Privacy Policy
This Policy takes effect from the date of updating.
Last updated: 31 October, 2023
DREAME INTERNATIONAL (HONGKONG) LIMITED and its
affiliates (hereinafter referred to as “Dreame” or “We”) respect and protect
your privacy. This Privacy Policy (hereinafter referred to as “this Policy”)
specifies how we collect, use, disclose, share, transfer, and store the
information about you when you use our websites.
We are fully aware of the importance of personal data to
you. We will do our best to protect your personal data. We
are committed to maintaining your trust in us. We promise to abide by
the following principles to protect your personal data: legality, legitimacy,
necessity and integrity, consistency of rights and responsibilities, clear
purpose, choice and consent, minimum adequacy, ensuring security, subject
participation, openness, and
transparency, among others. At the same time, we promise that we
will take corresponding security protection measures to protect your personal
data according to the proper security standards in your country.
Please read and understand this Policy carefully before using our services. Should you have any questions, please contact us through [email protected]. The privacy department and personnel will give a reply according to the time specified by law. Suppose you are not satisfied with our reply. In that case, especially when you think how we deal with your personal data has undermined your legitimate rights and interests, you can also resort to external channels such as filing a lawsuit to the court with jurisdiction and complaining to the competent regulatory authority.
This Policy will help you
understand the following contents:
I How We Collect and Use Your Personal Data
II Cookies and Other Technologies
III How We Conduct the Entrusted Processing, Sharing, Transferring,and Public Disclosure of Your Personal Data
IV How We Store and Protect Your Personal Data
V Your Rights
VI Minors
VII Transfer of Personal Data Between Countries
VIII Contact Us
IX Update of This Privacy Policy
I How We Collect and Use Your Personal Data
Personal data refers to all
information related to identified or identifiable natural persons as
recorded by electronic or other means, excluding information after
anonymization.
1. Essential Functions That Require Collecting and Using Your Personal Data
The purpose of collecting personal data is to provide you
with products and/or services. At the same
time, we ensure that we comply
with relevant laws, regulations, and other
normative documents. Expressly, for the
following occasions, you must agree to provide the following types of
information so that we can safely and effectively realize this basic
function. Otherwise, you may not be able to enjoy the corresponding services.
(1) Product/Service Information Displaying
When you browse our websites, to display our products and/or services to you, we
may collect your IP address, device-related information you use to access the website (such
as the type of browser used,
operating system
information), language used or country, accessing date and time,
etc.
2. Additional Features That Require the Collection and Use of Your Personal Data
Our websites may support one or more of the following
additional functions to enable you to enjoy more features and enhance your user
experience. Please confirm whether the website you visit has these additional
functions. We may collect and use your personal data when you use
the following additional features. You can still use the aforementioned
basic functions if you do not provide personal data. However, you may be
unable to use additional functions to provide more excellent
services. These additional features
include:
(1) Account Management
When you create a Dreame account through our websites to engage
with our services, we may collect certain personal information, such as your
name, username, email address, and
password.
(2) Order Service
When you order products on our websites, we may
collect your order information like shipping address, billing information,
phone number, and other necessary information to process your order,
deliver your items, provide you with the invoice, and
deal with your order refund request. After you place an order and complete
the payment online, third-party delivery companies (hereinafter referred to
as "delivery companies") that cooperate with us will complete the delivery
of your order. You are aware and agree that the third-party delivery company
that cooperates with us will use
your order information during the above steps to ensure the safe delivery of
your ordered goods.
(3) Customer Support
When you contact us looking for support, we may collect the information about your use of our services, including information about our products that you own and your contact details and other necessary information you share with us, so that we can provide customer support and solve your problem.
(4) Marketing and
Promoting
We may provide or promote marketing information for
our products and services to
you after obtaining your authorization by using your contact information, such as phone number and email. You can choose to
refuse such marketing messages at any time.
3. We Obtain Your Personal Data from a Third Party
Under some circumstances, we may obtain your
personal data from a third party as permitted by laws.
