This Version Updated At: February 9, 2023
This This Version Takes Effect At: February 14, 2023
Hangzhou Maycur Technology Co., Ltd. (hereinafter referred to as “we”) respects and protects the privacy of users (hereinafter referred to as “users” or “you”) of our products and services. The Privacy Policy (hereinafter referred to as “this Policy”) is written to describe how we handle the personal data collected. This Policy applies to all services we provide (hereinafter referred to as “the Services”), including our app “Maycur Expense”, our official website www.maycur.com, all the other websites we operate (hereinafter referred to as “the Websites” collectively), and our customer service team. Before using any of the Services, please make sure you have read and fully understood this Policy, and agree to it. Your use of the Services will be deemed acceptance and approval of this Policy.
1. How we collect and use information
(i) Scenarios in which you need/can choose to authorize us to collect and use personal information
We may collect and use the following types of information about you for the following purposes, and you can also review Annex III, List of Personal Information Collected, to learn more about this information.
1.To help you become our user
(1) The scope of personal information used: In order to register as a user of Every Moment, you need to provide your basic personal information, email address, cell phone number and the verification code received
(2) Sensitive permission to call: None
(3) Use of third-party SDK: None
2.Provide you with bill submission function
(1) Scope of use of personal information:
• In order to provide process control basic services, we need to collect your personal education work information, including company name, department, position, job title, subordinates, etc.
• In order to provide multi-dimensional fee control functions, we need to collect your resident place, rank and other information, which is usually entered manually by the company administrator or imported from other systems of the company through the interface.
• In order for you to receive reimbursements and loans paid by the company, we need to collect your debit card information, including the cardholder's name, card number, account opening bank, etc.
• In order to provide the function of automatic generation of third party fees, after obtaining your permission, we will obtain your consumption order data from the third party opened by the company, including the consumption object, consumption amount, consumption time, consumption place, order number, payment method, etc.
(2) Sensitive permission to call:None
(3) Use of third-party SDK:None
3.Provide you with invoice identification
(1) Scope of using personal information: When you use Every Moment for invoice identification function, we need you to upload the image information of various tickets such as train tickets, air tickets, VAT invoices and so on. If you do not agree to upload images, you may not be able to confirm the use of invoice identification and other functions
(2) Sensitive permissions called for.
When you use the invoice recognition function to upload images, you need to invoke the storage permission (Android system) / album permission (iOS system) of your device if you need to send the images already in your device. If you refuse the relevant system permissions, you may not be able to upload images properly.
When you upload pictures using the invoice recognition function, you need to invoke the camera permission of your device if you want to take and send pictures directly. When you grant camera permission to enter the photo page, we will call the camera of your device and listen to your orientation sensor and acceleration sensor data to enhance the photo experience. After you leave the photo page, we will release the camera resources and stop listening to the orientation sensor and acceleration sensor. If you refuse the relevant system permission, you may not be able to upload pictures normally.
(3) Using third-party SDK:None
4.Provide you with private car public, check-in function
(1) Scope of use of personal information
• To provide the function of private car use, we will obtain your location information through cell phone GPS positioning after obtaining your permission.
• To provide the check-in function, we obtain your location information through GPS location of your cell phone after obtaining your permission.
(2) Sensitive permissions for invocation.
When you use the private car public function, you need to record the user's current location information in real time for location check-in, and get accurate/approximate geographic location information through global positioning system (GPS) or network location information (such as base station and WLAN), if you close the relevant system permissions, you may not be able to record the location correctly
(3) Use third-party SDK: Baidu Map SDK, Gaode Map SDK
5.Invoice import function
(1) Scope of personal information use.
• In order to provide invoice import function, you can initiate to import your invoice information from WeChat and Alipay.
• You can upload files or images of invoices by uploading local files
(2) Calling sensitive information.
