2026年涉外中英文保密协议

2026年涉外中英文保密协议协议编号（AgreementNo.）：________________________本协议（以下简称“本协议”）由以下双方于____年____月____日（以下简称“生效日”）在________________（签署地点）自愿签署，旨在明确双方在涉外合作过程中保密信息的管理与保护义务，防范信息泄露及违规跨境传输风险，保障双方合法权益。ThisAgreement(hereinafterreferredtoas"thisAgreement")isvoluntarilysignedbythefollowingtwopartieson____(hereinafterreferredtoasthe"EffectiveDate")in________________(PlaceofSignature).Itaimstoclarifytheobligationsofbothpartiesinthemanagementandprotectionofconfidentialinformationduringforeign-relatedcooperation,preventrisksofinformationleakageandillegalcross-bordertransmission,andprotectthelegitimaterightsandinterestsofbothparties.甲方（PartyA）：________________________（以下简称“披露方”/DisclosingParty，根据信息披露场景确定；若双方互有信息披露，均为本协议项下披露方及接收方）乙方（PartyB）：________________________（以下简称“接收方”/ReceivingParty，根据信息接收场景确定；若双方互有信息接收，均为本协议项下接收方及披露方）鉴于双方拟开展或正在开展________________（具体涉外合作事项，如货物进出口、技术合作、服务外包、投资并购、商务磋商等）业务，在合作过程中，一方（披露方）需向另一方（接收方）披露、提供具有保密性质的信息，该等信息的流转涉及跨国/跨境场景，需符合双方所在国家/地区相关法律法规及国际惯例。为规范双方权利义务，依据《中华人民共和国民法典》《中华人民共和国数据安全法》《中华人民共和国个人信息保护法》《中华人民共和国反不正当竞争法》及接收方/披露方所在国家/地区关于保密、数据跨境传输、信息安全的相关法律规定，经双方友好协商，达成如下协议，以资共同信守。Whereasbothpartiesintendtocarryoutorarecarryingoutthebusinessof________________(specificforeign-relatedcooperationmatters,suchasimportandexportofgoods,technicalcooperation,serviceoutsourcing,investmentandmerger,businessnegotiation,etc.),inthecourseofcooperation,oneparty(DisclosingParty)needstodiscloseandprovideconfidentialinformationtotheotherparty(ReceivingParty).Thecirculationofsuchinformationinvolvestransnational/cross-borderscenariosandmustcomplywiththerelevantlawsandregulationsofthecountries/regionswherebothpartiesarelocatedandinternationalpractices.Tostandardizetherightsandobligationsofbothparties,inaccordancewiththeCivilCodeofthePeople'sRepublicofChina,theDataSecurityLawofthePeople'sRepublicofChina,thePersonalInformationProtectionLawofthePeople'sRepublicofChina,theAnti-UnfairCompetitionLawofthePeople'sRepublicofChina,andtherelevantlegalprovisionsonconfidentiality,cross-borderdatatransmissionandinformationsecurityofthecountries/regionswheretheReceivingParty/DisclosingPartyislocated,thisAgreementisconcludedthroughfriendlynegotiationbetweenbothpartiesformutualobservance.第一条缔约方基本信息（Article1:BasicInformationofContractingParties）1.1甲方（PartyA）中文全称（FullChineseName）：________________________英文全称（FullEnglishName）：________________________法律性质（LegalNature）：□法人（LegalPerson）□非法人组织（UnincorporatedOrganization）□自然人（NaturalPerson）注册地址/住所地（RegisteredAddress/Domicile）：________________________涉外业务联络地址（ContactAddressforForeign-RelatedBusiness）：________________________证件类型及编号（TypeandNo.ofCertificate）：________________________法定代表人/负责人/本人（LegalRepresentative/Principal/Self）：________________________授权联系人（AuthorizedContactPerson）：________________________联系电话（ContactPhone）：________________________涉外业务专用邮箱（SpecialEmailforForeign-RelatedBusiness）：________________________信息安全负责人（InformationSecurityOfficer）：________________________1.2乙方（PartyB）中文全称（FullChineseName）：________________________英文全称（FullEnglishName）：________________