Introduction

This document describes the methods for processing personal data relating to the OTOMO® system.

The information is provided pursuant to art. 13 of Legislative Decree no. 196/2003 (“Privacy Code”) and Article 13 of EU Regulation 679/2016 (“General Data Protection Regulation”) to all those who interact with the OTOMO® product.

All data are processed by adopting the necessary technical and physical protection measures required by law.

This privacy statement refers to the user data collected directly from Eelectron and therefore refers to the relationship that exists exclusively between Eelectron as owner and the interested party.

Every user of OTOMO®, taking note of this information, agrees to use the product in full compliance with the rules on privacy and, where OTOMO® is installed in a business context,  labor law.

This information does not refer to the processing of data carried out by the owner of the sensor network connected to the OTOMO® application (the “Network Manager”) in the case where the same uses the collected data, also thanks to particular modifications of the product or through the crossing of several databases, for workers remote control use or for other purposes not included in this statement. The Network Operator is in such cases to be considered as an independent data controller.

  1. Data controller

Eelectron S.p.A.
Via Claudio Monteverdi 6
Legnano, 20025, Italia
Contatti: privacy@eelectron.com – Phone + 39 0331 500 802 – fax + 39 0331 56 48 26

 

  1. Type of processed datas

2.1 Installation datas

Upon installation of the product and registration on the connected mobile application, OTOMO® will request all necessary informations for user authentication, customisation and improvement of the offered service. In particular, OTOMO® will request the inclusion of (i) personal data (name, surname), and (ii) e-mail.

 2.2 Datas of the devices associated to the product

This category includes the hardware model, the IMEI number and other unique device identification codes, the MAC address, the IP address, the version of the operating system used and the used device settings to utilise the service.

2.3 Environmental datas

OTOMO® allows you to connect sensors that can detect the temperature and the brightness of the environments accessed by users, allowing them to modify manually or automatically the parameters according to personal needs and energy saving purposes.

2.4 Geolocation datas

OTOMO® uses Bluetooth Low Energy (BLE) technology to detect the access of people with mobile devices in a given environment. In this way OTOMO® can automatically change the environmental parameters to optimise the management of light, climate and improve the wake-sleep rhythm. OTOMO® will be able to use the data relating to the permanence of users inside the monitored areas also to automatically activate motorised devices as per settings (eg shutters, gates, doors) to optimise energy savings, as well as to alert the presence of users in a given area.

2.5 Datas on how to use the device

OTOMO® collects data on the use of the device, including direct adjustments to environmental parameters, the switching on and off of the device, the number of associated automated devices and remote control of the same.

2.6 Information Collection and Use

For a better experience, while using our Service, we may require you to provide us with certain personally identifiable information. The information that we request will be retained by us and used as described in this privacy policy.

The app does use third party services that may collect information used to identify you. Link to privacy policy of third party service providers used by the app

  1. Processing Methods

The owner processes the personal data of users by adopting appropriate security measures to prevent access, disclosure, modification or unauthorised destruction of personal data.

The processing is carried out using IT and non-IT and / or telematic tools with organisational methods and with logic strictly related to the purposes indicated, so that an adequate level of protection of personal data is guaranteed.

  1. Communication and dissemination of datas

In addition to the owner, categories of employees involved in the organisation of the owner (administrative, commercial, marketing, legal, system administrators) or external parties (such as affiliates, business partners and service providers) may have access to the data and, if necessary , may be appointed as responsible for the processing from the owner. The data may also be disclosed in the context of business operations concerning the owner, such as mergers or sales of business units. The data may always be disclosed to third parties in aggregate and / or anonymised form.

With the express consent, you can request access to networks organised and managed by different Managers, authorising the sharing with them of your personal data.

OTOMO, unless otherwise indicated, will share with your Network Manager exclusively your name, surname and e-mail address. You may at any time withdraw consent to the communication of data to third parties and exit the network organised and managed by each Manager. The updated list of managers and employees can always be requested to the data controller. The communication of data, where required by law, is kept as Eelectron’s right.

In order to generate statistical reports related to the use of the areas involved and to energy efficiency, the Data Controller will communicate data in an anonymised and / or aggregated form to third-party services that will reprocess them for statistical purposes.

  1. Place of treatment

The processing of data takes place at the headquarters of the owner and in any other place where the parties legitimately involved in the processing are located. The interested party can always request information concerning the place of treatment.

  1. Transfer of personal datas

Management and storage takes place on servers located within the European Union. The owner, if necessary, maintains the right to move the server location, adopting all the security and organizational measures necessary to guarantee its protection.

