Bank of China Limited "BOC Compass" APP Privacy Policy
Last Updated: August 21, 2024
Effective Date: August 21, 2024
Bank of China Limited (hereinafter referred to as "we" or "our bank") recognizes the importance of your personal information and is committed to safeguarding its security. We are dedicated to maintaining your trust in us and adhere to the following principles to protect your personal information: the principle of accountability, the principle of clear purpose, the principle of choice and consent, the principle of necessity, the principle of security assurance, and the principle of transparency, among others. Additionally, we pledge to implement appropriate security measures in accordance with the law to protect your personal information.
Bank of China Limited "BOC Compass" is a mobile application developed by our bank. The Bank of China Limited "BOC Compass" APP Privacy Policy (hereinafter referred to as the "Privacy Policy") is designed to help you understand the following:
I. How We Collect and Use Your Personal Information
II. How We Use Cookies and Similar Technologies
III. How We Share, Transfer, and Disclose Your Personal Information
IV. How We Store and Protect Your Personal Information
V. How We Enable You to Exercise Your Rights over Your Personal Information
VI. Explanation of Responsibilities Regarding Third Parties
VII. How We Handle Information about Minors
VIII. Application and Updates of This Policy
IX. How to contact us
Personal information refers to any information recorded electronically or by other means that relates to an identified or identifiable natural person, excluding anonymized information. Personal information includes name, date of birth, identification information (e.g., ID card, passport), personal biometric data, contact information, address, account details, financial status, location data, etc.
Sensitive personal information refers to personal data that if leaked or misused, could compromise a natural person's dignity, or endanger their personal or financial safety. This includes biometric data, religious beliefs, specific identity information, medical and health records, financial account details, tracking and location data, as well as the personal information of minors under the age of fourteen.
(I) How personal information is collected
To provide you with BOC Compass services and ensure the security of your account and services, our bank will collect information that you actively provide or that is generated during your use of the services. Please note that your consent to this Privacy Policy does not imply that all personal information listed in this policy will be collected at once. Rather, necessary personal information will be collected only when you use specific service functions.
1. When you register and activate the BOC Compass APP, you will need to provide an email address or phone number as your login ID, verify its validity through an email or phone verification code, and set a user password within the APP. In addition, according to laws, regulations, and regulatory requirements, our bank will also collect your network information (device network status), device information (Android ID, iOS UUID), and device system country/region information to assist you in completing the APP registration. If you choose not to provide this information, you may not be able to register and activate the APP or may be unable to use certain services within the APP.
2. When you use the functions or services of the BOC Compass APP, you may need to provide or authorize our bank to collect the necessary user information required for certain services. The information collected for each product or service will be displayed and communicated to you on the page as you enter it. If you choose not to provide the information required for certain functions or services, you may be unable to use those specific functions or services; however, this will not affect your ability to use other functions or services within the APP.
(1) When you log in to the BOC Compass APP, our bank will verify the validity of your login email or phone number and password. We will also collect device information (Android ID, iOS UUID) for hardware binding and enhanced login security. If you do not provide this information, you will be unable to log in, but it will not affect your ability to use the functions or services that are available without logging in.
(2) When you change your login password, we will need to verify your current password and require you to set a new password. If you do not provide this information, you will not be able to complete the password change, but this will not affect your normal use of other features in the APP.
(3) When you reset your login password, we will need to verify your identity, including your login email or phone number, email or phone verification code, and country/region. If you do not provide this information, you will be unable to reset your password, but this will not affect your normal use of other features in the APP.
(4) When logging into your account on a new device, our bank will need to verify your identity, including your login email or phone number, and email or phone verification code. If you do not provide this information, you will not be able to complete the new device verification, but this will not affect your use of the APP on your old device.
(5) When you use services such as map navigation, financial service point inquiries, account opening appointments, flight or train tickets, hotel bookings, attraction ticket reservations, and SIM card services, our bank may collect your geographic location information to provide relevant services for your area. If you choose not to provide this information, it may impact your experience using these functions but will not affect your normal use of other features in the APP.
(6) When you make an account opening appointment, our bank will collect your phone number/email address, name, gender, date of birth, country/region (nationality), address information, ID type, ID number, ID expiration date, visa type, visa date, occupation, industry type, employer name, income information, reason for opening the account, expected monthly transaction volume, main countries or regions involved in overseas transactions, ID/visa image information, etc. Please refer to the "Account Opening Reservation Agreement" for details. This information contains sensitive data and is collected for the purpose of account opening and anti-money laundering review. If you need to supplement materials online, our bank may collect additional information such as your wealth and income sources, employment or school certificates, income certificates, residence certificates, expected cross-border transaction counterparts, expected number of monthly cash transactions, and converted RMB amount. Please refer to the "Account Opening Appointment Agreement" for details. Our bank may also collect your geographic location information to provide corresponding services at your location. If you choose not to provide this information, you will not be able to use these functions, but it will not affect your normal use of other features of the APP.
