Hero Labs Privacy Policy
Last updated 27/08/2019
Thank you for choosing to be part of our community at Hero Labs.
(Hero Laboratories Ltd; trading as Hero Labs and referred to as “Hero Labs”, “we”, “us”, or “our” in this document).
Hero Labs is committed to protecting your personal information and your right to privacy.
When you use Hero Labs services like our mobile apps, our notification and alert services, or our website, you trust us with your personal information. We take that trust and your privacy very seriously. In this privacy policy we aim to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it, so that you can make informed decisions about sharing your personal information with us. We hope you take some time to read through it carefully, as it is important. In using our Apps and Services you agree to it, so if there is anything you feel you do not agree with you should discontinue use of our Apps and Services (and we encourage you to contact us [email protected] to tell us which parts, and why, so that we can improve).
This privacy policy applies to all information collected through our mobile applications (“Apps”), our services and our websites, as well as through events, marketing activities, surveys or social media profiles (we refer to them collectively in this privacy policy as “Services”).
1. What information do we collect?
When you register an account for one of our Apps or Services, fill in a form on our website, place an order with us, participate in one of our training events or otherwise contact or interact with us, you will normally voluntarily provide us with information about yourself in the process. We collect and store that information so that we can provide Services to you and improve them over time.
The personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use. However, it can include:
Your Name and Contact Data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.
Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.
Payment Data. We collect the data necessary to process your payment when make purchases, such as your payment instrument number (credit or debit card number), expiry dates and security codes associated with your it. All payment data is stored by the payment processor you choose at the checkout and you should review their privacy policies for details of how they use it thereafter.
Social Media Login Data. We provide you with the option to create an account quickly by providing social media account credentials (such as your Facebook log-in details). If you choose to register in this way, we will collect the information described in the section called “How do we handle social logins” below.
Information automatically collected. Some information – such as your IP address, browser or device characteristics – is collected automatically when you use our Apps and Services. This information does not reveal your specific identity (like your name or contact information) but may details like the make and model of your device, its operating system, your country, the URL that referred you to our site and information about how and when you use our Apps and Services. This information is primarily needed to maintain the security and operation of our apps, and for internal analytics and reporting purposes. Like many businesses, we also collect information through cookies and similar technologies.
Information collected through our Apps
When you use our Apps, we may collect information about the way you use them in
order to improve how the Apps and Services work.
Geolocation Information. We may request permission to access and track
location-based information from your mobile device, either continuously or
while you are using our mobile application, to provide location-based services.
For example, we use your location to help to automatically populate your
address when you first run the Sonic App. If you wish to change the permissions
you’ve granted us, you may do so at any time in your device’s settings.
Mobile Device Access. We may request access to certain features from
your mobile device, including your mobile device’s storage, Bluetooth, camera,
calendar, contacts, microphone, reminders, sensors, SMS messages, social media
accounts, and other features. These are used to enable or enhance Services that
we offer. For example, we may request access to your contacts to enable you to
send invites for Hero Labs Apps and Services to people who share your home or
business premises. If you wish to change any of the permissions you’ve granted
us, you may do so at any time in your device’s settings.
Mobile Device Data. We may automatically collect device information
(such as your mobile device ID, model and manufacturer), operating system,
version information and IP address. We collect this information to secure and
improve our Apps and Services.
Push Notifications. We may request to send you push notifications
regarding Hero Labs Products and Services mobile application. We use these as
an integral part of many services, such as to warn you if we have detected a
problem in your home. If you wish to opt-out from receiving these types of
communications, you may turn them off in your device’s settings.
Data from Products. We may collect data generated by Hero Labs Products such as Sonic or Signal. We use this data to provide and improve our Services and for internal reporting. For example, we may collect water flow data from Sonic and information about the appliances in your home to improve our leak detection service.
Information collected from other sources
We may collect data other sources such as public databases, marketing partners,
social media platforms, and other outside sources. For example, we may
reference a third-party database of properties in your country to aid in
looking up your property address. If you choose to swiftly create an account by
providing social media account credentials we may receive information attached
to your social media profile such as your name, email, birthday, country of
residence and any other information that
you choose to make public. If you discover our Products and Services via a
search engine like Google, that search engine provides us with information
about your searching behaviour such as the search terms that lead you to our
website.
