Security Certification and White Paper
ISO 27001
Introduction
ISO/IEC 27001 is the world’s most authoritative, rigorous and widely recognized standard for information security management. Certification to this standard demonstrates leading capabilities in information security management, aligns corporate security practices with international requirements, and fulfills commitments made to users regarding data protection.
Provides R&D and manufacturing services for robotic lawnmowers, commercial cleaning robots, service robots robotic vacuum cleaners, window-cleaning robots, and air purification robots; delivers development, operation and maintenance services for Apps and online stores for users in China, Singapore, the United States and Germany. Offers local sales services, as well as information security management relating to local Finance, HR and IT support.
ISO 27701
Introduction
ISO/IEC 27701 is a globally recognized international standard for privacy information management systems. It provides an authoritative framework for organizations to establish, implement, maintain and continuously improve their privacy information management systems. Upon obtaining this certification, an organization can effectively manage privacy risks, process personal data in compliance with applicable regulations, and significantly enhance the trust of customers and stakeholders in data privacy protection.
Scope
Provides R&D and manufacturing services for robotic lawnmowers, commercial cleaning robots, service robots, robot vacuum cleaners, window-cleaning robots, and air purification robots; delivers development, operation and maintenance services for the ECOVACS HOME App and ECOVACS Mall for users in China.
Certificate Number
AU-ACT COC Certification
Introduction
Australia released the national mandatory regulatory instrument, namely the Cyber Security (Security Standards for Smart Devices) Rules 2025, in March 2025. This regulation applies to consumer-grade "relevant connected products" capable of connecting to the internet, either directly or indirectly.
This marks the first certificate issued by TÜV Rheinland for the entire smart device industry in compliance with the AU-ACT regulation, covering the X11 robotic vacuum cleaner.
CQC IoT Cybersecurity and Personal Information Protection Certification
Introduction
The IoT Product Cybersecurity and Personal Information Protection Certification issued by the China Quality Certification Center (CQC) is a product certification system tailored for IoT devices for household and similar applications. It is designed to help products meet cybersecurity and privacy compliance requirements for the Chinese market and enhance consumer trust. Obtaining this certification serves as a key means to demonstrate safety credibility and align with the regulatory intent of the Cybersecurity Law of the People’s Republic of China and the Personal Information Protection Law (PIPL).
Covers robotic vacuum cleaner products exported to the Chinese market
Model:
DEX86,DDX14,DDX11,DMX11,DDX12,DDX19,DDX29,DDX13,FM2342,DDX39,DSX39,DEX56,DDX15,DDX57,DDX67,DEX49, DEX49-1,DDH56,DEX68,DLX71,DEX61,DEX61-P,DDX67-1,DEX54,DEX62,DEX61-B,DEX61-G,DKX55,DKX56,FM24A2,DJX28,DEX99-1,DEX99-2,DEX89,DEX95,DEX35,DEX58
CQC23092410328
UK PSTI Certificate of Compliance (COC)
Introduction
The UK Product Security and Telecommunications Infrastructure Act (PSTI) is a mandatory cybersecurity market access regulation for consumer IoT products in the United Kingdom, which came into full force on 29 April 2024. Its core requirements are as follows:
1. Prohibit the use of universal default passwords;
2. Establish a public vulnerability reporting mechanism;
3. Clearly inform consumers of the supported duration for security updates.
Covers robotic lawnmowers, commercial cleaning robots, robot vacuum cleaners, and other related products.
Robot Vacuum Cleaner:
YDLX11-1
YDLX11-3
DEX56, DDX15
DDX57, DDX67
DDX14, DDX11, DEX11, DEX55, DBX33, DBX33-22, DBX23, DBX23-1, DBX53, DEX32, DLX23, DLX33, DLX53, DEX86, DKX55, DKX56, DDX39, DDX19, DDX13, FM2342
MPB11-11, MPB11-12, MPB12, MPB13, MPB14
DLX71
DEX61-P, DEX61, DEX68
DEX99-1
Robotic lawnmower:
GPR11, MPL11, GPL11
MR2452A, MR2452E, MR2452I, MR2452B, MR2452F, MR2452, MR2452C, MR2452H, MR2452L, MR2452K, MR2452D
Commercial cleaning robot:
SY13
CL 50640316
CL 50649812
CL 50649814
CL 50649815
CL 50661496
CL 50633618
CL 50633619
CL 50666467
CL 50673095
CL 50691284
CL 50702797
TÜV Rheinland 2PfG CH0003 Privacy Protection Certification
Introduction
TÜV Rheinland 2PfG CH0003 is a dedicated privacy protection certification standard launched by TÜV Rheinland specifically for smart home Apps and related IoT cloud services.