When you use the invoice recognition function to upload pictures, if you need to send the pictures already in your device, you need to invoke the storage permission (Android system) / album permission (iOS system) of your device. If you refuse the relevant system permission, you may not be able to upload images normally.
(3) Use the third-party SDK: WeChat sdk
6.Push message
(1) Scope of use of personal information.
In order to provide services to you, we will send you information, notifications or business communication with you, including but not limited to the verification code necessary to ensure the completion of the service, the use of the service necessary to push the notification
(2) Calling sensitive information: location information (including GNSS information, IP address, WLAN hotspot, base station information, Bluetooth devices and other sensor information that can be used for positioning), device information (including the unique identifier of the terminal device (including IDFV, OAID, IMEI, MEID, IMSI), mac address, operating system version, device brand and model, device configuration, operator type name and code, etc.). device configuration, operator type name and code, application information (application name, application version number), WiFi information, list of running applications, phone storage permissions
(3) Using third-party SDKs: Aurora Message Push SDK, Xiaomi Message Push SDK, Huawei Message Push SDK
7.Improve our services
(1) Scope of personal information use
• Based on the user's consultation records, trouble-shooting records and troubleshooting process based on your use of every moment service, we will record and analyze these information in order to respond to your request for help in a more timely manner and to improve the service.
• For the purpose of providing continuous service and ensuring service quality, we will record and store information about your login and use of the Service, including IP address, type of browser, language used, date and time of access, user identifier and web browsing history, etc., during your use of the Service.
• With your consent, single sign-on to third-party services, including DDT, Gautrain Manager, Ctrip Business Travel, etc., through your work number and company information
(2) Calling sensitive permission: None
(3) Use of third-party SDK:None
(ii) Exceptions to Consent
Please be aware that we do not require your authorized consent for the collection and use of personal information in the following cases.
1、Related to the personal information controller's fulfillment of obligations under laws and regulations.
2、Related to national security, national defense security
3、Related to public safety, public health, and significant public interests
4、related to the criminal investigation, prosecution, trial and execution of judgments for crimes
5、in order to protect the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals but it is difficult to obtain their consent
6、The personal information involved is disclosed to the public by the subject of personal information himself/herself.
7、necessary for the conclusion and performance of a contract at your request; (Note: The main function of the personal information protection policy is to disclose the scope and rules for the collection and use of personal information by the controller of personal information, and it is not appropriate to consider it as a contract.)
8、necessary for maintaining the safe and stable operation of the products and/or services provided
9、necessary for legitimate news reporting.
10、necessary for academic research institutions to conduct statistical or academic research in the public interest and to de-identify the personal information contained in the results when providing the results of academic research or descriptions to the public.
Please note that information that, alone or in combination with other information, cannot identify you or establish a direct connection with you is not personal information. If we combine information that alone cannot be linked to any particular individual with other information
2. Application permission application and usage description
As mentioned above, in the process of providing services, Our products may invoke some of your device permissions, which you may authorize on a case-by-case basis. After you choose to authorize us to invoke your device permissions, you may choose to turn off some or all of these permissions at any time in the device's settings function, thereby denying the collection and use of the corresponding personal information by the "Maycur" product. In particular, we will not collect your information when it is not needed for the relevant function or service, even if we have obtained these sensitive permissions with your authorization. You can check the Appendix I: [Application permission application and usage information].
3. How We Collect Information
1. The information that your company exports to or syncs with us, including company name, department, position, job title, superiors and subordinates, base, job level, attendance check-in time, check-in location, etc.
2. The data that you enter in forms and templates, including itineraries, meals and attendees filled in for reimbursement, and bank account number entered for collection. If you authorize a colleague to reimburse expenses on behalf of you, then the person authorized has the permission to fill in, modify and check your information mentioned above.
3. Records created during your use of our Services, including records of online consultation and error-reporting.
4. To better understand your usage habits and avoid repetitive operations, we may use cookies to remember you, your last order and so on. You can manage your cookie settings on your browser. Please note that if you disable cookies, you may not have the best user experience and some Services may not work properly.
