When you use the products and services on UOB Infinity APP, we may collect and use your personal information in the manner described below for purposes of delivering products and services to you, securing your account and funds and ensuring compliance with the laws, regulations and regulatory rules of China.

1. Business Functionality on UOB Infinity APP
   
   (1) User password activation and reset
   
   When you activate or reset your password, we may collect mobile number and email address from you for the purpose of activation and reset of user password. If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   (2) Notifications management
   
   When you access the Notifications module to set email or text message notifications, we may collect your email address or mobile number to send you notices. If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   (3) User management
   
   In the “Manage My Profile” module of the User Management module, we will collect information from or about you, such as group ID, company information, your name, user ID, security token serial numbers, country/region code, mailing address, phone number, language, password, and corporate account information and account permissions. In this module, you may update your phone number, mailing address, language and password. We will collect information about your phone number, mailing address, language and password in order to effectuate changes. If you do not provide the above information, we may not be able to provide you with such service.
   
   (4) Payments and Fund Transfer
   
   In the Payments and Fund Transfer module, we may collect information about counterparties to payments and fund transfer, including the names, physical addresses, countries, banks and account numbers of payees.If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   (5) In-memory feature on the login page
   
   The in-memory feature is offered on the login page for your signing into UOB Infinity Mobile App. We will collect your country/region code, group ID, user ID and default language and store such information by using vKey SDK to enable your next quick login. If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   (6) API use
   
   By using APIs, we will collect your application version number (including release and internal version numbers), device ID which is generated after UOB Infinity App is installed in user’s device, user’s device model, version and platform of the operating system of user’s device (e.g. Android or iOS) and the channel of use of UOB Infinity (e.g. APP version or web version), in order to track defects in the software program. If you do not provide the above information, we may not be able to provide you with such service.
   
   (7) Biometrics
   
   In order to allow you to use the login service more safely and conveniently, if your device and the UOB Infinity App version both support fingerprint or face functions, you can choose to enable the fingerprint or face login function, and login App via fingerprint or face verification on your device. Our bank only receives the verification result and does not collect your fingerprint or facial information. If you do not want to use fingerprint or face verification, you can still log in through other methods. If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   (8) Push notification
   
   The push notification function allows to push notifications to you through the UOB Infinity App. You can unsubscribe by turning off the App notification function in the phone settings, and such operations will not affect your use of other UOB Infinity products and services. If you do not provide the above information, we may not be able to provide you with such service, but it will not affect other products or services we provide to you (if any).
   
   When you enable the push notification function, the UOB Infinity App will request notification permissions on your device to help you receive important notifications. You can choose whether to authorize us to collect this information. If you refuse to authorize, we may not be able to push important notifications to you, but it will not affect our other products or services we provide to you (if any).
   
   (9) Android Blacklist App detection
   
   In order to allow you to use our App more safely, we will access .to the application installation list permission (android.permission.QUERY_ALL_PACKAGES) in your Android phone to identify the blacklist application . If you do not provide the above information, we may not be able to provide you with such service.
   
   (10) Software Development Kit
   
   When you use the functions and services of the App, in certain specific scenarios, the Bank may use the software development kit ("SDK" for short) provided by a third-party service provider with corresponding business qualifications and capabilities to provide you with services. At this time, the third-party service provider needs to collect your necessary information, and such third-party service provider will process your personal information in accordance with the rules shown in its respective privacy policies/personal information processing rules links. If you have any concerns about the third-party service provider’s processing of your personal information, you can contact the third-party service provider directly. You can click here to view the SDKs we use in specific scenarios and their related information.
   
   In order to meet new service requirements and business function adjustment needs, we may adjust the SDKs we use from time to time, and the content of the SDK itself may also be adjusted accordingly. We will update the above SDK list in a timely manner when the SDK changes. If you do not agree to the above third-party service providers collecting the above information, you may not be able to obtain the corresponding services, but it will not affect your normal use of other functions or services of the App.
   
   Currently, we do not obtain personal information about you indirectly from other sources for the products and services provided by UOB Infinity App.

