ZTE Kids Privacy Policy

Updated：Jan 15, 2024

This policy applies only to ZTE Corporation ZTE Kids products and all third-party applications or services accessed by them. If a third-party application or service has a separate privacy policy, the privacy policy of the application or service is applied preferentially. For the contents that are not covered by the application or service privacy policy, refer to this privacy policy.

This Privacy Policy is available in other languages. If there is any inconsistency, the English version shall prevail.

If you have any questions, comments, or suggestions, please contact us through the following means:

E-mail: Privacy@zte.com.cn

Company Name:ZTE Corporation

Registered Address:ZTE Building, No. 55, Hi-Tech Road South, Nanshan District, Shenzhen, P.R. China

ZTE understands the importance of personal information to you, and will make every effort to ensure the security and reliability of your personal information. We are committed to maintaining your trust in us and abiding by the following principles to protect your personal information: consistency of authority and responsibility, clear purpose, selection of consent, minimum sufficiency, security, subject participation, openness and transparency. Meanwhile, ZTE promises to take appropriate security measures to protect your personal information in accordance with well-established security standards in the industry.

Please read and understand this Privacy Policy carefully before using our products or services.

This policy helps you understand the following:

I. How we collect and use your personal information

II. How we share, transfer, and disclose your personal information

III. How we use cookies and similar technologies

IV. How we protect your personal information

V. Your rights

VI. How we process the personal information of children

VII. How we store your personal information

VIII. GDPR-Specific Provisions

IX. How to update this policy

X. Contact us

I. How we collect and use your personal information

Personal information refers to the information that is recorded electronically or in other ways and that can be used independently or in conjunction with other information to identify a specific natural person or reflect the activities of a specific natural person. ZTE will collect and use your personal information only for the following purposes described in this policy:

1. Basic functions:

(1) Business function 1: ZTE account registration and login

For account creation and user login purposes, you need to provide the following necessary information: email, email verification code, ZTE account number, ZTE account password.

When you register or log in to the App, the App will not save your ZTE account information, the app will complete the corresponding data processing through the ZTE account, and the above information will be shared/transmitted to the ZTE account. For information about how ZTE Account collects and uses your information, you can read the ZTE Account Privacy Policy.

The above information provided by you will continue to be authorized to us for use while you are using this service. When you close your account, we will stop using and delete the collected information, or anonymize the information. The above information will not be stored on the server.

(2) Business function 2: Watch binding

In order to complete the purpose of binding the watch with the guardian, you need to provide the following necessary information: the IMEI of the watch.

When you bind the watch, the app needs to obtain the camera permission of your mobile phone and collect the IMEI number of the watch by scanning the two-dimensional code of the watch binding. Watch the first binding user we default is the watch administrator rights, administrators can also be transferred to other family members.

The above information provided by you will continue to be authorized to us for use while you are using this service. When the caretaker unties the watch, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Germany.

Personal information storage period: continuous storage, deleted after the administrator unties the watch.

(3) Business function 3: Children's basic information management

you need to provide the following necessary information: You need to provide the following necessary information: Cell phone number, In order to personalized management and rapid identification of bound children's watches, if you provide the following additional information, we can provide you with better services and experience: Nickname, profile picture. However, if you do not provide the information, the basic business functions of this service will not be affected.

The above information provided by you will continue to be authorized to us for use while you are using this service. When you untie the watch, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Germany.

Personal information storage period: continuous storage, deleted after the user unties the watch.

(4) Business function 4: Micro chat

For family group chats and video calls, you need to provide the following necessary information: incoming and outgoing audio messages, incoming and outgoing text messages.

When you have a family group chat or video call, the above information will be shared/transmitted to "Agora", "Getui". This app needs to obtain your phone camera and microphone permissions to complete audio and video collection and conversion, and needs to obtain your phone notification permissions. We will generate a unique identifier according to your app to complete the notification of family group chat or video call, and the unique identifier does not contain your personal data. This application will complete the processing of audio and video data through "Agora" and complete the notification push of messages through "Getui". For more information about how Agora and Getui collect and use your information, you can read the Agora Privacy Policy and Getui User Privacy Policy.

