中国外汇交易中心 iDeal银行间市场即时聊天工具


个人信息保护政策

本版发布日期：【2022】年【1】月【26】日
生效日期：【2022】年【1】月【26】日

概述
中国外汇交易中心暨全国银行间同业拆借中心（“我们”）深知个人信息对您而言的重要性，我们会尽力保护您的个人信息安全，也感谢您对我们的信任。我们将通过本政策向您说明我们会如何收集、存储、保护、使用及对外提供您的信息，并说明您享有的权利以及您的投诉渠道，其中要点如下：
1.为了便于您了解在使用我们的服务时，我们需要收集的信息类型与用途，我们将结合具体服务向您逐一说明。
2.为了向您提供服务所需，我们会按照权责一致原则、目的明确原则、选择同意原则、最小必要原则、确保安全原则、主体参与原则、公开透明原则收集您的信息。
3.如果为了向您提供服务而需要将您的信息共享至第三方，我们将评估该第三方收集信息的合法性、正当性和必要性。我们将要求第三方对您的信息采取保护措施并且严格遵守相关法律法规与监管要求。另外，我们会按照法律法规及国家标准的要求以确认协议、具体场景下的文案确认、弹窗提示等形式征得您的同意或确认第三方已经征得您的同意。
4.如果为了向您提供服务而需要从第三方获取您的信息，我们将要求第三方说明信息来源，并要求第三方保障其提供信息的合法性；如果我们开展业务需进行的个人信息处理活动超出您原本向第三方提供个人信息时的授权范围，我们将征得您的明确同意。
5.您可以通过本政策介绍的方式访问和管理您的信息、禁用账户或进行投诉举报。

请在使用我们的产品或服务前，仔细阅读并了解本《个人信息保护政策》。

本政策将帮助您了解以下内容：
一、 我们如何收集信息
二、 我们如何使用信息
三、 我们如何使用Cookie和同类技术
四、 我们如何共享、转让或者公开披露您的信息
五、 我们如何存储和保护信息
六、 您如何访问和管理自己的信息
七、 本政策的适用及更新
八、 联系我们


通过阅读本政策，您将了解您在使用我们的服务时，我们如何收集、存储、使用及对外提供您的信息。同时，您也将了解我们如何为您提供访问、更新、管理和保护您信息的服务。 本政策与我们的产品或服务关系紧密，我们建议您仔细阅读并理解本政策全部内容，做出您认为适当的选择。我们努力将文字表达的通俗、易懂和简明，使您理解本政策中与您的权益存在重大关系的条款和与您的个人敏感信息相关的条款，提示您注意。

为了遵守国家法律法规及监管规定（例如：进行实名制管理、安全管理等），也为了向您提供服务及提升服务质量，我们可能需要收集、存储、使用及对外提供您的信息。

一、我们如何收集信息

在您使用我们iDeal以下各项业务功能，包括iDeal官网（https://ideal.chinamoney.com.cn/）、iDeal PC端、iDeal移动端等的过程中，我们需要收集您的一些信息，用以向您提供服务、提升我们的服务质量、保障您的账户安全，并符合国家法律法规及监管规定。如我们关联公司的产品或服务中使用了iDeal提供的产品或服务，但未设独立的个人信息保护政策的，则本政策同样适用于该部分产品或服务。本政策不适用于其他通过iDeal网站或客户端提供的产品或服务，或任何其他第三方提供的产品或服务（以下统称“第三方服务”），您在选择使用第三方服务前应充分了解第三方服务的产品功能及个人信息保护政策。

1.为了登录iDeal，在首次登录前，您需要在注册页面填写登录iDeal所需的基本信息，您可以通过手机号或者邮箱进行注册，以满足我国相关法律法规的网络实名制要求；如您不提供前述信息，您可能无法登录iDeal基础形态。此外，您可以选择向我们提供头像信息。