5. After your company admin opens a third-party platform (such as Didi, Ctrip Corporate Travel, CMB Commercial Card, etc.), the company will open an account for you for the purpose of reimbursement, and the bills under this account will be synced to Maycur. If you already have an account on the third party, bills under the account will also be synced to Maycur after the company binds the account for you. We collect the data to help you get the expenses reimbursed.
4. How We Disclose Information
4.1 Share with Your Company
As a B2B application, we will share your information with your company for the purpose of reimbursement management, expense management and so on. For example, we need to sync your expense reports and bank account number with your company when the company is to reimburse your expenses; or we need to share your itineraries with your company when it is to check employee attendance.
We may also share your information with or transfer it to your colleagues. They are authorized by your company to assist in providing the Services to you under our contractual agreement, such as your company’s finance staff and system administrators.
If you authorize a colleague to submit expense reports for you, then the authorized person can see your invoices, transactions, bank card numbers, account names, account-opening bank information, etc., to fill out expense reports for you.
4.2 Share with Third Parties
When you use the functions or services of our App, we may use software service kits ("SDK") provided by third-party service providers with corresponding business qualifications and capabilities to provide services for you in some specific usage scenarios, and the third-party service providers will collect the necessary information from you. You can also see the list of personal information shared by third parties in Annex II.
1. If your company has opened the third-party services and your third-party account is bound with your account in our system, we may share your information with the third party, such as synchronizing the departure place, destination, departure time, arrival time, travel mode, application amount and other information on your travel application form, and then you can make reservations on the third-party platform. You can check which third parties your company has opened and which third party accounts are bound to your account in our system through "Mobile - My - Third Party Services". If you want to unbind your account, please contact us, please refer to "XI. How to contact us".
2. Share your GPS location with Baidu Location SDK and Gaode Location SDK, which can be used to provide you with map service when you check-in and clock-in.
3. Share information with the communication service provider of push notifications to provide you with the service of receiving application notifications. If you do not want to receive application notifications, you can turn it off in your phone system permissions. The SDK collects the following information during use: device parameters and system information (device type, device model, system version, and related hardware information), which is used to identify the user's device type, device model, system version, etc. to ensure accurate message delivery; device identifiers (device identifiers: IMEI, IDFA, Android ID, GID, MAC, OAID VAID, AAID, IMSI, MEID, UAID, SN, ICCID, SIM information, of which UAID is the unified anonymous identifier introduced by telecom operators) is used to identify unique users and ensure the security of account information in APP; Network information (IP address, WiFi information, base station information, DNS address, DNCP address): used to optimize the network connection request between Aurora SDK and Aurora server network connection requests with the Aurora server to ensure the stability and continuity of the service.
• Aurora SDK
○ Link to Aurora Privacy Policy:https://www.jiguang.cn/license/privacy
○ The Aurora SDK has been closed for obtaining user software list, geolocation and smart push switch, and we will not provide your above end-user information through this channel.
○ Please note that Aurora SDK collects, stores and processes personal information from you in a de-identified or anonymous manner. If you do not want the above information to be collected, you can turn off the "Read/Write SD card permission", "Network access permission", "Device information permission", and/or "Location permission". "Location".Xiaomi Message Push SDK
• Xiaomi Message Push SDK
○ Xiaomi Privacy Policy link:https://dev.mi.com/console/doc/detail?pId=1822
• Huawei Messaging Push SDK
○ Huawei Privacy Policy link: https://developer.huawei.com/consumer/cn/doc/development/HMSCore-Guides/privacy-statement-0000001050042021
For the above third-party shared personal information, you can also check Annex II: "List of Third-Party Shared Personal Information. We understand and respect your right to choose. If you do not want to use the services provided by the above SDK, you can call our customer service hotline at 400-6789-576 and we will assist you to withdraw from the service by canceling your account.
