Update!
Our Privacy Policy was updated on July 29, 2024 and took effect on July 29, 2024. We have revamped the Privacy Policy front and back so that from this date onwards, this Privacy Policy can provide even more privacy details on how we manage your personal data when you use Aqara Home App provided by Lumi United Technology Co., Ltd. and its affiliates (Include but not limited to Aqara Software Service Co. , Ltd.,)(hereinafter referred to as "Lumi Company","we","us" or "our").
Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions.
To give you an overview, this Privacy Policy is structured as follows:
SCOPE OF THE PRIVACY POLICY & OUR COMMITMENT TO YOU
WHAT INFORMATION IS COLLECTED BY US AND HOW DO WE USE IT
HOW AQARA HOME AND AQARA HUB WORK IN GENERAL
TYPES OF INFORMATION COLLECTED
HOW THE PERSONAL DATA IS USED
INERNATIONAL TRANSFERS & WITH WHOM WE SHARE YOUR INFORMATION
RETENTION AND STORAGE POLICY
ACCESSING OTHER FEATURES ON YOUR DEVICE
MISCELLANEOUS
DATA PROTECTION OFFICER & REPRESENTATIVE
CONTACT US
This Privacy Policy sets out how Lumi United Technology Co., Ltd. ("Lumi Company", "we", "our" or "us"; at the end of this document, you will find the contact details of us, of our representative in the European Union and of our data protection officer) collects, uses, discloses and otherwise processes your personal data in connection with your use of Aqara Home App (hereafter referred to as the "Aqara Home" or "App"), including the use of a hub and sub-devices (e.g. Aqara Hub and Aqara Controllers and Sensors) if controlled with Aqara Home:
The Privacy Policy is designed with you in mind, and it is important that you have a comprehensive understanding of our personal data collection and usage practices.
In this Privacy Policy, "personal data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
In order to comply with applicable laws, including local data protection legislation (including the General Data Protection Regulation (" GDPR") in the European Union (" EU") and any EU member state data protection law), to the extent required, we will specifically seek prior consent to the particular processing. We are committed to protecting the privacy, confidentiality and security of your personal data by complying with applicable laws, including your local data protection legislation. We are equally committed to ensuring that all our employees and agents uphold these obligations.
If you have purchased a device that we have not launched in the European Union (" EU"), you should go to the Aqara Home app and switch the device location to the place where the device was purchased to view the information collection of the device.
The below information is intended to give you a brief overview of how Aqara Home and Aqara Hub work in general and how this affects the processing of your personal data (or more detailed information on which personal data we process for which purposes in context with providing the Aqara Home services please view sections " TYPES OF INFORMATION COLLECTED" and "HOW THE PERSONAL DATA IS USED "below):
You can connect smart home sub-devices (e.g. our controllers or sensors, such as smart light bulbs or water leak sensors) to your Aqara Hub. With Aqara Home you can control the Aqara Hub and any connected sub-devices.
If you would like to only control your smart home devices from within your home network, you do not need an internet connection and no personal data is transferred to us in order to enable these smart home functions. However, personal data may be transmitted to us if you are connected to the internet and if you request support or for checking whether updates for your devices/software are available.
You may also control your smart home devices remotely (i.e. from outside your home network). This means that you can, for example, turn off your lights or check your home temperature (depending on the integrated sub-devices) while you are still at work or on vacation. In that case, Aqara Home and the Aqara Hub both communicate with our EU-based servers and transfer personal data on your use of these products in order to provide these remote control functions.
When using Aqara Home and a hub (e.g. Aqara Hub) which is connected to an Aqara Home Account, we collect the following types of personal data:
Categories of personal data processed:Account information. Personal data included in the categories:Account name, email address, profile photo. Sources of the data: Users (actively provided) .
Obligation to provide the data: There is no statutory or contractual obligation to provide the data, but the data is necessary for entering into a usage agreement and if the data are not provided, your account registration cannot be completed.
Storage duration: We store these data until you delete your account. This means that we delete this data once your account is deleted. Within Aqara Home you have the possibility to delete your account at any time.
