Privacy Policy

To provide you with safer and more efficient services, we have added terms for the unified account service in this updated Privacy Policy.

This Privacy Policy applies to the mobile application services that Shenzhen Shuzhi Scene Positioning Technology Co., Ltd. (Registered address: Room 201, Building A, No. 1 Qianhai 1st Road, Qianhai Shenzhen-Hong Kong Modern Service Industry Cooperation Zone, Shenzhen, 518101) and its Affiliates (hereinafter referred to collectively as "Midea" or "we") provide to you and describes how we collect your personal information. We will collect your personal information within a reasonable and necessary scope in accordance with laws and regulations. We will spare no effort to adopt reasonable and effective information security technologies and management processes and take security measures to prevent leakage, damage, or loss of your information. We hope to explain to you through this Privacy Policy how we will protect your personal information.

The Privacy Policy is updated at least every 12 months. The Privacy Policy was updated on June 24, 2026 (V7)

Please read the Privacy Policy in its entirety. If you have any questions about the Privacy Policy, you can contact us via the email address provided herein.

By using or continuing to use our products and services, you agree to the content of the Privacy Policy. If you do not agree to any of the Privacy Policy, please stop using our services immediately.

1. Personal Information Collection

Personal Information” means information that identifies, relates to, describes, or can reasonably be linked, directly or indirectly, to a specific natural person. Depending on your jurisdiction, it may not include information that is anonymized, de-identified, or aggregated. Where applicable, Personal Information includes the terms “Personal data,” “Personally Identifiable Information” and any other equivalent term as defined in the applicable data protection laws. In the Privacy Policy, we also use "data" to represent personal information.

1.1 Circumstances of personal information collection

We will collect your personal information under the following circumstances:

1.2 Scope of personal information collection

Circumstances where you shall authorize us to collect and use your personal information

The purpose of collecting your personal information is to provide you with products and/or services and to ensure that we comply with relevant applicable laws, regulations and other normative documents. You have the right to choose whether to provide the information, but in most cases, if you do not provide the information, we may not be able to provide you with the corresponding services or respond to the problems you encounter.

These services include:

Opt-out method: You may disable survey messages within the app at any time. Path: My Page > Message Center > Message Settings > Disable "Research Messages ". If you are currently engaged in a chat session, you may click "End Chat" on the chat page to terminate usage for the current survey topic.

Public Identity Information: We record your user ID, nickname and avatar to uniquely identify community users, clarify the publisher and ownership of posted content, and display the publisher’s public information on post detail pages, personal homepages, comment sections and other community scenarios.

User-Generated Content (UGC): When you post feeds or comments, we collect the titles, body texts, images, videos and corresponding posting timestamps of your submissions. Such data is used to publicly display your published feeds within the community to enable content sharing and communication; support storage, distribution, retrieval and historical content review on personal homepages; and serve as materials for content security moderation to identify and remove violating content and maintain compliant community operation.

Community Interaction Behavioral Data: We log your community interaction activities, including like statuses and timestamps, comment texts and timestamps, favorite statuses and timestamps, as well as browsing records of community pages and content. The purposes include: providing real-time feedback on interaction status (such as "Liked" or "Saved" labels) to enable basic interactive functions; counting content engagement and view metrics for community operation performance analysis and content distribution strategy optimization; and supporting product experience iteration to refine the interaction logic of community features.

You may voluntarily upload avatars and share photos, audio and videos. When you use the functions of uploading images or posting audio and video materials, we will request permissions for your camera, photo album and microphone in accordance with the system version of your mobile device. If you decline to grant such permissions, you will not be able to use the corresponding functions, yet this will not affect your normal access to other core features of SmartHome.

Geotagging is not available for feed posting in the initial launch version of the community, so no location information will be collected for this scenario. Should this feature be launched in the future, we will update this Privacy Policy accordingly and notify you.

