Privacy policy

Introduction

Yeelight and its subsidiaries (collectively referred to as "Yeelight" or "we") respect your privacy and take the security of your personal information very seriously. When you use our products and/or services, we may collect and use your personal information based on an applicable legal basis such as your consent, our contractual relationship, or legitimate interests. Yeelight Privacy Policy ("the Policy") explains to you the personal information we collect and how we use, save, share and transfer it, and the means to access, update, delete and protect it. Before you submit your personal information to Yeelight, please read and understand the Policy carefully, and visit regularly for any updates on the Policy.
The Policy applies to Yeelight's websites, products, and services that display and link to the privacy policy.
The Policy will help you understand the following:
  1. How we collect and use your personal information
  2. How we use cookies and other similar technologies
  3. How we share, transfer, and publicly disclose your personal information
  4. Accessing and managing your personal information
  5. How we protect and save your personal information
  6. How we protect the personal information of children
  7. How we transfer your personal information across borders
  8. Consumer Rights under the California Consumer Privacy Act
  9. California’s “Shine the Light” Law
  10. How we update the Policy
  11. How to contact us
  12. Definition of Each Term
Because Yeelight offers a wide range of products and services, the Policy may not cover all possible personal information processing scenarios, and the description about the processing of specific data of a product or service may be given in the special privacy policy of this product or service or published in the notification provided at the time of data collection.
If you have any questions about the Policy, you may contact us at any time by sending us an email at support@yeelight.com.

1. How we collect and use your personal information

"Personal information" means any data related to an identified or identifiable natural person. An identifiable natural person means, in particular, a natural person whose identity can be identified directly or indirectly by such identifiers as name, ID number, location data, network identifier, and economic, cultural, or social identity.
Personal information will be collected by us directly or indirectly when you use our products, services, or websites, or have information exchange with us. For example, calling our hotline, creating website accounts, and participating in our brand activities belong to the direct provision of your information, while the use of cookies and other technologies in the website is an indirect method to record your personal information.
We may collect your personal information for the following purposes:
  • Order fulfillment;
  • Account creation and management;
  • Service registration for you or your device;
  • Provision of the service or feature you requested;
  • Information subscription;
  • After-sales maintenance for your device;
  • Online customer service consultation, suggestions, and complaints;
  • Sending important notifications related to security or upgrading services;
  • Analyzing and accessing service data to improve our products and services;
  • Improving your experience in using the websites or products;
  • Reviewing the error record you submitted to troubleshoot product failures;
  • Improving our loss prevention and anti-fraud programs;
  • Following and enforcing applicable legal requirements;
  • Other purposes with your consent.
When we want to use your personal information for other purposes not specified in the Policy or for purposes other than those to which you have previously agreed, we will ask for your consent in advance, for example, displaying the updated content by pop-ups or bold fonts, at your option to consent to such changes. You may revoke such consent by law at any time, but this may result in restrictions on your use of the product or service.
Each of the controllers established outside the EEA and listed in Section (Q) above has appointed the Support Team to be its representative for the purposes of Article 27 of the GDPR, where applicable.
Each of the controllers established outside the UK and listed in Section (Q) above has appointed Support Team to be its representative for the purposes of Article 27 of the UK GDPR, where applicable.
You are fully aware that under applicable laws, we do not need your authorization or consent to collect and use your personal information in the following circumstances:
  1. For national security and national defense security;
  2. For public security, public health, or major public interests;
  3. For legal procedures such as criminal investigation, prosecution, trial, and execution of judgments;
  4. For the protection of vital interests (such as life) of the subject of personal information or other individuals;
  5. Necessary for legitimate news reporting;
  6. Other circumstances provided in laws and regulations.
We may collect the following types of personal information:
1) Account information
When you register an account for Yeelight related services, you need to provide your mobile number or Email for identity verification. You may also provide supplemental information such as your profile picture, nickname, and birthday. When you log in to Yeelight's business platform using a third-party account (such as your Facebook, Twitter, or WeChat account) (you can also choose to deny access to our products or services in this way), we will obtain your verification information from the third-party server with your authorization. Our server will also keep the access token granted by the third-party platform and share them among the specific services used by the user, to avoid repeated login to the third-party server.
2) Device information
Before the activation and during the use of our service, we will collect information related to your device, including your device model, device name, device firmware version number, time zone, mobile phone model, operating system version, unique device ID, network status, active and exception information of an application, and IP address, to provide exact matching service.
3) Location information
When you use location-based business software, we may collect and process information about the actual location of your/your terminal device upon your consent, but we do not continuously collect your location information to determine your whereabouts.
4) Order information
If you purchase on our website, the system will, when generating the order, need to collect your delivery address, recipient, phone number, postal code, and information about the goods or services you purchased.
5) After-sales service information
When you need after-sales service or give feedback on the problems encountered in use, we will collect necessary information for providing after-sales services, such as your name, phone number, device information, and fault description. You can provide information to us according to the service items you need. For example, we will collect your mailing address and recipient information when you need an after-sales mailing service.
6) Service access information
With our product's information collection feature, we will also record some behavior information about your access to Yeelight's related services, including your access time, search and query keywords, network identity information, IP address, etc. Besides, for accurate personalized services and to the extent permitted by law, we will also obtain your data from legitimate public and commercial sources.
7) Other information
We may collect information about your house type, correlation between your device and room, device grouping, lighting scene setting, lighting mode setting, time or timing setup, switch setting, personalized light setting, binding with other devices (mobile phone, hand band, remote control lights, or intelligent speaker), favorites, security password (necessary for your device), user feedback, error report, etc.
Sensitive personal information is a kind of special personal information, usually defined as any information related to race or ethnic origin, political views, religious belief, philosophical belief, labor union membership, personal genetic data, biometric data, health data, sexual life, sexual orientation, etc. In some cases, sensitive personal information may also include criminal charges or judgments, precise geographic location information, finance and bank accounts, and unique identifiers such as government-issued social security number, driving license number, and passport number.
If we need to collect or process your sensitive personal information, such as your bank card number required when you purchase our products or services, we will process it in accordance with the applicable legal requirements, such as asking for your consent in advance.

