK中引用了腾讯浏览服务SDK（深圳市腾讯计算机系统有限公司，联系方式:4006700700）。为了向您提供证券经纪服务，以上两个SDK需要收集您的手机型号、操作系统版本、设备配置、唯一设备标识符、IMEI、MAC地址、IDFV、公网IP、ICCID、IMSI，同时会申请获取您的定位、相机、相册、麦克风、存储权限、电话状态权限和网络权限，来识别唯一用户，用于H5业务留痕及获取该终端的设备信息：手机型号、操作系统版本、设备配置、唯一设备标识符、IMEI、MAC地址、IDFV、公网IP、ICCID、IMSI、运行应用进程信息，用于证券开户、业务办理及证券行业监管要求的留痕和信息上报。https://www.finclip.com/mop/document/operate/privacy-policy.html。
(23) Zhenglian Regulatory Sandbox SDK (Zhuhai Finogeeks Technology Co., Ltd. Tel: 0755-86967467), Tencent Browsing Service SDK (Shenzhen Tencent Computer Systems Company Limited, Tel: 4006700700). To provide you with securities brokerage services, the above two SDKs need to collect your mobile phone model, operating system version, device configuration, unique device identifier, IMEI, MAC address, IDFV, public network IP, ICCID, IMSI, and will apply for obtaining your location, camera, album, microphone, memory, phone state and network permissions to identify a unique user for H5 business tracing and to obtain device information of the terminal: mobile phone model, operating system version, device configuration, unique device identifier, IMEI, MAC address, IDFV, public network IP, ICCID, IMSI, running application and process information for securities account opening, business handling, and marking and information reporting under regulatory requirements of the securities industry. https://www.finclip.com/mop/document/operate/privacy-policy.html.

（24）企业微信SDK（深圳市腾讯计算机系统有限公司，联系方式:4006700700）：为了方便您使用分享功能，企业微信SDK需要申请您的手机终端的存储权限。https://work.weixin.qq.com/nl/privacy。
(24) Enterprise WeChat SDK (Tencent, Tel: 4006700700): To facilitate your use of the sharing function, the Enterprise WeChat SDK needs to apply for the memory permission of your mobile terminal. https://work.weixin.qq.com/nl/privacy.

（25）云闪付SDK（中国银联股份有限公司，联系方式：95516）：为了向您提供云支付功能，需要使用云闪付SDK，此SDK需要获取您手机终端的NFC权限、存储权限、网络权限、电话状态权限。https://yunshanfu.unionpay.com/privacy/2。
(25) Cloud QuickPass SDK (China UnionPay Co., Ltd. Tel: 95516). To provide you with the cloud-linked payment service, the Cloud QuickPass SDK is used to obtain the NFC, memory, network and phone state permissions of your mobile terminal. https://yunshanfu.unionpay.com/privacy/2.

（26）安全检测SDK（北京梆梆安全科技有限公司，联系方式：4008881881）：为了向您提供安全检测服务，需要使用安全检测SDK获取您的手机终端的电话状态权限，来获取该终端的设备信息：IMSI，用于登录、转账风控。https://www.bangcle.com。
(26) Security Detection SDK (Beijing Bangcle Security Technology Limited, Tel: 4008881881). To provide you with the security detection service, the Security Detection SDK needs to obtain the phone state permission of your mobile terminal to obtain its device information (IMSI) to control login and money transfer risks. https://www.bangcle.com.

（27）加固SDK（北京梆梆安全科技有限公司，联系方式：4008881881）：为了向您提供安全的App服务，我们使用了梆梆加固SDK，此SDK需要获取您电话状态、手机号码、短信、电话状态权限，来获取该终端的设备信息：Android ID、IMSI、IMEI，用于防止安卓App被破解、反编译、二次打包等威胁。https://www.bangcle.com。
(27) Reinforcement SDK (Beijing Bangcle Security Technology Limited, Tel: 4008881881). To provide you with secure App services, we use the Bangcle Reinforcement SDK. The SDK needs to obtain the phone state, mobile phone number, SMS and phone state permissions of your mobile terminal to obtain its device information (Android ID, IMSI and IMEI) to prevent Android Apps from cracking, decompiling, repackaging and other threats. https://www.bangcle.com.

（28）积存金SDK（杭州时代银通软件股份有限公司，联系方式：0571-88999696）。为了向您提供积存金功能，需要使用此SDK，进行积存金行情图绘制；该SDK不获取您的个人信息。http://www.erayt.com/ytsoft/index.html
(28) Gold Accumulation SDK (Hangzhou Era Yintong Software Co., Ltd., Tel: 0571-88999696). To provide you with the gold accumulation function, the SDK is used to plot the gold accumulation market graph; it does not obtain your personal information. http://www.erayt.com/ytsoft/index.html

（29）云闪付网络支付SDK（中国银联股份有限公司，联系方式：95516）：该SDK中引用了数美SDK（北京数美时代科技有限公司，联系方式：4006103866）、高德地图SDK（高德软件有限公司，联系方式：4008100080）、腾讯扫码SDK（腾讯云计算（北京）有限责任公司，联系方式：95716）、本机号校验SDK（云南南天电子信息产业股份有限公司，联系方式：0871-63332302）、神策SDK（神策网络科技（北京）有限公司，联系方式：400-650-9827）。为了向您提供云闪付网络支付服务，上述SDK需要获取您的手机终端的设备型号、系统版本、手机型号、序列号、Android ID、MAC地址、网络信息(IP 地址、WiFi 信息、SSID、BSSID)、IMEI信息、IMSI信息、GPS定位信息、面部识别特征，同时会申请获取您的电话状态权限、位置权限、相机权限和存储权限，用于实现银联提供的二维码支付、远程控件支付、卡片管理功能。为实现数据埋点采集的需求，了解您的各项操作行为情况并为您提供更优质的产品服务，若您是iOS用户，我们收集您的设备型号、系统版本号、屏幕高度、屏幕宽度、WIFI连接情况、运营商名称、应用版本号、应用名称信息，若您是安卓用户，我们收集您的操作系统、操作系统版本、设备型号、系统版本号、屏幕高度、屏幕宽度、WIFI连接情况、运营商名称、应用版本号、设备ID、设备类型、操作日志信息、SDK版本、设备制造商、网络类型信息、IMSI、应用列表、AndroidID。https://yunshanfu.unionpay.com/privacy/2。
(29) Cloud QuickPass Online Payment SDK (China UnionPay Co., Ltd. Tel: 95516), Shumei SDK (Beijing Shumei Times Technology Co., Ltd. Tel: 4006103866), Gaode Map SDK (AutoNavi Software Co., Ltd. Tel: 4008100080), Tencent QR Code Scanning SDK (Tencent Cloud Computing (Beijing) Co., Ltd. Tel: 95716), Own Number Verification SDK (Yunnan Nantian Electronics Information Co., Ltd. Tel: 0871-63332302), Sensors SDK (Sensors Network Technology (Beijing) Co., Ltd. Tel: 400-650-9827). To provide you with Cloud QuickPass online payment service, the above SDKs need to obtain the device model, system version, phone model, serial number, Android ID, MAC address, network information (IP address, WiFi information, SSID, and BSSID), IMEI, IMSI, GPS location and facial recognition features of your mobile terminal, and apply for its phone state, location, camera and memory permissions to enable the QR code payment, remote control payment, and card management functions provided by UnionPay. To meet the needs of data buried point acquisition, understand your various operations and provide you with better product services, if you are an iOS user, we will collect your device model, system version number, screen height, screen width, WI-FI connection status, operator name, application version number and application name; if you are an Android user, we will collect your operating system, operating system version, device model, system version number, screen height, screen width, WIFI connection status, operator name, application version number, device ID, device type, operation logs, SDK version, device manufacturer, network type, IMSI, list of applications and Android ID. https://yunshanfu.unionpay.com/privacy/2.

（30）腾讯QQ SDK（深圳市腾讯计算机系统有限公司，联系方式:4006700700）：为了方便您使用分享功能，腾讯QQ SDK需要申请您手机终端的存储权限、电话状态权限和网络通讯权限，来获取该终端的设备信息和网络信息，用于实现一键分享功能。https://wiki.connect.qq.com/qq%e4%ba%92%e8%81%94sdk%e9%9a%90%e7%a7%81%e4%bf%9d%e6%8a%a4%e5%a3%b0%e6%98%8e。
(30) Tencent QQ SDK (Tencent, Tel: 4006700700). To facilitate your use of the sharing function, the Tencent QQ SDK needs to apply for the memory, phone state and network communication permissions of your mobile terminal to obtain its device and network information to enable the one-click sharing function. https://wiki.connect.qq.com/qq%e4%ba%92%e8%81%94sdk%e9%9a%90%e7%a7%81%e4%bf%9d%e6%8a%a4%e5%a3%b0%e6%98%8e.

（31）智能双录SDK（北京思图场景数据科技服务有限公司，联系方式：010-56247920）：为了向您提供智能双录服务，智能双录SDK需要获取您的手机终端的相机权限、麦克风权限、相册权限、语音权限、定位权限、前台服务权限、文件读写权限用于实现远程录音录像功能。http://www.situdata.com/#/。
(31) Smart Audio and Video Recording SDK (Beijing Situ Scene Data Technology Service Co., Ltd. Tel: 010-56247920). To provide you with smart audio and video recording services, the Smart Audio and Video Recording SDK needs to obtain the camera, microphone, album, voice, location, foreground service and file reading and writing permissions of your mobile terminal to enable the remote audio and video recording function. http://www.situdata.com/#/.

（32）银联出行SDK（中国银联股份有限公司，联系方式：95516）：该SDK中引用了网易易盾SDK（杭州网易智企科技有限公司，联系方式：95163223）。为了向您提供银联乘车码服务，上述SDK需要获取您的手机终端的设备型号、系统版本、手机型号、序列号、MAC地址、IP地址、IMEI信息、IMSI信息、GPS定位信息、AndroidID、MEID、IDFV、IDFA，同时会申请获取您的位置权限、相机权限和存储权限，用于实现地铁乘车码的二维码支付、卡片管理功能。https://user.95516.com/pages/misc/newAgree.html。同时，为了保证数据和用户信息安全，防止银联出行SDK中乘车码签名密钥、授权信息等数据泄露或被恶意篡改，银联出行SDK使用了网易易盾SDK提供的安全加固服务，对SDK中乘车码数据和信息进行安全加密保护。https://dun.163.com/clause/privacy。
(32) UnionPay Travel SDK (China UnionPay Co., Ltd. Tel: 95516). NetEase Yidun SDK (Hangzhou NetEase Zhiqi Technology Co., Ltd. Tel: 95163223). To provide you with the UnionPay Transit QR Code service, the above SDKs need to obtain the device model, system version, phone model, serial number, MAC address, IP address, IMEI, IMSI, GPS location, Android ID, MEID, IDFV and IDFA of your mobile terminal, and will apply for its location, camera and memory permissions to enable the payment by Transit QR Code for subway and card management functions. https://user.95516.com/pages/misc/newAgree.html. Meanwhile, to ensure the security of data and user information, and prevent the signing key and authorization information of the Transit QR Code and other data in the UnionPay Travel SDK from leakage or malicious modification, the UnionPay Travel SDK uses the security reinforcement service provided by the NetEase Yidun SDK to encrypt and protect the data and information of the Transit QR Code in the SDK. https://dun.163.com/clause/privacy.

