Updated:Spt 11, 2025
This policy applies only to ZTE Corporation OEMConfig App and all third-party applications or services accessed by them. If a third-party application or service has a separate privacy policy, the privacy policy of the application or service is applied preferentially. For the contents that are not covered by the application or service privacy policy, refer to this privacy policy.
This Privacy Policy is available in other languages. If there is any inconsistency, the English version shall prevail.
If you have any questions, comments, or suggestions, please contact us through the following means:
E-mail: [email protected]
Company Name:ZTE Corporation
Registered Address:ZTE Building, No. 55, Hi-Tech Road South, Nanshan District, Shenzhen, P.R. China
[email protected] is only used to handle problems related to users' personal information and privacy protection. For problems about terminal equipment failure or account settings, please send emails to [email protected]. Our terminal after-sales staff will reply to you at the first time.
ZTE understands the importance of personal information to you, and will make every effort to ensure the security and reliability of your personal information. We are committed to maintaining your trust in us and abiding by the following principles to protect your personal information: consistency of authority and responsibility, clear purpose, selection of consent, minimum sufficiency, security, subject participation, openness and transparency. Meanwhile, ZTE promises to take appropriate security measures to protect your personal information in accordance with well-established security standards in the industry.
Please read and understand this Privacy Policy carefully before using our products or services.
This policy helps you understand the following:
I. How we collect and use your personal information
II. How we share, transfer, and disclose your personal information
III. How we protect your personal information
IV. Your rights
V. How we process the personal information of children
VI. How we store your personal information
VII. How to update this policy
VIII. Contact us
I. How we collect and use your personal information
Personal information refers to the information that is recorded electronically or in other ways and that can be used independently or in conjunction with other information to identify a specific natural person or reflect the activities of a specific natural person. ZTE will collect and use your personal information only for the following purposes described in this policy:
Basic functions:
The OEMConfig app will be uploaded to Google Play. When enterprise users use the EMM console set configurations, Google Play will push policy configurations to the OEMConfig app on the device using an update broadcast. The OEMConfig app applies the configurations and sends feedback using the feedback channel.
This function does not involve collecting your personal information.
II. How we share, transfer and disclose your personal information
To ensure the security of your personal information, we shall follow the minimization principle and share, transfer, or disclose your personal information in accordance with applicable laws and requirements.
For the companies, organizations, and individuals that share personal information with us, we will take organizational and technical measures in accordance with the local laws and regulations, and require them to process personal information in accordance with our security standards, this policy, and related confidentiality and security measures.
1. Sharing
We will not share your personal information with any company, organization, or individuals other than ZTE Corporation and its subsidiaries, except in the following cases:
(1) After obtaining your explicit consent, we will share your personal information with other parties.
(2) We may share your personal information in accordance with laws and regulations or mandatory requirements of government authorities.
We will sign strict confidentiality agreements with companies, organizations, and individuals with which we share personal information, and require them to process personal information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures.
2. Transfer
We will not transfer your personal information to any company, organization or individual except in the following cases:
(1) Transfer with express consent: After obtaining your express consent, we will transfer your personal information to other parties.
(2) If personal information transfer is involved in case of merger, division, dissolution, acquisition, or bankruptcy liquidation, we will inform you of the name and contact information of the recipient, and require the new company or organization that holds your personal information to be subject to this privacy policy. Otherwise, we will request the company or organization to re-request authorization from you.
3. Public Disclosure
We will disclose your personal information only in the following cases:
(1) With your express consent.
(2) Disclosure based on law: We may disclose your personal information in case of law, legal procedure, litigation, or mandatory requirements of government authorities.
III. How we protect your personal information
1. We have taken the security protection measures that comply with industry standards to protect the personal information provided by you against unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect your personal information.
We use encryption technologies to ensure data confidentiality. We use trusted protection mechanisms to prevent data from being maliciously attacked. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information. We regularly scan for security vulnerabilities and solve them in a timely manner. In addition, we will hold the training course on security and privacy protection to enhance employees' awareness of the importance of personal information protection.
2. We have obtained the following certifications:
In the context of the accelerating global digitalization process, the importance of user privacy and data security has become increasingly prominent, and strict data protection legislation has become a common global trend. In order to actively respond to this trend, we have established and continuously improved a mature and robust privacy management system, and are committed to complying with the requirements of international authoritative privacy standards such as ISO/IEC 27701:2019 and EU ePrivacy.
3. Our data security capabilities:
We have been committed to protecting your personal information security.
