Last Updated Date:February 1, 2026
Effective Date:February 1, 2026
This Roborock App Privacy Policy (hereinafter referred to as the “Privacy Policy”) stipulates how Beijing Roborock Technology Co. Ltd. and its affiliated companies (hereinafter referred to as “Roborock” or “we”) collect, use, disclose, share, transfer, store and protect your personal information and your rights as the personal information subject. We are well aware of the importance of personal information to you. We will take corresponding security protection measures in accordance with applicable laws and regulations, and do our utmost to ensure the security and controllability of your personal information.
This Privacy Policy applies only to our personal information processing during your use of this online application Roborock App (hereinafter referred to as the “App”) that could be paired with the Roborock smart device (hereinafter referred to as the “Device”), and does not apply to any other Roborock products, services, websites, functions, or content that may have their own privacy policies. For example, the processing of personal information when you use a Device is subject to the corresponding privacy policy of such Device; and the processing of personal information when you use the in-app Store (if applicable) in the App is subject to the separate privacy policy displayed on the corresponding interface. Please note that our products and services may include third parties’ products, services and links to third-party websites. When you use such products or services or visit third-party websites, these third parties may also collect your personal information. This Privacy Policy does not apply to the personal information processing activities of any third-party products, services, or other third-party websites linked from the App, and we do not assume any responsibility for the personal information processing activities of third parties. We strongly recommend that you carefully read third parties’ privacy policies to make informed and prudent decisions.
Before using the App, please make sure to read and thoroughly understand this Privacy Policy. If you have any questions, opinions, or suggestions regarding the content of this Privacy Policy, please contact us through the methods described in Chapter VII of this Privacy Policy, and we will respond to you within the time limit stipulated by applicable law.
This Privacy Policy will help you understand the following contents:
I.How We Collect and Use Your Personal Information
II.How We Entrust Others to Process, Share, Transfer, and Publicly Disclose Your Personal Information
III.How We Store and Protect Your Personal Information
IV.Your Rights
V.Protection of Minors
VI.Updates To This Privacy Policy
VII.Contact Us
VIII.Additional Notice to California Residents
IX.Additional Notice to South Korea Residents
To provide you with relevant services of the App, we collect and use the personal information necessary to provide the basic functions of the App. If you use the App within the European Economic Area, we process your personal information for the purpose of fulfilling the contract on the basis of Art.6(1)(b) of the General Data Protection Regulation (hereinafter referred to as “GDPR”). If you use the service within Turkey, we process your personal information for the purpose of fulfilling the contract on the basis of Article 5(2)(c) of the Turkey PDPA. There is no legal or contractual obligation for you to provide the following personal information, however, we may not be able to offer you the basic functions of the App without such information.
1.Roborock Account Creation and Login
To assist you in successfully creating a Roborock account, you need to provide your mobile phone number or email address to us and set a password for your Roborock account. When you log into your Roborock account, we will collect your account credentials, including (1) your account username, password, mobile phone number and verification code to verify your identity; (2) and token to help you stay logged in. Besides, when you create or log in your Roborock account, we also collect the region you select and the country code to assist in identifying the data center to which your Device and mobile device are connected. If you choose to log in with a third-party account, including an Apple ID, Facebook account, or Google account, we will collect your third-party account information based on the scope of authorization you have granted.
As we operate a unified account system, the Roborock account you create may be used to access our website, App, and other online products and services. However, please note that when you register for or log in to your account in different countries or regions, your personal information may be stored in different nearby data centers, as described in Chapter III of this Privacy Policy. In such cases, your account usage data stored across different data centers may not be synchronized.
As your mobile phone number and email address are crucial to you logging in to the App, they will be stored on the mobile device on which the App runs. If you wish to delete that information, you can choose to delete your Roborock account via the method described in Chapter IV of this Privacy Policy. If you have deleted your Roborock account and want to further delete the local cache, you need to delete the App on your mobile device.
2.Maintenance of Roborock Account information
To help you manage and maintain your Roborock account, you can choose to set your profile picture and nickname, change your linked phone number, and opt to bind third-party OpenID including Apple, Facebook and Google. The profile picture you upload is only for display on your profile page.