(7) When you use services such as booking SIM cards, flight tickets, train tickets, hotel reservations, and attraction tickets provided by third parties, you may need to provide real-name information according to national laws, regulations, or the requirements of the service provider (such as ticket sellers, hotels, travel agencies and their authorized agents, telecom operators, mobile resale operators, etc.). This real-name information may include your identity information (document type (Mainland Travel Permit for Hong Kong and Macao Residents, Residence Permit for Hong Kong, Macao, and Taiwan Residents, Residence Permit for Hong Kong, Macao and Taiwan Residents, passport, Foreign Permanent Resident Identity Card, Taiwan Compatriot Permit, ID card), document number, document validity date, name, gender, nationality, date of birth), financial account information (bank card number, CVV/CVC security code), phone number, and email address. These orders may contain your itinerary and address information. You agree that third-party merchants, delivery companies, and after-sales services may use your order information to provide you with goods or services. Our bank assumes no responsibility for any disputes arising from the collection and processing of your personal information by third-party platforms.
(8) When you use the in-app message push service, our bank will, with your consent, collect your email address, phone number, and device information to send you timely service notifications. If you choose not to provide this information, you will be unable to use these notifications and messaging services, but this will not affect your normal use of other features in the APP.
(9) When you use the homepage weather service, our bank may collect your geographic location information to provide you with the relevant weather information for your area. If you choose not to provide this information, it may impact your experience using these functions but will not affect your normal use of other features in the APP.
3. When using the BOC Compass APP, in order to ensure the normal operation of services and the security of your transactions, we will collect your location information and device information (including IMEI, device manufacturer, network provider, MAC address, device product name, and network connection method) through the Bank of China's information collection SDK. Among this data, location information is classified as personal sensitive information. This basic information is necessary for us to provide you with our services and to ensure that you can use them safely and effectively.
4. To provide you with better products and services, we may need to collect the following information. Refusal to provide this information will not affect your normal use of the basic functions of the BOC Compass APP, but we may be unable to offer certain specific extended features and services.
(1) Search function
When you use the search service provided by the BOC Compass APP, our bank will collect your search keywords. If the search keywords cannot identify your personal identity, this information does not fall under your user information, and our bank may use it for other purposes. However, if the search keywords alone or in combination with other information can identify your personal identity, our bank will treat your search keywords as user information during the period of combination and will protect it accordingly.
(2) Our bank will also collect information about the categories of functions or services you use, as well as your operational behavior such as startup, login, logout, click, and browsing actions, along with device information, operating system information, and location information. This data is collected for statistical analysis and to optimize and improve functional services.
5. When you are redirected through the BOC Compass APP to a third-party page to use third-party services, in order to ensure that you can use the services and benefits provided by the third party normally, the third party may obtain your name, gender, document type, document number, phone number, and location information, the latter of which is considered personal sensitive information. This will only occur after obtaining your explicit consent. For any information you voluntarily provide to the third party after redirecting to their service, such as manually entering information, allowing the phone camera to be accessed to take photos, or granting permission to access location information, our bank will regard this as your authorization for the third party to obtain such information. Regarding any information generated while using the third-party service, you and the third party are responsible for agreeing on the lawful collection and usage of such information. When you are redirected from the BOC Compass APP to a third-party service, the BOC Compass APP will notify you via a pop-up notification. You can view the authorized services, authorization time, and authorized personal information in the APP under "Account - System Settings - Third-Party Service Authorization Management". You also have the option to revoke authorization through this feature. If you refuse the third party's collection, use, or transmission of the aforementioned information during service provision, this may prevent you from using the corresponding third-party services within the BOC Compass APP, though it will not affect your access to other features of the APP. Our bank does not assume responsibility for any disputes arising from the third-party platform's collection and processing of your personal information.
6. You can choose whether to authorize our bank to use your personal information or permissions for the following functions:
(1) Location Information Permission: Used to obtain your location information for account opening appointments, map navigation, financial service point inquiries, life service merchant display, SIM card services, and financial information functions. If you choose not to enable this permission, you may need to manually set the location information for these functions.
(2) Camera Permission: Used for setting profile pictures, uploading images, identifying document information through photos, and image translation functions. If you choose not to enable this permission, you will be unable to use certain functions related to real-time photography or image uploads, but this will not affect your use of other features of the APP.
(3) Mobile Device Permission: Used to obtain device identification information for login, device binding, phone number/email address verification, message push, and risk control.
(4) Notification Permission: Used for push notifications, including account opening appointment reminders, system announcements, and marketing notifications.
(5) Make Calls: Used for the one-click dialing feature in the app. If you choose not to enable this permission, you will be unable to use the one-click dialing feature.
