SERVICE: Shelly Cloud (the Application) available at https://shelly.cloud/cloud-connected/ , the Website https://shelly.cloud/ and any Device for distant control of the home, branded Shelly TM (the Device), referred hereinafter jointly as “the Services”.
DATA PROCESSOR and DATA CONTROLLER:
ALLTERCO ROOTICS EOOD, UIC: 202320104 as a Data Controller is a Bulgarian registered company, with registered office at Blvd. Bulgaria 109, floor 8, 1404 Sofia, Bulgaria (referred hereinafter as ALLTERCO)
ALLTERCO ROBOTICS EOOD, UIC: 202320104 is registered administrator of personal data with № 418975 in the Register of the Commission for Personal Data Protection.
When the Services are provided under the brand of a mobile operator ALLTERCO has the capacity of Data Processor, whereas the mobile operator is Data Controller.
By proceeding to use the Services or (where available) by the registration to use any of them, the User confirms that he/she has read, understood and accepted this Privacy Policy in its entirety and grants the Controller and the Processor permission to process his/her personal data that the User has provided in accordance with the provisions of this Privacy Policy. We therefore advise you to read it carefully.
Although you are not under any obligation, failure to provide your data for the purposes said hereunder may cause the impossibility to provide in whole or in part the services requested.
DEFINITIONS
“User” shall mean any natural person using either of the Services.
“Services” shall mean Shelly Cloud Application (the Application) available at https://shelly.cloud/cloud-connected/ , the Website https://shelly.cloud/ (“the Website”) and any Device for distant control of the home, branded Shelly TM (the Device).
“Personal Data” shall mean any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
"Location data" means any data processed in an electronic communications network, indicating the geographic position of the terminal equipment of a User of a publicly available electronic communications service;
“processing of personal data“ shall mean any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction;
DATA processed through the Services
During the use of the Services, Personal Data are processed by the Data Controller / the Data Processor. The data processing is performed with the beforehand approval of the User. By using the Services, the User agrees to comply with this Privacy Policy and the applicable law and grants the Data Controller/the Data Processor the permission to process User’s personal data in accordance with the provisions of this Privacy Policy and applicable law.
Personal data
Personal data may include any information related to the User such as name, e-mail address, MSISDN (mobile number) and any other personal information submitted personally by the User.
Personal data may be automatically collected or submitted personally by the User.
Personal data is automatically collected by using the Services. By using either of the Services the User grants the Data Controller/the Data Processor the permission to process User’s personal data in accordance with the provisions of this Privacy Policy and the applicable law. The processing of personal identification information may happen but is not limited to cases such as visiting the Website, registration, placement of a purchase order, downloading and installation of the Application, subscription for a newsletter, filling of an on-line survey or other forms of inquiries all activities in connection with other services, features or resources we make available.
Location-based information
Location-based information could be automatically collected if the location service of the mobile device of the User used for access to the Service is turned-on. The User may disable the location-based data collection by using the settings of his/her device.
Non-personal information
Non-personal information such as IP host address, device-specific identifiers, computer or smartphone configurations, pages viewed, time and usage habits of the Services, identifiers of the and other similar data is automatically collected. It is possible at times when collecting non-personal information through automatic means that the Services may unintentionally collect or receive personal information that is mixed in with the non-personal information. While reasonable efforts to prevent such incidental data collection are made, such possibility still exists. If personal information is inadvertently collected, it will not be used intentionally, as if it has been collected with consent. The Services may also aggregate demographic (such as the number of Users in a particular country) and other information (such as time of activation, use of functionalities) collected from the Services’ Users in a manner, which does not identify any one individually. This information will be used for marketing analysis, run contests, surveys and improvement of features and optimization of the Services.
Device information
The Services need access to a public or local wifi network through which the Device on which the Application is installed connects to other Devices. The User needs to permit this access otherwise we won’t be able to provide him/her the full functionality of the Services. By using the Services it is possible that we collect information related to the Device, where the Application is installed and through which the Service is accessed including related to
Notifications
By using the Service you may receive service messages (notifications) that could be related to certain functionalities of the Service, marketing and promotional activities, application updates and others. The User may disable the notificationd by using the settings of his/her device and the setting of the Application.
