The Huawei Consumer Business Privacy Statement was updated on
April 15, 2018.
Huawei Device Co., Ltd. and its global affiliates (collectively, "Huawei", "we", "us", and "our") respect your privacy. Therefore, we have developed a Privacy Statement (hereinafter referred to as "this Statement") that covers how we collect, use, disclose, protect, store, transfer and otherwise process your personal data. Please take a moment to read and understand our privacy statement and let us know if you have any questions.
Personal data means any electronic or other information which alone or jointly with other information can be used to identify a natural person or make him/her identifiable. This Statement explains how Huawei processes your personal data, but does not cover all processing scenarios as information about product or service specific data collection and processing will be provided to you in supplementary notices . Therefore, before using a specific product or service, it is recommended that you read the privacy notice or supplementary statement released by Huawei for that product or service to understand how it processes your personal data.
This Statement applies only to Huawei personal and home products, including feature phones, smartphones, laptops, tablets, wearable devices, mobile broadband devices, smart household appliances, accessories, computer applications, mobile services, software, toolkits, websites, and services that display or mention this Statement.
This Statement describes:
A. Personal Data Collected by Huawei
Before using Huawei products or services, you may need to provide personal data. You do not have to provide your personal data to Huawei, but in some cases, if you do not provide certain personal data we will not be able to provide you with some related products or services.
Huawei will collect and use your personal data for the purposes stated in this Statement. Here are some examples of personal data we may collect:
1. Personal data that you provide to Huawei
You need to register a Huawei ID to enjoy certain functions or services. When you register a Huawei ID or log in with a Huawei ID to shop online, download software, or purchase services, we will ask you to provide personal data, such as your name, email address, mobile number, order information, shipping address, and payment mode.
Huawei may provide you with cloud storage services where you can sync and backup some of your files, pictures and data.
Some Huawei products allow you to communicate and share information with others. When you use a Huawei product to share things with your family and friends, you may need to create a Huawei ID that includes certain information which will be made public, including a nickname and avatar. Huawei may collect information related to those people, such as their names, email addresses, and phone numbers. Huawei will take appropriate and necessary measures to ensure the security of the information that you provide. You must ensure that the people, whose information you provide, have consented to you providing their information to Huawei.
To meet some jurisdictions' requirements on real-name authentication of accounts, prevention of electronic game addiction, or Internet payment, Huawei might ask you to provide a proof of identity issued by the government or relevant card information that can identify you.
2. Information that Huawei collects in your use of services
Huawei will collect data about your device and how you and your device exchange information with Huawei products and services. This type of information includes:
(1) Device and application information, such as the device name, device identification code (IMEI, ESN, MEID, and SN), device activation time, hardware model, OS version, application version, software identification code, and device and application settings (such as region, language, time zone, and font size).
(2) Mobile network information, such as the public land mobile network (PLMN) provider ID and Internet Protocol (IP) address.
(3) Log information. When you use Huawei services or view Huawei-provided content, Huawei will automatically collect and log some information, such as the time of access, access count, IP address, and information about incidents (such as errors, crashes, restarts, and upgrades).
(4) Location information. Huawei will collect, use, and process the approximate or precise location of your device when you access some location-based services (for example, when you search, use navigation software, or view the weather of a specific location). Location information can be obtained based on the GPS, WLAN, and service provider network ID. We will ask you to choose the applications for which you want to enable location services. In the device settings menu, you can disable the location permissions of specific services to reject sharing your location information.
(5) Information you store on Huawei servers. For example, the information you upload to the cloud will be stored on Huawei servers for rapid access and sharing between devices. We will not view the information you store on Huawei servers.
3. Information from third-party sources
When permitted by law, Huawei will collect information about you from public and commercial sources. Huawei may also obtain certain information from third-party social network services, such as the time when you use a social network account to log in to a Huawei website.
4. Collection and use of non-identifiable data
Non-identifiable data refers to data that cannot be used to identify an individual. Examples of non-identifiable data include statistics on website visits, application downloads, and product sales volume. Huawei will collect statistics information to understand how users use our products and services. By doing so, we can improve our services to better meet your requirements.
We keep your personal data and non-identifiable data separate, and use each independently. Circumstances may arise where Huawei collects, uses, discloses, and transfers non-identifiable data for other purposes at our own discretion.
B. How Huawei Uses Your Personal Data
Huawei may use your personal data for the following purposes:
(1) Register and activate Huawei personal and home products that you have purchased.
(2) Register a Huawei ID so that you can enjoy a wider range of functions and mobile services.
(3) Deliver, activate, or verify the products and services you have requested, or perform changes and provide technical support and after-sales services for the foregoing products and services based on your requirements.