3.Device Network Connection and Binding
Where the use of your Device requires a network connection, to enable your secure binding and control of the Device through the App, you need to connect your Roborock account, mobile device and the Device itself to your WiFi network for network configuration and binding your Device with the App. During this process, we collect your (1) Roborock Account Information; (2) Mobile Device Information: model, unique identifier (for ensuring that you safely use network and services), MAC address, operating system and version of your mobile device; (3) Device Information: model, serial number, and MAC address of the Device; (4) Time Zone Setting Information used for executing cloud-based scheduled tasks and implementing smart scenarios; (5) WiFi Network Information: current WiFi network name, WiFi mode (local or remote), IP address, received WiFi signal strength indicator (RSSI of the Device), and the WiFi password you provide; (6)Bluetooth information: name, MAC address and signal strength of Bluetooth. Your password information is only stored on the Device and will not be uploaded to our backend servers. You can clear your WiFi name and password at any time by resetting your Device or removing the App.
4.Device Information Display
To help you better understand the status of your Device, we display on the App your self-edited Device name, as well as your Device Status Information, and you can also manage the room name (if applicable). For detailed information on how we collect such Device information, please refer to the privacy policy corresponding to each of your linked Devices.
5.Device Firmware Updates
We may collect Device firmware information, Device model, and the Device Binding information of all the Devices bound to your Roborock account via the App to provide you with Device firmware version upgrade function. If you choose to turn on automatic updates, we will also use the time zone information you set to complete the updates during the night without interruption.
6.App Operation Stability and Security Maintenance
During your use of the App, to maintain the stability and security of the App, we need to collect your App crash information and mobile device related information, including the system version, language settings, model of your mobile device, and model of the linked Device.
To deliver more convenient and exceptional services for you and enrich your experience with the App, we may collect and use your personal information to provide the following additional functions. If you use the App within the European Economic Area, we process your personal information on the basis of your consent in accordance with Art. 6(1)(a) of the GDPR. If you use the service within Turkey, we process your personal information for the purpose of fulfilling the contract on the basis of Article 5(1) of the Turkey PDPA. There is no legal or contractual obligation for you to provide the following personal information. Without such information, the aforementioned basic functions of the App will remain accessible to you, but you may not be able to use those additional functions designed to offer an enhanced premium service experience.
1.User Care and Research Activities Along with Information Pushing
To enhance our products and services and further improve user experience, we may push information that interests you, inviting you to participate in activities such as free product trials, beta service experiences, or other user care and research initiatives. We will use your location, Device type, and activation time information for information pushing only after you have explicitly given your consent. You may disable this function anytime via “Device > Notifications > Message Settings > Events and Promotions”. If you choose to participate in such activities, we may collect your name, gender, mobile number, delivery address, Roborock account information, and any other information required for the specific activity through a questionnaire, depending on the nature of the event. If you successfully participate in the activity, this information will assist us in contacting you and providing you with testing products or gifts.
2.Widget Function and Auto-Start
When you use the App’s desktop widgets, the App will exhibit periodic auto-start behavior to ensure you receive timely updates and stay informed about your Device status. The auto-start is essential for the functionality of the widgets. If you do not use the App’s desktop widgets, the App will not auto-start.
3.Information Displaying and Pushing
We may send you Device notifications and system messages in the App, for which we will collect and use your Roborock account information, DID, mobile device system information, Device model and push token (operated by Google and Apple). You may request to stop the push of information at any time by contacting us through the method described in Chapter VII of this Privacy Policy.
4.User Experience Program
To better improve our products and services and provide you with a superior service experience, we invite you to participate in our “User Experience Program”. When you join our “User Experience Program”, you can view the details through “Profile > About Us > User Experience Program”.
5.Device Sharing
In order to support you in sharing your devices with other Roborock account users for joint control and use, when you choose to share a specific Device with another person, such Device will be deemed to be a Device of the recipient you have selected. In such cases:
(1) The Device recipient’s account will be treated as a sub-account of the Device bound to your account;
(2) Information generated from your use of the Device and the recipient’s use of the Device will be synchronized between both parties, and any information generated by the recipient through the use of the Device will be processed in accordance with your account settings. If the recipient wishes to exercise data subject rights, such as the right to access or the right to data portability, in relation to data associated with the shared device, such requests should be submitted to us through your Roborock account.