Please note that the content you share may contain your personal information, so you shall exercise caution when disclosing your personal data. When using our products and/or services, you may submit or publish information related to yourself or other users (including videos, articles, feeds, comments or images posted by you or other users). You are advised to carefully evaluate the risks before publishing and disseminating content containing personal information via the SmartHome Community. If you submit or publish information belonging to other users, you must ensure that you have obtained valid legal authorization from such users.

If the content you post constitutes violations specified in the Community Interaction Rules, including but not limited to illegal content, pornographic and explicit material, violent and hate speech, harassment, bullying, doxxing, intellectual property infringement, false information and fraudulent content, we may delete or hide the violating content and restrict or suspend the relevant user account. If you believe content posted by other users infringes your legitimate rights and interests, or you disagree with our actions of deleting/hiding violating content or restricting/suspending accounts, you may promptly contact us via the channels set forth in this Privacy Policy.

1.3 Circumstances where you can choose whether to authorize us to collect and use your personal information

For you to enjoy better control, management, etc. of a smart device, we may collect and use your personal information in the following additional functions. If you do not provide such personal information, you can still use the basic services but you may not be able to use the additional functions that can bring you convenience. Also, you can go to the permission settings page of the device to change permissions at any time.

The following are the details of the relevant functions and call permissions listed for your reference:

Read and write external storage (for Android): It is for reading and writing photos and files on the device in functions such as scanning and user feedback.

Location permission (for Android and iOS): It is for weather service provision, locating, home location management, smart device automation, detecting nearby smart devices, and detecting nearby WLAN lists.

READ_PHONE_STATE permission (for Android): It is for generating the device’s identifier locally on the client end.

Camera permission (for Android and iOS): It is for scanning QR codes to add devices, upload images, and more.

Phone-reading permission (for Android): It is for generating the device's identifier locally on the client end.

WLAN-enabling permission (for Android and iOS): It is for connecting to the Wi-Fi from the device for communication with the device in quick device connection.

Bluetooth-enabling permission (for Android and iOS): It is for connecting to the Bluetooth of the device for communication with the device in quick device connection. For a smart device connected via Bluetooth, Bluetooth permission is required for communication.

Album permission (for Android and iOS): It is for reading and writing photos and videos on the device in functions such as scanning and user feedback.

As mentioned above, we will store your account information in the database so that you can get your personal data immediately every time you visit our website and use our App or other services.

Your data will be stored in our server as log files and used for analysis and research. After being processed in the server, your data will be transmitted to the database.

We will back up data on a regular basis to prevent data loss due to server failure or human error, and will delete them immediately at your request.

2. Data Processing

2.1 Our role

We are the controller of your data.

2.2 Legal foundation

We process your data for the following one or more purposes:

2.3 Reasons for providing your personal information

Generally, your consent constitutes the legal foundation for us to process your information. It is therefore necessary for you to agree with our User Agreement and Privacy Policy in order to reach and fulfill our agreement with you and safeguard the legitimate interests of all parties.

You have the right to choose whether to provide the relevant data. We may not be able to undertake part or all of the obligations according to the service terms or provide our services without some of your information. If you wish to learn more, please contact our Data Protection Office using the contact details under the last section of this Privacy Policy.

2.4 Purposes and methods

We will use information provided by you and collected by us in the process of services to offer you our services. We will not use your data for any other purposes that do not fit the purposes for data collection.

We will use your information for the following purposes in the following manner:

You have the right to choose to not let us use your personal information for any purpose(s), however, please be aware, by your choice of that, we may not be able to undertake part or all of the obligations according to the service terms or provide our services without some of your information.

3. Sharing, Transfer and Disclosure of Personal Information

3.1 Sharing of personal information

Your personal information will be kept strictly confidential and will not be shared with any other company, organization, or individual, except in the following circumstances:

3.2 Transfer of personal information

We will not transfer your personal information to any other company, organization, or individual except under any of the following circumstances:

3.3 Disclosure of personal information

We will only disclose your personal information under any of the following circumstances:

You have the right to choose to not let us disclose or/and transfer any or all of your personal information to third party, however, please be aware that, by your choice of that, we may not be able to undertake part or all of the obligations according to the service terms or provide our services without some of your information.

3.4 Copy of personal information

To facilitate the use and management of your personal information, you may follow the steps below to send your avatar, nickname, email address and other personal information as an attachment to your mailbox: Go to Me -> tap Settings -> tap Account and Security -> tap View and Export Personal Information -> tap Export -> Enter your email address-> Tap Export.

4. Binding SmartHome with Third-party Apps

4.1 Binding path

You can log in to a third-party App (i.e., Google Home, Amazon Alexa, IFTTT, Дом с Алисой, MAIKA, or приложению Салют/веб-приложению, hereinafter collectively referred to as "third-party App" with your SmartHome account. Дом с Алисой refers to the Дом с Алисой APP developed by Yandex N.V. or its affiliates, hereinafter referred to as "Дом с Алисой") and bind the SmartHome account to the third-party App.

• Path on Google Home, Amazon Alexa and IFTTT:

If you are not a registered user of SmartHome, please download SmartHome, register for an account on SmartHome, and then follow the binding path to bind your SmartHome account:

• Path on Дом с Алисой:

If you are not a registered user of SmartHome, please download SmartHome, register for an account on SmartHome, and then follow the binding path to bind your SmartHome account:

a. If you have downloaded Дом с Алисой:

Open Дом с Алисой -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

b. If you have not downloaded Дом с Алисой:

(Follow Яндекс — с Алисой or the prompts on its updated version page, or go to App store) Download Дом с Алисой -> Open Дом с Алисой -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

• The path for binding within MAIKA:

If you are not a registered user of SmartHome, please download SmartHome, register for an account on SmartHome, and then follow the binding path to bind your SmartHome:

a. If you have downloaded MAIKA:

Open MAIKA -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

b. If you have not downloaded MAIKA:

(Follow MAIKA page wizard, or go to App store) Download MAIKA -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

• The path for binding within приложению Салют/веб-приложению:

If you are not a registered user of SmartHome, please download SmartHome, register for an account on SmartHome, and then follow the binding path to bind your SmartHome:

a. If you have downloaded приложению Салют/веб-приложению:

Open приложению Салют/веб-приложению -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

b. If you have not downloaded приложению Салют/веб-приложению:

(Follow приложению Салют/веб-приложению page wizard, or go to App store) Download приложению Салют/веб-приложению -> Open the browser page -> Enter your SmartHome account and password -> Read and tick "I Agree and Bind" -> Tap "Log In".

If the above binding methods are inconsistent with the binding instructions on third-party Apps, please follow the binding instructions on the third-party Apps.

You may bind Google Home and Amazon Alexa accounts on SmartHome by following the path below:

Tap Me -> Tap Third-party Services -> Tap Google Home/Amazon Alexa -> Tap Tap to Connect -> Jump to Third-party App -> Log in with a third-party App account -> Agree to Authorize -> Authorized successfully.

4.2 Unbinding

You may follow the path below to unbind a SmartHome account from a third-party App:

Unbinding path on SmartHome (applicable to Google Home and Amazon Alexa only):

Go to Me - > Tap Third-party Services - > Select the corresponding third-party App (Google Home or Amazon Alexa) -> Tap Unbind from Google Home or Unbind from Amazon Alexa -> Tap Confirm in the pop-up window -> Unbound successfully.

Please note that it is not allowed to unbind a SmartHome account from IFTTT, Дом с Алисой, MAIKA, and приложению Салют/веб-приложению on SmartHome.

4.3 Data acquisition and transmission:

After binding with a third-party App, the personal data that SmartHome may obtain or collect from the third-party app during use includes:

приложению Салют/веб-приложению: It does not involve the acquisition and collection of personal data from SmartHome to third-party Apps. For details, please refer to the Agreement on Binding SmartHome with Google Home/Amazon Alexa/IFTTT/Дом с Алисой/MAIKA/приложению Салют/веб-приложению.

