Skip to main content
We need a better phone for our mental health. Learn more about The Better Phone Project and join our discussion "Attention and finding balance"

Softlock Solution Supplement

Effective April 17, 2023

This statement supplements HMD Global Privacy Policy for products and services.

HMD Softlock is a pre-installed solution that enables remote locking of a mobile device. HMD Softlock is used in one or more of the following programs:

1) Device financing. To finance your device purchases, third parties may offer a financing program that allows you to purchase devices in installment plans. HMD Softlock will check if the device is enrolled in a financing program during the first use and after each factory reset. If the device is part of a financing program, HMD Softlock functions according to the financing program terms. For example, the device can be locked if the payments are overdue, or until the relevant payment has been made.

2) Network locking. The device might have been configured to work only with the SIM card of a specific network service provider. In case you insert a SIM card from a different network service provider, HMD Softlock will restrict services and features or lock the device. The device will resume normal operation once you insert the SIM card that is supposed to be used with the device.

3) Subscription. Devices hired from HMD Global or third parties may come with HMD Softlock pre-installed and be remotely locked under the circumstances described on the applicable terms and conditions.

We process Softlock data only to (i) enable HMD Softlock to work on the device, (ii) identify the device to be locked and unlocked and to (iii) develop our products and services. Signing up to device financing, network locking or subscription program may require you to agree to terms and conditions and privacy policy of such program.

Softlock solution

Why are we processing your data?

1. Providing our products and services as explained above:

We enable HMD Softlock to work on the device and identify the device to be locked and unlocked.

What data are we processing?

  • Softlock data: Phone identification number (IMEI), device model, software and hardware details, product serial number (PSN), IP address and information about software crashes and errors.
    • What is the basis for processing data? Contract between us.

2. Development of our products and services:

We analyze data to understand our customers better and to improve our products and services.
What data are we processing?

  • Softlock data: Phone identification number (IMEI), device model, software and hardware details, product serial number (PSN), IP address and information about software crashes and errors.
    • What is the basis for processing data? Our legitimate interest of developing our products and services.

How long is the data retained?

Softlock data is retained for 36 months after the unenrollment from the program.

Do we transfer personal data?

What personal data is transferred?

1. Softlock data

Who are the recipients of the personal data and where are they located?

  • Cloud platform in the EU/EEA.

    • What are the transfer safeguards? Data in the EU/EEA.
  • Financing program partners (partner locations are dependent on the geographical location where you decide to join such program).

    • What are the transfer safeguards? Data in the EU/EEA for European service providers. Data remains in the country in question for non-EU/EEA service providers.
  • Network locking program partners (partner locations are dependent on the geographical location where you decide to join such program).

    • What are the transfer safeguards? Data in the EU/EEA for European service providers. Data remains in the country in question for non-EU/EEA service providers.
  • Subscription program partners (partner locations are dependent on the geographical location where you decide to join such program).

    • What are the transfer safeguards? Data in the EU/EEA for European service providers. Data remains in the country in question for non-EU/EEA service providers.

You can find previous versions of this document here: