Last updated April 2023 see previous versions
We have updated our privacy notice to provide residents of the USA in the states of Virginia and California specific disclosures regarding their personal information and explanations on how to exercise their privacy rights.
Your privacy is important to WiZ.
We have drafted this Privacy Notice (also referred to as "Notice") in an easy and comprehensible way to help you understand who we are, what personal data we collect about you, why we collect it, and what we do with it. Keep in mind that personal data (in this Notice also referred to as "Personal Data" or "your data") means any information or set of information from which we are able, directly or indirectly, to personally identify you, in particular by reference to an identifier, e.g. name and surname, email address, phone number, etc.
We strongly encourage you to take some time to read this Notice in full.
If you do not agree to this privacy notice, please do not provide us with your data.
WiZ is a lighting software solutions company founded in 2015. It has an international team of highly qualified software, hardware, firmware and backend engineers. WiZ has been a wholly-owned subsidiary of Signify NV since 2019.
Please keep in mind that since WiZ is an international company, this Notice may be replaced or supplemented in order to fulfil local requirements, as well as to provide you with additional information on how we process your data through specific WiZ products, services, systems or applications. For products or services (including web or application-based functionality) that may involve specific processing of your data, this Notice might be supplemented by our product or services specific notice which provide additional information on the processing of your data for products or services mentioned.
In order to receive information about your Personal Data, the purposes, the parties the Personal Data is shared with, questions, concerns or compliant, contact the Owner.
When this Notice mentions “we,” or “us,” it refers to the Data Controller under this Notice, namely the Signify affiliate with which you had, have or will have a relationship or that otherwise decides which of your data are collected and how they are used, as well as Signify Netherlands B.V. (Registration number 17061150 - High Tech Campus 48, 5656 AE, Eindhoven, The Netherlands). Please note that the Signify affiliates include the subsidiary companies in which Signify N.V. has control, either through direct or indirect ownership. You may obtain a list of Signify affiliates by contacting the Signify Privacy Office.
Owner contact email: privacy@wizconnected.com
This Notice only applies to you in case we are considered to be the Data Controller for the processing of your data. In case we are acting as a Data Processor, the Privacy Notice shared by of the Data Controller will govern your personal data.
This Notice covers how we collect and use your data e.g. when you:
or otherwise interact with us in your capacity as consumer, business customer, partner, (sub) supplier, contractor or other person with a business relationship with us.
Depending on who you are (e.g. customer, consumer, supplier, business partner, etc.) and how you interact with us (e.g. online, offline, Application based, over the phone, etc.) we may process different data about you. We may collect your Personal Data, for example, when you visit or use our consumer and customer-directed websites, applications or social media channels, purchase and use our products, services, systems or applications, subscribe to our newsletters, download a software update, provide to us your goods or services, contact our customer or consumer support, join our business events, participate to our contests, promotions and surveys or otherwise interact with us. The data collected through your interaction with and use of our services and websites, may not, standing alone, reveal your specific identity or directly relate to an individual, but could, when combined with other data, link back to you.
Depending on your privacy choices, your products, or your use of our services, we might process the following data:
WiZ Products:
WiZ Apps:
WiZ Website:
WiZ Pro Dashboard:
If you interact with us through Network Services ('NS') we might process your personal information in accordance with this Privacy Notice. What data we collect from and through a NS may depend on the privacy settings you have set with the NS and the permissions you grant to us in connection with linking your account with our products or services to your account with an NS. Your interactions with third parties through an NS or similar features are governed by the respective privacy policies of those third parties and your agreement with the NS. You represent that you are entitled to use your NS account for the purposes described herein without breach by you of any of the terms and conditions that govern the NS. If you wish to prevent our websites and apps from recording your activity, you can opt out.
Your data and our communications
Customer Survey communications: We are constantly working to improve our products and services and to make them more in line with what customers want. That is why we can use your data to invite you for a customer or market research campaign. We only send you these types of communications with your prior consent, unless this is not necessary according to the applicable law.