(6) Network Permission: Used to communicate with the server.
(7) Siri: Used for Siri activation.
(8) Storage/Photo Album (Photo) Permission: Used to read or cache text, images, or videos needed during your use of the BOC Compass APP. The functions involved include image uploads, document identification through photos, image translation, and poster saving for article sharing. If you choose not to enable this permission, some of the related functions may not work properly, but this will not affect your use of other features of the APP.
(9) Microphone Permission: Used to access the audio content needed during your use of the BOC Compass APP. The feature involved is voice translation. If you choose not to enable this permission, some of the related functions may not work properly, but this will not affect your use of other features of the APP.
(10) Application List: Used to invoke other apps on your device to help you complete services such as navigation, message notifications, and sharing and forwarding. The functions involved include recommending the app to friends and sharing articles.
(11) Clipboard: Used for sharing password recognition.
(12) Application Auto-Start (Android): Used for the desktop widget function of the BOC Compass APP on Android devices. If you disable the app's auto-start feature, the related services may not function properly, but this will not affect your use of other services provided by the APP.
The aforementioned functions may require you to enable permissions for location information, camera, photo album, notifications, make calls, network, storage/photos, etc., on your device so that our bank can collect and use the information involved in these functions. Please note that enabling these permissions means you are authorizing our bank to collect and use this information to fulfill the aforementioned functions. If you revoke these authorizations, our bank will no longer continue collecting or using your information and will be unable to provide the functions corresponding to those authorizations.
7. During the process of providing services to you, we may use software development kits (SDKs) provided by third-party service providers with the necessary business qualifications and capabilities to deliver services. These third-party service providers may collect the necessary information from you. If you do not provide the required information, you will not be able to use such services. You can check the detailed content of the SDKs in the appendix to this Privacy Policy.
(II) How personal information is used
1. To use your information when providing you with the aforementioned products and services related to our bank's "BOC Compass" APP, which you have authorized us to use, and improving these products or services.
2. During the period when our bank provides services to you, you authorize our bank to collect and use your information. You can choose whether to agree to the collection and use of your information before using the service. Upon service cancellation, we will stop collecting and proactively delete your relevant personal information within the BOC Compass APP. If the retention period required by law or administrative regulations has not yet expired, we will cease processing your information except for storage and necessary security measures. However, our bank will continue to use previously collected personal information in areas such as business documentation, auditing, regulatory cooperation, and compliance with anti-money laundering and sanction regulations.
3. To enhance your product or service experience, or mitigate risks, our bank may aggregate, statistically analyze, and process service usage data. This data will not contain any personally identifiable information.
4. To keep you informed about the use of our products or services or help you better understand our services, our bank may send you notifications regarding service status and commercial information related to relevant products or services.
5. Other purposes for which you have authorized consent and that are legally permitted.
(III) Exceptions to obtaining authorized consent
According to relevant laws, regulations, regulatory requirements, and national standards, our bank may collect and use your personal information without separately obtaining your authorized consent in the following situations:
1. When directly related to national security or defense security;
2. When directly related to public safety, public health, or significant public interest;
3. When directly related to criminal investigation, prosecution, trial, or judgment enforcement;
4. When necessary for safeguarding major legitimate rights and interests of you or other individuals such as life and property when it is difficult to obtain your consent;
5. When the personal information has been publicly disclosed by you;
6. When personal information is collected from legally publicly disclosed sources, such as legitimate news reports or government information disclosures;
7. When necessary for signing and performing a contract at your request;
8. When necessary for maintaining the safe and stable operation of the provided products or services, such as detecting and resolving malfunctions;
9. For public interest purposes, such as implementing news reports and public opinion supervision;
10. When necessary for conducting statistics or academic research in the public interest, with de-identification of personal information when providing research results or descriptions externally;
11. To fulfill anti-money laundering and sanctions compliance obligations;
12. Other circumstances stipulated by laws, regulations, and regulatory requirements.
II. How We Use Cookies and Similar Technologies
(I) Cookies
To ensure the normal operation of our services, our bank stores small data files called Cookies on your computer or mobile device. Cookies typically contain identifiers, site names, and some numbers and characters. With Cookies, websites can store your preference data. Our bank will only use Cookies for the purposes described in this policy. You can manage or delete Cookies according to your preferences. You may clear all Cookies saved on your computer, and most web browsers offer functionality to block Cookies. However, if you do so, you will need to adjust your user settings each time you visit our bank's website.
(II) Do Not Track
Many web browsers have a Do Not Track (DNT) feature that can send Do Not Track requests to websites. Currently, major Internet standards organizations have not established policies specifying how websites should respond to such requests. However, if you enable Do Not Track in your browser, all of our bank's websites will respect your choice.