For the avoidance of doubt, this Privacy Policy applies to all use of the Device by both you and the recipient. When using this feature, we remind you to inform the recipient of your account’s privacy settings and to advise the recipient to carefully read this Privacy Policy, so as to protect the recipient’s rights such as the right to be informed and the right to make decisions. Please note that the recipient will only have access to certain Device functions. For example, the recipient cannot modify the Device name, room name (if applicable), live scene photos, or real-time video settings, and cannot use features such as log reporting, firmware upgrades, or device sharing (subject to the actual functional configuration).
We may also collect your account (phone number or email), the recipient’s account, and shared device information for the purpose of enabling the device sharing feature and displaying the sharing status on the device list page. You may cancel the sharing via “Profile > Device Sharing”.
6.Smart Speaker Control
Certain devices provide smart speaker voice control feature, enabling you to control devices through third-party smart speakers. You may select “Profile > Smart Control” within the App to access operation instructions. To provide you with the smart speaker voice control feature, we need to collect your UID, device name, DID, room name (if applicable), and room ID (if applicable).
7.Issues and Feedback
The feedback you choose to provide is of great value to us as it will help us improve our services and allow us to assist you in solving any problems that you encounter during your use of the App and Device. In order to track the feedback you provide, we will collect the Roborock account username you choose to provide with us, feedback (both text and photos) you enter, the model and system version of your mobile device, App version and Device type. In addition, if you encounter any issues while using the App, you can also opt to upload your App log information so that we can help you solve issues in relation to daily usage.
You may also view frequently asked questions through the “User Manual” function within the App and provide feedback on specific issues you encounter through the online questionnaire. In this process, we may collect your browsing history, and the content you submit through the questionnaire (if any).
8.Online Support
To help you resolve various product-related issues during pre-sales and after-sales processes, we provide online support service for certain types of Devices, such as lawn mowers. You may access this service by selecting “Profile > Customer Support” in the App, entering the interface for the specific product type, and clicking “Online Support”. You may also access “Online Support” through the “User Manual” feature.
To provide the online support services described above, we may collect your UID, DID, Device diagnostic data, service tickets you submit (including name, email address, device model, and description of the issue), and customer support communication records (including any text, images, videos, and audio you send). If you access “Online Support” through the “User Manual” feature, we will also collect the browsing records related to your use of the “User Manual”.
In addition to collecting and using personal information necessary for providing basic and additional functions, we may also collect and use your personal information in other necessary circumstances.
1. Compliance with Applicable Legal Obligations
To fulfill our legal obligations, we may collect and use your personal information, such as disclosing your information to government agencies, regulatory bodies, tax authorities and specific industry authorities as required by applicable laws.
Under the above circumstances, we may collect and use various categories of personal information that were collected when providing you with the aforementioned basic and additional functions. If you use the App within the European Economic Area, we may process your above-mentioned personal information in accordance with Article 6(1)(c) of the GDPR for the purpose of complying with applicable legal obligations. If you use the service within Turkey, we will process your personal information in accordance with Article 5(2)(d) of the Turkey PDPA on the basis of complying with applicable legal obligations.
2. Legitimate Interests
If you use the App within the European Economic Area, we may process your personal information in accordance with Article 6(1)(f) of the GDPR for the purpose of pursuing legitimate interests. If you use the service within Turkey, we will process your personal information in accordance with Article 5(2)(f) of the Turkey PDPA on the basis of pursuing legitimate interests. Such circumstances primarily include:
Under the above circumstances, we may collect and use various categories of personal information that were collected when providing you with the aforementioned basic and additional functions.
In order to provide you with certain service functions, we need you to enable the relevant permissions of your mobile device. We will only use the relevant permissions when you trigger the relevant business functions and obtain your personal information (if applicable). For optional permissions, you can refuse or withdraw the authorization of such permissions at any time, for which you may not be able to use the corresponding service functions, but this will not affect your normal use of other functions of the App. Currently, the App may request the following permissions of mobile device:
We may entrust third-party service providers (including our mailing houses, delivery service providers, telecoms companies, data storage service providers, technology support providers, customer service providers and IOT service providers) to process your personal information in order to provide you with the corresponding products or services. In addition, These third-party service providers only process your personal information on our behalf for the purposes stated in this Privacy Policy. For the companies, organizations, and individuals we entrust with the processing of personal information, we enter into strict confidentiality agreements or other data protection related agreements with them, stipulating that they must process personal information strictly in accordance with our instructions. They are also required to adhere to the privacy protection requirements in your jurisdiction, and to implement further measures to safeguard the confidentiality and security of your personal information.
