2026年中英文保密及隐私保护协议

2026年中英文保密及隐私保护协议协议编号（AgreementNo.）：________________________本协议由以下双方（以下统称“双方”）于____年____月____日（以下简称“生效日”）在____（签署地）自愿签署，旨在规范双方合作及业务往来过程中保密信息管理与个人隐私保护事宜，明确双方权利义务，防范信息泄露与隐私侵权风险，保障双方及相关自然人合法权益。依据《中华人民共和国民法典》《中华人民共和国网络安全法》《中华人民共和国数据安全法》《中华人民共和国个人信息保护法》《中华人民共和国反不正当竞争法》及其他相关法律法规，结合双方实际情况，经友好协商，达成如下协议，以资共同信守。ThisAgreementisvoluntarilysignedbythefollowingtwoparties(hereinaftercollectivelyreferredtoasthe"Parties")on____(EffectiveDate)at____(PlaceofSigning).ItaimstoregulatethemanagementofconfidentialinformationandtheprotectionofpersonalprivacyintheprocessofcooperationandbusinesstransactionsbetweenthetwoParties,clarifytherightsandobligationsofbothParties,preventinformationleakageandprivacyinfringementrisks,andsafeguardthelegitimaterightsandinterestsofbothPartiesandrelevantnaturalpersons.InaccordancewiththeCivilCodeofthePeople'sRepublicofChina,theCybersecurityLawofthePeople'sRepublicofChina,theDataSecurityLawofthePeople'sRepublicofChina,thePersonalInformationProtectionLawofthePeople'sRepublicofChina,theAnti-UnfairCompetitionLawofthePeople'sRepublicofChinaandotherrelevantlawsandregulations,andcombinedwiththeactualsituationofbothParties,thefollowingagreementisreachedthroughfriendlynegotiationformutualabidance.第一条缔约方信息（Article1:InformationofContractingParties）1.1甲方（PartyA）中文全称（FullChineseName）：________________________英文全称（FullEnglishName）：________________________统一社会信用代码/注册号（UnifiedSocialCreditCode/RegistrationNo.）：________________________注册地址（RegisteredAddress）：________________________通讯地址（MailingAddress）：________________________法定代表人/负责人（LegalRepresentative/Person-in-Charge）：________________________授权联系人（AuthorizedContactPerson）：________________________联系电话（ContactPhone）：________________________电子邮箱（E-mail）：________________________隐私保护负责人（PrivacyProtectionOfficer）：________________________1.2乙方（PartyB）中文全称（FullChineseName）：________________________英文全称（FullEnglishName）：________________________统一社会信用代码/注册号（UnifiedSocialCreditCode/RegistrationNo.）：________________________注册地址（RegisteredAddress）：________________________通讯地址（MailingAddress）：________________________法定代表人/负责人（LegalRepresentative/Person-in-Charge）：________________________授权联系人（AuthorizedContactPerson）：________________________联系电话（ContactPhone）：________________________电子邮箱（E-mail）：________________________隐私保护负责人（PrivacyProtectionOfficer）：________________________1.3声明与保证（RepresentationsandWarranties）：双方均为依法成立并有效存续的法律主体，具备签署和履行本协议的完全民事权利能力与民事行为能力；其授权联系人、隐私保护负责人已获得充分有效的书面授权，有权代表其处理本协议项下全部事宜；接收方保证具备处理保密信息及隐私信息的合法资质与技术能力，已建立完善的保密及隐私保护体系；双方签署本协议系真实意思表示，无欺诈、胁迫等情形；本协议自双方签字盖章（自然人签字即可）之日起生效，对双方具有同等法律约束力。