The above information provided by you will continue to be authorized to us for use while you are using this service. When the administrator disbands the group chat or unbinds the watch, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Germany.

Personal information storage period: 30 days.

(5) Business function 5: Positioning and security protection

In order to achieve the purpose of positioning children and protecting children's safety (guard at school and at school, guard during holidays, guard in safe areas, guard in dangerous areas), you need to provide the following necessary information: Your own GPS latitude and longitude, the GPS latitude and longitude of the child's watch, the child's detailed residential address, and the child's school address.

When you check the location of the children's watch or use the children's safety guard function (school guard, holiday guard, safe area guard, dangerous area guard), the application requires the base station or WiFi location information of the children's watch to provide AGPS to assist GPS accurate positioning, but the above information is only used when you use the function. The base station or WiFi location information of the children's watch will not be stored, and the precise GPS location information will be shared/transmitted to "Google". For information about how Google collects and uses your information, you can read the Google Privacy Policy.

Personal information storage period: Your own GPS data will not be saved, children's GPS latitude and longitude data for 3 days, children's detailed residential address and school address will be stored continuously, and the administrator will unbind the watch or the user will delete it.

(6) Business function 6: Children's historical track

In order to complete the purpose of viewing the child's historical track, you need to provide the following necessary information: children's watch GPS latitude and longitude.

When you enter the historical track to view the children's watch track function through the location module, the precise GPS location information of the children's watch will be shared/transmitted to "Google". For information about how Google collects and uses your information, you can read the Google Privacy Policy.

The above information provided by you will continue to be authorized to us for use while you are using this service. When the custodian unbound the watch, we will stop using and delete the collected information, or anonymize the information. The above information will be stored in Germany.

Personal information storage period: 3 days.

(7) Business function 7: Software version check update

In order to maintain the normal operation of the application, the purpose of the application check update, you need to provide the following necessary information: Phone internal model, phone model, operating system name, app package name, app name, app version, Android version number.

Every time you open the APP or click on the app version update, we will collect the above information to check whether there is a new version that needs to be updated, and then return a prompt whether it needs to be updated. You can choose to refuse the update.

The above information provided by you will continue to be authorized to us for use while you are using this service. When you refuse to update the App, we will stop using and delete the collected information, or anonymize the information. The above information will not be stored on the server.

2. Non-basic functions:

(1) Business function 1: Watch contact

To fulfill the purpose of maintaining the contact list for the children's watch, you need to provide the following necessary information: the phone numbers and names of the frequently contacted individuals for the children's watch. We will share the aforementioned information with the correspondingly bound children's watch to facilitate children's quick and convenient phone calls.

The above information provided by you will continue to be authorized for our use while you are using this service. Once the administrator unbinds the watch, we will cease using and delete the collected information, or anonymize it. The above information will be stored in Germany.

Personal information storage period: continuous storage, deleted after the administrator unties the watch

(2) Business function 2: SMS collection

In order to complete the purpose of children's inconveniences such as receiving SMS messages during recess and not to be disturbed by messages, you need to provide the following necessary information: SMS of children's watches. This application needs to read children's watch information permission to complete the collection of children's watch SMS.

Personal information storage period: 30 days.

If we want to use the information for other purposes not specified in this policy, we will seek your approval in advance. If we want to use the information collected for specific purposes for other purposes, we will seek your approval in advance.

II. How we share, transfer and disclose your personal information

To ensure the security of your personal information, we shall follow the minimization principle and share, transfer, or disclose your personal information in accordance with applicable laws and requirements.

For the companies, organizations, and individuals that share personal information with us, we will take organizational and technical measures in accordance with the local laws and regulations, and require them to process personal information in accordance with our security standards, this policy, and related confidentiality and security measures.

1. Sharing

We will not share your personal information with any company, organization, or individuals other than ZTE Corporation and its subsidiaries, except in the following cases:

(1) After obtaining your explicit consent, we will share your personal information with other parties.