2. How we use cookies and other similar technologies

Our website uses cookies and other similar technologies to distinguish you from other users who visit our website. This can help us provide a better experience for you when you browse our site and allow us to improve our website.
A cookie is a small alphanumeric text file we store in the memory or hard disk of your computer or mobile device as a label to identify your computer or mobile device upon your consent.
Cookies are typically classified as session cookies or persistent cookies. Session cookies can help you effectively browse our website, track your page browsing progress, so you are not asked to provide repeated information during your visit. For example, your shopping cart will not be cleared when you change pages. Session cookies are stored in temporary memory and will be deleted when the Web browser is closed. Persistent cookies can keep user preferences so that your preferences are still valid when you restart the browser. For example, we use persistent cookies to record the language, country/region, font size, or other settings that you selected. When you visit our website the next time, you do not need to set it again.
You may clear all the cookies saved on your computer or directly delete the cookies stored on your device. If you do it, however, you need to change settings every time you visit our website. Most browsers provide the cookie blocking function. If you want to manage cookies through your browser, you can refer to the browser developer's instructions or search on the Internet. For more information about cookies, you can also visit AboutCookies.org.
In addition to cookies, we also use Web beacons, pixel tags, and other similar technologies on our websites. For example, we send your account activation link to your mailbox. The above-mentioned technologies can help us learn about your preferences for our products and service and improve our customer service. The Web beacon is a transparent image embedded in a website or email. The pixel tag in an email can let us know whether the email is opened. If you do not want your activities to be tracked in this way, you can set your mailbox to not receiving our email service or log in to our relevant service website to unsubscribe from the email service.
If you enable the Do Not Track function in your browser, our service website will respect your choice.
Your use of our websites means that you agree to use cookies, web beacons, and pixel tags as described above.
We will not use cookies for purposes other than those as set forth.

