Last Updated Date:October 22, 2024
Effective Date:October 22, 2024
This Roborock App Privacy Policy (hereinafter referred to as the “Privacy Policy”) stipulates how Beijing Roborock Technology Co. Ltd. and its affiliated companies (hereinafter referred to as “Roborock” or “we”) collect, use, disclose, share, transfer, store and protect your personal information and your rights as the personal information subject. We are well aware of the importance of personal information to you. We will take corresponding security protection measures in accordance with applicable laws and regulations, and do our utmost to ensure the security and controllability of your personal information.
This Privacy Policy applies only to our personal information processing during your use of this online application Roborock App (hereinafter referred to as the “App”) that could be paired with the Roborock smart device (hereinafter referred to as the “Device”), and does not apply to any other Roborock products, services, websites, functions, or content that may have their own privacy policies. For example, the processing of personal information when you use a Device is subject to the corresponding privacy policy of such Device; and the processing of personal information when you use the store function (if applicable) in the App is subject to the separate privacy policy displayed on the corresponding interface. Please note that our products and services may include third parties’ products, services and links to third-party websites. When you use such products or services or visit third-party websites, these third parties may also collect your personal information. This Privacy Policy does not apply to the personal information processing activities of any third-party products, services, or other third-party websites linked from the App, and we do not assume any responsibility for the personal information processing activities of third parties. We strongly recommend that you carefully read third parties’ privacy policies to make informed and prudent decisions.
Before using the App, please make sure to read and thoroughly understand this Privacy Policy. If you have any questions, opinions, or suggestions regarding the content of this Privacy Policy, please contact us through the methods described in Chapter VII of this Privacy Policy, and we will respond to you within the time limit stipulated by applicable law.
This Privacy Policy will help you understand the following contents:
I.How We Collect and Use Your Personal Information
II.How We Entrust Others to Process, Share, Transfer, and Publicly Disclose Your Personal Information
III.How We Store and Protect Your Personal Information
IV.Your Rights
V.Protection of Minors
VI.Updates To This Privacy Policy
VII.Contact Us
To provide you with relevant services of the App, we collect and use the personal information necessary to provide the basic functions of the App. If you use the App within the European Economic Area, we process your personal information for the purpose of fulfilling the contract on the basis of Art.6(1)(b) of the General Data Protection Regulation (hereinafter referred to as “GDPR”). There is no legal or contractual obligation for you to provide the following personal information, however, we may not be able to offer you the basic functions of the App without such information.
1.Roborock Account Creation and Login
To assist you in successfully creating a Roborock account, you need to provide your mobile phone number or email address to us and set a password for your Roborock account. When you log into your Roborock account, we will collect your account credentials, including (1) your account username, password, mobile phone number and verification code to verify your identity; (2) and token to help you stay logged in. Besides, when you create or log in your Roborock account, we also collect the region you select and the country code to assist in identifying the data center to which your Device and mobile device are connected. If you choose to log in with a third-party account, including an Apple ID, Facebook account, or Google account, we will collect your third-party account information based on the scope of authorization you have granted As your mobile phone number and email address are crucial to you logging in to the App, they will be stored on the mobile device on which the App runs. If you wish to delete that information, you can choose to delete your Roborock account via the method described in Chapter VII of this Privacy Policy. If you have deleted your Roborock account and want to further delete the local cache, you need to delete the App on your mobile device.
2.Maintenance of Roborock Account information
To help you manage and maintain your Roborock account, you can choose to set your profile picture and nickname, change your linked phone number, and opt to bind third-party accounts including Apple ID, Facebook, and Google accounts. The profile picture you upload is only for display on your profile page.
3.Device Network Connection and Binding
Where the use of your Device requires a network connection, to enable your secure binding and control of the Device through the App, you need to connect your Roborock account, mobile device and the Device itself to your WiFi network for network configuration and binding your Device with the App. During this process, we collect your (1) Roborock Account Information; (2) Mobile Device Information: model, unique identifier (for ensuring that you safely use network and services), MAC address, operating system and version of your mobile device; (3) Device Information: model, serial number, and MAC address of the Device; (4) Time Zone Setting Information used for executing cloud-based scheduled tasks and implementing smart scenarios; (5) WiFi Network Information: current WiFi network name, WiFi mode (local or remote), IP address, received WiFi signal strength indicator (RSSI of the Device), and the WiFi password you provide. Your password information is only stored on the Device and will not be uploaded to our backend servers. Your password will only be stored on your Device and will not be uploaded to our server. You can clear your WiFi name and password at any time by resetting your Device or removing the App.