We do not sell any personal information to third parties. We do not share your personal information with other third parties (including companies, organizations, and individuals), except in the following circumstances:
We will not transfer your personal information to any company, organization, or individual, except under the following circumstances:
We will only publicly disclose your personal information under the following circumstances:
With your separate consent;
In cases where it is required by law, legal proceedings, litigation, or mandatory requests from government authorities, we may publicly disclose your personal information.
For the avoidance of doubt, to the extent permitted by the data protection laws in your jurisdiction, and solely to that extent, we may share, transfer, or publicly disclose your personal information without your consent.
In order to support our global operations:
The above entities undertake to process information in accordance with applicable data protection laws and to implement appropriate security measures to protect your personal information.
When we transfer your information outside the European Economic Area, the United Kingdom, or Switzerland, we will ensure that it is protected by an adequate level of data protection through the following mechanisms:
Adequacy Decisions. The European Commission, pursuant to Article 45 of the GDPR (or equivalent determinations under other applicable laws), determines that certain countries/regions provide an adequate level of data protection. Where such an adequacy decision applies, we may transfer your personal information to those countries/regions;
Standard Contractual Clauses. Pursuant to Article 46 of the GDPR, the European Commission has approved Standard Contractual Clauses (as well as equivalent clauses approved in the United Kingdom and Switzerland) as a lawful mechanism for transferring data from the European Economic Area to third countries. Where no adequacy decision applies, we will rely on such Standard Contractual Clauses to transfer your personal information to relevant entities within our corporate group and to partners in third countries.
We retain your personal information within in the period necessary to achieve the purposes of personal information collection, or within that prescribed or permitted by applicable law. Once we determine that the continued retention of personal information is no longer in line with the purpose for which it was collected, we will promptly cease retention and take immediate steps to either delete or anonymize the personal information.
If personal information processing activities are based on the public interest, scientific, historical research, or statistical purposes, we may continue to retain the relevant data, even if further processing is unrelated to the original collection purposes, where permitted by applicable data protection laws.
We are committed to ensuring that your personal information is secure. To prevent unauthorized access, disclosure or other similar risks, we have put in place reasonable physical, electronic and organizational measures to safeguard and secure the information we collect through the App. We will use all reasonable efforts to safeguard your personal information.
Your data will be stored on a secure server and protected in a controlled facility. We classify your data based on importance and sensitivity and ensure that your personal information has the highest security level. We make sure that our employees and third-party service providers who access the information to help provide you with our products and services are subject to strict contractual confidentiality obligations; failure to fulfill these obligations may result in disciplinary action or termination of the partnership. We have special access controls for cloud-based data storage as well. All in all, we regularly review our information collection, storage and processing practices, including physical security measures, to guard against any unauthorized access and use.
We will take all practicable steps to safeguard your personal information. However, you shall be aware that the use of the Internet is not entirely secure, and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
In accordance with applicable legal requirements, including the personal information protection legislation in your jurisdiction, we will promptly notify the relevant regulatory authorities upon occurrence of any personal information leakage; under certain special circumstances, we will also notify the data subjects of the relevant leakage.
To safeguard your personal information, please do not disclose your account information to anyone except for a person who is duly authorized by you. Roborock cannot be held accountable for lapses in security caused by third party accesses to your personal information as a result of your failure to keep your personal information private. Notwithstanding the preceding, you must notify us immediately if there is any unauthorized use of your account by any other internet user or any other security vulnerabilities. Your assistance will help us protect the privacy of your personal information.
In accordance with the laws and regulations applicable to your jurisdiction, you or any other authorized party may have certain rights over the personal information we hold about you. Roborock ensures that you can exercise the following rights over your personal information and hereby provides relevant control settings.
Under the applicable data protection laws, we may first request you to verify your identity upon receiving your request. Once your identity has been successfully verified, we will respond to your request within the timeframes stipulated by the applicable data protection laws. Generally, we do not charge a fee for reasonable requests. However, for repetitive, excessive, or unreasonable requests, we may impose a reasonable fee based on the circumstances. Requests that are unfounded, require excessive technical means, pose risks to the legitimate rights of others, or are highly impractical may be refused in accordance with the applicable data protection laws. In cases where we cannot fulfill your request, we will provide an explanation for the refusal.
According to the applicable data protection laws, you have the right to delete your personal information. You may delete the personal information yourself through the following methods.