Suppose our business development requires processing your
personal data beyond the scope of your original authorization and consent
provided at the time of data submission to third-party service providers. In
that case, we will seek your explicit consent before such processing. In addition, we will strictly abide by relevant
laws and regulations and require third-party service providers to ensure the
legitimacy of the information they provide.
4. Non-personal Data We Collect
We may also collect other information that cannot
directly or indirectly identify specific individuals and is not personal
data under locally applicable laws. Such information is called non-personal
data. For example, the statistical data generated when you use a specific
service, such as the user's operational behavior
(including clicks, page jumps, and browsing
time). The purpose of collecting the said information is to improve the
services we provide to you. The type and amount of information collected
depends on how you use our products and/or services. We will summarize such
information to help us provide customers with more useful information and
understand which parts of our website, products, and services
customers are most interested in. Concerning this Policy, aggregated data is
considered non-personal data. If we combine non-personal data with personal
data for usage, such information will be regarded as personal data.
II Cookies and Other Technologies
Dreame and our Third Party Service Providers use
technologies such as cookies, tags, and scripts.
These technologies are used to analyze trends, manage the site, track users’
browsing, and gather demographic information about our user
base.
Log
Files: As true of most
websites, we gather certain information and store it in log files. This
information may include Internet protocol (IP) addresses, browser
type, Internet service
provider (ISP),
referring/exit pages, operating system, date/time stamp, and/or clickstream
data. We do not link this automatically-collected data to other information we gather about
you.
Advertising: We partner with our Third Party Service
Providers to either display advertising on our website or to manage our
advertising on other sites. Our Third Party Service Provider may use
technologies such as cookies to provide
you with advertising based on your browsing activities and interests. We will
obtain your prior explicit consent and involve a clear affirmative action
before providing this advertising service to you.
Local
Storage: We use Local
Storage Objects (LSOs) such as HTML5 or Flash to store content and
preferences. Third parties with whom we partner to provide certain features
on our sites or display advertising based on your web browsing activity also use HTML5 or
Flash cookies to collect and store information. Various browsers may offer
their management tool for removing HTML5 LSOs.
III How We Conduct the Entrusted Processing, Sharing, Transferring, and Public Disclosure of Your Personal Data
1. Entrusted Processing
Dreame may entrust other
companies to process your personal data on our behalf. We promise you that
when we entrust third-party companies to process the said information, we
will comply with the following requirements:
1. The analysis we entrust
them to do shall not exceed the scope of authorization and consent we have
obtained from you unless your consent is not mandatory.
2. We evaluate the data
security capabilities of the entrusted party in advance to ensure the party
has the said capabilities as required by local laws and regulations.
3. We specify the
responsibilities and obligations facing the entrusted party through the
contract, make it comply with the provisions of locally applicable laws, and
require it to discharge the obligations without falling short of our
standards.
4. We accurately record and save the personal data
as entrusted to ensure your
information security and adequate access and control of your personal data.
5. When the entrustment relationship is
terminated, or we
delete or anonymize your personal data according to this Policy, we will
require the entrusted party to delete your personal data and destroy all
data copies.
2. Sharing
Generally, we will not share
your personal data except for the following cases:
1. After obtaining your
express consent, Dreame will share the information within your authorization
with the third party designated by you.
2. Part of our products and services are provided by
third-party service providers, with whom we need to provide some of your
personal data, such as IT services, customer support
services, e-mail sending services, and other similar services, to ensure that they can provide services for
us. Data will be shared with third parties through the Application Programming Interface (API)
and Software Development
Kit (SDK). SDKs of
different third parties will be different, and they generally include
third-party account login, sharing, third-party payment, manufacturers'
push, statistics, etc. We will conduct strict security testing on the third
party and impose data protection measures. Before you enter the
third-party page for the first time, the third-party service provider
will show you the relevant agreements and privacy
statements. Please read these
agreements and privacy statements carefully.
Suppose we share your personal data with these third
parties. In that case, we will rely on encryption and other means to ensure
your information security. For
companies and organizations with whom we share personal data, we will
reasonably review their data security environment, sign strict data
processing agreements with them, require the said third parties to take
adequate protection measures for your information, and strictly comply with
relevant laws, regulations, and
regulatory requirements.
