ESP UK - Sangamo App Privacy Policy

Sangamo App Privacy Policy

Elite Security Products Ltd and its Affiliates (as hereinafter defined) (“we”, “us”, “our”) are committed to protecting your privacy. This policy describes our practices in connection with information privacy on Personal Data (as hereinafter defined) we process through your use of our products and services(collectively, the “Services”), for instance the Sangamo choice Mobile Application (the “App”). Before you start using the Services, please carefully read this Policy which details our purposes for collecting and processing your Personal Data, as well as how we use, store, share and transfer your Personal Data. In this Policy you will also find ways to exercise your rights of access, update, delete or protect your Personal Data. If you have any question regarding this Policy, please do not hesitate to contact us via: [email protected]. You are not obliged to provide to us your Personal Data (as defined below). However, we may be unable to provide you with certain products and/or Services if you decline to provide such data.

If you are a child under the age of 13 (or such other age provided by applicable law in your country/region of residence), please read this agreement with your legal guardian or parent and make sure that you and your guardian or parent have clear understanding about our privacy protection practices.

Definitions

Affiliate:

Means any company, firm or legal entity that: (1) is directly or indirectly controlled by ESP; or (2) directly or indirectly controls ESP; or (3) jointly with ESP, controls the same company; or (4) is, directly or indirectly, under common control of the same company with ESP. Affiliates shall include, without limitation, ESP’s parent companies, subsidiaries, and such subsidiaries under common control of the same parent company as ESP.

Personal Data:

Means information generated, collected, recorded and/or stored, electronically or otherwise, that can be used to identify an individual or reflect the activity of an individual, either from that information alone, or from that information and other information we have access to about that individual.

What personal data do we collect?

In order to provide the Services to you, we will ask you to provide necessary Personal Data that is required to provide those Services. If you do not provide your Personal Data, we may not be able to provide you with the Services.

Information you voluntarily provide to us:

Precise location: When you enable the location-based function through permission settings on your mobile device, we will collect and process your location information to enable pairing with your room thermostat Please note that if you turn on permission, you authorize us to collect and use relevant personal information to provide you with corresponding Services. Once you turn off any permission, we will take it as a cancellation of the authorization, and we will no longer continue to collect Personal Data based on the corresponding permissions, and the related functions may be terminated. However, your decision to turn off the permission will not affect previous collection and use of information based on your previous authorization.

Smart Devices Related Information:

When you use a Room Thermostat, we will collect some basic and pre-embedded information of the Smart Device and the information generated during your use of the Smart Device. Basic Information of Room Thermostat: When you connect your Room Thermostat with the Services, we may collect basic information about your Room Thermostat such as device name, device ID, online status. Information collected during the process of connecting to a Room Thermostat, the basic information collected includes:Wi-Fi information (SSID, Wi-Fi password).

Purposes and Legal Basis for Processing Personal Data

Legal Compliance. We disclose information if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:

Comply with a legal obligation, process or request;

Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law; or detect, prevent or otherwise address security, fraud or technical issues.

If there is any change in the purposes for processing your Personal Data, we will inform such change to you with a prominent notice on our website of such changes of purposes, and choices you may have regarding your Personal Data.

Who do We Share Personal Data with?

At ESP, we only share Personal Data in ways that we tell you about. Without your consent, we will not disclose your Personal Data to third-party companies, organizations, or individuals except in the following cases:

To our third-party service providers who perform certain business-related functions for us, such as website hosting, data analysis, payment and credit card processing, infrastructure provision, IT services, customer support service, e-mail delivery services, and other similar services to enable them to provide services to us.

To our customers and other business partners who provide you, directly or indirectly, with your Smart Devices, and/or networks and systems through which you access and use our websites and Services.

To subsidiaries or affiliates within our corporate family for purpose of regular business activities based on our instructions and in compliance with applicable law, this Policy and other appropriate confidentiality and security measures.

To an affiliate or other third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including without limitation in connection with any bankruptcy or similar proceedings). In such an event, you will be notified via email and/or a prominent notice on our website of any change in ownership, and choices you may have regarding your Personal Data.

As we believe in good faith that access to, or use, preservation, or disclosure of the information is reasonably necessary or appropriate to:

Comply with applicable law, regulation, legal process, or lawful governmental request;

Enforce our User Agreement and other agreements, policies, and standards, including investigation of any potential violation thereof;

Protect our operation and business systems;

Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law; or

Perform risk management, screening and checks for unlawful, fraudulent, deceptive or malicious activities.

Except for the third parties mentioned above, we only disclose your Personal Data to other third parties with your consent.

Data Transfer

ESP operates globally, and Personal Data may be transferred, stored and processed outside of the country or region where it was initially collected. Also, the applicable laws in the countries and regions where we operate may differ from the laws applicable to your country of residence Under the Personal Data protection framework and in order to facilitate our operation, we may transfer, store and process your Personal Data in jurisdictions other than where you live.

We protect Personal Data in accordance with this Policy wherever it is processed and take appropriate contractual or other steps to protect it under applicable laws.

The European Commission has determined that certain countries outside of the European Economic Area (EEA), the UK or Switzerland can provide adequate protection of Personal Data. Where Personal Data of users in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland, or the UK which has not been recognized as having an adequate level of data protection, we ensure that the transfer is governed by the European Commission’s standard contractual clauses. You can review the agreement on the basis of approved EU standard contractual clauses per GDPR Art. 46. For more information, see here.

If you would like further details on the safeguards we have in place under the data transfer, you can contact us directly as described in this Policy.

Security Measures

We use commercially reasonable physical, administrative, and technical safeguards to preserve the integrity and security of your Personal Data. ESP provides various security strategies to effectively ensure data security of user and device.

As for device access, ESP proprietary algorithms are employed to ensure data isolation, access authentication,applying for authorization.

As for data communication, communication using security algorithms and transmission encryption protocols and commercial level information encryption transmission based on dynamic keys are supported.

As for data processing, strict data filtering and validation and complete data audit are applied. As for data storage, all confidential information of users will be safely encrypted for storage. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), you could immediately notify us of the problem by emailing [email protected].

Data Retention

We process your Personal Data for the minimum period necessary for the purposes set out in this Policy, unless there is a specific legal requirement for us to keep the data for a longer retention period. We determine the appropriate retention period based on the amount, nature, and sensitivity of your Personal Data, and after the retention period ends, we will destruct your Personal Data.

Personal Data will no longer be retained when you request to remove your Personal Data, we will accordingly complete the task.

When we are unable to do so for technical reasons, we will ensure that appropriate measures are put in place to prevent any further such use of your Personal Data.

Children’s Privacy

Protecting the privacy of young children is especially important to us. The Services are not directed to individuals under the age of thirteen (13) (or such other age provided by applicable law in your country/region of residence), and we request that these individuals do not provide any Personal Data to us. We do not knowingly collect Personal Data from any child unless we first obtain permission from that child’s parent or legal guardian. If we become aware that we have collected Personal Data from any child without permission from that child’s parent or legal guardian, we will take steps to remove that information.

If you have any questions about our practices or this Policy, please contact us as follows:
Elite Security Products Ltd
Postal Mailing Address: Unit 7 Target Park,Shawbank Road, Lakeside, Redditch B98 8YN
Email: [email protected]

Updated: July 19, 2022

Effective: July 19, 2022