Last Updated: September 15, 2019
Wat betekent het Zegel TRUSTe gecertificeerde privacy:
Ondernemingen die het Certified Privacy-zegel weergeven, hebben aangetoond dat hun privacybeleid en -praktijken voldoen aan de TRUSTe Enterprise Privacy & Data Governance Practices Assessment Criteria (beoordelingscriteria privacy- en databeschermingsbeleid voor ondernemingen).
TRUSTe controleert continu de conformiteit door middel van jaarlijkse hercertificeringen en klachten ontvangen via het Privacy Feedback-mechanisme.
Alle ondernemingen die dit zegel weergeven, zijn uitsluitend zelf aansprakelijk voor hun eigen privacybeleid en het terstond informeren van TRUSTe over eventuele veranderingen die van invloed kunnen zijn op hun certificeringsstatus.
TRUSTe has certified Guangdong OPPO Mobile Telecommunications Corp., Ltd. ("OPPO") complies with TRUSTe’s Enterprise Certification Standards. OPPO has demonstrated that the data privacy and governance practices governing the properties listed below meet TRUSTe’s Certification Standards. Web Properties: www.oppo.com/en, www.oppo.com/it, www.oppo.com/es, www.oppo.com/nl, and www.oppo.com/fr. Mobile Applications: Theme Store, Clone Phone, Photos, Music, Recorder, Radio, Video, Weather, Clock, Calculator, Files, Usage Tips, Smart Assistant, Contacts, OPPO Share, Settings, Compass, Dialer, Messaging, System Applications, Phone Manager, OPPO ID, Face Recognition, Fingerprints Unlock, and Camera.
This policy will help you understand the following:
III How We Collect and Use Your Personal Data
IV How Long We Keep Your Personal Data
V How We Disclose Your Personal Data
VI How We Protect Your Personal Data
VII Your Rights with Regards to Your Personal Data
VIII How We Process Children's Personal Data
IX Third-Party Service Providers and Their Services
X How Your Personal Data Is Transferred Globally
XII Product-Specific Details
“Affiliated Company” refers to a company that is related to OPPO due to joint ownership or control.
“Third Parties” refer to companies or persons who do not have a related relationship arising out of joint ownership or control with OPPO (i.e., a non-affiliated company) or other non-related persons. Third parties can be financial or non-financial companies, or persons other than you and OPPO.
“Personal Data” refers to any information relating to an identified or identifiable natural person.
1. What are cookies?
Cookies are small text files which are transferred from our websites, applications or services and stored on your device. OPPO’s websites, online services, interactive applications, email messages, and advertisements may use “cookies” and other technologies such as pixel tags and web beacons. Cookies not set by this site will not be accessible to us.
2. How long will cookies stay on your device:
(1) Session cookies – such cookies will only last until your browser is closed and will not be stored on your hard drive. Session cookies are generally used to track the pages on a site that you visit so that information can be customised in relation to a specific visit to a page of the website.
(2) Persistent cookies – such cookies will be stored on your hard drive until you actively choose to delete them or when each cookie reaches its expiry date. Such cookies can be used to store your preferences when you use this site.
3. We will use the following types of cookies:
(1) Strictly necessary cookies – These are cookies that are required for the operation of our website. Such cookies may include, for example, cookies that enable you to log into secure areas of our website.
(2) Analytical or performance cookies – These are cookies that permit us to count the number of visitors to our website and to inform us about how visitors are using our website in order to provide improvements to the way that this site works.
(3) Functionality Cookies – These cookies are used to recognise you when you visit or return to our website. This allows us to personalise the content of this site for you and to recognise your preferences when you visit this site (e.g. choice of language).
(4) Targeting Cookies – These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertisement displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
4. Our cookie usage is limited to the following purposes:
(3) If the “Do Not Track” function is enabled on your browser, we will respect your choice.
(4) Like most websites, we automatically collect certain information to analyse general usage trends and manage our websites. This information may include Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data.