EachPartyrepresentsandwarrantsthatitisalegallyestablishedandvalidlyexistinglegalentitywithfullcivilrightscapacityandcivilconductcapacitytosignandperformthisAgreement;itsauthorizedcontactpersonandprivacyprotectionofficerhaveobtainedsufficientandeffectivewrittenauthorizationtoactonitsbehalfinhandlingallmattersunderthisAgreement;theReceivingPartywarrantsthatithasthelegalqualificationsandtechnicalcapabilitiestoprocessconfidentialinformationandprivacyinformation,andhasestablishedasoundconfidentialityandprivacyprotectionsystem;thesigningofthisAgreementbybothPartiesisatrueexpressionofintentwithoutfraud,coercionorothercircumstances;thisAgreementshalltakeeffectonthedateofsignatureandsealbybothParties(naturalpersonsonlyneedtosign)andshallhaveequallegalbindingforceonbothParties.第二条术语定义（Article2:DefinitionofTerms）2.1保密信息（ConfidentialInformation）指生效日后，披露方（DisclosingParty）通过书面、电子、口头、实物展示、技术交底等任何形式向接收方（ReceivingParty）提供或披露，或接收方在合作及业务往来中自行获知的，未通过合法途径进入公共领域，且对披露方具有商业价值、技术价值或其他保密必要性的全部信息，包括但不限于商业计划、客户名单、财务数据、技术方案、核心算法、经营策略、商业秘密等。无论披露方是否标注“保密”字样，符合本条定义的信息均属保密信息。ReferstoallinformationthattheDisclosingPartyprovidesordisclosestotheReceivingPartyinanyformsuchaswritten,electronic,oral,physicaldisplay,technicaldisclosure,etc.,orthattheReceivingPartylearnsonitsownincooperationandbusinesstransactionsaftertheEffectiveDate,whichhasnotenteredthepublicdomainthroughlegalchannelsandhascommercialvalue,technicalvalueorotherconfidentialitynecessityfortheDisclosingParty,includingbutnotlimitedtobusinessplans,customerlists,financialdata,technicalschemes,corealgorithms,businessstrategies,tradesecrets,etc.RegardlessofwhethertheDisclosingPartymarkstheword"Confidential"ornot,theinformationconformingtothedefinitionofthisArticleshallbedeemedasConfidentialInformation.2.2隐私信息（PrivacyInformation）指基于本协议约定及合作需求，披露方提供给接收方或接收方在履责过程中收集、生成、存储、传输、使用的，能够单独或结合其他信息识别特定自然人身份或反映其活动情况的依法受保护的信息，包括敏感隐私信息和普通隐私信息。敏感隐私信息指泄露、非法提供或滥用可能危害人身财产安全、损害名誉身心健康或导致歧视的信息，如身份证件号码、生物识别信息、健康信息、金融账户信息、行踪轨迹信息、未成年人信息等；普通隐私信息指除敏感隐私信息外的其他信息，如姓名、联系方式、脱敏后住址、工作单位等。ReferstolegallyprotectedinformationthattheDisclosingPartyprovidestotheReceivingPartyorthattheReceivingPartycollects,generates,stores,transmitsandusesintheperformanceofdutiesbasedontheagreementofthisAgreementandcooperationneeds,whichcanidentifyaspecificnaturalpersonorreflecttheiractivitiesindividuallyorincombinationwithotherinformation,includingsensitiveprivacyinformationandordinaryprivacyinformation.SensitivePrivacyInformationreferstoinformationthatmayendangerpersonalandpropertysafety,damagereputationandphysicalandmentalhealth,orleadtodiscriminationifleaked,illegallyprovidedorabused,suchasIDcardnumber,biometricinformation,healthinformation,financialaccountinformation,locationtrackinginformation,minorinformation,etc.;OrdinaryPrivacyInformationreferstootherinformationexceptsensitiveprivacyinformation,suchasname,contactinformation,desensitizedaddress,workunit,etc.2.3信息处理（InformationProcessing）指对保密信息及隐私信息进行的收集、存储、使用、加工、传输、提供、公开、删除、销毁等任何操作行为。ReferstoanyoperationalactperformedonConfidentialInformationandPrivacyInformation,includingcollection,storage,use,processing,transmission,provision,disclosure,deletion,destruction,etc.2.4除外情形（ExclusionScenarios）下列信息及行为不受本协议约束：（1）在披露或处理前已通过合法途径进入公共领域且可自由获取的信息；（2）接收方未接触披露方任何信息的情况下，通过独立研发、合法受让等方式自行获得的信息及权利；（3）依据法律法规、司法裁判、仲裁裁决或政府监管要求必须披露或处理的信息，且接收方已事先书面通知披露方（法律禁止通知的除外）并配合减损；（4）披露方书面声明无需保密或不受处理限制的信息及情形；（5）接收方从有权披露且未施加保密义务的第三方处合法获取的信息；（6）履行法定职责或义务必需且已履行法定程序的信息处理行为及相关信息。