2.在您登录iDeal后，可进行形态绑定：若您登录外汇形态，则可根据系统提示或者设置中的“账号管理”按钮跳转至账号管理界面，绑定本币账户/手机号/邮箱；若您登录本币形态，则可根据系统提示或者设置中的“账号管理”按钮跳转至账号管理界面，绑定外汇账户/手机号/邮箱；若您登录基础形态，则可根据系统提示或者设置中的“账号管理”按钮跳转至账号管理界面，绑定本币账户和外汇账户；本外币形态绑定成功后，可通过身份切换按钮进行不同形态间的快速切换。

3.为了保障您正常使用我们的服务，并维护、改进及优化我们的服务，保障您的帐号安全，我们会收集您的使用信息、设备型号、操作系统、iDeal软件版本号、接入网络的方式、服务日志信息、信息交互记录、交易确认信息，该等信息为提供服务必须收集的基础信息。

4.当您使用iDeal通讯录功能时，我们会对您的通讯录信息进行不可逆加密处理，并仅收集加密后的信息。拒绝提供该些信息仅会使您无法使用通讯录功能，但不影响您正常使用iDeal的其他功能。

5.当您为经办行用户时，由于您为iDeal独有用户，您的信息将由iDeal场务导入，用于经办行用户登录及用户信息展示，涉及到的信息有：机构中文全称、账户、密码、姓名、证件类型、证件号码、性别、邮箱、座机号码。

6.其他

请您理解，我们向您提供的服务是不断更新和发展的。如您选择使用了前述说明当中尚未涵盖的其他服务，基于该服务我们需要收集您的信息的，我们会通过页面提示、交互流程、协议约定等方式另行向您说明信息收集的范围与目的，并征得您的同意。我们会按照本政策约定使用、存储、对外提供及保护您的信息；如您选择不提供前述信息，您可能无法使用某项或某部分服务，但不影响您使用我们提供的其他服务。

二、我们如何使用信息

1.为了遵守国家法律法规及监管要求，以及向您提供服务及提升服务质量，我们会在以下情形中使用您的信息：

1)实现本政策中“我们如何收集信息”所述目的；

2)我们可能将某些产品或服务中所收集的信息用于我们的其他产品或服务。例如，在您使用我们的某一服务时所收集的信息，我们可能会将其在另一服务中使用，向您提供特定的内容；

3)为了确保服务的安全，帮助我们更好地了解应用程序的运行情况，我们可能记录某些相关信息。我们不会将存储在分析软件中的信息与您在应用程序中提供的任何个人身份信息相结合；

4)根据法律法规或监管要求向相关部门进行报告。

2.当我们要将信息用于本政策未载明的其他用途时，会按照法律法规及国家标准的要求以确认协议、具体场景下的文案确认动作等形式再次征得您的同意。

三、我们如何使用Cookie和同类技术

为使您获得更轻松的访问体验，在您访问我们的iDeal时，我们可能会通过小型数据文件识别您的身份，这么做可帮您省去重复输入注册信息的步骤，或者帮助判断您的账户安全状态。这些数据文件可能是Cookie，Flash Cookie，您的浏览器或关联应用程序提供的其他本地存储（以下简称“Cookie”）。

不过，我们的iDeal不会强制要求您进行Cookie操作。如您的浏览器或浏览器附加服务允许，您可以修改对Cookie的接受程度或者拒绝iDeal的Cookie。多数浏览器工具条中的“帮助”部分会告诉您如何防止您的浏览器接受新的Cookie，如何让您的浏览器在您收到一条新Cookie时通知您，或者怎样彻底关闭Cookie。此外，您可以通过改变浏览器附加程序的设置，或通过访问提供商的网页，来关闭或删除浏览器附加程序使用的Cookie及类似数据。

四、我们如何共享、转让或者公开披露您的信息

目前，我们不会主动共享或转让您的个人信息至第三方。如未来出现需要共享或转让您的个人信息的情形，或者出现您需要我们将您的个人信息共享或转让至第三方情形时，我们会确认第三方已经征得您对上述行为的明示同意。