（33）中信财富广场SDK（中信科技发展有限公司，联系方式：95558-9-8）：该SDK中引用了彩虹数据采集SDK（中信科技发展有限公司，联系方式：95558-9-8）、百度数字人SDK（北京百度网讯科技有限公司，联系方式：400-920-8999）、jackson SDK（开源）。为了向您提供中信财富广场相关服务，上述SDK需要收集您的姓名、手机号、证件类型、证件号码、资产信息、负债信息、信用卡待还款信息、保单信息、财富广场行为信息，同时会申请获取您的手机终端的麦克风、相机、相册和网络通讯权限，用于用户在中信财富广场的登录、注册、实名功能，及财富广场为用户提供的资产视图查询、数字人、在线客服、用户头像维护功能。https://wealthplaza.cfhc.citic/pages/public/privacy.html。
(33) CITIC Wealth Plaza SDK (CITIC Technology Development Co., Ltd. Tel: 95558-9-8): The SDK cites Rainbow Data Collection SDK (CITIC Technology Development Co., Ltd. Tel: 95558-9-8), Baidu Digital Human SDK (Beijing Baidu Netcom Science and Technology Co., Ltd. Tel: 400-920-8999), and jackson SDK (open source). To provide you with services related to CITIC Wealth Plaza, the above SDKs need to collect your name, mobile phone number, type and ID number, asset information, liability information, amount to be repaid of credit card, policy information and actions in Wealth Plaza, and will apply for obtaining the microphone, camera, album and network communication permissions of your mobile terminal to enable user login, registration, and real-name functions in CITIC Wealth Plaza, as well as the asset view query, digital human, online customer service, and user avatar maintenance functions provided by Wealth Plaza. https://wealthplaza.cfhc.citic/pages/public/privacy.html.

（34）移动安全联盟SDK（中国信息通信研究院，联系方式：86-10-62301618）：该SDK中引用了联想统一认证SDK（联想控股股份有限公司，联系方式：010 - 62509999）。为了向您提供更加优质的服务与用户体验，该SDK需要获取您的手机终端的品牌信息（设备制造商，设备型号，设备品牌）、网络信息（设备网络运营商名称）、应用软件信息（应用名称、签名信息或在对应应用商店的AppID），用于生成唯一设备标识符OAID来保障您的账户安全与系统运行安全，防范设备信息被篡改或冒用。http://www.msa-alliance.cn/col.jsp?id=122。
(34) Mobile Security Alliance SDK (China Academy of Information and Communications Technology, Tel: 86-10-62301618). The SDK cites Legend’s unified authentication SDK (Legend Holdings Corporation, Tel: 010-62509999). To provide you with better services and user experience, the SDK needs to obtain the brand information (device manufacturer, device model, device brand), network information (device network operator name), application information (application name, signature or AppID in the corresponding application store) of your mobile terminal to generate a unique device identifier OAID to ensure the security of your account and system operation, and prevent device information from being modified or fraudulently used. http://www.msa-alliance.cn/col.jsp?id=122.

（35）设备指纹SDK（芯盾时代科技有限公司，联系方式：400-818-0110 ）：为了确保您在交易中处于安全稳定运行环境，设备指纹SDK需要申请您手机终端的WIFI定位权限、电话状态权限、蓝牙权限、定位权限、存储权限，来获取该终端的设备信息：Android ID、IMEI、设备序列号、IDFA、IDFV、IMSI、MAC地址、蓝牙地址、经纬度信息、内网IP、基站分配IP、WIFI信息、文件系统锚点、硬件基础信息、系统基础信息、设备风险信息、应用安装列表，相关信息用于风险防控、保障您的交易安全，我们不会向其他第三方提供您的上述信息。https://www.trusfort.com/productZn.html
(35) Device Fingerprint SDK (Beijing Trusfort Technology Co., Ltd. Tel: 400-818-0110). To ensure that you are in a safe and stable operating environment during transactions, the device fingerprint SDK needs to apply for the WIFI positioning, phone state, Bluetooth, location, and storage permissions of your mobile terminal to obtain its device information: Android ID, IMEI, device serial number, IDFA, IDFV, IMSI, MAC address, Bluetooth address, longitude and latitude, intranet IP, base station assigned IP, WIFI information, file system anchors, basic hardware information, basic system information, device risks, application installation list and other related information, which will be used to prevent and control risks and ensure the security of your transactions. We will not provide the above information to other third parties. https://www.trusfort.com/productZn.html

（36）Android-pdfview SDK（github开源）：为了实现Android客户端中PDF文件浏览，我们使用了Android-pdfview SDK；该SDK不获取您的个人信息。
(36) Android-pdfview SDK (github open source). To browse PDF files in Android client, the Android-pdfview SDK is used. The SDK does not obtain your personal information.

（37）iSec国密算法SDK（北京信安世纪科技股份有限公司，联系方式：4006705518）：提供对称加解密、密钥对加解密、签名验签、哈希计算、密钥协商、数字信封等国密安全算法能力；该SDK不获取您的个人信息。https://www.infosec.com.cn/。
(37) iSec GM Algorithm SDK (Beijing Infosec Technologies Co., Ltd. Tel: 4006705518). The SDK offers symmetric encryption and decryption, key pair encryption and decryption, signature verification, hash computation, key agreement, digital envelope and other GM security algorithm capabilities, and does not obtain your personal information. https://www.infosec.com.cn/.

（38）iSec国密网络通信SDK（北京信安世纪科技股份有限公司，联系方式：4006705518）：提供对称加密、非对称加密、数字签名、安全通信等安全服务功能，实现敏感信息机密性、完整性、有效性和不可抵赖性；该SDK不获取您的个人信息。https://www.infosec.com.cn。
(38) iSec GM Network Communication SDK (Beijing Infosec Technologies Co., Ltd. Tel: 4006705518). The SDK offers symmetric encryption, asymmetric encryption, digital signature, secure communication and security service functions to ensure the confidentiality, integrity, validity, and non-repudiation of sensitive information, and does not obtain your personal information. https://www.infosec.com.cn.

（39）深信服国密网络通信SDK（深信服科技股份有限公司，联系方式：4006306430）：提供移动终端App和数据中心应用服务之间建立SM算法国密连接的能力，保障传输的安全性；该SDK不获取您的个人信息。https://www.sangfor.com.cn/about-us/privacy-policy。
(39) Sangfor GM Network Communication SDK (Sangfor Technologies Inc. Tel: 4006306430). The SDK offers the capability of establishing GM connection through SM algorithm between mobile terminal Apps and data center application services to ensure the security of transmission, and does not obtain your personal information. https://www.sangfor.com.cn/about-us/privacy-policy.

（40）国密安全密码键盘SDK（北京微通新成网络科技有限公司，联系方式：010-88865436）：提供国密安全密码键盘功能，用来保护用户密码的安全使用；该SDK不获取您的个人信息。http://www.microdone.cn/。
(40) GM Security Password Keyboard SDK (Beijing Microdone Network Technology Co., Ltd. Tel: 010-88865436). The SDK offers the GM security password keyboard function to protect the secure use of user passwords, and does not obtain your personal information. http://www.microdone.cn/.

（41）顶象验证码SDK（北京顶象技术有限公司，联系方式：4008786123）。为了识别设备异常状态，顶象验证码SDK需要获取您的手机终端的WIFI定位权限、电话状态权限、蓝牙权限、定位权限、存储权限、网络权限，来获取该终端设备相关信息（包括设备型号、操作系统、设备设置、设备厂商信息、唯一设备标识符IMEI码、AndroidID、IDFA、MAC地址、设备电池状态、越狱状态），设备所在位置相关网络信息（包括您授权的GPS位置以及WLAN接入点、WIFI状态、WIFI参数、WIFI地址、IP地址、IP代理信息、蓝牙信息、运营商信息、基站信息），滑动轨迹信息（包括用户进行验证时的拖动滑块的轨迹信息、验证码内的点击信息），以及其他信息（包括App应用包名称、App应用名称、App应用版本号），所采集的信息仅供在验证码使用场景中对设备环境以及行为异常进行风险识别。https://www.dingxiang-inc.com/about/privacy。
(41) Dingxiang Verification Code SDK (Beijing Dingxiang Technology Co., Ltd., Tel: 4008786123). To identify the abnormal status of the device, Dingxiang Verification Code SDK needs to obtain the WIFI positioning, phone state, Bluetooth, location, memory and network permissions of your mobile terminal to obtain its relevant information (including device model, operating system, device settings, device manufacturer information, unique device identifier IMEI, AndroidID, IDFA, MAC address, device battery status, jailbreak status), network information related to the location of the device (including your authorized GPS location and WLAN access point, WIFI status, WIFI parameters, WIFI address, IP address, IP proxy information, Bluetooth information, operator information, base station information), sliding trajectory information (including trajectory information of the user dragging the slider upon verification, and clicking information within the verification code), and other information (including App package name, App name, App version number). The collected information is only used for risk identification of device environment and behavioral anomalies in the scenario where the verification code is used. https://www.dingxiang-inc.com/about/privacy.

（42）EventBus SDK（greenrobot开源组织）：为了实现Android客户端中的事件分发，我们使用了EventBus SDK；该SDK不获取您的个人信息。
(42) EventBus SDK (greenrobot open source). To distribute events in the Android client, the EventBus SDK is used. The SDK does not obtain your personal information.

（43）Pinyin4j SDK（SourceForge开源组织）：为了实现拼音转文字，我们使用了Pinyin4j SDK；该SDK不获取您的个人信息。
(43) Pinyin4j SDK (SourceForge open source). To convert Pinyin to text, the Pinyin4j SDK is used. The SDK does not obtain your personal information.

（44）Okhttp SDK（SquareOpenSource开源组织）：为了实现Android客户端中的网络请求，我们使用了Okhttp SDK；该SDK不获取您的个人信息。
(44) Okhttp SDK (SquareOpenSource open source). To request network in the Android client, the Okhttp SDK is used. The SDK does not obtain your personal information.

（45）Glide SDK（bumptech开源组织）：为了实现Android客户端中的图片加载，我们使用了Glide SDK；该SDK不获取您的个人信息。
(45) Glide SDK (bumptech open source). To load images in the Android client, the Glide SDK is used. The SDK does not obtain your personal information.

（46）Zxing SDK（Google开源组织）：为了实现Android客户端二维码扫描功能，我们使用了zxing SDK，该SDK不获取您的个人信息。
(46) Zxing SDK (Google open source). To scan the QR code in the Android client, the zxing SDK is used. The SDK does not obtain your personal information.

（47）fastjson SDK（阿里巴巴）：为了实现Android客户端数据序列化功能，我们使用了fastjson SDK，该SDK不获取您的个人信息。
(47) fastjson SDK (Alibaba): To serialize data in the Android client, the fastjson SDK is used. The SDK does not obtain your personal information.

如您不同意上述第三方服务商收集前述信息，可能无法获得相应服务，但不影响您正常使用中信银行App的其他功能或服务。如您同意上述相关第三方服务商收集前述信息发生信息泄露的，我们将与第三方服务商按照已签署的生效合同条款（或双方隐私政策相关条款）来承担相关责任。
If you do not agree to the collection of the above-mentioned information by the above-mentioned third-party service providers, you may not be able to obtain the corresponding service, but this will not affect your normal use of other functions or services of the China CITIC Bank App. In case of information leakage due to your agreement to the collection of the above-mentioned information by the above-mentioned third-party service providers, we and such third-party service providers will bear relevant responsibilities in accordance with the terms of the signed effective contract (or the relevant terms of the privacy policy of both parties).

