Merge pull request #86 from flashcatcloud/docs/compliance-guide-refine

docs(rum): 完善 SDK 合规指南文案与字段准确性

Author: niuweili

en/rum/others/compliance-guide.mdx

@@ -21,6 +21,8 @@ After integrating the SDK, you (the app operator) must complete the following **
   </Card>
 </CardGroup>
 
+Going live without completing these actions may cause your app to be flagged for "illegal collection and use of personal information" during app-store review or regulatory privacy-compliance scans. The rest of this guide explains the factual basis behind these two requirements and the concrete steps to implement them.
+
 ## Division of compliance responsibilities
 
 The SDK runs as a third-party component embedded in your app. The responsibility boundary is as follows:
@@ -30,13 +32,15 @@ The SDK runs as a third-party component embedded in your app. The responsibility
 | Personal information processor | **You (the app operator)** | Disclose and obtain consent for your app's overall collection and use of personal information, including the integrated SDK |
 | Entrusted processor | **Beijing Flashcat Cloud Technology Co.,Ltd. (Flashduty)** | Process data only within the scope necessary to provide RUM services, never for purposes beyond what is agreed |
 
+Under Article 21 of China's Personal Information Protection Law, you and Flashduty form an entrusted-processing relationship: you determine the purpose, means, and categories of personal information processed, while Flashduty only processes data as agreed, takes the necessary measures to safeguard it, does not use it beyond the agreed scope, and does not sub-entrust the processing. The rights and obligations of both parties are governed by the [Data protection agreement](/en/compliance/data-security).
+
 ## How the SDK processes personal information
 
 The following is the factual basis for completing your privacy policy disclosure.
 
 ### Personal information collected
 
-To support crash analysis, performance diagnostics, and user experience monitoring, the SDK automatically collects the following information. Apart from "app runtime information", all collection items can be disabled or masked via configuration (see [Data handling rules and commitments](#data-handling-rules-and-commitments)).
+Following the principle of data minimization, the SDK collects only information directly related to implementing crash analysis, performance diagnostics, and user experience monitoring, and does not collect personal information unrelated to these functions. The table below itemizes the information types, fields, purposes, and collection methods. Apart from "app runtime information", all collection items can be disabled or masked via configuration (see [Data handling rules and commitments](#data-handling-rules-and-commitments)).
 
 | Information type | Specific fields | Purpose | Collection method | Can be disabled |
 | --- | --- | --- | --- | --- |
@@ -60,13 +64,15 @@ To minimize privacy impact, the SDK does **not** collect the following, and does
 - SIM carrier name / carrier ID (`simCarrierIdName` / `simCarrierId`), and telephony identifiers such as IMSI or SIM serial number.
 - Directly identifiable information such as phone numbers or ID numbers (unless you actively pass it in via the API — see the note below).
 
+The SDK commits not to collect the above information through covert, misleading, or deceptive means, and does not read or transmit device data unrelated to monitoring.
+
 <Note>
 If you actively pass personally identifiable information to the SDK via `setUserInfo` (user ID, name, email) or custom attributes, this information is reported along with events. Make sure such collection is disclosed in your privacy policy and consented to, and **avoid passing in sensitive personal information**.
 </Note>
 
 ### Device permissions requested
 
-The SDK only requests the network permissions necessary for monitoring; it requests no sensitive permissions.
+Following the principle of least privilege, the SDK only requests the network permissions necessary for monitoring. It does not request sensitive permissions such as location, camera, microphone, contacts, phone, or storage, and does not present runtime sensitive-permission prompts to the user.
 
 | Platform | Permission | Purpose | Required |
 | --- | --- | --- | --- |
@@ -76,6 +82,8 @@ The SDK only requests the network permissions necessary for monitoring; it reque
 
 ### Data handling rules and commitments
 
+Beyond collecting data on a minimal, as-needed basis, the SDK provides the following data-handling mechanisms and commitments to help you further control the collection scope and reduce privacy risk:
+
 <AccordionGroup>
   <Accordion title="Data minimization and de-identification">
     The SDK collects only the information necessary for monitoring. Sessions are identified by a random `session.id` and user identity is not tracked by default, anonymizing the data while preserving trend analysis.
@@ -106,7 +114,11 @@ This section details how to implement the [two key requirements](#two-key-requir
 