我们不会对外公开披露收集的个人信息。如出现必须公开披露的情形时，我们会向您告知此次公开披露的目的、披露信息的类型及可能涉及的敏感信息，并征得您的明示同意。

需要提请您注意的是，您通过iDeal以外的其他服务、产品或协议向我们所提供的您的个人信息和我们在从您这里获知之前，已经正当获知的您的个人信息，该些信息的共享、转让和披露不受本政策的约束。

五、我们如何存储和保护信息

1.我们在中华人民共和国境内收集和产生的个人信息将存储在中华人民共和国境内，并依法对这些信息进行严格保密。一般而言，我们保留您的个人信息的时间仅限于实现服务目的和满足相关政策法规规定所必需的时间。

2.为了保障您的信息安全，我们在收集您的信息后，将采取各种合理必要的措施保护您的信息。例如，我们将会对涉及个人敏感信息的内容在数据库中进行加密存储，部署IPS、WAF等安全防护设备，部署杀毒系统及防毒墙。我们通过不断提升的技术手段加强我们服务的安全能力，以避免您的个人信息泄露。例如，为了预防病毒、木马程序或其他恶意程序，我们会了解在您设备中安装的应用程序信息，或其中正在运行的进程信息，以采取相应的安全措施。

3.我们承诺我们将使信息安全保护达到法律规范相应的要求。为保障您的信息安全，我们致力于使用各种安全技术及配套的管理体系来尽量降低您的信息被泄露、毁损、误用、非授权访问、非授权披露和更改的风险。

4.我们设立了信息安全工作领导小组，针对个人信息收集、使用、共享、委托处理等开展个人信息安全影响评估。同时，我们建立了相关内控制度，对可能接触到您的信息的工作人员采取最小够用授权原则；不断对工作人员培训相关法律法规及隐私安全准则和安全意识强化宣导；我们将对生产数据进行数据治理专项工作，包括对数据进行分类、权限进行分级等，按授权最小化原则进行管理。

5.我们已制定个人信息安全事件应急预案，定期组织内部相关人员进行应急响应培训和应急演练，使其掌握岗位职责和应急处置策略和规程。在不幸发生个人信息安全事件后，我们将按照法律法规的要求，及时向您告知。我们将及时将事件相关情况以推送通知、发送邮件/短消息等方式告知您，难以逐一告知个人信息主体时，我们会采取合理、有效的方式发布公告。同时，我们还将按照监管部门要求，主动上报个人信息安全事件的处置情况。

6.请您务必妥善保管好您的登录名及其他身份要素。您在使用我们的服务时，我们会通过您的登录名及其他身份要素来识别您的身份。一旦您泄漏了前述信息，您可能会蒙受损失，并可能对您产生不利。如您发现登录名及/或其他身份要素可能或已经泄露时，请您立即和我们取得联系，以便我们及时采取相应措施以避免或降低相关损失。