• WeChat Open Platform SDK
4.3 Purpose of Information Disclosure
• We share information to fulfill part of the purposes described in "How We Use Information".
• We share information to fulfill our obligations and exercise our rights under this Policy or any other agreement we may have with you or your company.
4.4 Transfer of Information
As our business continues to grow, we may enter into mergers, acquisitions, asset transfers or similar transactions, and your personal information may be transferred as part of such transactions. We will comply with applicable laws and regulations, and notify you prior to the transfer, ensure the confidentiality of the information during the transfer, and continue to fulfil our responsibilities and obligations after the transfer.
4.5 Disclose Information for the Following Reasons
• Comply with applicable laws and regulations.
• Comply with the provisions of court orders or other legal proceedings.
• Comply with the requirements of relevant government agencies or competent authorities.
• When we have reason to believe that compliance with laws, regulations, etc. is necessary.
• For purposes reasonably necessary to enforce relevant service agreements or this Policy, to protect the public interest, to handle complaints/disputes, and to protect the personal and property safety or legitimate rights and interests of our users, us, our affiliates, employees, or other users.
• Circumstances legally authorized by you.
If we disclose your information for any of the reasons above, we will inform you promptly in compliance with the relevant provisions of laws and regulations and this Policy.
5.How We Store and Protect Information
5.1 Ensure Information Security Against Loss, Misuse, Unauthorized Access, or Disclosure
• We have established strict management systems and procedures to ensure information security. For example, we strictly limit the scope of people who have access to user information and require them to comply with confidentiality obligations.
• We attach importance to information security compliance, and the infrastructure of our production system is deployed on Alibaba Cloud ( https://security.aliyun.com/trust?spm=5176.13076100.J_9220772140.28.78cd21e7yBgEWa)or Huawei Cloud (https://www.huaweicloud.com/securecenter/overallsafety.html),to ensure our security compliance at the hardware level. Meanwhile, at the software level, we have been accredited by many international and domestic institutions for information security, winning the Classified Protection of Information System Security Level-3 Certificate, ISO 27001 Certificate, etc. We ensure the security of your information with an industry-leading solution.
5.2 We Avoid to Collect Irrelevant User Information
We will only store your information for as long as necessary to achieve the purposes described in this Policy, unless permitted by law. After the information retention period expires, we will delete or anonymize your information.
5.3 Strengthen the Awareness of Self-Protection
We are only liable to the extent that we directly cause the disclosure of your personal information. Therefore, please keep your account and password properly to avoid leaking your personal information. Do not provide your account or password to any third party unless you deem it necessary.
Please only upload the personal information required for reimbursement. If the file uploaded contains personal information irrelevant to reimbursement, please cover it up before uploading.
5.4 Remedies for Information Security Incidents (leakage, loss, etc.)
We In accordance with the requirements of laws and regulations, we will promptly inform you of: the basics of the security incident and its possible impacts, disposal measures we have taken or will take, suggestions on how you can independently prevent and reduce risks, and remedies for the incident, etc. We will promptly inform you of the incident-related situation by email, letter, phone call, push notification, etc. When it is difficult to inform our users one by one, we will make an announcement in a fair and effective manner.
5.5 Information Storage
The information we collect is stored on the servers of Alibaba Cloud or Huawei Cloud in mainland China. If we need to transfer personal information overseas for business purposes in compliance with applicable laws, we will obtain your prior consent and inform you of the purpose, recipient, security measures, and potential risks of your information transfer.
We will store your information for as long as necessary to achieve the purposes described in this Policy, unless permitted or required by law. After the information retention period expires, we will delete or anonymize your information.
If part of our business ceases to operate, we will promptly notify your company, i.e., our client, of the situation as required by law. Such notifications will be delivered by email, letter, phone call, push notification, etc. When it is difficult to inform our clients one by one, we will make an announcement in a fair and effective manner.