4.4 Notification on device status changes

Amazon Alexa and Google Home: When a user adds, changes, or deletes a device, or when a device goes offline, SmartHome will send a message to Amazon Alexa to update the device status.

Дом с Алисой: When Дом с Алисой requests the status of the user's relevant device from SmartHome, SmartHome will send the requested information to Дом с Алисой.

IFTTT: N/A.

MAIKA: N/A.

приложению Салют/веб-приложению: When users add, modify, or delete devices, or when a device goes offline, SmartHome will proactively synchronize device status changes.

4.5 Siri voice input and scene control: All Siri-related command information is stored in the iOS shortcut App and will not be stored in SmartHome.

4.6 If there is any collection and processing of your personal information by a third-party App not for the purpose of binding operations, the collection and processing of the corresponding personal information shall be subject to the agreement, policy or statement between the third-party App provider and users. If you have questions about the collection and processing of personal data by a third-party App, you may contact the third-party App provider.

5. Limitation Period for Saving Personal Information

We will continue to save your personal information so long as required for purposes specified in this Privacy Policy, and within any additional period as required or permitted by law, until you withdraw the consent.

Community browsing and interaction logs will be automatically erased after being stored for 180 days. Your user-generated content will be retained for 5 years, and you may choose to either completely delete such content or retain it in anonymized form after account cancellation.

Whereas, we may postpone the retention of your information for the purpose of research or statistics, but we will desensitize your information to ensure the relevant information will not be able to identify you.

At the same time, in accordance with the law of the country in which you live, we may retain your personal information to assist in any government and judicial investigations for the purpose of submitting or maintaining legal requests or civil, criminal or administrative procedures. If the above reasons fail to apply to the data we preserve, we shall delete and destroy your data securely in accordance with relevant requirements.

6. Protection of Information of Minors

Our products and services are primarily for adults, yet, we are aware of the importance of taking extra precautions to guarantee the privacy and security of minors who may use our products and services. We consider anyone under the age of 16 (or the age as required by local law) to be a minor.

We will only use or disclose the personal information of minors collected with the consent of their guardian on the condition that the law permits, the guardian expressly consents or for the necessary protection of the minor. At any time, the guardian may request access to, modify or delete personal information of the minor by contacting us via the email address provided in the section “Contact Us” below.

If we are found to collect personal information of minors without the consent of a verifiable guardian, we shall attempt to remove the relevant content as soon as possible.

7. Measures for Protection of Personal Information

We adhere to recognized key data protection principles (fairness, purpose limitation, data quality, data retention, compliance with individual rights, and security), and take reasonable measures to guarantee the security of your personal information. We have applied a range of techniques to guarantee the security of your personal information and done the utmost to minimize the risk of misuse, unauthorized access, unauthorized disclosure and inaccessibility. Security measures we have adopted include but are not limited to: data desensitization, data encryption, firewall, and authorization control of data access. At present, we have obtained the following information security and privacy protection certifications, including, without limitation, ISO/IEC 27001 Information Security Management System Certification, and ISO/IEC 27701 Privacy Protection Management System Certification.

In addition, we shall regularly check and update the security mechanisms used to protect data in order to provide effective protection against data misuse. If you believe that the security of your data has been compromised, or you would like to know more information about the measures we adopt to protect data, please contact the Data Protection Office using the contact details under the last section of the Privacy Policy.

8. Storage of Personal Information

We currently have data centers located in the US, Germany, and Russia. Your information may be transmitted to these data centers for the purposes set out in this Privacy Policy in accordance with applicable laws.

We may also transmit your personal information to third-party service providers and business partners, and therefore your information may also be transmitted to other countries or regions. The jurisdictions where these global facilities are located may not protect personal information to the same standards as your jurisdiction, and different risks may exist under different data protection laws. However, this does not change our commitment to complying with this Privacy Policy and protecting your personal information.