(4) Send you OS or application updates and installation notifications.
(5) Provide personalised user experience and content.
(6) Subject to your consent, we may send you information about products and services you might be interested in, invite you to Huawei promotional activities and market surveys, or send marketing information to you. If you change your mind, you may withdraw your consent at any time.
(7) Carry out internal auditing, data analysis, and research; analyse business operation efficiency and measure market shares; and improve Huawei's products and services.
(8) Synchronise, share, and store the data you have uploaded or downloaded, as well as the data needed for the upload and download operations.
(9) Improve our loss prevention and anti-fraud programmes.
(10) Process pursuant to laws and regulations, e.g. tax, authority requests.
(11) Other purposes within specific services or with your consent.
A cookie is a text file stored by a web server on a computer or mobile device, and the content of a cookie can be retrieved and read only by the server that created the cookie. Cookies are unique to the browser or mobile application you are using. The text in a cookie often consists of identifiers, site names, and some numbers and characters.
Sometimes, Huawei stores cookies on computers or mobile devices for the purpose of improving user experience, including the following scenarios:
(1) Technical cookies: Login and verification. When you use a Huawei ID to log in to a website, the “session-based” cookies ensure that your visit to this site functions as smoothly as possible. .
(4) Statistical cookies. With cookies, Huawei can collect information about your use of our websites and other applications, either for a single visit (using a session cookie) or for repeated visits (using a persistent cookie).
(5) Social Media Cookies. Social media cookies are linked to services provided by third parties, such as ‘Like’ buttons and ‘Share’ buttons. The third party provides these services in return for recognising that you have visited our websites.
You can manage or delete cookies at your own preference. For details, visit AboutCookies.org. You can clear all the cookies stored on your computer, and most current web browsers provide the option of blocking cookies. However, blocking cookies will require you to change your user settings every time you visit our website. Find out how to manage cookie settings for your browser here: Internet Explorer > Google Chrome > Mozilla Firefox > Safari > Opera.
B. Web Beacons and Pixel Tags
In addition to cookies, Huawei and some third parties may also use web beacons and pixel tags on websites. A web beacon is usually an electronic graphic image embedded into a website or email to identify your device cookies when you browse the website or email. Pixel tags allow Huawei to send emails in a way that is readable to you and find out whether an email is opened.
Huawei and some third parties use these technologies for various purposes, including analysing service usage (together with cookies) and providing more satisfactory content and advertisements to you. For example, when you receive an email from Huawei, it may contain a click-through URL which links to a Huawei web page. If you click the link, Huawei will track your visit to help us learn about your preferences for products and services and improve our customer service. You can unsubscribe from the mailing list of Huawei at any time if you do not want to be tracked in this manner.
C. Other Local Storage
Huawei and some third parties may use other local storage technologies, for example, local shared objects (also called "Flash cookies") and HTML5 local storage, in certain products and services. Similar to cookies, these technologies store information on your device and can record some information about your activities and preferences. However, these technologies may use different media from cookies. Therefore, you may not be able to control them using standard browser tools and settings. For details about how to disable or delete information contained in Flash cookies, click here.
D. Do Not Track
Many web browsers provide a Do Not Track function that can release Do Not Track requests to websites. Currently, major Internet standardisation organisations have not established policies to specify how websites should handle these requests. If you enable Do Not Track in your browser, all Huawei websites will respect your selection.
We do not share personal data with other companies, organisations and individuals unless one of the following circumstances applies:
(1) Sharing with consent: After obtaining your consent, Huawei will share the information that you have authorised with specified third parties or categories of third parties.
(2) Sharing in compliance with legal obligation and in compliance with laws and regulations: Huawei may share your information as required by laws and regulations, for resolving legal disputes, or as required by administrative or judiciary authorities pursuant to law.
(3) Sharing with Huawei affiliates: Your information may be shared within Huawei's affiliates only for explicit, and legitimate purposes, and the sharing is limited only to information required by services. For example, we verify the global uniqueness of accounts before allowing them to be registered.
(4) Sharing with business partners: Some products and/or services are provided to you directly by our partners. Huawei may share only such of your information necessary with such partners to enable them to provide you with products and/or services you request (e.g., products sold by third-party seller through Huawei’s e-commerce platform, video content provided by other companies through Huawei’s applications), make predictions about your interests and subject to your consent may provide you with advertisements, promotional materials and other materials
(5) Sharing with service providers: Huawei also may disclose your information to companies that provide services to you for or on behalf of us. Examples of these service providers include companies that provide hotline services, send email, or provide technical support on behalf of Huawei. Huawei shall only share such of your personal information necessary for the service provider to provide the services to you and the service providers can only use your information for the purpose of providing services to you.