III. How We Share, Transfer, and Disclose Your Personal Information
(I) Sharing and transfer
1. Unless we obtain your separate explicit consent or authorization, our bank will not share or transfer your personal information to any other company, organization, or individual.
2. If it is necessary for business purposes to share your personal information externally, our bank will inform you of the purpose of sharing, the name or identity of the data recipient, contact information, processing purposes, processing methods, and types of personal information involved. We will obtain your separate authorization outside of this Privacy Policy. For sensitive information, we will also provide details about the types of sensitive personal information, the identity and data security capabilities of the recipient, the necessity of processing this information, and the impact on your personal rights. We will obtain explicit authorized consent separately outside of this Privacy Policy.
3. Please understand that our bank may share your personal information externally in accordance with laws and regulations, mandatory requests from government authorities, or to fulfill anti-money laundering and sanctions compliance obligations.
4. According to laws and regulations and business practices, in transactions such as mergers, acquisitions, and asset transfers involving personal information, our bank will require the new holder of your personal information to continue to adhere to this Privacy Policy. Otherwise, we will require the new holder to seek your authorized consent again.
5. Your personal information may be shared within our bank and its subsidiaries. This sharing will only occur with your separate authorized consent and is subject to the purposes outlined in this policy. Any changes in the purpose or method of processing personal information will require new authorization. The scope of shared personal information will depend on specific business needs. For example, when submitting statistical information to financial regulatory authorities, your personal identity and account information may be shared within our bank's business institutions and subsidiaries.
6. To provide you with more comprehensive and high-quality products and services, some services may be provided by our partners. We may share certain personal information with our partners to enhance customer service and user experience. Specific details about shared information can be found on separate authorization pages for each function. Sharing will only occur for legitimate, proper, necessary, specific, and clear purposes with your separate authorization and consent. We will share only the information necessary to provide the service. We will sign strict confidentiality agreements with our partners, requiring them to handle your personal information according to the agreed purposes, duration, processing methods, types of information, and other relevant confidentiality and security measures. Our partners will not be allowed to use the shared personal information for any other purposes. If you refuse to allow our partners to share your personal information necessary for providing the service, which has been collected by us, it may result in your inability to use that service with us.
(1) Third-Party Life Services: Usage scenarios include third-party services within the BOC Compass APP, such as map navigation, translation, and SIM card reservation. Our bank may provide your personal information, including your location information, phone number, and email address, to designated life services providers according to your instructions or with your consent. You can review the names of the authorized partners, authorization time, details of the authorized information, and their contact information in "Account - System Settings - Third-Party Service Authorization Management", and you can revoke authorization there.
7. Notice on third parties collecting your information
The BOC Compass APP includes third-party products and services. To use these products and services, you will need to navigate from the APP to the respective third-party pages. These products and services will be governed by the third parties' terms of service and privacy policies (not this policy), so you should carefully review their terms and decide whether to accept them. The responsibility for protecting personal information that you voluntarily provide to third-party merchants through third-party service pages rests with the merchants. If disputes arise due to the third party's use of your information, or if the third-party services violate relevant laws, regulations, or agreements, or if you experience losses while using third-party services, the third party will be responsible. Our bank will provide necessary assistance but will not be liable for any disputes arising from the third party's collection and use of your personal information.
Our bank will not publicly disclose your personal information. If disclosure is necessary, we will seek your explicit consent separately from this Privacy Policy and inform you of the purpose, type, method, duration of the disclosure, and other matters required by laws, regulations, and regulatory requirements. For sensitive personal information, in addition to the above, we will also inform you of the necessity of processing sensitive personal information and its impact on your personal rights, and will obtain your explicit consent in advance, unless otherwise provided by laws and regulations.
(III) Exceptions to obtaining authorized consent
According to laws, regulations, regulatory requirements, and national standards, we may share, transfer, or publicly disclose user information without obtaining your prior authorized consent in the following situations:
1. When directly related to national security or defense security;
2. When directly related to public safety, public health, or significant public interest;
3. When directly related to criminal investigation, prosecution, trial, or judgment enforcement;
4. When necessary to protect your or other individuals' life, property, reputation, or other significant legitimate rights and interests, but it is difficult to obtain consent;
5. When you have voluntarily disclosed your personal information to the public;
6. Sharing externally to fulfill anti-money laundering and sanctions compliance obligations;
7. When user information is collected from legally publicly disclosed information, such as legitimate news reports or government information disclosures.
IV. How We Store and Protect Your Personal Information
(I) Storage
1. In principle, personal information collected and generated within the People's Republic of China will be stored within the People's Republic of China.