Administrative, service and transactional communications: You will always receive administrative, service and transaction communications from us, such as technical and/or security updates of our products, order confirmations, notifications about your account activities, and other important notices. You cannot opt-out from this type of communication.
Other communications: When permitted and/or required by applicable law or, where we have your consent, to be able to tailor the communications to your preferences and behavior and provide you with the best, personalized experience, we may analyze and combine all information associated with your data and data about your interactions with us. We may also use this information to create segments of our audience showing which of our products and/or services users are interested in and track success of our marketing efforts.
The owner does not provide a list of Personal Data types collected.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by you, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all data requested by this Application is mandatory and failure to provide this data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some data is not mandatory, you are free not to communicate this data without consequences to the availability or the functioning of the Service. If you chose not to provide your data to us, we might not be able to respond to requests you might have.
If you are uncertain about which Personal Data is mandatory please to contact the Owner.
Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by you, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
You are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party's consent to provide the data to the Owner.
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Legal basis of processing
The Owner may process Personal Data relating to you if one of the following applies:
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Place
The data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Due to our global nature and depending on the your location, data transfers may involve transferring the your Personal Data to a country other than your own, if this is necessary for the fulfillment of the purposes described in this Notice. If you are located in a country member of the European Economic Area, we may transfer your data to countries located outside of the European Economic Area. Some of these countries are recognized by the European Commission as providing an adequate level of protection. With regard to transfers from the European Economic Area to other countries that are not are recognized by the European Commission as providing an adequate level of protection, we have put in place adequate measures to protect your data, such as organizational and legal measures (e.g. binding corporate rules and approved European Commission standard contractual clauses).To find out more about the place of processing of such transferred data, you can check the section containing details about the processing of Personal Data in this Notice or inquire with the Owner using the information provided in the contact section.
Retention time
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
Therefore:
The Owner may be allowed to retain Personal Data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Purchase Data
If you purchase a product directly from our web shop, we will use your personal data to fulfil your purchase. Please note that for our web shops, a third party is providing the payment processing functionalities, we do not store credit card details nor do we manage any other part of the payment processing such as fraud checking; a third-party does this. We obtain limited information from this third-party such as the last four digits of the credit card or if the payment was successful or not. The processing of such data is covered by the privacy notice of Luzern Technology Solutions Limited, which may be viewed here: https://luzern.co/privacy-policy/.
We would like to remind you that it is your responsibility to ensure, to the best of your knowledge, that the data you provide us with, are accurate, complete and up-to-date. If you share with us data of other people (e.g. give access to a friend to control your lights in your house) it is your responsibility to collect such data in compliance with local legal requirements. For instance, you should inform such other people, whose data you provide to us, about the content of this Notice and obtain their consent.
We encourage you to take control of your Personal Data. You may exercise certain rights regarding your Data processed by the Owner. In particular, you have the right to do the following:
We will do our best to address your request in time and free of charge, except where it would require a disproportionate effort. In certain cases, we may ask you to verify your identity before we can act on your request. If you are unsatisfied with the reply received, you may then refer your complaint to the relevant regulator in your jurisdiction.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, you may object to such processing by providing a ground related to your particular situation to justify the objection.
You must know that, should your Personal Data be processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this Notice.
For any questions or reasonable enquiry related to the protection of your data by us or regarding this Notice in general, you can contact the Signify Privacy Office:
Please keep in mind that email communications are not always secure. Therefore, please do not include sensitive information in your emails to us.
We will do our best to address your request in time and free of charge, except where it would require a disproportionate effort. In certain cases, we may ask you to verify your identity before we can act on your request. If you are unsatisfied with the reply received, you may then refer your complaint to the relevant regulator in your jurisdiction.
When you visit or use our websites and/or Application we may register your IP address, browser type, operating system, referring website, your general geographic location as indicated by your IP address, web-browsing behaviour, app behavior and whether and how you interact with content available on our websites and within our apps. We use different methods to collect this information, including our own cookies and third-party cookies. This Application uses Cookies. To learn more and for a detailed cookie notice, please read our Cookie Policy.