________法律性质（LegalNature）：□法人（LegalPerson）□非法人组织（UnincorporatedOrganization）□自然人（NaturalPerson）所在国家/地区（Country/RegionofIncorporation/Domicile）：________________________注册地址/住所地（RegisteredAddress/Domicile）：________________________对华业务联络地址（ContactAddressforChina-RelatedBusiness）：________________________证件类型及编号（TypeandNo.ofCertificate）：________________________法定代表人/授权代表/本人（LegalRepresentative/AuthorizedRepresentative/Self）：________________________授权联系人（AuthorizedContactPerson）：________________________联系电话（ContactPhone）：________________________对华业务专用邮箱（SpecialEmailforChina-RelatedBusiness）：________________________信息安全负责人（InformationSecurityOfficer）：________________________1.3声明与保证（RepresentationsandWarranties）双方共同声明并保证：1.3.1双方均具备签署和履行本协议的合法主体资格，拥有相应的民事权利能力和民事行为能力；外方已充分知悉中国关于涉外信息保密、数据跨境传输的相关法律法规及监管要求，中方已充分知悉外方所在国家/地区关于信息保护的相关法律规定。1.3.2双方授权联系人已获得有效书面授权，有权代表本方处理本协议项下保密信息的接收、使用、管理、应急处置等全部相关事宜，其行为后果由本方承担。1.3.3双方披露的本条款项下信息真实、准确、完整，无虚假陈述、隐瞒重要事实等情形；若信息发生变更，应在3个工作日内书面通知对方。1.3.4双方均已建立完善的信息安全保密管理制度，具备接收、存储、处理涉外保密信息的技术能力和合规条件，能够有效防范信息泄露、滥用、篡改等风险。Bothpartiesjointlyrepresentandwarrantthat:1.3.1EachpartyhasthelegalsubjectqualificationtosignandperformthisAgreement,andhascorrespondingcivilrightscapacityandcivilconductcapacity;theforeignpartyhasfullyunderstoodtherelevantlaws,regulationsandregulatoryrequirementsofChinaonforeign-relatedinformationconfidentialityandcross-borderdatatransmission,andtheChinesepartyhasfullyunderstoodtherelevantlegalprovisionsoninformationprotectionofthecountry/regionwheretheforeignpartyislocated.1.3.2TheauthorizedcontactpersonofeachpartyhasobtainedeffectivewrittenauthorizationtoactonbehalfoftheirownpartyinhandlingallrelevantmattersunderthisAgreement,includingthereceipt,use,managementandemergencydisposalofconfidentialinformation,andtheconsequencesoftheiractsshallbebornebytheirownparty.1.3.3Theinformationdisclosedbybothpartiesunderthisclauseistrue,accurateandcomplete,withoutfalsestatements,concealmentofimportantfactsandothercircumstances;iftheinformationchanges,theotherpartyshallbenotifiedinwritingwithin3workingdays.1.3.4Bothpartieshaveestablishedasoundinformationsecurityandconfidentialitymanagementsystem,havethetechnicalcapabilitiesandcomplianceconditionstoreceive,storeandprocessforeign-relatedconfidentialinformation,andcaneffectivelypreventriskssuchasinformationleakage,abuseandtampering.第二条保密信息的定义、范围与除外情形（Article2:Definition,ScopeandExclusionScenariosofConfidentialInformation）2.1定义（Definition）本协议所称“保密信息”（ConfidentialInformation），指自生效日起，披露方通过书面文件、电子数据、口头告知、实物展示、技术交底、会议沟通、跨境数据交互等任何形式，向接收方提供、披露或使接收方获知的，同时满足下列条件的信息及衍生信息（包括但不限于文本、数据、图表、音频、视频、软件、算法、技术方案等各类形式）：（1）未通过合法途径进入公共领域，或虽进入公共领域但披露方仍对其享有合法保密权益的；（2）对披露方具有商业价值、技术价值、战略价值或其他重大利益，披露方已采取合理保密措施（包括但不限于标注保密标识、口头告知保密义务、限制接触范围、加密存储、设置访问权限等）的；（3）经披露方明确标注“保密”“机密”“内部资料”“StrictlyConfidential”“Confidential”等类似标识，或口头明确告知需承担保密义务的。