Hangzhou Hikvision Digital Technology Co., Ltd.
Hikvision
Hikvision is the leading provider of innovative security products and solutions globally.
ID: 181069237409-88
Lobbying Activity
Response to A strategic vision for sport in Europe: reinforcing the European sport model
8 Dec 2025
Hikvision welcomes the opportunity to contribute to the European Commissions call for evidence on the European Sports Model (ESM). We strongly support the ESMs values-based approach and believe that practical, affordable digital tools can help grassroots clubs enhance participation in sports and deepen engagement with supporters. Please find evidence and recommendations to support your work on this initiative in the attached document.
Read full responseMeeting with Flavio Facioni (Cabinet of Commissioner Olivér Várhelyi) and Burson Cohn Wolfe SRL
24 Sept 2025 · Digitalization in the animal welfare’s sector along with the public consultation on on-farm animal welfare
Response to The EU Cybersecurity Act
18 Jun 2025
Hikvision welcomes the opportunity to contribute to the revision of the EU Cybersecurity Act. We believe a harmonized, risk-based, and proportionate approach is essential for a thriving digital single market. We advocate for clear, practical certification schemes aligned with international standards (e.g. ISO 27001, ETSI EN 303 645) and a strengthened ENISA with a clear mandate. Streamlining regulations, particularly through harmonized incident reporting requirements across NIS2, CRA, and GDPR, will reduce administrative burdens and promote efficiency. A robust ICT supply chain is also crucial for overall cybersecurity. We support efforts to enhance supply chain security through risk-based due diligence, vulnerability assessments, and incident response planning, while ensuring these measures remain balanced and proportionate to safeguard the EUs competitiveness and innovative potential. Hikvision's commitment to R&D, rigorous standards, and Secure-by-Design demonstrates our dedication to providing trusted technology. Our detailed recommendations are in the attached position paper. We look forward to engaging with the Commission and stakeholders on this important initiative.
Read full responseResponse to Report on the application of the General Data Protection Regulation
6 Feb 2024
Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision) is a world leading security product and solution supplier with offices in many EU Member States. We appreciate the opportunity to provide feedback and we were pleased to see that our previous input to the report on the application of the GDPR submitted on April 29, 2020 (F514205) was taken into consideration in the Communication from the Commission to the European Parliament following the public consultation.
Over the past four years, we have observed significant progress in GDPR implementation, particularly with the introduction of the new Standard Contractual Clauses encompassing four modules, the GDPR certification (Europrivacy), and the new guidelines on novel technologies (e.g. facial recognition) issued by the EDPB and national Data Protection Authorities (DPAs).
However, we believe there are areas where the application of GDPR could be improved:
Consistency
GDPR tends to be interpreted differently across EU Member States, posing a challenge for multinational companies. Notably, recommendations and opinions from DPAs regarding biometric data usage vary significantly. The Dutch GDPR Implementation Act for instance allows the use of biometric data under specific circumstances, such as for identification or security purposes. Conversely, other DPAs, such as the Spanish Data Protection Agency (AEPD) in its guidelines on the use of biometric systems for access and employee attendance control, virtually prohibits the use of biometric data in situations outlined in Article 9(2) GDPR.
While we understand that legitimate privacy concerns may lead to a negative perception around biometrics and AI, we believe these innovative solutions can offer significant societal benefits. For example, access control devices using facial recognition to limit entry to a restricted location can enhance security in case other methods do not provide a similar level of security.
We would appreciate further guidance on how GDPR applies to such uses of biometrics and AI and advocate for a unified position on the use of AI and biometrics in security products, especially in multi-identification mode access control devices, to promote a harmonised approach among EU Member States in this sector.
Data Subject Rights
As a device manufacturer, empowering those who have their data collected to exercise their rights, particularly the right to erasure, is of paramount importance. Security products primarily aim to protect individuals and property, requiring the retention of video footage for a certain period to guarantee the objectivity of the data. When receiving a request to erase certain footage during this period, controllers have to carefully consider the specific circumstances, assess the legitimacy of the request and balance this with the company’s legitimate grounds for retention as outlined in Article 17(3) GDPR. This process can be complex and may occasionally require specialized legal advice to correctly interpret and apply individual privacy rights while maintaining the secure environment mandated by operational requirements. We would therefore welcome clearer guidance on the scope of these exemptions.
Certification Mechanisms
We welcome the implementation of the Europrivacy certification, which demonstrates compliance when using innovative technologies like AI and IoT. It also allows technology providers to leverage GDPR as a competitive advantage in the market as encouraged by the EDPB and demonstrate accountability under GDPR. However, at present, only data processing activities can be certified under the Europrivacy certification. As a manufacturer, we would appreciate the availability of certification schemes pursuant to Article 42 GDPR that would demonstrate product compliance with specific GDPR requirements, such as data protection by design and by default principles outlined in Article 25 (1) and Article 25(2) GDPR.
Read full responseResponse to Cyber Resilience Act
23 Jan 2023
Hikvision appreciates the opportunity to participate to the consultation process on the proposed Cyber Resilience Act. Hikvision applauds the EU for its continued global leadership in developing a cybersecurity regulatory framework, and we welcome the proposal to create and apply strong requirements to protect end-users, end-user data, computing systems and the Internet at large. Please find our position paper attached and we look forward to engaging with the European institutions in the dialogue on this legislative initiative.