(6) Huawei will share your information when there is a reasonable requirement to do so, for example, to meet request of applicable law, regulation, legal process or enforceable government.
In scenarios 3 to 6, Huawei will ensure that the lawfulness of this sharing and sign stringent non-disclosure agreements (NDAs) and/or data processing clauses with the companies, organisations, and individuals with whom personal data is shared, requiring them to comply with this Statement and take appropriate confidentiality and security measures when processing personal data.
Huawei attaches great importance to the security of your personal data and has adopted standard industry practices to protect your personal data and prevent it from unauthorised access, disclosure, use, modification, damage, or loss. To this end, Huawei takes the following measures:
(1) We take reasonable and feasible measures to ensure that the personal data collected is minimal and relevant to what is necessary in relation to the purposes for which they are processed. We retain your personal data for no longer than is necessary for the purposes stated in this Statement and privacy notice of specific product or service, unless extending the retention period is required or permitted by law.
(2) We use a range of technologies such as cryptographic technologies to ensure the confidentiality of data in transmission. We implement trusted protection mechanisms to protect data and data storage servers from attacks.
(3) We deploy access control mechanisms to ensure that only authorised personnel can access your personal data. In addition, we control the number of authorised personnel and implement hierarchical permission management on them based on service requirements and personnel levels.
(4) We strictly select business partners and service providers and incorporate personal data protection requirements into commercial contracts, audits, and appraisal activities.
(5) We hold security and privacy protection training courses, tests, and publicity activities to raise employees' personal data protection awareness.
Huawei is committed to protecting your personal data. Nevertheless, no security measure is perfect and no product, service, website, data transfer, computing system, or network connection is absolutely secure.
To cope with possible risks, such as personal data leakage, damage, and loss, Huawei has developed several mechanisms and control measures, clearly defined the rating standards of security incidents and vulnerabilities and corresponding processing procedures, and established a dedicated Security Advisory and Security Notice page. Huawei has established a dedicated emergency response team to implement security planning, loss reduction, analysis, locating, and remediation, and to perform tracking operations with related departments based on security incident handling regulations and requirements.
If any personal data incident occurs, Huawei will notify you, pursuant to relevant legal and regulatory requirements, of the basic information about the security incident and its possible impact, measures that Huawei has taken or will take, suggestions about active defense and risk mitigation, and remedial measures. The notification may take the form of an email, text message, push notification, etc. If it is difficult to notify data subjects one by one, we will take appropriate and effective measures to release a Security Notice. In addition, we will also report the handling status of personal data security incidents as required by supervisory authorities.
A. Access, rectification, deletion, data portability, restriction of processing, objection to processing.
Legislation in some countries and regions to which Huawei provides products and services or from where Huawei processes personal data, provides that data subjects have the right to request (hereinafter referred to as "requests") access to, rectification of, deletion or erasure of their personal data retained by Huawei. In addition data subjects have the right to data portability and to restrict and or object to the processing of their personal data by Huawei including to withdraw consent where such processing is based on consent.
1. Requesting modes and channels
Data subjects' requests must be submitted in accordance with Huawei designated privacy channels. The requests are valid even when the requester does not specify the laws on which the requests are based.
Data subjects' requests may be initiated through the Huawei’s official consumer website or any of Huawei’s Mobile Service applications including but not limited to Huawei ID, AppGallery and HiCare . If a data subject initiates a request via a hotline, email, online customer service, service centre, or another channel, we will instruct the data subject to officially raise the request through one of the aforementioned channels to facilitate communication and feedback of progress and results. The dedicated request channels for data subjects are intended to protect data subjects' lawful interests, ensure Huawei's normal operation, and prevent the right to request from being misused or fraudulently used.
2. Validity of requests
Most laws require data subjects to comply with specific requirements when they initiate requests. This Statement requires data subjects to:
(1) Submit requests through dedicated request channels provided by Huawei (namely, the Huawei’s official consumer website or any of Huawei’s Mobile Service applications including but not limited to Huawei ID, AppGallery and HiCare).
(2) Provide sufficient information for Huawei to verify their identities (to ensure those who initiate the requests are the data subjects themselves or those authorised by them).
(3) Ensure that their requests are specific and feasible.
There are some circumstances, provided by laws and regulations, in which Huawei may not have to comply with the request in full or at all.
B. Consent withdrawal
You can change the authorised personal data collection scope or withdraw your consent without affecting the lawfulness of the processing activities based on the consent and prior to such withdraw.
Your rights can be exercised by deleting information, disabling related functions, or setting privacy options on your Huawei product. Huawei will release the methods for withdrawing consent for specific products and services in the privacy notice or supplementary statement of those products and services or upon request according to section A above.