ThefollowinginformationandactsarenotboundbythisAgreement:(1)Informationthathasenteredthepublicdomainthroughlegalchannelsandisfreelyaccessiblebeforedisclosureorprocessing;(2)InformationandrightsindependentlyobtainedbytheReceivingPartythroughindependentresearchanddevelopment,legalassignment,etc.,withoutcontactinganyinformationoftheDisclosingParty;(3)Informationthatmustbedisclosedorprocessedinaccordancewithlawsandregulations,judicialjudgments,arbitralawardsorgovernmentregulatoryrequirements,andtheReceivingPartyhasnotifiedtheDisclosingPartyinwritinginadvance(exceptwhereprohibitedbylaw)andcooperatedinlossreduction;(4)InformationandscenariosthattheDisclosingPartyhasstatedinwritingthatnoconfidentialityisrequiredornoprocessingrestrictionsapply;(5)InformationlegallyobtainedbytheReceivingPartyfromathirdpartywiththerighttodiscloseandwithoutimposingconfidentialityobligations;(6)Informationprocessingactivitiesandrelatedinformationthatarenecessaryforperforminglegaldutiesorobligationsandhavegonethroughlegalprocedures.第三条保密义务（Article3:ConfidentialityObligations）3.1披露方义务（ObligationsoftheDisclosingParty）（1）标识告知义务：按敏感程度将保密信息分为核心、重要、一般三类，明确标注保密标识、期限及使用范围，提供时书面告知接收方注意事项、使用限制及泄露风险；（2）合理披露义务：仅根据合作必需披露保密信息，不得超出必要范围；（3）内部管控义务：对内部接触人员进行保密培训，明确责任，建立考核问责机制，采取加密存储、权限管控等措施防范内部泄露；（4）监督补救义务：有权定期或不定期检查接收方履约情况，发现泄露风险或已泄露的，立即书面通知接收方并配合采取补救措施。(1)ObligationofIdentificationandNotification:ClassifyConfidentialInformationintocore,importantandgeneralcategoriesaccordingtosensitivity,clearlymarktheconfidentialitylabel,termandscopeofuse,andinformtheReceivingPartyinwritingofprecautions,userestrictionsandleakageriskswhenprovidingit;(2)ObligationofReasonableDisclosure:DiscloseConfidentialInformationonlyasnecessaryforcooperation,andshallnotexceedthenecessaryscope;(3)ObligationofInternalControl:Conductconfidentialitytrainingforinternalpersonnelwhoaccesstheinformation,clarifyresponsibilities,establishanassessmentandaccountabilitymechanism,andtakemeasuressuchasencryptedstorageandauthoritycontroltopreventinternalleakage;(4)ObligationofSupervisionandRemediation:HastherighttoconductregularorirregularinspectionsontheReceivingParty'sperformanceofobligations,andimmediatelynotifytheReceivingPartyinwritingandcooperateintakingremedialmeasuresifaleakageriskorleakageisfound.3.2接收方义务（ObligationsoftheReceivingParty）接收方应采取不低于保护自身同类信息的严格措施，履行以下义务：（1）人员管控：仅允许授权必要人员接触保密信息，建立登记台账及接触记录，对授权人员进行培训并要求签署保密承诺，严禁未经授权人员接触；（2）存储防护：书面信息采取上锁存放、专人保管、借阅登记、到期销毁等措施；电子信息采取加密存储、严格权限设置、定期备份、安全检测等措施；（3）使用限制：严格按约定范围和用途使用，不得用于无关目的，不得进行反向工程等非法获取核心内容的行为（经书面授权除外）；（4）传输披露管控：未经书面同意，不得向第三方传输、复制、转让、公开保密信息，不得泄露信息存在及内容；（5）归还销毁：合作终止、收到收回通知或不再需要时，立即停止使用，并在5个工作日内归还全部载体或按要求彻底销毁，销毁后提供书面证明；（6）风险处置：发现泄露、丢失等情况时，立即采取措施防止扩大，并在24小时内书面通知披露方，配合调查追责；（7）连带责任：对关联方、雇员等相关方的保密行为进行监督，相关方违约泄露的，接收方承担连带责任。