It is an application-layer focused specialized privacy certification, conducting assessments across three dimensions: management, technology and implementation. It evaluates whether products respect and protect users’ personal privacy and data security, with the core objective of helping products achieve compliance with the EU General Data Protection Regulation (GDPR).
ECOVACS HOME app+ server
UL IoT Security Rating Diamond Level Certification
Introduction
The UL IoT Security Rating is a high‑level, globally recognized market trust endorsement. Initially developed to address regulatory requirements across U.S. states, it has evolved into an internationally acknowledged industry benchmark.
The rating comprises five tier levels in ascending order: Bronze, Silver, Gold, Platinum, and Diamond. As the highest tier within this five‑level assessment framework, the Diamond Level signifies that a consumer IoT product possesses the most comprehensive security capabilities in the industry.
Issuing Authority: UL Solutions
Robot Vacuum Cleaner:
DEX61-P, DEX56, DEX61, DEX68, DEX61-Y, DEX99-1, DEX99-2、DEX95, DEX96, DEX35, DEX58
ETSI EN 303 645 Certification
Introduction
Robotic lawnmower
MPB11-11,MPB11-11,MPB11-12,MPB12, MPB13,MPB14,GPR11,GPR12,GPL11,MR2452A,MR2452E,,MR2452I,MR2452B,MR2452F,MR2452,MR2452C,MR2452H,MR2452L,MR2452K,MR2452D,MR2507,MR2507A,MR2507B,MR2507D,MR2507E,MR2507F,MR2508,MR2508A,MR2508B,MR2508D,MR2509,MR2509A,MR2509B,MR2452M,MR2452N,MR2452O
Window-cleaning robot
EU RED-DA Cybersecurity Certification
Introduction
RED-DA (Radio Equipment Directive – Delegated Act) is a supplementary regulation to the existing Radio Equipment Directive (RED, 2014/53/EU). It mandates three critical requirements for connected radio equipment: cybersecurity, privacy protection, and anti-financial fraud. It officially came into force on August 1, 2025.
Covers robotic lawnmowers, commercial cleaning robots, robot vacuum cleaners, window-cleaning robots and other related products exported to the European Union.
Robotic lawnmower:
GPR11, GPR12, GPL11
MR2507, MR2507A, MR2507B, MR2507D, MR2507E, MR2507F, MR2508, MR2508A, MR2508B, MR2508D, MR2509, MR2509A, MR2509B, MR2452M, MR2452N, MR2452O
MR2452A, MR2452E, MR2452I, MR2452B, MR2452F, MR2452,
MR2452C, MR2452H, MR2452L, MR2452K, MR2452D
Robot Vacuum Cleaner:
DKX55, DKX56, DLX14, DDX14, DDX11, DEX67, DDX57, DEX99-1, DEX95, DEX96, DEX61-P, DLX71, DEX54, DDX45, DEX68, DEX56, DDX15
Window-cleaning robot:
WG858-07
Commercial cleaning robot:
SY12,SY13
CL 50687230 0001
CL 50687242 0001
CL 50687244 0001
CL 50689678 0001
CL 50692960 0001
CL 50702111 0001
CL 50702767 0001
CL 50705958 0001
M5 69267769 0001
M5 69267917 0001
M5 69267969 0001
M5 69267968 0001
M5 69267967 0001
M5 69267991 0001
Classified Cybersecurity Protection
Introduction
The Cybersecurity Law of the People's Republic of China stipulates that the state implements the classified cybersecurity protection system, which constitutes the fundamental requirement for cybersecurity protection in China.
ECOVACS’ business information systems, including its mobile applications and new retail middle platforms, have successfully passed the Level-3 evaluation under the classified cybersecurity protection framework, fully complying with relevant regulatory requirements. This aligns the Company’s information security management with international standards and fulfills its commitments to users regarding data and privacy protection.