In addition to the methods mentioned above, you can also request the prompt deletion of your personal information by contacting us through the methods described in Chapter VII of this Privacy Policy. Unless otherwise required by applicable laws, we will promptly delete or anonymize the relevant personal information upon your request. Please understand that, after you or we assist you in deleting relevant personal information, we and our partners may not be able to immediately remove it from backup systems or third-party systems due to applicable law and security technology constraints. However, we will securely store your information and complete the removal or anonymization process as soon as reasonably practicable in accordance with applicable laws.
Please note that, with respect to information stored locally on your Device during your use of the Device, as we are unable to access or control your Device, such information will not be deleted from the device after you delete your personal information through the above methods. If you need to delete information stored on the Device, please follow the instructions provided in the device manual and delete the information directly on the Device.
You have the right to request access to and/or correction of any personal information we hold about you. Upon your request, we can provide a free copy of the personal information records we have collected and processed about you. If you wish to request access to the personal information we hold or if you believe any information we hold about you is incorrect or incomplete, please contact us as soon as possible through the methods described in Chapter VII of this Privacy Policy.
Subject to applicable law, you may have the right to restrict or object to our use of your personal information in certain scenarios. You can request to exercise this right by contacting us through the methods described in Chapter VII of this Privacy Policy.
When we process personal information based on your consent, you can submit a request through the methods described in Chapter VII of this Privacy Policy or withdraw your consent to our Privacy Policy at any time by tapping “Me > About Us > User Agreement & Privacy Policy” in the App and therefore withdraw consent for our collection, use, and/or disclosure of your personal information held or controlled by us in accordance with this Privacy Policy.
Please note that your withdrawal of consent may result in certain legal consequences. Depending on the scope of your withdrawal of consent, you may not be able to access certain services we provided via the App. However, your withdrawal will not affect the personal information processing activities conducted based on your previous authorization.
If you have any questions about our processing of your personal information, you can contact us through the methods described in Chapter VII of this Privacy Policy to request relevant explanations or clarifications.
Subject to applicable data protection laws, you have the right, to request the transfer of your personal information to another personal information controller in the manner prescribed by law. You can request to exercise this right by contacting us through the methods described in Chapter VII of this Privacy Policy.
Subject to the data protection laws in your jurisdiction, you may also have other rights. Specifically, if you use the App within the European Economic Area, you have the right to refuse personal information processing activities solely based on automated decision-making, and the right to lodge complaints with the relevant data protection authorities regarding our personal information processing activities. If you use the App in South Korea, you also have the right to request a suspension of personal information processing, receive appropriate compensation for damages caused by the processing of personal information, refuse the processing of personal information based entirely on automated decision-making, or request an explanation thereof.
As required by applicable law and our User Agreement, we consider users under the age of 18 (and a higher age if required by the applicable law in your jurisdiction) as minors. We do not knowingly collect, use, sell or share personal information from minors or send any marketing information to minors. If we become aware that we have collected personal information from a minor without first obtaining parental or legal guardian consent, we will endeavor to delete the relevant data as soon as possible. If a parent or guardian believes that a minor has submitted personal information to us without their prior consent, we strongly encourage you to promptly contact us through the methods described in Chapter VII of this Privacy Policy. We will delete the relevant personal information as soon as possible and ensure the minor is unsubscribed from any applicable Roborock services.
We keep our Privacy Policy under regular review and may update this Privacy Policy to reflect changes to our information practices. If we make material changes to our Privacy Policy, we will notify you through the App, so that you are informed of the latest version of this Privacy Policy. Such changes to the Privacy Policy will be effective from the date specified in the notice or as stated on the websites. We recommend that you regularly review this page to stay informed about our privacy practices.
If you have any comments or questions about this Privacy Policy, or if you have any concerns regarding Roborock’s handling of your personal information, please contact us using the information provided below and indicate that your inquiry or comment is related to the “Privacy Policy”:
If you are not satisfied with our response, especially when you believe that our personal information processing activities have infringed upon your legitimate rights and interests, you may also take legal action in the competent court according to applicable law or resolve your claims through external channels such as lodging a complaint with the competent authority.
If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with the following additional information:
Collection and Use of Your Personal information. We collect and use your personal information in the preceding 12 months as described in Chapter I above, primarily including the following categories.
