Compliance

We fully comply with industry standards, applicable laws, and regulations.

Xiaomi respects and complies with relevant industry standards, laws and regulations. We fully demonstrate the compliance of our practices through regular self-assessment, third-party audits and certifications.

Global Certifications

Our practice has been rigorously tested and is worth the trust of users.
Xiaomi has been widely recognized by global third-party agencies in the field of information security and privacy protection. The authoritative information security and privacy certifications we obtained are the best embodiment of our leading position. These certifications comprehensively cover all components of Xiaomi, including mobile phones, MIUI system, IoT devices, internet applications and services, sales and service sector, and basic infrastructures.
ISO/IEC 27001
ISO/IEC 27001 has developed into the most authoritative, rigorous, and most widely accepted information security management standard in the world. The certification presents that Xiaomi has met the requirements of international standards and fulfilled our commitment to users,⁣ which puts Xiaomi in a leading position in the information security management area.
Certification No.
IS 718032
Scope:

Beijing Xiaomi Mobile Software Co., Ltd.
The provision of IT operation & maintenance services (including network operation, database operation, application operation, ERP and its components), Cloud Computing services (including Storage and Database, Data Processing and Analysis, Elastic Computing), Data services (including Data Statistics, Data Analytics and Visualization, User Portrait) for Xiaomi Group. The provision of the following systems design, development, testing and maintenance services for external clients: 1) E-commerce retail and related order, warehousing, logistics, customer service, and after-sales service; 2) Xiaomi Mobile Phone APPs, including MiCloud, Gallery, Security Center, Browser, Video International, Music, Game Center International, GetApps and MIUI basic applications. 3) Xiaomi IoT platform and Mi Home, Xiaomi Wear, Xiaomi Watch. This is in accordance with the Statement of Applicability, version V1.2 issued on Sep 20, 2020. Registration Address: #018, 8th Floor, Building 6, No. 33 Xi'erqi Middle Road, Haidian District, Beijing, China
Xiaomi Singapore Pte. Ltd
The provision of business operation service for XiaomiSingapore (including physical environment, HR and vendormanagement).
Xiaomi Technology Netherlands B.V
The provision of business operation service for XiaomiNetherlands (including physical environment, HR and vendormanagement).
Certification No.
I-ISMS202011003, I-ISMS202011002
Scope:

Xiaomi Technology India Private Limited
Mi Pay Application & its Related Infrastructure including Supporting Functions, Legal, HR, Administration & Commercials Department and Mi Credit Application & its Related Infrastructure including Supporting Functions Legal, HR, Administration & Commercials Department
ISO/IEC 27018
ISO/IEC 27018 is the first international code of conduct focusing on the protection of personal information in the cloud. This certification indicates that Xiaomi has effectively established a cloud data security and privacy management system to protect the users' data stored in the cloud.
Certification No.
PII 718033
Scope:

Beijing Xiaomi Mobile Software Co., Ltd.
The provision of IT operation & maintenance services (including network operation, database operation, application operation), Cloud Computing services (including Storage and Database, Data Processing and Analysis, Elastic Computing), Data services (including Data Statistics, Data Analytics and Visualization, User Portrait) for Xiaomi Group. The provision of the design, development, testing and maintenance services of Xiaomi Mobile Phone APPs, including MiCloud, Gallery, Security Center, Browser, Video International, Music, Game Center International, GetApps and MIUI basic applications for external clients. This is in accordance with the Statement of Applicability, version V1.2 issued on Sep 20, 2020. (ref. ISO27001:2013 certificate number IS 718032) Registration Address: #018, 8th Floor, Building 6, No. 33 Xi'erqi Middle Road, Haidian District, Beijing, China
ISO/IEC 27701
ISO/IEC 27701:2019 is the latest international standard designed solely for privacy protection. It effectively integrates privacy protection practices into the information security management system. This certification proves that Xiaomi has satisfied the strict requirements of privacy protection.
Certification No.
PM 736914
Scope:

Beijing Xiaomi Mobile Software Co., Ltd.
The provision of design, development, testing and maintenance services of Mi Home, Xiaomi Wear, Xiaomi Watch, Mi Store including its supporting order, warehousing, logistics, after-sales system in China. Organization role: PII Controller. This is in accordance with the Statement of Applicability
Certification No.
PM 738923
Scope:

