This policy applies only to ZTELink products or services.
This Privacy Policy is available in other languages. If there is any inconsistency, the English version shall prevail.
Last updated in: June of 2024.
If you have any questions, comments, or suggestions, please contact us through the following means:
E-mail: [email protected]
Company Name: ZTE Corporation
Registered Address: ZTE Office Building, Hi-Tech Road South, High-tech Industrial Park, Nanshan District, Shenzhen
ZTE understands the importance of personal information to you, and will make every effort to ensure the security and reliability of your personal information. We are committed to maintaining your trust in us and abiding by the following principles to protect your personal information: consistency of authority and responsibility, clear purpose, selection of consent, minimum sufficiency, security, subject participation, openness and transparency. Meanwhile, ZTE promises to take appropriate security measures to protect your personal information in accordance with well-established security standards in the industry.
Please read and understand this Privacy Policy carefully before using our products or services.
If you are a resident of California, please review our Privacy Notice to California Consumers.
This policy helps you understand the following:
1. How do we collect and use your personal information?
2. How do we share, transfer, and disclose your personal information?
3. How do we protect your personal information?
4. Your rights
5. How do we process the personal information of children?
6. Howis your personal information transferred around the world?
7. Howis this policy updated?
8. In what ways can you contact us?
ⅠHow do we collect and use your personal information?
Personal information refers to the information that is recorded electronically or in other ways and that can be used independently or in conjunction with other information to identify a specific natural person or reflect the activities of a specific natural person. ZTE will collect and use your personal information only for the following purposes described in this policy:
1. Provides you with user account service
(1)Business function 1: User account
To use functions related to user account (such as sign-in, sign-up, change password, forgot password), you need to provide the following information: account name, phone number, email address, password, which country your account belongs to, avatar.
However, if you do not provide the information, the basic business functions of this service will not be affected, and devices will not be managed remotely. The above information provided by you will continue to be authorized to us for use while you are using this service. When you cancel the account, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Hong Kong, China.
Personal information storage period: valid until the account is canceled.
2. Manage routers remotely
(1)Business function 1: Bind router
To remotely manage routers, you need to bind routers that are associated with your account, and you need to provide the following information of routers: device name, model, IMEI, MAC address, which country routers belong to.
(2)Business function 2: View router info
To view running status and information of routers, you need to provide the following information of routers: carrier name, mobile network mode, connection status, roaming status, signal strength of mobile network, battery level, data usage statistics, data use warning, uplink speed and downlink speed, device’s MAC address, device model, firmware version, hardware version, IMSI, SN, MSISDN, WAN IP, IMEI.
(3)Business function 3: Configure router preferences
To configure router preferences, you need to provide the following information: Wi-Fi SSID name, SSID password, max connections, for how long Wi-Fi keeps on, device’s sleep time and wake-up time, indicator light on-off time.When you copy or paste information in the APP, we will use your clipboard. We will only use the data of the clipboard in local and will not upload them to our server.
(4)Business function 4: Information of terminal devices that connect to router
To view and manage terminal devices that connect to routers, you need to provide the following information of routers: all online devices, all offline devices, all devices in the blacklist, total connections, and each terminal device’s name, IP address, MAC address, connection duration, connect time, period of time that allows device access.To discover the device, the location data of your mobile phone will be collected when obtaining informations of the terminal device.
(5)Business function 5: Router firmware update
To check for new version and update router firmware, you need to provide the following information of routers: the auto-check switch, new version number, description of new version, update package size, download status, download progress, last update time.
However, if you do not provide the information, the basic business functions of this service will not be affected. The above information provided by you will continue to be authorized to us for use while you are using this service. When you unbind device, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Hong Kong, China.
Personal information storage period: valid until the device is unbound.
3. Manage local routers
(1)Business function 1: Manage and set up routers
The business function includes business function 2, 3, 4, 5 of purpose “2. Manage routers remotely”, you need to provide corresponding information or the same information.
(2)Business function 2: Send and receive SMS
To send and receive SMS via router, you need to provide the following information: phone number for sending and receiving SMS, time, message content
(3)Business function 3: Configure router’s network preferences
To configure router’s network preferences, you need to provide the following information: the mobile network switch, the data roaming switch, network searching parameters, network access mode, Ethernet parameters, APN parameters, PPPOE username and password, password for signing into device.
(4)Business function 4: Zero-traffic sharing.
To share data between connected devices through the terminal device, we will access the storage space of the device provided by you, read and write the external storage information of the mobile phone, read the media and audio information of the mobile phone, read the contacts of the mobile phone, and read the software application list of the mobile phone.
However, if you do not provide the information, the basic business functions of this service will not be affected. The data used by the above business functions can only be accessed via Wi-Fi and will not be uploaded to server.
Personal information storage period: the above data will be used in local and will not be saved in server.
If we want to use the information for other purposes not specified in this policy, we will seek your approval in advance. If we want to use the information collected for specific purposes for other purposes, we will seek your approval in advance.
ⅡHow do we share, transfer and disclose your personal information?
To ensure the security of your personal information, we shall follow the minimization principle and share, transfer, or disclose your personal information in accordance with applicable laws and requirements.