5. Removing/disabling cookies
Cookies and cookie preferences shall be managed from the Options/Preferences panel of your browser. See below instructions on how to manage cookies on certain popular browsers:
4. More information about cookies
For more information about cookies and instructions on how to configure your browser to accept, delete or reject cookies, see www.allaboutcookies.org.
III How We Collect and Use Your Personal Data
We collect data to improve operational efficiency and to optimize your product experience. Our channels for collecting personal data include: (1) you provide your data to us directly, (2) we obtain certain data about how you interact with our products, and/or (3) we obtain certain data about you from third parties.
The data we collect depends on the environment in which you interact with OPPO, the choices you make, such as your privacy settings and the products and features you use. It is worth noting that, for OPPO phone users, we usually treat the shipping area recorded on the mobile phone box as the actual location where your phone is used and comply with local laws and regulations, including those for data protection.
1. Personal data we collect
(1) Personal data directly provided by you
The services we provide require you to provide certain personal data directly to us. For instance:
a. Registering an OPPO account ID or filling out a warranty card/electronic warranty card requires you to create an account or to complete a personal profile where you would provide personal data such as name, date of birth, mobile number, email address, username and password created, photos, etc.
b. If you order products from us, request a return or refund, or use a paid service, we may collect your delivery details, bank account number, credit card details, billing address, information for credit check and other financial information, contact and communication records, etc., so we can process your order.
c. Some of our services allow you to communicate and share contents with others. The communicated or shared content may be transmitted through and stored in our system.
d. Face or fingerprints recognition enables rapid unlocking of your device with your pre-recorded facial or fingerprint information. To achieve this function, you will need to provide your facial feature information or your fingerprint information from different angles. Such information will only be stored locally within your device and not upload onto our servers. Therefore, it is impossible for us to disclose such information to any third party or use it for any other purpose.
We may ask you to provide personal data under other circumstances, such as when you enter into prize draws or competitions, participate in promotional or marketing activities organized by us or our business partners, complete questionnaires, participate in user forums or blogs hosted by us or our business partners. The information you provide helps us design and improve the products and services. We may match your personal data with third-party data to better understand your needs.
(2) Service usage information
In addition to the information you provide, we may also collect information about your use of our services through software on your device and other means. We may collect:
a. Device information — such as device name, model, region and language settings, device identification number (IMEI number, etc.), device hardware information and status, usage habits, IP address, Mac address, operating system version, and settings of the device used to access our services.
b. Log information — such as when and how long the service is used, search terms entered through the service, and error log information of your device. The Android system is designed in such a way that your error or crash logs will include the overall information when the events occur, which may sometimes include your personal data such as phone number, email address, Facebook account, etc. However, we have implemented security measures to ensure such information only to be used for error log analysis and not for personal identification or other purposes. We clear such data on a regular basis, usually within 30 days after collection.
c. Location information — such as the GPS signal of the device or information about WiFi access points and cell towers nearby, device location ID, network service provider ID. We will ask you if you want to enable location-based services for the various location-based apps. You can modify the location settings of your device from the device settings (such as changing or disabling the method or server used in location-based services or modifying the accuracy of your location information) to change the location information provided to us.
d. Voice information — when you use voice command control services or other voice assistance services or when you contact our customer support team, we may record your voice (and may store it on our servers).
e. Album information — for example, to provide you with the function to display photo locations as well as to classify your photos and videos, we need to collect the latitude and longitude information of your photo and video files; when you search for a certain picture, we will collect the words you entered and the number of pictures identified locally.
f. Camera — to ensure the camera app works normally, we collect the operational data (e.g. how many times you use the app), information about your device (e.g. IMEI, device model, IP address, version of operating system), characteristic information about the photos taken (e.g. photosensitivity, number of faces captured) and the information of storage capacity readily available in your mobile.
We may also collect other information about your use of our services — such as the version of the application being used, the website visited, and how you interact with the content provided through our services.
Please note that we may cooperate with third-party service providers to implement or improve our service functions above, for instance, when a third-party service provider provides voice to text conversion services on our behalf, it may receive and store certain personal data. These third parties may not use this information for any other purpose.
