PRIVACY STATEMENT
Protecting the personal privacy of every customer, vendor,
and employee is a crucial part of gaining and keeping your trust in Qingdao
Haier Technology Co., Ltd. (us). As a global operating organization, we
strive to provide a high level of privacy protection across all of our
businesses and services.
This Statement does not apply to third-party applications,
products, services, websites or social media features that may be accessed
through links that we provide on our Apps. Accessing those links may result in
the collection of information about you by a third party. We do not
control or endorse those third-party websites or their privacy practices.
We encourage you to review the privacy policies of such third parties before
interacting with them.
Please read this Statement carefully. When using our
services that link to or reference this Statement, you agree to be bound by the
terms and conditions of this Statement.
Your personal data – what is it?
Personal data relates to a living individual who can be
identified from that data. Identification can be by the data alone or in
conjunction with any other data in the data controller’s possession or likely
to come into such possession. The processing of your personal data is governed
by applicable privacy laws.
What roles do we play in processing your
data?
We are the data controller who either
alone or jointly or in common with other persons processes any personal data or
has control over or authorizes the processing of any personal data. This means
that we decide how your personal data is processed and for what purposes. We know that you care how data about you is used and
shared, and we appreciate your trust that we will do so carefully and
sensibly.
When are your personal data collected?
Some of your data can, in particular,
be collected by us:
· whenever you register to use our online services and
become our customer;
· whenever you use our services and products;
· whenever you contact us via the various channels we
offer you.
Our collection of personal data
The personal data we collect include any and all data you
provide to us when you enter into contract with us, register an account with
us, use our Apps or add information to your account, or give us in any other
way. You can choose not to provide data to us, but we may then not be able to
service you where such services require processing such data. We use the data that
you provide for purposes administering your use of our services, such as
communicating with you, responding to your requests, managing your account,
customizing your service experience with us and improving our products and
services. We may communicate with you by mail, email or telephone. We
will send you strictly service-related announcements or information on rare
occasions when it is necessary to do so.
Examples of the data we collect and store include:
When you register to be our user, we
collect data you entered, including Email address, nation, photo, nick name.
When you use our Apps, we collect
information including:
· Device information:
hardware device Mac address, device information (device operating information
and running state), device type, device unique identifier;
· Other personal
information related to personalized services: problem feedback, information on sleeping
curve setting, device room information.
All the data we collect from you may be stored as log files
in our server or as augmented information associated with you or your devices.
These log files are used for analysis, research, auditing, and other purposes.
Your data is stored in log files until the data is transferred to backup
databases or related texts. We routinely back-up a copy your data to prevent
loss of your data in case of a server breakdown or human error. However, all
such copies of your data in our backup database will be retained only for as
long as our data retention policy permits (see “How long do we keep your
personal data?” below), and will in any case be deleted immediately upon
your request.
How do we process your personal data?
We comply with our obligations under applicable privacy
laws by keeping personal data up to date; by storing and destroying it
securely; by collecting and retaining only the necessary data that we need to
service you; by protecting personal data from loss, misuse, unauthorized access
and disclosure and by ensuring that appropriate technical measures are in place
to protect personal data.
The processing operations we perform on your data cover
automated and non-automated means of collecting, recording, organizing,
structuring, storing, altering, retrieving, using, transmitting, disseminating
or otherwise making available, aligning or combining, restricting, and/or
erasing your data. We will not remotely
access your appliance unless it is necessary for the safety of your appliance.
We use your personal data for the following purposes:
· To design and deliver our services and activities to
you.
· To operate our Apps to provide you access to and use of
our services.
· To provide services and products requested by you as
described when we collect the information.
· To contact you to conduct research about your opinions
of current services and products or of potential new services and products that
may be offered by us.
· To share your contact details with
our affiliate offices around the world within our group companies, for the
purposes of internal administration and back-office support, to ensure our
network security, and to prevent fraud.
· To maintain the integrity and safety
of our data technology systems which store and process your personal data.
· To provide anonymous reporting for internal and external
customers.
· To provide you with location based personalized services
(such as leave and back home function).
· To enforce or defend our policies or contract with you.
· To detect and investigate data breaches, illegal
activities, and fraud.
What is our lawful basis for processing your personal
data?
In general, the lawful bases for us to process your
personal data for the various types of processing performed on your data
(please refer to “How do we process your personal data?” section
of this Statement) is, as applicable, processing
based on your consent, as necessary for us to enter into and to perform our
contract with you, or as necessary to
pursue the legitimate interest of our company or of third parties.
We will collect, process and use the personal data
supplied by you only for the purposes communicated to you and will not disclose
your data to third parties except under the circumstances of data disclosure
described in the “Sharing your personal data” section below.