4.当您使用电子银行服务时，为了维护服务的正常运行，优化我行的服务体验及保障您的账号安全，我行会收集以下基础信息，包括您的设备型号、操作系统、设备信息（Android ID、IMEI、IMSI、IDFA、OAID、AAID、设备硬件序列号、Mac地址、应用安装列表）、SIM卡序列号手机银行软件版本号、登录IP地址、接入网络的方式、类型和状态、网络质量数据、设备加速器、应用列表、操作日志和服务日志信息，这些信息是为您提供服务必须收集的基础信息，以保障您正常使用我行的服务。为了保障您的交易流畅性，您在交易过程中产生的操作信息非实时上送，而是在您使用App过程（包括App处于静默状态）中每隔20秒分批上送。
4. When you use e-banking services, to maintain its normal operation, optimize our service experience and protect the security of your account, we will collect the following basic information, including your device model, operating system, device information (Android ID, IMEI, IMSI, IDFA, OAID, AAID, device hardware serial number, Mac address, application installation list), SIM card serial number, mobile banking software version number, login IP address, network access method, type and status, network quality data, device accelerator, list of applications, operation logs and service logs. Such information is the basic information that must be collected to provide you with services, and ensure your normal use of our services. To ensure the smoothness of your transaction, the operation information generated during your transaction is not uploaded in real time, but uploaded in batches every 20 seconds while you are using the App (including when the App is in a silent state).

5. 当您反馈意见建议或者举报时，为了响应您的反馈，向您提供更加准确、个性和便捷的服务，改进服务质量，或为防范风险，我行会收集您反馈意见建议或举报时提供的信息，收集您使用电子银行功能或服务的类别、方式、操作信息以及您在我行的其他个人信息，我行会对这些信息进行统计、分析，并会根据上述信息向您提供相应服务或产品。
5. When you provide feedback or blow the whistle, to respond to your feedback and provide you with more accurate, personalized and convenient services, improve service quality, or to prevent risks, we will collect the information you provide when you offer opinions and suggestions or reports, the type, method, and operation information of your use of e-banking functions or services and your other personal information with us. We will make a statistical analysis of such information, and provide you with appropriate services or products based on the above information.

6.以下情形中，您可选择是否授权我行收集、使用您的个人信息：
6. You can choose whether to authorize our collection and use of your personal information in the following situations:

（1）摄像头，用于身份证识别、银行卡识别、识别二维码、人脸识别、人脸认证、客户服务、意见反馈、拍照，以及在扫一扫、人脸识别登录/转账/支付/提升认证、意见反馈使用。拒绝授权后，上述功能将无法使用。我行将获取的人脸数据，加密后存储于系统后台数据库中，用于业务办理过程留存、辅助识别和核实客户身份。对于某些品牌或型号的手机终端自身的本地生物特征认证功能，其信息由手机终端提供商进行处理，我行不留存您应用手机终端相关功能的信息。
(1) Camera, to be used for ID card recognition, bank card recognition, QR code recognition, face recognition, face authentication, customer service, feedback, photographing, scanning, and login by face recognition/money transfer/payment/upgrade authentication. Refusal to grant permission will prevent you from using the above functions. The face data obtained by us will be encrypted and stored in the background database of our system, which will be used for retention in the business handling process, auxiliary identification and verification of customer identity. For the local biometric authentication capabilities on mobile terminals of certain brands or models, the relevant information is processed by the mobile terminal provider, and we will not retain the information in the relevant functions of your mobile terminal.

（2）相册：用于扫一扫、主题更换、AI管家、财富顾问、联名卡专区、客户经理、数字藏品、转账结果、年度账单功能中访问您的相册。拒绝授权后，将影响上述功能使用。
(2) Album, to be used in functions such as Scan, Theme Settings, AI Assistant, Wealth Advisor, Co-branded Card Zone, Account Manager, Digital Collectibles, Transfer Results, and Annual Statements. Refusal to grant permission will affect your use of the above functions.

（3）麦克风，在智能语音服务、声纹登录等场景中使用。拒绝授权后上述功能无法使用。我行采集的声纹数据，加密后存储于系统后台数据库中。
(3) Microphone, to be used in the intelligent voice service, login via voiceprint and other scenarios. Refusal to grant permission will prevent you from using the above functions. The voiceprint data collected by us is encrypted and stored in the background database of our system.

（4）手机通讯录，在话费充值、转账、支付过程中，用于协助您通过通讯录快速选取电话号码，无需您手动输入。拒绝授权后，相关功能仍可以使用，但需要手工输入手机号码。手机银行仅读取并记录指定电话号码，不读取客户全量通讯录，我行后台系统仅储存指定电话号码。
(4) Phonebook, to be used to help you quickly select a phone number through the phonebook in the phone bill recharge, money transfer and payment process without requiring manual input. If you refuse to grant permission, relevant functions are still available, but the mobile phone number needs to be entered manually. Mobile banking only reads and records designated mobile phone numbers, but does not read the full phonebook of customers. Our background system only stores designated mobile phone numbers.

（5）手机短信，在需要短信验证码的环节可能需要读取验证码短信内容协助您进行验证码填写。如您拒绝通讯信息（短信）授权，我行手机银行将不读取短信内容，系统后台不保存短信内容。
(5) SMS. For operations that require an SMS verification code, it may be necessary to read the SMS containing the verification code to help you fill in the verification code. If you refuse to grant permission for the communication information (SMS), our mobile banking will not read the SMS content, and the system will not save the SMS content in the background.

（6）地理位置，获取您所在地理位置，主要用于电子银行交易风控，另外还能为您展现城市的有关信息并提供相应服务，包括网点预约、搜索结果匹配、城市服务功能的匹配。系统后台保存您交易时的位置信息。拒绝授权后，手机银行上述功能无法使用。
(6) Geographical location. Your geographical location obtained by us is mainly used for risk control of e-banking transactions, and can also show you relevant information about the city and provide appropriate services, including branch appointment, search result matching and city service matching. The system saves your location information during transactions in the background. Refusal to grant permission will prevent you from using the above mobile banking functions.

（7）蓝牙，用于设备绑定、转账业务场景的蓝牙UKey验签操作。拒绝授权后，蓝牙UKey相关功能无法使用。系统后台不保存客户手机蓝牙配置信息。
(7) Bluetooth, to be used for Bluetooth U-Key verification in device binding and money transfer scenarios. Refusal to grant permission will prevent you from using relevant functions of Bluetooth U-Key. The system does not save the Bluetooth configuration of the customer’s mobile phone in the background.

（8）网络通讯，用于与服务端进行通讯。拒绝授权后，手机银行所有功能无法使用。系统后台保存客户交易时所使用设备的网络信息，包括IP、端口信息。
(8) Network communication, to be used to communicate with the server. Refusal to grant permission will prevent you from using all mobile banking functions. The system saves the network information of the device used by the customer during transactions in the background, including IP and port information.

（9）存储权限，用于缓存您在使用App过程中产生的文本、图像、视频内容。拒绝授权后，手机银行涉及存储权限的功能将无法使用。
(9) Memory permission, to be used to cache the text, images, and video content generated during your use of the App. Refusal to grant permission will prevent you from using mobile banking functions involving memory permission.

（10）消息通知，用于向您及时推送账户动态、我行讯息、活动进度通知和理财推荐等信息。拒绝授权后，您将无法收到手机银行App的消息推送。
(10) Message notification, to be used to push account updates, our message, activity progress notifications and financial recommendations to you without delay. If you refuse to grant permission, you will not be able to receive push messages from the mobile banking App.

（11）日历，用于在理财日历、活动待办提醒、预约转账场景中添加日历提醒，方便您接收日历通知，及时管理自己的理财、活动、预约转账等事物。拒绝授权后，手机银行将无法获取系统日历信息。
(11) Calendar, to be used to add calendar reminders in the wealth management calendar, to-do reminders, and scheduled transfer scenarios, so that you can receive calendar notifications and manage your wealth management, activity, scheduled transfers and other events promptly. If you refuse to grant permission, mobile banking will not be able to obtain the system calendar information.

（12）NFC，用于公交卡充值、燃气卡充值缴费、云支付功能，拒绝授权后，上述功能将无法使用。
(12) NFC, to be used for bus card recharge, gas card recharge and cloud-linked payment functions. Refusal to grant permission will prevent you from using the above functions.

（13）电话状态，用于维持服务正常运行、保障您的账号安全。拒绝授权后，手机银行涉及设备信息采集的功能将无法使用。
(13) Phone state, to be used to maintain the normal operation of the service, and protect the security of your account. Refusal to grant permission will prevent you from using mobile banking functions involving device information collection.

（14）应用列表，用于手机银行App运行环境安全检测，我行系统后台不保存您的应用列表信息。您可以通过“手机设置-授权设置-中信银行-获取应用列表”来取消授权，取消授权后我行手机银行App将不再读取应用列表内容，但不影响您正常使用中信银行App的其他功能。
(14) Application list, to be used for the security detection of the environment where mobile banking operates. Our system does not save your application list in the background. You can cancel the permission through “Phone Settings-Authorization-China CITIC Bank-Get Application List”. After you cancel the permission, our mobile banking App will no longer read your application list, but this will not affect your normal use of other functions of the China CITIC Bank App.

（15）剪切板，用于信口令识别、转账时的快捷跳转场景，转账时读取您的剪切板内容（仅在手机剪切板出现连续数字并由系统判断为银行账号时读取数字部分），询问您是否需要向此银行账号转账，简化您的操作。拒绝授权后，手机银行将无法获取剪切板信息。
(15) Clipboard, to be used for SMS password recognition and quick jump at the time of money transfer, reading your clipboard content at the time of money transfer (only to read the numerical part when there are consecutive numbers on the clipboard of the mobile phone and the system considers them as a bank account number), and asking if you need to transfer money to this bank account number, thus simplifying your operations. If you refuse to grant permission, mobile banking will not be able to obtain the clipboard information.

（16）应用内安装其他应用，用于手机银行App升级、云支付。拒绝授权后，手机银行的升级和云支付功能将无法使用。
(16) Installing other apps in the app for the upgrading of mobile banking App and cloud-linked payment. Refusal to grant permission will prevent you from using the upgrade and cloud-linked payment functions of mobile banking.

（17）创建桌面快捷方式，用于我的医保功能。拒绝授权后，手机银行的我的医保功能将无法创建桌面快捷方式。
(17) Creating a desktop shortcut for the “My Medical Insurance” function. If you refuse to grant permission, no desktop shortcut can be created for the “My Medical Insurance” function of mobile banking.

（18）悬浮窗，用于中信直播、视频客服。拒绝授权后，中信直播和视频客服将无法开启悬浮窗。
(18) Floating window, to be used for CITIC Live and video customer service. If you refuse to grant permission, no floating window can be opened for CITIC Live and video customer service.

