Privacy Shield Framework

Company Overview

ZKTeco complies with the EU-U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. ZKTeco has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov.

In compliance with the EU-U.S. Privacy Shield Principles, ZKTeco commits to resolve complaints about your privacy and our collection or use of your personal information. EU individuals with inquiries or complaints regarding this privacy policy should first contact ZKTeco at the contact information listed below.

ZKTeco has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

Please note that if your complaint is not resolved through these channels, under limited circumstances, EU individuals may seek recourse through a binding arbitration option before a Privacy Shield Panel.

If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

For purposes of this Policy:

“Personal Information” means any information that (i) is transferred from the EEA to ZKTeco in the United States; (ii) is about an identified or identifiable individual; and (iii) is recorded in any form.
“Data Controller” means an entity that alone or jointly with others determines the purposes and the means of the processing of Personal Information.
“Data Processor” means an entity that processes Personal Information on behalf of a Data Controller in accordance with the Data Controller’s instructions.

As part of ZKTeco’s Web-based applications, ZKTeco’s customers (and their designees, including other service providers to such customers) are permitted to submit electronic data and information, including personal data (which can include your name and associated time punch data retrieved during operation of the time clock), to ZKTeco’s servers. In this context, ZKTeco acts as a data processor and does not determine how its customers’ data is utilized in ZKTeco’s servers and its customers are the Data Controllers. ZKTeco does not choose or determine the types of data that are submitted to ZKTeco’s servers, and any access to or use of such data by ZKTeco is in connection with completing the contractual obligations of ZKTeco, as data processor, to its customers. As part of ZKTeco’s professional services operations, ZKTeco processes data and information, including personal data, on behalf of its customers. In this context, ZKTeco acts as a data processor on behalf of its customers and its customers are the Data Controllers.

Where ZKTeco acts as a data processor, ZKTeco does not have a direct relationship with individuals whose Personal Information ZKTeco processes in the US. In these circumstances, ZKTeco’s customers are responsible for providing the required access, notice and choice to individuals.

ZKTeco acknowledges the right of individuals to access their personal data for the purposes of editing, correcting or deleting it. As a third-party processor, however, ZKTeco ‘s customers are responsible for providing the required access to individuals.

In the event our assistance is requested in determining how data once collected is handled, we will assist within the limits outlined in this Policy. Individuals may reach us by email or standard mail, see all contact information at the end of this Policy.