Google Account / Amazon Account
The Application is available for download and installation through Google Play. For using certain features of the Service (such as voice commands) there might be necessary for the User to download and install Google Home (available on Google Play) or Alexa (available in Amazon). By downloading and using the Application including through Google Home or Alexa you agree that personal information from your Google (Home) and Amazon Account might be accessed and processed. Any such information shall be used only for the purposes of providing you with the functionalities of the Application and its updates.
Log information
By the use of the Services log information is collected. That information includes, among other things:
details about how the User has used the Services;
device information, such as User’s web browser type and language, type and model of the Device;
access times;
pages viewed;
IP address;
identifiers associated with cookies or other technologies that may uniquely identify your device or browser;
USE of the Personal Information:
The Personal Data may be used for:
providing the Services and their functionalities to the User;
responding to Users’ inquires or requests;
sending information about the Services (such as direct marketing, maintenance or security information);
processing and deliveries of purchase orders;
improvement of the Services and personalized User experience;
sending a limited number of offers for additional products and services that may be of interest for the User;
permitting subcontractors to perform Service related activities, provided they are under an obligation of confidentiality and do not use the information for their own benefit without the prior explicit consent of the User;
complying with applicable law or legal process;
investigating suspected fraud, harassment, danger to persons or property or other violations of any law, rule or regulation, or the terms or policies for the Services or such of Controller’s/Processor’s business partners with which the User has committed to comply;
transfer of information in connection with the sale or merger or change of control of the Controller/Processor or the division responsible for the services with which the Personal Data is associated;
sharing non-personal or de-identified information with any number of parties, including analytics companies, technology providers and other business partners; or combine it with data from other sources outside of the use of the Services, such as data obtained from Wi-Fi access points;
COOKIES
“Cookies” are pieces of information that may be placed on a User’s device by a service for the purpose of facilitating and enhancing the communication and interaction with that service. To the extent possible depending upon the device used by the User, the Service may use cookies (and similar items such as clear gifs, web beacons, tags, etc.) to customize the User’s experience, to make User’s access to the Application more convenient or to enable the enhancement of the Services. The Services may also use and place cookies on a User’s device from third parties in connection with the Services, such as an analytics provider that helps to manage and analyse the Services usage. The User may stop or restrict the placement of cookies on certain devices or flush them from a browser by adjusting the web browser preferences, in which case the User may still use the Services, but it may interfere with some of its functionalities. Cookies and similar items will not be used to automatically retrieve personal information without the User’s knowledge. Cookies are device and browser specific, so if the User makes a change to the User’s environment a cookie may be reinstalled.
THIRD Parties
Personal Data provided for the purposes outlined here above shall be processed - both with or without electronic means by subjects dully appointed by the Data Controller. In particular, for the above mentioned purposes the User’s data may be communicated to the following subjects:
Providers of the Service or provider of Internet which make possible the use of the Service;
Curriers in charge of the delivery of gifts related to marketing and promotional activities;
Consultants in charge of the setting up, managing and updating hardware and software of the Application or the Data Controller’s/Processor’s hardware and software for the provisions of the Services;
Public or private entities, individuals or legal entities, if the data communication results necessary or appropriate to the correct accomplishment of the contractual obligations undertaken and as permitted by the law;
Public authorities in fulfilment of legal obligations for provision of information within the limits required by the law;
Third parties as part of a merger or acquisition related to the Data Controller/Data Processor;
Affiliates of the Data Controller/Data Processor;
Subcontractors and/or business partners (distributors, agents, mobile operators) involved in the delivery of the Shelly Services under the conditions of specific agreements for the purposes of providing the Shelly Services – processing and execution of purchase orders and deliveries, analysis of data and information with regard to the services, research and analysis of sales and marketing of the Device under the condition of strict non-disclosure agreements and in compliance with the legal requirements;
SECURITY
The Data Controller and the Data Processor are using reasonable efforts to protect the Service from unauthorized access. The Data Controller and the Data Processor shall practice appropriate data collection, storage and protection practices and takes necessary security measures to prevent un-authorized access, alteration and disclosure of personal information. However, due to the inherent open nature of the Internet and wireless communications, no guarantee can be provided that the Personal Data will be completely free from unauthorized access by third parties, as when transferred over or through systems not within the exclusive control of the Data Controller or the Data Processor. The use of either of the Services demonstrates the User’s assumption of this risk. The Data Controller and the Data Processor shall put in place reasonable physical, electronic, and managerial procedures to safeguard the information collected. Only those employees who need access to the Personal Data in order to perform their duties are authorized to have access to the Personal Data whereas these employees are committed to non-disclosure obligations on the ground of their employment relation with the Data Controller / Data Processor.