3. We disclose your personal data to subsidiaries or
other third parties in the event of reorganization, merger, sale, entering
into partnership, assignment, transfer, or other disposal of all or part of our
business, assets, or shares
(including but not limited to bankruptcy or any similar proceedings as
described). In this case, you will receive explicit notification of changes
in ownership, incompatibility of new ways of using personal
data, and selection of personal data
via email and/or our websites.
4. When we deem it necessary or appropriate, we
shall (a) comply with locally applicable laws and regulations, (b) comply with legal procedures, (c) respond to requests from public institutions
and government authorities, including those outside your country of
residence; (d) fulfill our terms and conditions; (e) protect our operations,
businesses, and systems; (f) protect
the rights, privacy, security or property of ours and/or other users,
including you; and (g) seek available remedies or limit the damages we may
be required to provide.
5. We disclose your personal data to Dreame’s
subsidiaries or affiliates to conduct business activities regularly.
3. Transferring
Transferring means we lose control over your
personal data, and the transferee
obtains control over your personal data. We will not transfer your personal data to any
company, organization, or
individual. Should it be necessary to do so, we will transfer it in
accordance with applicable laws and inform you of the purpose of
the transfer, the personal data
involved, the transferee, etc.
Information transfer may occur
under the following circumstances:
1. Transfer based on your
express consent: after obtaining your express consent, we will transfer your
personal data to other parties.
2. In case of merger, acquisition, or bankruptcy liquidation, should personal data
transferring be involved, we will require the new company or organization
holding your personal data to continue to be bound by this statement.
Otherwise, we will require the company or organization to ask you for
authorization and consent again.
4. Public Disclosure
In principle, we will not publicly disclose your
personal data. Should public disclosure be really necessary, we will inform
you in advance of the purpose of this public disclosure, the type of
information disclosed, and the
content of personal sensitive information that may be involved, obtain your
express consent, and perform
relevant obligations in accordance with locally applicable laws.
We will only publicly disclose
your personal data under the following circumstances:
1. After your express consent
is obtained.
2. Legal disclosure: we may publicly disclose your
personal data in compliance with local laws, legal procedures,
litigation, or mandatory
requirements of government authorities.
5. Information That Does Not Require Consent
We may share anonymous
information with third parties (such as advertisers on our websites) in the
form of aggregation for commercial purposes; we may share with them general
usage trends of our services, such as the number of customers in a specific
group who buy certain products or engage in certain transactions.
To dispel doubt, we may collect, use, or disclose your personal data without your
consent as expressly permitted by local data protection laws
(e.g., to comply with subpoenas).
Besides, we may disclose your information without your consent when we
believe it is necessary to protect our rights, protect your safety or the safety of
others, conduct fraud
investigations, or respond to government requests.
IV How We Store and Protect Your Personal Data
1. Where We Store Your Personal Data
Currently, Dreame runs data centers in the United
States, Germany, and Singapore. Your personal data is
stored on the server according to the
region in which you live. If
you are a European Union user
under the General
Data Protection Regulation (hereinafter referred to as “GDPR”), your
personal data will be stored on the German server.
2. Storage Period
We retain personal data for a period for the sake of
information collection described in this Policy, or we do so in compliance
with locally applicable relevant legal requirements. After fulfilling the
purpose of personal data collection, or after we confirm your application of
deletion or cancellation, or after we terminate the operation of
corresponding products or services, we will stop retaining personal data and
delete or anonymize it. If it is for public interest, scientific, historical
research, or statistics, we will
retain relevant data based on applicable laws, even if further data
processing is irrelevant to the original purpose.
3. Protection Measures
We promise to ensure the security of your
data. To prevent unauthorized
access, disclosure, or similar
risks, we have implemented reasonable physical, electronic, and management measures and processes to protect
the information we collect. We will take all reasonable measures to protect
your personal data.
