Xiaomi Account Privacy Policy
Our Privacy Policy was updated on March 28, 2023.
Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions.
Introduction
Xiaomi Account and its related services, including account creation, sign-in, and management, are provided by Xiaomi and its affiliated companies (hereinafter referred to as "Xiaomi", "we", "our", or "us").
We are committed to protecting your privacy. This Privacy Policy sets out the principles on which Xiaomi Account operates, and constitutes an important part of Xiaomi Privacy Policy. In the event of inconsistency between this Privacy Policy and Xiaomi Privacy Policy with respect to Xiaomi Account, the former shall prevail. For the terms and conditions not stipulated in this Privacy Policy, Xiaomi Privacy Policy shall prevail. Terms and conditions regarding the protection of minors, security measures, and cross-border data transmission can be found in Xiaomi Privacy Policy.
This Privacy Policy is designed with your needs in mind, and it is important that you have a comprehensive understanding of our personal information collection and usage practices, while ensuring that ultimately, you have control of your personal information provided to Xiaomi. This Privacy Policy explains how we collect, use, disclose, process and store any information that you give us when you use Xiaomi Account. You may consult the privacy policies of the relevant services for terms and conditions regarding collection and use of personal information when you use other services while signed in to your Xiaomi Account. Under this Privacy Policy, "personal information" means information that can be used to directly or indirectly identify an individual, either from that information alone or from that information combined with other information about that individual available to Xiaomi. We will use your personal information strictly following this Privacy Policy.
Ultimately, what we want is the best for all our users. Should you have any questions about our data handling practices as summarized in this Privacy Policy, please contact us via https://privacy.mi.com/support to address your specific concerns. We will be happy to hear from you.
1. What information we collect and how we use it
1.1 Personal information that we collect and use with your authorization
The purpose of collecting personal information is to provide you with products and/or services, and to ensure that we comply with applicable laws, regulations and other regulatory requirements. You have the right to choose whether or not to provide the information we have requested, but in most cases, if you do not provide your personal information, we may not be able to provide you with our products or services or respond to your queries. Features and services that may need to collect your personal information include:
1.1.1 Basic features
A. Creating accounts and signing in
When registering a new Xiaomi Account, you will need to provide a phone number or email address to use as the account name and create a password. Your account and password will be encrypted and stored to our servers. We strongly advise you not to share your password information to prevent theft of your Xiaomi Account by others.
B. Completing account information
While using various Xiaomi services, you may receive better service quality and user experience by adding basic information to your Xiaomi Account profile, including profile photo, nickname, gender, and country or region, as well as setting up a secret question for security purposes. If you choose not to provide this information, this will not affect your use of the basic services and features of Xiaomi Account.
1.1.2 Features necessary for ensuring account creation and sign-in security
In order to enhance system security when you use our products and/or services, prevent phishing website fraud, and protect account security, we will verify your identity through SMS verification as well as secondary verification when necessary. To this end, we will collect SMS verification codes and secondary verification codes.
We will also collect your account creation/sign-in time, device-related information (such as IMEI/OAID (on Android Q), device model, and operating system version), device sensor information (such as angular velocity and acceleration), and network information (such as the IP address generally used when signing in) in order to judge whether or not the account creation or sign-in environment is secure.
1.2 You are fully informed that we may collect and use personal information without your consent if:
1.2.1 The personal information is vital to national security and defense;
1.2.2 The personal information is vital to public safety, public health, and major public interests;
1.2.3 The personal information is related to criminal investigations, prosecutions, trials, or execution of judgments;
1.2.4 The personal information is essential for protecting major legitimate rights (including life and property) and interests of the personal information subject or other people, but it is hard to obtain the subject's consent;
1.2.5 The personal information collected is made public by the subject at their own discretion;
1.2.6 The personal information is collected from public sources, such as news reports or government announcements;
1.2.7 The personal information is necessary for us to sign the contract as required by you;
1.2.8 The personal information is necessary to maintain the safe and steady operation of products and/or services provided, such as for discovering and handling faults of products and/or services;
1.2.9 The personal information is required for legal news releases; and
1.2.10 The personal information is de-identified in the results of statistical or academic research based on public interest.