Disclosure of Personal Information. We disclose personal information with third parties for business purposes in the preceding 12 months as described in Chapter II above. The details are as follows:
| Categories of Personal Information Disclosed | Categories of Recipients |
|---|---|
| Identifiers | Roborock affiliates Third-party partners |
| Customer records | Roborock affiliates Third-party partners |
| Commercial information | Roborock affiliates Third-party partners |
| Internet or other electronic network activity information | Roborock affiliates Third-party partners |
| Geolocation data | Roborock affiliates Third-party partners |
| Audio, electronic, visual, or similar information | Roborock affiliates Third-party partners |
| Sensitive personal information | Roborock affiliates Third-party partners |
Your Rights. As a California resident, you may be able to exercise the following rights:
You also have the right to be free of discrimination for exercising these rights. We will not discriminate or retaliate against you for exercising any of your rights under the CCPA. However, please note that the exercise of these rights may limit our ability to process personal information. For example, if you submit a deletion request, we may no longer be able to provide you with our products and services or engage with you in the same manner.
Limit the Use of Sensitive Personal Information. You also have the right to request limitation of use and disclosure of your sensitive personal information, subject to certain exceptions. If you would like to limit the use of your sensitive personal information, please contact us by using the contact details provided in Chapter VII of this Privacy Policy. The password of your Roborock account is sensitive personal information as defined by the CCPA. Currently, we process your account password only in an irreversible hashed form and solely to the extent necessary to provide account creation, login, and related services. We do not “sell” or “share” (as defined under the CCPA) your sensitive personal information.
Opt-out the Sale or Sharing of Your Personal Information. Based on the definition of “sell” and “share” under the CCPA, we do not believe that we engage in such activity and have not engaged in such activity in the past 12 months from the effective date of this Privacy Policy.
Rights Related to Automated Decision-Making Technology (“ADMT”).You have the right to opt out of our use of your personal information for automated decision-making, and the right to obtain information regarding our use of ADMT to process your personal information, the logic involved in ADMT decisions, and information about alternative procedures, etc.
To submit your California Consumer Rights Requests. You may submit a request to exercise your California Consumer Rights by contacting us using the contact details provided in Chapter VII of this Privacy Policy. We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your Roborock account. In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law. You may designate an authorized agent to exercise your rights on your behalf, provided that we receive written authorization from you permitting such agent to submit the request. We reserve the right to deny the request if we cannot reasonably verify the authorization or your identity.
Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in Chapter VII of this Privacy Policy. If your appeal is denied and you are a California resident, you may contact the California Attorney General about the results of the appeal by submitting a complaint by here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company.
If you are a Korean resident, the following provisions take precedence over the Roborock App Privacy Policy.
We collect and use personal information to the minimum extent necessary to provide services in accordance with the Personal Information Protection Act of Korea.
Please find below the details of personal information processed without your consent.
| Legal Basis | Category of Collection and Use | Purpose of Collection | Personal Information Collected | Use and Retention Period |
|---|---|---|---|---|
| Articles 15(1)(4)(Performance of a Contract) and 15(1)(6)(Legitimate Interests) of the Personal Information Protection Act | Collection and Use of Personal Information for Providing Basic Functions | Roborock account creation and login | - Your account username, password, mobile phone number, email address and verification code for identity verification - Your account authentication information, including a token to maintain your login status - (When creating or logging in to a Roborock account) Your selected region and country code - (When logging in with a third-party account, including an Apple ID, Facebook account, or Google account) Your third-party account information, depending on the extent of the permissions you have granted |
Until the purpose is achieved or your membership withdrawal |
| Maintaining Roborock account information | - Profile photo, nickname, mobile phone number, OpenId of third-party account (if applicable) | Until the purpose is achieved or your membership withdrawal | ||
| Device network connection and binding | - Roborock account information, mobile device information (mobile device model, unique identifier (to ensure safe use of networks and services), MAC address, operating system and its version) - Device information (Device model, serial number, and MAC address), time zone setting information used to execute scheduled tasks - WiFi network information (current WiFi network name, WiFi mode (local or remote), IP address, WiFi signal strength (RSSI) of the Device, and WiFi password provided by you) - Bluetooth information (bluetooth name, MAC address and signal strength) |
Until the purpose is achieved or your membership withdrawal | ||