2. Our bank will retain your personal information only for the period required by laws and regulations, to fulfill anti-money laundering and sanctions compliance obligations, and for the necessary period to achieve the purposes stated in this policy. For example, identity information related to financial transactions such as account opening appointments and transaction data will be retained for at least 5 years. After the data retention period expires, our bank will delete or anonymize your information. Exceptions apply where retention is required to fulfill our bank's compliance obligations according to laws, regulations, and regulatory requirements. For example:
Phone Number/Email Address: When you successfully register for the BOC Compass APP, our bank needs to retain your phone number/email address to ensure you can use the related services normally. When you cancel your BOC Compass APP account, our bank will delete the corresponding information.
User Avatar: Once you set an avatar, our bank will retain your avatar for display on the login page. After you cancel your BOC Compass APP account, our bank will delete the corresponding information.
(II) Protection
1. Our bank uses security measures that comply with industry standards to protect your personal information from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonable and feasible measures to protect your personal information. For example: our bank will use encryption technology to ensure data confidentiality. We will use trusted protection mechanisms to prevent malicious attacks on data. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information.
We will provide training courses on security and privacy protection to enhance employees' awareness of the importance of protecting personal information.
2. If all or part of the BOC Compass APP services provided by our bank cease operation, we will inform you through APP pop-up announcements, message push, and other forms. At the same time, we will stop collecting your personal information related to the relevant products or services to protect your personal information. In case of a partial or complete interruption of BOC Compass APP services due to technical failure, cyber attack, natural disaster, accident, or human factors, our bank will take emergency response and recovery measures to address the situation and restore services as soon as possible.
3. Please understand that due to technical limitations and potential malicious attacks, incidents that our bank cannot reasonably foresee, prevent, avoid, or control may occur. The Internet is not an absolutely secure environment; please use a complex password to help our bank ensure the security of your account.
4. In the event of a personal information security incident, our bank will promptly inform you of the relevant situation via email, letter, phone, push notifications, or other reasonable and effective means, in accordance with laws and regulations. Additionally, our bank will report the handling of the personal information security incident in accordance with regulatory provisions.
In accordance with the relevant laws and regulations of the People's Republic of China and regulatory provisions, our bank ensures that you can exercise the following rights regarding your personal information:
You have the right to access, correct, and update your personal information through our bank's BOC Compass APP, except as otherwise provided by laws and regulations. You are responsible for promptly updating your personal information. Before you modify your personal information, our bank will verify your identity.
1. You can click on the profile picture on the "Account" page or modify your profile picture online through "Account - System Settings - My Account".
2. You can log in to your account through "Account - System Settings - My Account"; and modify your login password through "Account - System Settings".
3. You have the right to obtain a copy of your personal information. You can view and copy your BOC Compass account information through "Account - System Settings - My Account".
(II) Delete your personal information
In the following situations, you can request our bank to delete your personal information:
1. If our bank's processing of personal information violates laws and regulations;
2. If our bank collects and uses your personal information without obtaining your consent;
3. If our bank's processing of personal information violates the agreement with you;
4. If you no longer use our bank's products or services, or you have canceled your account;
5. If our bank no longer provides products or services to you;
6. If you withdraw your consent to this Privacy Policy.
If our bank decides to respond to your deletion request, we will also notify the entities that have obtained your personal information from our bank, requesting them to delete it promptly, unless otherwise stipulated by laws and regulations, or these entities have obtained your independent authorization. After you delete information from our services, we may not immediately delete the corresponding information from the backup system but will delete it during the backup update.
Some functions require basic personal information to be completed. For the collection and use of additional personal information, you can grant or withdraw your authorized consent at any time by enabling or disabling location service permissions, call permissions, etc., depending on the brand and model of your phone.
You can independently cancel the BOC Compass APP through "Account - System Settings - My Account - Cancel Account". When you cancel the service, it will be deemed that you have withdrawn your consent to the APP's Privacy Policy. Once you withdraw your consent, our bank will no longer process the corresponding personal information. However, your decision to withdraw consent will not affect the personal information processing that was carried out based on your previous authorization.
(IV) Account cancellation by personal information subject
If you are already a registered user of the APP, you can independently cancel your account. Log in to the APP, go to "Account - System Settings - My Account - Account Cancellation", and follow the instructions to complete the cancellation process.
The act of canceling the BOC Compass APP account is irreversible. Once canceled, we will no longer collect your personal information through the BOC Compass APP client and will delete your relevant information in the APP (except where laws and regulations or regulatory agencies have different provisions on the storage time of personal information). If you are not a registered user of the APP, you can independently choose to uninstall or stop using the BOC Compass APP client to prevent us from obtaining your personal information.
Please note that if you are already a registered user of the APP, simply deleting the BOC Compass APP from your mobile device will not cancel your account on the APP, and all your information on the APP will not be deleted. You need to cancel your APP account to achieve the above purpose.