2. Exceptions to Processing of Personal Information
   Subject to and in compliance with applicable laws and regulations, we may process your personal information without your consent in the following cases:
   (1) it is necessary to execute and perform the contract to which you are a party;
   (2) it is necessary for UOB to comply with legal requirements or its legal obligations;
   (3) it is necessary to respond to a public health emergency or protect the life, health and property safety of you or other natural persons in an emergency;
   (4) your personal information is processed to the extent reasonable for carrying out any news reporting, supervision by public opinions or any other activity for public interest;
   (5) the personal information which you have already disclosed or has been otherwise legally disclosed to the public is processed to the extent reasonable in accordance with law; or
   (6) there are other circumstances provided by laws and regulations under which we may process your personal information without your consent.

3. Rules for Use of Personal Information
   We will use your personal information pursuant to this Privacy Policy for the purpose of enabling you to use the features and functions of products or services.
   You acknowledge and agree that we have the right to use the personal information that is de-identified and cannot be used to identify you.
   In relation to any use of information we collect for the purposes not specified herein, we will request your further consent by appropriate means as required by applicable laws, regulations and national standards.

When you visit, browse or use any website or mobile application of the Bank, the website and/or application will record information to analyze the number of visitors to, and the use of, the website and/or application. Such certain information will be collected by means of “Cookies”. We use Cookies to make our websites and/or applications more secure and more user-friendly. Please note that Cookies only collect anonymous aggregated statistical data, other than any personal information such as name, address, phone number or email address.

If you wish to disable Cookies related to the technologies described above, you may change the settings of your browser and/or application. However, if you make such change, you may not be able to access certain parts of our websites and/or applications.

1. Sharing
   We do not share your personal information with any other company, organization or individual, except in the following cases:
   (1) (1) Where we have obtained your separate consent to the following sharing of personal information, that is, if we add or change any recipients with whom we share your personal information in practice, we will further seek your consent or separate consent through pop-up windows, separate authorization documents, notification pages, or other appropriate methods, except where consent is not needed according to laws and regulations:
   (a) sharing with our affiliates in order to better offer products and services. In such case, only necessary personal information will be shared subject to the purpose of this Privacy Policy specified herein. If our affiliate intends to alter the purpose of processing, further consent will be requested from you.
   (b) transmitting or sharing with our authorized partners. For the purpose stated in this Privacy Policy, some of the functionality on our services may be provided by authorized partners. We may transmit or share certain personal information about you with such authorized partners in order to offer better customer services and user experience. We will limit transmitting or sharing of your personal information that is only necessary for us to provide services for a lawful, justifiable, necessary, specific and explicit purpose. Our partners are not entitled to use the transmitted or shared personal information for any other purposes.
   Currently, our authorized partners is telecommunications service providers.
   We will transmit or share your personal information with third parties that support our functions. In order for the telecommunications service provider to assist us in sending you SMS notifications, we will transmit or share your phone number with the telecommunications service provider [Union Mobile Financial Technology Co., Ltd. (400-112-5881)] to send you relevant SMS notifications. Please note that we may establish an entrustment relationship with the aforementioned third parties, meaning we may entrust such third parties and they may accept our entrustment to process personal information within the agreed scope in accordance with the agreed purpose, time limit, and processing method.
   (2) Where we are required to do so by any law, regulation or mandatory governmental request;
   We will enter into strict non-disclosure agreements with those companies, organizations and individuals with whom we share personal information to bind them to process it based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures. For situations involving the cross-border provision of personal information, please refer to the relevant clauses in “Section III-4 Cross-border Transmission” of this Privacy Policy.

2. Transfer
   We do not transfer your personal information to any company, organization or individual, except in the following cases:
   (1) With your separate consent; or
   (2) In connection with a merger, acquisition, bankruptcy or liquidation, in which case we will procure those companies or organizations holding your personal information to honor this Privacy Policy or otherwise to request further consent from you.

3. Disclosure
   We may disclose your personal information only in the following cases:
   (1) With your separate consent; or
   (2) For legal reasons: we may disclose your personal information to meet any law, legal proceedings, legal action or mandatory governmental request.