For the companies, organizations, and individuals that share personal information with us, we will take organizational and technical measures in accordance with the local laws and regulations, and require them to process personal information in accordance with our security standards, this policy, and related confidentiality and security measures.
1. Sharing
We will not share your personal information with any company, organization, or individuals other than ZTE Corporation and its subsidiaries, except in the following cases:
(1)After obtaining your explicit consent, we will share your personal information with other parties.
(2)We may share your personal information in accordance with laws and regulations or mandatory requirements of government authorities.
We will sign strict confidentiality agreements with companies, organizations, and individuals with which we share personal information, and require them to process personal information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures.
2. Transfer
We will not transfer your personal information to any company, organization or individual except in the following cases:
(1)Transfer with express consent: After obtaining your express consent, we will transfer your personal information to other parties.
(2)If personal information transfer is involved in a merger, acquisition, or bankruptcy liquidation, we will require new companies or organizations that hold your personal information to continue to be subject to this privacy policy. Otherwise, we will require the companies or organizations to re-request authorization from you.
3. Public Disclosure
We will disclose your personal information only in the following cases:
(1)With your express consent.
(2)Disclosure based on law: We may disclose your personal information in case of law, legal procedure, litigation, or mandatory requirements of government authorities.
Ⅲ How do we protect your personal information?
1. We have used the security protection measures that comply with industry standards to protect the personal information provided by you against unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect your personal information.
We also provide the safe browsing mode of https for the service. We use encryption technologies to ensure data confidentiality. We use trusted protection mechanisms to prevent data from being maliciously attacked. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information. In addition, we will hold the training course on security and privacy protection to enhance employees’ awareness of the importance of personal information protection.
2. Our data security capabilities:
We have been committed to protecting your personal information security.
We have taken various security measures, such as access control system, monitoring system, encryption, anonymization or pseudonymisation, employee training and so forth, to protect your personal information from unauthorized access, use, disclosure, modification, damage or loss and other forms of illegal processing.
We have developed a business continuity plan to ensure that services can be provided continuously. Our information security policies and procedures are designed in strict accordance with international standards, and reviewed and updated regularly, and the effectiveness of the security management architecture and measures is ensured through regular third party security audits. ZTE Corporation and some of its subsidiaries have passed the ISO 27001 information security certification, and can effectively protect your personal information. In case of personal information leakage, we will initiate an emergency plan, take effective measures to prevent the situation from getting worse, and notify the relevant supervisory authority and you in a timely manner.
3. We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will retain your personal information only for the period required to achieve the objectives specified in this policy, unless the retention period needs to be extended or is permitted by law.
4. The Internet is not absolutely secure, and most communications, such as emails and instant messaging, are not encrypted. We strongly recommend that you do not send personal information through such means. Please use a complicated password to help us ensure the security of your account.
5. We shall regularly update and publicize the contents related to reporting such as security risks ,personal information security impact assessments and so forth . If it is shown in the security assessment reports that your rights are affected, we will actively disclose security risks. You can obtain detailed report contents in the following way:
E-mail: [email protected]
6. The Internet environment is not 100 percent secure. We will do our best to ensure or guarantee the security of any information you send us. If our physical, technical or management protection facilities are damaged, which results in unauthorized access, public disclosure, tampering or damage that affects your legal rights and interests, we shall assume the corresponding legal responsibilities.
7. After an unfortunate personal information security incident occurs, complying with the requirements stipulated by law,we will inform you in a timely mannerof the basic situation and possible impact of the security incident, the measures we have taken or will take, suggestions for voluntarily preventing and reducing risks, and remedial measures for you. We will inform you of the incident by email, letter, telephone or pushing notification in a timely manner. If it is difficult to inform the subjects of personal information one by one, we will release the notice in a reasonable and effective manner.
In addition, we will actively report the handling of personal information security incidents in accordance with the requirements of the regulatory department.
Ⅳ Your rights
In accordance with personal information protection laws, regulations, standards, and common practices in other countries and regions, we guarantee that you have the following rights over your personal information:
1. Access to your personal information
You have the right to access your personal information, except for exceptions as required by laws and regulations. If you want to exercise data access rights, you can access the data by yourself in the following ways:
Device info – You may go to screen of bound router to view device running status and set related preferences; go to Toolkit > MORE > Device info to view router information, including device name, model, MAC address, IMEI.
Account info – You may go to Me, and then tap avatar to view and edit your account info.
If you cannot access this personal information through these links/methods, you can send an e-mail to [email protected]. We will respond to your access request within 15 working days. As long as we do not need to make too many efforts, we will provide you with other personal information generated when you use our products or services.
2. Correct your personal information
When you find that your personal information processed by us is incorrect, you have the right to request us to correct it. You can apply for a correction through the methods listed in “(1) Access to your personal information”. If you cannot correct this personal information through the above links, you can email [email protected] at any time and we will reply to your request within 15 working days.
3. Delete your personal information
You can submit a request for deleting personal information in the following cases:
• If ourprocessing of personal information violates laws and regulations.
