Quectel Security Statement
Security is a fundamental consideration for the IoT industry, and as a global IoT solutions provider, we are committed to maintaining the highest standards of security in all aspects of our operations, products and services. We place security at the center of what we do and have implemented rigorous security measures to ensure the integrity of our products and services and our customers’ privacy and data.
Quectel continuously works to improve its security measures within R&D processes, software and hardware technology, certification, organizational structure, personnel setup and system management. To maintain the security of our products, we have implemented strict security protocols and processes throughout the entire development, manufacturing and testing process. We regularly review and update these protocols to ensure they meet the latest global and local security standards and requirements.
We value customer information security and privacy and work with numerous international certification organizations to obtain security accreditations. Quectel has the Information Security Management System of ISO/IEC 27001: 2013, the Privacy Information Management System of ISO/IEC 27701:2019 and TRUSTe Enterprise Privacy Certification. Moreover, Quectel is in the process of obtaining ISO/SAE 21434:2021 certification for automotive industry cybersecurity.
At Quectel, we collaborate with a diverse group of strategic partners, including leading companies such as Amazon, Microsoft, NVIDIA, Qualcomm and STMicroelectronics, and globally recognized standards organizations to achieve our goals. As a member of the GSMA, CTIA, 5GAA, 3GPP and the GSA, we actively participate in working groups to advance the IoT sector and security standards. Our modules conform to the network access standards of global operators and follow all the necessary network security specifications. Quectel’s modules are certified by more than 80 major operators globally – a full list is available on request, and regulatory and conformance bodies like CE, FCC, GCF, PCS, PTCRB, Bluetooth® SIG and the Wi-Fi Alliance. Furthermore, we are committed to transparency in our operations and have taken steps to provide our customers with greater visibility into our security practices.
Quectel is committed to complying with the General Data Protection Regulation (GDPR). We understand the importance of protecting the personal data of our customers, partners and employees, and we have implemented appropriate technical and organizational measures to ensure GDPR compliance. We are committed to continually reviewing and improving our practices to ensure the highest level of data protection for our stakeholders.
This statement applies to Quectel Wireless Solutions Co., Ltd. and its worldwide subsidiaries.
Operator Certifications
Quectel actively expands overseas business, and has been certificated by more than 80 major operators in the world, which fully shows that Quectel modules conform to the network access standards of operators at home and abroad and follows the network security specifications of operators.
80+ Certifications:
- NA-FCC/PTCRB/IC/T-Mobile,Verizon/AT&T/TELUS
- CN-CCC/RRC/NAL/NCC
- EMEA- CE/RCM/Telstra 600;
- ROW- ANATEL, KT, KC
Security and Privacy Certifications
Quectel attaches great importance to the information security and privacy protection for customers, and has established communications and conversations with a number of international authoritative certification organizations around the world. By obtaining more and more international authoritative security certifications, Quectel continuously improves its internal management norms and security protection capabilities. “To provide customers with secure and reliable products and services” is the constant service tenet of Quectel. In order to continuously enhance the security credibility of the products, Quectel looks forward to reaching cooperation with more international authoritative certification organizations, and jointly explore the IoT security.
Quectel has obtained ISO27001 Certification for information security, ISO27701 Certification for privacy information and TRUSTe Enterprise Privacy Certification.
ISO/IEC 27001: Information Security Management System
ISO27001 is an information security management system standard, which can effectively ensure the reliability of enterprises in the field of information security, reduce the risk of enterprise information leakage, and better protect the core data.
Quectel has obtained ISO27001 (Information Security Management System) certification issued by the internationally renowned standard certification body BSI (British Standards Institution).
ISO/IEC 27701: Information Security Management System
ISO27701 is a privacy information management system standard, which extends the management of privacy on the basis of ISO/IEC 27001 information security management and ISO/IEC 27002 security control. It is an international management system standard that provides guidance on protecting personal privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.
Quectel has obtained ISO27701 (Privacy Protection Management System) certification issued by the internationally renowned standards certification body BSI (British Standards Institution).
Quectel is in the process of obtaining ISO/SAE 21434:2021 Certification for automotive industry cybersecurity. Quectel is looking forward to continuously standardize and improve the security capabilities of the company and its products to escort customers in terms of information security and privacy protection.
TRUSTe Certified Privacy
TRUSTe certification, launched by TrustArc in the United States, is currently one of the most authoritative privacy protection certification organizations in the world. TRUSTe certification results have been highly recognized by the European Data Protection Commission and the data protection authorities of the member states of the European Union, and are used as one of the proofs to demonstrate the compliance ability and level of enterprises. Quectel has successfully obtained the Enterprise Privacy Certification and GDPR Validation Letter from TrustArc, one of the global authorities in privacy protection.
ISO/SAE21434:2021(E)
ISO/SAE 21434:2021 is currently one of the most important international standards in the field of automotive information security. For automotive field, Quectel continues to carry out ISO/SAE 21434 international certification for automotive information security on the basis of its original information security, aiming to demonstrate the security capabilities of Quectel automotive modules to customers through more professional and authoritative certification.