4.Device Information Display
To help you better understand the status of your Device, we display on the App your self-edited Device name, as well as your Device Status Information. For detailed information on how we collect such Device information, please refer to the privacy policy corresponding to each of your linked Devices.
5.Device Firmware Updates
We may collect Device firmware information, Device model, and the Device Binding information of all the Devices bound to your Roborock account via the App to provide you with Device firmware version upgrade function. If you choose to turn on automatic updates, we will also use the time zone information you set to complete the updates during the night without interruption.
6.App Operation Stability and Security Maintenance
During your use of the App, to maintain the stability and security of the App, we need to collect your App crash information and mobile device related information, including the system version, language settings, model of your mobile device, and model of the linked Device.
To deliver more convenient and exceptional services for you and enrich your experience with the App, we may collect and use your personal information to provide the following additional functions. If you use the App within the European Economic Area, we process your personal information on the basis of your consent in accordance with Art. 6(1)(a) of the GDPR. There is no legal or contractual obligation for you to provide the following personal information. Without such information, the aforementioned basic functions of the App will remain accessible to you, but you may not be able to use those additional functions designed to offer an enhanced premium service experience.
1.Issues and Feedback
The feedback you choose to provide is of great value to us as it will help us improve our services and allow us to assist you in solving any problems that you encounter during your use of the App and Device. In order to track the feedback you provide, we will collect the Roborock account username you choose to provide with us, feedback (both text and photos) you enter, and the model and system version of your mobile device. In addition, if you encounter any issues while using the App, you can also opt to upload your App log information so that we can help you solve issues in relation to daily usage.
2.User Care and Research Activities Along with Information Pushing
To enhance our products and services and further improve user experience, we may push information that interests you, inviting you to participate in activities such as free product trials, beta service experiences, or other user care and research initiatives. We will use your location, Device type, and activation time information for information pushing only after you have explicitly given your consent. You may disable this function anytime via “Device > Notifications > Allow Roborock Product and Service Updates”. If you choose to participate in such activities, we may collect your name, gender, mobile number, delivery address, Roborock account information, and any other information required for the specific activity through a questionnaire, depending on the nature of the event. If you successfully participate in the activity, this information will assist us in contacting you and providing you with testing products or gifts.
3.Widget Function and Auto-Start
When you use the App’s desktop widgets, the App will exhibit periodic auto-start behavior to ensure you receive timely updates and stay informed about your Device status. The auto-start is essential for the functionality of the widgets. If you do not use the App’s desktop widgets, the App will not auto-start.
4.Information Displaying and Pushing
We may send you Device notifications and system messages in the App, for which we will collect and use your Roborock account information, Device ID, mobile device system information, and Device model. You may request to stop the push of information at any time by contacting us through the method described in Chapter VII of this Privacy Policy.
5.User Experience Program
To better improve our products and services and provide you with a superior service experience, we invite you to participate in our “User Experience Program”. When you join our “User Experience Program”, details regarding the collection and use of your personal information can be found in the “User Experience Program”.
In order to provide you with certain service functions, we need you to enable the relevant permissions of your mobile device. We will only use the relevant permissions when you trigger the relevant business functions and obtain your personal information (if applicable). For optional permissions, you can refuse or withdraw the authorization of such permissions at any time, for which you may not be able to use the corresponding service functions, but this will not affect your normal use of other functions of the App. Currently, the App may request the following permissions of mobile device:
We may entrust third-party service providers (including our mailing houses, delivery service providers, telecoms companies, data storage service providers, technology support providers, customer service providers and IOT service providers) to process your personal information in order to provide you with the corresponding products or services. In addition, These third-party service providers only process your personal information on our behalf for the purposes stated in this Privacy Policy. For the companies, organizations, and individuals we entrust with the processing of personal information, we enter into strict confidentiality agreements or other data protection related agreements with them, stipulating that they must process personal information strictly in accordance with our instructions. They are also required to adhere to the privacy protection requirements in your jurisdiction, and to implement further measures to safeguard the confidentiality and security of your personal information.
