Privacy Policy
Privacy Policy for A1 Smart-Home
Policy active as of 23 Mar 2021
About this document
This privacy policy describes information that A1 Telekom Austria Group, and its affiliates (collectively, “A1”) collect, use, share, and store, including personal information in connection to the usage of the A1 Smart Home Solution mobile app.
If you use other service besides the app (like subscription services, or a SIM card for your Smart-Home Gateway) please also refer to other entries at https://a1.group/a1-smart-home/
For general information on data privacy at A1, responsible contacts as well as your rights and possibilites for complaint please refer to the A1 data protections and privacy policy.
What data we collect
Smart-Home Platform
The Smart-Home Platform encompasses all the Smart-Home services, except the handling of customer data only relevant for add-on subscriptions or on-top connectivity services (SIM-cards) which are not part of app-usage and described at https://a1.group/a1-smart-home/.
The Smart-Home platform collects:
– Information when you register as a customer: When you first buy an A1 Smart-Home product, you will be asked to enter your name, telephone number, postal address and e-mail address.
– Information during setup: When you install an A1 Smart-Home product, you’ll be asked several questions in order to help us create an initial setup for your home. For example, we’ll ask questions like how your home is heated. We’ll also ask for your address to set up geopositioning and to access the correct weather data.
– Sensor data and state from smart home equipment in the home: We collect data from the sensors and actuators you install. These sensors collect data such as current temperature, motion, ambient light, and other states in the room. This helps the solution save energy, control lights and devices and keep your home safe. The platform will also collect data on the state of devices, for instance if they are on or off. The exact amount of data processed depends on the capabilities and number of sensors you have connected to the smart home platform. These can be, for example:
- Multisensor: History of brightness, temperature and time of the last movement in a room
- Door/window sensor: opening and closing of a door or window
- Camera images and videos from your cameras: If you use the recording or streaming features of your smart home solution, we may record and process video and/or audio from the device, depending on how you have set it up. This may include recording and providing portions of this data as part of a notification or analysing the data to identify movement or other events. We may analyse information from your camera so that we can send you notifications when something happens. If you have enabled recording features, we will also collect, process and store video and audio recordings from your device for the duration of your recording subscription (e.g. 7 or 30 days) and you will be able to access these recordings via our app during this period. The use of camera features requires explicit additional consent from you to be activated.
– Multisensor: History of brightness, temperature and time of the last movement in a room
– Door/window sensor: opening and closing of a door or window
– Camera images and videos from your cameras: If you use the recording or streaming features of your smart home solution, we may record and process video and/or audio from the device, depending on how you have set it up. This may include recording and providing portions of this data as part of a notification or analysing the data to identify movement or other events. We may analyse information from your camera so that we can send you notifications when something happens. If you have enabled recording features, we will also collect, process and store video and audio recordings from your device for the duration of your recording subscription (e.g. 7 or 30 days) and you will be able to access these recordings via our app during this period. The use of camera features requires explicit additional consent from you to be activated.
– Technical data from your Smart Home gateway such as logs and error messages.
– Data entered by you in the app: Data that you enter in the app, e.g. target temperatures or the name of a room, is collected by the Smart Home platform to provide the required functionality.
– GPS data from your phone: The platform can use GPS data from your phone so that the system can determine whether you are at home or away from home and so that your home can react accordingly. This only happens if you have given the app permission to do so, which can be revoked at any time. By default, the platform stores this data only as a distance from your home. It does not collect detailed latitude/longitude by default, but can turn this on with the user’s permission to help troubleshoot the system.
– IP addresses, log data and other diagnostic data. These are logged for diagnostic and security purposes.
How we use your data
– For the provision and delivery of the service: In order to be able to provide you with the contractually agreed service, we use all of the above data in accordance with Art. 6 (1) (b) DSGVO
– Error detection and correction: Both you and we have a legitimate interest in ensuring that our service runs without errors and that possible faults are rectified as quickly as possible. Therefore, in accordance with Art. 6 (1) (f) DSGVO, we use all of the above-mentioned data for the ongoing detection and correction of errors in our service. Google Analytics and Crashlytics are also used for this purpose.