To ensure the security of your personal information, when you call the Bank of China customer service hotline at 95566 or consult at various Bank of China business outlets, you may need to provide a written request or prove your identity in other ways before we process your request. If the above requests involve manual processing, our bank will handle and respond within 15 working days. Please understand that for certain unreasonable, overly technical, risky to others' legitimate rights, or highly impractical requests, our bank may refuse to comply.
Despite the above agreements, according to laws and regulations, our bank may not be able to respond to your request if it involves the following situations:
1. It is related to national security or defense security;
2. It is related to public safety, public health, and significant public interest;
3. It is related to criminal investigation, prosecution, trial, and judgment enforcement;
4. There is sufficient evidence indicating that you have acted with subjective malice or have abused your rights.
5. Responding to your request would cause serious harm to the legitimate rights and interests of you or other individuals or organizations;
6. It involves our bank's trade secrets;
7. It is necessary for complying with anti-money laundering and sanctions regulations.
(VI) Channels for personal information security complaints and reports
If you have any opinions on how our bank handles your personal information, you can reflect them and assert your rights through the contact methods specified in Article 8 of this Privacy Policy. If we refuse your request to exercise your rights, you can initiate a dispute resolution procedure according to Article 9 of this Privacy Policy. For illegal personal information processing activities, you have the right to file a complaint or report to the department responsible for personal information protection.
1. We expect parents or guardians to guide minors in using our services. Minors are not allowed to register and activate the BOC Compass APP without the consent of their guardians. Our bank will only use or provide this personal information externally when permitted by laws and regulations and regulatory requirements, or when necessary to protect minors. Our bank will protect the confidentiality and security of minors' information in accordance with the relevant national laws and regulations.
2. If you are a minor, please have your guardian read this policy. Your use of the APP signifies that you have obtained the consent of your parents or other guardians to use our bank's services or provide your personal information to our bank. For minors under 14 years old, please note that your personal information is considered sensitive personal information. Our bank will only process your personal information with the explicit authorized consent of your parents or other guardians and as legally permitted, and only when necessary to protect your rights. The specific types and rules for processing information will strictly adhere to the relevant agreements on personal information outlined in this Privacy Policy. If your guardian does not agree to your use of our bank's services or the provision of your information according to this policy, please immediately stop using our bank's services and promptly notify our bank so that we can take appropriate measures.
3. If you are the parent or other guardian of a minor, and you have questions about the processing of information for the minor you are guarding, please contact our bank through the contact information provided in this document.
1. Our bank reserves the right to update or modify this policy from time to time. This policy applies to all products and services provided by the BOC Compass APP and to all users. Without your explicit consent, our bank will not reduce the rights you are entitled to under this policy. Our bank will notify you through reasonable means such as push notifications and pop-up notifications, so that you can be promptly informed of any changes to this policy (including changes to business functions, usage purposes, and contact methods of the responsible person for personal information protection).
2. For significant changes, our bank may also provide more prominent notifications explaining the specific changes to this policy, depending on the circumstances. Significant changes include but are not limited to:
(1) Significant changes in our bank's service model and business form, such as changes in the purposes of processing personal information, types of personal information processed, and methods of using personal information;
(2) Changes in the main objects of personal information sharing, transfer, or public disclosure;
(3) Significant changes in your rights to participate in the processing of personal information and how you exercise those rights;
(4) Changes in the contact methods and complaint channels for handling personal information security by our bank;
(5) When the personal information security impact assessment report indicates high risk.
3. If you do not agree with the revised Privacy Policy, you have the right and should immediately stop using the BOC Compass APP-related products and services. If you agree with the revised Privacy Policy and continue to use or do not cancel the BOC Compass APP and services, it will be deemed that you accept the modifications our bank has made to the relevant terms of this policy.
If you have any questions, comments, or suggestions about this Privacy Policy, or if you believe that our bank's handling of personal information has infringed upon your legitimate rights and interests, you can consult or raise concerns by calling our customer service hotline at 95566 or by visiting any of our business outlets. After receiving your issue, our bank will handle it promptly and properly, and provide you with a response within 15 days. If you are not satisfied with the response, you can also apply for mediation, arbitration, or litigation with mediation organizations, arbitration units, courts, and other institutions to protect your legitimate rights and interests.
Our bank's full name: Bank of China Limited, registered address: No. 1 Fuxingmen Nei Dajie, Xicheng District, Beijing 100818, China.
Please carefully read this Privacy Policy before clicking "Agree" to ensure that you are fully aware of and understand its contents, especially the bold text and the corresponding legal consequences. By clicking "Agree", you are deemed to accept this Privacy Policy, and our bank will legally use and protect your personal information in accordance with relevant laws and regulations and this policy.