六、您如何访问和管理自己的信息

在您使用我们的服务期间，为了您可以更加便捷地访问和管理您的信息，同时保障您禁用账户的权利，我们在客户端中为您提供了相应的操作设置，您可以参考下面的指引进行操作。

1.查询和管理您的信息

您可通过iDeal App登录iDeal账户，在“账户管理”中，查询或绑定您的手机号、邮箱、外汇账号、本币账号等信息。

2.更正、删除您的个人信息

您可通过iDeal App登录iDeal账户，在“个人信息页”页面，更正或删除您的手机号、邮箱、座机、地址等信息。

3.用户账户禁用账号步骤

您可通过以下两种方式禁用您的账号：

1)您可联系您所在机构的机构管理员禁用账号；

2)您可联系交易中心场务用户禁用账号。

4.撤回已同意的授权的步骤

您可通过以下两种方式撤回已同意的授权：

1)若您已登录iDeal，您可先退出iDeal，然后在iDeal登录页面取消勾选授权协议；

2)若您未登录iDeal，您可打开iDeal登录页面，在登录页面取消勾选授权协议。

5.尽管有上述约定，但按照相关法律法规及国家标准，在以下情形中，我们可能无法响应您的请求：

1)与国家安全、国防安全直接相关的；

2)与公共安全、公共卫生、重大公共利益直接相关的；

3)与犯罪侦查、起诉、审判和执行判决等直接相关的；

4)有充分证据表明您存在主观恶意或滥用权利的；

5)响应您的请求将导致其他个人、组织的合法权益受到严重损害的；

6)涉及商业秘密的；

7)其他根据法律法规及国家标准所无法响应您的请求的情形。

七、本政策的适用及更新

iDeal所有服务均适用本政策，除非相关服务已有独立的隐私权政策或相应的服务协议当中存在特殊约定。

发生下列重大变化情形时，我们会适时对本政策进行更新：

1.我们的基本情况发生变化，例如：兼并、收购、重组引起的所有者变更；

2.我们收集、存储、使用个人信息的范围、目的、规则发生变化；

3.我们对外提供个人信息的对象、范围、目的发生变化；

4.您访问和管理个人信息的方式发生变化；

5.我们的数据安全能力、信息安全风险发生变化；

6.您询问、投诉的渠道和机制，以及外部纠纷解决机构及联络方式发生变化；

7.其他可能对您的个人信息权益产生重大影响的变化。

由于iDeal的用户较多，如本政策发生更新，我们将以推送通知、弹窗提示的方式来通知您。为了您能及时接收到通知，建议您在联系方式更新时及时通知我们。如您在本政策更新生效后继续使用iDeal服务，即表示您已充分阅读、理解并接受更新后的政策并愿意受更新后的政策约束。

八、联系我们

如您对本政策存在任何疑问，或者任何相关的投诉或意见，请致电021-38585377与我们联系。您也可以将您的问题发送至cfetsonline@chinamoney.com.cn或寄到我们的地址：上海市浦东新区张东路1387号30栋【市场一部或市场二部】（收），邮编：201203。我们将尽快审核所涉问题，并在验证您的身份后及时处理，在法律法规规定期限内予以回复。如您不满意我们的答复，还可以向上海市浦东新区人民法院提起诉讼。

Personal Information Protection Policy


Version release date: [January][26],[2022]
Effective date: [January][26],[2022]

Overview
China Foreign Exchange Trade System & National Interbank Funding Center (“we”) are deeply aware of the importance of personal information to you. We will make our best to safeguard the security of your personal information and appreciate your trust in us. In this Policy, we will explain to you how we collect, store, protect, use, and externally provide your information, and explain your rights and the complaint channel available, mainly including the following points:
1.We will explain with reference to specific services, so that you may understand the types and purposes of the information we collect when you are using our services.
2.In order to provide you with our services, we will collect information about you on the principles of consistency between rights and responsibilities, specific purpose, choice for consent, minimum requirement, safeguarding security, participation of the subject, and being open and transparent.
3.If your information needs to be shared with a third party in order to provide you with our services, we will evaluate the legitimacy, validity, and necessity for the third party to collect such information. We will require the third party to take protective measures for your information and to strictly abide by relevant laws and regulations and regulatory requirements. In addition, we will ask for your consent, or confirm that the third party has obtained your consent, by using an acknowledgement agreement, written confirmation under specific scenarios, pop-up prompt, etc. in accordance with the requirements of laws and regulations and national standards.
4.If it is necessary to collect your information from a third party in order to provide you with our services, we will require the third party to specify the source of information and to guarantee the legitimacy of the information provided; we will ask for your express consent if our services require your personal information to be processed beyond the scope of authorization granted when initially providing your personal information to such third party.
5.You may access and manage your information, disable your account, or file a complaint by using the methods described in this Policy.

Please carefully read this Personal Information Protection Policy before using our products or services.