• If we collect or use your information without your consent.
• If ourprocessing of personal information violates an agreement with you.
• If you no longer use our products or services, or your account is canceled.
• If we no longer provide products or services for you.
If we decide to respond to your deletion request, we will also notify the entities that obtain your personal information from us and require them to delete your personal information in a timely manner, unless otherwise specified in the laws and regulations, or these entities obtain your independent authorization. After you delete information from our service, we may not immediately delete the corresponding information in the backup system, but we will delete the information during the backup update.
4. Personal information subjects cancel accounts.
You can cancel your previous account at any time. You can perform the following operations by yourself:
Go to Me, tap avatar to visit Account & security, and then tap Delete account.
After your account is canceled, we will stop providing you with products or services and delete your personal information as required by you, unless otherwise specified by laws and regulations.
5. Restrain Automatic decision-making of the information system
In some business functions, we may make decisions only based on non-manual automatic decision-making mechanisms such as information systems and algorithms. If these decisions have a significant impact on your legal rights and interests, you have the right to ask us for an explanation, and we will provide appropriate relief methods.
6. Respond to your above requests
To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request, and we will respond within 15 working days.
In principle, we do not charge for your reasonable requests, but we will charge for repeated requests that exceed a reasonable limit. We may reject requests that repeat unreasonably, require excessive technical means (for example, development of a new system or a fundamental change of current practice), and bring risks to other people’s legitimate rights and interests or that are extremely impractical (for example, involving information stored on the backup tape).
We will not be able to respond to your request in accordance with laws and regulations if:
• The case is directly related to national security and national defense security.
• The case is directly related to public safety, public health, and major public interests.
• The case is directly related to any criminal investigation, prosecution, trial, and execution of a judgment.
• There is sufficient evidence that you have subjective malice or abuse of rights.
• Responding to your request will cause serious damage to the legal rights and interests of yours or other individuals’ and organizations’.
• Business secrets are involved.
Ⅴ How do we process the personal information of children?
Our products, websites, and services are mainly for adults. Without the consent of parents or guardians, children are not allowed to create their own user accounts.
If the personal information of children is collected with the consent of their parents, we will only use or disclose this information with the permit of law,the express consent of parents or guardians or the necessary protection of children.
Although local laws and customs define children differently, we regard anyone under 14 as a child.
If we find that we have collected personal information of children without obtaining confirmed parental consent, we will try to delete the information as soon as possible.
Ⅵ How your personal information is transferred around the world?
Because we provide products or services through resources and servers around the world, as a result, your personal information may be transferred to an overseas jurisdiction of the country or area in which the products or services used by you are, or may be accessed from these jurisdictions. Any such transfer of personal information shall take place only in accordance with applicable law.
We will take steps designed to comply with all applicable local laws when Processing personal information, including any local law conditions and restrictions on the transfer of personal information. We may also protect your data through other legally valid methods, including international data transfer agreements.
Persons located within the European Economic Area (“the EEA”):
We takes steps to ensure that appropriate technical and organizational security measures and safeguards are applied when transferring personal information outside of the EEA and that privacy rights outlined in this Policy are preserved. We has established Standard Contractual Clauses of the EU Commission as providing an adequate level of protection to the personal information we Process globally. We ensures that all transfers of Personal Information are subject to appropriate safeguards as defined by the regulation.
Ⅶ How is this policy updated?
Our privacy policy may change.
Without your express consent, we will not reduce your rights under this privacy policy.
We will release any changes to this policy on this page. For major changes, we will also provide more noticeable notifications (including notifications for some services, which will be sent via email to describe the specific changes in the privacy policy).
Major changes mentioned in this policy include but are not limited to the following situations:
1. Our service model has significantly changed. For example, the purpose of processing personal information, the type of processed personal information, and the mode of using the personal information.
2. Major changes have taken place in the ownership structure and organizational structure. Such as changes in owners caused by business adjustment or bankruptcy or mergers and acquisitions.
3. The major objects of personal information sharing, transfer, or public disclosure are changed.
4. Your right to participate in the processing of personal information and the way you exercise it have changed significantly.
5. Our responsible department for personal information security, contact method, or complaint channel have
6. The personal information security impact assessment report indicates a high risk.
We will also archive the old version of this policy for your reference.
Ⅷ In what ways can you contact us?
We have established a special personal information protection department – Data Protection Compliance Dept.. If you have any questions, comments, or suggestions on this privacy policy, please feel free to send an email to us at Privacy @zte.com.cn, which will be replied within 15 working days.
In addition, you can send letters to the Data Protection Compliance Dept. of ZTE headquarters
To: Data Protection Compliance Dept. of ZTE Corporation
Address: 26/F, R&D Building, No. 55, Hi-Tech Road South, Shenzhen, China (Post Code: 518057)
If you are unsatisfied with our response, especially when our personal information processing activities have damaged your legal rights and interests, you can seek solutions through the following external channels:
China: Office of the Central Cyberspace Affairs Commission, Cyberspace Administration of China
http://www.cac.gov.cn
For contact information about personal information supervisory authority in other areas, you can consult the local government.