App Privacy Policy

Neato App Privacy Policy

Effective Date: 07 Aug 2018

We are dedicated to protecting the privacy of those who use our Neato mobile android and iOS applications (“Neato App”). This Privacy Policy explains how we collect your Personal Data, how we protect such data, and the rights you have concerning the use of such data. Please read this Privacy Policy carefully.

WHO WE ARE

The controller of your Personal Data collected via our Neato App according to Art. 4(7) GDPR is Neato Robotics, Inc., 8100 Jarvis Avenue, Newark, California, USA 94560 (“Neato”).

WHAT DATA ABOUT ME IS COLLECTED AND HOW IS IT USED?

Which Personal Data we Collect

Personal Data is information that identifies you or can be used to identify or contact you (“Personal Data”). Such Personal Data may include your name, address, email address, telephone number, birth date (primarily for eligibility purposes), billing and credit card information.

We collect Personal Data from you when you use our Neato App as further described in this Privacy Policy. In all of these cases, we will only process Personal Data that you provide directly to us or which we automatically collect from you as specified in this Privacy Policy. Unless defined in this Privacy Policy or unless you give us permission to do so, we will not use or share your Personal Data other than as specified in this Privacy Policy.

How we Collect and Use Your Personal Data

In the following section, you will find information on how we collect your Personal Data, for which purposes we process your data and on which legal basis we do so. To the extent the legal basis of our processing of your data are our legitimate interests, you can contact us at the contact details below if you require more details on our legitimate interests. If we use your consent as the legal basis of our processing of your Personal Data, you have the right to revoke your consent at any time with future effect as described in the following or by contacting us at the contact details below. This will not affect the processing of your Personal Data being undertaken until the revocation. The same applies if we refer to your consent or our legitimate interests in other parts of this Privacy Policy.

  • If you register for the Neato App

In order to use all functions of our Neato App you have to register. Therefore, you have to provide your email address, a password and your country as mandatory information.

This data is required to set up and manage a user account for you. We also need this and where necessary other data in order to be able to respond to any queries you may have.

We collect the above data in order to provide you with our Neato App, Art. 6 (1)(b) GDPR. Please note that you are contractually required to provide us with such Personal Data and that without such Personal Data you will not be able to use the Neato App.

  • If you use the Neato App

When you use the Neato App, we automatically receive certain information about your mobile device and use of the application, including a mobile device identifier (IDFA on Apple products like the iPhone and iPad or similar advertising identifiers) and your IP Address, which we require for the transmission of requested content, operating system, version, and other similar information, such as time spent in different portions of the Neato App. Such aggregated information does not allow us to identify you and is used by us to analyse trends, to administer the Neato App, to monitor our Neato App’s use, and to gather general information about the use of our Neato App. When you use the Neato App, we further process information about your location (address) to route you to the right customer support agent and to help you find where you can purchase accessories that will keep your robot running at peak performance and locale (language spoken) in order to localize the messages sent to you. Moreover, we process information about your location to access the list of Wi-Fi networks during our process to connect the robot to Wi-Fi and the cloud/app, to reroute you to closer servers for better experience and for security reasons in order to block and report malicious users.

The legal basis for such processing of your Personal Data are our legitimate interests (Art. 6(1)(f) GDPR) in customizing the content of our services in line with user preferences and in further improving our services.

When you use the Neato App, we process information about your floor plan in order to be able to determine no-go lines, go areas, show maps and other map-related features. In addition, we process information concerning your cleaning schedule in order to provide you with the option to schedule time and date of the cleaning.

Such processing of your Personal Data is necessary for the performance of our services. The legal basis for such processing of your Personal Data is therefore Art. 6(1)(b) GDPR. Please note that you are contractually required to provide us with such Personal Data and that without such Personal Data you will not be able to use our features concerning the floor plan and cleaning schedule.

We process information concerning your cleaning and statistics in order to provide you with information about your historical cleaning runs to see trends and figure out how to fix any issues your robot is having and to gather statistics on the use of current features to impact future enhancements.

The legal basis for such processing of your Personal Data are our legitimate interests (Art. 6(1)(f) GDPR) in customizing the content of our services in line with user preferences and in further improving our services.