3. How we share, transfer, and publicly disclose your personal information

We may sometimes share your personal information with third parties (as defined below) to provide or improve our products or services, including the provision of products or services upon your request. If you no longer want us to share this information, please contact us by sending an email to support@yeelight.com.
3.1 If necessary, we may share your personal information between Yeelight and its subsidiaries and affiliates to provide you with timely services.
3.2 We may share information with our affiliates or third-party service providers to provide services to you:
To run a business smoothly and provide you with the full functionality of products and services, we may from time to time disclose or share your personal information with other Yeelight affiliates (involving communications, social media, technology, or cloud services) or our third-party service providers (our mailing shops, delivery service providers, telecommunications companies, data centers, data storage facilities, customer service providers, advertising and promotion service providers, and Yeelight agents) [affiliates and/or other third parties] (collectively referred to as "third-party service providers"). Such third-party service providers may process your personal information on Yeelight's behalf or for one or more of the above purposes. We guarantee that the personal information necessary to provide services to you is shared only for legitimate, lawful, necessary, specific, and clear purposes. Yeelight will make a contract to ensure that the third-party service providers comply with the privacy laws applicable in your jurisdiction. The third-party service providers may also have their sub-processors.
We may also share information (non-personal information) in an aggregate form with third parties (such as advertisers on our website), to provide effectiveness measurement, analysis, and other business services. We use the information we have to help advertisers and other partners evaluate the performance and coverage of their ads and services, and understand the type of customers who use their services and how people interact with their websites, applications, and services. We may also share with them the general usage trend of our services, for example, the number of customers in specific groups who buy certain products or engage in certain transactions.
3.3 We share information with the ecosystem companies of Xiaomi Corporation, Xiaomi Singapore Pte. Ltd., Xiaomi Technology Netherlands B.V., and affiliated companies under Xiaomi Corporation (collectively referred to as "Xiaomi").
Xiaomi ecosystem is composed of Yeelight and other excellent companies. With each leading in their respective field, Xiaomi ecosystem companies are independent entities funded and operated by Xiaomi. Yeelight may disclose or share your personal information with Xiaomi ecosystem companies to provide and improve exciting products and services (including software and hardware) from Xiaomi ecosystem companies. Some products and services still use the Xiaomi brand, but others may use their brands. Xiaomi ecosystem companies may from time to time share data related to Mi-branded products and services with Xiaomi, so as to provide software and hardware services that bring better functionality and user experience.
3.4 If the transfer of personal information is involved in any merger, acquisition, liquidation, asset transfer, or similar transactions, we will request the new companies or organizations that hold your personal information to remain bound by the requirements, commitments, and security measures of the Policy, for example, using the personal information for the above-mentioned purposes only, otherwise, we will require the company or organization to ask for your authorization again.
3.5 We may also provide your information to law enforcement/government agencies where we believe that the disclosure is consistent with any applicable laws or in response to any legal proceedings:
Yeelight may need to disclose your personal information according to the requirements of laws and regulations, legal proceedings, lawsuits, and/or requirements legally proposed by public institutions and government departments.We may also disclose your information if we believe that the disclosure is necessary or appropriate with respect to national security, law enforcement or other matters of public importance.
We may also disclose your information if we believe that the disclosure is reasonable and necessary to enforce our terms and conditions or protect our operations, rights, assets, or products, or protect users, or achieve the following purposes (detection, prevention, and solving of fraud, unauthorized use of products, violation of our terms or policies, or other harmful or illegal activities). (For the avoidance of doubt, Yeelight will collect, use or disclose your personal information without your consent, to the extent (and only to the extent) expressly permitted by local data protection laws.) This may include providing information to public or governmental agencies and communicating information about the reliability of your account with third-party partners, to prevent fraud, violation, and other harmful acts within or beyond our products.
In addition, we may share your personal information with the following persons:
· Our accountants, auditors, lawyers, or similar consultants, when we ask them to provide professional advice;
· Investors and other relevant third parties, if there are actual or potential sales or other business transactions that are related to Yeelight entities; and
· Any other third parties, if specific information is disclosed and shared under your authorization.
We will enter into strict data processing agreements with companies, organizations, and individuals with whom we share your personal information and request them to process the personal information in accordance with our security standards, the requirements of the Policy, and the relevant confidentiality and security measures. If we share, transfer, or disclose personal information to countries/regions where there are no applicable laws that protect personal information to the same extent as in your country, such as the transfer of personal information from the European Economic Area to a country/region without appropriate personal information protection laws, we will process according to Article 7 of the Policy to ensure the legitimacy of data transfer and the security of your personal information.

4. Accessing and managing your personal information

If you submit your personal information to us, please ensure the accuracy of such information. If your information changes, such as a change in your delivery address, you are obligated to update that information.
In addition, if required by applicable laws, you may (1) have access to your personal information held by us; (2) update or correct any inaccurate personal information; (3) deny us the use of your personal information; (4) request us to restrict or delete your personal information; and (5) request us to transfer your data.
When you request these rights, we may require you to provide a written request and verify your identity. Generally, we will not charge you any fee unless such a request goes beyond the normal requirements. If you have any questions regarding the access to and management of your personal information, you may contact us in accordance with Article 9hereunder.