Categories of personal data processed:Information related to the handheld device.Personal data included in the categories:This includes the following information from the device(s) on which you installed Aqara Home:IMEI number, Device ID, OAID (anonymous device identifier), ANDROID_ID, version of your operating system, Aqara Home version number, model name. Sources of the data: Users (obtained from User's handheld device)
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data. However, the data are necessary for troubleshooting and providing services to you. If the data are not provided, identifying and correcting faults in your App may be affected and you may not enjoy the relevant services.
Storage duration: We store these data until the purposes of processing these data specified below have been achieved. This means that we delete this data once your account is deleted. Within Aqara Home you have the possibility to delete your account at any time.
Categories of personal data processed:Location information (We do not use or collect your precise geographic locationunless your separate consent is sought) Personal data included in the categories:This includes the following location information of the device(s) on which you installed Aqara Home: region, country code, city code, mobile network code, mobile country code, cell identity, district name, longitude and latitude information, time zone settings, language settings. We obtain this information to assign a server when you register an account, and to automatically set your time zone. The frequency of collecting such information depends on that of your request for changing locations. Sources of the data: Users (obtained from User's handheld device or actively provided by users)
Obligation to provide the data:Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.However, the data are necessary for assigning a server and setting users' time zone. If the data are not provided, the user may not enjoy the relevant services.
Storage duration: We store these data until the purposes of processing these data specified below have been achieved. This means that we delete this data once your account is deleted. Within Aqara Home you have the possibility to delete your account at any time.
Categories of personal data processed: Log information. Personal data included in the categories:1.IP address, network request information, temporary messaging history, standard system logs, and crash information. 2.Automation and scene execution logs. 3.Device log.Sources of the data: Users (obtained from User's handheld device or actively provided by users) .
Obligation to provide the data:rovision of the data is not required by law or contract. The data subject is not obliged to provide the data.However, the data are necessary for users to query the history of device operation, automation and scene execution. If the data are not provided, you may not enjoy the above-mentioned services. Besides, in case that users report a fault or require our support, if the data are not provided, troubleshooting will be affected.
Storage duration: We store these data for one year. In case that you delete your log information with Aqaea Home or you delete your account, we will also delete these data. Within Aqara Home you have the possibility to delete your account and log information at any time.
Categories of personal data processed: Account credentials.Personal data included in the categories:password, verification code. Sources of the data: Users (actively provided)
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.However, it is necessary to enjoy the service provided by Lumi Company. If the data are not provided, users may not use their account.
Storage duration: We store these data until the purposes of processing these data specified below have been achieved. This means that we delete this data once your account is deleted. Within Aqara Home you have the possibility to delete your account at any time.
Categories of personal data processed: Information collected related to the Software Value-Added Services provided by us (include Software Value-Added Services information, Ordering Information, Automatic renewal information and information needed for invoices issuing). Personal data included in the categories:1.Software Value-Added Services information include the following information:Account informationdevice IDpackage typeservice validity period and days. 2.Ordering Information include the following information:Order numberpayment timepayment amountpayment currency.3.Automatic renewal information include the following information: Activation statusrenewal amountrenewal datepayment method.4.If you need us to send invoices related to Software Value-Added Services, you also need to provide us with the consignee's name, address, telephone number, fax number and email address for receiving the invoice. Sources of the data: Users (obtained from User's handheld device or actively provided by users)
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.
Storage duration: We store these data until the purposes of processing these data specified below have been achieved. This means that we delete this data once your account is deleted. Within Aqara Home you have the possibility to delete your account at any time.
Categories of personal data processed: Automation & Scene settings information.Personal data included in the categories:automation and scene name, condition and action list, effective time period setting, execution result notification setting, settings that enable or disable automation. Sources of the data: Users (actively provided)
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.If the data are not provided, you cannot use the automation & scene setting related services.
Storage duration: We store these data for one year. In case that you delete a setting or you account is deleted, these data will also be deleted.You can amend or delete these setting in Aqara Home and may also delete your entire account in Aqara Home.
Categories of personal data processed: Feedback information.Personal data included in the categories:feedback content, contact information, error logs.Sources of the data: Users (actively provided).
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.If the data are not provided, we cannot consider your feedback or provide support to you.
Storage duration: We store these data until the purposes of processing these data specified below have been achieved. You can request us to delete such information by contacting us.