Theterm"ConfidentialInformation"asusedinthisAgreementreferstoinformationandderivativeinformation(includingbutnotlimitedtovariousformssuchastexts,data,charts,audio,video,software,algorithms,technicalschemes,etc.)thattheDisclosingPartyprovides,disclosesormakestheReceivingPartyawareofthroughanyformsuchaswrittendocuments,electronicdata,oralnotification,physicaldisplay,technicaldisclosure,meetingcommunication,cross-borderdatainteraction,etc.,aftertheEffectiveDate,andmeetsthefollowingconditionsatthesametime:(1)Ithasnotenteredthepublicdomainthroughlegalchannels,oralthoughithasenteredthepublicdomain,theDisclosingPartystillenjoyslegalconfidentialityrightsandinterestsinit;(2)Ithascommercialvalue,technicalvalue,strategicvalueorothermajorinterestsfortheDisclosingParty,andtheDisclosingPartyhastakenreasonableconfidentialitymeasures(includingbutnotlimitedtomarkingconfidentialitylabels,orallyinformingofconfidentialityobligations,restrictingthescopeofaccess,encryptedstorage,settingaccesspermissions,etc.);(3)Itisclearlymarkedwith"Confidential","Secret","InternalInformation","StrictlyConfidential"orothersimilarlabelsbytheDisclosingParty,ortheDisclosingPartyhasorallyclearlyinformedthatconfidentialityobligationsshallbeborne.2.2范围（Scope）保密信息具体包括但不限于以下类别，无论其存在形式如何，均属于本协议保密范围：（1）商业信息（CommercialInformation）：涉外合作方案、商务谈判策略及底线、客户名单（含涉外客户身份信息、合作记录等）、供应商信息、定价策略、销售数据、营收报表、成本预算、盈利预测、税务筹划资料、跨境结算信息、市场调研报告、商业计划等；（2）技术信息（TechnicalInformation）：核心技术方案、技术秘密、专利申请文件、研发数据、测试报告、工艺流程、技术参数、软件源代码及算法、硬件设计图纸、技术许可文件、技术交底资料、技术改进方案等；（3）经营管理信息（OperationandManagementInformation）：组织架构、人员信息、薪酬体系、股权激励方案、战略规划、市场布局、渠道资源、合作协议草案、未公开的重大交易信息、内部管理制度及流程等；（4）合规与资质信息（ComplianceandQualificationInformation）：涉外业务资质证明、监管审批文件、备案材料、合规自查报告、应对监管调查的相关材料、审计报告、资质证书复印件等；（5）个人信息（PersonalInformation）：双方员工、客户、合作伙伴的个人身份信息、联系方式、财产信息、生物识别信息、健康信息等敏感个人信息及一般个人信息；（6）其他保密信息（OtherConfidentialInformation）：经披露方书面确认需保密的其他与涉外合作相关的信息，及双方在合作过程中获知的对方未公开的其他信息。ConfidentialInformationspecificallyincludesbutisnotlimitedtothefollowingcategories,whicharewithinthescopeofconfidentialityunderthisAgreementregardlessoftheirformofexistence:(1)CommercialInformation:Foreign-relatedcooperationplans,businessnegotiationstrategiesandbottomlines,customerlists(includingforeign-relatedcustomeridentityinformation,cooperationrecords,etc.),supplierinformation,pricingstrategies,salesdata,revenuestatements,costbudgets,profitforecasts,taxplanningmaterials,cross-bordersettlementinformation,marketresearchreports,businessplans,etc.;(2)TechnicalInformation:Coretechnicalschemes,technicalsecrets,patentapplicationdocuments,R&Ddata,testreports,processflows,technicalparameters,softwaresourcecodesandalgorithms,hardwaredesigndrawings,technicallicensingdocuments,technicaldisclosurematerials,technicalimprovementschemes,etc.;(3)OperationandManagementInformation:Organizationalstructure,personnelinformation,salarysystem,equityincentiveplans,strategicplans,marketlayout,channelresources,draftcooperationagreements,undisclosedmajortransactioninformation,internalmanagementsystemsandprocesses,etc.;(4)ComplianceandQualificationInformation:Foreign-relatedbusinessqualificationcertificates,regulatoryapprovaldocuments,filingmaterials,complianceself-inspectionreports,relevantmaterialsforrespondingtoregulatoryinvestigations,auditreports,copiesofqualificationcertificates,etc.;(5)PersonalInformation:Sensitivepersonalinformationandgeneralpersonalinformationsuchaspersonalidentityinformation,contactinformation,propertyinformation,biometricinformation,healthinformationofemployees,customersandpartnersofbothparties;(6)OtherConfidentialInformation:Otherinformationrelatedtoforeign-relatedcooperationthattheDisclosingPartyconfirmsinwritingtobeconfidential,andotherundisclosedinformationoftheotherpartyobtainedbybothpartiesinthecourseofcooperation.2.3除外情形（ExclusionScenarios）下列信息及相关行为不受本协议保密义务约束：（1）在披露方披露前，已通过合法途径（如公开出版物、官方公告、第三方合法披露等）进入公共领域且可自由获取的信息；（2）接收方在未接触、未获知披露方任何保密信息的前提下，通过独立研发、合法受让、公开渠道查询、第三方合法授权等方式自行获得的信息；（3）依据双方所在国家/地区法律法规、司法裁判、仲裁裁决、政府监管部门（含涉外监管机构）的强制性要求，必须披露的信息，且接收方已在法律法规允许范围内事先书面通知披露方（法律明确禁止通知的除外），并配合披露方采取合理减损措施；（4）披露方通过书面形式明确声明无需保密、不受本协议约束的信息；（5）接收方从有权披露且未对该等信息施加保密义务的第三方处合法获取的信息；（6）为履行本协议及涉外合作必需，且已获得披露方书面同意的信息使用及传输行为。ThefollowinginformationandrelatedactsarenotsubjecttotheconfidentialityobligationsunderthisAgreement:(1)Informationthathasenteredthepublicdomainthroughlegalchannels(suchaspublicpublications,officialannouncements,legaldisclosurebythirdparties,etc.)andisfreelyaccessiblebeforedisclosurebytheDisclosingParty;(2)InformationindependentlyobtainedbytheReceivingPartythroughindependentresearchanddevelopment,legalassignment,publicchannelinquiry,legalauthorizationbythirdparties,etc.,withoutcontactingorobtaininganyConfidentialInformationoftheDisclosingParty;(3)Informationthatmustbedisclosedinaccordancewiththemandatoryrequirementsofthelawsandregulations,judicialjudgments,arbitralawards,governmentregulatoryauthorities(includingforeign-relatedregulatoryauthorities)ofthecountries/regionswherebothpartiesarelocated,andtheReceivingPartyhasnotifiedtheDisclosingPartyinwritinginadvancewithinthescopepermittedbylawsandregulations(exceptwhereexplicitlyprohibitedbylaw),andcooperatedwiththeDisclosingPartytotakereasonablelossreductionmeasures;(4)InformationthattheDisclosingPartyhasclearlystatedinwritingthatnoconfidentialityisrequiredandisnotboundbythisAgreement;(5)InformationlegallyobtainedbytheReceivingPartyfromathirdpartywiththerighttodiscloseandwithoutimposingconfidentialityobligationsonsuchinformation;(6)InformationuseandtransmissionactsthatarenecessaryforperformingthisAgreementandforeign-relatedcooperationandhaveobtainedthewrittenconsentoftheDisclosingParty.第三条保密义务（Article3:ConfidentialityObligations）3.1接收方核心义务（CoreObligationsoftheReceivingParty）接收方应采取不低于保护自身同类核心保密信息的严格措施，履行以下保密义务（本协议第二条约定的除外情形除外）：（1）人员管控义务：仅允许经本方书面授权且确有必要的人员接触、获取保密信息，建立授权人员登记台账及接触、使用保密信息的全程记录（包括接触时间、内容、用途、流转情况等）；对授权人员进行涉外保密法律法规、信息安全防护、合规操作流程等专项培训，并要求其签署书面保密承诺书；严禁未经授权人员接触、获取、使用任何保密信息，严禁授权人员向任何第三方泄露、传输保密信息。（2）存储与传输安全义务：对书面形式的保密信息，采取上锁存放、专人保管、借阅登记、使用跟踪、到期回收等安全措施；对电子形式的保密信息，采取端到端加密存储、严格访问权限设置（含多因素认证）、定期安全检测与漏洞修复、病毒防护、数据备份等安全措施；涉及跨境传输保密信息的，必须事先完成双方所在国家/地区法律法规要求的全部合规程序（包括但不限于安全评估、审批、备案等），选择安全可靠的传输渠道（如加密专用线路、合规跨境数据平台等），并对传输过程进行全程加密、全程留痕，传输日志留存期限不得少于本协议约定的保密期限。（3）使用限制义务：严格按照本协议约定及披露方书面明确的范围和用途使用保密信息，不得将保密信息用于涉外合作无关的任何目的；不得对保密信息进行反向工程、解密、拆解、复制、篡改、分发、出租、出借等非法行为（经披露方书面明确授权的除外）；不得超出授权范围向本方内部无关人员披露、传输保密信息。