Smartphones
Tablets
Audio
Wearables
Routers
About OPPO
ColorOS
OPPO EU Data Act Notice
Version: v1.0
Effective Date: 2025-09-12
This Notice is provided in accordance with the EU Data Act (Regulation (EU) 2023/2854) (the “EU Data Act”).
Registered Address:NO.18 HaiBin Road, Wusha Village, Chang'an Town, DongGuan City, Guangdong Province, P.R. China.
We act as the data holder under the EU Data Act for the connected products described below.
Connected Product means an item that obtains, generates or collects data concerning its use or environment and that is able to communicate product data via an electronic communications service, physical connection or on-device access, and whose primary function is not the storing, processing or transmission of data on behalf of any party other than the user.
We offer the following connected products:
- Smartphones
- Smart watches
- Tablets
- Smart earphones
The functions of these connected products, as well as details regarding the data they generate and how it is handled, are described in the following sections of this notice.
Data means any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audio-visual recording.
For GDPR-compliant disclosures, please refer to Privacy Notice.
Individuals or legal entities using our Connected Products hereinafter referred to as (“Users”) have the right,in accordance with the EU Data Act,to request access to, erasure of, or portability of data generated/collected by Connected Products.
These requests can be submitted via [9. Contact and Data Request Channel]
-
5.1 Business-to-Business (B2B) Access Requests
Exclusively based on the User’s explicit consent;
Contracts shall specify: Purpose limitation, Confidentiality obligations, Data security measures, Prohibition of misuse.
-
5.2 Business-to-Government (B2G) Access Requests
Based on Article 14-18 of EU Data Act, data may be shared with public authorities: Permitted under Article 15 for emergencies or legitimate public tasks (e.g., natural disasters, public safety, pandemics);
Data transmitted via encrypted secure channels with strict purpose binding;
Government entities must submit formal written requests with access logging;
Data minimisation principle applies to all shared datasets.
-
5.3 Third Parties Requests Submission.
Third parties may submit formal requests through [9.Contact and Data Request Channel].
To ensure security of data generated by Connected Products manufactured by OPPO Guangdong Mobile Communications Co., Ltd.,we implement the following technical and organizational safeguards throughout the processes of data transmission, storage, and access:
-
Implement full security encryption during storage and transmission to prevent data from unauthorised access, use or disclosure (such as by using SSL to encrypt many Services).
-
Regularly review practices regarding data collection, storage and processing (including physical security measures) to prevent unauthorised access to or tampering with our various systems and data.
-
Establish access rights management mechanism to authorize only necessary personnel to access data.
-
Conduct security and privacy protection training, testing and other activities to enhance employee awareness of and proficiency in data protection.
-
Use international and industry-recognised standards to protect your data and actively pursue relevant security and privacy protection accreditation.
We ensure that the recipient can process the data in a structured, commonly used and machine-readable format in order to comply with the interoperability requirements of Articles 33 of the EU Data Act.
Without OPPO’s express written authorization or, unless legally required, data shall not be used for the following purposes:
-
- Development of competing products;
-
- Reverse engineering of algorithms;
-
- Targeted advertising or profiling of users.