We do not sell any personal information to third parties. We do not share your personal information with other third parties (including companies, organizations, and individuals), except in the following circumstances:
[Sharing with Affiliates]
| Recipient | Purpose of Sharing | Personal Information Involved | Retention and Use Period |
|---|---|---|---|
| Beijing Roborock Innovation Technology Co., Ltd. | Daily operation and maintenance of the App | All personal information invovled in this Privacy Policy | The period necessary for business needs or as requested by the user |
[Sharing with Third -Party Partners]
| Types of Mobile Device | Name of the Collection Tool | Third Party Involved | Categories of Collection Tool | Purpose of Use | Personal Information Involved |
|---|---|---|---|---|---|
| Android | Tuya | Hangzhou Tuya Information Technology Co., Ltd. | SDK | To allow you to use IoT services | Device information such as the Device identifier |
| Firebase | Google LLC | SDK | To perform statistical analysis | Device identifier | |
| Facebook Login | Meta | SDK | Facebook Login | Facebook account | |
| Google play-services-auth | Google LLC | SDK | Google Login | Google account | |
| iOS | FBSDK Core Kit FBSDK Login Kit | Meta | SDK | Facebook Login | Facebook account |
| Google Sign In | Google LLC | SDK | Google Login | Google account | |
| Firebase | Google LLC | SDK | To perform statistical analysis and address App crashes | Device identifier |
We will not transfer your personal information to any company, organization, or individual, except under the following circumstances:
We will only publicly disclose your personal information under the following circumstances:
With your separate consent;
In cases where it is required by law, legal proceedings, litigation, or mandatory requests from government authorities, we may publicly disclose your personal information.
For the avoidance of doubt, to the extent permitted by the data protection laws in your jurisdiction, and solely to that extent, we may share, transfer, or publicly disclose your personal information without your consent.
Roborock uses global cloud services to process and back up your personal information. Currently, Roborock uses the data centers that are in China, Germany, Russia and the United States. Depending on the country or region you selected when registering your Roborock account, we will store your personal information in the nearest data center (specifically, for those countries that have domestic storage requirement, your personal information will be stored domestically). For example, if you use the App within the European Economic Area, your personal information will be processed and stored on the server in Germany; if you use the App in China, your personal information will be stored on the server in China; and if you use the App in Russia, your personal information will be stored on the server in Russia. For other users located outside of the aforementioned data center locations, we may store your personal information in data centers outside of your jurisdiction. In addition, we may also need to transfer your personal information to affiliated companies or third-party service providers outside of your jurisdiction. For this reason, we may transfer personal information to other jurisdictions that may have different laws and data protection compliance requirements to those that apply in the jurisdiction in which you are located.
We will only transfer your personal information outside of your jurisdiction with your explicit consent or by implementing appropriate security protection mechanisms in accordance with applicable data protection laws. However, no matter where your personal information is processed, this does not change any of our commitment to safeguard your personal information in accordance with this Privacy Policy.
If you use the App in South Korea, in order to provide you with the App services, we will collect and process your personal information at the U.S. data center. At the same time, we will entrust and share your personal information with the following affiliates and third parties. To prevent data loss due to disasters or accidents, in principle, we will back up (store) all data. If you refuse the cross-border transfer of your personal information as described below, you may not be able to use the App services properly. You can contact us to delete your Roborock account through the methods described in Chapter VII of this Privacy Policy.
| Legal Basis | Personal Information Involved | Country/Region to be Cross-Border Transferred | Transfer Date and Method | Recipient | Purpose of Use | Retention and Use Period |
|---|---|---|---|---|---|---|
| Art. 28-8 (1) 3 of the PIPA of South Korea | All personal information involved in this Privacy Policy | United States | Real Time, TLS + HTTPS | Amazon Web Services | To provide communication service | The period necessary for business needs or as requested by the user |
| Art. 28-8 (1) 1 of the PIPA of South Korea | Device information such as the Device identifier | United States | Real Time, SDK | Hangzhou Tuya Information Technology Co., Ltd. | To allow you to use IoT services | The period necessary for business needs or as requested by the user |
| Art. 28-8 (1) 1 of the PIPA of South Korea | Device identifier | United States, Chile, Uruguay, Ireland, Netherlands, Denmark, Finland, Belgium, Chinese Taiwan , Japan, Singapore | Real Time, SDK | Google LLC | To perform statistical analysis | The period necessary for business needs or as requested by the user |
| Art. 28-8 (1) 1 of the PIPA of South Korea | Facebook account | United States, Ireland, Denmark, Sweden | Real Time, SDK | Meta | Facebook Login | The period necessary for business needs or as requested by the user |
| Art. 28-8 (1) 1 of the PIPA of South Korea | Google account | United States, Chile, Uruguay, Ireland, Netherlands, Denmark, Finland, Belgium, Chinese Taiwan , Japan, Singapore | Real Time, SDK | Google LLC | Google Login | The period necessary for business needs or as requested by the user |
We retain your personal information within in the period necessary to achieve the purposes of personal information collection, or within that prescribed or permitted by applicable law. Once we determine that the continued retention of personal information is no longer in line with the purpose for which it was collected, we will promptly cease retention and take immediate steps to either delete or anonymize the personal information.