This Policy will familiarize you with the following:
I. How we collect information
II. How we use information
III. How we use Cookie and similar technologies
IV. How we share, transfer, or publicly disclose your information
V. How we store and protect information
VI. How you access and manage your information
VII. The application of and update to this Policy
VIII. Our contact information


By reading this Policy, you will understand how we collect, store, use, and provide your information externally when you are using our services. Meanwhile, you will also understand how we provide you with services for accessing, updating, managing, and protecting your information. This Policy is closely related to our products or services, hence we recommend you to carefully read and understand all the contents of this Policy, and make a proper choice at your discretion. We endeavour to make the wording easy and concise to understand so that you may understand and pay attention to the provisions having material impacts on your rights and interests and provisions related to your sensitive personal information in this Policy.

We may need to collect, store, use, and provide your information externally in order to abide by national laws and regulations and regulatory provisions (e.g. for real-name management, security management, etc.) and to provide you with our services and improve the quality of our services.

I. How we collect information

We need to collect some information about you when you are using the following service functions of iDeal, including the official website of iDeal (https://ideal.chinamoney.com.cn/), iDeal PC client, and iDeal mobile client, so that we may provide you with our services, improve the service quality, safeguard the security of your account, and abide by national laws and regulations and regulatory provisions. If the products or services provided by iDeal are used in the products or services of our affiliates, but no separate personal information protection policy has been formulated, this Policy is also applicable to such products or services. This Policy is not applicable to other products or services provided via the iDeal website or client, or the products or services provided by any other third parties (hereinafter referred to as “Third-party Services”); you should fully understand the product functions and personal information protection policy of such Third-party Services before opting to use the Third-party Services.

1.In order to log in to iDeal, before logging in for the first time, you need to fill in basic information required by iDeal on the registration page. You may register by using your mobile number or email address to meet the Internet real-name requirements of relevant Chinese laws and regulations; you may not log in to the basic iDeal state without providing the foregoing information. In addition, you may opt to provide us with your picture information.

2.After logging in to iDeal, you may bind your state: If you log in for the foreign exchange state, you may go to the Account Management page as prompted by the system or by using the “Account Management” button in the Settings, so as to bind your CNY account/mobile number/email; If you log in for the CNY state, you may go to the Account Management page as prompted by the system or by using the “Account Management” button in the Settings, so as to bind your foreign exchange account/mobile number/email; If you log in for the basic state, you may go to the Account Management page as prompted by the system or by using the “Account Management” button in the Settings, so as to bind your CNY account and foreign exchange account/mobile number/email; after successful binding of the CNY and foreign exchange states, you may rapidly switch between the states by using the identity switching button.

3.In order to ensure that you may use our services as expected, maintain, improve, and optimize our services, and safeguard the security of your account, we will collect information about your use, device model, operating system, iDeal software version number, network access method, service log information, information communication records, and transaction confirmation information, which is the basic information that must be collected for providing the services.

4.When you are using the iDeal Contacts function, we will perform irreversible encryption on your Contacts information and collect only encrypted information. You may not use the Contacts function if you refuse to provide such information; but you may freely use other functions of iDeal.

5.When you are a bank user, since you are a unique user of iDeal, your information will be imported by the floor administrative staff of iDeal for user login and user information presentation by the bank, which involves the following information: full name in Chinese of the institution, account, password, name, certificate type, certificate number, gender, email, and office number.

6.Others

Please understand that the services we provide to you will be constantly updated and developed. If you opt to use other services not covered above, and we need to collect your information based on such services, we will separately notify you of the scope and purpose of information collection and ask for your consent by using web page prompt, interactive communication, agreement, etc. We will use, store, externally provide, and protect your information in accordance with the provisions of this Policy; you may not use a specific service or some services if you opt not to provide the foregoing information, but you may freely use other services we provided.

