We help you comply with local laws, license and protect your IP, and modify your app or game for China.
AppInChina Pay is the best way to integrate WeChat Pay & Alipay in-app payments into your game or app.
Launch your app or game on China's Apple App Store and the top 15 Android app stores in China.
Half of China plays mobile games. We will get them playing yours by taking care of every step - from distribution to promotion to monetization.
We provide custom UA services for the Chinese market with analytics, ASO and CPD campaigns.
We can test your app or game for dependencies and provide SDKs and cloud services that work in China.
With our local hosting service, you can comply with Chinese law and provide the best user experience.
We will bring your company, product, and service into full compliance with Chinese law.
Accept WeChat Pay and Alipay and manage them in English on your client backend, with API support. We also pay all Chinese taxes on your behalf.
We offer solutions for eCommerce, Software as a Service (SaaS), WeChat Mini Programs, and more.
Read and subscribe to our blog to catch up on the latest industry trends and news from China.
Research English translations of official government policies and communication on the mobile apps and games market.
A wealth of data on the China app and games market, in easy to digest visual format.
Search all the game license approvals in China in English with this handy tool, updated monthly.
Is your website available to Chinese users? Enter your URL to test your site’s availability in Mainland China and find out.
Updated quarterly, the AppInChina App Store Index is the market-leading index of China's largest Android app stores.
Updated quarterly, the AppInChina Game Store Index ranks the most popular Android game stores on the Chinese market.
The AppInChina App Index ranks the best-performing Android apps in the Chinese market.
The AppInChina Mobile Game Index tracks the top 20 mobile games in China across all platforms (iOS and Android).
Updated quarterly, the AppInChina Mobile Device Index ranks the top 20 most popular mobile device brands in China today.
Meet the team and learn why we are the most trusted company for foreign app distribution and marketing in Mainland China.
We are proud to count the world's most respected companies and brands among our clients. Read some stories of their successful launches in China.
Major news outlets regularly cite AppInChina for the most current data and insights into trends regarding the Chinese mobile app market.
Ready to plunge into the rewarding environment of a fast-growing company? See what we have to offer here in the heart of China.
Release Date: 11-28-2019
Chinese Title: 关于印发《App违法违规收集使用个人信息行为认定方法》的通知
Guo Xin Ban Mi Zi  No. 191
The cyberspace administrations, communications administrations, public security departments (bureaus) and market regulation bureaus (departments and commissions) of all provinces, autonomous regions, municipalities directly under the Central Government and the Xinjiang Production and Construction Corps,
According to the Announcement on Special Governance of the Illegal Collection and Use of Personal Information by Apps, the Cyberspace Administration of China, the Ministry of Industry and Information Technology, the Ministry of Public Security and the State Administration for Market Regulation have jointly formulated the Method for Identifying the Illegal Collection and Use of Personal Information by Apps to provide reference for the identification of illegal collection and use of personal information by Apps and implementing the Cybersecurity Law and other laws and regulations. The present Method is hereby promulgated for your implementation in light of actual regulatory and law enforcement practices.
Secretariat of Cyberspace Administration of China
Ministry of Industry and Information Technology
General Office of the Ministry of Public Security
General Office of the State Administration of Market Regulation
28 November 2019
The present Method is formulated in accordance with the Announcement on Special Governance of the Illegal Collection and Use of Personal Information by Apps, with a view to providing reference for supervision and administration departments to identify the illegal collection and use of personal information by Apps, offering guidance for App operators’ self-examination and self-correction and social supervision of netizens, and implementing the Cybersecurity Law and other laws and regulations.
I. The following practices may be identified as “non-disclosure of collection and use rules”:
2. failing to prompt users to read privacy policies and other collection and use rules, through pop-up windows or other noticeable ways, when an App is put into operation for the first time;
3. it is difficult for users to access the privacy policies and other collection and use rules. For instance, users cannot access the privacy policies and other collection and use rules of an APP before entering the main interface of the App for more than four clicks; and
4. it is difficult for users to read the privacy policies and other collection and use rules, For instance, the text is too small or too dense, and unclear, with too light color, or there is no simplified Chinese version, etc.