We do not intentionally collect information from children under the age of 16.
Legal action
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User's Personal Data
In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
How "Do Not Track" requests are handled
This Application does not support "Do Not Track" requests.
To determine whether any of the third-party services it uses honor the "Do Not Track" requests, please read their privacy policies.
Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within this Application and/or - as far as technically and legally feasible - sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User's consent, the Owner shall collect new consent from the User, where required.
The California Consumer Privacy Act (hereafter: 'CCPA') and the California Privacy Rights Act (hereafter: ‘CPRA’) provide California consumer residents who reside in California with specific rights regarding their personal information (which we also refer to as personal data). In addition to the above this section describes your CCPA/CPRA rights and explains how to exercise those rights.
The following does not apply to de-identified or aggregated personal data or data publicly available.
Information we collect
In the execution of our services and/or when visiting our websites, we collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device. The purposes for which we process your personal data can be found above under the section "MODE AND PLACE OF PROCESSING THE DATA”. Information about retention periods can be found under the section “MODE AND PLACE OF PROCESSING THE DATA”.
We might have collected and/or disclosed for an aforementioned purpose the following categories of personal data from our consumers in the last twelve (12) months before the effective date of this Notice the following categories of personal data from you:
Category | Examples | Collect and Disclose |
|---|---|---|
| A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. | COLLECT: YES DISCLOSE:YES, to affiliates, service providers, and other vendors mentioned in this Notice |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal data included in this category may overlap with other categories. | COLLECT: NO DISCLOSE: NO |
| C. Protected classification characteristics under California or federal law | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | COLLECT: NO DISCLOSE: NO |
D. Commercial information | Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
E. Biometric information | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | COLLECT: NO DISCLOSE: NO |
F. Internet or other similar network activity | Browsing history, search history, and information on a consumer's interaction with a website, application, advertisement, or other content. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
G. Geolocation data | Physical location or movements, or the location of your device or computer. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
H. Sensory data | Audio, electronic, visual, or similar information. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
I. Professional or employment-related information | Current or past job history or performance evaluations. | COLLECT: NO DISCLOSE: NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | COLLECT: NO DISCLOSE: NO |
K. Inferences drawn from other personal information | Profile reflecting a person's preferences, characteristics, or behavior. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
L. Sensitive personal information | Personal information that reveals account log-in, password, or credentials allowing access to an account, the contents of a mail, email, and text messages. | COLLECT: YES DISCLOSE: YES, to affiliates, service providers, and other vendors mentioned in this Notice |
We disclose your data for a business purpose to the following categories of third parties:
Data from children?
We do not intentionally collect information from children under the age of sixteen (16) years as we do not offer services to them. Parents who set up a profile holding information about children under the age of sixteen (16) years can only do so by granting parental consent which consent choices can be changed by the adults in the family. We do not direct services to children under the age of thirteen (13) years old. As a result, we do not knowingly process data or information from children under thirteen 13 years old.
Do not sell or share personal data?
We do not respond to “Do Not Sell” requests as we do not sell your personal data to third parties. In the twelve months before the effective date of this Privacy Notice, we have not sold any personal data of Customers, as per the definition of the CCPA/CPRA.
After receiving your opt-in consent, we sometimes disclose personal data collected via cookies for cross-contextual behavioral advertising purposes, which may qualify as sharing your personal data under the CCPA/CPRA. To opt out, you can adjust your cookie preferences on our website to block our advertising cookies, or you can change your device settings to block cookies or install a third-party plugin to control how cookies interact with your device. For more information on how we use cookies and other tracking technologies, read our Cookie Notice.
Your rights?
"Right to Know": You may have the right to request that we disclose to you what personal data of yours we collect, use, and/or disclose.
