Update Date of the Latest Version: 2022.12.13
Effective Date: 2022.12.13

Privacy Policy 

1.Notice clause

Thank you for your interest in our company. SEMOOKII BESS CO., LTD. and other related parties (collectively referred to as "SEMOOKii") has always placed a particularly high priority on data protection, and our website can be used without needing to provide personal data.

However, if you as a data subject wish to use specific corporate services via our website, we will need to process your personal data. We have prepared this policy to inform the public about the nature, scope, and purposes of our collection, use, and processing of personal data. This policy also informs data subjects of their rights. As the data controller, SEMOOKii has established a range of technical and organizational measures to ensure that personal data processed via this website is protected as comprehensively as possible. As such, data subjects also have the option to send their personal data to us using other means (e.g., by e-mail).

The privacy policy can be revised and updated in time, and it will be notified on our company's website in time. If you have any questions, comments, or advice regarding this policy, please contact SEMOOKii at:

SEMOOKII BESS CO., LTD.
No. 2399 Fazhan Ave., Haimen Port New Area, Jiangsu 226156 P.R.China
Tel: +86 21-60970158
Email: service@semookii.com; sales@SEMOOKii.com; uhoo@semookii.us; mail@semookii-ehoo.com.

2.The data we collect

We collect personal data for a variety of purposes, including maintaining efficient business operations and providing you with the best product experience. At SEMOOKii, we collect the data you provide, data about your interaction with SEMOOKii, and data regarding product usage. Users provide data directly, such as when they create a SEMOOKii account. Other types of data are collected through the interaction process with our products, your use of and experience with our products, and related communications.

We also obtain data from third parties. We protect any data obtained from third parties in accordance with the purposes described hereinafter, as well as any other restrictions posed by the data sources.

You may reject our request for your personal data. You may have to provide your personal data to keep our products operational or to enjoy our services. If you choose not to provide such data, you will not be able to use our products or some services.


Types of data that we collect include:
Contact data: email address, contact address, contact person and phone number.
Credentials: password and check code used to authenticate and access accounts.
Statistics: data related to you, such as country, city, zip code, time zone and your preferred language.
Interaction: data regarding your usage of the SEMOOKii platform. This is provided by you when you submit search inquiries to use our products and is provided by us when errors are reported. Interaction data includes:
Device and usage data: data about your device, the products and the functions that you use, including information about your hardware and software, the performance of our products, and your settings. For example:
Device and configuration data: data about your device, device configuration, and neighboring networks. For example, the IP address, SN, device identifiers, location and language settings, and neighboring WLAN access points of the device. Such data are used for device interaction only and not for any other purposes.
Troubleshooting and help data: data submitted when you contact SEMOOKii for help, such as authentication information and data related to your device and its corresponding products.
Location data: data related to your device's location (the neighborhood block where it is located). We deduce the location via national addresses and postal codes.
WIFI configuration: data about your WIFI configuration. We need to access your geographic location authorization and current WIFI SSID while you use SEMOOKii mobile application to configure WIFI. Refuse to access will limit the WIFI configuration related functions.

3.Purposes of using personal data

We have outlined the purposes of using personal data in the following section.

Personal data

Purposes of usage

Email address

User registration, user login, password retrieval, product suggestions, customer complaints, authentication

Contact address

User registration, after-sales services, such as on-site maintenance services

User name

User registration, password retrieval, product suggestions, customer complaints

Password

User registration, identity verification

IP address

Obtaining local time zones via the IP address; analyzing issues via the IP address whenever the device malfunctions

Device identifiers

System identification device

WLAN access point information, such as WiFi configuration and GPS

To access the local network to communicate with hardware

Running log

Help solve problems may occur on equipment

As per SEMOOKii request, when helping end-users file customer complaints, installers/distributors/service providers must obtain the User's consent before using the email address, phone number and user names. Please confirm that the above three vendors have obtained your consent before helping you file customer complaints. During this process, those installers/distributors/service providers become the controller of part of your private personal data. The safety of your private personal data will then be protected by them.

Users have the responsibility to update their detailed address and contact information with SEMOOKii in a timely manner and to allow SEMOOKii after-sales personnel to modify the information bound with their devices accordingly to ensure the accuracy of data. Otherwise, you may not be able to use the software on your device. If in the process of using our products, you have any objections to the purposes and permissions of the use of your personal data as outlined in this policy, you may withdraw consent to this Privacy Policy and exercise your rights as a data subject by deleting private personal data or canceling your account.

