1.COLLECTION OF INFORMATION
Our collection of information will be based on your interaction with us and the choices you have made, including your privacy settings and the products and functions you use. The information we collect from you may cover the SDK/API/JS version, software version, browser, Internet Service Provider (ISP), IP address, platform, timestamp, application identifier, application program version, application distribution channel, device’s unique identification code, iOS Advertising Identifier (IDFA), Android advertiser identifier, MAC address, International Mobile Equipment Identity (IMEI), device model, terminal manufacturer, terminal OS version, start/time of session, language location, time zone and network status (e.g. Wi-Fi),as well as the usage of hard disk, CPU and battery. Personal data that are collected for creating an eWeLink Account may include your email address or mobile phone number, device related information (e.g. IMEI number) and various location related information (e.g. location area code, mobile network and country codes).
We may collect information during the following procedures
·Set up and log in of eWeLink Account. Personal data that are collected for creating an eWeLink Account may include your email address or mobile phone number, device related information (e.g. IMEI number) and various location related information (e.g. location area code, mobile network and country codes).
·Purchasing your eWeLink products. When you make purchases through the eWeLink e-commerce website, we may collect your eWeLink Account ID (or mobile phone number or email addressed used to create your eWeLink Account), name, phone number, delivery address, order details, etc. eWeLink provides logistics services to deliver the products purchased on the e-commerce website. eWeLink has an after sales system to handle after sales related matters as well as an after sales centre for walk-in support services for users. When you use these services, we may also collect the order number, invoice date, list of purchased items and your contact details in order to process the services.
·User feedback. When you submit a user feedback through the eWeLink app, we may collect information on the list of devices registered in your account, as well as related device operation information and device information.
·Syncing eWeLink device data. When you synchronise the eWeLink device data, e.g. to eWeLink device Cloud Service, we may collect data relating to your activities and functionalities of eWeLink device, such as those obtained from our sensors and features on eWeLink device, your sleeping patterns, movement data and smart alarm related information.
·Processing the services. In providing the above services, we may also collect data in relation to your device, including your eWeLink device ID, firmware version, device OS version, model and system, and visiting IP and time.
2.USE OF PERSONSAL DATA
Products improvement. We use data to improve our products continuously, including adding new functions and increasing capacity. For example,
·To provide you with our products and services, processing your orders, performing contractual obligations between you and us, to ensure the functions and safety of our products, to verify your identity, to prevent and trace fraudulent or inappropriate usage
·To develop our products and services, together with general and statistical information
·To communicate with you, including providing you with notifications on products and services that are updated or launched
·To provide marketing and promotional materials to you on our products and services (please note that you may unsubscribe anytime)
·To personalise product design and to provide you with services tailored for you, for example, recommending and displaying information and advertisements regarding products suited to you, and to invite you to participate in surveys relating to your use of eWeLink device
·To conduct investigations regarding our products and services
·If you participate in our lottery, contest or other promotions, we may use your personal data to manage such activities
·To provide maintenance services, monitor software licenses, to improve our products or analyse the efficiency of our operations
When you use our services or functions that are based on location information, e.g. adding eWeLink devices, we may collect your geographical information.
·When you use the Internet browser in using our products and services, we may collect log information, e.g. IP address, browser type, language, reference source, operating system, date and time marking and click rate data.
3.SHARING OF PERSONAL DATA
To perfect our products for better service, we may share your personal data with our service providers or agents for purposes stipulated in this policy. For example, our data analysis service provider may collect and access personal data for statistics and analysis. In the context, these companies must conform to our data privacy and safety requirements.
Who do we share your information with?
Disclosure may include the scenarios listed in this section below. In each case described in this section, you can be assured that eWeLink will only share your personal data in accordance with your consent. You should know that when eWeLink shares your personal data with a third party under any circumstance described in this section, eWeLink will ensure that the third party is subject to practices and obligations to comply with the relevant data protection and privacy laws of your country. eWeLink will contractually ensure compliance by any foreign Third Party Service Providers with the privacy standards that apply in your home jurisdiction.