6. Direct Mail Marketing
At individuals’ requests, we will not use personal information for direct marketing purposes. We will not use your personal information or provide it to others for direct marketing without your consent or indication of no objection. Even if your consent is granted, you still have the right to cancel receiving such promotional emails at any time.
7. Links to Other Websites
Our Services contain links to websites owned and/or run by third parties. We are not responsible for the privacy practices or the content of such sites. Users should check their applicable privacy policies before providing any information to them.
8.Your Rights
You have the right to exercise the following rights as set forth in applicable laws and regulations, but please understand and agree that certain rights may be restricted during the performance of our contractual obligations to process your personal data, as agreed between us and your company.
8.1 Right of Access
You have the right to obtain confirmation from us as to whether your personal data are being processed and, if so, to request access to such data, especially the purpose of such information collection and processing, category of the personal data concerned, and the recipient or category of recipients to whom the data have been or will be disclosed.
You have the right to obtain a copy of the personal data being processed. If you request additional copies, we may charge a reasonable fee based on administrative costs.
8.2 Right to Rectification
8.3 Right to Erasure (Right to be Forgotten)
You may ask us to delete your information if you believe that we no longer need to use it for the purposes for which it was collected. In addition, you may ask us to delete your information if you have withdrawn your consent to our use of your information (if we initially asked you to grant your consent), or have exercised your right to object to further legal use of your information, or if we have used your information illegally, or if we are bound by a legal obligation to delete your personal information.
In some cases, we may not be able to meet your request. Examples of such circumstances include that we need to continue to use your information to comply with our legal obligations, including contractual obligations with your company, or that we need to use your information to establish, exercise or defend a legal claim.
8.4 Right to Restrict Processing
You have the right to restrict the processing of your personal information. At your request, the corresponding data will be marked and we will only process such data for certain purposes.
8.5 Right to Data Portability
Please understand that, according to the agreement between us and your company, your reimbursement data (including your itineraries, booking prices, etc.) in our mobile Services, i.e. our App, are subject to our obligation of confidentiality, and we recognize that the ownership of the data belongs to your company. Hence, we are not entitled to transfer any reimbursement data to other companies at your request.
8.6 Right to Object
We need to process your personal data based on the contract with your company, and for the personal data necessary for the performance of the contract, you waive the right to object during the period of performance. We have no intention to collect or process your personal data that are irrelevant to the performance of the contract; and we will delete all your data after the contract expires. If you believe that there are personal data processed irrelevant to the performance of the contract, you can exercise your right to object, and we will no longer process your personal data for such purposes. The exercise of this right will incur no costs. Please understand that each function requires certain basic personal data in order to be enabled, and after you exercise your right to object, we can no longer provide you with the corresponding Services, nor can we process the corresponding personal data.
8.7 Right to Cancel Account
You can send an email to support@maycur.com to ask your account to be cancelled. When your account is cancelled, all the information in the account will be deleted or anonymized, and we will no longer collect, use or provide personal data related to the account to the public. However, the information provided or generated by you during the use of our Services must still be stored by us for the time required by laws and regulations, and the competent authorities still have the right to inquire in accordance with the laws during the legal storage period.
For requests to access, change or delete personal data or personal data portability, or to cancel accounts, you can contact us by sending emails to support@maycur.com. Normally, we will reply within 15 days. To protect your interests, we only implement your request for personal data related to the email address you use to send us the email, and we need to verify your identity before implementing your request. lease note that we need to retain certain information for the purpose of recording or/and completing any transactions that were initiated prior to your request.
8.8. Changing the scope of your authorized consent or withdrawing it
You can change the scope of consent or revoke your authorization by deleting information in the app, changing privacy settings or turning off the device permission function in the system. You can choose the authorization you want to withdraw by going to "Me" - "Settings" - "Sign Out". In the login screen, you can uncheck the privacy agreement and use the "Don't agree, just browse" function to browse the feature pages without agreeing to the privacy agreement.