If personal information processing activities are based on the public interest, scientific, historical research, or statistical purposes, we may continue to retain the relevant data, even if further processing is unrelated to the original collection purposes, where permitted by applicable data protection laws.
We are committed to ensuring that your personal information is secure. To prevent unauthorized access, disclosure or other similar risks, we have put in place reasonable physical, electronic and organizational measures to safeguard and secure the information we collect through the App. We will use all reasonable efforts to safeguard your personal information.
Your data will be stored on a secure server and protected in a controlled facility. We classify your data based on importance and sensitivity and ensure that your personal information has the highest security level. We make sure that our employees and third-party service providers who access the information to help provide you with our products and services are subject to strict contractual confidentiality obligations; failure to fulfill these obligations may result in disciplinary action or termination of the partnership. We have special access controls for cloud-based data storage as well. All in all, we regularly review our information collection, storage and processing practices, including physical security measures, to guard against any unauthorized access and use.
We will take all practicable steps to safeguard your personal information. However, you shall be aware that the use of the Internet is not entirely secure, and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
In accordance with applicable legal requirements, including the personal information protection legislation in your jurisdiction, we will promptly notify the relevant regulatory authorities upon occurrence of any personal information leakage; under certain special circumstances, we will also notify the data subjects of the relevant leakage.
To safeguard your personal information, please do not disclose your account information to anyone except for a person who is duly authorized by you. Roborock cannot be held accountable for lapses in security caused by third party accesses to your personal information as a result of your failure to keep your personal information private. Notwithstanding the preceding, you must notify us immediately if there is any unauthorized use of your account by any other internet user or any other security vulnerabilities. Your assistance will help us protect the privacy of your personal information.
In accordance with the laws and regulations applicable to your jurisdiction, you or any other authorized party may have certain rights over the personal information we hold about you. Roborock ensures that you can exercise the following rights over your personal information and hereby provides relevant control settings.
Under the applicable data protection laws, we may first request you to verify your identity upon receiving your request. Once your identity has been successfully verified, we will respond to your request within the timeframes stipulated by the applicable data protection laws. Generally, we do not charge a fee for reasonable requests. However, for repetitive, excessive, or unreasonable requests, we may impose a reasonable fee based on the circumstances. Requests that are unfounded, require excessive technical means, pose risks to the legitimate rights of others, or are highly impractical may be refused in accordance with the applicable data protection laws. In cases where we cannot fulfill your request, we will provide an explanation for the refusal.
According to the applicable data protection laws, you have the right to delete your personal information. You may delete the personal information yourself through the following methods.
You can delete your cached personal information from the App by selecting “Clear Cache” in the App.
If you wish to delete your personal information stored on our server, you can log in to the App, enter the “Profile” section, click the business card on the upper part to enter “Personal Data” interface, and click “Delete Account” on the interface.
You can also delete all of your personal information from the App by withdrawing authorization, as described in the “Withdraw Your Consent” section below.
In addition to the methods mentioned above, you can also request the deletion of your personal information by contacting us through the methods described in Chapter VII of this Privacy Policy. Please understand that, after you or we assist you in deleting relevant personal information, we may not be able to immediately remove it from backup systems due to applicable law and security technology constraints. However, we will securely store your information and isolate it from further processing until backups are cleared or anonymized.
You have the right to request access to and/or correction of any personal information we hold about you. Upon your request, we can provide a free copy of the personal information records we have collected and processed about you. If you wish to request access to the personal information we hold or if you believe any information we hold about you is incorrect or incomplete, please contact us as soon as possible through the methods described in Chapter VII of this Privacy Policy.
Subject to applicable law, you may have the right to restrict or object to our use of your personal information in certain scenarios. You can request to exercise this right by contacting us through the methods described in Chapter VII of this Privacy Policy.
When we process personal information based on your consent, you can submit a request through the methods described in Chapter VII of this Privacy Policy or withdraw your consent to our Privacy Policy at any time by tapping “Me > About Us > User Agreement & Privacy Policy” in the App and therefore withdraw consent for our collection, use, and/or disclosure of your personal information held or controlled by us in accordance with this Privacy Policy.
Please note that your withdrawal of consent may result in certain legal consequences. Depending on the scope of your withdrawal of consent, you may not be able to access certain services we provided via the App. However, your withdrawal will not affect the personal information processing activities conducted based on your previous authorization.
If you have any questions about our processing of your personal information, you can contact us through the methods described in Chapter VII of this Privacy Policy to request relevant explanations or clarifications.