2. How do we use that information?
We use the personal information we collect to conduct legitimate business
operations, to provide you with Services, to fulfil our contractual obligations
to you and other parties and to ensure compliance with our various legal
obligations (“Business Purposes”, “Contractual Purposes” and “Legal
Reasons”).
We use the information we collect or receive:
To facilitate our account creation and logon process. We use the
information you willingly provide us with when creating an account to create
that account and verify your identity when you subsequently log in. If you
choose to link your account with us to a third-party account (such as your
Google or Facebook account), we use the information you allowed us to collect
from those third parties to facilitate the account creation and logon process.
See “How do we handle your social logins” for further information.
To enforce our terms, conditions and policies.
To respond to legal requests and prevent harm. If we receive a legal request
we may need to inspect the data we hold to determine how to respond.
For other Business Purposes. We may use your information for other
Business Purposes, such as data analysis, identifying usage trends, and to
evaluate and improve our Apps, products, services, marketing and your
experience.
3. Do we share your information with anyone else?
We only share information with your consent, to comply with laws, to protect
your rights, or to fulfil business obligations.
We may process or share data based on the following legal basis:
Consent: We may process your data if you have given us specific consent
to use your personal information in a specific purpose.
Legitimate Interests: We may process your data when it is reasonably
necessary to achieve our legitimate business interests.
Performance of a Contract: Where we have entered into a contract with
you, we may process your personal information to fulfil the terms of our contract.
Legal Obligations: We may disclose your information where we are legally
required to do so in order to comply with applicable law, governmental
requests, a judicial proceeding, court order, or legal process, such as in
response to a court order (including in response to public authorities to meet
national security or law enforcement requirements).
Vital Interests: We may disclose your information where we believe it is
necessary to investigate, prevent, or take action regarding potential
violations of our policies, suspected fraud, situations involving potential
threats to the safety of any person and illegal activities, or as evidence in
litigation in which we are involved.
More specifically, we may need to process your data or share your personal
information in the following situations:
Vendors, Consultants and Other Third-Party Service Providers. We may
share your data with third-party vendors, service providers, contractors or
agents who perform services for us or on our behalf and require access to such
information to do that work.
For example: payment processing, data analysis, email delivery, hosting services, customer service, marketing. We may allow selected third parties to use tracking technology on the Apps, which will enable them to collect data about how you interact with the Apps over time. This information may be used, among other things, to analyse and track activity and use of our Services. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
Business Transfers. We may share or transfer your information in
connection with, or during negotiations of, any merger, sale of company assets,
financing, or acquisition of all or a portion of our business to another
company.
Affiliates. We may share your information with our affiliates, in which
case we will require those affiliates to honour this privacy policy. Affiliates
include our parent company and any subsidiaries, joint venture partners or other
companies that we control or that are under common control with us.
Business Partners. We may share your information with our business
partners to offer you certain products, services or promotions.
4. Do we use cookies and other tracking technologies?
Like many companies we use cookies and other tracking technologies like web
beacons and tracking pixels to collect and store your information. Specific
information about how we use such technologies and how you can refuse certain
cookies is set out in our Cookie Policy.
5. Do we use Google Maps?
Yes, we use Google Maps for the purpose of providing better service. The mobile
Apps use Google Maps APIs. You may find the Google Maps APIs Terms of Service here.
To better understand Google’s Privacy Policy, please refer to this link.
By using our Maps API Implementation, you agree to be bound by Google’s Terms
of Service. You agree to allow us to obtain or cache your location. You may
revoke your consent at any time. We use information about location in
conjunction with data from other data providers.
6. How do we handle social logons?
If you choose to register or log in to our websites using a social media
account, we may have access to certain information about you. Our Apps offer
you the ability to register and login using your third-party social media
account details (like Google or Facebook accounts). Where you choose to do
this, we will receive certain profile information about you from your social
media provider. The profile Information we receive may vary depending on the
social media provider concerned, but will often include your name, e-mail
address, friends list, profile picture as well as other information you choose
to make public.
We will use the information we receive only for the purposes that are described
in this privacy policy or that are otherwise made clear to you on the Apps.
Please note that we do not control, and are not responsible for, other uses of
your personal information by your third-party social media provider. We
recommend that you review their privacy policy to understand how they collect,
use and share your personal information, and how you can set your privacy
preferences on their sites and apps.
