Instruction of Third Party SDKs

Instruction of Third Party SDKs

In order to ensure the implementation of MINI App related features and stable operation of application, we may use the software development packages (SDKs) provided by the third parties to achieve relevant purposes. You can click the privacy policy links below to check the rules of third-party for the use and protection of personal information. Please notice that the personal information type of third party SDKs may change for the edition update, tactic change and others. The official instruction to public shall be prevail.

Name of SDK: Tencent OCR

Name of the third party entity: Shenzhen Tencent Computer System Co., Ltd.

Usage purpose: to complete online real-name registration (RNR) process.

Usage scenario: online real-name registration (RNR) of Connected driving card

Personal information type: Cert. Card information, VIN.

Name of SDK: Wechat

Name of the third party entity: Shenzhen Tencent Computer System Co., Ltd.

Usage purpose: to call certain functionality of WeChat (sharing/authorization).

Usage scenario: information sharing of MINI App to WeChat friends, Moments or Favorites

Personal information type: image data and destinations about community service in MINI APP.

Name of SDK: Alipay Pay Task

Name of the third party entity: Alipay (China) Network Technology Co., Ltd.

Usage purpose: to call Alipay complete online payment; risk control, and to better choose the internet lines and internet optimization; fix the function failure in part of device and system.

Usage scenario: when calling Alipay complete online payment

Personal information type: IMEI, IMSI, Android ID, MAC address, Hardware serial number, ICCID, SSID, BSSID, gyroscope sensor details, network type, operator details, WIFI status/parameter/list, system setting, system property, device manufacturer, device model, operating system.

Name of SDK: Tencent Map and Tencent locator

Name of the third party entity: Tencent Technology (Beijing) Co., Ltd

Usage scenario: when using Tencent Map and Tencent locator service

(1) Usage purpose: to return user location information, and thus allow developers to provide required services accordingly based on accurate location details.

Personal information type: Geographic location

(2) Usage purpose: in order to provide location services, assisted location service to users, and provide developers with more accurate location information of final users.

Personal information type: device information (IP address, GNSS configuration, operator base information, WiFi information, sensor information, bluetooth information)

(3) Usage purpose: in order to resolve user’s feedback problems, anti-spam, log statistic, maintain SDK operation and geolocation, repair the problems in operation, and deal with the locating strategies of different systems.

Personal information type: Device Identification Information (OAID, IDFV, Android ID), Device Parameters and system information (mobile phone screen density, size, device model, operating system version, system attribute)

(4) Usage purpose: Tencent locator SDK uses sensor 3 times every second to provide assistant locating function, deduce and predict locations, among which the rotation vector sensor is used for getting the screen orientation

Personal information type: Sensor(Gravity sensor, gyroscope sensor, acceleration sensor, magnetic field sensor, rotation vector sensor)

(5) Usage purpose: On the map page, the high frequency continuous acquisition of locating information will be triggered, and switching to other pages will not continuously acquire locating information at high frequency. Therefore, on the map page, by default, Tencent locating SDK is called continuously every 4 seconds to obtain accurate locating information in real time, so that avoiding showing users wrong locating information, and providing accurate user locating for functions requiring accurate locating information. Tencent will try again many times to return accurate locating information within 2 seconds when it fails to obtain information. Please note that this calling frequency does not include location requests triggered by users.

Personal information type: getting geolocation information at high frequency.

https://privacy.qq.com/document/preview/dbd484ce652c486cb6d7e43ef12cefb0

Name of SDK: Countly

Name of the third party entity: Countly Ltd.

Usage scenario: when users browsing and clicking in MINI App

1. Usage purpose: Operating system information and App crash data are collected to provide more perspectives for data analysts to evaluate user data and better record behavior data for users who have logged into multiple devices, Android ID collected as an unique identifier for guest users’ behavior data.