4. Cross-border Transmission
   You understand and acknowledge that UOB as a foreign-invested bank operating in China, for necessary factors include business requirements (especially cross-border transactions such as remittances), deployment and management of group information systems, and enabling our overseas affiliates to assist in providing products and/or services to you or in processing your personal information to achieve the purposes described in this policy, we may transmit your personal information collected in relevant business operations to overseas recipients (such as overseas intermediary banks, correspondent banks, beneficiary banks, the Society for Worldwide Interbank Financial Telecommunication (SWIFT), and overseas branches of UOB), and/or process it on information systems deployed overseas. We will comply with the requirements of laws, regulations, and relevant regulatory authorities, and will take measures such as signing agreements, conducting supervision checks, security audits, and other measures to clarify obligations and responsibilities of all parties involved, to ensure overseas recipients process your personal information in accordance with the relevant laws and regulations of the People's Republic of China.
   Currently, our primary overseas recipient of personal information is our parent bank, United Overseas Bank Limited. You can query its contact information and privacy policy on its official website(https://www.uobgroup.com/uobgroup/index.page). If you need to exercise any rights related to personal information with our parent bank, you can contact it directly through the contact information disclosed on its website, or you can contact us first through the contact information provided below in this Privacy Policy
   For more information about overseas recipients of personal information, please click here to view the list of overseas recipients
   For certain services, we will transfer and store your personal information mentioned in Section I of this Privacy Policy, including basic information (such as name, phone number, email address), network identity information (such as App login user codes, passwords), and personal device information (such as device model, device operating system version, and platform), outside of China (such as in Singapore) or process your personal information outside of China (including transmission to jurisdictions where data protection laws may not be as comprehensive as those in our jurisdiction).
   Regarding the aforementioned parent bank located in Singapore and any future additional overseas recipients, we will inform you of relevant details and obtain your consent in accordance with laws and regulations (except where consent is not required as stipulated by laws and regulations).

1. Security Measures
   (1) UOB values data security and establishes a specialized team in support of data protection. We work hard to make sure your information is safe and secure, including maintaining appropriate administrative, technical and physical security measures and establishing an information security and assurance system that is compatible with business development with reference to Chinese and foreign information security standards and best practices.
   (2) We employ security protocols with respect to all phases of data collection, storage, display, processing, use, and destruction in the data life-cycle, and adopt different control measures at varying sensitivity levels, including but not limited to access control, encrypted transmission and encryption algorithm for encrypted storage.
   (3) We also implement strict management of our employees who may have access to your information, and ensure that their operation of your information, such as data access, internal transmission or export, pseudonymization, decryption and other important operation will be performed under control.
   (4) We establish a review and approval mechanism and execute non-disclosure agreements with those employees with such access. In addition, we also provide periodic training for employees with respect to information security, and require employees to build good operating habits in their daily work and increase their awareness of data protection.
   (5) While we take various security measures described above, please understand that there are no such “perfect security measures” for the Internet. We will rely on currently available technologies and take appropriate security measures to protect your information. We will offer reasonable security guarantees and will strive to protect your information from leakage, damage or loss.
   (6) Your account is protected with security features. Please keep your account number and password private, and you should never disclose your password to others. If you become aware of leakage of your personal information, especially your account number and password, you should immediately contact UOB customer service so that we can take appropriate steps.
   (7) Please save or backup your text, pictures and other information in a timely manner. You understand and accept that the system and telecommunications network you use to access our services will be interrupted or unavailable as a result of any factors beyond our control.

2. The Internet is not absolutely secure, and email, instant messaging and other methods to communicate with other users are not encrypted. We strongly recommend that you not send personal information by such communication means and use strong password to help us keep your account secure.

3. In the event of a personal information security incident, we will promptly notify you in accordance with applicable laws and regulations of the general status and potential impact of the security incident, the measures we have taken or will take, suggestion for risk prevention and mitigation, remedies available to you, etc. We will promptly notify you of the progress of such incident by email, correspondence, telephone and//or push notification. If it is difficult to deliver notice to each personal information subject, we will publish announcement in a reasonable and effective manner. In addition, we will proactively report the handling of personal information security incident as required by regulatory authorities.

When you use the UOB Infinity products or services, you can follow the following guidance to access, correct and delete your personal information and exercise your rights to withdraw consent and deregister account. In addition, we also have established the reporting-complaint procedures to process your concerns in a timely manner.

