Data Security and Privacy at Autel Robotics
In an era defined by advanced technology and connected devices, concerns around data security and user privacy have become increasingly important. Autel Robotics recognises these concerns and has implemented comprehensive technical and organisational measures to protect user data across its drones, software, and industry applications.
Autel Robotics provides robust data protection frameworks designed to ensure transparency, user control, and secure handling of all information throughout the product lifecycle. As a result, customers gain clearer visibility into how data is handled. In addition, Autel Robotics prioritises user choice at every stage. For example, permissions limit access to sensitive information, while encryption protects data at rest and in transit. Moreover, security controls support industry customers who require consistent, auditable protections.
User Data Protections
Respect for user privacy remains a core principle at Autel Robotics. Therefore, Autel Robotics does not access user data without explicit authorisation and consent. Instead, the company applies encryption, permission controls, and secure infrastructure to protect sensitive information.
Permission Based Personally Identifiable Information PII
Users control access to personally identifiable and sensitive information such as email addresses and mobile phone numbers. Autel Robotics protects this data using AES-256 encryption and stores it securely in AWS data centres. Additionally, the company applies a multi-layer security model to strengthen confidentiality and integrity. AES-256 is widely regarded as one of the most secure symmetric encryption standards and is commonly used to protect highly sensitive data, including financial and medical records.
Aircraft Log Information
The system stores flight logs locally on the user’s device, including app and firmware versions, telemetry, and flight trajectories. Consequently, users maintain direct control over log retention. Autel Robotics uses this information only when the user explicitly authorises access, and only for after-sales support purposes.
Limited Server Access
During service operations, Autel Robotics servers identify only the essential aircraft and application information required to deliver the service. At the same time, the system avoids collecting or accessing user content. In short, service functions rely on device identification and application status, not user data.
Secure Data Transmission
Autel Robotics protects data integrity during transmission by using industry-standard encryption protocols. Specifically, the company secures both command links and data streams to reduce interception and tampering risks.
Drone and Remote Control Communication
The system secures image and data transmissions between the aircraft and remote controller using AES-256 and AES-128 encryption algorithms.
Autel Explorer App Security
The Autel Explorer App uses HTTPS for communication between the app and servers. As a result, SSL and TLS technologies encrypt the transmission channel and protect confidentiality during communication. HTTPS is widely trusted and supported by established standards organisations. Accordingly, TLS and SSL help maintain data security during transmission.
Media Storage Security
Autel Robotics also protects media stored on SD cards through encryption and access controls. In practice, these safeguards help prevent unauthorised access if storage devices are lost or shared.
Onboard Storage Encryption
The system encrypts media files using AES-256, and SD cards support onboard password protection. When users enable encryption, only the user can access stored data. Autel Robotics cannot retrieve or bypass these passwords. Therefore, users retain full control over onboard media.
Erasable Data and User Control
Autel Robotics provides straightforward ways to remove data and manage accounts. Consequently, users can reduce retained information and maintain control over data lifecycle decisions.
Account Deletion
Users can delete accounts directly within the Autel Explorer App. After deletion, the system removes associated data, including logs and cached information.
Server Data Deletion
After an account is deleted, the system automatically and permanently deletes related logs and other information stored on Autel Robotics servers. In other words, server-side data is removed in an irreversible manner.
Device Factory Reset
Users can restore devices to factory settings through system controls. As a final step, this option helps eliminate residual stored data on the device.
Additional Security Measures
Autel Robotics uses additional safeguards to further strengthen data protection. Notably, these measures reduce friction while limiting unnecessary exposure.
Registration-Free and Login-Free Upgrades
Users can run firmware upgrades without registration or account login. As a result, upgrades remain simple while reducing unnecessary data collection.
Local Photo and Video Storage
The remote controller stores photos and videos locally and does not upload them to any server. Therefore, media remains on the device and stays under user control.
The US DoD UAS Blue List
Users sometimes ask about Autel Robotics and the US Department of Defense UAS Blue List. To clarify, the UAS Blue List applies only to procurement standards for internal US DoD use.
It does not extend to other federal, state, or local agencies. Likewise, it does not apply to public or private organisations in the United States or elsewhere. Importantly, the absence of a product from this list does not indicate reduced safety or security. Instead, the list remains intentionally limited to US DoD internal operations.
Conclusion
Autel Robotics remains committed to high standards of data security and privacy protection. Overall, encryption, transparent data practices, and user-centric controls help protect the safety and confidentiality of user data while supporting reliable drone operations.
