SOMFY SYSTEMS, INC.

PRIVACY POLICY

Last update: May 2020

At Somfy, we want to be and remain your partner of choice on your journey exploring and experiencing smart home solutions and related products or services. We value the trust you put in us and commit to being fully transparent about how we collect, use and protect your personal information. We recognize your need for reasonable control over your personal information, and we commit to implementing mechanisms, procedures and policies that ensure the confidentiality, integrity and security of your personal information throughout its life cycle.

This Policy informs you what to expect when we collect and use personal information, and in particular:

  • Who is concerned by this Policy
  • Who is responsible
  • How we collect and use your personal information
  • When we share your personal information with third parties
  • How your personal information is protected
  • Data retention practices
  • International data transfers
  • Cookies and online tracking
  • EU resident rights
  • California resident rights
  • Children’s privacy protections
  • How you can contact us
  • What happens if we make changes to this Privacy Policy

1. Who is concerned by this Policy

This Policy applies to you when you visit our websites, when you interact with us with a view to establishing a business relationship, throughout your business relationship with us, either online or offline, when you use the technology we make available to you or when you connect to certain platforms, applications or other solutions we may provide or make available.

2. Who is responsible

The legal entity responsible for the personal information collected from you is the business that determines how, when and why it collects and uses your personal information. The identity of the responsible business will depend on who you are:

  • If you are a visitor of this website, the responsible business is the owner of the website;
  • If you are a customer or a supplier, the responsible business is the legal entity that manages your business relationship with Somfy. This information can be found on the invoice or purchase order you receive or in the agreement you have entered into with Somfy.

3. How do we collect and use personal information about you?

Categories and Types of Personal information We Collect

We collect the following categories and types of personal information:

  • Contact Information: your first and last name, mobile phone number, mailing address, email address;
  • Other identifying information: IP address, cloud ID, signature, your client number, third party device information, such as login information, account creation date, ID, device name, channel name, scene name, schedule name, frequency of use and device location if you use your Somfy device in connection with a third party device;
  • Geolocation data;
  • Internet or other electronic activity: your browsing and click history, including information about how you navigate within our services and which elements of our services you use the most, device information, network information, log files, device information, network, information, last log-in date;
  • Audio/visual information: any photos that you provide, time arriving and leaving our premises;
  • Commercial information: products viewed on our site;
  • Preferences: your opinion and preferences about a product; your communication preferences; the products or services that are of interest to you or your company;
  • Inferences: inferences drawn from the categories described above in order to create a profile about you to reflect your preferences, characteristics, behavior and attitude.

Categories of Use

We use your personal information for the following purposes:

  • Transactional Purposes: We use your contact information, demographic information, other identifying information, preferences and commercial information to:
    • Manage your orders: for example to process payments, ship samples or final products or services and inform you about the status of your order;
    • Manage and maintain our business relationship, including to create and maintain an account in our systems;
    • Provide services in line with our contractual arrangement;
    • Subscribe or upgrade to any of our services or that of our partners;
    • Activate your Somfy device;
    • Communicate with you about your order or registration; and
    • Process payments.
  • Analytical Purposes: We use your demographic information, geolocation data, Internet activity and browsing history and geolocation data to analyze preferences, trends and statistics.
  • Marketing Purposes: We use your contact information, commercial information, demographic information, Internet or other electronic activity, and inferences to:
    • Inform you of our products, services, and offers;
    • Provide you with targeted advertising; and
    • Send you marketing communications, newsletters and/or end-user surveys about our activities and products or services that may be of interest to you in the course of our business relationship.
  • Maintenance and Improvement of Services and Website: We use your contact information, geolocation data, other deidentifying information, commercial information, and Internet activity and browsing history to:
    • Provide and maintain functionality on our websites;
    • Provide remote support
    • Deliver customer services, for example to address any queries you may have and record and share internally such queries to better answer them and improve our products or services and services in the future;
    • Analyze your feedback and opinion about our products or services to always improve and further develop them;
    • Manage your inquiries when contacting our media or investors relations or when contacting us via the contact form on our website or when using one of our channels for raising complaints; and
    • Create statistics to improve our products or services.
  • Security and Fraud Prevention: We use your contact information, audio and visual information, other identifying information, geolocation data, internet activity and browsing history, and inferences to protect the website, our company, and others, and for fraud detection, theft prevention, emergency response purposes, and legal compliance.

Sources of Personal information

We collect information from the following sources:

We collect information directly from you. We collect contact, financial, certain identifying information, preferences and demographic information directly from you when completing contact forms or creating accounts on any of our websites, when you get in touch with our customer or media relations teams, during fairs or other events that you attend.

We collect information about you from third parties. We may at times also collect information about you from third parties or from publicly available sources such as information about you made available on your company’s website, or from public registries.

We collect information from you passively. We collect Internet or other electronic activity passively using tools like browser cookies and other similar technologies. This activity is further described in the Cookies and Online Tracking section below. We may also collect information when you interact with our feeds on social media platforms.