Where
we talk about our legitimate interest or that of third parties, such legitimate
interest can include:
· Implementation and operation of a
group-wide organizational structure and group-wide information sharing;
· Right to freedom of expression or
information, including in the media and the arts;
· Prevention of fraud, misuse of company IT
systems, or money laundering;
· Operation of a whistleblowing scheme;
· Physical security, IT and network
security;
· Internal investigations; and
· Proposed mergers and acquisitions
Necessity to provide us data
If you do not register the APP, you can still use the
basic functions of home appliances. You are not under any obligation to provide
us any personal data. As noted below, the choice is yours. However,
please note that without certain data from you, we may not able to undertake
some or all of our obligations to you under our service contract with you, or
adequately provide you with our full range of services. If you would like
to obtain more detail about this, please contact us following the instructions
in the “Whom should I contact” section below.
Sharing your personal data
Your personal data will be treated as strictly
confidential, and will be shared only with the categories of data recipients
listed below. We will only share your data with third parties outside of
the company with your consent, and you will have an opportunity to choose for
us not to share your data.
We may disclose your personal data to:
· our affiliated entities within our global group of
companies worldwide and authorized employee to provide you services such as
facilitating order processing and shipping, for internal administration
purposes, to detect and deal with data breaches, illegal activities, and fraud,
and to maintain the integrity of our information technology systems.
· Azure provides us with infrastructure services, in
addition to this, we have no other subcontractors. · governments and/or government-affiliated institutions,
courts, or law enforcement agencies, to comply with our obligations under
relevant laws and regulations, enforce or defend our policies or contract with
you, respond to claims, or in response to a verified request relating to a
government or criminal investigation or suspected fraud or illegal activity
that may expose us, you, or any other of our customers to legal liability;
provided that, if any law enforcement agency requests your data, we
will attempt to redirect the law enforcement agency to request that data
directly from you, and in such event, we may provide your basic contact
information to the law enforcement agency.
· third parties involved in a legal proceeding, if they
provide us with a court order or substantially similar legal procedure
requiring us to do so.
We may provide you with opportunities to connect with third
party applications or services. If you choose to use any such third party
applications or services, we may facilitate sharing of your information with
your consent. However, we do not control the applications or services of those
third parties or how they use your information, and your use of such applications
and services is not governed by this Statement. Please review the terms and the
privacy policies of those third parties before using their applications or
services.
We will display your personal data and account activity in
your profile page and elsewhere on our service portals according to the
preferences you set in your account. You can review and revise your profile
information at any time. Please consider carefully what information you
disclose in your profile page and your desired level of anonymity. In
your profile page, we will also display your device information as well as
provide the network connection information for the devices to the applications
that connect to your devices.
How long do we keep your personal data?
We keep your personal data for no longer than reasonably
necessary for the given purpose for which your data is processed. If you
will provide us, or have provided us, consent for us to process your data, we
will process your data for no longer than your consent is effective. Notwithstanding
the above, we may retain your personal data as required by applicable laws and
regulations, as necessary to assist with any government and judicial
investigations, to initiate or defend legal claims or for the purpose of civil,
criminal or administrative proceedings. If none of the above grounds for
us to keep your data apply, we will delete and dispose of your data in a secure
manner according to our data protection policy.
Privacy of data subjects under the age of 16
Our products and services are not targeted to persons under
the age of 16. We do not knowingly collect or process personal data from
persons under the age of 16. Please note that if you are under the age of 16,
you will need to provide us a written signed consent from your parent or
guardian indicating that your parent or guardian has consented for us to
process your data and send us the consent through contact information provided
from the section of “Whom should I contact?”
Your rights and your personal data
Unless subject to an exemption under applicable privacy
laws, you have the following rights with respect to your personal data:
· The right to request a copy of your personal data which we hold about you.
· The right to request that we correct any personal data if it is found to be inaccurate or out of date.
· The right to request to
erase your personal data where it is no longer necessary for us to retain such
data, except we are not obliged to do so if we need to retain such data
in order to comply with a legal obligation or to establish, exercise or defend
legal claims.
· The right to withdraw your consent to the processing at
any time, if and where we rely on your consent to process your data. This
includes cases where you wish to opt out from marketing communications that you
receive from us.
· The right to request that we provide you with your data
and where possible, to transmit that data directly to another data controller,
where the processing is based on your consent or is necessary for the
performance of a contract with you.
· The right
to restrict our processing of your personal data where you believe such data to
be inaccurate, our processing is unlawful; or that we no longer need to process
such data for a particular purpose unless we are not able to delete the data
due to a legal or other obligation or because you do not wish for us to delete
it.
· The right to object to us using your personal data, where the
legal justification for our processing of your personal data is our legitimate
interest. We will abide by your request unless we have compelling legitimate
grounds for the processing which override your interests and rights, or if we
need to continue to process the data for the establishment, exercise or defense
of legal claims.
· The right to lodge a complaint regarding
our processing of your data, with the competent authority where you reside or in which
your data is processed.
If you would like to exercise any of the above rights,
please do so by providing your request to the contact window set forth in the “Whom
should I contact” section.
After receiving your request, we will evaluate your request
and inform you how we intend to proceed on your request. Under certain
circumstances in accordance with applicable privacy laws and regulations, we
may withhold access to your data, or decline to modify, erase, port, or
restrict the processing of your data.