（19）加速度传感器，用于手机银行客户端摇一摇功能，实现意见反馈、客服等功能的快捷访问。拒绝授权后，手机银行客户端摇一摇功能将无法使用。
(19) Acceleration sensor, to be used for the “Shake” function of the mobile banking client to realize quick access to functions such as feedback and customer service. Refusal to grant permission will prevent you from using the “Shake” function of the mobile banking client.

上述功能可能需要您在您的设备中向我行开启您的相机（摄像头）、相册、麦克风、手机通讯录、手机短信、地理位置（位置信息）、蓝牙、网络通讯、存储权限、消息通知、日历、设备信息、应用列表、剪切板、应用内安装其他应用、创建桌面快捷方式和悬浮窗的访问权限，以实现这些功能所涉及的信息的收集和使用。请您注意，您开启这些权限即代表您授权我行可以收集和使用这些信息来实现上述功能，如您取消了这些授权，则我行将不再继续收集和使用您的这些信息，也无法为您提供上述与这些授权所对应的功能。
The above functions may require you to grant us access to your camera, album, microphone, mobile phonebook, SMS, geographic location (location information), Bluetooth, network communication, memory permission, message notification, calendar, device information, application list, clipboard, installing other apps in the app, creating desktop shortcuts and floating windows for us to collect and use the information pertinent to these functions. Please note that when you grant such permissions, you authorize us to collect and use the foregoing information to achieve the above functions. If you cancel such permissions, we will stop collecting and using such information, and we will not be able to provide the aforesaid functions in connection with such permissions.

如在上述情形之外收集或使用您的信息，我行会事先征求您的同意，并向您充分告知信息收集和使用的目的、方式和范围。
If your information is collected or used beyond the above-mentioned circumstances, we will seek your prior consent and fully inform you of the purpose, method and scope of information collection and use.

请您理解，我行向您提供的功能和服务是不断更新和发展的，如果某一功能或服务未在前述说明中且需要收集您的信息，我行会通过页面提示、交互流程、网站公告等方式另行向您说明信息收集的内容、范围和目的，并在收集信息前征得您的同意。
Please understand that the functions and services provided to you by us are constantly updated and developed. If a function or service is not included in the above statement and your information needs to be collected, we will separately explain to you the content, scope and purpose of information collection through page prompts, interactive processes, website announcements and other means, and obtain your consent before collecting information.

（二）征得授权同意的例外
(II) Exceptions to authorized consent

根据相关法律法规、监管要求，以下情形中，我行可能会处理您的相关个人信息而无需另行征求您的授权同意：
According to relevant laws, regulations and regulatory requirements, we may process your relevant personal information without your further authorization in the following situations:

1.与我行履行法律法规、监管规定的义务相关的；
1. Where it relates to the performance of our obligations under laws, regulations and regulatory requirements;

2.与国家安全、国防安全直接相关的；
2. Where it directly relates to national security and national defense security;

3.与公共安全、公共卫生和重大公共利益直接相关的；
3. Where it directly relates to public safety, public health and major public interests;

4.与刑事侦查、起诉、审判和判决执行等司法或行政执法直接相关的；
4. Where it directly relates to judicial or administrative law enforcement, such as criminal investigation, prosecution, trial and enforcement of judgment;

5.出于应对突发公共卫生事件、或者维护您或其他个人的生命、财产等重大合法权益但因情况紧迫无法事先征得您本人同意的；
5. Where it is necessary to respond to a public health emergency, or protect your or other individual’s life, property and other material lawful rights and interests, but your prior consent cannot be obtained due to urgency;

6.所收集的个人信息是您自行向社会公众公开的；
6. Where the personal information we collect is publicly disclosed by you;

7.从合法公开披露的信息中收集的个人信息。例如，合法的新闻报道和政府信息公开等渠道；
7. Where personal information is collected from legally disclosed information, such as legitimate news reports, government information disclosure, and other channels; 

8. 为公共利益实施新闻报道、舆论监督等行为，在合理的范围内处理个人信息；
8. Where personal information is processed within a reasonable scope for purposes of conducting news reporting, public opinion supervision and other acts for the public interest;

9.根据您要求签订和履行合同所必需的；
9. Where it is necessary to enter into and perform a contract at your request;

10.用于维护所提供的产品或服务的安全稳定运行所必需的。例如，发现、处置产品或服务的故障；
10. Where is necessary to maintain the safe and stable operation of the products or services provided, such as discovering and handling product or service failures; 

11.法律法规及监管规定的其他情形。
11. Other situations stipulated by laws, regulations and regulatory requirements.

（三）信息如何使用
(III) How to use information

1.根据本政策的约定向您提供我行的金融产品或服务，并为改进这些产品或服务时使用。
1. We will use your personal information when providing you with our financial products or services as agreed herein, and for the purpose of improving these products or services.

2.在我行向您提供金融服务期间，我行按您的授权持续收集和使用您的信息。在您注销服务时，我行将停止收集您相关的个人信息。
2. We will continue to collect and use your information according to your authorization during our provision of financial services to you. When you cancel the services, we will stop collecting your relevant personal information.

3. 为了向您提供更加准确、个性和便捷的服务，提升服务质量，或为防范风险，我行会对服务使用情况进行汇总、统计分析、加工，但这些信息不会包含您的任何身份识别信息。
3. To provide you with more accurate, personalized and convenient services, improve service quality, or to prevent risks, we will summarize, statistically analyze, and process information about service usage, but such information will not include any of your identification information.

4.为使您知悉、使用我行金融产品或服务的情况或使您进一步了解我行服务，我行会向您发送服务状态通知以及相关产品或服务的商业性信息。
4. To let you know and use our financial products or services or know more about our services, we will send you service status notifications and commercial information about related products or services.

5.我行会采取脱敏、去标识化等方式对您的信息进行综合统计、分析加工，以便为您提供更加准确、个性、流畅及便捷的服务，或帮助我行评估、改善或设计服务及运营活动等。
5. We will make comprehensive statistics of, analyze and process your information after desensitization, de-identification and treatment by other means, to provide you with more accurate, personalized, smooth and convenient services, or help us evaluate, improve or design services and operational activities, etc.

6. 在收集您的个人信息后，我行在通过技术手段对您的信息数据进行去标识化处理后，该去标识化的信息将无法识别信息主体，处理后不涉及您的个人信息。
6. After collecting your personal information, we will de-identify your information and data through technical means. The de-identified information will not be able to identify the information subject, and we have the right to use it directly without your consent, analyze and make commercial use of the user database.

7. 为了给您提供更好的APP使用体验，我行可能根据您的身份信息、交易信息、访问足迹、历史搜索情况，通过算法模型预测您的偏好特征，匹配您可能感兴趣的产品、服务或其他信息向您展示。
7. To provide you with a better app experience, we may predict your preferences and characteristics through algorithm models according to your identity information, transaction information, visit footprint and historical search, and match the products, services or other information that you may be interested in to show you.

关于综合个性化推荐，我行会在在手机银行首页、会员频道首页、理财持仓页、基金持仓页、资产总览页、保险频道页、存款频道页为您进行相关产品、活动、资讯、服务、集合页面的综合推荐，目标是为您匹配您可能感兴趣的全品类内容。该个性化展示是依据您在我行留存的当前资产信息、持仓信息、历史交易信息、中信银行App浏览点击信息进行综合判断的。
Regarding comprehensive personalized recommendations, we will provide you with integrated recommendations for relevant products, activities, information, services, and collection pages on the mobile banking app's homepage, the membership section’s homepage, wealth management holdings page, fund positions page, asset overview page, insurance section page, and deposit section page, to match you with a full range of content that you may be interested in. The personalized display is a result of comprehensive judgment based on the current assets, positions, historical transactions, and China CITIC Bank App browsing and click information that you have retained with us.

关于贷款及相关服务的个性化推荐，我行会在借钱频道首页为您进行个性化展示，目标是为您匹配您可能感兴趣的贷款相关产品。该个性化展示是依据您在我行留存的当前资产信息、持仓信息、历史交易信息、中信银行App浏览点击信息、历史搜索信息进行综合判断的。
Regarding personalized recommendations for loans and related services, we will provide personalized displays on the homepage of the borrowing section to match you with loan-related products that you may be interested in. The personalized display is a result of comprehensive judgment based on the current assets, positions, historical transactions, China CITIC Bank App browsing and click information, and historical search information that you have retained with us.

关于投资理财类产品及相关服务的个性化推荐，我行会在搜索页、小信AI、阿信服务、会员频道、理财频道、基金频道、资产总览、保险频道、存款频道、拿铁计划、收益中心为您进行产品及产品相关活动、资讯的个性化推荐，目标是为您匹配您可能感兴趣的产品相关内容。该个性化展示是依据您在我行留存的当前资产信息、持仓信息、历史交易信息、中信银行App浏览点击信息、历史行为轨迹、资金流动信息、历史使用我行服务信息、历史活动参与信息进行综合判断的。
Regarding personalized recommendations for investment and wealth management products and related services, we will provide personalized recommendations for products, related activities, and information on the search page, Xiaoxin AI, Axin Service, the membership section, wealth management section, fund section, asset overview, insurance section, deposit section, Latte Plan, and Income Center to match you with products and content that you may be interested in. The personalized display is a result of comprehensive judgment based on the current assets, positions, historical transactions, China CITIC Bank App browsing and click information, historical trajectories, fund flow information, historical use of our services, and past activity participation that you have retained with us.

同时，如您不希望接收此类信息，我行也提供了不基于个性化推荐算法的展示内容：您可以在中信银行App的“我的-设置-个性化设置”中点击关闭“个性化推荐”选项。
Meanwhile, if you do not want to receive such information, we also provide content that is not based on personalized recommendation algorithms: You can click to turn off the “Personalized Recommendation” option in “Mine-Settings-Personalized Settings” in the China CITIC Bank App.

8.您授权同意的以及法律允许的其它用途。
8. Other purposes authorized by you and permitted by law.

二、我行如何使用Cookie技术
II. How we use Cookies

为确保系统正常运转，我行会在您的计算机或移动设备上存储名为 Cookie 的小数据文件。Cookie 通常包含标识符、站点名称以及一些号码和字符。借助于 Cookie，网站能够存储您的偏好或购物篮内的商品等数据。我行不会将 Cookie 用于本政策所述目的之外的任何用途。您可根据自己的偏好管理或删除 Cookie。您可以清除计算机上保存的所有 Cookie，大部分网络浏览器都设有阻止Cookie 的功能。但如果您这么做，则需要在每一次访问我行的网站时更改用户设置。
To ensure the normal operation of the system, we will store small data files called Cookies on your computers or mobile devices. Cookies typically contain identifiers, site names, and some numbers and characters. With the help of Cookies, websites can store data such as your preferences or items in your shopping basket. We will not use Cookies for any purpose other than those stated in this Policy. You can manage or delete Cookies according to your preferences. You can clear all Cookies saved on your computer, and most web browsers have a Cookie blocking feature. However, if you do this, you will need to change the user settings every time you visit our website.

