Privacy Policy

Hero Labs Privacy Policy

Last updated 27/08/2019

Thank you for choosing to be part of our community at Hero Labs.

(Hero Laboratories Ltd; trading as Hero Labs and referred to as “Hero Labs”, “we”, “us”, or “our” in this document).

Hero Labs is committed to protecting your personal information and your right to privacy.

When you use Hero Labs services like our mobile apps, our notification and alert services, or our website, you trust us with your personal information. We take that trust and your privacy very seriously. In this privacy policy we aim to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it, so that you can make informed decisions about sharing your personal information with us. We hope you take some time to read through it carefully, as it is important. In using our Apps and Services you agree to it, so if there is anything you feel you do not agree with you should discontinue use of our Apps and Services (and we encourage you to contact us [email protected] to tell us which parts, and why, so that we can improve).  

This privacy policy applies to all information collected through our mobile applications (“Apps”), our services and our websites, as well as through events, marketing activities, surveys or social media profiles (we refer to them collectively in this privacy policy as “Services”).

1. What information do we collect?

When you register an account for one of our Apps or Services, fill in a form on our website, place an order with us, participate in one of our training events or otherwise contact or interact with us, you will normally voluntarily provide us with information about yourself in the process. We collect and store that information so that we can provide Services to you and improve them over time.  

The personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use. However, it can include:

Your Name and Contact Data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.

Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.

Payment Data. We collect the data necessary to process your payment when make purchases, such as your payment instrument number (credit or debit card number), expiry dates and security codes associated with your it. All payment data is stored by the payment processor you choose at the checkout and you should review their privacy policies for details of how they use it thereafter.

Social Media Login Data. We provide you with the option to create an account quickly by providing social media account credentials (such as your Facebook log-in details). If you choose to register in this way, we will collect the information described in the section called “How do we handle social logins” below.

Information automatically collected. Some information – such as your IP address, browser or device characteristics – is collected automatically when you use our Apps and Services. This information does not reveal your specific identity (like your name or contact information) but may details like the make and model of your device, its operating system, your country, the URL that referred you to our site and information about how and when you use our Apps and Services. This information is primarily needed to maintain the security and operation of our apps, and for internal analytics and reporting purposes. Like many businesses, we also collect information through cookies and similar technologies.


Information collected through our Apps


When you use our Apps, we may collect information about the way you use them in order to improve how the Apps and Services work.


Geolocation Information. We may request permission to access and track location-based information from your mobile device, either continuously or while you are using our mobile application, to provide location-based services. For example, we use your location to help to automatically populate your address when you first run the Sonic App. If you wish to change the permissions you’ve granted us, you may do so at any time in your device’s settings.


Mobile Device Access. We may request access to certain features from your mobile device, including your mobile device’s storage, Bluetooth, camera, calendar, contacts, microphone, reminders, sensors, SMS messages, social media accounts, and other features. These are used to enable or enhance Services that we offer. For example, we may request access to your contacts to enable you to send invites for Hero Labs Apps and Services to people who share your home or business premises. If you wish to change any of the permissions you’ve granted us, you may do so at any time in your device’s settings.


Mobile Device Data. We may automatically collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address. We collect this information to secure and improve our Apps and Services.


Push Notifications. We may request to send you push notifications regarding Hero Labs Products and Services mobile application. We use these as an integral part of many services, such as to warn you if we have detected a problem in your home. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s settings.

Data from Products. We may collect data generated by Hero Labs Products such as Sonic or Signal. We use this data to provide and improve our Services and for internal reporting. For example, we may collect water flow data from Sonic and information about the appliances in your home to improve our leak detection service.


Information collected from other sources


We may collect data other sources such as public databases, marketing partners, social media platforms, and other outside sources. For example, we may reference a third-party database of properties in your country to aid in looking up your property address. If you choose to swiftly create an account by providing social media account credentials we may receive information attached to your social media profile such as your name, email, birthday, country of residence and  any other information that you choose to make public. If you discover our Products and Services via a search engine like Google, that search engine provides us with information about your searching behaviour such as the search terms that lead you to our website.


2. How do we use that information?


We use the personal information we collect to conduct legitimate business operations, to provide you with Services, to fulfil our contractual obligations to you and other parties and to ensure compliance with our various legal obligations (“Business Purposes”, “Contractual Purposes” and “Legal Reasons”).