In particular,

• The personal information we collect and generate in our operations in the European Economic Area (“EEA”) will be stored in data centers located in Germany, except for those permitted for cross-border transmission under applicable laws;

• The personal information we collect and generate in our operations in Russia will be processed and stored in data centers located in Russia, except for those permitted for cross-border transmission under Russian laws;

All personal data of U.S. users is stored by Midea America Corporation in our data centers located in the United States.

If we transmit your information generated within the EEA to relevant organizations or third-party service providers outside the EEA, we will do so according to the data protection mechanism set forth in the General Data Protection Regulation (GDPR).

9. Cross-border Transmission of Personal Information

We are a multinational company and the responsibility range of our teams responsible for data processing may cover the world or a variety of countries/regions. Therefore, these teams may be located anywhere in the world where we conduct business, including countries outside the EU that may not pursue the same standards for personal information protection as your country. We may also transmit data outside the EU, including China. By using or joining our services and/or providing us with your information, you agree that we will collect, transmit, store and process your information outside the country/region you live in accordance with this Privacy Policy. For cross-border data transfers, we will adopt compliance safeguards such as the EU Standard Contractual Clauses. You may email us to obtain a copy of the corresponding Standard Contractual Clauses.We will make every effort to ensure that they comply with applicable legal requirements to the extent permitted by existing technology, for example, by executing standard contract terms. All of your data that we collect is used for user and product analysis after necessary confidential processing to provide you with better services. But in this case, we will take steps to protect your information appropriately. All personal data and sensitive personal data of U.S. users shall be stored, operated and maintained exclusively in data centers located within the United States. Personnel and entities from countries of concern and all other overseas parties are strictly prohibited from accessing or retrieving such local U.S. data systems.

10.User Portraits and Automated Decision

When you use our services, we may analyze processed data that fail to identify you to improve our products and services.

We will not use your data to conduct any fully automated decision.

11. Personal Information Rights and Their Exercising

11.1 The personal information rights you have include

11.2 Choices about your personal data

We offer multiple ways for you to manage the personal data we hold about you, including the right to determine how we collect, use, and disclose such information.

⑴ Choices for Promotional Push Notifications

You can turn off marketing push notifications from us by entering the notification settings page of the App. Disabling such notifications will not impact your receipt of important service-related pushes, such as device status alerts and after-sales service reminders.

⑵ Management of Account Information and Authorizations

①View and Update Account Information

For users with an App account, you can check and edit your account profile information (such as nickname, avatar, bound mobile phone number/email) at any time through the profile section in the App.

②Adjust or Revoke Permission Authorizations

You can modify or cancel the various device permissions authorized to the App (including location, camera, Bluetooth, album, read and write external storage, etc.) at any time by adjusting the permission settings of your mobile device (Android/iOS).

③Unified Account Service

To further enhance our basic service capabilities, deliver a secure, convenient and consistent user experience, and improve services of brands and internal systems under Midea Group, we provide the unified account service. The SmartHome app has launched access entries for brand websites across countries and regions and established a unified account system. Your SmartHome account registered via email can be interconnected with the corresponding brand websites, allowing you to log in without repeated authentication.

Any account operations you perform on either platform, including registration, password modification and bound email update, will take effect synchronously on the other platform. You may apply to unbind the association between unified accounts. After unbinding, the connection between your account and brand websites will be terminated, the accounts will become independent of each other, and cross-platform functions such as one-click login and data synchronization will no longer be available. You may submit your unbinding request via email to mideadpo@midea.com. Users located in the United States please send requests to mideaDPOMAC@midea.com. Please note that the supported brands, countries and regions may be adjusted according to local business development. We recommend that you stay updated regularly to keep abreast of the latest service scope and applicable terms.

④Withdraw Consent and Cancel Account

You may withdraw your consent to our collection and use of your personal data, or unbind associated smart devices, by deleting relevant configuration information in the App. You can also cancel your App account through the account settings page in the App.