三、我行如何存储和保护您的个人信息
III. How we store and protect your personal information

（一）存储
(I) Storage

1.我行在中华人民共和国境内收集和产生的个人信息，将存储在中华人民共和国境内。但我行在处理跨境业务（包括如结售汇、跨境汇款的个人外汇服务以及跨境汇款）时，在获得您的授权同意且符合法律、行政法规和相关监管规定的前提下，您的个人信息可能会被转移到境外，获得授权后可能出境的个人信息项见本隐私政策第一（一）2（7）节。此种情况下，我行会采取有效措施保护您的信息安全，如果超过法律法规要求的期限，我行将对您的个人信息进行删除。例如，在跨境数据转移之前实施数据去标识化等安全措施，或通过协议、核查等措施要求境外机构为您的信息保密。
1. The personal information collected and obtained by us within the territory of the PRC will be stored within the territory of the PRC. However, when we handle cross-border business (including foreign exchange settlement and sales, personal foreign exchange service for cross-border remittances, and cross-border remittances), on the premise of obtaining your consent and complying with laws, administrative regulations and relevant regulatory requirements, your personal information may be transferred overseas, and the personal information items that may be subject to cross-border transfer after obtaining authorization are listed in Clause 2(7) under Sub-section (I) of Section I of this Privacy Policy. In this case, we will take effective measures to protect your information security. If the retention period required by laws and regulations is exceeded, we will delete your personal information beyond the retention period required by laws and regulations. For example, before cross-border data transfer, we will take security measures such as data de-identification, or require overseas institutions to keep your information confidential through agreements, verification and other measures.

2.我行仅在法律法规、监管要求的期限内，以及为实现本政策声明的目的所必须的最短时限内保留您的个人信息，如客户身份资料自业务关系结束当年或一次性交易记账当年起至少保存5年，交易记录自交易记账当年起至少保存5年。如果超过法律法规要求、本政策声明的目的所必须的最短时限，或业务关系已结束，我行将对您的个人信息进行删除或匿名化处理；法律法规、监管要求另有规定或者您另行授权同意的除外。例如，登录手机号码：当您需要使用电子银行服务时，我行需要一直保存您的登录手机号，以保证您正常使用该服务，当您注销电子银行账户后，我行将删除相应的信息；登录邮箱：当您需要使用电子银行服务时，我行需要一直保存您的登录邮箱，以保证您正常使用该服务，当您注销电子银行账户后，我行将删除相应的信息；登录地区：当您登录手机银行后，我行会记录您持有卡片的注册地信息，以保证您正常使用该服务，当您注销电子银行账户后，我行将删除相应的信息。
2. We will only retain your personal information for a period required by laws, regulations and regulatory requirements, and for the shortest period necessary to achieve the purposes stated herein. For example, the customer identity information shall be kept for at least 5 years from the year when the business relationship ends or the year when the one-shot transaction is recorded, and the transaction records shall be kept for at least 5 years from the year when the transaction is recorded. If the minimum period required by laws and regulations or necessary to achieve the purposes stated herein, or the business relationship has ended, we will delete or anonymize your personal information, unless otherwise provided by laws and regulations or otherwise authorized and agreed by you. For example, mobile phone number for login: when you need to use e-banking services, we need to keep your mobile phone number for login to ensure your normal use of the service; when you cancel your e-banking account, we will delete the corresponding information; login email address: when you need to use e-banking service, we need to keep your login email address to ensure your normal use of the service; when you cancel your e-banking account, we will delete the corresponding information; login area: when you log in to the mobile banking, we will record the information on the registration place of your card to ensure your normal use of the service; when you cancel your e-banking account, we will delete the corresponding information.

（二）保护
(II) Protection

1.我行已使用符合业界标准的安全防护措施保护您提供的个人信息，防止数据遭到未经授权的访问、公开披露、使用、修改、损坏或丢失。我行会采取一切合理可行的措施，保护您的个人信息。例如，我行会使用加密技术确保数据的保密性；我行会使用受信赖的保护机制防止数据遭到恶意攻击；我行会部署访问控制机制，确保只有授权人员才可访问个人信息以及我行会举办安全和隐私保护培训课程，加强员工对于保护个人信息重要性的认识。我行手机银行App已取得了市场监管总局和人民银行发布的金融科技产品认证。
1. We have taken security measures that comply with industry standards to protect your personal information from unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect your personal information. For example, we will use encryption technology to ensure the confidentiality of data; we will use trusted protection mechanisms to prevent malicious attacks on data; we will deploy access control mechanisms to ensure that only authorized personnel have access to personal information; and we will deliver training sessions courses on security and privacy protection to enhance employees’ awareness of the importance of protecting personal information. Our mobile banking App has obtained the fin-tech product certification issued by the State Administration for Market Regulation and the People’s Bank of China.

2. 如我行提供的全部或部分电子银行业务停止运营，我行相关产品或服务将通过公告等形式向您进行告知，同时停止相关产品或服务对您个人信息的收集等操作，保护您的个人信息安全。如果因为技术故障、网络攻击、自然灾害及事故、人为因素等各种原因造成全部或部分电子银行业务中断，我行将采取应急处置和恢复措施予以应对，尽快恢复服务。
2. If all or part of the e-banking business provided by us is discontinued, our related products or services will be notified to you through announcements or otherwise, and the collection of your personal information by related products or services will be stopped to protect the security of your personal information. If all or part of the e-banking business is interrupted due to technical failure, network attack, natural disasters and accidents, human factors or other reasons, we will take emergency procedures and recovery measures to respond to them and recover the service as soon as possible.

3.我行会采取一切合理可行的措施，确保未收集无关的个人信息。
3. We will take all reasonable and feasible measures to ensure that irrelevant personal information shall not be collected.

4.请您理解，由于技术水平局限以及可能存在的恶意攻击，有可能出现我行无法合理预见、防范、避免或控制的意外情况。互联网并非绝对安全的环境，我行建议您采取积极措施保护个人信息的安全，包括但不限于请使用复杂密码、定期修改密码、不将自己的账号密码及相关个人信息透露给他人等，协助我行保证您的账号安全。
4. Please understand that due to technical limitations and possible malicious attacks, unexpected situations that could not be reasonably foreseen, prevented, avoided or controlled may occur. The Internet is not an absolutely secure environment. We suggest that you take positive measures to protect the security of your personal information, including but not limited to using complex passwords, changing passwords regularly, and not disclosing your account passwords and related personal information to others, so as to help us ensure the security of your account.

5.如发生或可能发生个人信息安全事件，我行将按照法律法规的要求，及时将事件相关情况以邮件、信函、电话和推送通知等方式告知您，或采取合理、有效的方式发布公告。告知内容包括但不限于安全事件的内容和影响；已采取或将要采取的处置措施；您的自主防范和降低风险的建议；针对您提供的补救措施以及我行个人信息保护负责人和工作机构的联系方式。同时，我行还将依据法律法规或监管规定，上报个人信息安全事件处置情况。
5. If a personal information security incident occurs or may occur, we will, in accordance with the requirements of laws and regulations, notify you promptly by email, letter, telephone or push notification, or issue an announcement in a reasonable and effective manner. The content of the notification includes, without limitation, the content and impact of the security incident; the disposal measures that have been taken or will be taken; the suggestions for you to prevent and reduce risks; the remedial measures provided for you and the contact details of our officer and working body for personal information protection. In addition, we will also report on the handling of such personal information security incidents in accordance with laws and regulations or regulatory requirements.

四、我行如何共享、转让和公开披露您的个人信息
IV. How we share, transfer, and publicly disclose your personal information

（一）共享和转让
(I) Sharing and transfer

1.除非获得您的明确明示同意或授权，我行不会向其他任何公司、组织和个人共享或转让您的个人信息，但是法律法规另有规定或经过加工无法识别特定个人且不能复原的除外。
1. Unless with your express consent or authorization, we will not share or transfer your personal information to any other company, institution or individual, except as otherwise specified by laws and regulations or except for such information that cannot identify a specific individual identified and cannot be restored after processing.

2.如果为了向您提供服务而必须将您的信息共享至第三方，我行会评估该第三方收集信息的合法性、正当性、必要性，并会通过与第三方签订协议，同时要求他们按照我行的说明、本政策或其他任何相关的保密和安全措施来妥善处理、保护您的个人信息。我行将以公告、弹窗等形式向您告知共享个人信息的目的、接收方的类型以及可能产生的后果，并征得您的明示授权同意。涉及敏感信息的，我行还会告知敏感信息的类型、接收方的身份和数据安全能力，并征得您的明示授权同意。我行仅会出于合法、正当、必要、特定、明确的目的共享或转让您的个人信息，只会共享或转让提供服务所必要，且经过您授权的个人信息，并会严格约束合作伙伴将您的个人信息用于任何其他用途，但我行无法保证第三方一定会严格遵循我行的要求，如其在使用您的信息过程中侵害了您的合法权益，我们将尽力协助您进行相应的维权处理。
2. If your information must be shared with a third party to the extent necessary for providing you with services, we will evaluate the legality, legitimacy and necessity of the information collection by the third party, and sign an agreement with the third party and require it to properly process and protect your personal information in accordance with our instructions and this Policy or using any other relevant confidentiality and security measures. We will inform you of the purpose of sharing personal information, the type of recipient and possible consequences through announcements, pop-up windows and other means, and obtain your express consent. If sensitive information is involved, we will also inform you of the type of sensitive information, identity of the recipient and data security capabilities, and obtain your express consent. We will only share or transfer your personal information for legal, legitimate, necessary, specific and clear purposes and necessary to provide services with your authorization, and will strictly restrict the use of your personal information by our partners for any other purpose. However, we cannot guarantee that the third party will strictly follow our requirements. If the use of your information infringes your legal rights, we will do our best to assist you in defending your rights.

（1）快捷支付绑卡/微信快捷支付，仅在您使用手机银行中开通微信快捷支付功能时，向腾讯公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.tencent.com/zh-cn/。（客服电话：95017）
(1) Card binding for quick payment/WeChat quick payment. We will only provide Tencent with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate WeChat quick payment on mobile banking. https://www.tencent.com/zh-cn/ (service hotline: 95017)

（2）快捷支付绑卡/支付宝快捷支付，仅在您使用手机银行中开通支付宝快捷支付功能时，向支付宝（中国）网络技术有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.alipay.com。（客服电话：95188）
(2) Card binding for quick payment/Alipay quick payment. We will only provide Alipay (China) Network Technology Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Alipay quick payment on mobile banking. https://www.alipay.com. (service hotline: 95188)

（3）快捷支付绑卡/云闪付快捷支付，仅在您使用手机银行中开通云闪付快捷支付功能时，向中国银联股份有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://yunshanfu.unionpay.com。（客服电话：95516）
(3) Card binding for quick payment/Cloud QuickPass quick payment. We will only provide China UnionPay Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Cloud QuickPass quick payment on mobile banking. https://yunshanfu.unionpay.com. (service hotline: 95516)

（4）快捷支付绑卡/美团快捷支付，仅在您使用手机银行中开通美团快捷支付功能时，向北京三快在线科技有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://i.meituan.com。（客服电话：1010-7888）
(4) Card binding for quick payment/Meituan quick payment. We will only provide Beijing Sankuai Online Technology Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Meituan quick payment on mobile banking. https://i.meituan.com. (service hotline: 1010-7888)

（5）快捷支付绑卡/京东快捷支付，仅在您使用手机银行中开通京东快捷支付功能时，向北京京东世纪贸易有限公司公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://jd.com。（客服电话：950618）
(5) Card binding for quick payment/JD quick payment. We will only provide Beijing Jingdong Century Trading Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate JD quick payment on mobile banking. https://jd.com. (service hotline: 950618)