IX. Dispute Resolution
This Privacy Policy and the relationship between you and the platform are governed by the laws of the People's Republic of China (Chinese mainland). In the event of a dispute, it should be resolved through negotiation. If negotiation fails, either party may file a lawsuit with the people's court with jurisdiction over the location of the Party B's branch handling the relevant business under this Agreement. If both parties agree to resolve disputes through arbitration, a supplementary agreement shall be signed to stipulate arbitration-related matters.
Appendix A
Instructions on the Use of Third-Party SDKs by BOC Compass APP
(Android system)
In specific business scenarios, we may use third-party SDKs with the corresponding business qualifications and capabilities to provide services to you. These SDKs may collect and use your personal information, and they include:
1. BaiduLBS, libBaiduMapSDK, libapp_BaiduNaviApplib, libbd_etts, NaviTts Baidu Map Basic Location and Navigation SDK: To promptly provide you with basic map and navigation services, as well as to help you find nearby bank outlets, tax refund points, ATMs, and other financial service institutions and communication service centers, we use the Baidu Map SDK (Android) from Beijing Baidu Netcom Science and Technology Co., Ltd. (Address: No. 10 Shangdi 10th Street, Haidian District, Beijing, China). This SDK requires periodic access to your network permissions (WiFi BSSID) and location information every 10 seconds to provide location and navigation services and collects your device information (hardware model, network device hardware address MAC, device configuration, operating system version, unique device identifier Android ID, running programs). If permissions are not granted or relevant information is not provided, related functions and services will be affected.
2. BMKLocation Baidu Map SDK: To provide you with timely weather services, we use the BMKLocation Baidu Map SDK from Beijing Baidu Netcom Science and Technology Co., Ltd. (Address: No. 10 Shangdi 10th Street, Haidian District, Beijing, China). This SDK needs to read base station information every 2 seconds to provide location services. If permissions are not granted or relevant information is not provided, related functions and services will be affected.
3. subsampling-scale-image-view, PhotoView, EasyPhotos Image Selection Component SDK: To enhance your app usage experience in the smart customer service business, we use open-source components subsampling-scale-image-view, PhotoView, and EasyPhotos to facilitate your image upload operations. In the related business processes, we need to access your camera permissions and storage permissions. If permissions are not granted, related functions and services will be affected.
4. Getui Push SDK: To facilitate your receipt of information pushes, system announcements, marketing notifications, and other push messages, we use the Getui Push SDK from Merit Interactive Co., Ltd. (contact number: 4006-808-606). This SDK needs to access your device brand, model, system version, SDK card information, application list permissions, currently running application processes, and permission to write files to external storage to implement the message push service. If permissions are not granted or relevant information is not provided, related functions and services may be affected.
5. Huawei Push SDK: To facilitate your receipt of information pushes, system announcements, marketing notifications, and other push messages on Huawei devices, we use the Push SDK from Huawei Software Technologies Co., Ltd. (contact number: 4000-955-988). This SDK requires access to AAID (Anonymous Application Identifier), application token, topic subscription relationships, device storage information, and Android ID information to implement mobile push services on Huawei phones. If permissions are not granted or relevant information is not provided, related functions and services may be impacted.
6. Xiaomi Push SDK: To facilitate your receipt of information pushes, system announcements, marketing notifications, and other push messages on Xiaomi devices, we use the push SDK from Beijing Xiaomi Mobile Software Co., Ltd. (contact number: 400-100-5678). This SDK needs to obtain the unique identifier of the mobile terminal (IMEI number), device model, device brand, system information, Android system version information, network type, WiFi status, device storage, AAID (Anonymous Application Identifier) information, device identifier OAID, and encrypted Android ID to implement mobile push services for Xiaomi phones. If permissions are not granted or relevant information is not provided, related functions and services may be affected.
7. OPPO Push SDK: To facilitate your receipt of information pushes, system announcements, marketing notifications, and other push messages on OPPO devices, we use the Push SDK from Guangdong Hey Tap Technology Co., Ltd. (Contact number: 400-199-9666). This SDK collects your network status, WiFi status, phone status, access to storage space, permissions to install unknown applications, and permissions to allow apps to start foreground services. If permissions are not granted or relevant information is not provided, related functions and services may be affected.
8. vivo Push SDK: To facilitate your receipt of information pushes, system announcements, marketing notifications, and other push messages on vivo devices, we use the push SDK from Vivo Mobile Communication Co., Ltd. (contact number: 400-678-9688). This SDK requires access to device identification information (IMEI, OAID, EmmCID, GUID, GAID, and encrypted Android ID), current running programs, device model, system information, and network information (such as IP address, and network type) to implement mobile push services on vivo phones. If permissions are not granted or relevant information is not provided, related functions and services may be affected.
