DATA
PROTECTION POLICY
(Effective
Date: Jan. 25, 2021)
Please read
this Data Protection Policy (the “Data
Protection Policy”) carefully.
By using the Application, installing and/or using and/or accessing the smart
services through the Application, you agree to be legally bound and abide by
this Data Protection Policy. The click on the "agree" locating at the
bottom of this policy indicates that you have read and accepted this Data Protection
Policy. By using the Application and/or the smart services, you acknowledge and
accept this Data Protection Policy and consent to the collection and use of
your data and information in accordance with this Data Protection Policy.
This Data Protection Policy applies to information about
you that is collected by us, Qingdao Hisense Hitachi Air-conditioning
Systems Co.,Ltd., as set forth herein,with detailed information as below:
Qingdao Hisense Hitachi Air-conditioning Systems Co.,Ltd.
No. 218, Qianwangang Road
Economic and Technological Development Zone
Qingdao, China
Our representative in European Union is VERDATA DATENSCHUTZ GmbH
& Co KG, with detailed information as below:
VERDATA DATENSCHUTZ GmbH & Co KG
Römerstraße 12, 40476 Düsseldorf, Germany.
Email:hisensehitachi.representative@verdata.eu
We may update this Data Protection Policy from time to time in
response to changing legal, technological and business developments. When we
update our Data protection policy due to the above reasons, we may post the
updated version on the applicable website or by providing such notice about or
obtaining consent to changes as may be required by applicable law. By
publishing data protection policy online and by publishing a link to the policy
on the login page of the portal for managing connected Devices, we provide you
with constant access to the Data Protection Policy.The Data Policy is available
at https://en.connectlife.io/connectlife/privacy_policy_himit.html .
This Data Protection Policy does not apply to information that you
provide directly to, or is collected by, third
parties whose Smart Services you access via Internet or other
application(s), system(s). You should review the applicable privacy
policy and/or terms of use of any third party service providers whose Smart
Services you access via Internet or other application(s), system(s).
“Device” means the air conditioning
product(s) manufactured/provided by us, which
is connected with the Application by you.
“Personal Data/Personal Information” means information that
is about any individual, or from which any individual is directly or indirectly
identifiable, in particular by reference to an identifier such as a name, an
identification number, location data, an online identifier or to one or more
factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that individual.
“Process”, “Processing” or “Processed” means
anything that is done with any Personal Data, whether or not by automated
means, such as collection, recording, organization, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction.
“Site” means any website operated, or maintained, by us or
on our behalf.
“Smart Services” means all the types of services
or functions typically available from the Application, offered by us,
through Application to connect, administrate your Device, including turn
on/off, diagnose Device failure, setting your favorite Device mode or
running schedule, etc.
We only collect and process your personal data that are relevant
for the operation of connected Devices, the Site or which are legally requested
to be collected (and processed):
·
Account Registration Data. All of these
data will be directly provided by you. For the registration of an
account and providing support in case of any malfunctions (obligatory
in case the Application/Site will be used), you may provide:
Ø email address;
Ø password needed for using
the Application/Site (unless a supported third-party application providing
this service is used);
Ø first name, last
name, language, contact phone, address (street, house nr., zip code, city, country);
Ø profile picture you offered to
show with others.
·
Device Usage Related and Diagnostic Data. These data
will be collected directly or indirectly from the devices you use. This
includes the data in relation to usage cycles of the Devices, about the
data recorded and obtained by internal diagnostic sensors and are related to
the operation and/or usage of the Devices, data regarding technical
performance, data related to possible error messages.
Ø Position information of your mobile devices;
Ø Type of your air conditioner, air conditioning current;
Ø Temperature
and humidity of indoor unit and temperature of outdoor unit;
Ø Power
consumption of your air conditioner;
Ø Working modes of your air conditioner;
Ø Abnormal
information reporting of equipment.
·
Non-Personal Data. When you use the Device, we may
also collect certain information that, by itself or in combination with other
such information, cannot be used to identify you individually, or contact you
personally (“Non-Personal Data”).
Ø Online
warranty information;
Ø Your
local electricity price;
…….
·
Personal Data of minors . We are committed
to protecting the Personal Data of children, and recognize that
parents, guardians, or other adults may purchase the Device for family use,
including by minors. As such, Smart Services accessed through
the Sites, Application are not intended for use by individuals
under the applicable legal adult age and we will not knowingly collect Personal
Data from individuals under such age for any purpose, nor will we accept
registration from such individuals. In some cases, particularly
where information is collected electronically, we may not be able to determine
whether information was collected from children under local legal age, and
we treat such information as though it were provided by an adult. If we
learn that a child under local legal age has provided any Personal
Data, we will use commercially reasonable efforts to delete such
information. WE EXPRESSLY
DISCLAIM ANY RESPONSIBILITY OR LIABILITY FOR THE USE, OR MISUSE, OF SUCH
FEATURES BY CHILDREN IN VIOLATION OF THIS DATA PROTECTION POLICY.