Categories of personal data processed: Device information.Personal data included in the categories:This includes the following information from the hub(s) connected to your Aqara Home Account:Hub network information (wi-fi name, RSSI, IP address, MAC address, Android ID), device ID, firmware version number, model, manufacturer, setup information associated with automation and scenarios under the hub.This includes the following information from sub-devices connected to the above hub(s):Sub-device signal strength, manufacturer, device ID, firmware version, setup information associated with automation and scene under sub-device. Sources of the data: Users (obtained from User's hub)
Obligation to provide the data: Provision of the data is not required by law or contract. The data subject is not obliged to provide the data.However, the data are necessary for displaying device information in the App. If the data are not provided, users cannot connect these sub-devices to the App, and thus cannot use, access or control the sub-devices through the App.
Storage duration:We store relevant data until you reset certain devices from the App or delete your account. After unbinding certain devices from the App or deleting your account, the relevant data stored in devices cannot be accessed by Lumi Company, users can delete such data by resetting the devices.
Categories of personal data processed: Sub-device information.Introduction: You can use Aqara Home to connect new sub-devices to your hub (e.g. Aqara Hub). Alternatively, you may triple press the Hub button on your Aqara Hub to add a new sub-device.Such sub-devices will also collect certain information and transmit this to the hub (e.g. our temperature sensor constantly sends the room temperature to the hub). For details of the information collected by sub-devices, please refer to the the data-collected description of the corresponding sub-device in Aqara Home (Please go to the "Device Privacy Policy" in the settings item of the device details page to view it,you may find an overview of the data-collected descriptions for each sub-device).If you do not want us to collect information about your sub-device, you can log in to Aqara Home at any time to enter the interface page of the corresponding sub-device to cancel the authorization. In case you cancel the authorization, you are not able to control the corresponding sub-device in Aqara Home.
Personalized service (recommended automation) based on device information, automation and scene setting information: in order to provide you with personalized smart home products and automation services that can better meet your personal needs and improve your smart home user experience, we will provide you with personalized recommendations and displays of smart home products, services or other information based on the following necessary information: automation and scene names, execution log, conditions and operation lists, valid time period settings, execution result notification settings, and settings to enable or disable automation. Relevant information about the devices you are using, which includes device model, device settings, MAC address and IMEI, Android ID, device identification code, device environment, device models, Model information, device ID, SN number, hardware version number, firmware version number, and location information assigned by the device. Based on your information above, we will use big data and algorithms to conduct comprehensive statistics and analysis in order to understand your needs and preferences, and recommend or display products, services or other information that may be of your interest. If you are not interested in the personalized recommended products, services or other information or do not want us to provide you with personalized recommendation services, you can turn off personalized recommendation service in "Personalized Recommendation Management" interface in settings. Once it is turned off, content that may be of your interest will not be recommended to you.
Categories of personal data processed: Device diagnosis service.Introduction:We provide you with the "Device diagnosis service" based on service authorization: If there's any problem with your Aqara smart device or Aqara Home application, you may contact our customer service and report the problem. If necessary, we will deliver the "Device diagnosis service" to you. After obtaining your authorization, we will get related account information of the device, device identification information and log data, so as to improve user experience of the smart device. "Device diagnosis service" is the service of remote device diagnosis and analysis provided by us for you. We attach great importance to your personal information and privacy protection. We will provide related safety protection measures for your personal information according to legal requirements and mature safety standards of the industry. Specifically, we need to collect the following information of yours:
(1) Account information: Including the information of the registered account; (2) Device information: Including device identifier, device list, hardware information of the device, device use information, device operation log, system log; (3) Linkage information: Scene list, condition set list, linkage execution log; (4) Application information: Including application software information, application use information; (5) Network information: Including network information of the application software and smart device. We will analyze the collected data, find faults and repair. We will find the experience problem and improve it, and enhance product quality. If your data authorization expires, we will stop inquiring and analyzing your data. If you do not provide this type of information, we cannot acquire your fault and experience problems on your smart device, nor analyze and give solutions.