(3) Obtaining data from a third party
To the extent permitted by law, we may obtain your personal data from public or commercial sources and may combine that with other personal data we collected or will collect. If you choose to use our services by logging in with an account of our affiliates or third parties such as HeyTap, QQ, WeChat, Alipay, Weibo, and Facebook, etc., we may also obtain your public information (such as your alias, profile picture, etc.) from these third parties.
2. How we use your personal data
a. with your prior explicit consent which can be withdrawn at any time at your request;
b. so that we can perform or carry out a contract with you in relation to our products and/or services;
c. for compliance with a legal obligation to which OPPO is subject;
d. when necessary for the purposes of the legitimate interests pursued by OPPO or a third party to whom it may be necessary to disclose information. Where we process your information in reliance on such grounds, we will only do so where we have appropriately balanced such interests against your right to privacy. Such legitimate interests may include (without limitation), as follows:
• Provide products and improve services. The personal data we collect will be used to provide you with OPPO's products and services, process your orders or fulfil the contract between you and OPPO to ensure the functionality and safety of our products and services, to verify your identity, to prevent and investigate fraud or other improper use.
• Customer Support. We use data to diagnose product issues, repair customer equipment, and provide other customer care and support services. Your mobile user identification information, mobile device’s unique identifier, and geographic location information can be used to activate your warranty service and specific software licenses and may be used to invite you to participate in surveys. We also use this information to improve our products and analyse the efficiency of our business operations. However, we will not use this information to track your location. We may also collect your email address to reply your questions or comments raised in the “Contact Us” section of our websites.
• Product Improvements. We use data to constantly improve our products, including the addition of new features and functionality. For example, we use error reports to improve security features and use usage data to determine cell phone sequencing. We use mobile phone numbers obtained through offline sales channels, electronic warranties, and account registrations to conduct survey and return visit to users in order to improve user experience.
• Advertising. The personal data we collect will be used to personalize the product and to provide you with more tailored services, for example: your information can be used to recommend and display content and advertisements tailored to you on our services, or be used to conduct research and pay return visits to customers. In order to improve our products or services, with your consent, we may match your personal data (including but not limited to the de-identified location information so that it is no longer associated with a particular person) with third-party data to form a user profile so that we can conduct product development or deliver targeted product information to you (through post, email, phone and fax).
• Commercial Promotion Activities. If you participate in prize draws, contests or similar promotional activities held by OPPO, we will use the personal data you provide to manage such activities.
(2) We may also process certain forms of “sensitive” personal data (in particular, biometric information where you choose to use such information for the purposes of securing your access to one of our devices) under the following lawful bases:
a. with your prior explicit consent; and/or
b. where the processing is required to comply with legal obligations.
IV How Long We Keep Your Personal Data
Our retention period for personal data is the minimum time necessary to realise the purpose of collection unless a longer retention period is required by law. Beyond the above retention period, we will delete or anonymise your personal data.
V How We Disclose Your Personal Data
1. At times OPPO may make certain personal data available to affiliated companies and other third parties that work with OPPO necessary to provide products and services. Your information will not be shared with third parties for their own independent marketing or commercial purposes.
We will only share your personal data for lawful, legitimate, necessary, specific and clear purposes, and only personal data necessary for service provision will be shared. Our partners are not allowed to use the shared personal data for any other purposes.
2. We will only publicly disclose your personal data under the following circumstances:
(1) After we obtain your explicit consent;
(2) Disclose in accordance with laws: we may disclose your personal data if it is compulsorily required by laws, such as to comply with a subpoena or other legal proceedings, legal actions or government agencies, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
VI How We Protect Your Personal Data
1. We have taken reasonably practical and technical measures to protect the collected personal data related to our services. While we have taken reasonable measures to protect your information, no websites, Internet transmissions, computer systems or wireless connections are absolutely secure.