(2) We may share your personal information in accordance with laws and regulations or mandatory requirements of government authorities.

Our authorized partners include the following 1 types:

1) Service provider.Suppliers, service providers and other partners. We send information (such as GPS latitude and longitude) to global suppliers, service providers and other partners that support our services. The support includes providing technical infrastructure services, analyzing how our services are used, measuring the effectiveness of advertisements and services, providing customer services, providing convenience for payment, or conducting academic research and surveys.

We will sign strict confidentiality agreements with companies, organizations, and individuals with which we share personal information, and require them to process personal information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures.

2. Transfer

We will not transfer your personal information to any company, organization or individual except in the following cases:

(1) Transfer with express consent: After obtaining your express consent, we will transfer your personal information to other parties.

(2) If personal information transfer is involved in case of merger, division, dissolution, acquisition, or bankruptcy liquidation, we will inform you of the name and contact information of the recipient, and require the new company or organization that holds your personal information to be subject to this privacy policy. Otherwise, we will request the company or organization to re-request authorization from you.

3. Public Disclosure

We will disclose your personal information only in the following cases:

(1) With your express consent.

(2) Disclosure based on law: We may disclose your personal information in case of law, legal procedure, litigation, or mandatory requirements of government authorities.

III. How we use Cookies and similar technologies

1. SDK

To ensure the stable operation and function implementation of our products and/or services, and enable you to enjoy and use more services and functions, our products and/or services will embed the SDKs or other similar applications of authorized partners. We will perform strict security checks on the API and SDK of the authorized partner that obtained relevant information. We will agree with the authorized partners on strict data protection measures to make sure that they will process personal information in accordance with this policy and any other related confidentiality and security measures.

The SDKs of our access to authorized partners are as follows. You can also view this content in “Settings - Third party SDKS list”.

a. Third-party SDK name that provides information: ZTE account SDK

Purpose of using personal information: account registration or login to ZTE account

Type of personal information used: mobile phone number, password, ZTE account number

Privacy statement or a third party SDK development guide: http://www.ztedevices.com/en/Privacy-Policy

b. Name of the third party SDK that provides the information: Google Maps SDK

Purpose of using personal information: Provide the functionality of the map interface in the ZTE Kids APP (including the location of the child and guardian, positioning correction, setting up school/holiday safety protection/safety zone protection/danger zone early warning, child's historical trajectory, and other functions provided by the positioning interface).

Type of personal information used: GPS latitude and longitude

Privacy statement or a third party SDK development guide: https://policies.google.com/privacy

c. Third party SDK name that provides information: SDK pushed by a promoter and a vendor

Purpose of using personal information: message reminder ability in the APP (including SOS warning message, video call call reminder and other functions)

Type of personal information used: No personal data required

Privacy statement or a third party SDK development guide: https://legal.igexin.com/privacy_en.html

d. Third party name: Audio and Video RTC SDK

Purpose of collecting personal information: for user audio and video calls

Type of personal information: Audio information sent and received

The third party privacy statement: https://docs.agora.io/en/video-calling/reference/security?platform=android

IV. How we protect your personal information

1. We have taken the security protection measures that comply with industry standards to protect the personal information provided by you against unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect your personal information.

We use encryption technologies to ensure data confidentiality. We use trusted protection mechanisms to prevent data from being maliciously attacked. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information. We regularly scan for security vulnerabilities and solve them in a timely manner. In addition, we will hold the training course on security and privacy protection to enhance employees' awareness of the importance of personal information protection.

2. We have obtained the following certifications:

ZTE products and services have passed a series of authoritative international certifications, such as ZTE and some of its subsidiaries have passed the ISO 27001 :2013 information security certification, the MyOS system of ZTE terminal and some of its applications have passed the authentication of the ISO/IEC 27701 :2019 privacy information management system, ePrivacy certification and TRUSTe certification, ZTE terminal after-sales hotline and other services have passed the TRUESTe certification. We can effectively protect your privacy experience and personal information security.

