Committed to Protecting your Data

When we say your data is none of our business, we mean it.

We believe it’s important for all DJI users to know we do not sell user data to advertisers. That’s not our business model and it never will be. It’s also, frankly, none of our business. We just want you to enjoy the experience of flight and take incredible photos and videos.

Providing the best possible experience is easier when we know how our products and apps are performing. We also need to inform our users about geofencing zones around airports and other sensitive locations, to help them make smart decisions and fly safely. Accomplishing these goals requires access to some information about where and how you fly. We only access the bare minimum necessary to meet these needs, and we go to great lengths to ensure it is thoroughly protected.

A History of Protecting Privacy

When DJI began operations in 2006, it was primarily a resource for remote-controlled aircraft hobbyists. As we now know, things progressed rather quickly, and within a few short years the company went from developing components and kits for hobbyists, to manufacturing ready-to-fly recreational drones used daily around the world. As the rapid adoption of drones has created new challenges and new expectations, DJI has worked tirelessly with our growing community of users to stay ahead of the curve and protect the privacy of their information.

DJI also understands that achieving robust data security means inviting critical assessment from outside parties. We created our Bug Bounty Program in 2017, offering rewards up to $30,000 to security researchers who responsibly discover and report flaws in DJI systems. DJI’s information security unit continues to enhance and bolster our security processes, including mandatory security training for developers, new controls on their work, and an internal penetration testing program to proactively root out other potential issues. More details of the Bug Bounty Program are available at security.dji.com.

We don’t solely rely on our Bug Bounty program to detect security flaws, however. To go one step further and provide an outside perspective on our data protection efforts, we hired an independent third party to perform a comprehensive and unrestricted investigation into our data security systems. San Francisco-based Kivu Consulting, Inc., completed a thorough examination of DJI drones, mobile apps, and servers, as well as the data streams they transmit and receive. They concluded DJI drone users have control over how their data is collected, stored, and transmitted. You can read more about their research and conclusions by visiting here.

How We Manage Data

Here’s how DJI’s data sharing options are set by default:

App Performance Data

App performance data is sent to DJI to report bugs and usage statistics. This data is critical to help DJI understand how our flight control apps function in the real world, such as by determining common errors and popular features. DJI collects this data in aggregate and cannot identify individual users or use patterns from it. Users may deactivate transmission of this data in the settings menu of the DJI consumer flight control app.

User Experience Data

Basic information is compiled about each drone flight, including its duration, distance and average number of pictures taken per flight. This helps DJI understand how our customers use our products and how we can improve their experience. DJI collects this data in aggregate and does not associate this data with a particular user or with precise location data. Users may deactivate transmission of this data in the settings menu of the DJI consumer flight control app.

Location Check Data

Location data is used to update nearby geofencing information, such as restricted airspace and temporary flight restrictions, as well as to comply with national radio frequency restrictions. The DJI consumer flight control app first uses GPS data, IP address, and/or mobile network ID (MCC ID) to determine where the drone is operating. Then, to protect the privacy of the operator’s precise location, the DJI consumer flight control app applies a random offset of as much as 10 kilometers before transmitting Location Check Data to DJI. Location Check Data sharing cannot be deactivated in the DJI consumer flight control app. Users can block transmission of this randomized Location Check Data by disabling the internet connection on their device, but doing so will deprive them of the most current and accurate geofencing warnings.

Here’s what data users can opt to share with DJI:

Photography/Videography Data

This refers to the photos and videos that get stored on the drone’s SD card or the DJI consumer flight control app on your mobile device. This data is never shared with DJI unless you manually turn on the sharing feature in the app.

Flight Log Data

This is data related to your drone’s flight and includes information about altitude, speed, distance, location (e.g., GPS coordinates), and your control stick operations. This data will only be shared with DJI if you manually use the “Sync” button on the DJI consumer flight control app interface.

How We Store Our Data

Data of international users collected by DJI is stored on best-in-class servers located in the United States. For the majority of this data, we use Amazon Web Services (AWS). The only data stored elsewhere are multimedia files users voluntarily upload to DJI’s social media sharing forum SkyPixel. This data gets stored on Alibaba Cloud servers, which are also located in the U.S.

Our Commitment

Having access to user data is a serious responsibility. Our commitment to our customers is that we will continue to bolster the security of our technology and will keep our customers apprised of our data policies and practices.