II. How we use information

1.We may use your information under the following circumstances in order to abide by national laws and regulations and regulatory provisions, and to provide you with our services and improve the service quality:

1)To achieve the purpose described in “how we collect information” in this Policy;

2)We may use information collected in some products or services for our other products or services. For example, the information collected when you are using one of our services may be used in another service to provide you with specific content;

3)In order to ensure the security of the services and keep us notified of the application operation, we may record some relevant information. We will not combine the information stored in the analysis software with any personal identity information you provided in the application;

4)To make report to relevant authorities in accordance with laws and regulations or regulatory requirements.

2.When we use the information for other purposes not stated in this Policy, we will ask for your further consent by using an acknowledgement agreement or written confirmation under specific scenarios in accordance with the requirements of laws and regulations and national standards.

III. How we use Cookie and similar technologies

In order to provide you with more comfortable access experience, when you are accessing iDeal, we may use a small data file to identify you to eliminate the steps of repeatedly entering registration information or to assist in checking the security status of your account. Such data file may be Cookie, Flash Cookie, or other local memory provided by your browser or associated application (hereinafter referred to as “Cookie”).

However, iDeal will not force you into Cookie operations. If your browser or browser add-on service allows, you may change the acceptance level of Cookie or reject the Cookie of iDeal. In most browsers, the “Help” portion in the tool bar may tell you how to prevent your browser from accepting a new Cookie, how to alert you when your browser receives a new Cookie, or how to fully disable Cookie. In addition, you may disable or delete the Cookie or similar data in the browser add-on by changing the setting of the browser add-on or by accessing a web page of the provider.

IV. How we share, transfer, or publicly disclose your information

At present, we will not take initiative to share or transfer your personal information with or to a third party. Upon the occurrence of future circumstances under which we need to share or transfer your personal information, or you require us to share or transfer your personal information with or to a third party, we will confirm whether the third party has obtained your express consent to such act.

We will not publicly disclose the personal information we collected. Upon the occurrence of circumstances under which we must disclose your personal information, we will notify you of the purpose for the public disclosure, type of information to be disclosed, and sensitive information that may be involved, and ask for your express consent.

We draw your attention to that, your personal information that you provide to us via other services, products, or agreements than iDeal, and your personal information that we become aware of before your disclosure, is not subject to this Policy in the sharing, transferring, and disclosure of such information.

V. How we store and protect information

1.The personal information we collect and generate in the territory of the People’s Republic of China will be stored in the territory of the People’s Republic of China, and we will strictly keep the confidentiality of such information in accordance with laws. Generally, we may retain your personal information only for the period required for achieving the purpose of services and complying with the provisions of relevant policies and regulations.

2.In order to safeguard the security of your information, we may take various reasonable and necessary measures to protect your information after collecting your information. For example, we may encrypt the content involving sensitive personal information for storage in the database, deploy IPS, WAF, and other security protection devices, and deploy an anti-virus system and virus wall. We employ constantly improving technical means to enhance the security of our products or services, so as to protect your personal information from being divulged. For example, in order to guard against virus, trojan horses, or other malware, we will identify applications installed or processes in operation in your device to take corresponding security measures.

3.We warrant to implement information security protection up to the corresponding requirements of laws and regulations. In order to safeguard the security of your information, we endeavour to employ various security technologies and supporting management systems to minimize the risks of divulging, destruction, misuse, non-authorized access, non-authorized disclosure and change for your information.

4.We have set up an information security leadership panel to carry out the impact assessment on personal information security in collecting, using, sharing, and entrusted processing personal information. Meanwhile, we have established relevant internal control regulations to practice the principle of minimum required authorization for our staff having access to your information; we constantly train our staff on relevant laws and regulations and on privacy and security standards to enhance their awareness of security; and we have implemented special measures on data governance for data generation, including data classification, setting levels of permissions, and management on the principle of minimum authorization.