1. Access and Query Your Personal Information
   Account information: Click “Manage My Profile” to access or query personal information about your account, such as your mobile number, email address and language.
   If you cannot access or query personal information by using the method provided above, please feel free to call our customer service hotline at 400-886-2821 to make a request or ask for help.
   Except for the information specified above, we cannot offer you the service of accessing and correcting some of your personal information that is collected for the purposes of improving your user experience and guaranteeing transaction security, including, among other things, your device information and personal information generated when you use extensions. We will use such information with your permission. Although you cannot access or correct such information, you may request us to delete or anonymize it.

2. Correct and Update Your Personal Information
   If you find that the personal information we process about you is incorrect or if your personal information has changed or needs to be updated, you can click on “Manage My Profile” to correct and update your account-related personal information, such as your phone number, email, and password. If you cannot correct or update the relevant personal information through the above method, you can submit an application or seek assistance by calling our customer service hotline at 400-886-2821.

3. Transfer Your Personal Information
   You can request that we transfer your personal information processed by us to a specified third party. We will provide the means or methods for the transfer in accordance with the conditions stipulated by the relevant regulatory authorities.

4. Explain and Clarify
   If you have any questions about this Privacy Policy or our other personal information processing rules, you can request that we provide an explanation and clarification.

5. Delete Your Personal Information
   Subject to applicable law, we will delete your personal information at your request, which can be submitted by calling our customer service hotline at 400-886-2821. However, if relevant laws, regulations, or regulatory authorities have special requirements for the retention period of personal information, or if the deletion of personal information is technically difficult to achieve, we will comply with the requirements or process it according to legal provisions.

6. Change Consent or Withdraw Authorization
   Each business functionality is enabled based on certain type of basic personal information. You may give or withdraw your consent at any time, for example, you can modify the device permissions in your mobile phone settings.
   If you withdraw your consent, we will no longer process your personal information involved, but the withdrawal of your consent will not affect any processing of personal information which has already taken place with your permission.

7. Deregister Account
   You may deregister the UOB Infinity account you have registered by calling the Bank’s customer service hotline at 400-886-2821 to make a request.
   You understand that deregistering your account is irreversible, and once your account is deregistered we will discontinue to provide the products and/or services to you, cease to collect your further personal information through the client portal, and delete all personal information about your account at your request, except as otherwise required by laws, regulations or regulatory authorities regarding the retention period of customer information.

8. Obtaining a Copy of Personal Information
   You have the right to obtain a copy of your personal information. You can contact our customer service hotline at 400-886-2821.

9. Response to the Requests for the Exercise of Your Rights
   If you cannot exercise your rights by using the methods provided above, you may contact us as indicated in the “How to Contact Us” section of this Privacy Policy. For the sake of security, you may be required to make requests in writing or prove your identity by other means. We may request you to verify and authenticate your identity before processing your request, but in whatever case, we will complete reviewing and processing your request within the period of up to 15 business days or within a shorter period (if applicable) as required by laws and regulations.
   In principle, no fee shall be charged for reasonable requests. A fee reflecting the cost incurred by us will be charged as appropriate on repeated requested beyond reasonable limits. We have the right to reject the requests that are repeated and vexatious, or need excessive technological means to fulfill, or cause risks to others’ legitimate rights and interests or are impractical.

10. Exceptions to Response
    We may be unable to respond your request in the following cases:
    (1) To fulfill the obligations of UOB under laws and regulations;
    (2) Directly in connection with national security or national defense security;
    (3) Directly in connection with public security, public health or substantial public interest;
    (4) Directly in connection with a criminal investigation, prosecution, trial and execution of judgments;
    (5) Where UOB has sufficient evidence that the personal information subject has malicious intent or abuses his/her rights;
    (6) For the purposes of maintaining the life, property and other significant legitimate rights and interests of the personal information subject or other individuals, however that it is difficult to obtain consent from the said personal information subject;
    (7) Where responding to the requests of the personal information subject will seriously impair the legitimate rights and interests of the personal information subject or of other individuals or organizations; or
    (8) Involving trade secrets.