TheReceivingPartyshalltakestrictmeasuresnotlowerthanthoseforprotectingitsownsimilarinformationandperformthefollowingobligations:(1)PersonnelControl:OnlyallowauthorizednecessarypersonneltoaccessConfidentialInformation,establisharegistrationledgerandaccessrecords,trainauthorizedpersonnelandrequirethemtosignconfidentialitycommitments,andstrictlyprohibitunauthorizedpersonnelfromaccessing;(2)StorageandProtection:Takemeasuressuchaslockedstorage,specialpersoncustody,borrowingregistrationandexpirationdestructionforwritteninformation;takemeasuressuchasencryptedstorage,strictpermissionsetting,regularbackupandsecuritydetectionforelectronicinformation;(3)UseRestriction:Strictlyuseitwithintheagreedscopeandpurpose,shallnotuseitforirrelevantpurposes,andshallnotconductactssuchasreverseengineeringtoillegallyobtaincorecontent(exceptwithwrittenauthorization);(4)TransmissionandDisclosureControl:Withoutwrittenconsent,shallnottransmit,copy,transferordiscloseConfidentialInformationtothirdparties,andshallnotdisclosetheexistenceandcontentoftheinformation;(5)ReturnandDestruction:Whenthecooperationisterminated,arecallnoticeisreceivedortheinformationisnolongerneeded,immediatelystopusingit,andreturnallcarriersorcompletelydestroythemasrequiredwithin5workingdays,andprovideawrittencertificateafterdestruction;(6)RiskDisposal:Ifleakage,lossandothersituationsarefound,immediatelytakemeasurestopreventexpansion,andnotifytheDisclosingPartyinwritingwithin24hourstocooperateininvestigationandaccountability;(7)JointandSeveralLiability:Supervisetheconfidentialitybehaviorofaffiliates,employeesandotherrelevantparties,andtheReceivingPartyshallbejointlyandseverallyliableifrelevantpartiesbreachtheagreementandcauseleakage.3.3保密期限（ConfidentialityPeriod）（1）保密期限自接收方首次获取某一保密信息之日起，至该信息通过合法途径成为公开信息且无保密性为止；（2）核心保密信息保密期限不少于10年，重要保密信息不少于5年，一般保密信息不少于3年；（3）本协议终止、解除或合作结束后，保密期限继续有效，直至本条第（1）款条件成就；（4）法律法规对保密期限有更长强制性规定的，从其规定。(1)TheconfidentialityperiodshallbecalculatedfromthedateonwhichtheReceivingPartyfirstobtainsaspecificConfidentialInformationuntiltheinformationbecomespublicinformationthroughlegalchannelsandnolongerhasconfidentiality;(2)TheconfidentialityperiodforcoreConfidentialInformationshallbenotlessthan10years,forimportantConfidentialInformationnotlessthan5years,andforgeneralConfidentialInformationnotlessthan3years;(3)Afterthetermination,rescissionofthisAgreementortheendofcooperation,theconfidentialityperiodshallremainvaliduntiltheconditionsofClause(1)ofthisArticlearemet;(4)Iflawsandregulationshavelongermandatoryprovisionsontheconfidentialityperiod,suchprovisionsshallprevail.第四条隐私保护义务（Article4:PrivacyProtectionObligations）4.1处理基本原则（BasicPrinciplesofProcessing）接收方处理隐私信息应遵守以下原则：（1）合法、正当、必要原则：处理活动符合法律法规及本协议约定，具有合法目的，不超出必要范围，未经隐私信息主体明确同意（法律法规另有规定除外）不得处理；（2）保密原则：对隐私信息严格保密，不得泄露、篡改、滥用、非法提供给第三方；（3）完整真实原则：保障信息完整性，防止篡改破坏，确保信息真实准确；（4）告知同意原则：涉及第三方主体的，配合披露方履行告知义务，获得明确同意（法律法规另有规定除外）；（5）可追溯原则：建立全程追溯机制，确保处理行为可查可追溯；（6）安全保障原则：采取与信息敏感程度匹配的安全措施，防范各类安全风险。