If you’ve spent time on r/homeassistant or r/aqara, you’ve seen the thread. Someone posts “Aqara is a Chinese company — are they harvesting your data?” and forty replies follow, half saying “it’s fine, they’re certified,” half saying “never trust the cloud.” Neither side typically cites the actual policy.
Aqara’s privacy policy was updated in March 2026. The GDPR version includes explicit language about what happens to your data when your hub runs locally. Here’s what the document actually says, where it falls short, and how to confirm local mode is doing what it claims.
TL;DR
Short answer: Aqara’s March 2026 policy (EU/GDPR version) explicitly states that when your hub operates in local-network-only mode, no personal data is transferred to Aqara for hub functions.
The catch: That guarantee only covers the hub device itself. The Aqara Home app still collects telemetry when your phone has an internet connection — regardless of how the hub is configured. Remote access, if you’ve enabled it, routes data through Aqara servers. And firmware update checks phone home even in local mode.
Who’s covered by the strong guarantee: EU residents using the GDPR version of the policy. Non-EU users get the global policy, which does not include the same explicit local-mode clause.
Verification: You can confirm local mode is working with a basic internet cutoff test, a Pi-hole DNS block, or your router’s traffic monitor.
What Changed in March 2026
Aqara’s revised privacy policy took effect March 20, 2026. They described it as a “revamp” — more structured, more explicit, clearer section labeling. The EU GDPR version added a dedicated section titled “HOW AQARA HOME AND AQARA HUB WORK IN GENERAL” that spells out the data flow across three scenarios: local-only control, firmware/support, and remote access.
The relevant clause, quoted directly: “If you would like to only control your smart home devices from within your home network, you do not need an internet connection and no personal data is transferred to us in order to enable these smart home functions.”
That’s meaningful language. Smart home privacy policies rarely go that specific about local-mode operation. Whether this language was present in earlier versions of the policy is difficult to confirm without archived snapshots — the key point is that it’s in the current GDPR-governed document, which means EU users now have explicit written language to point to, not just a marketing claim.
One framing note: the “revamp” descriptor could mean anything from a complete rewrite to a structural reorganization. The substance of the local-mode clause matters more than whether the intent was present before. Even if this isn’t new language, having it prominently stated in a dedicated architectural overview section makes it more actionable.
What “No Personal Data Transferred” Actually Means Technically
A quick grounding in what local mode means at the network level, for anyone who wants to verify the claim rather than take it on faith.
When your Aqara Hub M3 (or any comparable local-capable hub) is running in local mode, the data flow looks like this: Zigbee and Wi-Fi sub-devices talk to the hub over your home network. The hub talks to the Aqara Home app directly, also over your home network. Nothing in that chain needs to reach Aqara’s servers.
Compare that to cloud-relayed mode: your phone sends a command to Aqara’s cloud, the cloud relays it to the hub, the hub acts, confirmation goes back through the same path. Your home network is still involved, but Aqara’s servers are in the middle of every interaction.
In local mode, Aqara’s servers are not in the path. They’re not needed for automations, sensor triggers, schedules, or direct app control — as long as your phone and hub are on the same network.
The policy statement applies specifically to that scenario: hub functions, within your home network, with no outbound call required. If your home has no working internet connection at all and your automations still fire, local mode is active.
Aqara has been moving toward local-first architecture across their newer hubs. Recent versions of Aqara Home include a local control mode that switches the app from cloud-relay to direct LAN communication with the hub, so basic control continues even if your broadband is down.
What Data IS Still Collected — Being Honest About This
The policy says local-mode hub functions involve no data transfer. It doesn’t say Aqara collects nothing from you. Several categories continue regardless of hub mode.
Your Aqara account
Creating an account means handing over account name, email address, and profile photo. Stored until you delete the account. Standard for any cloud account service — not hub-mode-specific.
