This site uses cookies and similar technologies to work properly. With your permission, we'd like to set cookies to help us analyse traffic and optimise your browsing experience. Read More

Cookie setting


Privacy Policy for Businesses


 

Last Updated: November 21, 2019


Guangdong OPPO Mobile Telecommunications Corp., Ltd. and its affiliated companies (hereinafter referred to as "OPPO" or "we" or "us" or "our") are committed to protecting and respecting your privacy. Therefore, we developed a Privacy Policy that covers how we collect, use, disclose, transfer, and store your personal data while you and your business interact with us to supply us with your products or services or purchase our products or services. This Privacy Policy does not apply to the processing of personal data while you use our mobile applications or services, which is governed by the policy available here. Please read carefully and familiarize yourself with our privacy practices and how your personal data are processed.


This policy will help you understand the following:

I         Definitions

II        How We Collect and Use Your Personal Data and on What Legal Grounds

III       How Long We Keep Your Personal Data

IV       How We Disclose Your Personal Data

V        How We Protect Your Personal Data

VI       Your Rights to Your Personal Data

VII      How We Process Children's Personal Data

VIII     How Your Personal Data Is Transferred Globally

IX       How This Privacy Policy Is Updated

 


I          Definitions

"Affiliated Company" refers to a company that is related to OPPO due to joint ownership or control.


"Third Parties" refer to companies or persons who do not have a related relationship arising out of joint ownership or control with OPPO (i.e., a non-affiliated company) or other non-related persons. Third parties can be financial or non-financial companies, or persons other than you and OPPO.


"Personal Data" refers to any information relating to an identified or identifiable natural person.


"Process" refers to any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

 


II         How We Collect and Use Your Personal Data and on What Legal Grounds

(1)We have set out below, in a table format, a description of all the data we process and the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.


Type of data we processPurpose/ActivityLegal grounds for processing
If you are an employee or representative of a company that supplies products or services to us
  • Full name of the company's legal representative;

  • Full name of main contact person(s);

  • Phone

  • Email

  • Job Title

  • Log info and user account (if you are using our databases)

  • Other information you might share with us

To register your company as a new supplier in our databasesNecessary for our legitimate interests (to maintain efficient databases of the  suppliers we interact with)
To interact with you and complete our order including arrange for  payments, fees and chargesNecessary for performance of a contract with you
To communicate with you and invite you to participate in our marketing activities relevant to your services or that might be of interest to you for business purposesNecessary for our legitimate interests (to promote our business)
To provide you access to databases used during our daily business and are relevant to your servicesNecessary for our legitimate interests (to run our business, and maintain databases that can increase  our work efficiency)
To protect our business and our databases (including troubleshooting, support, system maintenance, reporting and hosting of data)Necessary for our legitimate interests (to run our business, provide administration and IT services, network security);
Necessary to comply with a legal obligation
If you are an employee or representative of a company that we sell products to for distribution
  • Full name of the company's legal representative;

  • Full name of main contact person(s);

  • Phone

  • Email

  • Job Title

  • Passport details (for booking and traveling authorisation)

  • Log info and user account (if you are using our databases)

  • Other information you might share with us

To register your company as a new customer in our databasesNecessary for our legitimate interests (to maintain efficient databases of our products’ distributors)
To interact with you and complete your order including process your purchase order, provide after-sales services, technical support, training, collect and recover money owed to usNecessary for performance of a contract with you;
Necessary for our legitimate interests (to recover debts owed to us)
To communicate with you and send details of our marketing activities relevant to our services or that might be of interest to you for business purposesNecessary for our legitimate interests (to promote our business)
To communicate with you and ask you to leave a review or complete a survey; to reply your requests about us or handle any complaints you might haveNecessary for our legitimate interests (to collect our business partners'feedback, improve the level of our services and grow our business)
To communicate with you and arrange your visit to our premises, including flight and accommodation booking and the completion of the procedures for  traveling authorisation use (if needed)Necessary for our legitimate interests (to strengthen our relationship with you)
Consent (if you ask us to assist you with accommodation, transportation, visas etc.)
To provide you access to databases used during our daily business and are relevant to your servicesNecessary for our legitimate interests (to run our business, and maintain databases that can increase our work efficiency)
To protect our business and our databases (including troubleshooting, support, system maintenance, reporting and hosting of data)Necessary for our legitimate interests (to run our business, provide administration and IT services, network security);
Necessary to comply with a legal obligation
If you are an employee or representative of a company that explores business opportunities with OPPO
  • Full name

