DATA
PROTECTION POLICY
(Effective
Date: Feb. 22, 2023)
Please read
this Data Protection Policy (the “Data
Protection Policy”) carefully.
By using the Application, installing and/or using and/or accessing the smart
services through the Application, you agree to be legally
bound and abide by this Data Protection Policy. The click on the
"agree" locating at the bottom of this policy indicates that you have
read and accepted this Data Protection Policy. By using the Application and/or
the smart services, you acknowledge and accept this Data Protection Policy and
consent to the collection and use of your data and information in accordance
with this Data Protection Policy.
This Data Protection Policy applies to information about
you that is collected by us, Qingdao Hisense Hitachi Air-conditioning
Systems Co.,Ltd., as set forth herein,with detailed
information as below:
Qingdao Hisense Hitachi Air-conditioning Systems Co.,Ltd.
No. 218, Qianwangang Road
Economic and Technological Development Zone
Qingdao, China
Our representative in European Union is VERDATA DATENSCHUTZ GmbH
& Co KG, with detailed information as below:
VERDATA DATENSCHUTZ GmbH & Co KG
Römerstraße 12, 40476 Düsseldorf, Germany.
Email:hisensehitachi.representative@verdata.eu
We may update this Data Protection Policy from time to time in
response to changing legal, technological and business developments. When we
update our Data protection policy due to the above reasons, we may post the
updated version on the applicable website or by providing such notice about or
obtaining consent to changes as may be required by applicable law. By
publishing data protection policy online and by publishing a link to the policy
on the login page of the portal for managing connected Devices, we provide you
with constant access to the Data Protection Policy.The
Data Policy is available at
https://en.connectlife.io/connectlife/privacy_policy_himit.html
.
This Data Protection Policy does not apply to information that you
provide directly to, or is collected by, third
parties whose Smart Services you access
via Internet or other application(s), system(s). You should review
the applicable privacy policy and/or terms of use of any third party service
providers whose Smart Services you access
via Internet or other application(s), system(s).
“Application” means this Hi-Mit application, which can be downloaded
from Android platform or iOS platform, capable of controlling Hisense VRF
products and releasing relevant service.
“Device” means the air conditioning
product(s) manufactured/provided by us, which is
connected with the Application by you.
“Personal Data/Personal Information” means information that
is about any individual, or from which any individual is directly or indirectly
identifiable, in particular by reference to an identifier such as a name, an
identification number, location data, an online identifier or to one or more
factors specific to the physical, physiological, genetic, mental, economic,
cultural or social identity of that individual.
“Process”, “Processing” or “Processed” means
anything that is done with any Personal Data, whether or not by automated
means, such as collection, recording, organization, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction.
“Sites” means Hi-Dom Cloud, Smart Touch Cloud and Hi-Mit Cloud operated, or maintained, by us or on our behalf.
“Smart Services” means all the types of services
or functions typically available from the Application and Sites, offered
by us, through Application and Sites to connect, administrate your Device,
including turn on/off, diagnose Device failure, setting your favorite
Device mode or running schedule, etc.
We only collect and process your personal data that are relevant
for the operation of connected Devices, Sites or which are legally requested to be collected (and processed):
·
Account Registration Data. All of these data will be directly provided by you. For the
registration of an account and providing support in case of any
malfunctions (obligatory in case the Application/Sites will be used),
you may provide:
Ø email address;
Ø password needed
for using the Application/Sites (unless a supported third-party
application providing this service is used);
Ø first name, last name, language, contact phone, address (street, house number, zip code, city, country);
Ø
profile picture you offered to show with others.
·
Device Usage Related and Diagnostic Data. These data
will be collected directly or indirectly from the
devices you use. This includes the data in relation to usage cycles of the Devices,
about the data recorded and obtained by internal diagnostic sensors and are related to the operation and/or usage of
the Devices, data regarding technical performance, data related to
possible error messages.
Ø Position information of your mobile devices;
Ø Type of your air conditioner, air conditioning current;
Ø Temperature and humidity of indoor unit and temperature of outdoor unit;
Ø Power
consumption of your air conditioner;
Ø Working modes of your air conditioner;
Ø Abnormal informationreporting of equipment.
·
Non-Personal Data. When you use the Device, we may
also collect certain information that, by itself or in combination with other
such information, cannot be used to identify you
individually, or contact you personally (“Non-Personal Data”).
Ø Online
warranty information;
Ø Your
local electricity price;
…….
·
Personal Data of minors. We are
committed to protecting the Personal Data of children,
and recognize that parents, guardians, or other adults may purchase the Device
for family use, including by minors. As such, Smart
Services accessed through the Sites, Application are not
intended for use by individuals under the applicable legal adult age and
we will not knowingly collect Personal Data from individuals under such age for
any purpose, nor will we accept registration from such individuals. In
some cases, particularly where information is collected electronically, we
may not be able to determine whether information was collected from children
under local legal age, and we treat such information as though it were provided by an adult. If we learn that a child
under local legal age has provided any Personal Data, we will use
commercially reasonable efforts to delete such information. WE EXPRESSLY DISCLAIM ANY RESPONSIBILITY OR
LIABILITY FOR THE USE, OR MISUSE, OF SUCH FEATURES BY CHILDREN IN VIOLATION OF
THIS DATA PROTECTION POLICY.