We will analyze the collected data, find faults and repair. We will find the experience problem and improve it, and enhance product quality. If your data authorization expires, we will stop inquiring and analyzing your data. If you do not provide this type of information, we cannot acquire your fault and experience problems on your smart device, nor analyze and give solutions.
Categories of personal data processed: Advertising and Marketing Services. When you use our services, in order to maintain, improve, optimize our products and/or services and enhance user experience, we will provide you with commercial electronic information ("advertising") as needed, including:
Aqara Advertisements: We will process the information you provide us, including the terminal device information of your client terminal device (client type, client version number, device model, operating system version number, operating system language, operating system type, Device manufacturer, device screen width, device screen height, device screen density, device screen orientation), client device identification code (Android ID, IDFA, OAID), location information (province/city/district), network information (network connection method, operator) or used in combination with other information to promote Aqara's own products and business advertising; this information is necessary to implement this function. If you disagree with the collection and use of this data, you may not be able to use this function.
The advertising marketing service is optional. If you do not use it, it will not affect your use of Aqara account or other services. You can unsubscribe from ads by following the prompts when browsing emails or text messages. In addition, we also provide you with the option to unsubscribe from advertising. You can manage advertising information through [Aqara Home App→Profile→Settings→Account and Security→Ad Notifications] or tap here.
Please be aware that in order to realize the relevant functions and ensure the safety and stability of the service, we have accessed the software tool development kit (SDK) provided by a third party, and we will conduct strict security monitoring on the SDK obtained by the partner to protect the data security.
In the following table, we list the types of third-party SDKs accessed in the Aqara Home app, as well as the types of personal information you collect and the purpose of use:
Third-party SDK name: Shangyun (CS2 Network)
Information collection types: Camera device ID, network information (IP, current network type and name)
Purpose of use: It is used to set up the p2p connection of the camera after the camera device is added
Operating systems: Android and iOS
Third-party SDK name: Facebook open-source framework
Information collection types: Device information (including device model, device identifier (AndroidID/IDFA/OPENUDID/GUID/OAID)
Purpose of use: It is used to log in Facebook
Operating systems: Android and iOS
Third-party SDK Name: Google SDK
Information Collection Types: Device Identifiers: IMEI or OAID, SN, IMSI, Android ID, GAID. Application Information: App registration and version number, operating status. Network Information:IP or domain connection results, current network type. Running Process Information.
Purpose of Use: Google account authorization login
Operating systems: Android and iOS
Third-party SDK name: Sensors Data
Information collection types: IP address, sensor list, acceleration sensor, device information (device version, device manufacturer, device model information), device identification information (hardware serial number, IMEI, MAC address, IMSI information, IDFA, AndroidID), device status information, install application package name information, network information (WIFI parameter ssid), operator information, location information, IDFV, OAID, VAID, UUID, IMSI
Purpose of use: It is used to initialize the SDK for data collection after the user agrees to the Privacy
Operating systems: Android and iOS
Third-party SDK name: Application performance monitoring full-link version App monitoring SDK
Information collection types:
(1) Device information: device ID, device model, operating system, system time zone, screen resolution, disk usage, memory usage, number of running threads, CPU information (frequency, model, architecture), mobile device country code (MCC), Mobile Device Network Coding (MNC), device dpi; Android ID, device brand, operating system api version, user agent, battery power, network traffic, device abi, ROM;
(2) Application information: application version, application package name, process startup time, crash time, crashed thread name, active page name, all thread stacks of the current process, application service log information, application file name, application file size, disk size; fd list;
(3) System and network identification information: user ID, IP address, operator information, network access mode.
Purpose of use: Use automation programs and algorithms to identify devices, obtain device status (online, offline, and network environment), perform device count statistics, and debug single device problems.
Operating systems: Android and iOS
Third-party SDK name: International translation platform SDK
Information collection types:
(1) Device information: device brand, device model, operating system;
(2) Application information: application package name;
(3) System or network identification information: network access mode (WIFI status);
(4) Personal location information: System country/region information.
Purpose of use: Obtain the i18n copy configured by the customer on the translation platform. This parameter will be used by the server to configure the grayscale dimension selection for grayscale delivery.
Operating systems: Android and iOS
Third-party SDK name: AndroidX Webkit (chromium)
Information collection types: SSID, BSSID, MAC address, WIFI information, AndroidX Webkit (chromium) needs to monitor the WIFI switch and signal status, and will obtain WIFI information, MAC address, SSID, installed APP information, and sensor information multiple times.
Purpose of use: AndroidX auxiliary development tools provided by Google, based on the WebKit browser engine, provide web browsing services
Operating systems: Android
Third-party SDK name: GeTui
Information collection types: Device ID, device model, app version number, system version number, device platform, device manufacturer, network information and position-related information, application list information
Purpose of use: It is used to provide the message pushing service for models of the iOS system
Operating systems: iOS
Third-party SDK name: Ali Mobile PUSH (EMAS)
Information collection types: Device identification information (operating system, device model, IP, operator information)
Purpose of use: It is used to recognize the pushing device and push messages to the single device
Operating systems: Android
Third-party SDK name: Xiaomi PUSH
Information collection types: Device identification information (IMEI [targeting at the following versions of Android Q], OAID, Android ID and MAC address), setting information of the notification bar, network status information (IP, current network type and name)
Purpose of use: It is used to provide the message pushing service for the mobile terminal of Mi brand
Operating systems: Android
Third-party SDK name: OPPO PUSH
Information collection types: Device-related information (such as IMEI [targeting at the following versions of Android Q], Android ID), application list
Purpose of use: It is used to provide the message pushing service for the mobile terminal of OPPO brand
Operating systems: Android
Third-party SDK name: vivo PUSH
Information collection types: Device-related information (such as IMEI [targeting at the following versions of Android Q], Android ID), application list
Purpose of use: It is used to provide the message pushing service for the mobile terminal of vivo brand
Operating systems: Android
Third-party SDK name: FCM PUSH
Information collection types: List of applications in operation
Purpose of use: It is used to receive the message pushing service when the overseas device is used in the overseas region, including APNS push
Operating systems: Android
Third-party SDK name: Tencent Bugly Pro SDK
Information collection types: (1) For Android devices: Log information (including third-party developer custom logs, Logcat logs, and App crash stack information), device identification information (IMEI [for versions below Android Q], IMSI, MAC address, Android ID, and IDFV), phone model, phone brand, phone system API level, CPU architecture type, whether the device is rooted, disk space usage, SD card space usage, memory space usage, network information, network type, system name, system version, country code, phone serial number, current running process name and PID. (2) For iOS devices: Device model, operating system name and version, operating system internal version number, Wi-Fi status, CPU attributes, remaining memory space, disk space/disk remaining space, runtime phone status (memory used by processes, virtual memory, etc.), IDFV, whether the device is jailbroken, area code.
Purpose of use: To collect statistics on APP abnormal situations and troubleshoot crashes.
Operating systems: Android and iOS
We process the above (categories of) personal data for the following purposes:
No automated decision-making takes place for any of the above processing activities.
We disclose your personal data to certain third parties for certain purposes, as described above. You should know that when Lumi Company shares your personal data with a Third Party Service Provider, Lumi Company will contractually specify that the third party is subject to practices and obligations to comply with applicable local data protection laws. Lumi Company will contractually ensure compliance by any Third Party Service Providers with the privacy standards that apply to them in your home jurisdiction.
Below you find further information on the above mentioned recipients and on any transfers of your personal data out of the EU to us and to any recipients:
Recipient: Lumi Company
Recipient: Freshworks Inc.
Recipient: Tencent Cloud Computing (Beijing) Co., LTD
Personal data will be held for as long as it is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws. We shall cease to retain personal data, or remove the means by which the personal data can be associated with particular individuals, as soon as it is reasonable to assume that the purpose for which that personal data was collected is no longer being served by retention of the personal data.
In the section " TYPES OF INFORMATION COLLECTED" above, we inform you in detail about the storage duration of each category of your personal data which we process.
User can delete logs by the "Clear Logs" function in Aqara Home, such as: device logs, automation logs, scene execution logs, home alert logs, messages received by the message center, and other logs. You can also delete all of your data recorded on the server and all account information by canceling the account via Aqara Home.
For the purposes set out above, Aqara Home may need to access certain features on your device, such as IP address, GPS location, Bluetooth and WLAN access, based on your specific use of Aqara Home. If you refuse to grant us the corresponding app permissions during installation and / or use, we will not be able to access your corresponding information above and will not be able to render the services for which the relevant information is required.
CONTROLLING SETTINGS
Lumi Companyrecognizes that privacy concerns differ from person to person. Therefore, we provide examples of ways Lumi Companymakes available for you to choose to restrict or withdraw the consent of the collection, use, disclosure or processing of your personal data and control your privacy settings:
Bind/Unbind devices;
Log in and out of the Aqara Home;
Perform factory reset to erase the data on local device and on the server.
If you have previously agreed to us using your personal data for the above mentioned purposes, you may change your mind at any time by writing or emailing us at aiot-service@aqara.com.
As a data subject, you have a right to obtain access and information under the conditions provided in Article 15 of the GDPR.
This means in particular that you have the right to obtain confirmation from us as to whether we are processing your personal data. If so, you also have the right to obtain access to the personal data and the information listed in Article 15 paragraph 1 of the GDPR. This includes information regarding the purposes of the processing, the categories of personal data that are being processed and the recipients or categories of recipients to whom the personal data have been or will be disclosed (Article 15 paragraph 1 points (a), (b) and (c) of the GDPR).
You can find the full extent of your right to access and information in Article 15 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
Note: You can access your account information and some device-related information yourself in the App. For any further access requests, please contact us at aiot-service@aqara.com.
As a data subject, you have the right to rectification under the conditions provided in Article 16 of the GDPR.
This means in particular that you have the right to receive from us without undue delay the rectification of inaccuracies in your personal data and completion of incomplete personal data.
You can find the full extent of your right to rectification in Article 16 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
Note: You can correct your account information and some device-related information yourself in the App. When you update some of your personal data, you will be asked to verify your identity before we proceed with your request, so that we can ensure the security of your Aqara Home Account and device. For any further correction requests, please contact us at aiot-service@aqara.com.
As a data subject, you have a right to erasure ("right to be forgotten") under the conditions provided in Article 17 of the GDPR.
This means that you have the right to obtain from us the erasure of your personal data and we are obliged to erase your personal data without undue delay when one of the reasons listed in Article 17 paragraph 1 of the GDPR applies. This can be the case, for example, if personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed (Article 17 paragraph 1 point (a) of the GDPR).
If we have made the personal data public and are obliged to erase it, we are also obliged, taking account of available technology and the cost of implementation, to take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of those personal data (Article 17 paragraph 2 of the GDPR).
The right to erasure ("right to be forgotten") does not apply if the processing is necessary for one of the reasons listed in Article 17 paragraph 3 of the GDPR. This can be the case, for example, if the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims (Article 17 paragraph 3 points (b) and (e) of the GDPR).
You can find the full extent of your right to erasure ("right to be forgotten") in Article 17 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have a right to restriction of processing under the conditions provided in Article 18 of the GDPR.
This means that you have the right to obtain from us the restriction of processing if one of the conditions provided in Article 18 paragraph 1 of the GDPR applies. This can be the case, for example, if you contest the accuracy of the personal data. In such a case, the restriction of processing lasts for a period that enables us to verify the accuracy of the personal data (Article 18 paragraph 1 point (a) of the GDPR).
Restriction means that stored personal data are marked with the goal of restricting their future processing (Article 4 paragraph 3 of the GDPR).
You can find the full extent of your right to restriction of processing in Article 18 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have a right to data portability under the conditions provided in Article 20 of the GDPR.
This means that you generally have the right to receive your personal data with which you have provided us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us if the processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the GDPR or on a contract pursuant to Article 6 paragraph 1 point (b) of the GDPR and the processing is carried out by automated means (Article 20 paragraph 1 of the GDPR).
You can find information as to whether an instance of processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the GDPR or on a contract pursuant to Article 6 paragraph 1 point (b) of the GDPR in the information regarding the legal basis of processing in Section " HOW THE PERSONAL DATA IS USED" of this Privacy Policy.
In exercising your right to data portability, you also generally have the right to have your personal data transmitted directly from us to another controller if technically feasible (Article 20 paragraph 2 of the GDPR).