5. How we protect and save your personal information

Yeelight attaches great importance to the security of personal data. We take appropriate physical, management, and technical measures to prevent your personal data from unauthorized access, disclosure, use, modification, damage, or loss. For example, using encryption to ensure the confidentiality of data; using protection mechanism to prevent data from malicious attacks; deploying access control mechanism to ensure that only authorized personnel have the access to personal data, and; conducting security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal data. We will do our best to protect your personal data, but please be aware that no security measure is invulnerable.
We will retain your personal data for as long as necessary for the purposes stated in the Policy, unless the retention period needs to be extended as required or permitted by laws. The data storage period may vary depending on different scenarios or different products and services. We determine the retention period according to the following standards: the time required to retain personal data for the completion of the business purpose, including providing products and services, maintaining relevant transaction and business records, controlling and improving the performance and quality of products and services, ensuring the security of the system, products and services, responding to possible user queries, complaints, and locating problems, etc.; whether the user agrees to a longer retention period; whether there are special requirements for data retention in laws, contracts, etc. As long as your account is required to provide services to you, we will always retain your registration information. You can also cancel your account. After you cancel your account, we will stop providing products and services for this account and delete your relevant personal data if there are no special legal requirements.
Subject to applicable law, you may also have the following additional rights regarding the Processing of your Relevant Personal Data:
  • the right to object, on grounds relating to your particular situation, to the Processing of your Relevant Personal Data by us or on our behalf, where such processing is based on Articles 6(1)(e) (public interest) or 6(1)(f) (legitimate interests) of the GDPR; 
  • the right to object to the Processing of your Relevant Personal Data by us or on our behalf for direct marketing purposes

6. How to protect the personal information of children

The personal information of children needs special protection. Yeelight will not intentionally collect personal information from children without the consent of their parents or guardians. For the personal information of children collected with the consent of their parents or guardians, we will only use or disclose the data with the explicit consent of their parents or guardians in accordance with local laws. If Yeelight finds personal information of children collected without their prior consent, we will delete that data as soon as possible.

7. How we transfer your personal information across borders

Yeelight is a global company. We usually process your personal data in the country or region where we carry out business activities and provide you with our products or services. However, we may also transfer your personal data to other countries or regions that may have different laws on the protection of personal data. Wherever we may transfer your personal data, we will, pursuant to applicable laws, inform you of the destination, recipient, and other related information in a timely manner and take appropriate measures to comply with this Policy and applicable local laws. For instance, to transfer your personal data, we will ask for your prior consent or sign a necessary data transfer contract with you. For example, we will sign the Standard Contractual Clauses (SCC) approved by the European Commission, and you may click here to obtain a copy of it.

8. Consumer Rights under the California Consumer Privacy Act

If you are a Consumer, the CCPA grants you the following rights regarding your Personal Information. Generally, in order to verify your requests to exercise your rights, we will compare the personal information we have about you to pieces of personal information we will request in the course of processing your request. The personal information required for verification may include your name, email address, phone number, or postal address. We will deliver a response to you within 7 days of receiving your verifiable consumer request. To exercise your rights under the CCPA, please follow the instructions described in this section.
  Right to Know About Personal Information. Consumers have the right to submit a verifiable consumer request that we disclose the following in a readily useable format, covering the 12 month period preceding the verifiable consumer request:
  • The categories of Personal Information we collected about you.
  • The purposes for which the categories of Personal Information collected about you will be used.
  • The categories of sources for the Personal Information we collected about you.
  • The categories of third parties with whom we share Personal Information.
  • Our business or commercial purpose for collecting Personal Information.
  • The specific pieces of Personal Information we collected about you.
  • The categories of Personal Information we have disclosed for business purposes.

  Right to Request Deletion of Personal Information. Consumers have the right to request that we delete any Personal Information that we have collected from them. However, we are not required to comply with a request to delete where it is necessary for us to retain the Personal Information in order to:
  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with legal obligations.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
  
  Right to Non-Discrimination. Consumers have the right to be free from discrimination when they exercise their consumer rights under the CCPA, and should you exercise those rights we cannot:
  1. Deny your goods or services.
  2. Charge you a different price or rate for goods or services, including through granting discounts or other benefits, or imposing penalties.
  3. Provide you a different level of quality of goods or services.
  4. Suggest that you may receive a different rate for goods or services or a different level or quality of goods or services.
  