9. Retrofit, converter-gson, adapter-rxjava2, okhttp, logging-interceptor, rxjava, rxandroid, rxlifecycle: To ensure you can access the BOC Compass APP services, we use these open-source components for network interface request operations, such as sending request parameters, converting them, receiving response parameters, and parsing them. These SDKs will not collect any of your personal information and are only used as network request tools.
10. AntiHijack Bangcle Reinforcement SDK: To enhance the App's security measures, we use the AntiHijack BangBang Reinforcement SDK from Beijing Bangcle Security Technology Co., Ltd. (contact number: 400-888-1881). This SDK does not collect any of your personal information and is used solely to improve the App's security.
11. Gson: To enhance your App usage experience, we use the open-source component Gson for parsing JSON format data. This SDK does not collect any of your personal information and is used solely as a data parsing tool.
12. CFCASipbox Encrypted Keyboard: To enhance the security of the App, we use the CFCASipbox Encrypted Keyboard from the China Financial Certification Authority during the password input process. This SDK does not collect any of your personal information and is used solely to improve the App's security.
13. RxBus: To meet the communication needs of components within the BOC Compass APP, we use the RxBus open-source component. This SDK does not collect any of your personal information and is used solely for sending and subscribing to events between different pages within the application.
14. Glide, Lottie: To enhance your App usage experience, we use the open-source Glide SDK and Lottie SDK to display images, GIFs, and special animation effects. These SDKs do not collect any of your personal information and are used solely to improve the visual experience.
Appendix B
Instructions on the Use of Third-Party SDKs by BOC Compass APP
(iOS System)
In specific business scenarios, we may use third-party SDKs with the corresponding business qualifications and capabilities to provide services to you. These SDKs may collect and use your personal information, and they include:
1. BaiduMapAPI, BMKLocation, Opencv2, libbd_etts, LibbaiduNaviOpenSDK Baidu Map and Navigation SDK: To promptly provide you with basic map and navigation services, as well as to help you find nearby bank outlets, tax refund points, ATMs, and other financial service institutions and communication service centers, we use the BaiduMapAPI and BMKLocation Baidu Map SDK from Beijing Baidu Netcom Science and Technology Co., Ltd. (Address: No. 10 Shangdi 10th Street, Haidian District, Beijing, China). This SDK requires periodic access to your network permissions (WiFi BSSID) and location information every 10 seconds to provide location and navigation services, and collects your device information (hardware model, network device hardware address MAC, device configuration, operating system version, unique device identifier AndroidID, running programs). If permissions are not granted or relevant information is not provided, related functions and services will be affected.
2. BMKLocation Baidu Map SDK: To provide you with timely weather services, we use the BMKLocation Baidu Map SDK from Beijing Baidu Netcom Science and Technology Co., Ltd. (Address: No. 10 Shangdi 10th Street, Haidian District, Beijing, China). This SDK needs to read base station information every 2 seconds to provide location services. If permissions are not granted or relevant information is not provided, related functions and services will be affected.
3. RxSwift, Moya, RxAtomic, RxCocoa: To ensure you can access the BOC Compass APP services, we use the open-source component Alamofire. These SDKs will not collect any of your personal information and are only used as network request tools.
4. CFCASip Encrypted Keyboard: To enhance the security of the App, we use the CFCASip Encrypted Keyboard from the China Financial Certification Authority during the password input process. This SDK will not collect any of your personal information and is only used to improve the security of the App.
5. SwiftyJSON: To enhance your APP usage experience, we use SwiftyJSON for parsing JSON format data. This SDK will not collect any of your personal information and is only used as a data parsing tool.
6. SnapKit, MJRefresh, Kingfisher, ActiveLabel, CLToast, IQKeyboardManagerSwift, PGDatePicker, MBProgressHUD, CHIPageControl: To enhance your APP usage experience, we have introduced multiple open-source page display solutions to achieve effects such as automatic page layout, page controllers, page refresh, page clicks, pagination scrolling, information display, and click redirection. These SDKs will not collect any of your personal information and are only used to enhance the visual experience.
7. Lottie: To enhance your APP usage experience, we use Airbnb's Lottie SDK for displaying animations and special effects. This SDK will not collect any of your personal information and is only used to enhance the visual experience.
8. BPDataPrevention, BPCrypt, BPJsonModel, BPAlgorithmLib: To enhance the security of App communications, we use SDKs to encrypt sensitive data such as users' personal information, bank card numbers, and passwords. These SDKs do not collect any of your personal information and are only used as encryption tools.
9. Localize-Swift: To implement the App's multilingual functionality, we use Localize-Swift to manage and switch between different language string resources. This SDK does not collect any of your personal information and is only used for multilingual switching.
10. WKWebViewJavascriptBridge: To ensure you can access the services provided by third-party merchants, we use the WKWebViewJavascriptBridge framework to facilitate communication and interaction with third-party merchant services. This SDK does not collect any of your personal information and is only used as a network request tool.