（6）快捷支付绑卡/苏宁快捷支付，仅在您使用手机银行中开通苏宁快捷支付功能时，向苏宁易购集团股份有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.suning.com。（联系电话：025-66996699）
(6) Card binding for quick payment/Suning quick payment. We will only provide Suning.com Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Suning quick payment on mobile banking. https://www.suning.com. (service hotline: 025-66996699)

（7）快捷支付绑卡/度小满快捷支付，仅在您使用手机银行中开通度小满快捷支付功能时，向北京度小满支付科技有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.duxiaoman.com。（客服电话：95055）
(7) Card binding for quick payment/Duxiaoman quick payment. We will only provide Beijing Duxiaoman Payment Technology Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Duxiaoman quick payment on mobile banking. https://www.duxiaoman.com. (service hotline: 95055)

（8）快捷支付绑卡/携程快捷支付，仅在您使用手机银行中开通携程快捷支付功能时，向携程旅行网提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://hotels.ctrip.com/。（客服电话：95010）
(8) Card binding for quick payment/Ctrip quick payment. We will only provide Ctrip.com. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Ctrip quick payment on mobile banking. https://hotels.ctrip.com/. (service hotline: 95010)

（9）快捷支付绑卡/拼多多快捷支付，仅在您使用手机银行中开通拼多多快捷支付功能时，向拼多多(上海)网络科技有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.pinduoduo.com。（客服电话：021-53395288）
(9) Card binding for quick payment/Pinduoduo quick payment. We will only provide Pinduoduo (Shanghai) Network Technology Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Pinduoduo quick payment on mobile banking. https://www.pinduoduo.com. (service hotline: 021-53395288)

（10）快捷支付绑卡/抖音快捷支付，仅在您使用手机银行中开通抖音快捷支付功能时，向武汉合众易宝科技有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.ulpay.com/。 （客服电话：400-056-7076）
(10) Card binding for quick payment/Douyin quick payment. We will only provide Wuhan Hezhong Epro Technology Co. Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate Douyin quick payment on mobile banking. https://www.ulpay.com/. (service hotline: 400-056-7076)

（11）快捷支付绑卡/易付宝快捷支付，仅在您使用手机银行中开通易付宝快捷支付功能时，向南京苏宁易付宝网络科技有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.suning.com。（客服电话：025-66996699）
(11) Card binding for quick payment/SuningPay quick payment. We will only provide Nanjing Suning Payment Technology Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you activate SuningPay quick payment on mobile banking. https://www.suning.com. (service hotline: 025-66996699)

（12）好会花，仅在您使用手机银行中好会花功能时，向中信百信银行股份有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。https://www.aibank.com。（客服电话：956186）
(12) Haohuihua. We will only provide CITIC aiBank Corporation Limited with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you use Haohuihua function on mobile banking. https://www.aibank.com. (service hotline: 956186)

（13）医保业务，仅在您使用手机银行我的医保功能时，向国家医疗保障局提供该功能所必需的个人信息，即您签约手机银行时的预留手机号码、身份证号、姓名、人脸信息等相关信息以实现安全认证。（联系电话: 12333）
(13) Medical insurance business. We will only provide the National Healthcare Security Administration with the required personal information when using My Medicare function on mobile banking, that is, the mobile phone number, ID number, name, face information and other related information to enable security authentication reserved when you sign up for mobile banking. (service hotline: 12333)

（14）万达电影，仅在您使用手机银行中万达电影小程序功能时，向万达电影股份有限公司提供您在中信银行预留手机号、姓名、证件号和银行卡号。http://www.wandafilm.com。（客服电话：400-080-6060）
(14) Wanda Film. We will only provide Wanda Film Holding Co., Ltd. with your mobile phone number, name, ID number and bank card number reserved at China CITIC Bank when you use Wanda Film applet on mobile banking. http://www.wandafilm.com. (service hotline: 400-080-6060)

（15）办理个人外汇服务（包括结售汇、跨境汇款），人脸识别核实身份，认购、申购基金以及办理定投签约时，在获得您的授权后我行会向相关机构提供办理业务所必须的信息，详见本隐私政策的“一、我行如何收集和使用您的个人信息——（一）信息如何收集第2条”
(15) When you handle personal foreign exchange services (including foreign exchange settlement and sales, cross-border remittances), verify identity through face recognition, subscribe and purchase funds, and sign automatic investment plans, we will provide relevant institutions with the information necessary to handle relevant business after obtaining your authorization. For details, please refer to “I. How we collect and use your personal information - (I) How to collect information - Item 2” hereunder.

（16）第三方SDK服务商合作方，为了给您提供更好的服务，我行手机银行中嵌入了一些SDK，这些SDK将在特定场景收集您的个人信息。详见本隐私政策的“一、我行如何收集和使用您的个人信息——（一）信息如何收集第3条”
(16) Third-party SDK service providers. To provide you with better services, some SDKs are embedded in our mobile banking, which will collect your personal information under specific scenarios. For details, please refer to “I. How we collect and use your personal information - (I) How to collect information - Item 3” hereunder.

3.为了您的账户资金、交易安全，我行可能会与基础电信运营商、腾讯云共享您的去标识化后的手机号信息，用以获取您的风险特征，并依据与上述第三方的约定，在符合相关法律法规、监管规定的前提下，用于风险账户、风险交易的识别。
3. For the security of your account funds and transactions, we may share your de-identified mobile phone number with basic telecom operators and Tencent Cloud to obtain your risk attributes and identify risk accounts and risk transactions on the premise of complying with relevant laws, regulations and regulatory provisions based on the agreement with such third parties.

4.请您理解，我行可能会根据法律法规规定或按政府主管部门的强制性要求，对外共享或转让您的个人信息。
4. Please understand that we may share or transfer your personal information externally in accordance with laws and regulations, or the mandatory requirements of government authorities.

5.根据法律法规和商业惯例，在合并、收购、资产转让、破产清算或类似交易中，如涉及到个人信息转让，我行会向您告知有关情况，要求新的持有您个人信息的公司、组织继续受本政策的约束。否则，我行将要求该公司、组织重新向您征求授权同意。
5. In accordance with laws, regulations, and commercial practices, in the event of a merger, acquisition, asset transfer, bankruptcy liquidation, or similar transactions involving the transfer of personal information, we will inform you of the relevant circumstances and require the new company or organization holding your personal information to continue to comply with this policy. Otherwise, we will request the company or organization to obtain your consent again.

（三）公开披露
(III) Public disclosure

1.我行不会公开披露您的个人信息，如确需披露，我行会告知您披露个人信息的目的和类型，在获得您明确同意后，按您授权情况披露您的个人信息；涉及敏感信息的还会告知敏感个人信息的内容，处理敏感个人信息的必要性以及对您个人权益的影响，并事先征得您的明示同意。如因我行原因导致您个人信息泄漏进而导致您合法权益受损，我行将承担相应的法律责任。
1. We will not publicly disclose your personal information. If disclosure is necessary, we will inform you of the purpose and type of personal information disclosure. After obtaining your express consent, we will disclose your personal information as authorized by you. If sensitive information is involved, we will also inform you of the content of sensitive personal information, the need to process sensitive personal information and the impact on your personal rights, and obtain your express consent in advance. If your personal information is leaked due to reasons attributable to us and your legitimate rights and interests are damaged, we will bear corresponding legal responsibilities.

2.请您理解，在法律法规、法律诉讼程序或政府主管部门或司法机关的强制性要求情况下，我行可能会公开披露您的个人信息。
2. Please understand that we may publicly disclose your personal information under the mandatory requirements of laws and regulations, legal proceedings or competent government departments or judicial authorities.

五、您如何行使您的权利
V. How you exercise your rights

按照中国相关的法律法规和监管规定，我行保障您对自己的个人信息行使以下权利：
Pursuant to relevant Chinese laws, regulations and regulatory requirements, guarantee your exercise of the following rights in connection with your personal information:

（一）访问、更正及更新您的个人信息
(I) Access, correct and update your personal information

您有权通过我行门户网站、网上银行、手机银行、微信银行、柜面等渠道访问及更正、更新您的个人信息，但法律法规另有规定的除外。您有责任及时更新您的个人信息。在您修改个人信息之前，我行会验证您的身份。
You have the right to access, correct and update your personal information through our portal website, online banking, mobile banking, WeChat banking, counters and other channels, unless otherwise specified by laws and regulations. You are responsible for updating your personal information promptly. We will verify your identity before you change your personal information.

1.您登录手机银行后，可以在“设置-个人信息设置”中，查询、修改您的基本信息，包括更新证件信息、常住地址、职业；在“安全中心”中查询、修改您的安全设置，包括设备管理、修改登录密码、开启/关闭手势密码、开启/关闭指纹密码、指纹/人脸转账支付、限额管理、防盗刷安全锁、安全认证、转账业务强化验证、刷脸付管理、全付通管理；在“账户”功能中管理绑定的银行卡、开通电子账户；在“账户管理”中管理账户状态、设置默认账户、账户别名、账户状态、账户限额、账户降级、小额免密设置、智慧安全锁、全付通。
1. After logging in to mobile banking, you can query and change your basic information in “Settings-Personal Information Settings”, including updating ID certificate information, permanent address and occupation; query and change your security settings in “Security Center”, including device management, changing login password, enabling/disabling gesture password, enabling/disabling fingerprint password, transfer payment via fingerprint/face, limit management, anti-theft security lock, security authentication, enhanced transfer business verification, face-scanning payment management and China Citic bank E-POS management; manage bound bank cards and open an electronic account in “Account”; and manage the account status, set the default account, account alias, account status, account limits, account downgrade, small-value password-free payment setting, smart security lock and All-pay E-POS in “Account Management”.

快捷支付管理—快捷支付是中信银行针对第三方支付机构及部分优质商户推出的授权支付服务。持有中信银行活期储蓄或信用卡账户的个人客户，通过第三方授权开通快捷支付功能后，客户在第三方办理支付业务时不需再跳转到中信银行支付页面，客户通过第三方安全验证后，直接完成支付。快捷支付管理业务包括快捷支付绑定账户的查询、绑定和解绑等功能。
Quick payment management - Quick payment is an authorized payment service offered by China CITIC Bank to third-party payment institutions and some high-quality merchants. For personal customers with a current savings account or credit card account of China CITIC Bank, after the quick payment function is activated through third-party authorization, there is no need to jump to the payment page of China CITIC Bank when customers process payment business through third parties, and the payment can be directly completed after customers pass the third-party security verification. The quick payment management service includes querying, binding and unbinding accounts bound to quick payment.

2.您登录网上银行后，可以在“客户服务-安全设置”中，进行个人信息修改、私密问题设置、开启/关闭手机银行、转账限额设置和证书管理等。
2. After logging in to online banking, you can change your personal information, set privacy questions, turn on/off mobile banking, set transfer limits, and manage certificates in “Customer Service-Security Settings”.