3. Our data security capabilities:

We have been committed to protecting your personal information security.

We have taken various security measures, such as access control system, monitoring system, encryption, anonymization or pseudonymisation, employee training and so forth, to protect your personal information from unauthorized access, use, disclosure, modification, damage or loss and other forms of illegal processing.

We have developed a business continuity plan to ensure that services can be provided continuously. Our information security policies and procedures are designed in strict accordance with international standards, and reviewed and updated regularly, and the effectiveness of the security management architecture and measures is ensured through regular third party security audits. ZTE Corporation and some of its subsidiaries have passed the ISO 27001 information security certification, and can effectively protect your personal information. In case of personal information leakage, we will initiate an emergency plan, take effective measures to prevent the situation from getting worse, and notify the relevant supervisory authority and you in a timely manner.

4. We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will retain your personal information only for the period required to achieve the objectives specified in this policy, unless the retention period needs to be extended or is permitted by law.

5. The Internet is not absolutely secure, and most communications, such as emails and instant messaging, are not encrypted. We strongly recommend that you do not send personal information through such means. Please use a complicated password to help us ensure the security of your account.

6. We shall regularly update and publicize the contents related to reporting such as security risks , personal information security impact assessments and so forth . If we affect your personal information rights in security assessment reports, we will actively disclose security risks. You can obtain detailed report contents in the following way:

E-mail: Privacy@zte.com.cn

7. The Internet environment is not 100 percent secure. We will do our best to ensure or guarantee the security of any information you send us. If our physical, technical or management protection facilities are damaged, which results in unauthorized access, public disclosure, tampering or damage that affects your legal rights and interests, we shall assume the corresponding legal responsibilities.

8. When personal information security incident occurs, we will inform you of the basic situation and possible impact of the security incident in a timely manner, the measures we have taken or will take, suggestions for voluntarily preventing and reducing risks, and remedial measures for you. We will inform you of the incident by email, letter, telephone or pushing notification in a timely manner. If it is difficult to inform the subjects of personal information one by one, we will release the notice in a reasonable and effective manner.

In addition, we will actively report the handling of personal information security incidents in accordance with the requirements of the regulatory department.

V. Your rights

In accordance with personal information protection laws, regulations, standards, and common practices in other countries and regions, we guarantee that you have the following rights over your personal information:

1. Access to your personal information

You have the right to access your personal information, except for exceptions as required by laws and regulations. If you want to exercise data access rights, you can access the data by yourself in the following ways:

Children's basic information management: ZTE Children's Watch - click to view children's information

Watch binding function: ZTE children's watch - My - View children's information - Watch QR code

Micro chat: When users view micro chat information

Location and security guard: When the user enables the security guard to view information about each guard mode (school day guard, holiday guard, security zone guard, and dangerous zone guard)

Children's History Track: View Children's history track

Watch contact: Click Watch contact to view

SMS collection: Open the SMS collection list managed by the watch

Except the above information, other information collected by this application cannot be accessed by you. You can contact us for help.

If you cannot access this personal information through these links/methods, you can send an e-mail to Privacy@zte.com.cn, or submit the request by login the data subject right response system: pdsr.zte.com.cn. As long as we do not need to make too many efforts, we will provide you with other personal information generated when you use our products or services.

2. Correct and supplement your personal information

When you find that your personal information processed by us is incorrect, you have the right to correct and supplement your personal information. You can perform the following operations by yourself:

Children's basic information management: ZTE Children's Watch - Click to view children's information to edit

Location and security guard: Open the security guard (school and school guard, holiday guard, security area guard, dangerous area guard) to edit

Watch contacts: Modify watch contacts

ZTE account registration: You can change the password

Except the above information, other information collected by this application cannot be corrected or supplemented by you. You can contact us for help.

If you cannot correct this personal information through the above links/methods, you can email to Privacy@zte.com.cn or submit the request by login the data subject right response system: pdsr.zte.com.cn at any time.

