Privacy Policy for Wi-Fi Barcode Scanner Devices and Services

Last Updated: April 4, 2026

1. Introduction

This Privacy Policy (“Privacy Policy for Wi-Fi Barcode Scanner Devices and Services”) describes how NETUM Electronic Technology Co., Ltd (“Company,” “we,” “us,” or “our”) processes personal data in connection with our Wi-Fi barcode scanner devices and related firmware update services.

This Policy applies to:

  • Use of the Device
  • Network transmission of scanned data
  • Over-the-air (“OTA”) firmware updates
  • Limited data processing in connection with technical support and after-sales services

Important: The Device is designed so that, by default, scanned data is transmitted directly to customer-designated systems and is not collected, stored, or processed by the Company.

2. Roles and Responsibilities

2.1 Customer as Data Controller

In most deployments, the customer (or system integrator) acts as the data controller (or equivalent role under applicable law), determining:

  • What data is collected via scanning
  • Where such data is transmitted
  • How such data is stored, used, shared, and retained

2.2 Company Role

The Company generally does not act as a data controller or processor with respect to scanning data because:

  • We do not receive or access such data in the default configuration
  • We do not determine the purposes or means of processing such data

Where the Company processes limited data (e.g., support logs), it acts as an independent controller for that specific data.

3. Data Processing Overview

3.1 Scanning Data

The Device captures:

  • Barcodes
  • QR codes
  • Other machine-readable identifiers

By default:

  • Scanning data is transmitted via Wi-Fi to a destination configured by the customer
  • The Company does not receive, store, or access this data

3.2 Customer-Configured Destinations

Customers may configure transmission to:

  • Internal servers
  • Private cloud environments
  • Network-attached storage (NAS)
  • Third-party platforms (e.g., ERP, WMS, MES systems)

Processing within such systems is governed by the respective system operator’s privacy practices.

4. Categories of Data We Process

4.1 Data We Do Not Collect (By Default)

We do not collect or process:

  • Scanned barcode or QR code content
  • Customer business data (e.g., inventory, orders, logistics records)
  • Files or datasets generated through scanning
  • Historical scan records stored in customer systems

4.2 Limited Data We May Process

We may process limited information in the following circumstances:

(a) OTA Update Logs

  • IP address
  • Request timestamps
  • Firmware version information
  • Device model or compatibility identifiers

(b) Technical Support Data

  • Log files voluntarily provided by customers
  • Screenshots or diagnostic files
  • Contact information (e.g., email address)

Such data is processed solely for support, maintenance, and service improvement purposes.

5. OTA Firmware Updates

OTA updates are delivered via a Content Delivery Network (“CDN”) and are used exclusively for firmware distribution.

5.1 Purpose

  • Deliver firmware updates
  • Maintain device security and functionality

5.2 Data Characteristics

OTA processes do not involve scanning data.

5.3 Technical Logs

Certain network-level logs may be generated as part of standard internet communications.

To the extent such logs qualify as personal data under applicable law, they will be handled in accordance with this Policy.

6. Legal Bases for Processing (Where Applicable)

Depending on the jurisdiction, we rely on the following legal bases:

  • Legitimate Interests (e.g., system security, troubleshooting, product improvement)
  • Contractual Necessity (e.g., providing requested support services)
  • Legal Obligations (where required by applicable law)

We do not process scanning data and therefore do not rely on legal bases for such data.

7. Data Sharing and Disclosure

We do not sell or share personal data for cross-context behavioral advertising.

We may disclose limited data:

  • To service providers (e.g., CDN providers) strictly for service delivery
  • To comply with legal obligations (e.g., court orders, regulatory requests)
  • In connection with corporate transactions (e.g., mergers, acquisitions)

All disclosures are limited to what is necessary.

8. International Data Transfers

Where data is transferred across borders (e.g., via CDN infrastructure), we implement appropriate safeguards, such as:

  • Standard contractual clauses (where applicable)
  • Industry-standard security measures

Customers are responsible for ensuring compliance for data within their own systems.

9. Data Retention

We retain personal data only as long as necessary for:

  • Providing support services
  • Maintaining system security
  • Complying with legal obligations

We do not retain scanning data because we do not collect it.

10. Data Security

We implement reasonable administrative, technical, and organizational safeguards, including:

  • Data minimization practices
  • Access controls
  • Secure transmission protocols

However, customers are responsible for securing their own systems and data environments.

11. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access personal data
  • Request correction or deletion
  • Restrict or object to processing
  • Request data portability

Important Limitation

We can only fulfill requests for data we actually possess.

For scanning data, requests should be directed to the system operator that stores such data.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident:

We do not sell personal information

We do not share personal information for targeted advertising

We collect only limited technical and support-related data

You have the right to:

  • Know what personal information we collect
  • Request deletion of such information
  • Correct inaccurate information

Requests can be submitted via the contact details below.

13. Singapore PDPA and Other Jurisdictions

Where applicable (e.g., Singapore PDPA):

  • We limit collection to what is reasonable and necessary
  • We ensure appropriate protection of personal data
  • We support access and correction requests

Customers remain responsible for compliance regarding scanning data handled within their systems.

14. Changes to This Policy

We may update this Policy from time to time to reflect:

  • Product changes
  • Legal or regulatory updates
  • New features (e.g., cloud services, telemetry, account systems)

Material changes will be communicated via appropriate channels.

15. Contact Information

For privacy-related inquiries or requests, please contact:

Email: support.kirley@netum.net


16. Key Transparency Statement

For clarity:

  • The Device does not transmit scanning data to the Company by default
  • The Company does not access or store customer scanning data
  • Customers retain full control over data destinations and processing

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this website, update the "Last updated" date and provide notice as required by applicable law.