| Device information display | - Device name, room name and device status information as you provided | Until the purpose is achieved or your membership withdrawal | ||
| Device firmware update | - Device firmware information for all Devices connected to your Roborock account, Device model, and Device binding information | Until the purpose is achieved or your membership withdrawal | ||
| Maintaining the stable operation and security of the App | - App crash information, information related to the mobile device (including system version, language settings, model of the mobile device, model of the connected Device) | Until the purpose is achieved or your membership withdrawal | ||
| Collection and use of personal information to provide additional features and services (applicable if you choose to use such additional features) | Widget function and automatic start | - Latest information on the status of the device | Until the purpose is achieved or your membership withdrawal | |
| Information display and push | - Roborock account information(phone number or email address), DID, mobile device system information, Device model and push token (operated by Google and Apple) | Until the purpose is achieved or your membership withdrawal | ||
| Device sharing | - Your account (phone number or email), the recipient's account (phone number or email), and the shared device information. | Until the purpose is achieved or your membership withdrawal | ||
| Issues and feedback | - Roborock account username, feedback entered (both text and photos), mobile device model, system version, App version and device type - App log information (only if you choose to upload app log information when you experience any problems while using the app) |
Until the purpose is achieved or your membership withdrawal | ||
| Smart speaker | - User uid, device name and ID, room name and ID | Until the purpose is achieved or your membership withdrawal |
We process the following personal information items with your consent, in accordance with Articles 15(1)(1) and 22(1)(7) of the Personal Information Protection Act. You have the right to refuse consent for the collection and use of your personal information; however, if refused, you may not be able to access to certain services.
| Category of Collection and Use | Purpose of Collection | Personal Information Collected | Use and Retention Period |
|---|---|---|---|
| Collection and use of personal information to provide additional features and services | (optional) Product and service promotion notification push |
- Region, device type, activation time, push token (operated by Google and Apple) | Until the purpose is achieved or your withdrawal of consent |
| (optional) User experience improvement program (Anonymous data statistics and fault analysis to improve the user experience) |
- Personal information specified in the user experience program including phone model, system version, and other click data | ||
| (optional) User care and research activities |
- Name, email, phone number, and other information needed for the survey |
Please also refer to here for device data sharing.
We process personal information only within the scope specified in i. Personal information items processed and provide personal information to third parties only when permitted under Articles 17 and 18 of the Personal Information Protection Act, such as with the consent of the data subject or when specifically required by law.
For the seamless provision of services, we provide personal information to third parties within the minimum necessary scope, with the consent of the data subject, in accordance with Article 17(1)(1) of the Personal Information Protection Act.
| Recipient | Purpose of Use by Recipient | Items Provided | Retention and Use Period |
|---|---|---|---|
| Naver Corp. | Smart speaker voice control | User uid, device name and ID, room name and ID | Until the purpose is achieved or your withdrawal of consent |
In accordance with Article 17(4) of the Personal Information Protection Act, we may provide additional personal information without the data subject's consent, taking into account the matters specified in Article 14-2 of the Enforcement Decree of the Personal Information Protection Act.
In providing additional personal information without the data subject’s consent, we have taken the following factors into account:
o The personal information provided is closely related to the original purpose of collection, which includes providing IoT features (such as operation through smart speaker voice controls) in our product and supporting device performance.
o Data subjects can reasonably expect the provision of personal information as part of the service contract process due to the nature of the service.
o The information is provided at the data subject’s request to deliver our services and does not unduly infringe upon the data subject’s interests.
o We have implemented necessary security measures to minimize the exposure of personal information.
We may provide users' personal information to third parties in accordance with lawful procedures specified by other laws that include special provisions. In particular, we may provide personal information to relevant authorities without the user's consent in situations such as protecting our interests or those of third parties, dealing with a legal case, or selling or merging Roborock.
1)We provide and entrust your personal information to an overseas third party as follows in accordance with Article 28-8 of the Personal Information Protection Act.
2)You may refuse the transfer of your personal information to an overseas third party by notifying us of your refusal through the contact information of the personal information protection officer under chapter ix, except in cases where the transfer is necessary for the conclusion and performance of a contract. However, in such cases, your use of some services may be restricted.