 ### 1. Privacy policy disclosure
 
-Add the SDK to the "third-party SDK information sharing list" in your app's privacy policy. Reference text:
+Make sure the app you develop or operate has a privacy policy that meets regulatory requirements, and be sure to clearly inform end users that your app integrates third-party SDK services. In your privacy policy, you should state the purpose, methods, and scope of this SDK's collection and use of personal information, and indicate the SDK's developer/operator name (**Beijing Flashcat Cloud Technology Co.,Ltd.**) along with a link to its privacy policy.
+
+On the app's login/registration page and on first launch, you should inform the user of the privacy policy in clear, plain language through simple, prominent, and easily accessible means such as a pop-up, a text link, or an attachment, so that the user gives a voluntary and explicit indication of consent on a fully informed basis. Where personal information is provided to a third party, you should also list it separately in the "third-party SDK information sharing list".
+
+We provide the following disclosure text as a reference; you may inform users in text or table form (for the table form, refer directly to [Personal information collected](#personal-information-collected) above). Please note that the features and the fields required may differ across SDK versions depending on your choices and configuration; therefore, inform users fully and obtain their consent based on this guide and the actual behavior of the SDK as you integrate and use it. The reference text can be used directly — adjust it to match your actual integration:
 
 <CodeGroup>
 ```text
@@ -124,35 +136,92 @@ privacy policy: http://docs.flashcat.cloud/en/compliance/data-security
 
 ### 2. Deferred initialization
 
-Do **not** call SDK initialization before the user accepts your privacy policy; or initialize with the `PENDING` state (collect but do not report), then switch to `GRANTED` after consent.
+To meet legal and regulatory requirements, make sure you **initialize the SDK only after the user has consented**. To prevent the SDK from starting to collect and use personal information before consent, the SDK provides a deferred-initialization API and a compliant initialization approach — see [Android SDK integration](/en/rum/sdk/android/sdk-integration) and [iOS SDK integration](/en/rum/sdk/ios/sdk-integration) for detailed instructions.
+
+The specific requirements are:
+
+1. **Authorize first, then initialize**: only call the initialization API after the user has read your app's privacy policy and granted authorization, at an appropriate time per your app's needs; if the user declines the privacy policy, you **must not call the initialization API**. When you initialize with the `PENDING` / `.pending` state, the call only completes initialization and buffers data locally — it **sends no personal information to the server** — and reporting starts only after the state is switched to granted.
+
+2. **No permissions, collection, or reporting before consent**: do not dynamically request sensitive device permissions involving personal information before the user accepts the privacy policy; do not collect or report personal information before consent (pay special attention to **Android ID, OAID, IMEI, MAC address, hardware serial number, and the installed-app list**). The SDK does not collect these identifiers by default — see [Information explicitly not collected](#information-explicitly-not-collected).
 
 | Consent state | SDK behavior | Scenario |
 | --- | --- | --- |
-| `GRANTED` | Collect and report | The user has consented |
-| `NOT_GRANTED` | Collect no data | The user declined or withdrew |
-| `PENDING` | Collect but defer reporting until the state changes to `GRANTED` | Awaiting user confirmation |
+| Android `GRANTED` / iOS `.granted` | Collect and report | The user has consented |
+| Android `NOT_GRANTED` / iOS `.notGranted` | Collect no data | The user declined or withdrew |
+| Android `PENDING` / iOS `.pending` | Collect but defer reporting until the state is switched to granted | Awaiting user confirmation |
+
+The following shows the "deferred initialization + consent change" code for each platform:
 
 <CodeGroup>
 ```kotlin Android (Kotlin)
 import com.datadog.android.Datadog
 import com.datadog.android.privacy.TrackingConsent
 
-// Before consent: do not initialize, or initialize with PENDING
+// Before consent: initialize with PENDING (collect but do not report)
 Datadog.initialize(this, configuration, TrackingConsent.PENDING)
 
-// After the user taps "Agree" in the privacy dialog:
+// After consent: start reporting
 Datadog.setTrackingConsent(TrackingConsent.GRANTED)
 
