# Guidelines on User Privacy Protection for Configuring Mini Programs

  • In order to further regulate the personal information processing activities of developers, To protect the legitimate rights and interests of users, developers involved in the processing of users' personal information in Mini programs and plug-ins, whether by calling relevant interfaces involving users' personal information, or collecting users' personal information on their own, need to supplement the corresponding user privacy protection guidelines before submitting the code version. Details can be found atGuidelines on Privacy Protection for Users of Supplementary Mini Programs and Plugins

  • Mini Program, which is not developed on behalf of the Wechat, can be configured by logging on to the Wechat public platform in [Mini Program Management background-Settings-function Settings-user Privacy Protection guidelines], while the new Mini Program can only be configured through the interface.

Be careful

  1. The above three interfaces are in the [Mini Program Development and data Analysis] permission set, if Mini Program for the development of the agent has the authorization of this permission, there is no need for the business Mini Program administrator to re-authorize.

2, on behalf of the development of Mini programs can only be configured through the interface, can not be configured through the [WeChat Official Platform - settings - function settings - user privacy protection guidelines].

  1. For other frequently asked questions, please see the end of the document.

# 1, the effect after the configuration

  • To help developers understand[Guidelines on User Privacy Protection for Configuring Mini Programs]The parameters of the interface and the effect of the configuration can be referred to the following renderings (third-party developers can also use their own Mini programs to log in [WeChat Official Platform - settings - functional settings - user privacy protection guidelines] to view the preview renderings after configuration):
  • After configuration through the interface, it will be displayed in the more information page of the Mini Program and the i in the upper right corner of the authorization pop-up window. The purpose of use of the information filled in the subsequent privacy agreement will also be directly displayed in the corresponding authorization pop-up window.

  • Moreover, users can enter the settings page through the top right corner to manage the information, and after deleting it, the message will be pushed to the developer.

# 2. Dxplaination of Rules

(1) After the adjustment interface is configured, it will not take effect immediately in the current network version of the Mini Program, it is necessary to resubmit the code for review, and it is necessary to re-release the code on the line before it takes effect.

2, each code review link will be relevant verification, such as the configuration of the user privacy protection guidelines and the actual collection of user information in the code does not match and does not meet the corresponding requirements, you can not pass the code version review.

3, in order to improve the audit pass rate, it is recommended that service providers configure privacy protection guidelines for each generation of Mini programs developed in accordance with the actual situation. And it is recommended that the configuration be carried out by the service provider (merchants are not Mini Program code writers, and it is usually not clear which interfaces the code refers to and which user type information is collected).

# Common problem

# 1) How do I know which privacy protection guidelines should be configured for this Mini Program?

  • Can be accessed throughGuidelines on Privacy Protection of Mini Program UsersInterface for privacy_List, which is the type of user information detected by the code (privacy_Key), you need to configure these information types accordingly.

  • And the setting returned by that interface_list中privacy_Text for the purpose that has been configured, if privacy_If the text is empty, it means that it has not been configured.

  • For example, privacy_list returns "Album", And the privacy_text corresponding to "privacy_key": "Album" returned in setting_list is empty, it means that "Album" has not yet configured privacy protection guidelines and needs to be accessed through theSet interfaceFor configuration.

  • privacy_Key corresponding Chinese information can also be obtained through the interface, details can be viewed privacy_The contents returned by desc.

  • Note that if you have not recently passedCommit interfaceSubmit code, then privacy_The contents of the list may be empty.

# 2、setting_The content of the list needs and privacy_Is the list the same?

  • No need. setting_Privacy Policy_List is enough. If privacy_The list is detected, but the setting_If there is no configuration in the list, it will be rejected.

# 3. Do I have to reconfigure the privacy protection guidelines through the interface every time I submit a code review?

  • If there are already approved and effective privacy protection guidelines online, but subsequent code iterations do not involve the collection of user privacy information, there is no need to reconfigure.

  • However, if the subsequent version iteration involves the new collection of user privacy information, after submitting the code, it is still necessary to adjust the interface for configuration, otherwise the code review process will be rejected.

# 4) How do I know the results of the review and the reasons for the rejection?

  • Via InterfaceGuidelines on User Privacy Protection for Configuring Mini ProgramsAfter that, throughSubmit Code ReviewInterface for arraignment

  • After the code is submitted for review,[Check the status of the latest submission](https://developers.weixin.qq.com/doc/初始值/Third-party_Platforms/2.0/api/code/get_latest_audit status.html)Interface queries the status of an audit and, if rejected, the reason for rejection.

  • In addition, the code review results will also be pushed to the service provider's third-party platform message and event URL, details can be foundCode Review Results

# 5) How to fill in the contact information of the information collector (developer)?

  • It needs to be handled according to the actual business situation. The contact information of the merchant can be filled in, and the contact information of the service provider can also be filled in, but it is necessary to ensure that the contact information filled in is true and effective and can be contacted to handle related matters.

# 6. What is the effect of uploading a custom file?

  • Configure a custom file through the interface (the corresponding parameter is ext_file_media_Id), at the end of the Mini Program privacy guidelines page, you can see "For more personal information processing rules can see the supplementary document." Click on "Supplementary Files" to download the custom files uploaded by the service provider.