II. The following practices can be identified as “failing to expressly state the purpose, method and scope of collecting and using personal information”:
1. does not specify one by one the purpose, method or scope of personal information collection or use by Apps (including third parties entrusted or embedded third parties’ codes or plug-ins);
3. failing to synchronously inform users of their purposes, or the purposes are unclear and difficult for users to understand, when applying for the permission to collect personal information, or applying for the collection of user identity card number, bank account number, whereabouts and tracks and other personal sensitive information; and
4. the content of collection and use rules is obscure, lengthy and tedious, and difficult for users to understand, for example, the use of a large number of terminologies.
III. The following practices may be identified as “collecting or using personal information without the consent of users”:
1. commencing the collection of personal information or opening the authority to collect personal information before obtaining the consent of users;
2. after a user clearly expresses disagreement, still collecting personal information or opening the authority to collect personal information, frequently asking for the user’s consent and interfering with the normal use of a user;
3. the personal information collected or the authority opened for collectable personal information is beyond the scope of users’ authorization;
5. change the status of collectable personal information authority set by a user without the user’s consent, such as automatically restoring user settings to the default status when the App is updated;
6. utilizing users’ personal information and algorithms to push information from targeted sources, but failing to provide options for non-targeted push information;
7. misleading users into agreeing to collect personal information or opening the authority to collect personal information by fraud, deception or other improper means, such as deliberately deceiving or concealing the true purpose of collecting or using personal information;
8. failing to provide users with channels and methods for withdrawing consent to collect personal information; and
9. collect and use personal information in violation of its stated collection and use rules.
IV. The following practices may be identified as “collecting personal information unrelated to the services they provide in violation of the principle of necessity”
1. the type of personal information collected or the authority for collectible personal information opened is irrelevant to existing business functions;
2. refusing to provide business functions because users do not agree to collect unnecessary personal information or open unnecessary authority;
3. The personal information collected by an App under the application for new business functions exceeds the scope originally approved by a user. If the user disagrees, the App will refuse to provide the user with the original business functions, except that the new business functions replace the original ones;
4. the frequency of collecting personal information is beyond the actual needs of business functions;
5. forcing users to agree to collect personal information for the sole reason of improving service quality, boosting user experience, pushing targeted information, researching and developing new products, etc.; and
6. Requiring a user to consent to open multiple authority to collect personal information at one time, and the user cannot use the App without consent.
V. The following practices may be identified as “providing others with personal information without the consent”:
1. without the consent of a user and without anonymization, an App client directly provides personal information for a third party, including the provision of personal information to a third party through a third party’s code embedded in the client, plug-ins or otherwise;
2. without the consent of a user and without anonymization, an App provides a third party with the personal information it has collected after the data is transmitted to the background server of the App; and
3. without the consent of users, an App that is linked with a third-party application provides personal information to the third-party application.
VI. The following practices may be identified as “failure to provide the function of deleting or correcting personal information in accordance with the law” or “failure to disclose the information on complaints and whistleblowing reports”
1. failing to provide functions for effective correction and deletion of personal information and deregistration of users’ accounts;
2. setting unnecessary or unreasonable conditions for correcting or deleting personal information or deregistration of users’ accounts; and
3. having provided functions of correcting or deleting personal information or deregistration of users’ accounts but failing to timely respond to the corresponding operations of users or to complete the examination and handling the operations subject to manual handling within the committed time limit (such committed time limit shall not exceed 15 working days, and if there is no committed time limit, the time limit shall be 15 working days); and
4. where users have finished operations such as correction and deletion of personal information or deregistration of users’ accounts, but App background has not completed the said operations; and
5. failing to establish and publicize channels for complaints and whistleblowing reports about personal information security, or failing to accept and handle complaints and whistleblowing reports within the committed time limit (which shall not exceed 15 working days; in the absence of committed time limit, 15 working days shall apply).
Send us a message with your questions. We'll put together a custom plan tailored to your needs.Get Started Now