（4）第三方管控义务：未经披露方书面明确同意，不得向任何第三方（包括本方关联方、合作伙伴、分包商、顾问、律师、会计师等）披露、传输、复制、使用保密信息，不得委托任何第三方处理、存储保密信息或进行跨境传输；确因涉外合作必需委托第三方的，必须事先对第三方的合法资质、信息安全保障能力、合规能力进行严格审核，与第三方签署不低于本协议保密标准的保密协议，并对第三方履行义务的情况进行全程监督、管理；若第三方违反保密义务导致保密信息泄露、滥用的，接收方应承担连带责任，并赔偿披露方因此遭受的全部损失。（5）归还与销毁义务：涉外合作终止、解除，或收到披露方书面收回保密信息的通知，或不再需要使用保密信息时，应立即停止使用该等保密信息，停止所有相关传输行为，并在5个工作日内，将全部保密信息载体（包括原件、复印件、打印件、存储介质、电子备份、缓存数据、传输留存数据等）归还披露方，或按披露方书面要求的方式（如物理销毁、永久删除等）彻底销毁全部保密信息及相关载体；销毁完成后，应在3个工作日内向披露方提供书面销毁证明（包括销毁清单、方式、时间、责任人等信息），确保无任何残留信息。（6）风险处置义务：发现保密信息泄露、丢失、被盗、违规传输或存在泄露风险等情形时，应立即采取有效措施防止风险扩大（包括但不限于停止传输、封锁相关信息、隔离受影响系统、通知相关方防范等），并在24小时内书面通知披露方，详细说明事件发生的时间、地点、原因、涉及的保密信息范围、已采取的应急措施及后续处置方案；积极配合披露方及双方所在国家/地区监管部门开展调查、追责、风险处置等工作。TheReceivingPartyshalltakestrictmeasuresnotlowerthanthoseforprotectingitsownsimilarcoreConfidentialInformation,andperformthefollowingconfidentialityobligations(exceptfortheexclusionscenariosagreedinArticle2ofthisAgreement):(1)PersonnelControlObligation:OnlyallowpersonnelwhohaveobtainedwrittenauthorizationfromtheirownpartyandarereallynecessarytoaccessandobtainConfidentialInformation;establisharegistrationledgerofauthorizedpersonnelandfull-processrecordsofaccessingandusingConfidentialInformation(includingaccesstime,content,purpose,circulationstatus,etc.);conductspecialtrainingonforeign-relatedconfidentialitylawsandregulations,informationsecurityprotection,complianceoperationprocedures,etc.forauthorizedpersonnel,andrequirethemtosignwrittenconfidentialitycommitments;strictlyprohibitunauthorizedpersonnelfromaccessing,obtainingandusinganyConfidentialInformation,andstrictlyprohibitauthorizedpersonnelfromdisclosingandtransmittingConfidentialInformationtoanythirdparty.(2)StorageandTransmissionSecurityObligation:Takesecuritymeasuressuchaslockedstorage,specialpersoncustody,borrowingregistration,usetracking,expirationrecovery,etc.forwrittenConfidentialInformation;takesecuritymeasuressuchasend-to-endencryptedstorage,strictaccesspermissionsettings(includingmulti-factorauthentication),regularsecuritydetectionandvulnerabilityrepair,virusprotection,databackup,etc.forelectronicConfidentialInformation;forcross-bordertransmissionofConfidentialInformation,allcomplianceproceduresrequiredbythelawsandregulationsofthecountries/regionswherebothpartiesarelocated(includingbutnotlimitedtosecurityassessment,approval,filing,etc.)mustbecompletedinadvance,selectasafeandreliabletransmissionchannel(suchasencrypteddedicatedline,compliantcross-borderdataplatform,etc.),andconductfull-processencryptionandfull-processtraceabilityforthetransmissionprocess;theretentionperiodoftransmissionlogsshallnotbelessthantheconfidentialityperiodagreedinthisAgreement.(3)UseRestrictionObligation:StrictlyuseConfidentialInformationwithinthescopeandpurposeagreedinthisAgreementandclearlyspecifiedinwritingbytheDisclosingParty,andshallnotuseConfidentialInformationforanypurposeunrelatedtoforeign-relatedcooperation;shallnotconductillegalactssuchasreverseengineering,decryption,disassembly,copying,tampering,distribution,leasing,lendingofConfidentialInformation(exceptwithexplicitwrittenauthorizationfromtheDisclosingParty);shallnotdiscloseortransmitConfidentialInformationtoirrelevantinternalpersonnelofitsownpartybeyondtheauthorizedscope.