– Improvement, further development and statistical evaluation and delivery: We have a legitimate interest pursuant to Art. 6 (1) (f) DSGVO in continuously improving our products and further developing them in accordance with the wishes of our customers. For this purpose, we use all of the aforementioned data, with the exception of your master data, to compile anonymised statistics on the use of our and to use these to improve and further develop A1 Smart Home. We may also make these statistics available to third parties. For example, as an average energy consumption curve across all users, in which individual users can classify their consumption.
– Contacting for marketing purposes: Assuming you have given your consent, we will use your contact details in accordance with Art. 6 (1) (a) DSGVO to send you information about our products and services and the possible uses of A1 Smart Home or to ask for your consent to participate in surveys about your Smart Home use. Of course, you can revoke any consent you have given us at any time without giving reasons.
The above-mentioned processing of your data for the conclusion or fulfilment of the contract you have entered into with us is mandatory if you wish to use our A1 Smart Home service. If you do not provide us with this information or do not provide it in full, we may not be able to fully perform our contractual obligations to you or may not be able to enter into a contract with you.
We use industry standard methods to keep this information secure as it is transferred across your home network and through the internet to our servers. Depending on the location and nature of the data, A1 may process your personal data on servers that are not located in your home country.
Data sharing
A1 does not share personal information for any commercial or marketing purpose unrelated to the delivery of A1 products and services without asking you first.
The following are the limited situations where we may share personal information:
– With your explicit consent: We may share personal information if we have your consent. An example of this would be when you sign up for additional programmes offered by us or our partners. If you do this, we may share certain information with the partner. This could include things like the status of your device and aggregate information. Similarly, if you connect third-party devices and services to your smart home system. These systems may require us to share information in order for them to work correctly, such as sharing your preferred temperature with a third-party thermostat
– For external processing: We have vendors, service providers and partners who can help us with some of our processing and storage operations, including customer support with our partners (called “processors”). They may also help monitor our servers for technical issues. These processors (as well as our employees) may access certain information about you or your account as part of their work, but they may not use this data for purposes unrelated to the Smart Home Product. We also have strict policies and technical barriers in place to prevent unauthorised access to video and image data.
– Even if we use such a processor, we remain responsible for the protection of your data. Therefore, we also contractually oblige third-party companies to keep your data confidential and to comply with data protection regulations. We only use processors outside the European Union if an adequacy decision has been issued by the European Commission for the third country in question or if we have agreed suitable guarantees or binding internal data protection regulations with the processor.
– In the context of business transfers: Upon the sale or transfer of the business and/or all or a portion of its assets, your personal information may be one of the items sold or transferred. We will require a purchaser to treat our data in accordance with the privacy policy in force at the time it was collected.
– For legal reasons: We may be legally obliged to disclose your data to courts, public prosecutors, police or other authorities.
– We may share non-personal information (e.g. aggregated or anonymised customer data) publicly and with our partners. For example, we may publish research findings on energy consumption or household behaviour patterns. This information may also be shared with other users to help them better understand their energy use compared to others with similar settings, raise awareness of safety issues, or generally help us improve our system. We may also share non-personal data with our partners, for example if they are interested in offering other services on the platform. We take steps to prevent this non-personal information from being associated with you, and we require our partners to do the same.
– Your personal data may be collected, processed and stored by A1 or its service providers within the European Union, the EEA or in locations covered by EU data protection legislation. As a result, your personal data may be subject to legal requirements in those countries, including legal requirements to disclose personal data to government authorities. The Services use Amazon’s AWS Cloud, so there is a risk that your data may be subject to access by US authorities for control and monitoring purposes and that you may not have effective legal remedies against this.
How long we store your information
A1 stores your personal data as long as you remain a user. Six months later, the data is anonymised and aggregated for analysis.