Read full responseResponse to Revision of the NIS Directive
13 Aug 2020
Hangzhou Hikvision Digital Technology Co., Ltd is a leading provider of innovative security products in the EU, ranging from public security to smart home security solutions. We welcome the opportunity to respond to the European Commission’s public consultation on the revision of the EU’s Network and Information Systems (NIS) Directive.
Hikvision takes cybersecurity and privacy very seriously. We develop and produce all our products with Security-by-Design and Privacy-by-Default in mind by integrating security assurances into the development, supply chain, sale and delivery processes. Our vision is to provide end-users with secure and trusted technology. We are constantly updating our own practices on network security and encourage more extensive communication among stakeholders, focusing on addressing the risks and increasing network defence capabilities. Hikvision is committed to deliver the most cybersecure products possible.
Cybersecurity is essential to ensure secure and trusted technology. It is a responsibility of all actors across the entire lifecycle of a device. We welcome the European Commission’s initiative to review the NIS Directive to further improve the resilience of networks and systems against cybersecurity threats in Europe. Hikvision shares the Commission’s view that fragmentation between the Member States needs to be addressed and a higher level of consistency needs to be achieved to increase the effectiveness of the NIS Directive.
Hikvision supports the Commission’s proposal for policy options, which based on the current framework would provide more detailed and precise rules, and extend the scope of the current Directive. In particular, in the area of the Internet of Things (IoT) devices we would welcome an addition of a security-by-design requirement. Such provision introduced for both software developers and hardware manufacturers would ensure a level playing field and provide for a minimum level of security for all devices, enhancing the overall security of network and information systems. Hikvision believes that manufacturers of IoT devices should be subject to independent assessment organization evaluating compliance of products with agreed standards and levels of encryption before they enter the internal market.
Hikvision would also welcome additional clarity on the role of hardware manufacturers and software developers, which play an important role in enabling operators of essential services and digital service providers to secure their network and information systems.
With the increasing digitalisation of the society and growth in demand for internet-based solutions, Hikvision believes that further action to improve security of network and information systems, and enhance information exchange between stakeholders to effectively counter cybersecurity threats is essential. We therefore very much support the Commission’s efforts to further advance cybersecurity in the EU.
Read full responseResponse to Report on the application of the General Data Protection Regulation
29 Apr 2020
Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision) is the world’s largest manufacturer of video surveillance products and the largest supplier of such technologies in Europe. We welcome the opportunity to provide feedback on the application of GDPR since its entry into force two years ago.
Video technology plays an increasingly important role in nearly all aspects of everyday life, from national security, law enforcement, business, healthcare, education, culture, personal and property protection, and social networking. We are proud that our products make a positive difference for society, safeguarding people, places and assets, and providing important data and business intelligence for end users.
As a specialist in commercial video-surveillance we fully appreciate the privacy-related sensitivities and believe that individuals should not have to choose between safety and privacy. It is therefore, essential that privacy laws strike a balance between maintaining privacy and the need to collect personal data for legitimate purposes – whether securing a private location or collecting traffic data for smart road management. For the most part, the application of GDPR in its two first years has managed to do just that.
However, we believe that there remain ways of improving its application, as follows:
- Consistency: There is still considerable variation across Member States in relation to key concepts under GDPR including, the permissibility of video surveillance. This remains the case in spite of the guidelines published by the EDPB in July 2019. We would welcome a common position in order to unlock the growth potential of the European Single Market in this sector.
- Novel Technologies: Technological innovation is the driving force for Hikvision and we continuously develop novel technologies utilizing big data, AI, FRT, biometrics and deep learning. However, due to a lack of understanding, such technologies are increasingly portrayed as a risk to privacy. On the contrary, we believe such innovative solutions can be extremely positive and help stakeholders better manage the complexities and risks of modern society – and in certain cases enhance the privacy of individuals. We would welcome guidance on how the GDPR applies to such technologies.
- Controller / Processor: We would welcome further practical guidance on the controller/processor distinction, in particular in light of recent CJEU judgments. For Hikvision further clarity in particular would be welcomed in the context of AI-supported surveillance devices and whether a developer would continue to be a controller post-deployment.
- Liability: the EDPB draft guidelines on Data Protection by Design and by Default extend liability to manufacturers. We welcome this development but urge the European Commission to ensure a clear legal framework defining parameters as to when a manufacturer stops being liable – in particular, when and where the actions of a customer are at variance from the normal and expected use of devices.
- Legal Basis: Whilst alternatives to consent are acknowledged by the EDPB in a number of its guidance documents, we would welcome further clarification in the context of special category data processing, for example, the use of biometrics in an employment context (where valid consent is much harder to obtain) or use of facial recognition technology for surveillance purposes.
- Data Subject Rights: We would welcome practical guidance on responding to subject access requests. An example, of where this raises concern is in the EDPB’s guidelines which state that prior to disclosing personal data in response to a data subject access request, all third parties should first be anonymised. Whilst this may be appropriate in certain instances, the cost and time spent doing this routinely would be incredibly high for Hikvision and its customers.
Read full response