1.3 Collection of personal information from third-party sources
When permitted by law, we will collect information about you from third-party sources. For example, you may authorize the pairing of a third-party account with your Xiaomi Account, sign in to the third-party account to use Xiaomi services, or authorize your profile photo, nickname, or other information to be imported to the third-party platform; or for risk management purposes, we may receive information regarding the security of your account creation/sign-in environment (such as phone number risk level databases) via a third party.
1.4 Non-personally identifiable information
We may also collect other types of information which are not directly or indirectly linked to an individual (and which may not be defined as personal information). This information may include statistical data generated when you use a specific service, such as sign-in/sign-out records, interaction records, and error records when you use Xiaomi Account services. The purpose of such collection is to improve the services we provide to you. The type and amount of information collected depends on how you use our products and/or services. We aggregate this information. In its aggregated form, data is not personal information and cannot be used to identify you. However, if we combine non-personally identifiable information with personal information, such combined information will be treated as personal information for as long as it remains combined.
2. Sharing your personal information with third parties
To ensure that we provide you with the services described in this Privacy Policy, we may share necessary personal information with our partners and other third parties, including:
When you sign in with Xiaomi Account on a third-party website or app, we will, upon your authorization and approval, share your nickname, profile photo, and other information (depending on the nature of the third party's services and products) with the third party. If you do not wish to allow the third party to access your personal information, do not grant authorization.
Please note that we will ensure the security of your information through means such as encryption, but handling of your personal information by third parties is subject to the privacy policy of the relevant third party. For this reason, we recommend that you read third parties' privacy policies just like you read ours. You can cancel authorization for third parties at any time in "Accounts and permissions" on https://account.xiaomi.com/.
Part of the service content for Xiaomi Account is provided by third-party service providers. For this reason, we need to provide some of your personal information to these providers. Below are instances in which we may share your personal information with third party service providers. If we share your personal information with such third parties, we will take appropriate measures to ensure the security of the processing of your personal information, including but not limited to the encryption of your personal information. We will reasonably examine the data security environment of the companies and organizations with which we share personal information and sign data processing agreements with them; we will require third parties to take sufficient measures to protect your information and strictly abide by the relevant laws and regulations as well as regulatory requirements.
Messaging service provider
NXCLOUD ASIA PTE. LTD. Privacy Policy: https://www.nxcloud.com/privacyPolicy
3. Retention policy
We retain personal information for the period necessary for the purpose of the information collection described in this Privacy Policy or as required by applicable laws. We will cease to retain and delete or anonymize personal information once the purpose of collection is fulfilled, or after we confirm your request for erasure, or after we terminate the operation of the corresponding product or service. An exception to this is personal information that we are processing for public interest, scientific, historical research or statistical purposes. We will continue to retain this type of information for longer than its standard retention period, where permitted based on applicable laws, even if further data processing is not related to the original purpose of collection.
4. Your rights
4.1 Controlling settings
We recognize that privacy concerns differ from person to person. Therefore, we provide examples of ways for you to restrict the collection, use, disclosure, or processing of your personal information and to control your privacy settings:
• View and update your account security information, personal information, permissions, and device management on your device in Settings > Xiaomi Account, or by signing in to https://account.xiaomi.com;
• Sign in or out of the Xiaomi Account.
If you have previously agreed to us using your personal information for the aforementioned purposes, you may change your mind at any time by contacting us on https://privacy.mi.com/support.
4.2 Your rights to your personal information
Depending on applicable laws and regulations, you may have the right to access, rectification, erasure (and certain other rights) in relation to personal information that we hold about you (hereinafter referred to as the request). These rights will be subject to specific exclusions and exceptions under applicable laws.
You may also access and update the details relating to the personal information in your Xiaomi Account at https://account.xiaomi.com or by signing into your account on your device. For additional information, please write to us or contact us via https://privacy.mi.com/support.