3. Delete your personal information

You can delete your personal information in the following cases:

Unbind the watch through the administrator, delete the IMEI and location information of the children's watch; Delete ZTE account information by cancelling ZTE account; Delete watch contacts, family micro chat messages and other data through the delete function provided by the app.

Except the above information, other information collected by this application cannot be deleted by you. You can contact us for help.

Once you have deleted your personal information, we will also notify the entities that obtain your personal information from us and require them to delete your personal information in a timely manner, unless required by other laws and regulations, or these entities obtain your independent authorization. After your personal information is deleted , due to the limitations of applicable laws and regulations and safety technologies, we may not immediately delete the corresponding information in the backup system, but we will securely store your personal information, restrict further processing of it, and delete it during the backup update.

4. Change the scope of your authorization

Each business function can be implemented only after some basic personal information (refer to the first part in this policy) is obtained. You may grant or withdraw your authorization at any time for the collection and use of additional personal information.

You can perform the following operations by yourself:

Enter the permission management menu of the mobile phone system to view the permission list of the application, which will list all the obtained permissions in detail. You can revoke the authorization here.

Some business functions can be selected whether to use, and you may grant or withdraw your authorization at any time for these functions. If you do not wish to accept the non-basic functions or services provided by us, you can perform the following operations by yourself:

If you do not need to use the SMS collection function, you can disable this function in the watch management of the app. After this function is disabled, the SMS messages of children's watches will not be synchronized to the app.

Please understand that each business function can be implemented only after some basic personal information is obtained. When you withdraw your permission or authorization, we cannot provide you with the corresponding service. If the information is necessary for us to fulfill our obligations under laws and regulations or to provide major services, we may not be able to respond to your request or the normal use of our services will be affected. After you withdraw your consent, we will not process the corresponding personal information. However, your decision to withdraw your consent will not affect the previous processing of personal information based on your authorization.

5. Personal information subjects cancel accounts

[Example 1] You can cancel your previous account at any time. You can perform the following operations by yourself:
Open this application, enter my page, find APP Settings, click on enter and select logout, and complete the account logout process according to system requirements.

6. Personal information subjects obtain copies of personal information

This application cannot provide you with a way to copy or transfer your personal information. You can contact us for help.

7. Restrain Automatic decision-making of the information system

This application does not use any automatic decision-making and related technologies.

8. Respond to your above requests

If your request cannot be implemented through these links/methods, or you need to contact us for help, you can send an e-mail to Privacy@zte.com.cn, or submit the request by login the data subject right response system: pdsr.zte.com.cn.

To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request.

We will make every effort to ensure that a response is made within one month since we received your request. Considering the complexity and quantity of the request, this period may be extended by another two months if necessary. In the case of postponed respond, we will notify you of the relevant circumstances and the reason for the delay. If the time limit set in this paragraph conflicts with local laws and regulations, the local laws and regulations shall prevail.

In principle, we do not charge for your reasonable requests, but we will charge for repeated requests that exceed a reasonable limit. We may reject requests that repeat unreasonably, require excessive technical means (for example, development of a new system or a fundamental change of current practice), and bring risks to other people's legitimate rights and interests or that are extremely impractical (for example, involving information stored on the backup tape).

We will not be able to respond to your request in accordance with laws and regulations if:

(1) The case is directly related to national security and national defense security.

(2) The case is directly related to public safety, public health, and major public interests.

(3) The case is directly related to any criminal investigation, prosecution, trial, and execution of a judgment.

(4) There is sufficient evidence that you have subjective malice or abuse of rights.

(5) Responding to your request will cause serious damage to the legal rights and interests of yours or other individuals' and organizations'.

(6) Business secrets are involved.

VI. How we process the personal information of children

Our products and services are mainly for adults. Without the consent of parents or guardians, children are not allowed to use our products or services.

If the personal information of children is collected with the consent of their parents, we will only use or disclose this information with the permit of law, the express consent of parents or guardians or the necessary protection of children.

Although local laws and customs define children differently, we regard anyone under 16 as a child.

