- What Personal Information We Collect
We refer all personal information we collect about you as “Personal Data“. Personal Data refers to the data that may be used for determining your identity.
- How We Use Personal Information
To the extent permitted by law, we use your Personal Data for the following purposes. We have added the specific legal basis for the processing in brackets: Article 6 para. 1 a GDPR stands for consent, Article 6 para 1 b GDPR for fulfilment of the contract and Article 6 para. 1 f GDPR for processing for legitimate interests:
- To register you and to enable you to use our Services (Article 6 para. 1 b GDPR);
- To inform you of any new product or service of the Company by sending notices, advertisement or pictures through e-mail, SMS and other similar electronic communication means or via the Services on the HomeWhiz application, but only where you have given us your consent to do so (Article 6 para. 1 a GDPR);
- To enable us to improve our products, Services, contents and advertisements provided that we will use anonymised data for this purpose ;
- To give you advice on the contents, channels and your purchase of other products of our Company, but only where you have given us your consent to do so (Article 6 para. 1 a GDPR);
- To keep internal records on software updates, technical services and other transactions to the extent necessary for the provision of the Services (Article 6 para. 1 b GDPR);
- To meet the requirements of any government request which is lawful according to the applicable law (Article 6 para. 1 c GDPR),
- To detect, deter or otherwise address any fraud or security issues (Article 6 para. 1 f GDPR);
Processing operations carried out for the purposes as defined in items (ix) and (x) above shall, in particular, ensure the proper and regular functioning of our systems and Services, and therefore safeguard our business interests and the interests of the users using the Services.
To the extent permitted by the applicable laws, we may combine the Personal Data we collect about you with our Services, website or other channels with the information you provided us via other ways, and retain all such information in a combined database or separate databases.
The Company shall not retain your Personal Data for longer than necessary for the purposes for which it was intended or initially collected. Data will be stored for 10 years under normal conditions to provide personalized and healthy service. Unless and to the extent we are required to retain your Personal Data for justified legal reasons (e.g. for compliance with a legal obligation or for the establishment, exercise or defence of legal claims), we will delete or anonymise your Personal Data once you inform us that you will no longer be using our Services. If a deletion of your Personal Data would only be possible with unreasonable efforts, we will anonymise them instead of a deletion. We will not collect Personal Data about you that is not necessary to the purposes it was collected for.
- Direct Marketing
Subject to the following paragraph, we may use your Personal Data for marketing purposes, in particular to display to you or present you with advertisements and promotion materials, to inform you about our new products or to conduct free prize draws and prize competitions and other such information which we believe may be of interest to you based on your use of and your interests in our Services, always provided that such use complies with applicable laws.
Depending on the jurisdiction you reside in and in accordance with applicable laws in your country, we will ask you to expressly consent to receiving marketing material or product information before we send you any marketing or promotional material or before we send you any such material or information.
- Location-based Services
The Company may collect the location data of your device, and use, store, transmit or share such location-based data through the HomeWhiz application and the Services for providing location-based services for its products. The location data is collected anonymously in a form based on product, not personally identifying you.
- Data Processed by Third Party Applications, Software or Services
- Sharing of your Personal Information with Third Parties
In principle, we do not share or disclose your Personal Data to third parties. However, the Company may be required to share your Personal Data as set out in this Section.
Company may share your Personal Data in accordance with applicable laws in the following cases:
- where this is necessary in order to provide the Services to you (Article 6 para. 1b GDPR),
- if we are required to disclose your Personal Data in order to comply with any legal obligation or the decision of a judicial authority, public authority or a government body, or if disclosure is necessary for national security, law enforcement or other issues of public importance (Article 6 para. 1 c GDPR),
- if we are required to disclose your Personal Data to providers of outsourced Services like cloud computing to enable them to provide such Services (Article 6 para. 1b GDPR),
- if it is necessary for providing after-sale services and repair services to your devices that are necessary for the use of the Services (Article 6 para. 1b GDPR), or
- where we are otherwise permitted to do so by applicable law.
Company uses its affiliate Arçelik A.S. acting as a service provider to process your Personal Data. Arçelik A.S. is located in Turkey, a country outside the European Union that may not offer the same standard of data protection as applies in the European Union.
Before transferring the Personal Data of a resident of an EU/EEA member state we will take steps to ensure that such data will be afforded the same level of protection as under applicable data protection laws within the EU/EEA. For data transfers outside of the EU, Company uses the standard contractual clauses adopted by the European Commission and will make available a copy to you upon request.
- Security Measures Taken for Your Personal Data
The Company takes appropriate administrative, technical and physical measures to protect your Personal Data against loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction.
We protect the security of your Personal Data by using encryption and password protection where appropriate, and limiting access to your Personal Data.
Whilst we have done all of this, these measures do not release you from taking appropriate steps to keep your password and other user identification safe and secure, in particular by avoiding obvious user ID’s or passwords, by changing your password regularly and by ensuring that you do not disclose your password(s) or grant any other person access to your user account.
- Links to External Content Resources
Our Services may contain some services or links that may direct you to other websites, services or external content resources which are outside of our control. We are not responsible for such direction and the privacy of any Personal Data which you provide on other websites.
- Your Rights for Your Personal Data
You have the following rights with respect to your personal data we hold:
- to learn whether your Personal Data is processed;
- if processed, to request information in connection therewith;
- to learn the purpose of the processing and whether such data is used for intended purposes;
- to request the correction of any inaccurate or incomplete Personal Data;
- to request the erasure or destruction of your Personal Data or the restriction of the processing in accordance with the applicable laws;
- to object to any further processing based on Article 6 para. 1 f GDPR (see Section 2 above);
- to withdraw any consent you have given;
- under certain circumstances to demand data portability;
- to request us to notify third parties to whom your Personal Data has been disclosed (if any) of the actions taken according to the subparagraphs (d) and (e) above; and
- to lodge a complaint with a supervisory authority.
To exercise your rights, you can use the contact details as indicated in Section 12 below.
- How to Contact Us for your Personal Information and Data
You can contact the Company’s data protection officer on the above contact details or by emailing firstname.lastname@example.org
Date of Issue: 25 May 2018