C. De-registering a Huawei ID
You can deregister your Huawei ID account in Huawei ID-related products. After you deregister your Huawei ID account, we will stop providing you those products and services which require you to have a Huawei ID account, and delete your personal data unless otherwise stipulated by law. Your Huawei ID account cannot be restored after deregistration. You need to register for a new Huawei ID if you want to use Huawei ID related products or services again. You can submit a deregistration application and complete the process in the setting menu after logging in to your Huawei ID on related devices, applications or official website.
Huawei's personal and home products are intended for use by adults. However, for the use of Huawei products and services by children, we are fully aware of the importance of taking extra preventive measures to protect privacy and security. Huawei identifies whether data subjects are children based on the age of majority defined by laws of the local countries and regions.
When children's personal data is collected based on the consent of the holders of parental responsibility, we will only use or disclose the information as permitted by law, explicitly consented to by the holders of parental responsibility, or required for protecting the children. Holders of parental responsibility who need to access, modify, or delete the personal data of their children and people under guardianship can contact us via the channels provided in "IV. How Huawei Protects Your Personal Data."
If Huawei accidentally collects children's personal data without obtaining consent from provable holders of parental responsibility, Huawei will delete the information as soon as possible after becoming aware of it.
Huawei websites, application software, products, and services may contain links to third-party websites, products, and services. Huawei products and services may also use or provide products or services from third parties, for example, third-party apps released on Huawei app store AppGallery.
All links to third-party websites, products, and services are provided for users' convenience only. You need to determine your interaction with such links on your own. Before submitting your personal data to third parties, please read and refer to these third parties' privacy policies.
Our products and services are delivered through resources and servers located in different places. To offer our products and services, we may need to transfer your personal data among several countries. Authorised Huawei personnel and third parties acting on our behalf may access, use and process personal data collected from you in a country/region that is different from the country/region where you entered the personal data, which may have less stringent data protection laws. When we transfer your personal data to other countries/regions, we will protect the personal data as described in this statement or as otherwise disclosed to you at the time the data is collected (e.g. via privacy notice or supplementary statement of specific product or service).
Huawei has implemented global privacy practices for processing personal data protected under various data protection laws. Huawei transfers personal data between the countries in which we operate in accordance with the standards and conditions of applicable data protection laws, including standards and conditions related to security and processing.
With respect to personal data from the EU or Switzerland, we comply with applicable legal requirements providing adequate safeguards for the transfer of personal data to countries outside of the European Economic Area ("EEA") or Switzerland. We use a variety of legal mechanisms, such as standard contractual clauses to implement the cross-border transfer of your personal data; or implement security measures like anonymisation on the data before the cross border data transfer.
If you use Huawei consumer cloud services in a member state of the European Economic Area (EEA) or Switzerland, Albania, Andorra, Bosnia, Faroe Islands, Gibraltar, Greenland, Republic of Macedonia, Moldova, Monaco, Montenegro, San Marino, Serbia, Vatican, Japan, South Korea, the USA, and Canada, Aspiegel Limited in Ireland is the data controller.
If you use the US Huawei online store (www.hihonor.com/us), Huawei Device USA, Inc is the data controller.
If you use the Europe Huawei online store, Huawei Technologies Dusseldorf GmbH is the data controller.
Huawei reserves the right to update this Statement at any time.
Should this Statement be revised from time to time, Huawei will release the change notice via various channels, for example, posting the latest version on our official consumer website: http://consumer.huawei.com.
"Major changes" in this Statement include but are not limited to:
(1) Major changes in our service modes, for example, purposes of personal data processing, types of processed personal data, and ways of using personal data
(2) Major changes in our ownership structure, organisational structure, etc., for example, ownership changes caused by business adjustment, bankruptcy, or acquisition
(3) Changes in the main objects of personal data sharing, transfer, or disclosure
(4) Major changes in your rights regarding personal data processing and the ways in which you can enjoy those rights
(5) Changes of Huawei departments, contacts, and complaint channels responsible for the security of personal data processing
(6) High risks identified in personal data security impact assessment reports
We have set up a dedicated personal data protection department (or data protection officer). If you have any questions, comments, or suggestions, please contact us by visiting the contact us page or submitting them to our global offices. To obtain the complete list of Huawei offices, please visit the global offices page.
Data subjects' requests may be initiated through the Huawei’s official consumer website or any of Huawei’s Mobile Service applications including but not limited to Huawei ID, AppGallery and HiCare.
Note: Due to differences in local laws and languages, the local versions of Huawei Consumer Business Privacy Statement may be different from this version. In the case of any conflicts, the local versions shall prevail.
Copyright ©2018 Huawei Device Co., Ltd. All rights reserved.