4. When We Share Information with Third Parties

Our Service Providers

We may contract with companies or persons to provide certain services including for purposes of shipments, software services, customer service, marketing, hosting or legal/tax consultancy services, transportation or payment processing. We call them our Service Providers. We provide our Service Providers with the information needed for them to perform these services. We also ask our Service Providers to confirm that their privacy practices are consistent with ours.

Our Affiliates

We may share your personal information with our employees across different departments and, possibly, other entities of the Somfy Group. This sharing of personal information is carried out on the basis of Somfy Group’s legitimate interest to administer its contractual relations within the Somfy Group and maintain an effective business structure. We may also share your personal information in the course of a merger, sale or acquisition of a business.

Law Enforcement and Courts

In certain instances we may disclose your contact information when we have reason to believe that it is necessary to identify, contact or bring legal action against persons or entities who may be causing injury to you, to Somfy Systems or to others. We may also disclose your contact information when we believe the law or legal process requires it

5. How your personal data is protected

We put in place a series of technical and organizational measures to secure your personal data and to protect it from unlawful destruction, loss, alteration or access. Persons using your personal information are under a duty of confidentiality.

The security of your personal information is of the utmost importance to us. Take care, to protect and maintain the security of your account. You have immediately notified us of any unauthorized use of your account.

Even if we take reasonable precautions to guard against possible security breaches on our websites and databases and files on our users, no site or transmission over the Internet is completely secure, and we cannot guarantee unauthorized access, hacking, data loss or other harm will never occur. We ask that you take all precautions to protect your personal information (including the password of your account) and to disconnect from your session after use. If your account is hacked, this may result in unauthorized use. You should be careful and watch for the security of your personal information

6. Data retention

We retain your personal information for as long as it is necessary for each of the purposes outlined above. We may however retain certain of your personal information for compliance with applicable laws and regulations (e.g. for tax and audit purposes) and in accordance with our retention rules. Where it is no longer required to retain information that can still identify you, we will either erase, deidentify or aggregate it so that you may no longer be identifiable as a single individual.

7. International data transfers

We operate as a global company and rely on service providers to support our global solutions. Your personal data may be transferred to another country other than the one you reside in. We ensure, however, that such international data transfer is made in compliance with applicable data protection laws.

8. Cookies and Online Tracking

We may use cookies to enhance your browsing experience on our websites. Cookies are small files which are stored on a user's computer; they hold a modest amount of data specific to a particular user and website.

We use two types of cookies. First, we use cookies that are strictly necessary for the functioning of our websites (e.g. analytical cookies that allow us to assess the use and performance of our websites and to then improve their functionalities).

We also use third party cookies to improve the interactivity of our websites. For example, our website relies on certain services offered by third party. These include, but are not limited to :

Share buttons for:

  • Twitter
  • Instagram
  • Facebook

Videos broadcast on the website :
YouTube API (See YouTube’s Terms of Use and Privacy Policy)

If you do not want to accept the use of cookies, you can change your web browser settings to automatically deny the storage of cookies or to inform you each time a website requests permission to store a cookie. By choosing not to accept cookies, our websites would not work properly.

You can also change at any time your cookie settings here.

The processing is conducted on the basis of our legitimate interest to gather, monitor and analyze website activity. You do, however, also have to agree with the processing of cookies as set out in the cookie banner which appears when you enter the website.

We also use advertising cookies so that we can show ads that we deem relevant for you, either on our site, or when you surf the Internet generally. Such cookies are mainly used to limit the number of times you see a particular ad, and help us assess the impact of an ad campaign.

Not accepting advertising cookies does not impact your user experience when surfing our websites.

Our systems do not recognize browser “Do Not Track” signals, but several of our Service Providers who utilize these cookies on our website enable you to opt out of targeted advertising practices. To learn more about these advertising practices or to opt out of this type of advertising, you can visit www.networkadvertising.org or www.aboutads.info/choices.

9. EU Rights

Under EU data protection legislation, personal information includes a broad amount of information, including any information that can be used to identify, directly or indirectly, in particular by reference to an identifier such as an IP address, location data, and an online identifier. Since we may collect some if this type of information when we collect your usage data, you may have additional protections under EU data protection legislation, if you reside in the EU. Under EU data protection legislation, we are only permitted to use your personal information if we have a legal basis for doing so. In addition to your consent, we rely on the following legal bases to use your information:

  • Where we need to comply with a legal obligation
  • Where the processing is necessary for us to carry out activities for which it is in Somfy’s legitimate interests (or those of a third party) to do so and provided that your interests andfundamental rights do not override those interests, including the reasons set out in Section 1 of this Policy.

In more limited circumstances we may also rely on the following legal bases:

  • Where we need to protect your interests (or someone else's interests)
  • Where it is needed in the public interest or for official purposes

You have a number of rights under EU data protection legislation in relation to your personal information, these include the right to:

  • Right to access and to correct. You have the right to request a copy of the personal information we hold about you, and you can correct or complete personal information that we hold about you at any time by contacting us. You can help Somfy ensure that your contact information and preferences are accurate, complete and up to date by filling out an updated contact form on any of our websites, or by contacting Somfy at (800) 227-6639 or www.somfysystems.com/en-us/privacy-policy/contact-us with your corrections or updates.
  • Right to object and to restrict. You have the right at any time to object to the use of your personal information by us for direct marketing purposes. Under certain circumstances, you can also restrict our use of your personal information, for example while we take steps to correct inaccurate information following your request.
  • Right to deletion. We delete your personal information on your request unless we need to retain your personal information to comply with applicable laws and regulations and in accordance with our retention rules.
  • Right to lodge a complaint. You can contact us if you believe that our use of your personal information is not aligned with applicable data protection laws. You also have the right to lodge a complaint with the data protection supervisory body in your country or in the country where your Business is located if applicable.
  • Right to control cookies and other technologies on our websites. When you first visit our websites, you are asked to consent to the use of cookies and other technologies. You can manage your choice at any time. Please visit our Cookies policy to learn how to keep control of your online activity.

10. Notice to California Residents/Your California Privacy Rights

To opt out of sharing your personal information with third parties for their direct marketing purposes, please contact us at Somfy at (800) 227-6639 or www.somfysystems.com/en-us/privacy-policy/contact-us and clearly state your request, including your name, mailing address, e-mail address and phone number.

If you are a California resident, you also have certain privacy rights under the California Consumer Privacy Act (“CCPA Rights”). This section describes those rights and how you can exercise them with Somfy.

CCPA Rights Requests

Right to Know and Right to Deletion

You can request what personal information we have collected, used, disclosed, and sold in the preceding 12 months:

You can also request that we delete your personal information. We may not delete all of your personal information if one of the following exceptions applies:

  • Transactional: to complete a transaction for which the personal information was collected, provide a good or service requested by you, or perform a contract we have with you;
  • Security: to detect data security incidents;
  • Error Correction: to debug or repair any errors;
  • Legal: to protect against fraud or illegal activity or to comply with applicable law or a legal obligation, or exercise rights under the law, such as the right to free speech; or
  • Internal Use: to use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information (i.e. to improve our services).

Please note that if we delete your personal information, many of our services will not work the same. For example, you will no longer your previous opt out requests will not be saved, you will not have an account, and saved preferences and information will no longer be available.

To submit a request to know or a request to delete, please visit www.somfysystems.com/en-us/privacy-policy/contact-us. In order to verify your identity, we will need your email address and phone number. In order to designate an authorized agent to act on your behalf you must provide the authorized agent with written permission to do so, and your authorized agent must submit that written proof at the time they make the request on your behalf. If you wish to make multiple requests under this section, we recommend sending the deletion request last, as we will not be able to fulfill your other requests once we have deleted your information.

DO NOT SELL MY PERSONAL INFORMATION

Personal information that We Sell

We may “sell” (as sell is defined in CCPA) the following categories of personal information:

  • Identifiers;
  • Internet/electronic activity;
  • Commercial information; and
  • Inferences drawn from the categories described above in order to create a profile about you to reflect your preferences, characteristics, preferences, behavior and attitudes.

We do not knowingly sell the personal information of minors under the age of 18.

Right to Opt-Out of Sale

California residents have the right to opt out of the sale of your personal information to third parties, as “sale” is defined under CCPA.

To submit a request to opt out of the sale of your personal information, please visit www.somfysystems.com/en-us/privacy-policy/contact-us. In order to designate an authorized agent to act on your behalf you must provide the authorized agent with written permission to do so, and your authorized agent must submit that written proof at the time they make the request on your behalf.

We participate in digital advertising networks to deliver advertising that is tailored to your interests. The participation in certain ad networks can constitute a "sale" of personal information under CCPA.

In order to opt out of this activity, please visit optout.aboutads.info and optout.networkadvertising.org.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA Rights and we will not deny you goods or services, charge you a different price, or provide you with a lesser quality of goods or services if you exercise any of your CCPA Rights.

11. Children’s Privacy

The products and services are intended for users who are 18 years old or older. We do not knowingly collect personal information from children under the age of 18. If we become aware that we have inadvertently received personal information from a child under the age of 18, we will delete such information from our records.

12. Contact Us

For questions regarding this Policy, to exercise your rights or to lodge a complaint with us, please contact DPO at dpo@somfy.com (irrespective of which Somfy entity you have been in contact with):

13. Changes to this Policy

The most recent version of this Policy is on this webpage. We may modify this Policy at any time without notice, except if such modifications contain substantial changes that may affect individuals’ rights under applicable privacy and data protection laws, in which case you will be notified of such changes at the beginning of this page.