Please understand that after you perform the above actions, we will not be able to continue to provide you with the services corresponding to the withdrawal of consent or authorization, but will not affect the processing of personal information already carried out based on your authorization.
You can also use support@maycur.com Contact us to help you change and delete the application authorization.
9. Protection of Minors
If you are under 16 years old (excluding 16 years old), then in principle, you are not allowed to use our website, Services, etc. We provide companies with technical services such as reimbursement management, and by default, we assume that all the employees of such companies are over 16 years old. If you are under the age of 16 and are legally employed by our client, please make sure that you have the consent of your parents or guardians to provide us with your personal information.
10.Update of This Policy
Please note that we reserve the right to review and update this Policy from time to time. If we make any material changes to this Policy, we will notify you in a pop-up window on the App or by other means required by law for you to reconfirm the new Policy before it takes effect. If you use our Services after the updated Policy takes effect, you will be deemed to have agreed to the revised Privacy Policy.
11.How to Contact Us
If you have any questions, comments, or suggestions about this Policy, you can contact us by “Me-Online Consultation” on your phone or by calling 400-6789-576.
Our address is:Hangzhou Maycur Technology Co., Ltd.
Address: 7F, No. 2 Building, Xixi Intime, Xihu District, Hangzhou, Zhejiang Province, China
Post Code: 310013
Email: support@maycur.com
If you are not satisfied with our reply, especially if you think our processing of your personal data has harmed your legitimate rights and interests, you can make a complaint or report to regulatory authorities such as the Office of the Central Cyberspace Affairs Commission or the State Administration for Market Regulation.
Last Updated At: Febraury 9, 2023
12. Exceptions to this Agreement
Please note that if your enterprise purchases the Software Service in the form of hybrid cloud (the database is separately specified by the enterprise) or local deployment, the data will be stored in the enterprise's local server, and the control of the data (including the operation of data modification, erasure, etc.) is fully owned by the platform administrator designated by the enterprise, so some parts of this Agreement (including and not limited to clauses 1, 3, 4, 5, 6, 7, 8) will no longer If you have any questions, please contact your enterprise platform administrator.
Appendix I
Application permission application and usage information
1. we may apply for or use the relevant operating system permissions for the purpose of ensuring product functionality and safe and stable operation.
2. in order to protect your right to know, we display the relevant operating system permissions that may be applied or used by the product through the following list, and you can manage the relevant permissions according to your actual needs.
3. depending on the upgrade of the product, the type and purpose of the application and use of permissions may change, and we will adjust the list according to these changes in time to ensure that you are informed of the application and use of permissions.
4. please be aware that we may also use third-party SDKs for the functionality and security needs of our business and products, and these third parties may also apply for or use relevant operating system permissions.
5. in the course of using the products, you may use H5 pages or applets developed by third parties, and these third-party developed plug-ins or applets may also apply for or use relevant operating system permissions as necessary for business functions.
6. the following apply together for each moment, if there are separately applicable scenarios or purposes will be described in the following list.
| Permission Name | Permission Description | Permission Usage Scenario or Purpose |
| ACCESS_FINE_LOCATION | Get accurate geographic location information through global positioning system (GPS) or network location information (such as base station and WLAN) | Private car public function records the real-time path to calculate the final driving mileage, sign in and record the clock in position and other functions |
| ACCESS_COARSE_LOCATION | Obtain approximate geographic location information through network location information (such as base station and WLAN) | Private car public function records the real-time path to calculate the final driving mileage, sign in and record the clock in position and other functions |
| CAMERA | Turn on the mobile camera for shooting and scanning |
1、User's intelligent ticket recognition takes ticket image data
2、Scenarios for scanning QR codes for information entry
|
| READ_EXTERNAL_STORAGE | It provides the function of reading data in the phone storage space | Allow App to read images, files and other contents in the storage, mainly submit invoice files, attachments and other file information in the document |
| WRITE_EXTERNAL_STORAGE | Provide the function of writing to external storage | Allow app to download/save invoice pictures, files and other information |
Appendix II
List of personal information shared by third parties
Baidu Location Service
Operator: Beijing Baidu.com Technology Co.