PERMISSIONS

Our Neato App uses the following permissions:

Permission Purpose
Location Your location is required in order to access the list of Wi-Fi networks during our process to connect the robot to Wi-Fi and the cloud/app and to reroute you to closer servers for better experience.

Your location may also be required for security reasons in order to block and report malicious users and to route you to the right customer support agent and to help you find where you can purchase accessories that will keep your robot running at peak performance.

Internet access Internet access is required in order to store the information you added and for the interaction with the robot.
Fingerprint We require this permission if you want to use fingerprint technologies to login.
Push Notifications This permission is required if you want to receive push notifications.
Photo Library Access This permission is required if you want to save images from maps in the photo library.

PSEUDONYMOUS USER PROFILES

Crashlytics

We use Crashlytics, a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Crashlytics will send us certain technical information about your device and your app installation in case your app crashes. We use such data exclusively to determine the reason for the crash and to correct errors in our app. Basically, such information does not contain Personal Data. However, we cannot exclude the possibility that Personal Data or pseudonymous data may also be collected in the form of meta data.

The use of Crashlytics is based on our legitimate interest in recognizing, investigating and correcting errors in our Neato App and thus being able to offer our Neato App in accordance with the contract and the fact that your legitimate interests do not outweigh, Art. 6 (1)(f) GDPR.

Firebase Analytics

We collect pseudonymous usage statistics about your use of our Neato App using Google Firebase, a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Based on your iOS IDFA or your Android advertising ID, general, non-personal statistics about how and by which user groups our Neato App is used are created.

The use of Firebase Analytics is based on our legitimate interest in a demand-oriented design, the statistical evaluation and the efficient advertising of our Neato App and the fact that your legitimate interests do not outweigh, Art. 6 (1)(f) GDPR.

THIRD-PARTY FEATURES

Our Neato App contains links to or features from other websites. This Privacy Policy covers the privacy practices of Neato only, and does not cover the privacy practices of third-party websites or features. We are not responsible for the privacy policies and/or practices of third parties. When linking to another website or using a third-party service, you should read the privacy policy on that site or service.

HOW WE SHARE AND DISCLOSE PERSONAL DATA

We will not share, sell, transfer or otherwise disseminate your Personal Data to third parties, unless required by law according to Art. 6(1)(c) GDPR, unless required for the purpose of your contract according to Art. 6(1)(b) GDPR, unless we are allowed to do so on the basis of a data processing agreement according to Art. 28 GDPR or you have given us express consent to do so according to Art. 6(1)(a) GDPR.

We share some of your Personal Data with other Neato companies to the extent necessary for such companies to provide services on our behalf. In particular, we are using other Neato companies to send marketing communication to you if you have given us your consent to do so.

We also use third-party service providers to offer or facilitate services on our behalf and share your Personal Data with such providers to the extent necessary for such providers to perform their services on our behalf. In particular, we use a call center provider to facilitate customer service and a social media agency to manage our social media campaigns.

Some of the companies we share your Personal Data with as described above are located outside of the European Economic Area.

In order to grant sufficient protection of your Personal Data in this context, we use standard data protection clauses adopted by the European Commission according to Art. 46(2)(c) GDPR with such companies or certifications of such companies under the EU-U.S. Privacy Shield according to Art. 45(1) GDPR. You can request further details by contacting us at the contact details as mentioned below.

Any sharing of your Personal Data with other Neato entities or service providers will be made in accordance with applicable data protection laws and will be limited to the extent necessary. We have carefully selected these companies and continuously monitor their compliance with our instructions. These companies are contractually prohibited from using your Personal Data for any other purposes than those described in this Privacy Policy. The legal basis for our sharing of your Personal Data with such companies is Art. 28(1) GDPR or alternatively our legitimate interests in commissioning those companies with the services described above (Art. 6(1)(f) GDPR).

We may also be required to disclose your Personal Data to government or law enforcement officials in response to a lawful request by a public authority or if we have to do so to comply with a legal obligation, including to meet national security or law enforcement requirements according to Art. 6(1)(c) GDPR. We can also disclose your information in order to pursue our legitimate interest in applying or enforcing our terms and conditions or in responding to any claims, in protecting our rights or the rights of a third party, in protecting the safety of any person or in preventing any illegal activity (including for the purposes of fraud protection and credit risk reduction) according to Art. 6(1)(f) GDPR.