We may Process your Personal data for the following purposes:
·
Verifying your identity and help you set up / administering user
accounts;
·
Connecting the Application with your chosen Devices so that you
can manage your devices;
·
Creating groups and inviting members, and realizing joint
operation and management of devices through your groups;
·
Providing you with your local weather service;
·
Providing you with online warranty service and contacting you;
·
Providing the Electricity Statistic and the Energy Management
services to you;
·
Sharing your device and your own information with the group
members;
·
Building the linkage between air conditioners and the room
temperature;
·
Controlling your device with a time scene;
·
Communicating with you via any
means (including via email, telephone, text message or in person)
news items and other information in which you may be interested, subject to
ensuring that such communications are provided to you in compliance with
applicable law; maintaining and updating your contact information where
appropriate; and obtaining your prior, opt-in consent where required;
·
Engaging with you for the purposes of obtaining your views on our
products and services;
·
Detecting, investigating and preventing breaches of policy, and
criminal offences, in accordance with applicable law;
·
Establishing, exercising and defending legal rights;
·
Compliance with our legal and regulatory obligations under
applicable law;
·
Identifying issues with Sites, Application and Smart
Services; planning improvements to Sites, Application and Smart
Services; and creating new applications and Smart Services;
·
We may use Non-Personal Data for our internal purposes, such as to
understand aggregate usage patterns, to administer the Device, or to provide
you with improved features;
·
We may combine Personal Data and Non-Personal Data collected with
other data in order to provide and improve services provided in connection with
the Sites, Application and the Smart Services. We may also
combine Personal Data we collect online with information available from other
sources, including information received from our affiliates, marketing companies,
or advertisers. If we combine any Non-Personal Data with Personal Data,
the combined information will be treated as Personal
Data under this Data Protection Policy for as long as it remains combined.
We will only disclose your Personal Data to the
extent that such disclosure is necessary:
·
In order to maximize your rights and interests, and provide you
with better service, we may share your personal data:
·
For legal, security or safety purpose to share your personal data:
·
For the transaction in connection with other companies to share
your personal data:
During your use of this Application, we will continue to save your Personal
Data.
If you no longer use this Application, you can click the “Delete
Account” button through the Application. After you confirm the deletion of your
account, we will clear your Personal Data left in this Application.
In case any other regulatory or legal requirement would oblige us
to keep the data, the data will be kept for as long as
legally required. In case we do no longer need the personal data, we may
destroy, delete, anonymize it.
If we have the ongoing legitimate business need, we may continue
to process the data related to the usage of the appliance for statistical
purposes with intention to improve and upgrade our service and appliance
features in the future. When you have any requirement on the data retention,
please contact us.(hisense.vrf.iot@hisense.com)
According to local laws and regulations, where
applicable, you may have the following rights:
·
to access Personal Data we store and process ;
·
in some cases,
to withdraw your consent to our processing of your personal data. You have
the right to withdraw your consent. In case we have legitimate reason to
continue processing of your personal data we will continue to do so (in either
case, we will inform you about the withdrawal procedure);
·
to rectify your data in case the stored and processed personal
data is not accurate or is incomplete;
·
to erase your personal data, where we might continue to retain
personal data if we are entitled or required to do so;
·
to object to and the request that we restrict our processing of
your personal data in some circumstances;
·
right to
contact the corresponding supervisory authority and file a complaint if
you find that your personal data of our application may be leaked;
·
right to
obtain a copy of your personal information.
In case you would like to enforce your rights according to
local laws and regulations, you can contact our support email:
hisense.vrf.iot@hisense.com
6.1 YOUR
CALIFORNIA PRIVACY RIGHTS
Data Subject Rights – California Residents
This portion of our Data Protection
Policy advises California residents of the applicable rights as provided in the
California Consumer Privacy Act (“CCPA”) and how to effectuate
these rights by communicating with us. Please note, we
will seek to verify your identity when we receive an individual rights request
from you in order to ensure the security of your personal information.
If a California
resident wishes to make any of the requests described below, such as
access and deletion, he or she may contact us as provided in the “Contact Us”
section below. You may be able to exercise some of the below rights, such as
access and deletion, by using the management features available in your
account. You may authorize an agent to make such a request on your behalf. We
will seek to verify your identity and your agent’s authority when we receive an
individual rights request from you or on your behalf to ensure the security of
your Personal Information, and may need to collect additional Personal Information
to do so.