DATA Retention
Personal information shall be retained for as long as it needed for providing the Services after which these could be processed only as de-personalized.
Non-personal information shall be retained for as long as there is business need for providing the Services.
RIGHTS of the User
The User has the right to obtain from the Controller, at any time, without delay:
information of her/his personal data processed, the purposes for its processing and the persons to whom personal data may or have been communicated;
suspension of the data processing, update, correction or integration of personal data the confirmation of the existence or non-existence of hi/her personal data, even if it is not yet recorded, and its communication in a intelligible form;
cancellation, transformation into an anonymous form or the blockage of his/her personal data if processed in breach of the law, including data deemed unnecessary for the purposes for which the data was collected or subsequently processed
The User is entitled to totally or partially oppose to:
the processing of personal data for valid reasons, even if pertinent to the purpose of collection;
the processing of personal data for purposes of advertisement or direct marketing, or if used for the purposes of market surveys or commercial communications.
The User may unsubscribe or opt-out from receiving future messages by sending a request to the following e-mail: support@shelly.cloud and the Data Processor/Data Controller shall process the request within a reasonable time after receipt. However, neither the Data Controller nor the Data Processor shall be responsible for removing the Personal Data from the lists of any third party who has been previously provided with Personal Data in accordance with this Privacy Policy and/or the User’s consent. The User shall contact such third parties directly.
OTHER SERVICES
As a convenience to the User, the Controller may provide links to third party services within the Services. Neither the Controller nor the Processor shall be responsible for the privacy practices or content of these third party services and such links should not be construed as an endorsement of any such third party services. When the User links away from the Services, the User does so at his/her own risk.
CHANGES to this Privacy Policy
ALLTERCO ROOTICS EOOD reserves the right, at its own discretion, to change, modify, add, or remove portions from this Privacy Policy at any time. ALLTERCO ROOTICS EOOD shall post such changes in the Application. The User agrees that it is his/her own responsibility to check periodically for such changes (to inform himself/herself regarding changes)
However, if at any time in the future the ALLTERCO ROOTICS EOOD plans to use Personal Data in a way that materially differs from this Privacy Policy, such as sharing such information with more third parties, the ALLTERCO ROOTICS EOOD shall post such changes at in the Application and provide the User with the opportunity to opt-out of such differing uses. The User’s continued use of either of the Services following the posting of any changes to this Privacy Policy means the User accepts such changes.
PRIVACY LAW
ALLTERCO ROOTICS EOOD servers are maintained in Bulgaria, European Union. By using either of the Services, the User freely and specifically provides his/her consent to his/her Personal Data to be collected, processed, stored and used in Bulgaria, according to the Bulgarian law, as specified in this Privacy Policy. The User understands that the data stored may be subject to lawful requests by the courts or the law enforcement authorities.
CONTACT
For questions or concerns related to privacy, the Data Controller and the Data Processor can be contacted as follows:
|
Data Controller e-mail: support@shelly.cloud Blvd. Bulgaria 109, floor 8, 1404 Sofia, Bulgaria |
OTHER TERMS
This Privacy policy could be available in multiple languages. In case of inconsistency, the Bulgarian version shall prevail.
For all outstanding with the current Privacy policy questions, the active Bulgarian legislation shall apply.