The Aqara Home app
This is the part that catches people off guard. When the app is running and your phone has an internet connection, it collects: device identifiers (IMEI, Device ID, OAID, ANDROID_ID), OS and app version, coarse location data (region, city, timezone — used for server assignment), IP address, network request logs, crash reports, and automation execution logs.
This collection happens at the app layer. The EU policy lists these items without any hub-mode conditional, which means app-level telemetry operates independently of whether your hub is running locally or via cloud relay. If your hub is running perfectly locally but your phone has internet access and the Aqara Home app is installed, the app is still phoning home.
If you want to minimize app-level telemetry, the most direct path is to control your devices through Apple HomeKit or Home Assistant rather than the Aqara Home app. More on that below.
Remote access sessions
If you’ve enabled remote access — so you can control your lights from outside the house — that traffic transits Aqara’s servers. The EU GDPR policy is explicit: “Aqara Home and the Aqara Hub both communicate with our EU-based servers and transfer personal data on your use of these products in order to provide these remote control functions.” Local mode and remote access are mutually exclusive for the purposes of the privacy guarantee.
Firmware update checks
Easy to miss. The policy includes an explicit carve-out: “personal data may be transmitted to us if you are connected to the internet and if you request support or for checking whether updates for your devices/software are available.” Update checks phone home. That’s standard across virtually all connected devices — your router and NAS do it too — but it means “local mode” isn’t literally zero outbound traffic, just near-zero for things that matter during normal operation.
The EU vs. Global Policy Gap
If you’re outside the EU, read this section carefully.
Aqara publishes two versions of their privacy policy: the GDPR-governed EU version, and a global/non-EU version. The “HOW AQARA HOME AND AQARA HUB WORK IN GENERAL” section — containing the explicit no-data-transfer clause for local-mode operation — appears only in the EU GDPR version. After a full review of the non-EU global policy, that section and that language are absent. The non-EU policy moves directly from its commitment statement to a “TYPES OF INFORMATION COLLECTED” list without any architectural overview of local vs. remote data flows.
EU users also get: the right to erasure, data portability rights, explicit consent requirements, and the specific statement that remote session data goes to EU-based servers.
Non-EU users — including most of Southeast Asia, North America outside GDPR scope, and the rest of the world — are governed by the global policy. That doesn’t necessarily mean Aqara collects more data from non-EU users in practice. It means the contractual guarantee is weaker, and there’s no equivalent clause to point to.
The practical implication: if you’re a non-EU user who cares about this, network-level verification matters more than policy text. Confirm local mode is working empirically rather than relying on language that doesn’t apply to you.
How to Confirm Local Mode Is Actually Working
Policy says one thing. Your network can tell you what’s actually happening. Four ways to verify, from least to most involved.
Basic cutoff test (no extra tools)
Assign your hub a static IP in your router’s DHCP settings. Block outbound internet access for that specific IP at the firewall level — or just pull your WAN cable for a blunt test. Trigger a local automation: motion sensor fires, light turns on. If it fires, local mode is active. If it breaks, you have a cloud-relay dependency somewhere.
This is the simplest test and good enough for most users to establish the baseline.
Router traffic monitor
If your router has per-device traffic monitoring (most Asus routers, pfSense, OPNsense, Unifi all support this), assign the hub a static IP and watch its outbound traffic during normal operation. You’ll likely see periodic traffic for time sync and update checks. You should not see continuous traffic while the hub is idle. Regular outbound hits to Aqara servers during automation activity is a flag.
Pi-hole or AdGuard Home
If you’re running Pi-hole or AdGuard Home — and if you’re deep enough into local smart home to be reading this, you probably are — you can block .aqara.com and .lumiunited.com at the DNS level for the hub’s IP.
If automations still run after the block, local mode is confirmed. Check your query log for the hub’s IP to see what domains it’s actually resolving. You’ll likely see firmware update check domains still appearing — expected per the policy carve-out.
