ZTE Corporation, an industry-leading supplier of advanced telecommunications solutions, has successfully completed the TRUSTe Enterprise Privacy Certification evaluation conducted by TrustArc, a privacy compliance authentication authority, proving ZTE’s security construction of its data processing and transmission.
The accreditation applies to ZTE Terminal Hotline Services, which include Multiple Core services like the International Hotline, After-sales Domestic Hotline, Domestic Online Service, and Global Mailbox of ZTE Terminal Products.
TRUSTe is one of the world’s most authoritative privacy certifications. Its Privacy Certification Framework Standard covers fourteen dimensions: Data Necessity, Data Collection and Processing Activities, Data Cross-border Transmission and Disclosure, User Rights, and so on. That is based on universal privacy protection systems like the APEC and EU GDPR Privacy Framework, as well as other international standards, for example, the ISO27001 Information Security Management System.
ZTE security’s Terminal Hotline Services, as a key service window for worldwide consumers, is strongly tied to cross-border data transmission and large user data processing. Its privacy management capabilities directly impact how users perceive ZTE’s data security and data privacy protection. Passing the TRUSTe Certification means that TrustArc strongly values ZTE Terminal Hotline Services’ security and privacy protection strength and extraordinary performance in protecting user privacy.
Faced with the challenges of the digital world, ZTE places a high value on security and privacy protection. It complies with the privacy and data protection regulations and laws in the countries and areas where it operates. To offer comprehensive privacy protection for worldwide customers and users, ZTE will continue to develop a full-scenario privacy security mechanism for its global Terminal Hotline Services.
With the mature data compliance and privacy management methods of TRUSTe authentication, ZTE will expand its systematic design and security standards of privacy protection to defend user privacy.
What makes ZTE security so trustworthy? According to the ZTE Private Protection White Paper launched in 2022, ZTE has established comprehensive company-level privacy protection rules that is complied with applicable privacy protection regulations and laws like the GDPR (General Data Protection Regulation) of Europe.
ZTE adopts unique governance for critical businesses and nations and includes privacy protection standards in product design, internal control and management, and service delivery, to enhance the compliance management integration with business and promote product innovation with compliance.
ZTE security not only implements compliance management in a top-down approach to construct a risk-oriented management framework for data protection but also integrates scenario-based compliance regulations into commercial activities to reflect the actual business.
With the management attaching considerable importance to privacy protection, ZTE has matched data security and privacy protection compliance with its business development strategy, as well as stated the goals and long-term plan of the privacy protection compliance management.
ZTE benefits greatly from first-rate industry experience and cases. So it has not only successfully blocked privacy protection concerns but also met stakeholders’ expectations and requirements.
For instance, ZTE security has built a collaborative working structure to ensure compliance with privacy protection. Its privacy protection team reports to the Compliance Management Committee, and is made up of DPOs (Data Protection Officers), the Compliance Audit Dept., and others. The team is in charge of developing and implementing compliance management needs. The Compliance Audit Dept handles audits and investigations.
The Compliance Management Committee, as the highest-level institution in the system, is charged with making decisions on major data protection compliance matters and giving guidance accordingly. The Data Protection Compliance Dept., as a specific department for privacy protection, is tasked with investigating and interpreting international data protection regulations and laws, as well as formulating, planning, supervising, and implementing, privacy protection compliance rules and strategies, and evaluating and examining compliance risks in some specific business procedures.
ZTE security implements privacy protection on the basis of Data Protection Compliance Dept., the Compliance Audit Dept, and BU compliance teams. The Data Protection Compliance Department develops compliance policies based on regulatory prerequisites and the industry’s risk tolerance. BU compliance teams help promote compliance rule application and assess the requirement and reasonableness of the regulations in order to optimize OPEX. To enhance risk management and eliminate blind spots revealed by the regulations, the Compliance Audit Department has established multiple information channels to inspire employees to submit violations, while conducting investigations and audits, and penalizing violators accordingly.
In addition to the specific organizational structure, ZTE security also established its rule system, process mechanism, as well as risk management and control, ensuring a comprehensive network of services. In the ahead years, ZTE will continue to focus on specific scenarios to build and implement a privacy protection system into its business processes and gain more authoritative certification to showcase its trustworthy products and services.