If required under applicable data protection laws, we will collect your prior consent before sharing your Personal Data with other companies. In such cases, the legal basis is Art. 6(1)(a) GDPR.

IS MY PERSONAL DATA USED FOR ANY OTHER PURPOSES?

Except as otherwise described in this Privacy Policy, we will only use Personal Data for the purposes described above or as otherwise disclosed at the time we request such data from you. Should your Personal Data be processed for other purposes than those outlined in this Privacy Policy or other purposes than the ones your Personal Data has originally been collected for, we will provide you with information on that other purpose and any other relevant information as referred to in this Privacy Policy.

WHAT RIGHTS DO I HAVE?

You have the following rights:

  • Right of access (Art. 15 GDPR):

    You have the right to request confirmation as to whether we process your Personal Data and where that is the case, to request access to the Personal Data we hold about you.

  • Right to rectification (Art. 16 GDPR):

    You have the right to request the correction of inaccurate Personal Data.

  • Right to erasure (Art. 17 GDPR):

    You have the right to request erasure of Personal Data without undue delay under certain circumstances, e.g. if your Personal Data is no longer necessary for the purposes for which it was collected or if you withdraw consent on which our processing is based according to Art. 6(1)(a) GDPR and where there is no other legal ground for processing.

  • Right to restriction of processing (Art. 18 GDPR):

    You have the right to request us to restrict the processing of your Personal Data under certain circumstances, e.g. if you think that the Personal Data we process about you is incorrect or unlawful.

  • Right to data portability (Art. 20 GDPR):

    Under certain circumstances, you have the right to receive your Personal Data you have provided us with, in a structured, commonly used and machine-readable format and you have the right to transmit that information to another controller without hindrance or ask us to do so.

  • Right to object (Art. 21 GDPR):

    You have the right to object to the processing of your Personal Data under certain circumstances, in particular if we process your Personal Data on the legal basis of legitimate interests (Art. 6(1)(f) GDPR) or if we use your Personal Data for marketing purposes.

You can assert your abovementioned rights by contacting us at the contact details mentioned below.

RIGHT TO LODGE A COMPLAINT BEFORE THE DATA PROTECTION AUTHORITY

You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work or place of the alleged infringement if you consider that our processing of your Personal Data infringes the applicable data protection laws. Please contact us at the contact details mentioned below and we will assist you to identify the respective competent supervisory authority.

DATA RETENTION

We store your Personal Data and other information for as long as necessary to enable you to use our Neato App, to provide our services to you, to comply with applicable laws (including those regarding document retention), to resolve disputes with any parties and otherwise as necessary to allow us to conduct our business. If you have a question about a specific retention period for certain types of Personal Data we process about you, please contact us at the contact details mentioned below.

AUTOMATED INDIVIDUAL DECISION-MAKING

We do not use your Personal Data to make decisions with legal or similar effects for you based on the automated processing of your Personal Data only.

YOUR CALIFORNIA PRIVACY RIGHTS

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their Personal Data (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to privacy@neatorobotics.com.

CALIFORNIA DO-NOT-TRACK DISCLOSURE REQUIREMENTS

We are committed to providing you with meaningful choices about the information collected on our Neato App, and that is also why we provide the opt-out links above. However, we do not recognize or respond to browser-initiated Do-Not-Track signals, because the Internet industry is still working on uniform Do-Not-Track standards.

CHILDREN

We do not knowingly collect any Personal Data from anyone under the age of eighteen (18) without parental consent, unless permitted by law. If we learn that a person under the age of eighteen (18) has provided us with Personal Data, we will delete it in accordance with applicable law.

WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?

If you have any questions about our Privacy Policy or feel that we are not abiding by the terms of our posted Privacy Policy or the applicable data protection laws, please contact our data protection officer in any of the following ways:

By Email: privacy@neatorobotics.com

Or by mailing us at the address below:

Attn.: For the attention of the DPO

Neato Robotics, Inc.
8100 Jarvis Avenue
Newark, California 94560 USA

CHANGES TO THIS PRIVACY POLICY

We may amend this Privacy Policy from time to time. We will post any changes to this Privacy Policy here. Please refer back to this Privacy Policy on a regular basis.