2. We have taken safeguarding measures in accordance with industry standards to protect the personal data you provided and prevent data from unauthorised access, public disclosure, use, modification, damage or loss. We take all reasonably practical measures to protect your personal data. In particular:
(1) We de-identify your personal data to mitigate the risk that other organizations or individuals may identify you on the basis of that personal data. We use SSL to encrypt many services. We review practices regarding information collection, storage and possessing (including physical security measures) periodically to prevent unauthorised access.
(2) We only allow OPPO employees and personnel of authorised service companies to access such personal data on a need-to-know basis, in order to process such information or provide relevant services to you. These employees and external personnel are subject to strict contractual confidentiality obligations. If they fail to perform these obligations, they may be held liable or their relationship with OPPO may be terminated.
(3) The security of your information is extremely important to us. Therefore, we endeavour to ensure the security of your personal data and implement measures such as full security encryption during data storage and transmission to prevent unauthorised access, use, or disclosure. At the same time, no one can access the specific content of some encrypted data except the users themselves.
(4) When transmitting and storing your personal data of special categories, we use security measures such as encryption. We use technical measures to process your personal biometric information s before storage. For instance, we store only the essential components of personal biometric information.
(5) We will prudently select business partners and service providers and implement the requirements for personal data protection to the business contracts or audits and assessments between both parties.
(6) We conduct security and privacy protection training, testing and other activities to enhance employees’ awareness and proficiency of personal data protection.
(7) We use international and industry-recognised standards to protect your personal data and actively pass relevant security and privacy protection certifications.
3. In case of personal data security incident, we will act, in accordance with the applicable law.
VII Your Rights to Your Personal Data
We respect your legal rights to your personal data. We list below your legal rights and the measures we take to protect these rights.
2. The right to access: If you wish to access your personal data, you can login to your account and access the information you provided when registering the OPPO ID through “Settings - OPPO IDs”. In addition, you can submit a data access request by contacting our Data Protection Officer: email@example.com
3. The right to rectification: If you find that your personal data we hold is inaccurate or incomplete, you are entitled to ask us to make rectifications. You can rectify your information via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: firstname.lastname@example.org.
4. The right to erasure: You can submit a request to us to delete personal data if we do not have a legal reason to continue to process and hold it. You can delete your information via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: email@example.com.
5. The right to restriction of processing: You have the right to ask us to restrict how we process your personal data. This means we are permitted to store the data but not further process it unless we are legally entitled to continue processing. You can exercise this right via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: firstname.lastname@example.org.
6. The right to data portability: To the extent permitted by laws and regulations, you have the right to obtain a copy of your personal data in a structured, commonly used and machine-readable format. For example, if you decide to switch to a new provider, this enables you to move copy or transfer your personal data between our IT systems and theirs safely and securely, without affecting its usage. You can exercise this right via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: email@example.com.
7. The right to object: You have the right to object to OPPO processing your data even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purpose of statistics. You can exercise this right via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: firstname.lastname@example.org.
8. The right to withdraw consent: If you have given us your consent to process your personal data but change your mind later, you have the right to withdraw your consent at any time, and OPPO must stop processing your data. You can withdraw your consent via the link: https://id.oppo.com/static/userdata_index.html, or contacting our Data Protection Officer: email@example.com. Please note that if you withdraw your consent, we may no longer be able to provide you with the corresponding services for which you have withdrawn your consent.
9. The right to object automated individual decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling. If these decisions significantly affect your lawful rights, you are entitled to ask for an explanation via the link: https://id.oppo.com/static/userdata_index.html or contacting our Data Protection Officer: firstname.lastname@example.org, which we will respond to and take appropriate measures to resolve, as necessary.
10. The right to lodge a complaint: You have the right to lodge a complaint about the way we handle or process your personal data with the data protection authority of your jurisdiction.
Please note that for security reasons, we may ask you to verify your identity before processing your request on a strict need-to-know basis. In principle, we do not charge a fee for your reasonable request. However, for multiple and repetitive requests that exceed reasonable limit, we may charge a reasonable fee to cover some costs depending on the nature of the request. We may refuse requests that are manifestly unfounded, unreasonably repetitive, or require disproportionate technical effort (for instance, require the development of new systems). In addition, we may not respond to requests that directly concern significant issues of public interest or may cause serious damage to the legitimate rights and interests of you or other individuals or entities.