4.Cookies and tokens

Cookies, used on SEMOOKii webpages, are small text files that are placed on your device to store data. Web servers that place cookies in their domains can request such data. Such data usually consist of a string of numerals and alphabetical characters that can exclusively recognize your computer. However, they may contain other information as well. We use cookies and similar technologies to allow you to log in. You may reset your Internet browsers to reject all cookies or to specify certain cookies that allow transmission. If cookies are disabled on your device, some features on our websites and some of our services may not operate normally. We respect "do not track" (DNT) signals or other similar technologies detected and identified by the system. When such a DNT browser mechanism exists in your device, we will not track any information or place any cookies.

Tokens are used for account system authentication of the currently logged-in User to allow cloud data interchange and to store user accounts and passwords for authentication so that you will not be required to log in every time you open the app. Tokens will be stored in the system for two hours. They will be automatically deleted once the User has logged out.

5.Rights of the data subject

a) Right to confirm
As authorized by European legislators, each data subject shall have the right to confirm whether their data are being processed by data controllers. Data subjects may contact us or other controller employees at any time to exercise their right of confirmation.

b) Right to access
As authorized by European legislators, each data subject shall have the right to obtain information about their personal data, regardless of the time of storage, and to obtain copies of such information free of charge. European directives and regulations have also entitled data subjects with the rights to obtain the following information: purposes of the process; types of such personal information; receivers or types of receivers whose personal data have been or are going to be disclosed, especially receivers in other countries or receivers of international organizations; the expected storage period of personal data (if possible), or when such period is impossible to obtain, the criteria to determine such a period; whether data subjects have the right to request controllers to modify or delete their personal data, or to restrict the processing of any personal data of data subjects, or to object to such processing; the right to file a complaint to the regulating authorities; and if personal data were not collected from data subjects themselves, any useful information about the data sources.

c) Right to rectify
As authorized by European legislators, each data subject shall have the right to rectify any of their incorrect personal data held by data controllers in a timely manner. Considering the purposes of the processing, data subjects have the right to complete any incomplete personal data, including by providing supplemental statements. If data subjects wish to exercise this right of rectification, they may contact us or other controller employees at any time.

d) Right to delete (Right to be forgotten)
As authorized by European legislators, each data subject shall have the right to ask their data controllers to delete any personal data about them in a timely manner. Data subjects shall withdraw their consent on which the processing is based in accordance with Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there shall be no other legal basis for the processing. Data subjects object to the processing in accordance with Article 21(1) of the GDPR, and there are no overriding legitimate grounds for the processing, or data subjects object to the processing in accordance with Article 21(2). Personal data have been processed illegally. Personal data must be deleted to ensure that controllers comply with their legal obligations as stated by the laws of the alliance or any member states. Personal data collected must be related to the provision of informational social services as described in Article 8(1) of the GDPR.
If any of the above apply, and data subjects wish to delete their personal data stored by SEMOOKii, they may contact us or other controller employees at any time. SEMOOKii must comply with the request for deletion without delay and shall notify all positions that are engaged in the processing of personal data of the request. If users wish to delete data on their own, they may do so by canceling their account by going to [Setting] - [Security] - [Delete Account].
If controllers have already made the personal data public and are required to delete such personal data in accordance with Article 17(1), they shall consider available technologies and the costs of implementation and take reasonable measures, including technical measures, to notify other controllers who process personal data requested by data subjects that such controllers delete any links, reproductions or copies of such personal data where such processing is not required. Under specific circumstances, SEMOOKii may arrange necessary measures.
When end-users submit their request to delete their personal data to SEMOOKii or delete personal data on their own, any private personal data held by SEMOOKii at its installers/distributors/service providers shall also be deleted. For cases in which SEMOOKii acts as the processor only and not the data controller, SEMOOKii will notify the data controllers of the User's request to delete data by email and phone.

e) Right to restrict data processing
Each data subject shall possess the right, as granted by the European legislators, to restrict the data controller from processing his/her personal data, in any one of the following cases:
The data subject questions the accuracy of their personal data; the data controller can verify the accuracy of personal data within a certain time limit. The data processing is illegal, and the data subject requests that the use of personal data be restricted, rather than deletion.
Personal data for processing purposes are no longer required by the data controller, but continue to be required by the data subject, in order to establish, exercise, or defend a legal claim. The data subject has objected to processing data under Article 21(1) of the GDPR, and is awaiting confirmation of whether the legal grounds of the data controller will take precedence over his/her own.
A data subject who requests restrictions upon the processing of personal data stored by SEMOOKii in any one of the above cases may contact us or another employee. One of these will make arrangements to restrict data processing.