We have taken various security measures, such as access control system, monitoring system, encryption, anonymization or pseudonymisation, employee training and so forth, to protect your personal information from unauthorized access, use, disclosure, modification, damage or loss and other forms of illegal processing.
We have developed a business continuity plan to ensure that services can be provided continuously. Our information security policies and procedures are designed in strict accordance with international standards, and reviewed and updated regularly, and the effectiveness of the security management architecture and measures is ensured through regular third party security audits. ZTE Corporation and some of its subsidiaries have passed the ISO 27001 information security certification, and can effectively protect your personal information. In case of personal information leakage, we will initiate an emergency plan, take effective measures to prevent the situation from getting worse, and notify the relevant supervisory authority and you in a timely manner.
4. We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will retain your personal information only for the period required to achieve the objectives specified in this policy, unless the retention period needs to be extended or is permitted by law.
5. The Internet is not absolutely secure, and most communications, such as emails and instant messaging, are not encrypted. We strongly recommend that you do not send personal information through such means. Please use a complicated password to help us ensure the security of your account.
6. We shall regularly update and publicize the contents related to reporting such as security risks , personal information security impact assessments and so forth . If we affect your personal information rights in security assessment reports, we will actively disclose security risks. You can obtain detailed report contents in the following way:
E-mail: [email protected]
7. The Internet environment is not 100 percent secure. We will do our best to ensure or guarantee the security of any information you send us. If our physical, technical or management protection facilities are damaged, which results in unauthorized access, public disclosure, tampering or damage that affects your legal rights and interests, we shall assume the corresponding legal responsibilities.
8. When personal information security incident occurs, we will inform you of the basic situation and possible impact of the security incident in a timely manner, the measures we have taken or will take, suggestions for voluntarily preventing and reducing risks, and remedial measures for you. We will inform you of the incident by email, letter, telephone or pushing notification in a timely manner. If it is difficult to inform the subjects of personal information one by one, we will release the notice in a reasonable and effective manner.
In addition, we will actively report the handling of personal information security incidents in accordance with the requirements of the regulatory department.
IV. Your rights
In accordance with personal information protection laws, regulations, standards, and common practices in other countries and regions, we guarantee that you have the following rights over your personal information:
1. Access to your personal information
You have the right to access your personal information, except for exceptions as required by laws and regulations. This application cannot provide you with a way to correct and supplement your personal information. You can contact us for help.
2. Correct and supplement your personal information
When you find that your personal information processed by us is incorrect, you have the right to correct and supplement your personal information. This application cannot provide you with a way to correct and supplement your personal information. You can contact us for help.
3. Delete your personal information
You can delete your personal information in the following cases:
(1) We violated laws and regulations.
(2) We violated this policy.
(3) The purposes for which the personal information is processed as stipulated in this policy are achieved or cannot be achieved, or the personal information is no longer necessary for the purposes.
(4) You will not use our products or services any longer, or your account is canceled.
(5) You changed the scope of authorization that we have no right to process your personal information.
(6) We do not provide products or services for you, or the storage period expires.
This application cannot provide you with a way to delete your personal information. You can contact us for help.
Once you have deleted your personal information, we will also notify the entities that obtain your personal information from us and require them to delete your personal information in a timely manner, unless required by other laws and regulations, or these entities obtain your independent authorization. After your personal information is deleted , due to the limitations of applicable laws and regulations and safety technologies, we may not immediately delete the corresponding information in the backup system, but we will securely store your personal information, restrict further processing of it, and delete it during the backup update.
4. Change the scope of your authorization
This application only provides basic functions and services for you. In addition to the necessary personal information required for implementing the function, no additional personal information will be collected. if you need to withdraw the authorization, you need to stop using some or all of the basic functions related to it.
Please understand that each business function can be implemented only after some basic personal information is obtained. When you withdraw your permission or authorization, we cannot provide you with the corresponding service. If the information is necessary for us to fulfill our obligations under laws and regulations or to provide major services, we may not be able to respond to your request or the normal use of our services will be affected. After you withdraw your consent, we will not process the corresponding personal information. However, your decision to withdraw your consent will not affect the previous processing of personal information based on your authorization.
5. Personal information subjects cancel accounts
There is no need to register (or login) an account to use this application, so there is no way to register or cancel an account in the application.
6. Personal information subjects obtain copies of personal information
This application cannot provide you with a way to copy or transfer your personal information. You can contact us for help.
7. Restrain Automatic decision-making of the information system
This application does not use any automatic decision-making and related technologies.