TheReceivingPartyshallabidebythefollowingprincipleswhenprocessingPrivacyInformation:(1)Legality,LegitimacyandNecessityPrinciples:ProcessingactivitiesshallcomplywithlawsandregulationsandtheprovisionsofthisAgreement,havealegitimatepurpose,notexceedthenecessaryscope,andshallnotprocesswithouttheexplicitconsentofthePrivacyInformationsubject(exceptasotherwisestipulatedbylawsandregulations);(2)ConfidentialityPrinciple:StrictlykeepPrivacyInformationconfidential,andshallnotdisclose,tamperwith,abuseorillegallyprovideittothirdparties;(3)IntegrityandAuthenticityPrinciples:Ensuretheintegrityofinformation,preventtamperinganddamage,andensuretheauthenticityandaccuracyofinformation;(4)NotificationandConsentPrinciple:Ifitinvolvesthird-partysubjects,cooperatewiththeDisclosingPartytoperformthenotificationobligationandobtainexplicitconsent(exceptasotherwisestipulatedbylawsandregulations);(5)TraceabilityPrinciple:Establishafull-processtraceabilitymechanismtoensurethatprocessingactivitiesaretraceableandverifiable;(6)SecurityAssurancePrinciple:Takesecuritymeasuresmatchingthesensitivityoftheinformationtopreventvarioussecurityrisks.4.2技术与管理措施（TechnicalandManagementMeasures）接收方应建立健全隐私保护体系，采取以下措施：（1）技术防护：对敏感隐私信息加密存储传输，设置严格访问权限及双重认证，安装安全防护软件，定期检测修复漏洞，建立备份恢复机制，对信息进行脱敏处理；（2）管理防护：制定完善的管理制度、操作规程及应急预案，明确岗位职责，对内部人员进行培训考核，建立离岗离职交接机制，记录处理日志（留存期限不低于保密期限及法定最低期限），定期开展风险评估；（3）第三方管控：未经书面同意不得委托第三方处理，确需委托的，审核第三方资质，签署保护协议并全程监督，第三方违约的接收方承担连带责任；（4）应急处置：制定应急预案，定期组织演练，确保安全事件发生时快速响应处置。TheReceivingPartyshallestablishandimproveaprivacyprotectionsystemandtakethefollowingmeasures:(1)TechnicalProtection:EncryptthestorageandtransmissionofSensitivePrivacyInformation,setstrictaccesspermissionsanddualauthentication,installsecuritysoftware,regularlydetectandrepairvulnerabilities,establishabackupandrecoverymechanism,anddesensitizetheinformation;(2)ManagementProtection:Formulatesoundmanagementsystems,operatingproceduresandemergencyplans,clarifypostresponsibilities,trainandassessinternalpersonnel,establishahandovermechanismforleavingposts,recordprocessinglogs(retentionperiodnotlessthantheconfidentialityperiodandthestatutoryminimumperiod),andregularlyconductriskassessments;(3)Third-PartyControl:Shallnotentrustthirdpartiestoprocesswithoutwrittenconsent;ifitisreallynecessarytoentrust,reviewthethirdparty'squalifications,signaprotectionagreementandconductfullsupervision,andtheReceivingPartyshallbejointlyandseverallyliableforthethirdparty'sbreachofcontract;(4)EmergencyDisposal:Formulateanemergencyplanandorganizeregulardrillstoensurerapidresponseanddisposalwhenasecurityincidentoccurs.4.3安全事件处置（DisposalofSecurityIncidents）（1）事件报告：发现隐私信息泄露、篡改、丢失等安全事件时，立即采取措施防止扩大，并在24小时内书面通知披露方，详细说明事件情况及已采取的应急措施；（2）配合处置：积极配合披露方及监管部门调查处置，提供相关材料，按要求整改；（3）后续整改：事件处置完毕后10个工作日内，向披露方提交处置报告、整改措施及防范方案；（4）披露方权利：有权监督检查处置及整改情况，有权要求接收方赔偿因事件造成的损失。