Disclosure to eWeLink group companies and Third Party Service Providers
·In order to conduct business operations smoothly, the eWeLink entity which collects your personal data may disclose your personal data from time to time to other eWeLink group companies (in communications, social media, technology or cloud business), or our third party service providers which are our mailing houses, delivery service providers, telecommunications companies, data centres, data storage facilities, and customer service providers, agents, related corporations, and/or other third parties (together “Third Party Service Providers”). Such Third Party Service Providers would be processing your personal data on eWeLink’s behalf or for one or more of the purposes listed above.
·Personal data will only be shared by eWeLink to provide or improve our products or services and will not be shared for use for marketing purposes.
Disclosure to others
eWeLink may disclose your personal data without further consent if required or permitted by law in the following cases:
·cases in which the disclosure is required or authorised based on the applicable laws and/or regulations;
·cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of the individual or another individual;
·cases in which the disclosure is necessary for the prevention of crime or legal proceedings;
·cases in which the purpose of such disclosure is clearly in the individual’s interests, and if consent cannot be obtained in a timely way;
·cases in which the disclosure is necessary for any investigation or proceedings;
·cases in which the disclosure is to any officer of a prescribed law enforcement agency upon production of written authorisation signed by the head or director of that law enforcement agency, or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer; and/or
·cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest.
Information Not Requiring Consent
•We may share anonymised information and statistics in aggregate form with third parties for business purposes, for example with advertisers on our website, or we may tell our business partners the number of customers in certain demographic groups who purchased certain products or who carried out certain transactions.
•For the avoidance of doubt, in the event that we are permitted by law to collect, use or disclose your personal data without your consent, such permission granted by the law shall continue to apply.
4.LEGAL BASIS FOR DATA PROCESSING
In some cases, you may need to provide us with your personal data for the above-mentioned purposes, in order for us to offer the full range of services and to facilitate the usage of all functions on our website.
5.INTERNATIONAL TRANSFERS OF PERSONAL DATA
Our business may call for transfer of personal data to countries outside the European Economic Area, including China or Singapore. Appropriate measures shall be taken to ensure that receivers of your personal data stick to their confidentiality obligations and we make sure that we carry out measures such as standard contract terms. Contact our support centre to find out about these terms.
According to applicable laws, you have the right to object to or request limitations on our processing of your personal data, and to ask for access, correction, deletion and portability of your data.
We may only use your information based on your consent. You are entitled to withdrawal your consent at any time; however, it does not affect the legitimacy for us to process the data we have collected with your permission prior to your withdrawal.
You may also send email to firstname.lastname@example.org to make requests on the processing of your personal data.
In case you find changes or inaccuracies in your information, please notify us of the changes so that we can update or correct the records. If you find that our practices in relation to your personal data have breached certain laws applicable, you have every right to file complaints to the regulatory authority.
The duration of data retention will be determined by the services or products that you have requested, or by the provisions or approval of applicable laws, such as tax law and accounting law.
7.INFORMATION SAFETY SAFEGUARDS
We are committed to ensuring that your personal data is secure. In order to prevent unauthorised access, disclosure or other similar risks, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect. We have put in place the following security procedures and technical and organisational measures to safeguard your personal data:
·Your personal data is stored on secure servers that are protected in controlled facilities.
·All data saved in the back-end is classified into different levels based on the importance and sensitivity of the data, e.g. whether the data contains personal data.
·In the data centres, clusters that contain sensitive data are grouped together in the network topology, and will be placed in rooms with additional physical security protection.
·Data exchanged between eWeLink devices and servers are encrypted using Secure Sockets Layer (“SSL”).
·There is an optional two-step verification process when users access their eWeLink Account.
·There is regular review of information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
·Access is restricted to eWeLink employees and Third Party Service Providers who need to know that information in order to process it, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet such obligations.
·There are also access controls for all server clusters used for cloud-based data storage and process.
·Most data used for eWeLink’s products and/or services is stored in a storage system. By using column family based access control mechanism, eWeLink employees are only allowed access to the data column families they are granted access to.
Information safety is very important to us. We will take all practicable steps to safeguard your personal data. Through our protective measures above, especially encrypted storage and transmission, your data is as secure as it can be. Certain details of encrypted data cannot be accessed by anyone except by you.