7. Do we transfer any of this information internationally?
We may transfer, store, and process your information in countries other than
your own.
Our servers are located in the European Union. If you are accessing our Apps or
Services from outside European Union, please be aware that your information may
be transferred to, stored, and processed by us in our facilities and by those
third parties with whom we may share your personal information (see “Do we
share your information with anyone else?”), in the European Union, and
other countries. In doing so we take all necessary measures to protect your
personal information in accordance with this privacy policy and applicable law.
8. How long do we keep your information?
We will only keep your personal information for as long as it is necessary for
the purposes set out in this privacy policy, unless a longer retention period
is required or permitted by law (such as tax, accounting or other legal
requirements). No purpose in this policy will require us keeping your personal
information for longer than 5 years after you close your account. When we have
no ongoing legitimate business need to process your personal information, we
will either delete or anonymise. If this isn’t possible (for example, because
your personal information has been stored in backup archives), then we will
securely store your personal information and isolate it from any further
processing until deletion is possible.
9. How do we keep your information safe?
We aim to protect your personal information through a system of organisational
and technical security measures. However, please also remember that we cannot
guarantee that the internet itself is 100% secure. Although we will do our best
to protect your personal information, transmission of personal information to
and from our Apps and Services is at your own risk. You should only access them
within a secure environment.
10. Do we collect information from minors?
We do not knowingly collect data from or market to children under 16 years of
age.
By using the Apps, you represent that you are at least 16 or that you are the
parent or guardian of such a minor and consent to such minor dependent’s use of
the Apps. If we learn that personal information from users less than 16 years
of age has been collected, we will deactivate the account and take reasonable
measures to promptly delete such data from our records. If you become aware of
any data we have collected from children under age 16, please contact us at [email protected].
11. What are your privacy rights?
Depending on where you live in the world, you have a set of rights as to how the data that companies collect about you gets treated. In the European Union, this typically includes the right:
- To be told about the data that’s being collected and how it’s used.
- To have access to the data that’s being collected and request a copy.
- To have incorrect information about you corrected, or completed if it’s incomplete.
- To ask for information about you to be deleted (although it’s not automatically granted).
- To restrict how your data is used (although it’s not automatically granted).
- To data portability, meaning you can take the data that’s been collected and reuse it for your own purposes across different services.
- To object to the processing of your personal data under certain circumstances.
- And rights relating to decisions about you that are made automatically, like profiling.
Wherever you live in the world you can amend your information via the Apps or by emailing [email protected]. You can also request that we terminate your account. Upon receiving your request to terminate your account, we will deactivate or delete your account and information from our active databases within 30 days, but, some information may be retained in our files as detailed in “How long do we keep your information”.
You can unsubscribe from our marketing email list at any time by clicking on
the unsubscribe link in the emails that we send. You will then be removed from
the marketing email list – however, we will still need to send you
service-related emails that are necessary for the administration and use of
your account.
If you are resident in the European Economic Area and you believe we are
unlawfully processing your personal information, you also have the right to
complain to your local data protection supervisory authority. You can find
their contact details here.
Most web browsers and some mobile operating systems and mobile applications
include a Do-Not-Track (“DNT”) feature or setting you can activate to signal
your privacy preference not to have data about your online browsing activities
monitored and collected. No uniform technology standard for recognizing and
implementing DNT signals has been finalized. As such, we do not currently
respond to DNT browser signals or any other mechanism that automatically
communicates your choice not to be tracked online. If a standard for online
tracking is adopted that we must follow in the future, we will inform you about
that practice in a revised version of this Privacy Policy.
12. Do we make changes to this policy?
Yes, we will update this policy as necessary to stay compliant with relevant
laws and aligned with our legitimate business interests. When we update this
policy, the updated version will be indicated by an updated “Revised” date at
the top of the document. The updated version will be effective as soon as it is
accessible. If we make material changes to this privacy policy, we may notify
you either by prominently posting a notice of such changes or by directly
sending you a notification via the Apps or Services. We encourage you to review
this privacy policy frequently to be informed of how we are protecting your
information.
13. Who can I contact about this policy?
If you have questions or comments about this policy, you may contact our Data
Protection Officer (DPO), Krystian Zajac, by email at [email protected], or by
post to:
Hero Laboratories Ltd
Krystian Zajac
Mercury House,
117 Waterloo Road,
London SE1 8UL