(1)IncidentReporting:Whenasecurityincidentsuchasleakage,tamperingorlossofPrivacyInformationisfound,immediatelytakemeasurestopreventexpansion,andnotifytheDisclosingPartyinwritingwithin24hours,detailingtheincidentandtheemergencymeasurestaken;(2)CooperationinDisposal:ActivelycooperatewiththeDisclosingPartyandregulatoryauthoritiesininvestigationanddisposal,providerelevantmaterials,andrectifyasrequired;(3)SubsequentRectification:Submitadisposalreport,rectificationmeasuresandpreventionplantotheDisclosingPartywithin10workingdaysaftertheincidentisdisposedof;(4)RightsoftheDisclosingParty:Hastherighttosuperviseandinspectthedisposalandrectification,andhastherighttorequiretheReceivingPartytocompensateforlossescausedbytheincident.4.4信息归还、删除与主体权利保障（Return,DeletionofInformationandProtectionofSubjectRights）（1）归还义务：合作终止、收到收回通知时，立即停止处理，5个工作日内归还全部隐私信息载体，确保无留存；（2）删除义务：收到删除通知、无需继续留存或主体要求删除（法律法规另有规定除外）时，5个工作日内彻底删除全部信息（含备份、缓存），删除后提供书面证明；（3）主体权利保障：配合披露方保障主体知情权、访问权、更正权、删除权等合法权利，收到书面通知后3个工作日内予以配合；（4）例外情形：法律法规或监管要求留存的，可在规定期限内留存并书面通知披露方，留存期满后立即删除。(1)ObligationofReturn:Whenthecooperationisterminatedorarecallnoticeisreceived,immediatelystopprocessingandreturnallPrivacyInformationcarrierswithin5workingdaystoensurenoretention;(2)ObligationofDeletion:Whenadeletionnoticeisreceived,itisnolongernecessarytoretainorthesubjectrequestsdeletion(exceptasotherwisestipulatedbylawsandregulations),completelydeleteallinformation(includingbackupsandcaches)within5workingdays,andprovideawrittencertificateafterdeletion;(3)ProtectionofSubjectRights:CooperatewiththeDisclosingPartytoprotectthesubject'slegitimaterightssuchastherighttoknow,rightofaccess,righttocorrectionandrighttodeletion,andcooperatewithin3workingdaysafterreceivingthewrittennotice;(4)ExceptionScenarios:Ifretentionisrequiredbylawsandregulationsorsupervision,itmayberetainedwithintheprescribedtimelimitandtheDisclosingPartyshallbenotifiedinwriting,andimmediatelydeletedaftertheretentionperiodexpires.第五条违约责任（Article5:LiabilityforBreachofContract）5.1通用违约条款（GeneralBreachClause）任何一方违反本协议任何义务均构成违约，应立即停止违约行为，消除影响，并赔偿另一方全部损失（包括直接损失、间接损失、商誉损失、诉讼费、律师费等）；违约情节严重导致协议目的无法实现的，守约方有权解除协议并要求额外支付违约金。AnybreachofanyobligationunderthisAgreementbyeitherPartyshallconstituteabreachofcontract,andthebreachingPartyshallimmediatelystopthebreach,eliminatetheimpact,andcompensatetheotherPartyforalllosses(includingdirectlosses,indirectlosses,goodwilllosses,litigationfees,attorneyfees,etc.);ifthebreachisseriousandleadstothefailuretoachievethepurposeoftheAgreement,thenon-breachingPartyhastherighttoterminatetheAgreementandrequireadditionalpaymentofliquidateddamages.5.2保密违约责任（LiabilityforBreachofConfidentiality）接收方违反第三条约定的，应支付违约金并赔偿实际损失：（1）违反核心保密信息义务的，违约金300万元（大写：叁佰万元整）；（2）违反重要保密信息义务的，违约金150万元（大写：壹佰伍拾万元整）；（3）违反一般保密信息义务的，违约金50万元（大写：伍拾万元整）；（4）违约金不足以弥补损失的，补足差额；（5）多次违约或造成特别重大损失的，守约方有权解除协议，违约金上浮50%并全额赔偿损失。