Upon account cancellation, we will immediately stop providing all corresponding services to you. However, your decision to withdraw consent or cancel the account will not affect the processing of your personal data that we have already completed in accordance with your prior authorization and applicable laws and regulations. In addition, we will retain your relevant information (e.g., product warranty information, transaction records) as required by law even after the account is cancelled.

⑶Device-Level Advertising Controls

Your mobile operating system provides system-level controls that can limit ad tracking and data collection for advertising purposes across apps.

(4) Do Not Track (DNT) and Global Privacy Control (GPC)

①Do Not Track (DNT)

Some web browsers support sending Do Not Track (DNT) signals to indicate your preference to opt out of website tracking. At present, there is no unified and universal industry standard for the interpretation and implementation of DNT signals under applicable U.S. laws and regulations, and our App's architecture does not process DNT signals. Therefore, our App does not process or respond to DNT signals sent by browsers.

②Global Privacy Control (GPC)

We recognize and respect the Global Privacy Control (GPC) signals supported by some browsers and browser extensions, which are used to indicate your choice to opt out of certain types of data processing (including data sales). When we receive a valid GPC signal from you, we will comply with your relevant choices in accordance with applicable laws and regulations.

11.3 Methods of exercising personal information rights

We will protect your right to access and rectify your personal information. If you wish to exercise any of the rights described in Article 10.1, you may e-mail to our Data Protection Office for processing.

As we receive a large amount of commercial promotion e-mails every day, we shall not respond if we believe that your e-mails are not related to personal information.

11.4 Results of request

After the request is made by the subject of personal information, the following results may occur:

(1) Request denied

In some cases, requests from personal information subjects shall be rejected, including but not limited to:

If the access request of the subject of personal information is rejected, we shall formally explain the reason to the requester.

(2) Request accepted

If there is no circumstance as specified in (1), we shall process the request. In order to better ensure the successful acceptance of requests, please provide us with as much detailed information as possible when requesting, such as the request type and specific content, information about the holder (such as the name of the product and service you used), and time range of information generation or processing (where the time range is as exact as possible, the request has a larger chance of acceptance).

11.5 Consent withdrawal

You may change the scope of your authorization to continue to collect personal information or withdraw your authorization by deleting the configuration information, unbinding the associated device, or canceling the account number.

Please understand that the service of business function shall require some basic personal information (registration e-mail), so if you withdraw your consent or authorization, we will stop providing the service corresponding to the withdrawal of consent or authorization. Yet, your decision to withdraw your consent or authorization shall not affect the processing of personal information previously based on your authorization.

12. Change of Privacy Policy

We shall reserve the right to modify the Privacy Policy. Without your express consent, we shall not reduce your rights in accordance with the Privacy Policy. Any change to the Privacy Policy shall be posted on this page. For major changes, we shall provide more obvious notice (for certain services, we shall send an e-mail notification to state the specific changes to the Privacy Policy.)

Major changes referred to herein include but are not limited to:

At the same time, we shall archive the former version of this Privacy Policy for your reference.

13.Contact Us

If you have any questions about this Privacy Policy or you wish to exercise any right, or you have any requests to discuss with us, or if you have any unresolved complaints, please send an email to our Data Protection Office at the following address:  mideadpo @midea.com . For users in the United States, please send your email to: mideaDPOMAC@midea.com. Upon receiving your email, we shall make every effort to respond within one month of receipt of your email. Your patience and understanding are highly appreciated. Given the complexity and quantity of requirements, the period may be extended for another 45 days as necessary. In case of deferred response, we will inform you of the reasons for the delay. If the limitation period set in this paragraph conflicts with the local laws, the local laws shall prevail.

If you disagree with us about our processing of your personal information, you may submit a mediation request or other requests to data protection regulator where you are located.