Right to Deletion of Personal
Information
California residents have the right
to request the deletion of Personal Information as prescribed in Section
1798.105(a) of the CCPA. We may not delete some or all Personal Information if
such Personal Information is necessary for us, or our service providers or
affiliates, to:
·
Complete
the transaction for which the Personal Information was collected, provide a
good or service requested by the consumer, or reasonably anticipated within the
context of our ongoing business relationship with the consumer, or otherwise
perform a contract between us and the consumer;
·
Detect
security incidents, protect against malicious, deceptive, fraudulent, or
illegal activity; or prosecute those responsible for that activity;
·
Debug
to identify and repair errors that impair existing intended functionality;
·
Exercise
free speech, ensure the right of another consumer to exercise his or her right
of free speech, or exercise another right provided for by law;
·
Comply
with the California Electronic Communications Privacy Act pursuant to Chapter
3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
·
Enable
solely internal uses that are reasonably aligned with
the expectations of the consumer based on the consumer’s relationship with us;
·
Comply
with a legal obligation, or
·
Otherwise
use the consumer’s Personal Information, internally,
in a lawful manner that is compatible with the context in which the consumer
provided the Personal Information.
Right of Access: Right to Request
Disclosure of Data Collection and Sharing Practices
You may request to receive details
about how we collect, use, and share your Personal Information. Specifically, you may request to receive the
specific pieces of information that we have collected about you by contacting
us as provided in the “Contact Us” Section below. If you do so, we may need to
collect additional Personal Information and other information, including name,
email address, zip code, product purchase location, phone number (which you may
choose not to provide), product model number and serial number to verify your
identity. The same process applies to requests for the deletion of Personal
Information described above.
You may also request to receive:
·
categories of Personal Information that we have
collected about you;
·
categories of Personal Information that we have
disclosed for a business purpose;
·
categories of sources from which we collected the
Personal Information;
·
purposes for collecting that Personal Information, and
·
categories of parties with whom we share your Personal
Information.
Right to Opt-Out of Sale
You have a right to direct us not to
sell your Personal Information. If you would like to exercise that right,
please direct us to not to sell your Personal Information as provided in the
Contact Us section below.
Right to not be Discriminated
Against for Exercising CCPA Rights
We do not discriminate against you
for exercising any CCPA rights, such as the access and deletion rights
described above. If we choose to offer a product enhancement or financial
incentive, that is contingent on you sharing personal information, we will
ensure that the value provided to us by that collection is
reasonably related to the value of the product enhancement or financial
incentive.
This privacy
agreement is prepared in accordance with GDPR (general data protection
regulations). In Processing your Personal Data in
connection with the purposes set out in this Data Protection Policy, we may
rely on one or more of the following legal bases, depending on the
circumstances:
·
Consent: We may Process your Personal Data where we have obtained
your prior, express consent to the Processing (this legal basis is only used in
relation to Processing that is entirely voluntary – it is not used for
Processing that is necessary or obligatory in any way);
·
Contractual necessity: We may Process
your Personal Data where the Processing is necessary in connection with
any contract that you may enter into with us;
·
Compliance with applicable law: We may Process
your Personal Data where the Processing is required by applicable law;
·
Legitimate interests: We may Process your Personal Data
where we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our
business, and that legitimate interest is not overridden by your interests,
fundamental rights, or freedoms.
We maintain physical, administrative, technical and organizational
safeguards designed to maintain the confidentiality and security of your
Personal Data:
·
We adopt appropriate encryption measures for your personal data in
the process of collection and temporary storage, in order to try our best to
avoid the risk of data leakage during the use of your device;
·
We encrypt your data when uploading it to the server to try to
avoid data leakage and theft caused by accidents during transmission;
·
We adopt appropriate encryption measures during the storage of
your data, and restrict the persons who can access it in order to try to ensure
the security of the data in the database;
·
Meanwhile, we back up your data, even in the event of an accident,
we will be able to restore your data;
·
We will continue to update the existing encryption methods and
measures, and regularly evaluate our data protection capabilities to try to ensure
the security of your data.
Unfortunately, the transmission of information via the Internet is
not completely secure. Although we do our best to protect your Personal
Data, we cannot guarantee the security of your Personal Data transmitted
through use of the Sites, Application and the Smart
Services. Any transmission of Personal Data is at your own risk. We
are not responsible for circumvention of any privacy settings or security
measures for the Sites, Application or the Smart Services.
In connection with the service we provided, we may transfer your
personal information to countries outside of the EEA (European Economic Area),
including to countries that may not provide the same measure of data protection
as your home country such as the United States and China. We take appropriate
steps to ensure that recipients of your personal information are bound to
duties of confidentiality and we implement appropriate measures to ensure your
personal information will remain protected in accordance with this Data
Protection Policy, such as standard contractual clauses.
If you resident in European Economic Area, when we
transfer your Personal Data from the European Economic Area to
recipients located outside the European Economic Area who are not
in adequate jurisdictions admitted by the European Commission, we do
so on the basis of standard contractual clauses adopted by
the European Commission.
Particularly, the provision of the weather service is from an
America company, AccuWeather. In order to let you
enjoy this service, we will provide your location information to AccuWeather. Your consent of this Data Protection Policy will be deemed as your agreement to this part.
CONTACT US
Please direct any questions you may have regarding your data
protection or requests to exercise applicable rights described in this
Data Protection Policy to our email at hisense.vrf.iot@hisense.com
If you are based
in EEA or EEA residents, you may also contact our EU representative:
VERDATA DATENSCHUTZ GmbH & Co KG
Römerstraße 12, 40476 Düsseldorf, Germany.
Email:hisensehitachi.representative@verdata.eu