  • Address

  • Phone

  • Email

  • Job Title

  • Other information provided on your business card or you have otherwise chosen to share with us

To communicate with you, reply your questions and send details of our marketing activities relevant to your services or that might be of interest to you for business purposesNecessary for our legitimate interests (to maintain our relationship with you and promote our business)
If you are an employee or representative of a company or an individual freelancer that has established contact with us and you do not fall in any of the above-mentioned categories, e.g. journalist, member of the press, key opinion leader (KOL), designer
  • Full name

  • Address

  • Phone

  • Email

  • Job Title/Profession

  • Passport details (for booking and traveling authorisation)

  • Other information provided on your business card or you have otherwise chosen to share with us

To communicate with you, invite you to take part in our marketing activities or contests that might be relevant to your services/profession or that might be of interest to you and facilitate your access to such activitiesNecessary for our legitimate interests (to maintain our relationship with you and  promote our business)
Consent (if you ask us to assist with arranging accommodation, transportation, visas etc.)
To communicate with you and arrange your visit to our premises, including flight and accommodation booking and the completion of the procedures for traveling authorisation (if needed)


We do not take any decisions involving the use of algorithms or profiling that significantly affects you.


III        How Long We Keep Your Personal Data

Our retention period for personal data is the minimum time necessary to realise the purpose of collection unless a longer retention period is required by law. Beyond the above retention period, we will delete or anonymise your personal data.


IV        How We Disclose Your Personal Data

1.         At times OPPO may make certain personal data available to affiliated companies and other third parties that work with or for OPPO.

(1)       Affiliated Companies: your personal data may be shared with OPPO's affiliated companies. We only share necessary personal data subject to the purposes stated in this Privacy Policy.

(2)       Sharing with other third parties: to realise the purposes stated in this Policy, some of our services will be provided by other third parties. We may share some personal data with them to provide better services and user experience. Where a merger, acquisition or bankruptcy liquidation takes place, if the transfer of personal data is involved, we will ask the new company or organization which obtains your personal data to be subject to this Privacy Policy, otherwise we will ask such company or organization to obtain your consent for such transfer.

We will only share your personal data for lawful, legitimate, necessary, specific and clear purposes, and only personal data necessary for service provision will be shared. Our partners are not allowed to use the shared personal data for any other purposes.

2.         We may also disclose your personal data if it is required by laws, such as to comply with a subpoena or other legal proceedings, legal actions or government requests, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others investigate fraud.


V        How We Protect Your Personal Data

1.         We have taken reasonably practical and technical measures to protect the collected personal data related to our services. While we have taken reasonable measures to protect your information, no websites, Internet transmissions, computer systems or wireless connections are absolutely secure.

2.         We have taken safeguarding measures in accordance with industry standards to protect the personal data you provided and prevent data from unauthorised access, public disclosure, use, modification, damage or loss. We take all reasonably practical measures to protect your personal data.  In particular:

(1)       We use SSL to encrypt many services. We review practices regarding information collection, storage and possessing (including physical security measures) periodically to prevent unauthorised access.

(2)       We only allow OPPO employees and personnel of authorised service companies to access such personal data on a need-to-know basis, in order to process such information or provide relevant services to you. These employees and external personnel are subject to strict contractual confidentiality obligations. If they fail to perform these obligations, they may be held liable or their relationship with OPPO may be terminated.

(3)       The security of your information is extremely important to us. Therefore, we endeavour to ensure the security of your personal data and implement measures such as full security encryption during data storage and transmission to prevent unauthorised access, use, or disclosure.

(4)       We will prudently select business partners and service providers and implement the requirements for personal data protection to the business contracts or audits and assessments between both parties.

(5)       We conduct security and privacy protection training, testing and other activities to enhance employees' awareness and proficiency of personal data protection.

3.         In case of personal data security incident, we will act, in accordance with the applicable law.


VI        Your Rights to Your Personal Data

We respect your legal rights to your personal data. We list below your legal rights which can be exercised under certain circumstances:

1.        The right to be informed:  OPPO is publishing this Privacy Policy to keep you informed as to what we do with your personal data. We strive to be transparent about how we use your data.

2.        The right to access: This right is commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

3.        The right to rectification: This enables you to have any incomplete or inaccurate information we hold about you corrected.

4.        The right to erasure: This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

5.        The right to restriction of processing: This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

6.        The right to data portability: To the extent permitted by laws and regulations, you have the right to obtain a copy of your personal data in a structured, commonly used and machine-readable format so that you transmit them to another party.

7.        The right to object: You have the right to object to OPPO processing your data even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purpose of statistics. More information about this right is available at the end of this Privacy Policy.

8.        The right to withdraw consent: If you have given us your consent to process your personal data but change your mind later, you have the right to withdraw your consent at any time, and OPPO must stop processing your data. You can withdraw your consent by contacting us (see below). Please note that if you withdraw your consent, we may no longer be able to provide you with the corresponding services for which you have withdrawn your consent.

9.        The right to lodge a complaint: You have the right to lodge a complaint about the way we handle or process your personal data with the data protection authority of your jurisdiction.

Please note that for security reasons, we may ask you to verify your identity before processing your request on a strict need-to-know basis. In principle, we do not charge a fee for your reasonable request. However, for multiple and repetitive requests that exceed reasonable limit, we may charge a reasonable fee to cover some costs depending on the nature of the request. We may refuse requests that are manifestly unfounded, unreasonably repetitive, or require disproportionate technical effort (for instance, require the development of new systems). In addition, we may not respond to requests that directly concern significant issues of public interest or may cause serious damage to the legitimate rights and interests of you or other individuals or entities.


VII      How We Process Children's Personal Data

1.        This Privacy Policy covers how we collect, use, disclose, transfer, and store your personal data while you and your business interact with us to supply us with your products or services or purchase our products or services. Therefore, in principle, we do not expect to collect or process data of children for such reason. We treat anyone under 16 years old (or equivalent minimum age for full legal capacity in relevant jurisdiction) as a child.

2.        If you believe that we might have any information from or about a child under 16, please contact us (see below).


VIII     How Your Personal Data Is Transferred Globally

1.        We provide products and services through resources and servers around the world. This means, in compliance with applicable laws, your personal data might be transferred to or accessed from jurisdictions outside of the jurisdiction where you use our products or services.

2.        In case your personal data is transferred to countries located outside of the European Economic Area (EEA), we will ensure that it will be protected in a manner that is consistent with how your personal data will be protected by us in the EEA. This can be done in a number of different ways, such as:

(1)       the recipient of the personal data is located within a country that benefits from a full “adequacy” decision of the European Commission;

(2)       the recipient may have adhered to binding corporate rules (only for intragroup transfers);

(3)       the recipient has signed a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or

(4)       where the recipient is located in the US, it is a certified member of the EU-US Privacy Shield scheme.

In the absence of these appropriate safeguards, we will ask you for your explicit consent for cross-border transmission of your personal data. In the meantime, security measures such as encryption, de-identification will be adopted for the safety of your personal data.

The personal data that we collect from you may also be otherwise transferred to, and stored at, destinations outside the EEA. It may also be processed by individuals operating outside of the EEA who work for our affiliates or for one of our suppliers.

In all cases, however, we will ensure that any transfer of your personal data is compliant with the applicable data protection law.

For more information about the safeguards relating to personal data transfers outside of the EEA, please contact our Data Protection Officer: privacy@oppo.com.


IX      How This Privacy Policy Is Updated

We reserve the right to update or modify this Privacy Policy from time to time. We will send you notifications of updates of this Privacy Policy in a form we deem appropriate or post a relevant notice online. This Privacy Policy was last revised on the date identified at the top of this Privacy Policy.

If you would like to exercise your rights or have questions or concerns regarding our Privacy Policy or practices, please contact our Data Protection Officer at the following address:

NO.18 Haibin Road, Wusha, Chang'an, Dongguan, Guangdong, PRC China

Email: privacy@oppo.com



Information about Your Right to Object in Accordance with Art. 21 of the General Data Protection Regulation (GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 (1) (f) GDPR. This concerns processing personal data for the purposes of legitimate interests pursued by us or a third party including profiling based on those provisions, cf. Art. 4 No. 4 GDPR.

Should you decide to object to the processing of your personal data, we will stop to process personal data concerning you, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the purpose of establishment, exercise or defence of legal claims.