If we find that we have collected personal information of children without obtaining confirmed parental consent, we will try to delete the information as soon as possible.

VII. How we store your personal information

1. Storage location and cross-border transfer of personal information

Your personal information collected by this application will only be stored in Germany, and will not be transferred to or visited from overseas jurisdictions.

2. Personal Information Storage Period

Unless otherwise specified in this Policy, we will retain your personal information within the period required to achieve the purposes described in this policy, unless as required by law that retention period need to be extended or be permitted by law. The data storage period may vary with different scenarios and products and services. The criteria for determining the retention period (the longer one prevails) include: the time when personal information needs to be retained for the purpose of the service which including the provision of products and services, maintenance of corresponding transaction and service records, control and improvement of product and service performance and quality, the guarantee of system, product and service security and respond to possible user queries or complaints; whether users agree to a longer retention period; and whether there are special requirements for keeping information such as laws and contracts.

After the storage period expires, we will delete your personal information or anonymize it according to the requirements of applicable laws and regulations.

For the storage period of your personal information, please refer to Part I of this privacy.

VIII. GDPR-Specific Provisions

The following provisions only apply to you if you live in Europe.

1.Legal Bases for the Processing of Personal Data

Our processing of your personal data as described in the Section "How We Collect and Use Your Personal Data" is based on the following legal grounds:

1.1 Consent: We may process your personal data with your consent. In particular, we may ask for your consent to participate in promotional activities, such as to send you promotional messages or enable you to participate in the User Experience Program and certain Services, including services through which we collect location information. You have the right not to provide consent, or to withdraw it at any time. The withdrawal of your consent does not affect the lawfulness of our use of your personal data before your withdrawal. If you have granted us consent to use your personal data, we will use it only for the purposes specified in the consent declaration. Please note that to the extent our processing is based on your consent and you deny your consent or withdraw it, we may not be able to provide the service relating thereto. Besides from that, neither the initial denial nor a withdrawal will have any negative consequences for you.

1.2 Perform or enter into a contract with you:

We rely on this legal basis in particular in the following cases:

• to provide you with ZTE's Services, process your orders or fulfil the contract between you and ZTE;

• to activate Services you have purchased, your warranty service and specific software licenses and provide notifications for software updates;

• to allow and manage your participation in prize draws, contests or similar promotional activities held by us;

• to diagnose product issues, repair customer equipment and provide other customer care and support Services.

1.3 Compliance with a legal obligation: ZTE may be obliged to process personal data to comply with our legal obligations, for example where ZTE is required to retain data for tax law or commercial purposes.

1.4 Legitimate interests: The processing of your personal data may also be necessary for ZTE's legitimate interests. In particular, such cases may include the following:

• to conduct customer surveys to enhance your user experience;

• to analyse the customer market on the basis of the country where you use our Services, including the number of users for product marketing and promotion;

• to analyse the efficiency of our business operations;

• to analyse error logs to improve phone quality and app functions;

• to provide you with personalised Services and to recommend and display content and advertisements tailored to you through our Services;

• to communicate with you and reply to your questions or comments submitted to us by any means;

• to ensure the functionality and safety of our Services;

• to verify your identity;

• to conduct internal auditing and to prevent and investigate fraud, cybersecurity threats or other improper use;

• to enhance and develop our Services, including relevant security features, so as to improve the product usage experience, user-friendliness, operational performance, functions and design;

• to pursue or defend against legal claims.

Your personal data will only be processed on the above grounds after we have appropriately assessed and balanced our interests against your right to privacy.

2.Additional Information on Your Rights Regarding Personal Data

Subject to the legal requirements under the GDPR, you have the following rights:

The right to access: You may request access to the personal data we hold about you.

The right to rectification: If you find that the personal data we process about you is inaccurate or incomplete, you are entitled to ask us to make rectifications without undue delay and to request the completion of your personal data where appropriate.

