Privacy Pillars We Believe In
Local Security*
Our security solutions are designed to operate locally and, wherever possible, avoid using the cloud. This includes storing video footage locally and managing key processes like facial recognition directly on the chip in the user’s device.
Transparency
Our privacy notices and policies are intended to help you understand our data practices and how those practices affect your experience. By maintaining transparency, we aim to build trust with you and empower you to make informed decisions about protecting your data.
In Your Control
eufy gives you control over your home security experience. You deserve to know everything happening inside and outside your home or property. This empowers you to manage your videos, devices, and personal information confidently.
Privacy Protected by Responsible Data Practices
How Do We Keep Your Recordings Safe?
Default Encryption
eufy encrypts your important data (e.g., video footage, event lists, facial recognition data) in transit by default. Even if someone were to steal your storage drive or security device, your important data would be protected from unauthorized access.
Advanced Encryption
The Advanced Encryption option uses end-to-end encryption to ensure that your security videos can only be decrypted by you on your authorized devices. The keys to your security videos are saved in a vault that only you know the password to.
How Do We Keep Your eufy Account Safe?
Two-Factor Authentication
Two-factor authentication (2FA) is available in multiple regions worldwide. When you enable this feature, logging in requires your password, as well as an additional verification code sent to your trusted email or phone number.
Shared Users
You control who has access to your eufy devices. You can remove any shared user at any time. Only the primary account owner can grant permissions to other users.
Notifications of New Device Logins
Whenever a new device logs into your eufy account, you will receive an email notification.
How Do We Make Sure You Are in Control?
Centralized Control Center
The Control Center allows you to view and manage important privacy and security settings (e.g., user profile, device sharing) from one dashboard in the eufy Security app.
Privacy Zones
eufy Security products and apps provide the Privacy Zones feature that enables you to easily draw and designate areas you don't want to be monitored. Once activated, these zones are excluded from live streams and recordings, ensuring your private spaces remain private.
Personalize Your Push Notifications
eufy adheres to the principle of minimalism in notifications. By default, you'll receive text-only alerts. If you opt for push notifications with thumbnail previews, the notifications will include the corresponding images.
eufy Bug Bounty Program
Teaming with HackerOne, we invite security industry experts and researchers to help us build a better eufy ecosystem. If you discover any security vulnerabilities in our products and services, please promptly report them to us. We will investigate, replicate, and resolve the issue. We offer compensation to researchers who bring validated security vulnerabilities to our attention.
Compliance and Certifications
Our technology and processes have been rigorously tested to align with third-party and industry-recognized privacy and security standards. Below are the certifications that our products, processes, and policies have completed.
ISO/IEC 27001:2013
ISO/IEC 27001 is the world's best-known standard for information security management systems (ISMS). Its best-practice approach helps organizations identify and manage the security of their information assets.
ISO/IEC 27701:2019
ISO/IEC 27701 is an extension of ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. It provides guidance on protecting privacy, including how organizations should manage personal information, and assists in demonstrating compliance with global privacy regulations.
ETSI EN 303 645
ETSI EN 303 645 is a European Standard for cybersecurity for consumer IoT security. This technical standard mainly regulates the cybersecurity of consumer IoT products and services, helping them comply with security guidelines by design, and supports global IoT product network security and European GDPR compliance.
NISTIR 8259 IoT Security Evaluation
The US National Institute of Standards and Technology has developed a cyber security guide for IoT device manufacturers, providing pre-market risk identification, appropriate security control measures, and how to meet customers' cyber security needs after market launch.
TRUSTe
TRUSTe's certification body, TrustArc, is an internationally authoritative organization for privacy compliance assessment. Products that receive certification from this organization are recognized as having aligned with top-tier international privacy standards in terms of relevant compliance and data management capabilities in privacy protection.
PSTI Compliance Attestation
PSTI is legislation in the UK designed to regulate cybersecurity for home networks and IoT devices. This demonstrates that eufy meets stringent cybersecurity requirements outlined in the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023.
FAQs
1. How is eufy's vulnerability management program? Besides the above bug bounty program, what other information can I look up?
Eufy values product security and has established a rigorous vulnerability management plan. In addition to the bug bounty program, you can find other details of our vulnerability management plan on this page, including methods for reporting vulnerabilities, status of vulnerabilities, and other information. For more information, click here.
2. When does eufy record or store my videos?
eufy records and stores videos locally when your device detects motion. If you subscribe to our cloud storage service, your videos will also be securely stored in the cloud and can be deleted anytime. Your videos will be automatically and permanently deleted from our servers based on the cloud storage period of your plan.
3. How can I share videos?
Your videos can be downloaded* as decrypted files from your local storage to a device such as a computer or phone using your eufy Security account. After downloading, you can share those videos. Only share videos with those you trust.
*24/7 continuous recordings cannot be downloaded.
4. How can I access and view my recordings?
You can access and view your stored videos, download them, and delete them via the eufy Security app, and you can access and view the videos via the eufy Security Web Portal too.
5. How secure are my recordings?
We are committed to keeping your data safe. Your videos are stored locally and secured with AES encryption by your eufy devices. You need to use the eufy software and be logged in to your account to view the videos. If you use cloud storage, data is encrypted in transit between your eufy devices and AWS (Amazon Web Services). In addition, your data is protected with both TLS (Transport Layer Security) and SRTP (Secure Real-time Transport Protocol). AWS also encrypts videos stored in AWS for additional data protection.
6. Who can view my recordings?
We have settings and features that put you in control of who can view your videos. For example, you can add Shared Users to your account who can view and download video recordings. You can also download the videos to your device and share them with your family or friends by sending them the video file.
7. Why should I add Shared Users?
With Shared Users, you can share device access with others without sharing your login credentials. Shared Users can receive and answer alerts, view live videos and recordings, and modify their personal alert settings. With admin-sharing permissions, they can delete videos and change device settings.
8. If I request eufy’s assistance in troubleshooting my device or video recordings, will eufy view my video recordings?
If you are having issues with your device or video recordings, you can request assistance from the eufy Security app’s Help menu or the eufy Community. Depending on the issue, eufy may ask you for permission to view your video recordings to troubleshoot the issue. Additionally, you can choose whether to provide eufy with limited, short-term access to view your video recordings solely for the purpose of troubleshooting issues.
9. Does eufy view recordings for research and development?
Since our customers store their video recordings locally on their eufy Security devices, users would have to voluntarily share their videos with the eufy Security team.
10. Does eufy share video recordings with third parties?
No. Because we're using local storage* mechanisms, eufy Security has no access to our users' video recordings.
11. Do eufy Security devices use the cloud for any storage or analysis processes?
To provide users with push notifications to their mobile devices, some of our security solutions create small preview images (thumbnails) of videos that are briefly and securely hosted on an AWS-based cloud server. These thumbnails utilize server-side encryption and are set to automatically delete.
12. Can eufy team members activate and view my live stream?
No. eufy team members cannot activate and view live streams from your eufy devices.
*If you choose to use cloud-based features such as cloud storage or push notifications with thumbnail previews, videos and/or thumbnail previews will be sent to the cloud as needed to provide your selected features.