Personal information type:

(1) Default hardware, software and telemetry information: Application Key, Generated device ID or custom ID (IDFV, Android ID, Hashed GCID), Session duration extension, Country code and city, Operating system, Operating system version, Device resolution, Carrier, Application version, Density, Locale (device or browser language), Application Store (Store that this app is downloaded from), Traffic sources and search terms (for web SDK), Browser information

(2) Crash data : Crash dump, Current and total RAM, Current and total disk space, device online or not, device muted or not, App is in background or not, Name of crash, Fatal or non-fatal (Whether crash caused app to exit or not), Running time of app, Any custom key/value provided by developer

(3) Terminal device operating information: Operating system, Application version, Mobile network, Network status, Equipment model, OS version of terminal equipment, IDFV, Android ID

2. Usage purpose: User behavior data within mobile App are collected for the purpose of data analysis and feature success evaluation. User behavior data are not analyzed in the way to identify a specific user.

Personal information type: Custom user data that all detailed behavior related data (include product SKU number, selected vehicle color), User behavior data (include page view, tap, click)

Name of SDK: Miaozhen Analytics Flutter

Name of the third party entity: Beijing Mininglamp Technology Co., Ltd.

Usage purpose: to collect users’ interactive behaviour data for providing data statistic and analysis services.

Usage scenario: when users browsing and clicking in MINI App

Personal information type: Mobile device operation information (device model and terminal device manufacturer), Users’ browsing and click behaviour in the App, IDFA, Android ID, OAID, SD Card data.

Name of SDK: JPush

Name of the third party entity: Shenzhen Hexun Huagu Information Technology Co., Ltd.

Usage scenario: Notification push service

(1) Usage purpose: in order to provide notification push service accurately

Personal information type: Device model, terminal device manufacturer, type and version of operating system of terminal device

(2) Usage purpose: in order to identify unique users and ensure accurate delivery and statistic of push

Personal information type: Device identifier (Android ID, GID, OAID, VAID, AAID, MEID, UAID, SN, ICCID)

(3) Usage purpose: in order to optimize the network connection request between the SDK and the Aurora server, ensure the stability and continuity of the service, and realize the regional push function

Personal information type: Internet information(IP address, WiFi information, base station information, DNS address, DHCP address, SSID, BSSID)

Name of SDK: JPush and Huawei Push

Name of the third party entity: HUAWEI Software Technology Co., Ltd.

Usage purpose: In order to provide Huawei push, and analysis success rate of Huawei interface invocation.

Usage scenario: Notification push service

Personal information type: Application information, device identifier (AAID and Push Token）, device type, system type and version, region code.

Privacy policy link: https://www.jiguang.cn/license/privacy https://developer.huawei.com/consumer/cn/doc/development/HMSCore-Guides/sdk-data-security-0000001050042177

Name of SDK: JPush and Xiaomi Push

Name of the third party entity: Xiaomi Technology Co., Ltd.

Usage scenario: Notification push service

(1) Usage purpose: in order to generate device identifier, and ensure notification push to the unique device

Personal information type: Device identifier OAID, encrypted Android ID

(2) Usage purpose: to ensure the notification push and service display

Personal information type: Device manufacturer, device type, device memory, system version, SDK version of Xiaomi push, region, SIM operator name, internet status.

Name of SDK: JPush and VIVO Push

Name of the third party entity: Guangdong Tiancheng Network Technology Co., Ltd.

Usage purpose: in order to provide notification push service

Usage scenario: Notification push service

Personal information type: Device model, terminal device manufacturer, type and version of operating system of terminal device.

https://dev.vivo.com.cn/documentCenter/doc/366

Name of SDK: JPush and OPPO Push

Name of the third party entity: Guangdong HeyTap Technology Co., Ltd.

Usage scenario: Notification push service

(1) Usage purpose: in order to provide push service

Personal information type: Device information (OAID, serial number, user ID, Android ID, Google advertising ID, mobile phone region, device type, device battery, device system version and language).