(4)Third-PartyControlObligation:WithouttheexplicitwrittenconsentoftheDisclosingParty,shallnotdisclose,transmit,copyoruseConfidentialInformationtoanythirdparty(includingitsownaffiliates,partners,subcontractors,consultants,lawyers,accountants,etc.),andshallnotentrustanythirdpartytoprocess,storeConfidentialInformationorconductcross-bordertransmission;ifitisreallynecessarytoentrustathirdpartyduetoforeign-relatedcooperation,theReceivingPartymustfirststrictlyreviewthelegalqualifications,informationsecurityassurancecapabilitiesandcompliancecapabilitiesofthethirdparty,signaconfidentialityagreementwiththethirdpartythatisnotlowerthantheconfidentialitystandardsofthisAgreement,andconductfull-processsupervisionandmanagementofthethirdparty'sperformanceofobligations;ifthethirdpartyviolatestheconfidentialityobligationsleadingtotheleakageorabuseofConfidentialInformation,theReceivingPartyshallbejointlyandseverallyliableandcompensatetheDisclosingPartyforalllossessufferedthereby.(5)ReturnandDestructionObligation:Whentheforeign-relatedcooperationisterminatedorrescinded,orawrittennoticefromtheDisclosingPartytorecallConfidentialInformationisreceived,oritisnolongernecessarytouseConfidentialInformation,theReceivingPartyshallimmediatelystopusingsuchConfidentialInformation,stopallrelevanttransmissionacts,andwithin5workingdays,returnallConfidentialInformationcarriers(includingoriginals,copies,prints,storagemedia,electronicbackups,cachedata,transmissionretaineddata,etc.)totheDisclosingParty,orcompletelydestroyallConfidentialInformationandrelatedcarriersinthemannerspecifiedinwritingbytheDisclosingParty(suchasphysicaldestruction,permanentdeletion,etc.);afterthecompletionofdestruction,theReceivingPartyshallprovideawrittendestructioncertificate(includingdestructionlist,method,time,responsiblepersonandotherinformation)totheDisclosingPartywithin3workingdaystoensurethatthereisnoresidualinformation.(6)RiskDisposalObligation:IfitisfoundthatConfidentialInformationisleaked,lost,stolen,illegallytransmittedorthereisariskofleakage,etc.,theReceivingPartyshallimmediatelytakeeffectivemeasurestopreventtheexpansionofrisks(includingbutnotlimitedtostoppingtransmission,blockingrelevantinformation,isolatingaffectedsystems,notifyingrelevantpartiestoprevent,etc.),andnotifytheDisclosingPartyinwritingwithin24hours,detailingthetime,place,causeoftheincident,thescopeofinvolvedConfidentialInformation,theemergencymeasurestakenandthesubsequentdisposalplan;activelycooperatewiththeDisclosingPartyandtheregulatoryauthoritiesofthecountries/regionswherebothpartiesarelocatedincarryingoutinvestigation,accountability,riskdisposalandotherwork.3.2披露方核心义务（CoreObligationsoftheDisclosingParty）披露方应履行以下保密相关义务：（1）分类标识与告知义务：按保密信息的敏感程度、重要性，将其明确分为核心保密信息、重要保密信息、一般保密信息三类，在提供或披露时，应通过书面标注、电子标识或口头明确告知等方式，向接收方说明该等信息的保密等级、保密期限、使用限制、跨境传输要求及泄露风险；对于涉及个人信息、重要数据的保密信息，应额外告知接收方该等信息的类型、敏感属性及合规要求。