5.We have formulated an emergency plan in response to personal information security events, and we regularly organize emergency response training and emergency drilling for relevant internal staff to familiarize them with their post duties and emergency handling strategy and procedures. Upon the occurrence of a personal information security accident, we will promptly notify you in accordance with the requirements of laws and regulations. We will promptly notify you of information related to the event via push message, email/SMS message, etc.; if it is hard to notify every personal information subject, we will release an announcement in a reasonable and effective manner. Meanwhile, we will actively report the handling of the personal information security event in accordance with the requirements of regulatory authorities.

6.Please properly retain your login name and other identity elements. We will identify you according to your login name and other identity elements when you are using our services. You may suffer loss and be impacted unfavorably if you divulge such information. Please immediately contact us if you detect that your login name and/or other identity elements may be or have been divulged, so that we may promptly take corresponding measures to avoid or reduce relevant losses.

VI. How you access and manage your information

When you are using our services, we provide you with corresponding operation settings in the client to facilitate more convenient access to and management of your information while safeguarding your right for de-registering your account. You may perform operation with reference to the following guidelines:

1.Query and manage your information

You may log in to the iDeal App using your iDeal account, and query or bind your mobile number, email, foreign exchange account, CNY account, etc. under “Account Management”.

2.Correct and delete your personal information

You may log in to the iDeal App using your iDeal account, and correct or delete your mobile number, email, office number, address, etc. on the “Personal Information” page.

3.Disable your user account

You may disable your account by using the following two means:

1)Contact the institution administrator of your institution to disable your account;

2)Contact the floor administrative staff of CFETS to disable your user account.

4.Revoke consented authorization

You may revoke your consent to authentications:

1)If you have logged into iDeal, you may exit iDeal first, and then uncheck the authorization agreement on the iDeal login page;

2)If you have not logged in to iDeal, you may open the iDeal login page, and uncheck the authorization agreement on the login page.

5.Notwithstanding the foregoing, we may not respond to your requests under the following circumstances in accordance with relevant laws and regulations and national standards:

1)In direct connection with national security and security of national defense;

2)In direct connection with public security, public health, and material public interests;

3)In direct connection with criminal investigation, prosecution, trial, enforcement of judgement, etc.;

4)There is sufficient evidence to prove your malicious intent of or abuse of rights;

5)Responding to your request may cause serious damage to the legitimate rights and interests of yourself or other individuals and organizations;

6)Trade secret is involved;

7)Other circumstances under which we cannot respond to your request in accordance with laws and regulations and national standards.

VII. The application of and update to this Policy

All services of iDeal are subject to this Policy, unless relevant services are subject to a separate privacy policy or there are special provisions in a corresponding service agreement.

We will update this Policy in due course upon the occurrence of the following major changes:

1.Changes in our basic information, such as a change in the owner arising from merger, acquisition, or restructuring;

2.Changes in the scope, purpose, and rules for us to collect, store, and use personal information;

3.Changes in the object, scope, and purpose for us to externally provide personal information;

4.Changes in the means by which you access and manage personal information;

5.Changes in our data security capabilities and information security risks;

6.Changes in the channel and mechanism for receiving your query and complaints, and in the institution for resolving disputes externally and its contact information;

7.Other changes that may cause material effects on your rights and interests in personal information.

Given the large number of users of iDeal, we will notify you of updates to this Policy by using push notices and pop-up messages. We recommend you to promptly notify us of changes in your contact information so that you may get the notice in time. If you continue to use the products or services of iDeal after the updates to this Policy become effective, it indicates that you have fully read, understood, and accepted the updated policy and are willing to be bound by the updated policy.

VIII. Our contact information

For any questions on this Policy, or any relevant complaint or comment, please contact us at 021-38585377. You may also send your question to cfetsonline@chinamoney.com.cn, or mail you question to us at Building 30, 1387 Zhangdong Road, Pudong New District, Shanghai for the attention of [FX Market Department or RMB Market Department], postal code: 201203. We will review the question involved as soon as possible, promptly handle the question after verifying your identity, and give you a reply within the period provided in laws and regulations. If you are dissatisfied with our reply, you may bring a lawsuit with the People’s Court of Pudong New District, Shanghai.