国双Ad Dissector数据隐私政策
国双(Nasdaq:GSUM)是依据中国法律合法成立并有效存续的公司,是中国领先的企业级大数据和人工智能解决方案提供商。基于国双大数据平台和数字智能化的优势,帮助企业和政府客户做出更好的业务决策并以新颖有效的方式使用数据,从而提高生产力。
国双一直秉承用数据创造价值的理念,在法律允许的范围内,尽力为客户提供最优质的服务。这项原则始终贯穿于所有客户的合作过程当中,并得到了客户的一致认可。
我们如何获取数据?
目前,国双已经与Google AdWords建立了长期的合作关系。为了能给客户提供最优质的广告服务,国双的Ad Dissector通过调用AdWords提供的API,来获取各个推广账户每天的推广数据,包含推广账户、推广系列、推广组、广告等层级的广告属性数据,以及关键词广告的曝光、点击和花费数据。
国双获取的数据不包括能识别单个网民的唯一身份的数据,比如cookie、IMEI、IDFA等,更不包含涉及用户隐私的手机号、邮箱等数据。
我们如何使用数据?
通过AdWords API获取的广告数据,国双Ad Dissector能够给广告优化师提供便捷的服务和丰富的广告数据,助其更高效地分析、优化和总结搜索广告的表现,为客户制作详细的数据报告,以满足客户在搜索广告上的投入产出要求。
我们如何保护数据?
根据相关的法律法规要求,无论其是否涉及用户个人隐私信息,国双均有对数据安全进行保护的义务,采取相应的技术手段,以保障网络免受恶意干扰、病毒入侵、破坏或未经授权的访问等技术风险,防止用户数据泄露或被窃取、篡改。
同时国双采取了必要的措施维护信息安全,如数据分类、重要数据备份、加密等安全措施;定期进行系统漏洞排查等。 检测、记录网络运行状态、信息读取状态,特别是在允许第三方访问客户数据时,保留相关网络日志以进行风险防范。
若发生数据信息泄露事件,国双将按照国家法律法规的要求,第一时间告知客户:事件的基本情况和可能的影响、国双已采取或将要采取的处置措施、客户可自主防范和降低风险的建议、国双对客户的补救措施等。
我们如何一直满足监管机构的政策要求?
国双会不定期跟进国内监管机构对数据隐私政策的更新,并定期检查国双的隐私政策,最终保证国双对客户数据的处理方式符合国家法律法规的要求。同时,对于重大的政策变化,国双也会在第一时间通知客户,以保障客户的知情权。

附法律条款:《中华人民共和国网络安全法》
Policy of Data Privacy for Gridsum's Ad Dissector
Gridsum(Nasdaq:GSUM)is a leading provider of cloud-based big-data analytics and AI solutions for multinational and domestic enterprises and government agencies in China. With Gridsum Big Data Platform and its advantages in digital intelligence, Gridsum's mission is to help enterprises and government organizations in China use data in new and powerful ways to make better informed decisions and be more productive.
At Gridsum, we hold up the belief of “Data Focus, Value Creation”, and strive to provide services for clients with the highest quality within the sphere permitted by law. This is the principle that we adhere to and throughout all processes when collaborating with customers, and won their recognition when assignment finished.
How do we obtain data?
Gridsum has formed a long-term collaboration with Google AdWords. In order to provide the best quality of service for customers, Gridsum's Ad Dissector calls APIs provided by AdWords to obtain daily promotional data of each account, including data related to search ads, such as accounts, campaigns, ad groups, and ads, as well as data with regard to exposures, clicks, and spending on each keyword.
The data obtained by Gridsum does not include data that can be used to identify individual netizens, such as cookies, IMEI, IDFA, etc., and it does not include data with regard to the privacy of users either, such as mobile phone numbers and emails.
How do we use data?
Based on advertising data obtained through the AdWords API, Gridsum Ad Dissector provides professionals who work on advertising optimization with convenient services and comprehensive advertising data to help them analyze, optimize and summarize the performance of search advertising more efficiently, and to develop detailed reports on data for customers, so as to meet customers' expectations on ROI of search advertising.
How do we protect data?
According to relevant laws and regulations, whether or not it involves users' personal privacy information, Gridsum has the obligation to implement security protection, adopt technical means to protect the network against technical risks such as interference, virus attacks, disruption, or unauthorized access, and prevent against data breach, theft, or tampering.
Gridsum also takes necessary security measures to ensure information security, such as data classification, backup and encryption of important data, among others, and perform screening for loopholes in the system on a regular basis. We detect and keep logs of network operation status and information readout status and save relevant network logs for risk prevention, especially when third parties are allowed to access customer data.
If data leaking happened, Gridsum will, as required by national laws and regulations, inform customers at first timing including the basic situation and possible impact of the incident, measures that Gridsum has taken or will take to resolve the issue, suggestions on what customers can do to protect and prevent against risks, and remedial measures that Gridsum will offer for clients, etc.
How do we adhere to policies and meet requirements of the regulatory agencies?
Gridsum will from time to time follow up on the latest updates on data privacy policies from regulatory agencies, and check Gridsum's own privacy policies on a regular basis to ultimately make sure that Gridsum process obtained data in compliance with national laws and regulations. As for major policy changes, Gridsum will also notify customers as soon as possible to protect customers' rights to be informed.

Appendix:" Cybersecurity Law of the People's Republic of China".