We may Process your
Personal data for the following purposes:
·
Verifying your identity and help you set up / administering user
accounts;
·
Connecting the Application with your chosen Devices so that you
can manage your devices;
·
Creating groups and inviting members, and realizing joint operation
and management of devices through your groups;
·
Providing you with your local weather service;
·
Providing you with online warranty service and contacting you;
·
Providing the Electricity Statistic and the Energy Management
services to you;
·
Sharing your device and your own information with the group
members;
·
Building the linkage between air conditioners and the room
temperature;
·
Controlling your device with a time scene.
·
Communicating with you via any
means (including via email, telephone, text message or in person)
news items and other information in which you may be interested, subject to
ensuring that such communications are provided to you in compliance with
applicable law; maintaining and updating your contact information where
appropriate; and obtaining your prior, opt-in consent where required.
·
Engaging with you for the purposes of obtaining your views on our
products and services.
·
Detecting, investigating and preventing breaches of policy, and
criminal offences, in accordance with applicable law.
·
Establishing, exercising and defending legal rights.
·
Compliance with our legal and regulatory obligations under
applicable law.
·
Identifying issues with Sites, Application and Smart
Services; planning improvements to Sites, Application and Smart
Services; and creating new applications and Smart Services.
·
We may use Non-Personal Data for our internal purposes, such as to
understand aggregate usage patterns, to administer the Device, or to provide
you with improved features.
·
We may combine Personal Data and Non-Personal Data collected with
other data in order to provide and improve services provided in connection with
the Sites, Application and the Smart Services. We may also
combine Personal Data we collect online with information available from other
sources, including information received from our affiliates, marketing
companies, or advertisers. If we combine any Non-Personal Data with
Personal Data, the combined information will be treated as Personal Data under
this Data Protection Policy for as long as it remains combined.
We will only disclose your Personal Data to the
extent that such disclosure is necessary:
·
In order to maximize your rights and interests, and provide you
with better service, we may share your personal data:
o
With our representatives in the EU and associated data processors.
·
For legal, security or safety purpose to share your personal data:
·
For the transaction in connection with other companies to share
your personal data:
During your use of this Application, we will continue to save your Personal
Data.
If you no longer use this Application, you can click the “Delete
Account” button through the Application. After you confirm the deletion of your
account, we will clear your Personal Data left in this Application.
In case any other regulatory or legal requirement would oblige us
to keep the data, the data will be kept for as long as legally
required. In case we do no longer need the personal data, we may destroy,
delete, anonymize it.
If we have the ongoing legitimate business need, we may continue
to process the data related to the usage of the appliance for statistical
purposes with intention to improve and upgrade our service and appliance
features in the future. When you have any requirement on the data retention,
please contact us.(hisense.vrf.iot@hisense.com.)
According to local laws and regulations, where
applicable, you may have the following rights:
·
to access Personal Data we store and process ;
·
in some cases, to withdraw your consent to our processing of your
personal data. You have the right to withdraw your consent. In case
we have legitimate reason to continue processing of your personal data we will
continue to do so (in either case, we will inform you about the withdrawal
procedure);
·
to rectify your data in case the stored and processed personal
data is not accurate or is incomplete;
·
to erase your personal data, where we might continue to retain
personal data if we are entitled or required to do so;
·
to object to and the request that we restrict our processing of
your personal data in some circumstances;
·
the right to contact the corresponding supervisory authority and
file a complaint if you find that your personal data of our application
may be leaked.
·
the right to obtain a copy of your personal information.
In case you would like to enforce your rights according to
local laws and regulations, you can contact our support email: hisense.vrf.iot@hisense.com
6.1 YOUR CALIFORNIA PRIVACY RIGHTS
Data Subject Rights – California Residents
This portion of our Data Protection Policy advises
California residents of the applicable rights as provided in the California
Consumer Privacy Act (“CCPA”) and how to effectuate these rights by
communicating with us. Please note, we will seek to verify your identity when
we receive an individual rights request from you in order to ensure the
security of your personal information.
If a California resident wishes to make any of the requests
described below, such as access and deletion, he or she may contact us as
provided in the “Contact Us” section below. You may be able to exercise some of
the below rights, such as access and deletion, by using the management features
available in your account. You may authorize an agent to make such a request on
your behalf. We will seek to verify your identity and your agent’s authority
when we receive an individual rights request from you or on your behalf to
ensure the security of your Personal Information, and may need to collect
additional Personal Information to do so.
Right to Deletion of Personal Information
California residents have the right to request the deletion
of Personal Information as prescribed in Section 1798.105(a) of the CCPA. We
may not delete some or all Personal Information if such Personal Information is
necessary for us, or our service providers or affiliates, to:
• Complete
the transaction for which the Personal Information was collected, provide a
good or service requested by the consumer, or reasonably anticipated within the
context of our ongoing business relationship with the consumer, or otherwise
perform a contract between us and the consumer,
• Detect
security incidents, protect against malicious, deceptive, fraudulent, or
illegal activity; or prosecute those responsible for that activity,
• Debug
to identify and repair errors that impair existing intended functionality,
• Exercise
free speech, ensure the right of another consumer to exercise his or her right
of free speech, or exercise another right provided for by law,
• Comply
with the California Electronic Communications Privacy Act pursuant to Chapter
3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code,
• Enable
solely internal uses that are reasonably aligned with the expectations of the
consumer based on the consumer’s relationship with us,
• Comply
with a legal obligation, or
• Otherwise
use the consumer’s Personal Information, internally, in a lawful manner that is
compatible with the context in which the consumer provided the Personal
Information.