It will help us to process your request most efficiently if it meets the following conditions:
• The request is submitted through Xiaomi's exclusive request channel detailed above and for the protection of your information security, your request should be in writing (unless the local law explicitly recognizes the oral request);
• You provide sufficient information to enable Xiaomi to verify your identity and ensure that you are the data subject or legally authorized to act on the data subject's behalf.
Once we obtain sufficient information to confirm that your request can be processed, we shall proceed to respond to your request within any timeframe set out under your applicable data protection laws. In detail:
• Based on the requirements of applicable laws, a copy of your personal data collected and processed by us will be provided to you upon your request free of charge. For any extra requests for relevant information, we may charge a reasonable fee based on actual administrative costs according to the applicable laws.
• If any information we are holding on you is incorrect or incomplete, you are entitled to have your personal information corrected or completed based on the purpose of use.
• Based on the requirements of applicable laws, you have the right to request the deletion or removal of your personal information where there is no compelling reason for us to keep using it. We shall consider the grounds regarding your erasure request and take reasonable steps, including technical measures. Please note that we may not be able to immediately remove the information from the backup system due to applicable legal restrictions and/or security technology limitations. If this is the case, we will securely store your personal information and isolate it from any further processing until the backup can be cleared or be made anonymous.
We have the right to refuse to process requests that are not meaningful, manifestly unfounded or excessive, requests that damage others' right to privacy, extremely unrealistic requests, and requests that require disproportionate technical work, as well as requests not required under local law, regarding information that has been made public, and regarding information given under confidential conditions. If we believe that certain aspects of the request to delete or access the information may result in our inability to legally use the information for the aforementioned anti-fraud and security purposes, it may also be rejected.
4.3 Withdrawal of consent
• You may withdraw your consent previously provided to us for a particular purpose by submitting a request, including collecting, using, and/or disclosing your personal information in our possession or control. Withdrawing your consent to Xiaomi Account will also cancel your Xiaomi Account. You may also contact us on https://privacy.mi.com/support to request cancelation. We will process your request within a reasonable time from when the request is made, and thereafter will not collect, use and/or disclose your personal information as per your request.
• Attention: Your withdrawal of consent may result in some legal consequences. Additionally, you may not be able to continue receiving the full benefit of Xiaomi's products and services, depending on how much authority you grant us to process your information when you use Xiaomi Account. The withdrawal of your consent or authorization will not affect the validity of our processing carried out upon your authorization up until the point of withdrawal.
4.4 Canceling a service or account
If you wish to cancel your Xiaomi Account, you may do so by following the steps in Settings > Xiaomi Account > Help > Delete account, or by visiting https://account.xiaomi.com.
Please note that cancelation of the Xiaomi Account will prevent you from using the full range of Xiaomi products and services. To protect your or others' legitimate rights and interests, we will judge whether or not to support your request for cancelation based on your use of various Xiaomi products and services. For example, if there still exist monies outstanding on your account, we cannot immediately support your request.
5. Contact us
If you have any comments or questions about this Privacy Policy or any questions relating to Xiaomi's collection, use or disclosure of your personal information, feel free to contact us by visiting https://privacy.mi.com/support. Please include "Privacy Policy" in your contact message. When we receive questions about personal information or requests to download or access items, we have a professional team that addresses such concerns. If your question itself involves a significant issue, we may ask you for more information. If you are not satisfied with the response you received, you can hand over the complaint to the relevant regulatory authority in your jurisdiction. If you consult us, we will provide information on the relevant complaint channels that may be applicable based on your actual situation.
Mailing address:
#006, 6th Floor, Building 6, 33 Xi'erqi Middle Road, Haidian District, Beijing
China 100085
Xiaomi Singapore Private Limited
20 Cross Street, China Court #02-12
Singapore 048422
For users in the European Economic Area (EEA):
Xiaomi Technology Netherlands B.V.
Room 04-106, Wework Strawinskylaan 4117 4th Floor, Atrium North Tower Amsterdam, 1017XD