-// When the user withdraws consent in settings:
+// On withdrawal: stop collecting
 Datadog.setTrackingConsent(TrackingConsent.NOT_GRANTED)
 ```
+
+```java Android (Java)
+import com.datadog.android.Datadog;
+import com.datadog.android.privacy.TrackingConsent;
+
+// Before consent: initialize with PENDING (collect but do not report)
+Datadog.initialize(this, configuration, TrackingConsent.PENDING);
+
+// After consent: start reporting
+Datadog.setTrackingConsent(TrackingConsent.GRANTED);
+
+// On withdrawal: stop collecting
+Datadog.setTrackingConsent(TrackingConsent.NOT_GRANTED);
+```
+
+```swift iOS (Swift)
+import DatadogCore
+
+// Before consent: initialize with .pending (collect but do not report)
+Datadog.initialize(with: configuration, trackingConsent: .pending)
+
+// After consent: start reporting
+Datadog.set(trackingConsent: .granted)
+
+// On withdrawal: stop collecting
+Datadog.set(trackingConsent: .notGranted)
+```
+
+```objective-c iOS (Objective-C)
+@import DatadogObjc;
+
+// For initialization, see the iOS SDK integration doc; change consent as follows:
+// After consent: start reporting
+[DDDatadog setWithTrackingConsent:DDTrackingConsentGranted];
+
+// On withdrawal: stop collecting
+[DDDatadog setWithTrackingConsent:DDTrackingConsentNotGranted];
+```
 </CodeGroup>
 
-For the full consent-state usage per platform, see [Android advanced configuration · User tracking consent](/en/rum/sdk/android/advanced-config#user-tracking-consent) and the corresponding docs.
+<Note>
+The snippets above show only the minimal code needed for deferred initialization. For the full initialization parameters, integration steps, and consent APIs per platform, see the corresponding docs:
+- Android: [SDK integration](/en/rum/sdk/android/sdk-integration) · [Advanced configuration · User tracking consent](/en/rum/sdk/android/advanced-config#user-tracking-consent)
+- iOS: [SDK integration](/en/rum/sdk/ios/sdk-integration) · [Advanced configuration](/en/rum/sdk/ios/advanced-config)
+</Note>
 
 ## Data storage and security
 
-Data collected by the SDK is reported only to the Flashduty server you configure and is used solely to provide monitoring services to you. It is **not shared with any other third party** and is **not used for** advertising, user profiling, or cross-app tracking. Data is stored on compliant servers within mainland China, transmitted over HTTPS/TLS, and protected by access control and auditing. For the full security measures, retention periods, and cross-border transfer terms, see the [Data protection agreement](/en/compliance/data-security) and the RUM [Data security](/en/rum/others/data-security) doc.
+Data collected by the SDK is reported only to the Flashduty server you configure and is used solely to provide monitoring services to you. It is **not shared with any other third party** and is **not used for** advertising, user profiling, or cross-app tracking. Throughout the data lifecycle, Flashduty applies the following safeguards:
+
+- **Transport security**: all reported data is transmitted over HTTPS/TLS.
+- **Storage security**: data is stored on compliant servers within mainland China, with encryption, access control, and security auditing.
+- **Retention and deletion**: data is stored for the agreed retention period and deleted or anonymized after expiry.
+- **Cross-border transfer**: no cross-border transfer occurs without your explicit consent or unless otherwise required by laws and regulations.
+
+For the full security measures, retention periods, and cross-border transfer terms, see the [Data protection agreement](/en/compliance/data-security) and the RUM [Data security](/en/rum/others/data-security) doc.
 
 ## Compliant integration checklist
 
@@ -173,3 +242,24 @@ Data collected by the SDK is reported only to the Flashduty server you configure
     Review `setUserInfo` and custom attributes to ensure no sensitive personal information is passed to the SDK.
   </Step>
 </Steps>
+
+## Contact us
+
+This SDK is provided by **Beijing Flashcat Cloud Technology Co.,Ltd.** If you have any questions, feedback, or complaints about how this SDK processes personal information, or if you need to exercise your data-subject rights, you can contact us via:
+
+<CardGroup cols={2}>
+  <Card title="Technical Support" icon="headset">
+    Scan to add our WeCom for one-on-one technical support
+    <img src="https://api.apifox.com/api/v1/projects/4386769/resources/447591/image-preview" alt="Technical Support WeCom" width="100" />
+  </Card>
+  <Card title="Business Inquiries" icon="handshake">
+    Scan to add our business manager on WeCom
+    <img src="https://api.apifox.com/api/v1/projects/4386769/resources/447590/image-preview" alt="Business Manager WeCom" width="100" />
+  </Card>
+  <Card title="Console Feedback" icon="comment" href="https://console.flashcat.cloud">
+    Sign in to the console and submit feedback in the bottom left corner
+  </Card>
+  <Card title="Email" icon="envelope" href="mailto:support@flashcat.cloud">
+    support@flashcat.cloud
+  </Card>
+</CardGroup>