Xiaomi Singapore Pte. Ltd
The provision of design, development, testing and maintenance services of Mi Home, Xiaomi Wear, Mi Store including its supporting order, warehousing, logistics, after-sales system in overseas (exclude EEA area). Organization role: PII Controller. This is in accordance with the Statement of Applicability, version V1.2 issued on Sep 20, 2020.(ref. ISO27001:2013 certificate number IS 718032) Registration Address: 60 Paya Lebar Road, #08-28 Paya Lebar Square, Singapore
Certification No.
PM 738935
Scope:

Xiaomi Technology Netherlands B.V
The provision of design, development, testing and maintenance services of Mi Home, Xiaomi Wear, Mi Store including its supporting order, warehousing, logistics, after-sales system in EEA area. Organization role: PII Controller. This is in accordance with the Statement of Applicability, version V1.2 issued on Sep 20, 2020.(ref. ISO27001:2013 certificate number IS 718032) Registration Address: Prinses Beatrixlaan 582 WTC The Hague, Toren C C08.01, 2595BM 's Gravenhage The Netherlands
TRUSTe Certification
TRUSTe certification is a privacy and data governance framework created by TrustArc, a certification organization specializing in privacy protection. This certification can prove that Xiaomi has established a complete and internationally recognized privacy compliance management system.
Scope:

Xiaomi Singapore Pte. Ltd
TRUSTe has certified that Xiaomi complies with TRUSTe’s Enterprise Certification. Xiaomi has demonstrated that the data privacy and governance practices governing the properties listed below meet TRUSTe’s Certification Standards. Web Properties: www.mi.com, en.miui.com, and account.xiaomi.com. Mobile Properties (Pre-installed apps): Mi Cloud, Messaging, Contacts and Dialer, Camera, Scanner, Calculator, FM Radio, Gallery, Explorer, Clock, Weather, Downloads, Music, Bug Report, Notes, Updater, Themes, Calendar, Mail, Security, and Compass and does not include the Browser app.
ioXt SmartCert
The ioXt Alliance sets out to be the Global Standard for Cybersecurity for the Internet of Things. The ioXt Certification Program follows the ioXt global standard, and measures a product each of the eight ioXt principles with clear guidelines for quantifying the appropriate level of security needed for a specific product. Once approved, the ioXt SmartCert informs end-users, retailers and ecosystem partners that a product is secure.
Certification No.
2021040025
Scope:
Company:Xiaomi Product:MI 11 Ultra Product SKU:M2102K1G
TÜV Rheinland Privacy Attestation
MIUI 12 is the world's first mobile system that has passed the TÜV Rheinland Android system enhanced privacy protection test, which fully proves that MIUI 12 has in-depth and complete security and privacy protection capabilities in the fields of app permission management, private information sharing, malicious behavior detection and interception, etc.
Certification No.
60364256 001
Scope:

Xiaomi Communications Co., Ltd.
According to the test result of privacy protection features, TÜV Rheinland has reached a conclusion that MIUI is providing usres with higher disposal rights, convinience, and guidance regarding privacy. We conclude that MIUI has reached adequate privacy protection level according to the requirement.

Local Laws and Regulations

Compliance with laws and regulations is our bottom line.Xiaomi operates globally and complies with the local laws and regulations for data protection in all operating regions. Regular reviews and audits ensure that we continue to meet these the legal requirements.

GDPR Compliance

Xiaomi complies with the current EU data protection law, which includes the GDPR. Before GDPR came into effect in 2018, we carried out a dedicated GDPR compliance project, covering all related teams and departments in the company. We finally passed the third-party audit for GDPR, which effectively proves our compliance with GDPR requirements. We also conducted the annual audit or assessment these years, to ensure that our data protection practices comply with GDPR requirements continuously.
The General Data Protection Regulation (GDPR), which went into effect 25 May 2018, creates consistent data protection rules across Europe.
The General Data Protection Regulation (GDPR), which went into effect 25 May 2018, creates consistent data protection rules across Europe.

Our Industry Affiliates

We work with industry leaders and implement best practices.We align and collaborate with industry leaders in the fields of security, privacy, and compliance to ensure that Xiaomi can always keep up with industry best practices.

IoT Security Foundation

Xiaomi joins the IoT Security Foundation (IoTSF) as a corporate member with openness and pragmatism. We follow the security assessment framework of IoTSF, and build our internal security management system and process for IoT products, to ensure that our IoT products are sufficiently secured.

International Association of Privacy Professionals

Xiaomi joins the International Association of Privacy Professionals (IAPP) as a gold member. We establish and maintain internal privacy management system in accordance with international standards. More and more professionals and engineers working in Xiaomi have obtained professional qualifications of IAPP, including CIPP/E, CIPM, and CIPT.