The right to erasure: You can submit a request to us to delete personal data, and we shall have the obligation to erase it without undue delay in some circumstances – for example, if we do not have a legal reason to continue to process the personal data to the extent required by applicable laws and regulations. Please note in so far as you delete all the data that is contained in your device, this does not mean that you have deleted all data that ZTE collects and processes about you. Therefore, we encourage you to contact us (please refer to the section "Contact Us" ) to request that your personal data is deleted.

The right to restriction of processing: You have the right, in certain circumstances, to request ZTE to temporarily restrict the processing of your personal data, such as where the accuracy of that personal data is contested by you, while we verify the accuracy of that personal data. We will keep just enough data, or process such data as is necessary to ensure that we comply with your restriction request in the future.

THE RIGHT TO OBJECT: You have the right to object to any processing justified by legitimate interests based on grounds relating to your particular situation at any time. Should you decide to object to the processing of your personal data, we will stop processing personal data that concerns you, unless we can demonstrate compelling reasons for continuing to process your personal data that override your interests, rights and freedoms, or in the case that we establish, exercise or defend our legal claims. You can object to direct marketing activities at any time for any reason whatsoever.

The right to data portability: You have the right to obtain a copy of your personal data in a structured, commonly-used and machine-readable format and transmit such data to another provider or have such data transmitted to another provider under certain circumstances.

The right to withdraw consent: If you have given us your consent to process your personal data but change your mind later, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of our use of your personal data before your withdrawal. If you want to withdraw your consent with regard to receiving promotional communications, you can unsubscribe through the method described in each promotional message. If you withdraw your consent, we may no longer be able to provide you with the corresponding Service.

The right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority about the way we handle or process your personal data, or file a lawsuit in a court with jurisdiction. Information about how to contact your local data protection supervisory authority is available here at https://edpb.europa.eu/about-edpb/board/members_en

3.Additional Information on Cross-border transfer

We takes steps to ensure that appropriate technical and organizational security measures and safeguards are applied when transferring personal information outside of the EEA and that privacy rights outlined in this Policy are preserved. We has established Standard Contractual Clauses of the EU Commission as providing an adequate level of protection to the personal information we Process globally. We ensures that all transfers of Personal Information are subject to appropriate safeguards as defined by the regulation.

IX. How to update this policy

Our privacy policy may change.

Without your express consent, we will not reduce your rights under this privacy policy.

We will release any changes to this policy on this page. For major changes, we will also provide more noticeable notifications (including notifications for some services, which will be sent via email to describe the specific changes in the privacy policy).

Major changes mentioned in this policy include but are not limited to the following situations:

1. Our service model has significantly changed. For example, the purpose of processing personal information, the type of processed personal information, and the mode of using the personal information.

2. Major changes have taken place in the ownership structure and organizational structure. Such as changes in owners caused by business adjustment or bankruptcy or mergers and acquisitions.

3. The major objects of personal information sharing, transfer, or public disclosure are changed.

4. Your right to participate in the processing of personal information and the way you exercise it have changed significantly.

5. Our responsible department for personal information security, contact method, or complaint channel have changed.

6. The personal information security impact assessment report indicates a high risk.

We will also archive the old version of this policy for your reference.

X. Contact us

We have established a special personal information protection department – Data Protection Compliance Dept. If you have any questions, comments, or suggestions on this privacy policy, please feel free to send an email to us at Privacy@zte.com.cn, which will be replied within at the appropriate time.

Privacy@zte.com.cn is only used to handle problems related to users' personal information and privacy protection. For problems about terminal equipment failure or account settings, please send emails to mobile@zte.com.cn. Our terminal after-sales staff will reply to you at the first time.

In addition, you can send letters to the Data Protection Compliance Dept. of ZTE headquarters.

To: Data Protection Compliance Dept. of ZTE Corporation

Address: 26/F, R&D Building, No. 55, Hi-Tech Road South, Shenzhen, China (Post Code: 518057)

If you are unsatisfied with our response, especially when our personal information processing activities have damaged your legal rights and interests, you can seek solutions through the local data protection agency.

For contact information about personal information supervisory authority in other areas, you can consult the local government. For the contact information of the European Union data protection agency, please refer to: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm