Privacy Legal

So you have purchased our eWeLink device hardware and are starting to use the eWeLink device software and all its functionalities! Any information you share with us (e.g. for creating an eWeLink Account) will help us to provide you with services related to eWeLink device and to improve them to make them even better. We explain here our ways of collecting and using information, and how we protect your privacy. In this privacy policy, “personal data” means information that can be used to identify an individual, either from that information alone, or from that information and other information we have access to about that individual. We collect both personal and non-personal data to enable and facilitate the best user experience possible.

We keep our Privacy Policy under regular review. If we change our Privacy Policy, we will post the changes on all the eWeLink websites, so that you may be aware of the information we collect and how we use it. Such changes to our Privacy Policy shall apply from the time that we post the same on the eWeLink websites. Your continued use of products and services on the websites, mobile phones and/or any other device will be taken as acceptance of the updated Privacy Policy. We will seek your fresh consent before we collect more personal data from you or when we wish to use or disclose your personal data for new purposes.

1.COLLECTION OF INFORMATION


Our collection of information will be based on your interaction with us and the choices you have made, including your privacy settings and the products and functions you use. The information we collect from you may cover the SDK/API/JS version, software version, browser, Internet Service Provider (ISP), IP address, platform, timestamp, application identifier, application program version, application distribution channel, device’s unique identification code, iOS Advertising Identifier (IDFA), Android advertiser identifier, MAC address, International Mobile Equipment Identity (IMEI), device model, terminal manufacturer, terminal OS version, start/time of session, language location, time zone and network status (e.g. Wi-Fi),as well as the usage of hard disk, CPU and battery. Personal data that are collected for creating an eWeLink Account may include your email address or mobile phone number, device related information (e.g. IMEI number) and various location related information (e.g. location area code, mobile network and country codes).


We may collect information during the following procedures


·Set up and log in of eWeLink Account. Personal data that are collected for creating an eWeLink Account may include your email address or mobile phone number, device related information (e.g. IMEI number) and various location related information (e.g. location area code, mobile network and country codes).


·Purchasing your eWeLink products. When you make purchases through the eWeLink e-commerce website, we may collect your eWeLink Account ID (or mobile phone number or email addressed used to create your eWeLink Account), name, phone number, delivery address, order details, etc. eWeLink provides logistics services to deliver the products purchased on the e-commerce website. eWeLink has an after sales system to handle after sales related matters as well as an after sales centre for walk-in support services for users. When you use these services, we may also collect the order number, invoice date, list of purchased items and your contact details in order to process the services.


·User feedback. When you submit a user feedback through the eWeLink app, we may collect information on the list of devices registered in your account, as well as related device operation information and device information.


·Syncing eWeLink device data. When you synchronise the eWeLink device data, e.g. to eWeLink device Cloud Service, we may collect data relating to your activities and functionalities of eWeLink device, such as those obtained from our sensors and features on eWeLink device, your sleeping patterns, movement data and smart alarm related information.


·Processing the services. In providing the above services, we may also collect data in relation to your device, including your eWeLink device ID, firmware version, device OS version, model and system, and visiting IP and time.

2.USE OF PERSONSAL DATA


Products improvement. We use data to improve our products continuously, including adding new functions and increasing capacity. For example,


·To provide you with our products and services, processing your orders, performing contractual obligations between you and us, to ensure the functions and safety of our products, to verify your identity, to prevent and trace fraudulent or inappropriate usage


·To develop our products and services, together with general and statistical information


·To communicate with you, including providing you with notifications on products and services that are updated or launched


·To provide marketing and promotional materials to you on our products and services (please note that you may unsubscribe anytime)


·To personalise product design and to provide you with services tailored for you, for example, recommending and displaying information and advertisements regarding products suited to you, and to invite you to participate in surveys relating to your use of eWeLink device


·To conduct investigations regarding our products and services


·If you participate in our lottery, contest or other promotions, we may use your personal data to manage such activities


·To provide maintenance services, monitor software licenses, to improve our products or analyse the efficiency of our operations


When you use our services or functions that are based on location information, e.g. adding eWeLink devices, we may collect your geographical information.


·When you use our website, online services, interactive applications, email messages and advertising, we may use cookies and other technical elements (e.g. pixel labels) to collect and store non-personal data. These enable us to provide you with a better experience and improve our overall service quality, e.g. in saving your preferred language settings, sending emails in a readable format, to determine whether the emails have been opened or not, etc.


·When you use the Internet browser in using our products and services, we may collect log information, e.g. IP address, browser type, language, reference source, operating system, date and time marking and click rate data.

3.SHARING OF PERSONAL DATA


To perfect our products for better service, we may share your personal data with our service providers or agents for purposes stipulated in this policy. For example, our data analysis service provider may collect and access personal data for statistics and analysis. In the context, these companies must conform to our data privacy and safety requirements.


Who do we share your information with?


Unless we tell you in this privacy policy, we will keep your personal information confidential. We may disclose your personal data on occasion to third parties in order to provide the products or services that you have requested. Some of these third parties may be located outside your home country.


Disclosure may include the scenarios listed in this section below. In each case described in this section, you can be assured that eWeLink will only share your personal data in accordance with your consent. You should know that when eWeLink shares your personal data with a third party under any circumstance described in this section, eWeLink will ensure that the third party is subject to practices and obligations to comply with the relevant data protection and privacy laws of your country. eWeLink will contractually ensure compliance by any foreign Third Party Service Providers with the privacy standards that apply in your home jurisdiction.


Disclosure to eWeLink group companies and Third Party Service Providers


·In order to conduct business operations smoothly, the eWeLink entity which collects your personal data may disclose your personal data from time to time to other eWeLink group companies (in communications, social media, technology or cloud business), or our third party service providers which are our mailing houses, delivery service providers, telecommunications companies, data centres, data storage facilities, and customer service providers, agents, related corporations, and/or other third parties (together “Third Party Service Providers”). Such Third Party Service Providers would be processing your personal data on eWeLink’s behalf or for one or more of the purposes listed above.


·Personal data will only be shared by eWeLink to provide or improve our products or services and will not be shared for use for marketing purposes.


Disclosure to others


eWeLink may disclose your personal data without further consent if required or permitted by law in the following cases:


·cases in which the disclosure is required or authorised based on the applicable laws and/or regulations;


·cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of the individual or another individual;


·cases in which the disclosure is necessary for the prevention of crime or legal proceedings;


·cases in which the purpose of such disclosure is clearly in the individual’s interests, and if consent cannot be obtained in a timely way;


·cases in which the disclosure is necessary for any investigation or proceedings;


·cases in which the disclosure is to any officer of a prescribed law enforcement agency upon production of written authorisation signed by the head or director of that law enforcement agency, or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer; and/or


·cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest.


Information Not Requiring Consent


We may share anonymised information and statistics in aggregate form with third parties for business purposes, for example with advertisers on our website, or we may tell our business partners the number of customers in certain demographic groups who purchased certain products or who carried out certain transactions.


For the avoidance of doubt, in the event that we are permitted by law to collect, use or disclose your personal data without your consent, such permission granted by the law shall continue to apply.

4.LEGAL BASIS FOR DATA PROCESSING


We have introduced the purposes for processing personal data, the legal basis for which include: to execute the contract between you and eWeLink (e.g. to provide you with the services you have requested, to conduct identification and verification, in order for you to use our website); to comply with legal requirements (e.g. to comply with applicable accounting rules, to fulfill the requirement of compulsory disclosure from the law enforcement); to safeguard our legitimate interests (e.g. to manage our relationship with you, to ensure the security of our services, to communicate with you about our products and services); and to build on the consent of our clients (e.g. to use cookies, to share your information with third parties for the purpose of advertising).


In some cases, you may need to provide us with your personal data for the above-mentioned purposes, in order for us to offer the full range of services and to facilitate the usage of all functions on our website.

5.INTERNATIONAL TRANSFERS OF PERSONAL DATA


Our business may call for transfer of personal data to countries outside the European Economic Area, including China or Singapore. Appropriate measures shall be taken to ensure that receivers of your personal data stick to their confidentiality obligations and we make sure that we carry out measures such as standard contract terms. Contact our support centre to find out about these terms.

6.YOUR RIGHTS


According to applicable laws, you have the right to object to or request limitations on our processing of your personal data, and to ask for access, correction, deletion and portability of your data.


We may only use your information based on your consent. You are entitled to withdrawal your consent at any time; however, it does not affect the legitimacy for us to process the data we have collected with your permission prior to your withdrawal.


You may make requests for withdrawal of account or withdrawal of consent to privacy policy at the user centre on our app.


You may also send email to app@coolkit.cn to make requests on the processing of your personal data.


In case you find changes or inaccuracies in your information, please notify us of the changes so that we can update or correct the records. If you find that our practices in relation to your personal data have breached certain laws applicable, you have every right to file complaints to the regulatory authority.


The duration of data retention will be determined by the services or products that you have requested, or by the provisions or approval of applicable laws, such as tax law and accounting law.

7.INFORMATION SAFETY SAFEGUARDS


We are committed to ensuring that your personal data is secure. In order to prevent unauthorised access, disclosure or other similar risks, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect. We have put in place the following security procedures and technical and organisational measures to safeguard your personal data:


·Your personal data is stored on secure servers that are protected in controlled facilities.


·All data saved in the back-end is classified into different levels based on the importance and sensitivity of the data, e.g. whether the data contains personal data.


·In the data centres, clusters that contain sensitive data are grouped together in the network topology, and will be placed in rooms with additional physical security protection.


·Data exchanged between eWeLink devices and servers are encrypted using Secure Sockets Layer (“SSL”).


·There is an optional two-step verification process when users access their eWeLink Account.


·There is regular review of information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.


·Access is restricted to eWeLink employees and Third Party Service Providers who need to know that information in order to process it, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet such obligations.


·There are also access controls for all server clusters used for cloud-based data storage and process.


·Most data used for eWeLink’s products and/or services is stored in a storage system. By using column family based access control mechanism, eWeLink employees are only allowed access to the data column families they are granted access to.


·Please note also that for the above, eWeLink may use overseas facilities operated and controlled by eWeLink to process or back up your personal data. Currently, eWeLink has data centres in Beijing and Singapore. As a result, we may transfer to and store your personal data at our overseas facilities. However, this does not change any of our commitments to safeguard your personal data in accordance with this Privacy Policy.


Information safety is very important to us. We will take all practicable steps to safeguard your personal data. Through our protective measures above, especially encrypted storage and transmission, your data is as secure as it can be. Certain details of encrypted data cannot be accessed by anyone except by you.