（2）合规披露义务：严格遵循“最小必要”原则，仅为实现涉外合作目的，向接收方披露必需的保密信息，不得超出合作范围披露无关信息；涉及跨境传输的，应提前向接收方告知该等信息跨境传输所需履行的合规程序，并积极配合接收方完成相关手续。（3）内部管控义务：建立健全内部保密管理制度及涉外信息披露审批机制，对内部接触、处理、传输保密信息的人员进行专项培训，明确各岗位人员的保密职责及问责机制；对保密信息采取必要的安全防护措施，防范内部泄露、滥用等风险。（4）监督与提醒义务：有权定期或不定期对接收方履行本协议义务的情况进行检查、核实（包括但不限于保密信息的存储情况、使用范围、跨境传输合规性等），接收方应予以配合；发现接收方存在信息泄露隐患或违规行为的，应立即书面通知接收方，要求其限期整改，并有权暂停披露后续保密信息。TheDisclosingPartyshallperformthefollowingconfidentiality-relatedobligations:(1)Classification,IdentificationandNotificationObligation:ClassifyConfidentialInformationintothreecategories(coreConfidentialInformation,importantConfidentialInformationandgeneralConfidentialInformation)accordingtoitssensitivityandimportance;whenprovidingordisclosingit,theDisclosingPartyshallinformtheReceivingPartyoftheconfidentialitylevel,confidentialityperiod,userestrictions,cross-bordertransmissionrequirementsandleakagerisksofsuchinformationthroughwrittenmarking,electronicidentificationororalexplicitnotification,etc.;forConfidentialInformationinvolvingpersonalinformationandimportantdata,theDisclosingPartyshalladditionallyinformtheReceivingPartyofthetype,sensitiveattributesandcompliancerequirementsofsuchinformation.(2)ComplianceDisclosureObligation:Strictlyfollowthe"minimumnecessary"principle,discloseonlythenecessaryConfidentialInformationtotheReceivingPartyforthepurposeofrealizingforeign-relatedcooperation,andshallnotdiscloseirrelevantinformationbeyondthescopeofcooperation;ifcross-bordertransmissionisinvolved,theDisclosingPartyshallinformtheReceivingPartyinadvanceofthecomplianceproceduresrequiredforcross-bordertransmissionofsuchinformation,andactivelycooperatewiththeReceivingPartytocompleterelevantprocedures.(3)InternalControlObligation:Establishandimproveinternalconfidentialitymanagementsystemsandforeign-relatedinformationdisclosureapprovalmechanisms,conductspecialtrainingforinternalpersonnelwhocontact,processandtransmitConfidentialInformation,andclarifytheconfidentialityresponsibilitiesandaccountabilitymechanismsofpersonnelinvariouspositions;takenecessarysecurityprotectionmeasuresforConfidentialInformationtopreventriskssuchasinternalleakageandabuse.(4)SupervisionandReminderObligation:HastherighttoconductregularorirregularinspectionsandverificationsontheReceivingParty'sperformanceofobligationsunderthisAgreement(includingbutnotlimitedtothestoragestatus,scopeofuse,complianceofcross-bordertransmissionofConfidentialInformation,etc.),andtheReceivingPartyshallcooperate;ifitisfoundthattheReceivingPartyhashiddendangersofinformationleakageorillegalacts,theDisclosingPartyshallimmediatelynotifytheReceivingPartyinwriting,requireittorectifywithinatimelimit,andhastherighttosuspendthedisclosureofsubsequentConfidentialInformation.3.3保密期限（ConfidentialityPeriod）（1）本协议项下保密信息的保密期限，自接收方首次接触、获取该等保密信息之日起计算，至该信息通过合法途径成为完全公开信息且披露方不再享有任何保密权益之日止；（2）不同等级保密信息的最低保密期限：核心保密信息不少于10年，重要保密信息不少于5年，一般保密信息不少于3年；（3）本协议终止、解除或涉外合作完全结束后，本协议约定的保密期限继续有效，接收方仍需严格履行本协议项下的全部保密义务，直至本条第（1）款约定的条件成就；（4）若双方所在国家/地区法律法规对某类保密信息（如商业秘密、技术秘密、个人信息等）的保密期限有更长强制性规定的，从其规定；（5）跨境传输的保密信息，其保密期限不受传输行为结束、存储地点变更等因素影响，仍按本条约定执行。