Subject to applicable data protection laws, you have the right, to request the transfer of your personal information to another personal information controller in the manner prescribed by law. You can request to exercise this right by contacting us through the methods described in Chapter VII of this Privacy Policy.
Subject to the data protection laws in your jurisdiction, you may also have other rights. Specifically, if you use the App within the European Economic Area, you have the right to refuse personal information processing activities solely based on automated decision-making, and the right to lodge complaints with the relevant data protection authorities regarding our personal information processing activities. If you use the App in South Korea, you also have the right to request a suspension of personal information processing, receive appropriate compensation for damages caused by the processing of personal information, refuse the processing of personal information based entirely on automated decision-making, or request an explanation thereof.
If you are a California resident, the California Privacy Rights Act (“CPRA”) requires us to provide you with the following additional information:
Collection and Use of Your Personal information. We collect and use your personal information in the preceding 12 months as described in Chapter I above.
Disclosure of Personal Information. We disclose personal information with third parties for business purposes in the preceding 12 months as described in Chapter II above.
Your Rights. As a California resident, you may be able to exercise the following rights:
Limit the Use of Sensitive Personal Information. You also have the right to request limitation of use and disclosure of your sensitive personal information, subject to certain exceptions. If you would like to limit the use of your sensitive personal information, please contact us by using the contact details provided in Chapter VII of this Privacy Policy. The password of your Roborock account is sensitive personal information as defined by the CPRA. Currently, we use and disclose such data to third-party cloud service provider in order to provide you with Roborock account creation, login, and related services . We do not “sell” or “share” (as defined under the CPRA) your sensitive personal information.
Opt-out the Sale or Sharing of Your Personal Information. Based on the definition of “sell” and “share” under the CPRA, we do not believe that we engage in such activity and have not engaged in such activity in the past 12 months from the effective date of this Privacy Policy.
To submit your California Consumer Rights Requests. You may submit a request to exercise your California Consumer Rights by contacting us using the contact details provided in Chapter VII of this Privacy Policy. We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your Roborock account. In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law. Subject to certain restrictions, you can have an agent exercise your rights for you. If you have an agent exercising your rights, we must be provided with your written authorization allowing that person to make such a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.
Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in Chapter VII of this Privacy Policy. If your appeal is denied and you are a California resident, you may contact the California Attorney General about the results of the appeal by submitting a complaint by here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.
As required by applicable law and our User Agreement, we consider users under the age of 18 (and a higher age if required by the applicable law in your jurisdiction) as minors. We do not knowingly collect personal information from minors or send any marketing information to minors. If we become aware that we have collected personal information from a minor without first obtaining parental or legal guardian consent, we will endeavor to delete the relevant data as soon as possible. If a parent or guardian believes that a minor has submitted personal information to us without their prior consent, we strongly encourage you to promptly contact us through the methods described in Chapter VII of this Privacy Policy. We will delete the relevant personal information as soon as possible and ensure the minor is unsubscribed from any applicable Roborock services.
We keep our Privacy Policy under regular review and may update this Privacy Policy to reflect changes to our information practices. If we make material changes to our Privacy Policy, we will notify you through the App, so that you are informed of the latest version of this Privacy Policy. Such changes to the Privacy Policy will be effective from the date specified in the notice or as stated on the websites. We recommend that you regularly review this page to stay informed about our privacy practices.
If you have any comments or questions about this Privacy Policy, or if you have any concerns regarding Roborock’s handling of your personal information, please contact us using the information provided below and indicate that your inquiry or comment is related to the “Privacy Policy”:
Personal Information Handler (data controller as defined under the GDPR): Beijing Roborock Technology Co., Ltd.
Address: Room 1001, Floor 10, Building 3, Yard 17, Anju Road, Changping District, Beijing, P.R. China
Email: privacy@roborock.com or privacy@roborock-eu.com (for users from European Economic Area)
If you use the Device within the European Economic Area, you may also contact our Data Protection Officer (DPO) by sending an email to dpo@roborock.com
If you use the App in South Korea, we have designated a domestic agent 주식회사 로보락코리아 (legal representative: Wenjia HU), located at Gurogu, Digitalro 34gil, 55, Room No.803.(Gurodong, Kolon Science Valley 2nd), Seoul city, Republic of Korea, with the contact number: 1566-5534, and the contact email address: support@roborock.co.kr. In addition, you may also contact our Information Security and Privacy Execution Team or our Privacy Officer Zhen WU via email: privacy@roborock.com.
If you are not satisfied with our response, especially when you believe that our personal information processing activities have infringed upon your legitimate rights and interests, you may also take legal action in the competent court according to applicable law or resolve your claims through external channels such as lodging a complaint with the competent authority.