f) Right to data portability
Each data subject shall possess the right, as granted by European legislators, to receive their personal data in a structured, commonly used and machine-readable format from the data controller. The data subject shall have the right to transfer such data to another data controller without hindrance by the data controller providing the data, provided that such data are processed based on consent given under Article 6(1)(a) or Article 9(2)(a) of the GDPR, or under a contract entered into pursuant to Article 6(1)(b) of the GDPR, and the data are automatically processed, unless the processing is necessary for tasks performed in the public interest or the exercise of the data controller’s official authority. In addition, in exercising his/her right to data portability under Article 20(1) of the GDPR, each data subject shall possess the right to have his/her personal data directly transferred from one controller to another, provided that doing so is technically feasible and will not adversely affect the rights and freedoms of others. In order to safeguard their right to data portability, data subjects may contact us or another employee designated by SEMOOKii

g) Right to object
Each data subject shall possess the right, as granted by European legislators, to object at any time to the processing of their personal data on grounds related to their particular circumstances in accordance with Article 6(1)(e) or (f) of the GDPR. This also applies to analyses made based on these provisions. In case of objection by a data subject, SEMOOKii will cease to process his/her personal data, unless we can establish persuasive legal grounds for the processing of such data that take precedence over the interests, rights and freedoms of the data subject, or for the purpose of establishing, exercising or defending legitimate claims.
In addition, each data subject shall have the right to object, on grounds related to their particular circumstances, to the processing of their personal data by SEMOOKii for scientific, historical research or statistical purposes, under Article 89 (1) of the GDPR, unless this processing is necessary for tasks performed in the public interest.
In order to exercise the right to object, a data subject may contact us or other employees of SEMOOKii directly. In addition, notwithstanding Directive 2002/58/EC, the data subject can freely exercise the right to object using automatic means, in accordance with appropriate technical standards when using socialized services for the data.

h) Automatic personal decision-making, including analysis
All data subjects shall have the right, as granted by European legislators, not to be subject to a decision based solely on automatic data processing (including analysis), which produces legal effects concerning him or her, or similarly significantly affects him or her, provided that the decision is necessary for the conclusion or performance of a contract between the data subject and the data controller, or authorized by the laws of the Union or Member State to which the controller is subject, which also stipulates that appropriate measures should be taken to safeguard the rights, freedoms and legitimate interests of data subjects, or the explicit consent of data subjects is obtained.
SEMOOKii shall take appropriate measures to protect the rights, freedoms and legitimate interests of the data subject where a decision is made as required for the conclusion or performance of a contract between the data subject and the data controller, or with the explicit consent of the data subject.

i) Right to withdraw consent for data protection
All data subjects shall possess, as granted by European legislators, the right to withdraw their consent to the processing of their personal data at any time. Any data subject who intends to exercise this right to withdraw consent may contact us or other employees of SEMOOKii.

6.How We Use Your Personal Data

SEMOOKii will only share/disclose your personal data to relevant parties, and in a way that you are aware of, or in the circumstances mentioned below:

1. We will share your user data with your explicit consent. After obtaining your express consent, we will transfer your user information to other parties, with the list of specific permissions as follows:

Other Party

Information for Use

Purpose

Alibaba Cloud

Email, user name, country, time zone and running log

Data storage

Tuya Cloud

Network and Device information

AIoT service

follows:
2. We will disclose your personal data to third-party service providers who provide us with certain business-related services, such as network hosting, data analysis, infrastructure provision, customer support services, email sending services and other similar services, so as to ensure that such third parties can provide services for us. See the purposes of use of personal data, above, for details.

7.How We Process Children’s Personal Data

We do not provide service to minor who is under 18 years old or collect their personal data. And we require users to not provide any personal data from minors. If we are awarded that a child’s personal data was collected accidentally, it will be deleted as soon as possible.