We classify your data according to importance and
sensitivity and ensure your personal data is protected at the highest
security level. We guarantee that employees and third-party service
providers who provide products and services to you by
accessing this information have
strict contractual confidentiality obligations. If they fail to fulfill
these obligations, they will be subject to disciplinary punishment or
termination of cooperation. We regularly review information
collection, storage, and processing practices, including physical security
measures, to prevent unauthorized
access and use.
We will take all feasible measures to protect your
personal data. However, you should be aware that Internet
use is not always safe. Therefore, we cannot
guarantee the security or integrity of any personal data during two-way
transmission through the Internet.
V Your Rights
According to your country or region's
applicable laws and regulations, you are entitled to
relevant rights on any of your personal data (hereinafter referred to as
"the Request") held by us. Most laws require that requests made by
individuals should comply with specific requirements, and this Policy
requires that your request should meet the following circumstances:
1. Through our special request channel,
and to protect your information
security, your request should be in writing (unless local laws
explicitly recognize oral application).
2. You should provide
sufficient information so that we can verify your identity and ensure that
the requester is the subject or a legally authorized person of the requested
information.
We have the right to refuse to deal with
meaningless/repeated requests, requests for unreasonable technical work,
requests that violate the privacy of others, extremely unrealistic
requests, and requests that do not
need to be granted under local law. We may also refuse your request if we
believe that some aspects of your request may prevent us from legally using
the data for the above-mentioned anti-fraud and security purposes.
Once we have sufficient
information to confirm that we can process your request, we will respond to
your request within the time specified by applicable data protection
laws.
1. Accessing Your Personal Data
Concerning personal data that
we have collected and processed, please email [email protected].
2. Copying Your Personal Data
Based on your requirements and locally applicable
laws and regulations, we can provide a record of the personal data we have collected and processed
for free. If you make other requests for relevant information, we may charge
you a reasonable fee based on relevant applicable laws and the actual
management cost.
3. Correcting Your Personal Data
If you believe any information we hold
about you is incorrect or incomplete, you may request correction or add personal data for use.
4. Erasing Your Personal Data
According to your locally applicable laws and
regulations, you may have the right to ask us to delete your personal data.
We will evaluate according to
your request. If the corresponding provisions are met, we will take
corresponding steps, including technical means, to deal with it. When you
have deleted relevant information or have done so with our
assistance, we may not be able to delete the corresponding
information from the backup system immediately due to applicable laws and
security technologies. We will safely store your
personal data and exempt it from any further processing until the backup can
be cleared or anonymization is realized.
5. Withdrawal of Consent
You may withdraw your consent by submitting a
request, including the collection, use, and/or disclosure of your personal data in our
possession or control. You can withdraw your consent directly
via [email protected]. We will process your request within a reasonable
time after you make your request and will no longer collect,
use, and/or disclose your personal
data thereafter.
Please note that according to the scope of information you
authorize us to process, your withdrawal of consent may result in
you being unable to
enjoy our services. However,
your decision to withdraw your consent or authorization will not affect the
previous personal data processing based on your authorization.
6. Rights under GDPR
If you are a European Union user
under GDPR, you can exercise the following rights:
1. The right to obtain the erasure of
your personal information from us. We shall consider
the grounds regarding your erasure request and take reasonable steps,
including technical measures if the grounds apply to GDPR.
2. The right to obtain the restriction
of processing your personal information from us. We
shall consider the grounds regarding your restriction request. If the
grounds apply to GDPR, we shall only process your personal information under
applicable circumstances in GDPR and inform you before the restriction of
processing is lifted.
3. The right not to be subject
to a decision based solely on automated processing, including profiling,
which produces legal effects concerning you or similarly significantly
affects you.
4. The right to receive your
personal information in a structured, commonly used format and transmit the
information to another data controller.
If you are a European Union user
under GDPR, Dreame will provide a systematic approach to managing personal
data that deeply
engages our people, management processes, and information systems by applying a risk
management methodology. According to the GDPR, for instance, (1) Dreame set
up a Data Protection Officer (DPO) in charge of data protection, and the contact
of the DPO
is [email protected]; (2) Dreame designates a representative in Europe, and the contact
of the representative is [email protected]; (3) procedure like data protection impact assessment
(DPIA).