You can find the full extent of your right to data portability in Article 20 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
As a data subject, you have a right to object under the conditions provided in Article 21 of the GDPR.
At the latest in our first communication with you, we expressly inform you of your right, as a data subject, to object.
More detailed information on this is given below:
As a data subject, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6 paragraph 1 point (e) or (f), including profiling based on those provisions.
You can find information as to whether an instance of processing is based on Article 6 paragraph 1 point (e) or (f) of the GDPR in the information regarding the legal basis of processing in Section " HOW THE PERSONAL DATA IS USED" of this Privacy Policy.
In the event of an objection relating to your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
You can find information as to whether and to what extent personal data are processed for direct marketing purposes in the information regarding the legal basis of processing in Section "HOW THE PERSONAL DATA IS USED" of this Privacy Policy.
If you object to processing for direct marketing purposes, we no longer process your personal data for these purposes.
You can find the full extent of your right to objection in Article 21 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
Where an instance of processing is based on consent pursuant to Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the GDPR, as a data subject, you have the right, pursuant to Article 7 paragraph 3 of the GDPR, to withdraw your consent at any time. The withdrawal of your consent does not affect the legitimacy of the processing that occurred based on your consent until the withdrawal. We inform you of this before you grant your consent.
You can find information as to whether an instance of processing is based on Article 6 paragraph 1 point (a) or Article 9 paragraph 2 point (a) of the GDPR in the information regarding the legal basis of processing in Section "HOW THE PERSONAL DATA IS USED"of this Privacy Policy.
As a data subject, you have a right to lodge a complaint with a supervisory authority under the conditions provided in Article 77 of the GDPR, which can be accessed using the following link: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679.
You may find the contact details of your local supervisory authority in EU member states on the website of the European DataProtection Board: https://edpb.europa.eu/about-edpb/board/members_en
You may exert your above-mentioned rights by contacting us at privacy@lumiunited.com, and we will respond to your request within timeframe set out under your applicable data protection laws.
Our services are restricted to individuals who are 18 years of age or older. We do not permit individuals under the age of 18 on our platform.We consider it the responsibility of parents to monitor their children's use of our products and services. Nevertheless, it is our policy not to require personal data from minors or offer to send any promotional materials to persons in that category.
Lumi Company does not seek or intend to seek to receive any personal data from minors. Should a parent or guardian have reasons to believe that a minor has provided Lumi Company with personal data without their prior consent, please contact us to ensure that the personal data is removed and the minor unsubscribes from any of the applicable Lumi Company's services.
We keep our Privacy Policy under regular review and may update this Privacy Policy to reflect changes to our information practices. If we make material changes to our Privacy Policy, we will notify you by email (sent to the e-mail address specified in your account) and post the changes on all the Lumi Company's websites or through our software, so that you may be aware of the information we collect and how we use it. Such changes to our Privacy Policy shall apply from the effective date as set out in the notice or on the website.
You can contact our Data Protection Officer (DPO) at:
Lumi United Technology Co., Ltd
c/o Data Protection Officer
Room 801-804, Building 1, Chongwen Park, Nanshan iPark, No. 3370, Liuxian Avenue, Fuguang Community, Taoyuan Residential District,Nanshan, Shenzhen, China
Email: privacy@lumiunited.com
We also appointed a representative in the EU according to Art 27 GDPR. You can contact our representative at:
GDPR-Rep.eu
Maetzler Rechtsanwalts GmbH & Co KG
c/o Lumi United Technology Co., Ltd
Schellinggasse 3/10,1010 Vienna, Austria
Please add the following subject to all correspondence: "GDPR-REP ID: 13345230"
https://gdpr-rep.eu/q/13345230
If you have any comments or questions about this Privacy Policy or any questions relating to Lumi Company's collection, use or disclosure of your personal data, please contact us at the address below referencing "Privacy Policy":
Lumi United Technology Co., Ltd
Room 801-804, Building 1, Chongwen Park, Nanshan iPark, No. 3370, Liuxian Avenue, Fuguang Community, Taoyuan Residential District, Nanshan District, Shenzhen,China
Email: privacy@lumiunited.com
Thank you for taking the time to understand our Privacy Policy!