Right of Access: Right to Request Disclosure of Data
Collection and Sharing Practices
You may request to receive details about how we collect,
use, and share your Personal Information.
Specifically, you may request to receive the specific pieces of
information that we have collected about you by contacting us as provided in the
“Contact Us” Section below. If you do so, we may need to collect additional
Personal Information and other information, including name, email address, zip
code, product purchase location, phone number (which you may choose not to
provide), product model number and serial number to verify your identity. The
same process applies to requests for the deletion of Personal Information
described above.
You may also request to receive:
• the
categories of Personal Information that we have collected about you,
• the
categories of Personal Information that we have disclosed for a business
purpose,
• the
categories of sources from which we collected the Personal Information,
• our
purposes for collecting that Personal Information, and
• the
categories of parties with whom we share your Personal Information.
Right to Opt-Out of Sale
You have a right to direct us not to sell your Personal
Information. If you would like to exercise that right, please direct us to not
to sell your Personal Information as provided in the Contact Us section below.
Right to not be Discriminated Against for Exercising CCPA
Rights
We do not discriminate against you for exercising any CCPA
rights, such as the access and deletion rights described above. If we choose to
offer a product enhancement or financial incentive, that is contingent on you
sharing personal information, we will ensure that the value provided to us by
that collection is reasonably related to the value of the product enhancement
or financial incentive.
This privacy
agreement is prepared in accordance with GDPR (general data protection
regulations). In Processing your Personal Data in connection with the purposes
set out in this Data Protection Policy, we may rely on one or more of the
following legal bases, depending on the circumstances:
·
Consent: We may Process your Personal Data where we have obtained
your prior, express consent to the Processing (this legal basis is only used in
relation to Processing that is entirely voluntary – it is not used for
Processing that is necessary or obligatory in any way);
·
Contractual necessity: We may Process
your Personal Data where the Processing is necessary in connection with
any contract that you may enter into with us;
·
Compliance with applicable law: We may Process
your Personal Data where the Processing is required by applicable law;
·
Legitimate interests: We may Process your Personal Data
where we have a legitimate interest in carrying out the Processing for the
purpose of managing, operating or promoting our business, and that legitimate
interest is not overridden by your interests, fundamental rights, or freedoms.
We maintain physical, administrative, technical and organizational
safeguards designed to maintain the confidentiality and security of your
Personal Data.
·
We adopt appropriate encryption measures for your personal data in
the process of collection and temporary storage, in order to try our best to
avoid the risk of data leakage during the use of your device;
·
We encrypt your data when uploading it to the server to try to
avoid data leakage and theft caused by accidents during transmission;
·
We adopt appropriate encryption measures during the storage of
your data, and restrict the persons who can access it in order to try to ensure
the security of the data in the database;
·
Meanwhile, we back up your data, even in the event of an accident,
we will be able to restore your data;
·
We will continue to update the existing encryption methods and
measures, and regularly evaluate our data protection capabilities to try to
ensure the security of your data;
Unfortunately, the transmission of information via the Internet is
not completely secure. Although we do our best to protect your Personal
Data, we cannot guarantee the security of your Personal Data transmitted
through use of the Sites, Application and the Smart
Services. Any transmission of Personal Data is at your own risk. We
are not responsible for circumvention of any privacy settings or security
measures for the Sites, Application or the Smart Services.
In connection with the service we provided, we may transfer your
personal information to countries outside of the EEA (European Economic Area),
including to countries that may not provide the same measure of data protection
as your home country such as the United States and China. We take appropriate
steps to ensure that recipients of your personal information are bound to
duties of confidentiality and we implement appropriate measures to ensure your
personal information will remain protected in accordance with this Data
Protection Policy, such as standard contractual clauses.
If you resident in European Economic Area, when we
transfer your Personal Data from the European Economic Area to
recipients located outside the European Economic Area who are not
in adequate jurisdictions admitted by the European Commission, we do
so on the basis of standard contractual clauses adopted by
the European Commission.
Particularly, the provision of the weather service is from an
America company, AccuWeather. In order to let you enjoy this service, we will
provide your location information to AccuWeather. Your consent of this Data
Protection Policy will be deemed as your agreement to this part.
CONTACT US
Please direct any questions you may have regarding your data
protection or requests to exercise applicable rights described in this
Data Protection Policy to our email at hisense.vrf.iot@hisense.com.
If you are based in EEA or EEA residents, you may also contact our EU
representative:
VERDATA DATENSCHUTZ GmbH & Co KG
Römerstraße 12, 40476 Düsseldorf, Germany.
Email:hisensehitachi.representative@verdata.eu