VIII How We Process Children’s Personal Data
1. Our products, websites and services are mainly adult-oriented and may not be used by children without guardian consent. A child should not create his/her own user account. We treat anyone under 16 years old (or equivalent minimum age for full legal capacity in relevant jurisdiction) as a child.
2. When we find that a child’s personal data is collected without expressed and verifiable guardian’s consent, we will delete the relevant data as soon as reasonably possible.
IX Third-Party Services Providers and Their Services
1. Our websites, products, applications, and services may contain links to third-party websites, products, and services. You can choose whether to access websites, products and services provided by third parties or not. For example, the “follow us” function in the official website will lead you to access our official accounts in social network platforms (e.g. Facebook, Instagram, LinkedIn, Twitter and etc.) where you can obtain marketing or promotional information published by OPPO.
X How Your Personal Data Is Transferred Globally
1. In principle, the personal data collected and produced within the territory of European Union (EU) is stored within the EU territory.
2. Nevertheless, we provide products and services through resources and servers around the world. This means, in compliance with applicable laws, your personal data (e.g., IMEI, mobile phone number, email address, and user name) might be transferred to or accessed from jurisdictions outside of the jurisdiction where you use our products or services.
3. In case your personal data is transferred to countries located outside of the European Economic Area (EEA), we will ensure that it will be protected in a manner that is consistent with how your personal data will be protected by us in the EEA. This can be done in a number of different ways, such as:
(1) the recipient of the personal data is located within a country that benefits from a full “adequacy” decision of the European Commission;
(2) the recipient may have adhered to binding corporate rules (only for intragroup transfers);
(3) the recipient has signed a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or
(4) where the recipient is located in the US, it is a certified member of the EU-US Privacy Shield scheme.
In the absence of these appropriate safeguards, we will ask you for your explicit consent for cross-border transmission of your personal data. In the meantime, security measures such as encryption, de-identification will be adopted for the safety of your personal data.
The personal data that we collect from you may also be otherwise transferred to, and stored at, destinations outside the EEA. It may also be processed by individuals operating outside of the EEA who work for our affiliates or for one of our suppliers.
In all cases, however, we will ensure that any transfer of your personal data is compliant with the applicable data protection law
For more information about the safeguards relating to personal data transfers outside of the EEA, please contact our Data Protection Officer: email@example.com.
XII Product-Specific Details
The followings are specific privacy practices for certain OPPO products and services that you may use.
1. OPPO Cloud Services
Through OPPO cloud services, you can securely store your personal data (such as photos, videos, contacts, text messages, notes, browser bookmarks, calendars, call records, etc.) in the cloud for your access, retrieve your phone, etc. When you use the OPPO cloud services to retrieve your phone, location information will be uploaded as well. Once you enable the OPPO cloud services, your personal content will be automatically sent to and stored on our servers in the EU. These data would be automatically synchronized to and available for access on your phones or computers that enabled OPPO cloud services.
2. Account Registration Services
You can use your OPPO ID to enjoy OPPO’s services. We may collect the following information you provided to create your ID: your date of birth, mobile phone number, email address, emergency contact person and their contact information, username you created, and password you submit when you log into your account.
We are authorised to use such information during your use of this service. If you log out of your ID, you can close your account via the link: https://id.oppo.com/static/userdata_index.html?region=en. After the account is closed, we will stop providing you with products or services, and we will delete your personal data as you requested, unless otherwise specified by laws and regulations. The information above will be stored within EU territory. However, in order to facilitate your normal use of the account service worldwide, we will transfer your account information outside the EU territory. We will ensure that your personal data receives adequate protection during the process of the transfer. For specific protection measures, please refer to Part X on How Your Personal Data Is Transferred Globally.
NO.18 Haibin Road, Wusha, Chang'an, Dongguan, Guangdong, PRC China