Function: To help users locate their location when setting up location-based punch cards, and locate their private cars for public use
Type of personal information collected: location information (including GNSS information, IP address, WLAN hotspot, base station information, Bluetooth devices and other sensor information that can be used for positioning), device information (including the unique identifier of the terminal device (including IDFV, OAID, IMEI, MEID, IMSI), mac address, operating system version, device brand and model, device configuration, carrier type name and code, application information (application name, application version number)), WiFi information, list of running applications, phone storage permissions
Privacy agreement: https://lbsyun.baidu.com/index.php?title=openprivacy
Gaode Location Service
Operator: Gaode Software Co.
Function: Help users locate their location when setting location-based punch cards, and locate their private cars for public use
Type of personal information collected: location information (including GNSS information, IP address, WLAN hotspot, base station information, Bluetooth devices and other sensor information that can be used for positioning), device information (including the unique identifier of the terminal device (including IDFV, OAID, IMEI, MEID, IMSI), mac address, operating system version, device brand and model, device configuration, carrier type name and code, application information (application name, application version number)), WiFi information, list of running applications, phone storage permissions
Privacy Policy link: https://lbs.amap.com/pages/privacy
Aurora Push
Operator: Shenzhen Huxun Huagu Information Technology Co.
Function: Push messages to users' cell phones
Type of personal information collected: IMEI/OAID (for Android Q or above), IMEI MD5/MEIDMD5, Android ID, VAID, AAID, and your MID (for MIUI system), device model, WiFi information, device information (BSSID, SSID), list of running applications information, external storage permissions, and network IP information.
Aurora SDK about getting user software list, geolocation, smart push switch has been closed, we will not provide your above end-user information through this channel.
Privacy agreement: https://www.jiguang.cn/license/privacy
Xiaomi Push
Operator: Beijing Xiaomi Mobile Software Co.
Function: Push information to Xiaomi cell phone users
Type of personal information collected: IMEI/OAID (for Android Q or above), IMEI MD5/MEIDMD5, Android ID, VAID, AAID, as well as your MID (for MIUI system), device model, WiFi information, device information (BSSID, SSID), list of running applications information, external storage permissions, network IP information
Privacy agreement: https://dev.mi.com/console/doc/detail?pId=1822
Huawei Push
Operator: Huawei Device Co.
Function: Used to push messages from the app to Huawei cell phone users
Type of personal information collected: device information (SSID, BSSID, IMEI, Android_ID), running application list information, external storage permissions, Wi-Fi information, network IP information
Privacy policy link: https://consumer.huawei.com/cn/privacy/privacy-policy
WeChat SDK
Operator: Shenzhen Tencent Computer System Co.
Function: Evoke WeChat App to import electronic invoices
Type of personal information collected: None
Developer Agreement: https://open.weixin.qq.com/cgi-bin/frame?t=news/protocol_developer_tmpl
Appendix III
List of collected personal information
| Business scenario | Type of personal information | Purpose of collection |
| Registration, Login | Cell phone number, verification code, password | For registering to create an account and password |
| Bill of lading, control | Gender, ID number, permanent location, department, position, name, cell phone number, email, work number, etc. | Required information for submission of documents and data permission control |
| Customer service communication and complaint handling | Account information, communication records with customer service, contact information | For customer service provision |
| Web and information browsing | Application information, device information, network environment information, service log information, basic personal information, information about you in the organization | To show you content or services that are better suited to your needs |
| Provide security | Device information, service log information, account information, transaction information | Used to provide service security to prevent security breaches, viruses and network attacks, network intrusion |
| Private car use | Personal Location Information | Used to perform location punching to record route information for private car public users |