8. Respond to your above requests
If your request cannot be implemented through these links/methods, or you need to contact us for help, you can send an e-mail to [email protected], or submit the request by login the data subject right response system: pdsr.zte.com.cn.
To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request.
We will make every effort to ensure that a response is made within one month since we received your request. Considering the complexity and quantity of the request, this period may be extended by another two months if necessary. In the case of postponed respond, we will notify you of the relevant circumstances and the reason for the delay. If the time limit set in this paragraph conflicts with local laws and regulations, the local laws and regulations shall prevail.
In principle, we do not charge for your reasonable requests, but we will charge for repeated requests that exceed a reasonable limit. We may reject requests that repeat unreasonably, require excessive technical means (for example, development of a new system or a fundamental change of current practice), and bring risks to other people's legitimate rights and interests or that are extremely impractical (for example, involving information stored on the backup tape).
We will not be able to respond to your request in accordance with laws and regulations if:
(1) The case is directly related to national security and national defense security.
(2) The case is directly related to public safety, public health, and major public interests.
(3) The case is directly related to any criminal investigation, prosecution, trial, and execution of a judgment.
(4) There is sufficient evidence that you have subjective malice or abuse of rights.
(5) Responding to your request will cause serious damage to the legal rights and interests of yours or other individuals' and organizations'.
(6) Business secrets are involved.
V. How we process the personal information of children
Our products and services are mainly for adults. Without the consent of parents or guardians, children are not allowed to create their own user accounts or provide information to us.
If the personal information of children is collected with the consent of their parents, we will only use or disclose this information with the permit of law, the express consent of parents or guardians or the necessary protection of children.
Although local laws and customs define children differently, we regard anyone under 16 as a child.
If we find that we have collected personal information of children without obtaining confirmed parental consent, we will try to delete the information as soon as possible.
VI. How we store your personal information
1. Storage location and cross-border transfer of personal information
Your personal information collected by this application will only be stored in 日本, and will not be transferred to or visited from overseas jurisdictions.
2. Personal Information Storage Period
Unless otherwise specified in this Policy, we will retain your personal information within the period required to achieve the purposes described in this policy, unless as required by law that retention period need to be extended or be permitted by law. The data storage period may vary with different scenarios and products and services. The criteria for determining the retention period (the longer one prevails) include: the time when personal information needs to be retained for the purpose of the service which including the provision of products and services, maintenance of corresponding transaction and service records, control and improvement of product and service performance and quality, the guarantee of system, product and service security and respond to possible user queries or complaints; whether users agree to a longer retention period; and whether there are special requirements for keeping information such as laws and contracts.
After the storage period expires, we will delete your personal information or anonymize it according to the requirements of applicable laws and regulations.
For the storage period of your personal information, please refer to Part I of this privacy.
VII. How to update this policy
Our privacy policy may change.
Without your express consent, we will not reduce your rights under this privacy policy.
We will release any changes to this policy on this page. For major changes, we will also provide more noticeable notifications (including notifications for some services, which will be sent via email to describe the specific changes in the privacy policy).
Major changes mentioned in this policy include but are not limited to the following situations:
1. Our service model has significantly changed. For example, the purpose of processing personal information, the type of processed personal information, and the mode of using the personal information.
2. Major changes have taken place in the ownership structure and organizational structure. Such as changes in owners caused by business adjustment or bankruptcy or mergers and acquisitions.
3. The major objects of personal information sharing, transfer, or public disclosure are changed.
4. Your right to participate in the processing of personal information and the way you exercise it have changed significantly.
5. Our responsible department for personal information security, contact method, or complaint channel have changed.
6. The personal information security impact assessment report indicates a high risk.
We will also archive the old version of this policy for your reference.
VIII. Contact us
We have established a special personal information protection department – Data Compliance Dept. If you have any questions, comments, or suggestions on this privacy policy, please feel free to send an email to us at [email protected], which will be replied within at the appropriate time.
In addition, you can send letters to the Data Compliance Dept. of ZTE headquarters.
To: Data Compliance Dept. of ZTE Corporation
Address: 26/F, R&D Building, No. 55, Hi-Tech Road South, Shenzhen, China (Post Code: 518057)
If you are unsatisfied with our response, especially when our personal information processing activities have damaged your legal rights and interests, you can seek solutions through the local data protection agency.
For contact information about personal information supervisory authority in other areas, you can consult the local government. For the contact information of the European Union data protection agency, please refer to: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm