Privacy Shield Principles

We attach great importance to customer’s personal data and privacy protection. Dahua actively follows up and complies with relevant global privacy protection laws and regulations, such as the GDPR in Europe.

We incorporate Privacy by Design (PbD) as a fundamental priority into the design of technology specifications and business practices.Privacy considerations are embedded into the earliest stages of our product and service design, covering the entire life cycle of personal data from collection, transmission, storage, processing, and sharing to destruction.

While providing high-quality products and services, we promise that we will never collect or process any personal data beyond the principles of legality, legitimacy and necessity, and that the data processing activities all comply with relevant laws and regulations on personal data protection.

Privacy Technologies and Features

TEE

The Trusted Execution Environment (TEE) is a technical concept put forward by the Global Platform (GP) organization. Utilizing the ARM TrustZone hardware technology, two physically isolated computing spaces Normal World and Secure World are constructed, providing independent and credible running space for important and sensitive codes.

Trusted Database

Trusted database places database execution engine and storage engine in trusted execution environment, isolates and encrypts database data in memory, encrypts and stores database files, and encrypts and protects data access channels, thus preventing attackers' snooping and unauthorized access to data assets. It mitigates the risk of plaintext data leakage in terms of computing security, storage security and transmission security.

Privacy Masking

Using intelligent identification technology, the target area to be protected in the image is identified and located in the acquisition stage. The image is then processed twice. This technology covers the protected target area, and based on user's hierarchical management, ordinary users can only look at the blocked images. Only authorized management users can restore the complete image.

Privacy Impact Assessment

We follow international and domestic standards such as ISO/IEC 29134-Privacy Impact Assessment Guide and GB/T 39335-2020 Personal Information Security Impact Assessment Guide. It aims to identify the potential impacts of processing activities on the rights and interests of people and design appropriate control measures to reduce privacy risks. It objectively evaluates the effectiveness of security protection measures, significantly improves transparency and effectively protects users' privacy.

Assessment Preparation

The evaluation is analyzed/triggered by the evaluation threshold. The implementation is guided by a professional team and a complete privacy system library.

Scenario Analysis

Identify personal data assets, classify and grade them, comprehensively investigate product application scenarios and business process scenarios, form a data flow diagram and data list covering the whole life cycle, and complete data mapping analysis.

Risk Assessment

Identify the privacy risks involved in personal data processing activities, examine the effectiveness of protective measures, follow the risk analysis and risk evaluation criteria, comprehensively obtain privacy risks, and determine the risk level.

Risk Management

Give improvement suggestions and issue evaluation reports. Clarify the risk disposal strategy and measures, continuously track and evaluate the remaining risks, and control the risks within an acceptable range.

Assessment Preparation

The evaluation is analyzed/triggered by the evaluation threshold. The implementation is guided by a professional team and a complete privacy system library.

Scenario Analysis

Risk Assessment

Risk Management