IftheReceivingPartyviolatestheprovisionsofArticle3,itshallpayliquidateddamagesandcompensateforactuallosses:(1)ForviolatingcoreConfidentialInformationobligations,theliquidateddamagesshallbeRMB3,000,000.00(inwords:ThreeMillionRMBOnly);(2)ForviolatingimportantConfidentialInformationobligations,theliquidateddamagesshallbeRMB1,500,000.00(inwords:OneMillionandFiveHundredThousandRMBOnly);(3)ForviolatinggeneralConfidentialInformationobligations,theliquidateddamagesshallbeRMB500,000.00(inwords:FiveHundredThousandRMBOnly);(4)Iftheliquidateddamagesareinsufficienttocoverthelosses,makeupthedifference;(5)Formultiplebreachesorcausingparticularlysignificantlosses,thenon-breachingPartyhastherighttoterminatetheAgreement,andtheliquidateddamagesshallbeincreasedby50%andthelossesshallbefullycompensated.5.3隐私保护违约责任（LiabilityforBreachofPrivacyProtection）接收方违反第四条约定的，应支付违约金并赔偿全部损失：（1）发生敏感隐私信息安全事件造成损失的，违约金200万-500万元（大写：贰佰万-伍佰万元整），具体金额按事件严重程度确定；（2）发生普通隐私信息安全事件或擅自超范围、委托第三方处理的，违约金150万元（大写：壹佰伍拾万元整）；（3）未采取约定保护措施的，违约金100万元（大写：壹佰万元整），逾期未整改的违约金上浮100%；（4）未及时报告、配合处置或未按要求归还删除信息导致损失扩大的，额外赔偿扩大损失；（5）导致披露方被处罚或索赔的，全额赔偿相关损失；（6）构成刑事犯罪的，承担刑事责任并承担民事赔偿责任。IftheReceivingPartyviolatestheprovisionsofArticle4,itshallpayliquidateddamagesandcompensateforalllosses:(1)IfaSensitivePrivacyInformationsecurityincidentcauseslosses,theliquidateddamagesshallbeRMB2,000,000.00toRMB5,000,000.00(inwords:TwoMilliontoFiveMillionRMBOnly),andthespecificamountshallbedeterminedaccordingtotheseverityoftheincident;(2)IfanOrdinaryPrivacyInformationsecurityincidentoccursortheinformationisarbitrarilyprocessedbeyondthescopeorentrustedtoathirdparty,theliquidateddamagesshallbeRMB1,500,000.00(inwords:OneMillionandFiveHundredThousandRMBOnly);(3)Forfailingtotakeagreedprotectionmeasures,theliquidateddamagesshallbeRMB1,000,000.00(inwords:OneMillionRMBOnly),andifrectificationisnotcompletedwithinthetimelimit,theliquidateddamagesshallbeincreasedby100%;(4)Ifthelossisexpandedduetofailuretoreportinatimelymanner,cooperateindisposalorfailtoreturnanddeleteinformationasrequired,additionallycompensatefortheexpandedloss;(5)IftheDisclosingPartyispenalizedorclaimedduetothis,fullycompensateforrelevantlosses;(6)Ifitconstitutesacriminaloffense,bearcriminalliabilityandcivilcompensationliability.5.4其他违约责任（OtherLiabilityforBreachofContract）（1）披露方违反约定导致接收方损失的，赔偿实际损失；（2）任何一方违反其他义务的，支付违约金20万元（大写：贰拾万元整）并赔偿实际损失；（3）违约责任条款独立有效，不因协议其他条款无效而失效；（4）守约方有权同时要求支付违约金和赔偿损失，两者互不抵扣。(1)IftheDisclosingPartyviolatestheagreementandcauseslossestotheReceivingParty,compensatefortheactuallosses;(2)IfanyPartyviolatesotherobligations,payliquidateddamagesofRMB200,000.00(inwords:TwoHundredThousandRMBOnly)andcompensateforactuallosses;(3)TheliabilityforbreachofcontractclausesareindependentlyvalidandshallnotbecomeinvalidduetotheinvalidityofotherclausesoftheAgreement;(4)Thenon-breachingPartyhastherighttorequireboththepaymentofliquidateddamagesandcompensationforlosses,whichshallnotbeoffsetagainsteachother.第六条争议解决与适用法律（Article6:DisputeResolutionandGoverningLaw）6.1争议解决（DisputeResolution）因本协议订立、履行、解释、变更、终止及违约责任产生的争议，双方首先友好协商解决，协商应在一方发出书面通知后30个工作日内完成；协商期间，双方继续履行协议其他条款。协商不成的，任何一方有权向披露方所在地有管辖权的人民法院提起诉讼。Anydisputearisingfromtheconclusion,performance,interpretation,modification,terminationofthisAgreementandliabilityforbreachofcontractshallfirstberesolvedthroughfriendlynegotiationbetweenthetwoParties,a