(2) Usage purpose: in order to push notifications to certain applications

Personal information type: Application information, SDK version of OPPO push

(3) Usage purpose: in order to ensure the display of push notification

Personal information type: Internet status, status of notification bar, screen locking status.

Name of SDK: Face recognition

Name of the third party entity: Shenzhen Tencent Computer System Co., Ltd.

Usage purpose: in order to complete face authentication in the process of real-name registration(RNR)

Usage scenario: Real-name registration(RNR) service

Personal information type: Face video information

Name of SDK: Sensor SDK

Name of the third party entity: Sensors Data Network Technology (Beijing) Co., Ltd.

Usage scenario: when you browse and click in MINI App

(1) Usage purpose: to identify user through the anonymized ID

Personal information type: device attribute information (GCID, IMEI, Android ID, OAID, IDFA, IDFV, UUID, IMSI, Mac address), device connection information (browser type, carrier info, operating system, operating system version, device model), SD Card data

(2) Usage purpose: to make user behavior analysis

Personal information type: Logs info, App usage, IP address, Shence URL, browser type, language, timestamp, Location info, IP location, GPS location, Application info, App ID, App name, App version, User behavior data

Name of SDK: OAID SDK

Name of the third party entity: China Academy of Information and Communications Technology (CAICT)

Usage purpose: to retrieve the device info. OAID

Usage scenario: when any features/SDKs that need OAID

Personal information type: device manufacturer, device model, device brand, App name and signature info., App ID

http://www.msa-alliance.cn/col.jsp?id=120

Name of SDK: Bugly SDK (only for Android)

Name of the third party entity: Shenzhen Tencent Computer System Co., Ltd

Usage purpose: when the face-live crash during RNR process, the exception would be submitted to Tencent server (via default Bugly)

Usage scenario: face-live verification during RNR process.

Personal information type: mobile phone model, brand, Android version, API type, manufacture system version, CPU framework, root status, disk using status, SD card using status, usage of memory, network type, current process name and PID

Instruction of Personal Information Sharing to BMW Affiliated Companies

In order to provide you with services of【BMW Financing Products】, we would share your personal information with the affiliated companies below. The detailed information sharing instructions are as follows,

BMW affiliated company: BMW Automotive Finance (China) Co., Ltd., Herald International Financial Leasing Co., Ltd.

Usage purpose: used for the synchronous login of user-authorized financing / leasing interface, access to financial loan / financing leasing scheme calculator, fast online pre-audit, e-finance, mobile Butler and other modules to enjoy relevant services

Usage scenario: use BMW finance product

Personal information type: Phone number

Sharing method: API

Instruction of Personal Information Sharing to Third Party Vendors

In order to provide you with services of【online payment, map search, community service, real-name authentication】, we would share your personal information with the third party vendors below. The detailed information sharing instructions are as follows,

Third party vendor: Alipay (China) Network Technology Co., Ltd.

Usage purpose: in order to complete online payment

Usage scenario: when calling Alipay complete online payment

Personal information type: encrypted order number

Sharing method: API

Third party vendor: Tencent map

Usage purpose: in order to search places, locating and send interest points to vehicles

Usage scenario: when using search function in the Map service of the App

Personal information type: Geographic location, destination information

Sharing method: backend URL

Third party vendor: Leo Group Digital Technology Co., Ltd

Usage purpose: in order to provide App community operation service

Usage scenario: activity awards distribution, activity participation and management, community content management

Personal information type: name, phone number and delivery address

Sharing method: backend transfer

Third party vendor: Shanghai Genyan Network Science and Technology Co., Ltd

Usage purpose: in order to complete the user’s real-name recognition and authentication

Usage scenario: new car delivery service in MINI new car store of MINI App

Personal information type: name, identification type and number (include ID card, passport or valid exit-entry permit to HK/Macau/Taiwan)

Sharing method: API