We place a high priority on protecting personal information about minors. Minors should obtain the written consent from their parents or legal guardians in accordance with the law before submitting any personal information or using our products and/or services.
If you are under 18 years of old, we recommend that your parents or guardian carefully read this Privacy Policy and that you ask your parents or guardian for permission before submitting any personal information and use any of the Bank’s products and services under the guidance of your parents or guardian. If you are under 14 years of old, you shall ask parents or guardian for permission before using any of our service and providing your information to us or any third party.
If your parents or guardian disagrees with your submission of your personal information or disagrees with your use of any of the Bank’s products and services, you should immediately cease to submit information or terminate the use of the Bank’s products and services, and notify us as soon as possible to enable us to take appropriate steps. We will protect relevant information about minors in accordance with the relevant laws and regulations of the State.
If you are a minor under the age of 18, we will only process this information when permitted by laws and regulations, with the explicit consent of your parents or guardians, or when it is necessary to protect the rights and interests of minors. If you are a minor under the age of 14, we will process your information in accordance with relevant laws and regulations such as the Minors Protection Law and the Provisions on the Cyber Protection of Children's Personal Information.
Nevertheless, please understand that UOB Infinity APP is intended for enterprise users only. We do not intend to, nor will we actively collect personal information from minors. You should not provide any personal information of minors, nor should you be asked to do so. If you find any accidental collection or provision of such information, please inform us in a timely manner. We will promptly delete such information in accordance with applicable laws and regulations.

Unless stipulated in other clauses of this Privacy Policy, in principle, we will store within the territory of the People's Republic of China all your personal information collected and generated in the People's Republic of China, and we will strictly keep this information confidential in accordance with the law.
We retain your personal information only for the period of time as necessary to effect the purpose of this Privacy Policy or as otherwise provided under laws, regulations and regulatory rules. Upon the expiration of such retention period, we will delete or anonymize your personal information. However, if it is technically difficult to delete your personal information, we will cease processing your personal information except for storage and implementing necessary security measures as required by applicable laws.

Please note that the operators of third-party websites you visit, such as third-party links, may have their own privacy policies.

When you view the webpages created by third parties or use the applications developed by third parties, they may place their own Cookies or pixel tags. These Cookies or pixel tags are not under our control, and their use is not subject to this Privacy Policy.

We will use commercially reasonable efforts to procure these third parties to take security measures for your personal information, however, we cannot warrant that they will follow our request to take security measures. Please contact directly these third parties for details of their respective privacy policy. If you become aware of any risk in the webpages created or applications developed by the third parties, we recommend that you discontinue operations in order to protect your legitimate rights and interests.

This Privacy Policy is subject to change. When this Privacy Policy is updated, we will publish any changes we make to this Privacy Policy on this page and re-obtain your consent via pop-up message or other appropriate ways. After you log into the UOB Infinity App, you can read this Privacy Policy by clicking More Services-scroll to the bottom of the page-click Privacy Policy. With respect to any material changes to this Privacy Policy, we will also provide notices in a conspicuous manner, including but not limited to indicating the modifications to this Privacy Policy in details by email, text message or special tips on the browsing page).

For the purpose of this Privacy Policy, material changes include, but without limitation, material changes in our service model; material changes in our ownership or organizational structure; changes of the person with or to whom we share or transfer or disclose personal information; material changes of your rights and exercise thereof with respect to the processing of personal information; any change of our department in charge of the security of personal information or its contact information or complaint procedures; and any high risks indicated in the personal information security impact assessment report.

The previous versions of this Privacy Policy will be archived for your review.

This Privacy Policy is written in both Chinese and English, and the Chinese version will prevail in the event any conflict between the Chinese version and the English version.

If you have any questions, concerns or suggestions relating to this Privacy Policy or your personal information, please contact UOB Infinity Customer Service Department at 400-886-2821.
In general, we will confirm receipt of and process your inquiry within 15 business days or within a shorter period (if applicable) as required by laws and regulations. If you are not satisfied with our response, in particular if you believe that your legitimate rights and interests are impaired as a result of our processing of your personal information, you may file a complaint or report to the competent authorities responsible for personal information protection, or seek compensation according to law.