（二）删除您的个人信息
(II) Delete your personal information

您在我行的产品或服务页面中可以直接清除或删除的信息，包括绑定银行卡、消息记录、缓存记录、搜索记录等。具体删除路径如下，“绑定银行卡”删除：手机银行App-我的-我的账户-设置（右上角）-删除账户，“消息记录”删除：手机银行App-我的-消息中心（右上角）-消息分类-编辑（右上角）-选择-删除按钮，“缓存记录”删除：手机银行App-我的-设置-清除缓存，“搜索记录”删除：手机银行App-搜索框-删除按钮（历史搜索栏位右侧）。
You may directly clear or delete the information on our product or service page, including bound bank cards, message records, cache records and search records. You may choose the following path for deletion: Delete “Bound Bank Cards”: Mobile Banking App-Mine-My Account-Settings (upper right corner)-Delete Account; delete “Message Records”: Mobile Banking App-Mine-Message Center (upper right corner)-Message Classification-Edit (upper right corner)-Select-Delete button; delete “Cache Records”: Mobile Banking App-Mine-Settings-Clear Cache; delete “Search Records”: Mobile Banking App-Search Box-Delete button (on the right side of the historical search field).

在以下情形中，您可以向我行提出删除个人信息的请求：
In the following situations, you may request us to delete personal information:

1.如果我行处理个人信息的行为违反了法律、行政法规或与您的约定；
1. If our processing of personal information violates laws and regulations or regulatory requirements or our agreements with you;

2. 基于同意处理您的信息，您撤回同意的；
2. You withdraw your consent after we process your information based on your consent for processing your information;

3.如果处理您个人信息的目的已实现、无法实现或者为实现处理目的不再必要；
3. If the purpose of processing your personal information has been achieved, cannot be achieved, or it is no longer necessary to achieve the purpose of processing;

4.如果我行停止提供产品或服务，或您不再使用我行的产品或服务或您注销了相关账号；
4. If we no longer provide you with products or services, or you no longer use our products or services, or you have canceled your account;

5.个人信息存储期限已届满；
5. The retention period of your personal information has expired;

6.法律法规规定的其他情形。
6. Other situations stipulated by laws and regulations.

如我行决定响应您的删除请求，我行还将同时通知从我行获得您的个人信息的实体，要求其及时删除，除非法律法规另有规定或监管部门另有要求或这些实体获得您的独立授权。
If we decide to respond to your request for deletion, we will notify the entities that have obtained your personal information from us and ask them to delete such information immediately, unless otherwise specified by laws and regulations or required by regulatory agencies, or these entities have obtained your separate authorization.

您在移动终端中删除手机银行App后，终端本地的信息将会删除，但是后台的个人信息仍未删除。您通过以下路径“手机银行App-我的-设置-中信通行证设置-中信通行证注销”注销电子银行用户后，即可在我们的服务中删除您的个人信息。当您从我行的服务中删除信息后，我行可能不会立即在备份系统中删除相应的信息，但会在备份更新时删除这些信息，监管机构要求保留的信息除外。
After you delete the mobile banking App on a mobile terminal, the information on the terminal will be deleted, but the personal information in the background is not deleted. You can delete your personal information from our services after you cancel the e-banking user through the following path “Mobile Banking App-Mine-Settings-CITIC Pass Settings-CITIC Pass Cancellation”. When you delete your information from our services, we may not immediately delete the corresponding information in the backup system, but we will delete such information when updating the backup system, except for information required to be kept by regulatory agencies.

对于您要求删除的个人信息，如果法律法规规定的保存期限未届满，或者删除个人信息从技术上难以实现，我行将停止除存储和采取必要的安全保护措施之外的处理。
For the personal information that you request to be deleted, if the retention period required by laws and regulations has not yet expired, or if it is technically difficult to delete the information, we will cease processing it, except for storing it and taking necessary security measures.

如果我行不再为您提供产品或服务，我行将会删除您的个人信息，法律、法规、监管机构要求保留的信息除外。
If we no longer provide you with products or services, we will delete your personal information, except for the information required to be kept by laws, regulations and regulatory agencies.

（三）改变您授权同意的范围
(III) Change the scope of your authorization

每个业务功能需要一些基本的个人信息才能得以完成。对于额外收集的个人信息的收集和使用，您可以根据手机的不同品牌和型号，通过手机银行App中我的-设置-系统权限功能开通或关闭位置服务权限、麦克风权限、相机权限、存储权限、设备信息权限、读取通讯录权限、日历权限，随时给予或撤回您的授权同意。
Every business function needs to be completed based on some basic personal information. For the collection and use of additional personal information, you may enable or disable the location service, microphone, camera, memory, device information, phonebook reading and calendar permissions through “Mine - Settings - System Permissions” in the Mobile Banking App according to different mobile phone brands and models, and grant or withdraw your authorization at any time.

请您注意，您自主注销我行电子银行服务的同时，将视同您撤回了对本政策的同意，例如，您注销我行手机银行服务，将视同您撤回了对我行手机银行《隐私政策》的同意。当您撤回同意后，我行将不再处理相应的个人信息。但您撤回同意的决定，不会影响此前基于您的授权而开展的个人信息处理。
Please note that when you cancel our e-banking service independently, it will be deemed that you have withdrawn your consent to this Policy. For example, if you cancel our mobile banking service, it will be deemed that you have withdrawn your consent to the Privacy Policy for our mobile banking. Upon your withdrawal of consent, we will no longer process the relevant personal information. However, your decision to withdraw your consent will not affect our previous processing of personal information based on your authorization.

（四）用户注销中信通行证
(IV) Cancel your CITIC Pass

如您为我行中信通行证注册用户，您可以通过我行手机银行自助注销您的中信通行证。
If you have registered as a user of CITIC Pass, you may cancel your CITIC Pass through our mobile banking in a self-service manner.

1.如注销中信通行证，您可下载我行手机银行客户端，启动客户端，登录您的账号，在“我的”-“设置”中，找到“中信通行证注销”，完成登录密码、安全认证手机号或Ukey验证后，便可注销中信通行证。
1. To cancel the CITIC Pass, you can download our mobile banking client, start the client, log in to your account, find “CITIC Pass Cancellation” in “Mine” - “Settings”, and then cancel the CITIC Pass after verification of the login password, mobile phone number for security authentication or U-key.

您注销中信通行证的行为是不可逆行为，一旦您注销您的中信通行证，您的手机银行、个人网银、微信银行、门户网站等渠道会同步注销，我行将不再通过手机银行、个人网银、微信银行、门户网站等渠道收集您的个人信息，并将删除有关您中信通行证的一切信息，法律法规或监管机构对个人信息存储时间另有规定的除外。
Your cancellation of CITIC Pass is irreversible. Once you cancel your CITIC Pass, your mobile banking, personal online banking, WeChat banking, portal website and other channels will be canceled synchronously. We will no longer collect your personal information through channels such as mobile banking, personal online banking, WeChat banking and portal website, and will delete all your information in connection with CITIC Pass, except for the personal information with storage time otherwise stipulated by laws and regulations or regulatory agencies.

2.如您只是暂时停用手机银行/个人网银，您可选择暂停或关闭手机银行/个人网银渠道，暂停或关闭手机银行和个人网银后不会删除您的中信通行证相关信息。
2. If you only temporarily stop using mobile banking/personal online banking, you may choose to suspend or close the mobile banking/personal online banking channel. After suspending or closing mobile banking and personal online banking, your information in connection with CITIC Pass will not be deleted.

请您注意，我行中信通行证注册用户在仅删除移动设备中手机银行客户端App时，我行不会注销您的中信通行证，有关您中信通行证的一切信息不会删除。如您需要注销您的中信通行证的，仍需按照上述步骤进行注销。注销中信通行证不会自动注销您的快捷支付绑定，您可以在一键绑卡栏目或者第三方支付机构主动解除绑定。
Please note that when a registered user of CITIC Pass only deletes the mobile banking App on his mobile device, we will not cancel his CITIC Pass, and all the information in connection with his CITIC Pass will not be deleted. If you need to cancel your CITIC Pass, you still need to go through the above procedures for cancellation. Cancellation of CITIC Pass will not automatically cancel your quick payment binding. You may unbind it in the one-click card binding field or the third-party payment institution.

（五）获取您的个人信息副本
(V) Obtaining a copy of your personal information

您有权获取您的个人信息类型副本。您可以通过手机银行搜索“我的证明”获取您的存款、资产、交易流水等个人信息证明，如您有其他明确个人信息获取需求也可前往网点咨询，以获取您确认的中信银行个人信息副本。
You have the right to obtain a copy of your personal information. You can obtain proof of your deposits, assets, transaction statements and other personal information by searching for “My Proof” through mobile banking. If you have other clear needs for obtaining personal information, you can also consult at any branch of China CITIC Bank with your identity documents. Our branch will assist you in obtaining a copy of your personal information collected by China CITIC Bank with your authorization.

（六）响应您的请求
(VI) Respond to your request

如果您无法通过上述方式访问、更正或删除您的用户信息，或您需要访问、更正或删除您在使用我行服务或功能时所产生的其他个人信息，或您要求我行对个人信息处理规则进行解释说明，或您认为我行存在任何违反法律法规或与您关于个人信息处理的约定，您均可通过本政策中的联系方式与我行取得联系，我们将为您提供人工处理。为了保障安全，需人工处理的，会在15个工作日承诺时限内完成核查和处理。对于您合理的请求，我行原则上不收取费用，但对多次重复、超出合理限度的请求，我行将视情况收取一定成本费用。对于非法、违规、无正当理由、可能无端重复、需要过多技术手段（例如，需要开发新系统或从根本上改变现行惯例）、给他人合法权益带来风险或者非常不切实际的请求，我行可能会将予以拒绝。
If you cannot access, correct or delete your user information through the above methods, or you need to access, correct or delete other user information generated during your use of our services or functions, or you think that we have violated any laws and regulations or the agreement with you on the collection or use of user information, you can contact us through the contact information stated herein for manual operation. To ensure safety, if manual operation is required, the verification and processing will be completed within the committed time limit of 15 working days. In principle, we will not charge for your reasonable request, but a certain cost will be charged for repeated requests that exceed the reasonable limit as appropriate. We may refuse those requests that are illegal, irregular, unjustifiable, may be unreasonably repeated, require excessive technical means (for example, the need to develop new systems or fundamentally change existing practices), pose a risk to the legitimate rights and interests of others, or are very impractical.

尽管有上述约定，但按照法律、法规要求，如涉及以下情形我行将可能无法响应您的请求：
Notwithstanding the foregoing, in accordance with laws and regulations, we may not be able to respond to your requests in the following circumstances:

1.与我行履行法律法规、监管规定的义务相关的；
1. Where it relates to the performance of our obligations under laws, regulations and regulatory requirements;

2.与国家安全、国防安全相关的；
2. Where it relates to national security and national defense security;

3.与公共安全、公共卫生、重大公共利益相关的；
3. Where it relates to public safety, public health and major public interests;

4.与刑事侦查、起诉、审判和判决执行等司法或行政执法相关的；
4. Where it relates to judicial or administrative law enforcement, such as criminal investigation, prosecution, trial and enforcement of judgment;

5.有充分证据表明您存在主观恶意或滥用权利的；
5. Where we have sufficient proof that you have subjective malice or abuse of rights;

6. 出于维护您或其他个人的生命、财产等重大合法权益但又很难得到其本人授权同意的；
6. Where it is necessary to protect your or other individual’s life, property and other material lawful rights and interests, but it is difficult to obtain your consent;

7.响应您的请求将导致您或其他个人、组织的合法权益受到严重损害的；
7. Where responding to your request will cause material damage to the lawful rights and interests of you, or other individuals or organizations;

8.涉及我行商业秘密的；
8. Where it relates to our trade secrets;

9.法律、法规及监管要求规定的其他情形。
9. Other situations stipulated by laws, regulations and regulatory requirements.