(1)TheconfidentialityperiodofConfidentialInformationunderthisAgreementshallbecalculatedfromthedateonwhichtheReceivingPartyfirstcontactsandobtainssuchConfidentialInformation,untiltheinformationbecomesfullypublicinformationthroughlegalchannelsandtheDisclosingPartynolongerenjoysanyconfidentialityrightsandinterests;(2)TheminimumconfidentialityperiodfordifferentlevelsofConfidentialInformation:notlessthan10yearsforcoreConfidentialInformation,notlessthan5yearsforimportantConfidentialInformation,andnotlessthan3yearsforgeneralConfidentialInformation;(3)Afterthetermination,rescissionofthisAgreementorthecompleteendofforeign-relatedcooperation,theconfidentialityperiodagreedinthisAgreementshallremainvalid,andtheReceivingPartyshallstillstrictlyperformallconfidentialityobligationsunderthisAgreementuntiltheconditionsagreedinClause(1)ofthisArticlearemet;(4)Ifthelawsandregulationsofthecountries/regionswherebothpartiesarelocatedhavelongermandatoryprovisionsontheconfidentialityperiodofacertaintypeofConfidentialInformation(suchastradesecrets,technicalsecrets,personalinformation,etc.),suchprovisionsshallprevail;(5)TheconfidentialityperiodofConfidentialInformationsubjecttocross-bordertransmissionshallnotbeaffectedbyfactorssuchastheendoftransmissionandthechangeofstoragelocation,andshallstillbeimplementedinaccordancewiththeprovisionsofthisArticle.第四条涉外合规特别约定（Article4:SpecialAgreementsonForeign-RelatedCompliance）4.1跨境数据传输合规（ComplianceofCross-BorderDataTransmission）双方一致确认，跨境数据传输是本协议履行的重要环节，必须严格遵守以下合规要求：（1）中方应严格遵守《中华人民共和国数据安全法》《中华人民共和国个人信息保护法》《数据出境安全评估办法》等中国法律法规及监管规定，对于属于重要数据、个人信息（尤其是敏感个人信息）的保密信息，跨境传输前必须完成安全评估、审批、备案等法定程序，严禁未经合规程序擅自跨境传输；（2）外方应确保其接收、存储、处理、使用跨境传输的保密信息的行为，严格符合其所在国家/地区关于数据保护、信息安全的法律法规及监管要求，不得违反当地强制性规定，不得将接收的保密信息传输至第三方国家/地区（经披露方书面同意且符合双方所在国家/地区法律法规的除外）；（3）若双方所在国家/地区之间有关于数据跨境传输的双边协议、多边公约或共识，跨境数据传输行为还应符合该等协议、公约或共识的要求；（4）在本协议履行期间，若双方所在国家/地区关于跨境数据传输的法律法规、监管要求发生变更，双方应在变更生效后15个工作日内，协商调整跨境传输方案及相关义务，确保跨境数据传输行为始终符合最新合规要求；（5）一方要求另一方提供跨境数据传输合规证明文件（如安全评估报告、审批文件、备案凭证等）的，另一方应在合理期限内提供，不得拒绝或拖延；双方应相互配合提供跨境合规所需的相关材料。Bothpartiesconfirmthatcross-borderdatatransmissionisanimportantlinkintheperformanceofthisAgreement,andmuststrictlycomplywiththefollowingcompliancerequirements:(1)TheChinesepartyshallstrictlyabidebytheDataSecurityLawofthePeople'sRepublicofChina,thePersonalInformationProtectionLawofthePeople'sRepublicofChina,theMeasuresforSecurityAssessmentofDataOutboundandotherChineselaws,regulationsandregulatoryprovisions;forConfidentialInformationthatbelongstoimportantdataandpersonalinformation(especiallysensitivepersonalinformation),legalproceduressuchassecurityassessment,approvalandfilingmustbecompletedbeforecross-bordertransmission,anditisstrictlyprohibitedtoarbitrarilyconductcross-bordertransmissionwithoutcomplianceprocedures;(2)Theforeignpartyshallensurethatitsactsofreceiving,storing,processingandusingcross-bordertransmittedConfidentialInformationstrictlycomplywiththelaws,regulationsandregulatoryrequirementsondataprotectionandinformationsecurityofitscountry/regionofincorporation,shallnotviolatelocalmandatoryprovisi