Please be advised that if you exercise the rights to erase
data, restrict or object to our processing, or to withdraw your consent, we may
not be able to continue our services to you if the necessary data is missing
for processing.
Transfer, Storage, and Processing of Data Abroad
As noted in the “Sharing your personal data” section
of this Statement, as a part of a globally operating company, we may share your
information with our affiliate companies or third parties. Please
refer to the “Sharing your personal data” section of this Statement for
the recipients of your data and the reasons for our provision of your data to
them. Where such entities are located in other countries and jurisdictions, we
will therefore be transferring your personal data outside of the European
Economic Area, but such data transfers only occurs
in very occasional and very necessary circumstances, such as to protect the
security of your appliances. In making such data transfers, we make
sure to protect your personal data by applying the level of security required
by applicable privacy laws. Where we transfer your data to a country or
jurisdiction that cannot guarantee the required level of protection as required
by applicable privacy laws, we have enhanced our IT security measures and have
entered into Standard Contractual Clauses with the transferee to require
security obligations on the transferee, both of which are intended to increase
the protection of your personal data.
Further processing
If we wish to use your personal data for a new purpose not
covered by this Statement, then we will provide you with a new notice
explaining this new use prior to commencing such further processing for a new
purpose, setting out the relevant new purpose and processing conditions.
In such case, we will find a lawful basis for further processing, and
whenever necessary we will seek your prior written consent to such further
processing.
Security
We protect your data using technical measures to minimize
the risks of misuse, unauthorized access, unauthorized disclosure, loss or
theft, and loss of access. Some of the safeguards we use are data
pseudonymization, data encryption, firewalls, and data access authorization
controls. We take our data security very seriously. Therefore, the security
mechanisms used to protect your data are checked and updated regularly to
provide effective protection against abuse.
The information we collect are usually encoded. Moreover,
we have put in place additional and comprehensive state-of-the-art security
measures when your data are accessed via the internet. Firewalls prevent
unauthorized access. Diverse encryption and identification layers protect your
data from intrusion or disclosure to third parties during data transfer.
Moreover, an electronic identifier is generated during data transfer to
safeguard your information.
For your confidentiality and security, we use ID and
password to secure your personal information. It is important for you to
protect your ID, password, or any personal information. Do not disclose your
personal information (especially password) to anyone. When you are finished
using our services, please do not forget to log out from your account.
Despite our best efforts, however, security cannot be
absolutely guaranteed against all threats. If you believe that the security of
your data has been compromised, or if you like more information on the measures
we use to protect your data, please contact us following the instructions in
the “Whom should I contact” section below.
What are your choices?
You have the choice to allow us to collect and process your
data. The collection and processing of your personal data is
neither a statutory nor a contractual requirement, although as noted above, we
will be unable to provide you with certain services without the data necessary
for such services purposes.
You can always choose not to provide your data to us,
although we may need such data to process your requests, in which case we will
inform you of our constraints.
To the extent that you have consented to our processing of
your data, you can choose to discontinue our processing at any
time.
You can choose to request from us a copy of the personal
data we store and process regarding you.
You can choose to add or update data that you have provided
to us.
You can choose to erase your data, or you may choose to
restrict our processing of your data instead.
You can choose to port your data to a third party under
conditions stated above.
You can choose to object to our processing of your data.
Your choice or request on any aspects of data processing
listed above can be communicated to us using the channels set forth in the “Whom
should I contact” section of this Statement.
In summary, what we are allowed to do with your data is,
with limited exceptions under applicable privacy laws, up to you. However, in
the event that you choose for us not to further process your data, such choice
may affect the delivery of our obligations or services to you; in this
situation, we will inform you of our constraints.
Change to our Privacy Statement.
We keeps this Statement
regular review and update . Please check it time to time otherwise it deemed to
be agreed upon.
Whom should I contact?
If you have any question about this Statement, or if you
would like to exercise any of your rights, or if you have any complaints that
you would like to discuss with us, please in the first instance send us signed
and dated request, together with a copy of your identity card. Please be as
accurate as possible:
by post to
Qingdao Haier Technology Co., Ltd.
Information Security Manager
[Pingban
Building, Haier Industrial Park, Laoshan District, Qingdao, China]
or
by e-mail to
[privacypolicy@haier.com]
DPO: Zhuwenjun
To comply with the General Data Protection
Regulation (2016/679) we have appointed a European representative. If you wish
to contact them, their details are as follows:
Bird & Bird GDPR Representative Services
Ireland
Deloitte House
29 Earlsfort Terrace
Dublin 2
D02 AY28
EUrepresentative.Haier@twobirds.com
Key Contact: Vincent
Rezzouk-Hammachi
In case of
disagreements relating to our processing of your personal data, you can submit
a request for mediation or other administrative action to the data protection
supervisory authority with the competent authority where you reside or in which
your data is processed. Please click here for a list of local data
protection authorities in EEA countries: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.