If the personal data being processed are transferred outside the European Union, the Data Controller will inform the data subject and identify an appropriate legal basis for the transfer, such as the adoption of standard clauses approved by the European Commission, the consent of the interested parties, the selection of subjects adhering to programs for free circulation of data and subject to an adequacy decision by the European Commission.

  1. Data retention times

The data are processed only for the time necessary to perform the service requested by the user, or required by the purposes described in this document, after which they will only be stored in compliance with current legal requirements. The Data Controller will evaluate the retention times of personal data on the basis of proportionality and minimization criteria, differentiating them according to the different company needs and  to the type of personal data processed. The interested party can always ask the Owner to provide more details on the storage times, as well as request the interruption of the processing or the cancellation of the data as subsequently described.

  1. Purpose of the processing and legal basis of the processing
    The data provided may be processed for the following purposes: a) Make it possible to authenticate users in the OTOMO® system and provide technical assistance where required
  2. b) Offer the OTOMO® service, in particular to automatically change the environmental parameters, manage automated devices (shutters, gates, doors and other motorised tools) and anonymously alert the Occupation Manager of the space network)
  3. c) Improve and customise the service offered to users by reprocessing the data on how to use OTOMO® products
  4. d) To provide the user, the Network Operator and the Data Controller (anonymously or aggregated) with reports on the times of activity, on energy consumption and on the occupation of the spaces, which can be kept for the improvement of the service and for the other indicated purposes. None of the data collected will allow the Network Operator to identify, through the simple use of the OTOMO® service, the persons who access the monitored premises.
  5. e) Offer updates, news and promotions relating to our products and services and business parters
  6. f) Communicate data in an anonymised or aggregated form for statistical or industrial purposes.

The purposes referred to in points a) and b) are necessary for the execution of the service pursuant to article 6.1.b of the Regulations.

The purposes referred to in points c) and d), if they involve the processing of personal data, are based on the legitimate interest of the Owner in accordance with article 6.1.f of the Regulations. The legitimate interest is due to the need to make the service more efficient, balanced by obtaining a constantly updated and improved product on a free and ongoing basis.

The purpose referred to in point e) is based on the consent of the interested party pursuant to article 6.1.a of the Rules. If the recipient of commercial communication is a user who has already purchased an OTOMO product or service, the promotion may be sent pursuant to Article 130.4 of the Privacy Code. You can always oppose further commercial communications.

 

  1. Mandatory or optional nature of the contribution

The provision of data is optional, but not consenting to certain options could result in the reduction or inability to provide the service. Failure to provide authentication data makes it impossible to connect to the OTOMO® system and to use the manual personalisation and control options. Failure to provide data and geolocation will make it impossible to use the user detection services and automated changes while entering certain environments.

The user has the option of consenting separately to receiving offers to promote products and services.

  1. User rights

The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the absence of the data with the data controller, to know its content and origin, to verify its accuracy or request its integration, cancellation, limitation, updating, rectification, transformation into anonymous form or blocking of personal data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their treatment. The user has the right to obtain the personal data supplied in a structured format, in common and automatically readable by automatic device, and to transmit them, directly or through the holder, to another data controller (so-called data portability) . In any case, the user has the right to withdraw the consent given. The withdrawal of consent does not affect the legitimacy of all previous treatments.

The rights of the user can be exercised by contacting the Data Controller directly to the following email address privacy@eelectron.com or using the appropriate procedures provided by the site or in the App.

  1. Changes to the Privacy Policy

The data controller reserves the right to make changes to this privacy policy at any time by giving publicity to users on this page. Therefore, please periodically consult this page or section of the site, taking as reference the date of last modification indicated at the bottom. In case of non-acceptance of the changes made to this privacy policy, the user is required to cease using the service and may request the data controller to remove his personal data.

  1. Complaints

The interested party has in any case the right to lodge a complaint to the Privacy Guarantor, in writing, according to the procedures established by law and available on the website www.garanteprivacy.it

 

DEFINITIONS:

Personal Data (or Data)

It constitutes personal data any information relating to a natural person, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.

Treatment (of data)

Any operation or set of operations concerning the collection, registration, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking , communication, dissemination, deletion and destruction of data, even if not registered in a database.

Data Controller (or Holder)

The legal entities to which compete, even together with another owner, the decisions regarding the purposes, the methods of processing personal data and the tools used, including the security profile, in relation to the operation and use of the site. The data controller, unless otherwise specified, is the owner of the site.

Data Processor (or Manager)

The legal entities appointed by the data controller to process personal data, as prepared by this privacy policy.

Person in Charge of the Treatment (or appointed)

The natural persons authorised to perform processing operations by the owner or manager.

User

The natural person to whom the personal data refers.