7. Rights under CCPA/CPRA
If you are a California
resident and the California Consumer Privacy Act of 2018 (hereinafter
referred to as “CCPA”) or the California Privacy Rights Act (hereinafter
referred to as “CPRA”) does not recognize an exemption that applies to
you or your Personal Information, you have the right to:
1. Request we disclose to you
free of charge the following information covering the 12 months preceding
your request:
(1) the categories of personal information about
you that we collected;
(2) the categories of sources from which
the personal information was
collected;
(3) the purpose for collecting personal information about
you;
(4) the categories of third parties to whom we
disclosed personal information about
you and the categories of personal information that
was disclosed (if applicable) and the purpose for disclosing
the personal information about
you; and
(5) the specific pieces of personal information we
collected about you.
2. Request we delete the personal information we
collected from you unless CCPA/CPRA recognizes an exemption.
3. Be free from unlawful discrimination for
exercising your rights, including
providing a different level or quality of services
or denying goods or services to
you when you exercise your rights under the CCPA/CPRA.
4. Have the right to opt out of certain uses and
disclosures of your personal information. Where you have consented to
Dreame’s processing of your personal information, you may withdraw that
consent at any time and opt out of further processing by contacting
Dreame. To provide our services
to you, we will ask you to provide the personal information necessary to provide those
services to you. If you do not provide your personal information, we may not
be able to provide you with our products or services. Even if
you opt out, we may still collect
and use non-personal information regarding your use of our products.
We aim to fulfill all verified
requests within 45 days pursuant to the CCPA/CPRA. If necessary, extensions
for an additional 45 days will be accompanied by an explanation for the
delay.
VI Minors
We believe parents are responsible for
supervising children's use of our products and
services. However, our policy does not require access
to the personal
data of minors, and we do not send
any promotional materials to such groups.
Dreame will not seek or attempt to receive any
personal data from minors. If parents or guardians have reason to believe
that minors have submitted personal data to Dreame without their prior
consent, please get in touch with us to ensure that such personal data is deleted and
that minors cancel their subscription to any applicable Dreame
services.
VII Transfer of Personal Data Between Countries
To the extent that we may need
to transfer personal information outside of your jurisdiction, whether to
our affiliated companies (which are in the communications, social media,
information technology, and cloud businesses) or Third Party Service
Providers, we shall do so in accordance with the applicable laws.
Your personal information will only be transferred
or accessed in countries/regions outside your jurisdiction to
provide you with products or services, perform the agreement between you and
us, or for other purposes agreed by
you. For example, we have to transfer your personal information
outside of your jurisdiction to perform repair,
return, and
exchange services. In particular, we
will ensure that all transfers will be in accordance with requirements under
your applicable local data protection laws by putting in place appropriate
safeguards.
VIII Contact Us
If you have any comments or questions about this
Policy, or if you have any questions about our collection, use, or disclosure of your personal
data, please get in touch with us at the address below and mention the “Privacy
Policy.” We have a professional team
to solve your problems when you have any issues concerning your rights and questions related to
personal data. We may ask you for more information if your
question involves more important matters. If you are
not satisfied with the response you have received, you can refer the
complaint to the relevant regulatory authority of the jurisdiction. If you
consult us, we will provide information on applicable complaint
channels according to your situation.
Tel.: +86-400-875-9511
Website: https://store.dreametech.com
IX Update of This Privacy Policy
We will regularly review this Policy and may update
it to reflect changes in our information practices. If we make significant
changes to this privacy policy, we will notify you by email (to the email
address specified in your account) or on all search websites or mobile
devices so that you can understand the information we collect and how we use
it. Such policy changes will apply from the effective date specified in the
notice or on the website. We recommend you check this page regularly for the
latest information on our privacy practices. If you continue to use products
and websites or other services, you will be deemed to accept the updated
privacy policy. When we collect more personal data from you, or we hope to use or disclose your data for new
purposes, we will obtain your consent again.
