Path:
Home >
GB/T >
Page206 > GB/T 43739-2024
Price & Delivery
US$439.00 · In stock · Download in 9 secondsGB/T 43739-2024: Cybersecurity technology - Audit and management guide for personal information processing normativeness of mobile internet applications in App stores
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See
step-by-step procedureStatus: Valid
| Std ID | Version | USD | Buy | Deliver [PDF] in | Title (Description) |
| GB/T 43739-2024 | English | 439 |
Add to Cart
|
4 days [Need to translate]
|
Cybersecurity technology - Audit and management guide for personal information processing normativeness of mobile internet applications in App stores
|
Click to Preview a similar PDF
Basic data
| Standard ID | GB/T 43739-2024 (GB/T43739-2024) |
| Description (Translated English) | Cybersecurity technology - Audit and management guide for personal information processing normativeness of mobile internet applications in App stores |
| Sector / Industry | National Standard (Recommended) |
| Classification of Chinese Standard | L80 |
| Classification of International Standard | 35.030 |
| Word Count Estimation | 22,232 |
| Date of Issue | 2024-04-25 |
| Date of Implementation | 2024-11-01 |
| Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration |
GB/T 43739-2024: Cybersecurity technology - Audit and management guide for personal information processing normativeness of mobile internet applications in App stores
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35:030
CCSL80
National Standards of People's Republic of China
Mobile Internet of Things App Store for Cybersecurity Technology
Application (App) personal information processing standard
Audit and Management Guidelines
Appstores
Released on 2024-04-25
2024-11-01 Implementation
State Administration for Market Regulation
The National Standardization Administration issued
Table of Contents
Preface I
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 2
5 App review and management process in the app store 2
6 Review of personal information processing activities of apps in app stores 3
6:1 Announcement of the Review Rules for App Personal Information Processing Activities 3
6:2 App Listing Application Information Acceptance 3
6:3 Review and Verification of App Personal Information Processing Activities 3
6:4 Audit result feedback and appeal handling 4
6:5 Review of existing apps and version updates 5
7 Security management of personal information in apps in app stores 5
7:1 Display of Personal Information Processing 5
7:2 Personal information security related logo 5
7:3 App Operator Management 6
7:4 Daily supervision and problem handling 6
Appendix A (Informative) Reference Template for App Personal Information Processing Activity Review Materials 7
Appendix B (Informative) App download page display content example 15
Appendix C (Informative) Examples of channels for reporting complaints about personal information security issues18
References 19
Foreword
This document is in accordance with the provisions of GB/T 1:1-2020 "Guidelines for standardization work Part 1: Structure and drafting rules for standardization documents"
Drafting:
Please note that some of the contents of this document may involve patents: The issuing organization of this document does not assume the responsibility for identifying patents:
This document was proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260):
This document was drafted by: China Mobile Communications Group Co:, Ltd:, China Electronics Technology Standardization Institute, National Computer Network Emergency Response Team
Technical Processing Coordination Center, Beijing University of Posts and Telecommunications, China Cyberspace Research Institute, Huawei Technologies Co:, Ltd:, OPPO Guangdong Mobile Communications Co:, Ltd:
Ltd:, Beijing Xiaomi Mobile Software Co:, Ltd:, Beijing Baidu Netcom Technology Co:, Ltd:, Beijing Douyin Information Service Co:, Ltd:, Beijing Kuaishou
Technology Co:, Ltd:, Beijing Sankuai Online Technology Co:, Ltd:, Vivo Mobile Communications Co:, Ltd:, the Third Research Institute of the Ministry of Public Security, China Network Security
Full Review Technology and Certification Center, China Electronics Technology Group Corporation No: 15 Research Institute, Ant Technology Group Co:, Ltd:, Changyang Technology
(Beijing) Co:, Ltd:, Beijing Times Xinwei Information Technology Co:, Ltd:, Zhengzhou Xindajiean Information Technology Co:, Ltd:, Wuhan An
Tian Information Technology Co:, Ltd: and Beijing Zhizhangyi Technology Co:, Ltd:
The main drafters of this document are: Zhang Bin, Qiu Qin, He Yanzhe, Liao Jianxin, Yuan Jie, Zhang Feng, Xu Sijia, Du Xuetao, Liu Shenglan, Zhao Bei, Zhang Chen,
Jin Tao, Hu Ying, Ren Yan, Jiang Weiqiang, Yu Le, Zhou Ying, Liu Chang, Li Wenqi, Bai Xue, Jiang Wei, Xue Chen, Zhou Chenwei, Hao Chunliang, Shao Bing, Liu Haoxin,
Dou Yu, Wang Wenlei, Yi Qiang, Li Shi, Lu Xiaoming, Zhu Xuefeng, Fu Yanyan, Yang Minghui, Wang Ding, Li Ruiqing, Du Wenbo, Guo Jianling, Deng Ting, Wang Haitang,
Yang Xiaohan, Zhao Naixuan, Dai Zhuoheng, Huang Hourui, Zhang Huan, Wang Pu, Wang Xin, Luo Hongwei, Li Chaoran, Zu Yanyan, Liu Jin, Zhao Yingjie, Jia Ke, Zhang Yan,
Shen Yongbo, Lu Qing, Fan Hua, Zhang Lei, Wu Yuesheng, Xu Tianni, Yi Li, Liu Jian, Dong Jingjing, Peng Jin, Lin Guanchen, Bai Xiaoyuan, Zhao Hua, Wang Lianqiang, Yang Yuzhong,
Yu Zhengchen, Yu Haiyang, Liu Xianlun, Peng Jing, Yu Lina, Liu Yang, Liu Dong, Wang Guangtao, Peng Gen, Cai Xu, Zhao Feng, Ma Dan, Wang Yali, Wang Pu, Gui Yanfeng,
Wang Fuhai and Zhang Zhiyuan:
Mobile Internet of Things App Store for Cybersecurity Technology
Application (App) personal information processing standard
Audit and Management Guidelines
1 Scope
This document provides normative review and management of the processing of personal information by mobile Internet applications (Apps) by application store operators:
guide:
This document is intended to guide app store operators in conducting App personal information security review and management, and is also intended for regulatory authorities and third-party organizations:
The organization provides a reference for evaluating the ability of app store operators to review and manage App personal information processing activities:
2 Normative references
The contents of the following documents constitute the essential clauses of this document through normative references in this document:
For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to
This document:
GB/T 19011-2021 Management System Audit Guide
GB/T 25069-2022 Information Security Technical Terminology
GB/T 35273-2020 Information security technology Personal information security specification
GB/T 41391-2022 Information security technology Basic requirements for mobile Internet applications (Apps) to collect personal information
3 Terms and definitions
GB/T 19011-2021, GB/T 25069-2022, GB/T 35273-2020 and GB/T 41391-2022 and
The following terms and definitions apply to this document:
3:1
An application that runs on a mobile smart terminal and provides information services to users:
Note: This includes applications and applets pre-installed, downloaded and installed on mobile smart terminals:
[Source: GB/T 41391-2022, 3:1, modified]
3:2
The owner, manager or provider of a mobile Internet application:
Note: Referred to as App operator:
[Source: GB/T 41391-2022, 3:2]
3:3
Appstore
Various platforms that provide distribution services such as downloading, installation, and upgrading of mobile Internet applications:
Note: Includes application markets, distribution websites, mobile Internet applications with distribution capabilities, etc:
...