We use the information we collect or receive:


To facilitate our account creation and logon process. We use the information you willingly provide us with when creating an account to create that account and verify your identity when you subsequently log in. If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate the account creation and logon process. See “How do we handle your social logins” for further information.


To enforce our terms, conditions and policies.


To respond to legal requests and prevent harm. If we receive a legal request we may need to inspect the data we hold to determine how to respond.


For other Business Purposes. We may use your information for other Business Purposes, such as data analysis, identifying usage trends, and to evaluate and improve our Apps, products, services, marketing and your experience.


3. Do we share your information with anyone else?


We only share information with your consent, to comply with laws, to protect your rights, or to fulfil business obligations.


We may process or share data based on the following legal basis:


Consent: We may process your data if you have given us specific consent to use your personal information in a specific purpose.


Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.


Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfil the terms of our contract.


Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order (including in response to public authorities to meet national security or law enforcement requirements).


Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.


More specifically, we may need to process your data or share your personal information in the following situations:


Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work.

For example: payment processing, data analysis, email delivery, hosting services, customer service, marketing. We may allow selected third parties to use tracking technology on the Apps, which will enable them to collect data about how you interact with the Apps over time. This information may be used, among other things, to analyse and track activity and use of our Services. Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.


Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.


Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honour this privacy policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.


Business Partners. We may share your information with our business partners to offer you certain products, services or promotions.


4. Do we use cookies and other tracking technologies?


Like many companies we use cookies and other tracking technologies like web beacons and tracking pixels to collect and store your information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.


5. Do we use Google Maps?


Yes, we use Google Maps for the purpose of providing better service. The mobile Apps use Google Maps APIs. You may find the Google Maps APIs Terms of Service here. To better understand Google’s Privacy Policy, please refer to this link.


By using our Maps API Implementation, you agree to be bound by Google’s Terms of Service. You agree to allow us to obtain or cache your location. You may revoke your consent at any time. We use information about location in conjunction with data from other data providers.


6. How do we handle social logons?


If you choose to register or log in to our websites using a social media account, we may have access to certain information about you. Our Apps offer you the ability to register and login using your third-party social media account details (like Google or Facebook accounts). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile Information we receive may vary depending on the social media provider concerned, but will often include your name, e-mail address, friends list, profile picture as well as other information you choose to make public.


We will use the information we receive only for the purposes that are described in this privacy policy or that are otherwise made clear to you on the Apps. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy policy to understand how they collect, use and share your personal information, and how you can set your privacy preferences on their sites and apps.


7. Do we transfer any of this information internationally?


We may transfer, store, and process your information in countries other than your own.
Our servers are located in the European Union. If you are accessing our Apps or Services from outside European Union, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information (see “Do we share your information with anyone else?”), in the European Union, and other countries. In doing so we take all necessary measures to protect your personal information in accordance with this privacy policy and applicable law.


8. How long do we keep your information?


We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than 5 years after you close your account. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise. If this isn’t possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.


9. How do we keep your information safe?


We aim to protect your personal information through a system of organisational and technical security measures. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Apps and Services is at your own risk. You should only access them within a secure environment.


10. Do we collect information from minors?


We do not knowingly collect data from or market to children under 16 years of age.
By using the Apps, you represent that you are at least 16 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Apps. If we learn that personal information from users less than 16 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 16, please contact us at [email protected].


11. What are your privacy rights?

Depending on where you live in the world, you have a set of rights as to how the data that companies collect about you gets treated.  In the European Union, this typically includes the right:

Wherever you live in the world you can amend your information via the Apps or by emailing [email protected]. You can also request that we terminate your account. Upon receiving your request to terminate your account, we will deactivate or delete your account and information from our active databases within 30 days, but, some information may be retained in our files as detailed in “How long do we keep your information”.


You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send. You will then be removed from the marketing email list – however, we will still need to send you service-related emails that are necessary for the administration and use of your account.


If you are resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here.


Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.


12. Do we make changes to this policy?


Yes, we will update this policy as necessary to stay compliant with relevant laws and aligned with our legitimate business interests. When we update this policy, the updated version will be indicated by an updated “Revised” date at the top of the document. The updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification via the Apps or Services. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.


13. Who can I contact about this policy?  


If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO), Krystian Zajac, by email at [email protected], or by post to:


Hero Laboratories Ltd

Krystian Zajac Unit 6, The Edge Business Centre
Humber Road
London NW2 6EW
United Kingdom