14. Product Data Access and Usage Notice

In compliance with the EU Data Act, as a manufacturer of connected devices, we are obligated to provide transparency regarding key aspects of data generation, storage, and access related to product of Midea (hereinafter referred to as "this device"):

14.1 Available Data

During your use of this device, data such as operation logs, energy consumption information (for devices that enable this feature), and basic device information (e.g., device ID, version number) will be generated (hereinafter referred to as "Product Data"). Product Data is stored in CSV format and will be continuously and in real-time generated as you use this device, and stored on our servers.

14.2 Rights to Access and Transfer

After verifying your identity, you have the right to access your Product Data free of charge within a reasonable timeframe and in an appropriate format, or to request that we transfer the data directly to a third-party service provider of your choice. Specifically, if you wish to access your Product Data, you may do so by sending an email to mideadpo@midea.com. If you wish to have your Product Data transferred to a third party, you can exercise this right by sending an email to mideadpo@midea.com.

14.3 Restrictions

In cases involving product security, intellectual property rights, or the protection of trade secrets, your request for data access or transfer may be subject to restrictions. Additionally, you are prohibited from using the obtained Product Data to develop competing products or to infer our financial status, assets, or production methods.

14.4 Data Usage

We will not use your data for purposes that have not been disclosed to you or authorized by you. All data processing and sharing activities will adhere to the principles of legality, transparency, and data minimization.

14.5 Exercise of Rights

If you have any questions regarding the exercise of your rights to access, transfer, or delete Product Data, please contact us via the following email: mideadpo@midea.com.

We are committed to strictly complying with the EU Data Act and safeguarding your data rights.

15. Supplemental U.S. State Law Privacy Notice

This additional notice is for residents of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia, and supplements the information contained in the Privacy Policy. Unless otherwise expressly stated, all terms defined in our Privacy Policy retain the same meaning in this additional notice.

15.1 Sources of Personal Data We Collect and Process

We collect personal data from you when you provide it to us (e.g., during registration, use of services, or submission of after-sales requests) or automatically through our App. We may also obtain information about you from other sources, such as third-party account providers (e.g., Facebook, X, Google, Apple), and service providers (including cloud services, IT supports, and customer service providers).

15.2 Categories of Personal Data We Collect, Process and Disclose to Third Parties; and the Purposes of Processing

Categories of Personal Data Collected

The Purposes for Processing

Categories of Recipients

A. Identifiers, including name, email address, phone number, device identifiers (e.g., hardware serial number, MAC address, IP address), browser cookies, and other unique online identifiers

• To verify your identity and provide account-related services

• To operate and maintain our App

• To personalize your user experience and provide tailored product recommendations

• To communicate with you regarding services, transactions, and support

• To analyze usage patterns and improve our products and services

• To detect and prevent fraud, unauthorized access, and illegal activities

• To comply with legal obligations and respond to lawful requests

• Service providers (e.g., cloud services, IT supports, customer service providers) for business operation purposes

• Advertising partners and ad measurement providers to deliver relevant marketing communications

B. Account registration information, i.e., name, address, email address, telephone number, password, account log-in credentials, and third-party account linkage details (e.g., avatar, nickname from Facebook/X/Google/Apple)

• To create and manage your account

• To enable secure login and access to our App

• To provide personalized support and service customization

• To protect account security and prevent unauthorized use

-

C. Commercial information, including records of products or services purchased, obtained, or considered, device purchase time, warranty information, and transaction details

• To process transactions and fulfill product/service requests

• To provide after-sales services, including repairs and warranty claims

• To send product updates, safety alerts, and maintenance recommendations

• To analyze consumer preferences and improve product offerings

-

D. Internet or other electronic network activity information, including browsing history, search history, App usage data (e.g., event logs, frequency of use, performance data), and interaction with our App

• To monitor and improve the performance of our App

• To troubleshoot technical issues and optimize user experience

• To understand usage patterns and develop new features

• To detect and resolve device anomalies and service disruptions

• Service providers for analytics and technical support purposes

• Advertising partners to deliver targeted marketing communications

E. General location data, such as country, state, city, and postal code

• To provide location-based services (e.g., weather service, intelligent scene automation)