六、我行如何处理未成年人信息
VI. How we process the personal information of minors

未成年人使用我行服务，必须在其父母或者其他监护人的监护下进行。我行将根据国家相关法律法规的规定保护未成年人信息的保密性及安全性。
Minors must use our services under the supervision of their parents or other guardians. We will protect the confidentiality and security of minors’ information in accordance with applicable national laws and regulations.

如您为未成年人，请您的父母或监护人阅读本政策，并在征得您父母或监护人同意的前提下使用我行电子银行服务或向我行提供您的信息。对于经父母或监护人同意而收集您的信息的情况，我行只会在受到法律允许、父母或监护人明确同意或依法保护您权益所必要的情况下处理此信息。如您的父母或监护人不同意您按照本政策使用我行服务或向我行提供信息，请您立即终止使用我行服务并及时通知我行，以便我行采取相应的措施。
If you are a minor, please ask your parent or guardian to read this Policy, and use our e-banking service or provide us with your information after obtaining the consent of your parent or guardian. In case your personal information is collected with the consent of your parent or guardian, we will only process such information if it is permitted by law, explicit consent of your parent or guardian is obtained, or it is necessary to protect your rights. If your parents or guardians do not consent to your use of our services or your provision of information to us in accordance with this Policy, please immediately stop using our services and promptly notify us so that we can take appropriate measures.

如果我行发现在未事先获得未成年人的父母或其他监护人同意的情况下收集了未成年人的个人信息，会尽快删除相关数据。
If we discover that the personal information of minors has been collected without the prior consent of their parents or other guardians, we will try to delete the relevant data as soon as possible.

如您为未成年人的父母或监护人，当您对您所监护的未成年人的信息处理存在疑问时，请通过下文中的联系方式联系我行。
If you are a parent or guardian of a minor, please contact us at the contact details below if you have questions regarding the processing of information about the minor under your guardianship.

如您为14周岁以下的儿童，请在征得您父母或监护人同意的前提下使用我行电子银行服务或向我行提供您的信息。对于经父母或监护人同意而使用您的信息的情况，我行除遵守本协议关于用户个人信息的约定外，还会秉持正当必要、知情同意、目的明确、安全保障、依法利用的原则，严格遵循《儿童个人信息网络保护规定》等法律法规的要求进行存储、使用、披露，且不会超过实现收集、使用目的所必须的期限，到期后我们会对儿童个人信息进行删除或匿名化处理。如您的父母或监护人不同意您按照本政策使用我行服务或向我行提供信息，请您立即终止使用我行服务并及时通知我行，以便我行采取相应的措施。
If you are a child under the age of 14, please use our e-banking service or provide us with your information after obtaining the consent of your parent or guardian. In case where we use your information with the consent of your parent or guardian, in addition to complying with the stipulations of this Policy on users’ personal information, we will uphold the principles of justification and necessity, informed consent, clear purpose, security and legal use. We will store, use, and disclose such information by strictly abiding by requirements of the Provisions on Online Protection of Children’s Personal Information and other laws and regulations within the period necessary to achieve the purpose of collection and use, and delete or anonymize the personal information of children when the period ends. If your parents or guardians do not consent to your use of our services or your provision of information to us in accordance with this Policy, please immediately stop using our services and promptly notify us so that we can take appropriate measures.

七、本政策的适用及更新
VII. Application and update of this Policy

我行的电子银行服务均适用本政策，除非相关服务已有独立的隐私政策或相应的用户服务协议当中存在其它的特殊约定。
This Policy applies to all our e-banking services unless there is a separate privacy policy for the relevant services or there are other special provisions in the corresponding user service agreement.

发生下列重大变化情形时，我行会适时对本政策进行更新：
In case of any of the following material changes, we will update this Policy in good time:

1.我们的服务模式发生重大变更。如处理个人信息的目的、处理的个人信息类型、个人信息的使用方式等。
1. Material changes in our service modes, such as the purpose of processing personal information, the type of personal information we process, and the way we use personal information; 

2.我们所有权结构、组织架构等方面发生重大变化。如业务调整、破产并购等引起的所有者变更等。
2. Major changes in ownership structure, organizational structure, and other aspects, such as changes in ownership caused by business adjustments, bankruptcy, mergers and acquisitions; 

3.个人信息共享、转让或公开披露的主要对象发生变化。
3. Changes of the main subjects to which the sharing, transfer or public disclosure of personal information is made;

4.您参与个人信息处理方面的权利及其行使方式发生重大变化。
4. Material changes in your rights to participate in the processing of personal information or the way such rights may be exercised;

5.我们负责处理个人信息安全的责任部门、联络方式及投诉渠道发生变化时。
5. Changes in our department responsible for the security of personal information or its contact information or complaint channel;

6.个人信息安全影响评估报告表明存在高风险时。
6. High risks as indicated in a personal information security impact assessment report.

7.其他可能对您的个人信息权益产生重大影响的变化。
7. Other changes that may have a significant impact on your personal information rights.

根据国家法律法规变化及服务运营需要，我行将对本政策及相关规则不时地进行更新。如果发生业务功能变更、个人信息出境情况变更或使用目的变更等情形时，本政策会进行相应修订，届时我行将以App、小程序弹窗提醒或者在我行官方网站发布公告的方式来通知您。如您不同意修改后的隐私政策，您有权并应立即停止使用我行产品和服务。如果您勾选同意修改后的隐私政策并继续使用我行产品和服务，则视为您接受我行对本政策相关条款所做的修订。
In line with the changes in Chinese laws and regulations and the needs of our service operation, we will update this Policy and related rules from time to time. In the event of any changes in business functions, cross-border transfer of personal information, or purpose of use, this Policy will be revised accordingly, and we will inform you through pop-up windows in the App or applet, or an announcement on our official website. If you do not agree to the revised Privacy Policy, you have the right to and should stop using our products and services immediately. If you tick the box to agree to the revised Privacy Policy and continue to use our products and services, you are deemed to have accepted our revisions to the relevant terms hereof.

八、本政策的语言
VIII. Language of this Policy

本政策为中英文版本，英文内容仅供参考，若本政策的中英文条款存在不一致的，均应以中文或中文含义为准
This policy is available in both Chinese and English versions. The English content is provided for reference purposes only. In the event of any discrepancies between the Chinese and English versions of this policy, the Chinese version or the intended meaning in Chinese shall prevail.

九、如何联系我行
Ⅸ. How to contact us

您如果对本政策内容有任何疑问，对个人信息保护方面有任何疑问或任何相关的投诉、意见可联系客服“95558”、登录我行官方网站（WWW.CITICBANK.COM）、中信银行App、或至中信银行各营业网点咨询或反馈。
If you have any questions about the content of this Policy and the protection of personal information, or any related complaints or comments, you can contact Customer Service at 95558, log in to our official website (WWW.CITICBANK.COM), China CITIC Bank App, or consult or give feedback at any branch of China CITIC Bank.

如涉及第三方服务问题，您可以通过第三方提供的服务页面上标注的三方服务热线进行反馈或拨打“95558”获取第三方联系方式。
If the issue involves third-party services, you can provide feedback through the third-party service hotline indicated on the third-party service page or call the "95558" hotline for third-party contact information.

如果您对个人信息保护方面有任何疑问，您可以通过手机银行“全部服务-我的-意见反馈”，或直接通过手机银行搜索“意见反馈”进入“个人信息保护问题反馈”模块与我们取得联系。
If you have any questions about personal information protection, you can contact us via the "All Services - Mine - Feedback" section in the mobile banking app, or directly search for "Feedback" in the app to enter the "Personal Information Protection Feedback" module.

我行成立了消费者权益保护办公室，并建立了客户投诉管理机制，受理您的问题后，我行会及时、妥善处理 。一般情况下，会在15个工作日承诺时限内受理并处理。如果您认为您的合法权益受到损害，您可以向网信、电信、公安及市场监管等监管部门进行投诉或举报，您还可以通过向被告住所地有管辖权的法院提起诉讼来寻求解决。
We have established a Consumer Protection Office and a customer complaint management mechanism. We will solve your problem in a timely and proper manner after acceptance. In general, your problem will be accepted and solved within the committed time limit of 15 working days. If you think that your legitimate rights and interests have been harmed, you can file a complaint or report to the Internet information, telecommunications, public security, market supervision and other regulatory authorities, or seek resolution by filing a lawsuit with the court having jurisdiction in the place where the defendant resides.

请您在勾选/选择“同意”之前仔细阅读本政策，确保对本内容的含义及相应法律后果已全部知晓并充分理解。您勾选/选择“同意”并确认提交即视为您接受本政策，我行将按照相关法律法规及本政策来合法使用和保护您的个人信息。
Please read this Policy carefully before ticking /choosing “Agree” to make sure that you are fully aware of and fully understand the meaning and the corresponding legal consequences of this Policy. If you tick/choose “Agree” and submit it, you are deemed to accept this Policy, and we will legally use and protect your personal information in accordance with relevant laws and regulations and this Policy.

十、附录
X. Appendix

本政策中涉及的专用术语和关键词有：
Special terms and keywords mentioned herein include:

1.个人信息是指以电子或其他方式记录的与已识别或者可识别的自然人有关的各种信息，不包括匿名化处理后的信息。 例如，姓名、出生日期、身份证件号码、个人生物识别信息、通信通讯联系方式、住址、通信记录和内容、账号密码、财产信息、行踪轨迹、征信信息、交易信息等。
1. Personal information refers to various information of identified or identifiable natural persons recorded electronically or in other ways, excluding anonymized information, such as the name, date of birth, ID number, personal biometric information, contact information, address, history and contents of communication, account number and password, property information, whereabouts, credit information and transaction information.

2.敏感个人信息指一旦泄露或者非法使用，容易导致自然人的人格尊严受到侵害或者人身、财产安全受到危害的个人信息，包括生物识别、宗教信仰、特定身份、医疗健康、金融账户、行踪轨迹等信息，以及不满十四周岁未成年人的个人信息。
2. Sensitive personal information refers to personal information that, once leaked or illegally misused, may infringe upon individuals' dignity or endanger their personal or property safety, such as biometric information, religious beliefs, specific identity details, medical and health information, financial account information, travel trajectories, and personal information about minors under the age of fourteen.

3.匿名化，是指个人信息经过处理无法识别特定自然人且不能复原的过程。
3. Anonymization is a process by which personal information is processed in such a manner that a specific individual cannot be identified, and the processed information cannot be de-anonymized.

4.去标识化，是指个人信息经过处理，使其在不借助额外信息的情况下，无法识别特定自然人的过程。
4. De-identification is a process by which personal information is processed in such a manner that a specific individual cannot be identified without the help of additional information.

5.个性化展示，指基于特定个人信息主体的网络浏览历史、兴趣爱好、消费记录和习惯等个人信息，向该个人信息主体展示信息内容、提供商品或服务的搜索结果等活动。
5. Personalized display refers to an activity of displaying information or providing search results for products or services to specific personal information subjects based on their web browsing history, preferences, consumption records and habits.

*The English version were translated based on the Simplified Chinese version. In case of any discrepancies among the versions, the Simplified Chinese version shall prevail.