Notice of Financial Incentive. We do not offer financial incentives or price or service differences to consumers who provide personal information.
Authorized Agent. Under the CCPA, you may appoint an authorized agent to submit requests to exercise your rights on your behalf. Should you choose to do so, for your and our protection, we will require your authorized agent to provide us with a signed permission demonstrating they are authorized to submit a request on your behalf. We note, should your authorized agent fail to submit proof that they have been authorized to act on your behalf, we will deny their request.

9. California’s “Shine the Light” Law

Under California’s “Shine the Light” law, California residents are entitled to ask us for a notice describing what categories of personal customer information Yeelight shares with third parties or corporate affiliates for those third parties or corporate affiliates’ direct marketing purposes. That notice will identify the categories of information shared and will include a list of the third parties and affiliates with which it was shared, along with their names and addresses. If you are a California resident, and would like a copy of this Policy, please submit a written request to us.

10. How we update the Policy

Yeelight reserves the right to update or modify the Policy from time to time. If our Privacy Policy changes, we will publish the latest version here. If we make significant changes to our Privacy Policy, we may also send you notification of the change through different channels, for example, posting a notice on our website or sending a separate notice to you.

11. How to contact us

If you have any comments or questions about this Privacy Policy or have any questions about the collection, use, or disclosure of your personal information by Yeelight, please contact our data protection officer at the following email address and mention the "Privacy Policy":
Email: support@yeelight.com

12. Definition of Each Term
  • Adequate Jurisdiction” means a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for Personal Data.
  • California Resident” means (1) every individual who is in the State of California for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the State of California who is outside the state for a temporary or transitory purpose.
  • Cookie” means a small file that is placed on your device when you visit a website (including our Sites). In this Policy, a reference to a “Cookie” includes analogous technologies such as web beacons and clear GIFs.
  • Controller ” means the entity that decides how and why Personal Data are Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
  • Data Protection Authority” means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
  • EEA” means the European Economic Area.
  • GDPR” means the General Data Protection Regulation (EU) 2016/679.
  • Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
  • Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information includes, but is not limited to, the following if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:
    Personal identifiers,
    • Categories of personal information described in Cal. Civ. Code § 1798.80(e);
    • Characteristics of protected classifications under California or federal law;
    • Commercial information;
    • Biometric information;
    • Internet or other electronic network activity information;
    • Geolocation data;
    • Audio, electronic, visual, thermal, olfactory, or similar information;
    • Professional or employment related information;
    • Education information; and
    • Inferences for use in creating a consumer profile.
  • Process”, “Processing” or “Processed ” means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Processor ” means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
  • Profiling” means any form of automated Processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
  • Relevant Personal Data ” means Personal Data in respect of which we are the Controller.
  • Sell” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration. A business does not sell personal information when:
    • A consumer uses or directs the business to intentionally disclose personal information or uses the business to intentionally interact with a third party, provided the third party does not also sell the personal information, unless that disclosure would be consistent with the provisions of this title. An intentional interaction occurs when the consumer intends to interact with the third party, via one or more deliberate interactions. Hovering over, muting, pausing, or closing a given piece of content does not constitute a consumer’s intent to interact with a third party;
    • The business uses or shares an identifier for a consumer who has opted out of the sale of the consumer’s personal information for the purposes of alerting third parties that the consumer has opted out of the sale of the consumer’s personal information;
    • The business uses or shares with a service provider personal information of a consumer that is necessary to perform business purposes if both of the following conditions are met:
    • The business has provided notice that information is being used or shared in its terms and conditions consistent with Section 1798.135 of the CCPA; and
    • The service provider does not further collect, sell, or use the personal information of the consumer except as necessary to perform the business purpose; or
The business transfers to a third party the personal information of a consumer as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of the business provided that information is used or shared consistently with Sections 1798.110 and 1798.115 of the CCPA.
  • Standard Contractual Clauses” means template transfer clauses adopted by the European Commission or adopted by a Data Protection Authority and approved by the European Commission.
  • Site means any website operated, or maintained, by us or on our behalf.

Thank you for taking the time to learn about our Privacy Policy!