"Right to Delete": You may have the right to request the deletion of your personal data collected or maintained by us. Depending on your Choices, certain offerings may be limited or unavailable. Upon verifying the validity of a deletion request, we will delete your personal data from our records and instruct any service providers or third parties to delete your information, when applicable.
“Right to Control Use”: You may have the right to control or limit the use of your personal data, including:
“Right of Access”: You may have the right to access your personal data, and to transmit it to another entity.
“Right of Correction”: You may have the right to request amendments to your personal data if it is inaccurate or outdated in any way. Upon verifying the validity of a verifiable correction request, we will use commercially reasonable efforts to correct your personal data as directed, considering the nature of the personal Data and the purposes of maintaining your personal data.
You may also make a verifiable request to exercise your rights by contacting us via this link or the toll-free telephone 1-800-555-0050.
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. If you have questions about the foregoing or how to execute your rights in our Notice or specifically with regard to categories and specific data processed, categories of sources from which your data is collected by us, categories of Third Parties with whom we share your data, and/or the business or commercial purpose for collecting please contact our Privacy Office (see section "YOUR RIGHTS AND HOW TO EXERCISE THEM").
If we cannot verify you (or your authority to act on behalf of another person) we have the right to deny the requests. While verifying your identity we shall generally avoid requesting additional information from you for verification purposes. If, however, we cannot verify your identity from the information already maintained by us, we may request additional information from you, which shall only be used to verify your identity while you are seeking to exercise your rights under the CCPA/CPRA, and for security or fraud-prevention purposes. We shall delete any new personal data collected for verification as soon as practical after processing your request, except as required to comply with applicable legislation.
An "authorized agent" means a natural person, or a business entity registered with the Secretary of State that you have authorized to act on your behalf, conditioned you have:
1. Provided the authorized agent written permission to do so, and we could verify this; and
2. Verified your own identity directly with the business.
Subsection 1 does not apply when you have provided the authorized agent with a valid power of attorney.
We do our utmost to timely respond to a verifiable Individual, and in a portable format unless it is excessive, repetitive, or materially unfounded. If we require more time, we will inform you of the reason thereof and the extension period in writing.
Non-Discrimination
We will not discriminate against you for exercising your rights under the CCPA/CPRA.
Based on the complexity of the request and the applicable regulations, we may charge a fee for your request. We may offer a CCPA/CPRA-permitted financial incentive, participation in a financial incentive program requires your prior opt-in Consent, which you may revoke at any time.
The Virginia Consumer Data Protection Act (hereafter “VCDPA”) provides Virginian consumer residents who reside in Virginia with specific rights regarding their personal data. In addition to the general privacy notice, this section supplements it, describes your VCDPA rights and explains how to exercise those rights.
The following does not apply to de-identified or aggregated personal data or data publicly available.
As a Virginia resident, you have the following rights, subject to some exceptions, regarding your personal data effective as of January 1st, 2023:
You may also make a verifiable request to exercise your rights by contacting us via this link or the toll-free telephone 1-800-555-0050.
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply. If you have questions about the foregoing or how to execute your rights in our notice or specifically concerning categories and specific data processed, categories of sources from which your data is collected by us, categories of third parties with whom we share your data, and/or the business or commercial purpose for collecting please contact our privacy office (see section " YOUR RIGHTS AND HOW TO EXERCISE THEM").
We do not respond to “Do Not Sell” requests as we do not sell your personal data to third parties. In the twelve months before the effective date of this notice, we have not sold any personal data of customers, as per the definition of the VCDPA.
After receiving your prior consent, we sometimes disclose personal data collected via cookies for cross-contextual behavioral advertising purposes, which may qualify as sharing your personal data under the VCDPA. To opt out, you can adjust your cookie preferences on our website to block our advertising cookies, or you can change your device settings to block cookies or install a third-party plugin to control how cookies interact with your device. For more information on how we use cookies and other tracking technologies, read our Cookie Notice.
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Usage Data
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
Application
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Legal information
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
This privacy policy relates solely to this Application, if not stated otherwise within this document.
| Date | |
| January 2021 | View |