Local control mode in Aqara Home
Recent versions of Aqara Home include a local control setting that switches the app from cloud-relay to direct LAN communication with the hub. When enabled, you can verify it’s working by temporarily disabling your internet connection and confirming the app can still control devices. Check your Aqara Home app settings for this option; availability varies by app version and hub model. If you can’t find it, the WAN-cutoff test above is the more reliable verification method in any case.
Aqara Local Mode vs. The Alternatives
For readers evaluating Aqara against other options, here’s how the privacy posture compares across common setups:
| Setup | Aqara cloud involved? | Privacy level |
|---|---|---|
| Aqara hub, local mode, Aqara app | Minimal (app telemetry, update checks) | Moderate |
| Aqara hub as HomeKit accessory | No (device talks to HomeKit directly) | High |
| Home Assistant + Aqara local API | No (HA talks to hub via local API) | High |
| Zigbee2MQTT with USB coordinator, no Aqara hub | None (devices pair over Zigbee directly) | Maximum |
The HomeKit path is worth highlighting. When you add an Aqara device to Apple HomeKit, the device communicates with HomeKit’s local/iCloud infrastructure directly. Aqara’s policy is explicit: they receive no personal data when devices are controlled through a third-party app like HomeKit, because the devices communicate directly with that app. If you’re in the Apple ecosystem, this is the cleanest option for removing Aqara from the data path while keeping the hardware.
For users comfortable with Home Assistant, the local API integration means HA talks directly to the hub over LAN — no Aqara cloud in the control path. Initial setup still requires an Aqara account for hub configuration, but ongoing operation is independent.
Zigbee2MQTT with a USB coordinator eliminates the Aqara hub entirely. Aqara sensors and devices pair directly over Zigbee — there’s no Aqara involvement after hardware purchase. Maximum privacy, but it means no Aqara hub, no Aqara app, and managing your own Zigbee network in Home Assistant.
The Bottom Line
The March 2026 policy update is a concrete step forward. Aqara put explicit written language in their GDPR policy stating that local-network-only hub operation involves no personal data transfer. That’s more specific than most smart home vendors have been.
But the guarantee in that language refers to hub device functions — not the app, not your account, not firmware updates. The app still collects telemetry when your phone has internet access. Remote access negates the guarantee. Update checks phone home.
For most users who want to stay on Aqara hardware: local mode as configured is a reasonable privacy posture, as long as you understand what you’re accepting at the account and app level.
For maximum privacy within the Aqara hardware ecosystem: run local mode, disable remote access, and control your devices through HomeKit or Home Assistant rather than the Aqara Home app. That combination removes Aqara from the data path for everything except firmware updates and your account record.
If you want Aqara hardware with zero ongoing Aqara cloud involvement: Zigbee2MQTT is the path. More setup, but the tradeoff is complete.
FAQ
Does Aqara collect data in local mode?
Per the March 2026 GDPR privacy policy: no personal data is transferred for hub device functions when operating in local-network-only mode. The Aqara Home app does still collect telemetry when your phone has internet access, even if the hub is running locally. Remote access sessions also involve data transfer.
Is Aqara safe for privacy?
That depends on your threat model. The hub itself, running locally, has a minimal cloud footprint. The Aqara Home app is less minimal — it collects device identifiers, location data, and usage logs. If the app’s telemetry is a concern, controlling via HomeKit or Home Assistant eliminates that. No smart home hub with a cloud-enabled app is fully zero-telemetry.
Does Aqara local mode actually work without internet?
Yes, for hub functions and locally-triggered automations. The basic test: block your hub’s internet access entirely, then trigger a local automation. If it fires, local mode is working. The hub does still attempt update checks and time sync when internet is available — minor, expected outbound calls, not data collection for hub function.
Does the EU vs. non-EU policy difference affect me?
If you’re in the EU: you have explicit contractual language covering local mode and stronger data rights overall. If you’re outside the EU: the global policy governs, and it does not include the same explicit local-mode clause. Non-EU users should verify local mode empirically at the network level rather than relying on policy language that does not apply to them.