8.Security Measures

We will maintain the integrity and security of your personal data by taking commercially reasonable physical, administrative and technical safeguards. SEMOOKii employs a variety of security measures to guarantee the data security of users and devices.
1. Security algorithms and transmission encryption protocols are adopted for data communications.
2. Strict data filtering and verification and a complete data review process are adopted for data processing.
3. Concerning data storage, all users' data are securely encrypted and stored on Alibaba Elastic Compute Service and continuously monitored by SEMOOKii software team on a 24/7 basis in order to prevent unauthorized access to data, unauthorized actions and guard against environmental risks, and to guarantee the security of the transmission process and the completeness and accuracy of data transmitted.
As a global company, your personal data collected by SEMOOKii may be processed or accessed in the country/region where you use our products and services or in other countries/regions where SEMOOKii or its affiliates, subsidiaries, service providers or business partners have a presence. These jurisdictions may have different data protection laws. In such circumstances, SEMOOKii will take measures to ensure that data is processed as required by this Policy and applicable laws, which includes when transferring the data subject’s personal data from the EU to a country or region which have been acknowledged by the EU commission as having an adequate level of data protection, we may use a variety of legal mechanisms, such as signing standard contractual clauses approved by the EU Commission, obtaining the consent to the cross-border transfer of a data subject in the EU, or implementing security measures like anonymizing personal data before cross-border data transfer.
4. In addition to the above technical security measures, SEMOOKii has also developed a series of security measures at the institutional and control levels, such as defining job descriptions and roles, offering training on security and privacy, raising employees' level of data protection awareness, and controlling access permissions, in order to prevent the loss, illegal usage, unauthorized access to, disclosure of, tampering with or destruction of data.
If, for any reason, you believe that data transmission to or from SEMOOKii is no longer secure, please inform us immediately by sending an email to uhoo@semookii.us.
We will inform you of any security incident that affects the security of your personal data via email, telephone, or push message as soon as possible, along with suggested measures to reduce or avoid related risks, and other information. When necessary, we will adopt timely remedial measures in accordance with our internal emergency plan for security incidents, and report to the relevant competent authorities in accordance with regulations.

9.Methods for Exercising Your Rights to Privacy

We respect your rights and protect your personal data. You may exercise any of the following rights in the following ways:
1. Email us at uhoo@semookii.us.
You can exercise your personal rights free of charge. According to the relevant requirements of local data protection laws, we will reply to your request within 15 business days if your account service is provided within the Chinese mainland, and within 30 days if your account service is provided outside mainland China.
In your request, you should state what data you intend to change and whether you wish to have your personal data deleted from our database, or specify any restrictions you wish to place on our use of your personal data. Please note that we may require verification of your identity for security reasons.
You may:
1. Request access to personal data of yours which we process
2. Request correction of your personal data where it is inaccurate or incomplete
3. Request the deletion of your personal data
4. Request temporary or permanent restrictions upon the processing of part or all of your personal data
5. Request the processing of your personal data with your consent or under a contract entered into by and between us, or that your personal data is transmitted to you or a third party when we automatically process it
6. When we are using your personal data on the basis of your consent or our legitimate interests, you may express your objection or refusal to permit this by sending an email to uhoo@semookii.us. We will comply with your requests as far as is reasonably practicable.

10.Data Retention Period

We will process your personal data for the purposes stated in this Policy as quickly as possible, unless specific legal requirements exist demanding its retention for a longer period of time. We will determine an appropriate retention period based on the amount, nature and sensitivity of personal data, and destroy your personal data after the retention period ends. Where you explicitly request deletion of your personal data, we will delete it and cease to retain it. In case of inability to destroy the data for technical reasons, we will take appropriate measures to prevent its further use.

11.Third-Party SDK Data Collection and Usage Instructions

We may access software development kits (SDKs) provided by third parties in order to ensure the stable operation of SEMOOKii services or implement related functions. We will strictly test the security of the application programming interfaces (APIs) and SDKs used by authorized partners for the acquisition of relevant information, and conclude agreements with them concerning strict data protection measures, in order to ensure that they process personal data in accordance with this Policy and other relevant confidentiality and security measures.
The third-party SDKs we access mainly provide services to meet your and other users' needs, so we may change them to fulfill new service needs, or due to changes in our service functions. We will provide you with information on our access to third party SDKs by keeping the relevant information in this Policy up to date.
SEMOOKii accesses the following third-party SDK(s) (the personal data collected is dependent on whether you use the following third-party services):

Name of third party

Purpose

Details of personal data collected

Privacy Policy Website

Alibaba Cloud SDK

Cloud computing and data storage

Email, user name, country and time zone

https://www.alibabacloud.com/help/en/legal/
latest/alibaba-cloud-international-website-
privacy-policy

Tuya SDK

Application development

Network,

Device information

https://auth.tuya.com/policies/privacy