• To detect nearby smart devices and facilitate wireless network connection

• To tailor product recommendations based on regional preferences

• Service providers enabling location-based features

• Advertising partners to deliver regionally relevant marketing content

F. Precise geolocation

• To enable precise location-based services (e.g., smart device location management)

• To enhance the accuracy of intelligent scene automation

-

G. Audio, electronic, visual information, including voice recordings (from IoT devices with voice function), images/videos uploaded for after-sales support, and camera footage (from device-built cameras, with explicit consent)

• To provide voice control functionality for Connected Devices

• To process after-sales requests and resolve product issues

• To enable features such as QR code scanning for device setup

• Service providers facilitating voice-to-text transcription or image processing

• After-sales service providers to assist with issue resolution

H. Inferences drawn from personal data, including preferences, usage habits, and behavior patterns

• To personalize your user experience and product recommendations

• To optimize service delivery and improve customer satisfaction

• To predict device maintenance needs and provide preventive suggestions

• Advertising partners to deliver targeted marketing communications

I. Device-related information, including device model, operating status, system version, personalized parameters, operation records (e.g., power-on/off status, run time, temperature changes), and WLAN connection details

• To bind and control connected devices

• To monitor device performance and provide maintenance support

• To execute Over the Air (OTA) firmware updates and resolve technical issues

• To analyze device usage and improve product quality

• Service providers assisting with device management and firmware updates

J. Smart lock unlock setting information, including one-time passwords, periodic passwords, password names, validity periods, and user names

• To enable secure unlock functionality for smart locks

• To manage access permissions for you and your family members

-

In the twelve months prior to the effective date of this Privacy Policy, we have disclosed for a business purpose each of the categories of personal data as described in the chart above to service providers and contractors, and have collected, processed, disclosed, shared for cross-context behavioral advertising as described in the chart above.

In the twelve months prior to the effective date of this Privacy Policy, we have not sold any personal information of consumers, as those terms are defined under the California Privacy Rights Act.

15.3 Sensitive personal data

As noted above, the following personal data we collect may be classified as “sensitive data” under applicable privacy laws:

We use this sensitive information as described above, to provide you with products, services, and information, to enter into and perform a contract with you, to comply with legal and regulatory requirements, to protect the life or physical safety of you or others, or as otherwise permissible for our internal business purposes consistent with applicable laws.

We do not sell your sensitive information, and we do not process or otherwise share sensitive information for the purpose of profiling or targeted advertising.

15.4 Retention

Personal data we collect may be retained for as long as needed to fulfill the legitimate business purposes outlined above, or for a time period specifically required or allowed by applicable regulations or laws. When personal data is no longer needed, we will either delete it or deidentify it to ensure it cannot be linked to an individual.

15.5 Your Privacy Rights

Depending on your state of residency, you may have certain rights related to your personal information.

  1. Your California Privacy Rights

If you are a California resident, subject to certain exceptions, you may exercise the following rights:

  1. Privacy Rights for Colorado, Connecticut, Delaware, Florida, Indiana, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, and Virginia

If you are a resident of one of these states, subject to certain exceptions, you may exercise the following rights:

  1. Your Iowa and Utah Privacy Rights

If you are an Iowa or Utah resident, subject to certain exceptions, you may exercise the following rights:

  1. How to Exercise Your Privacy Rights

To submit a request to exercise these rights, please:

We may need to verify your identity before processing your request (e.g., by requesting you log into your account or providing identifying information matching our records). If you have an App account, we will verify your identity through your account credentials. If you do not have an account, we may request additional information (e.g., device type, purchase details) to confirm your identity.

You can exercise your right to opt out of the sale or sharing of your personal data by:

You may authorize an authorized agent to submit a request on your behalf, provided the agent submits written proof of your authorization. We may require you to verify your identity and confirm the agent’s authority.

Archived versions