Overseas entrustment of personal information
| Relevant Basis under the Personal Information Protection Act | Personal Information Transferred | Destination Country | Timing and methods of the transfer | Recipient | Purpose of Use | Use and Retention Period |
|---|---|---|---|---|---|---|
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | All personal information involved in this Privacy Policy necessary for daily operation and fault analysis (Account information, function information, configuration information, activity information, feedback information, device information) | China Mainland | Real Time, HTTPS | Beijing Roborock Innovation Technology Co., Ltd. (Innovation-privacy@roborock.com) | Daily operations and fault analysis | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | All personal information involved in this Privacy Policy (Account information, function information, configuration information, activity information, feedback information, device information) | United States (Privacy Policy) | Real Time, HTTPS | Amazon Web Services, Inc. (aws-korea-privacy@amazon.com) | To provide communication service (including cloud storage services, Register/log-in/forget-password via SMS or emails) | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | DID, device name, room name and type, IP address, time zone, country and device information | United States | Real-time, SDK | Tuya Global Inc. (privacy@tuya.com) | Provide IoT services (We have started migrating to Roborock IOT server in April 2021 and you can stop using Tuya at any time through firmware updates) | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | Phone Number | United Kingdom (Privacy Policy) | Real-time,cloud connection | Infobip Ltd. (data-protection-officer@infobip.com) | Register/log-in/forget-password via SMS (Alternative) | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | Device logs (including device information, user information, network information, home environment information, map information, machine behavior) | United States, Singapore | Real Time, HTTPS | Xiaomi Inc. (support.global@support.mi.com) | To provide communication service (including cloud storage services) | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | Feedback image, SN, RUID, SSID, MAC address, IP address and device logs | United States, Singapore (Privacy Policy) | Real Time, HTTPS | Alibaba Cloud (Singapore) Private Limited (DPO_Intl@alibabacloud.com) | Feedback image storage | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | Device information, user information, network information, environment information, offline maps and device logs | United States, China Mainland (Privacy Policy) | Real Time, HTTPS | Tencent Cloud Computing (Beijing) Co., Ltd. (cloudlegalnotices@tencent.com) | To provide communication service (including cloud storage services) | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | (When sharing the device)Device name, home name, user nickname (in other cases do not identify individuals, only uses Google's own token) | United States (Sub-processor) | Real Time, SDK | Google LLC (googlekrsupport @google.com) | To provide push notification service | Until the purpose is achieved or your membership withdrawal |
| Article 28-8(1)(3) (Entrustment/Storage for contract performance) | (When sharing the device)Device name, home name, user nickname (in other cases, do not identify individuals, only uses Apple’s own token) | United States(Privacy Policy) | Real Time, SDK | Apple Inc. (1-800-275-2273) | To provide push notification service | Until the purpose is achieved or your membership withdrawal |
Provision of personal information to overseas third parties
| Relevant Basis under the Personal Information Protection Act | Personal Information Transferred | Destination Country | Timing and methods of the transfer | Recipient | Purpose of Use | Use and Retention Period |
|---|---|---|---|---|---|---|
| Article 28-8(1)(1) (Consent of the Data Subject) | User uid, device name and ID, room name and ID | United States | Real Time, HTTPS | Amazon.com Services LLC (Alexa) (contracts-legal@amazon.com ) | Smart speaker voice control | Until the purpose is achieved or your withdrawal of consent |
| Article 28-8(1)(1) (Consent of the Data Subject) | User uid, device name and ID, room name and ID | United States | Real Time, HTTPS | Google LLC (Home, Assistant) (googlekrsupport @google.com) | Smart speaker voice control | Until the purpose is achieved or your withdrawal of consent |
1.We retain your personal information for the period during which we provide services to you in accordance with the contract between us, but when the purpose of collecting and using personal information is achieved or when you request its destruction (whichever comes first), we destroy it in a way that cannot be restored without delay. However, we may need to retain your personal information in accordance with the relevant laws and/or in accordance with the obligations under the relevant laws (e.g. product supply, order cancellation or payment records for 5 years, consumer complaint records for 3 years and labeling/advertising records for 6 months as per E-Commerce Act, and log records for 3 months and other communication confirmation data for 12 months as per Protection of Communications Secrets Act).
2.We destroy your personal information following the procedures and methods outlined below.
a. Destruction Procedure
We identify the information to be destroyed and destroy personal information when the reason for its destruction arises, under the supervision of our personal information protection officer.
b. Destruction Methods
We ensure that personal information stored in electronic files is destroyed in a manner that prevents any possibility of restoration. For personal information recorded in paper documents, we utilize shredding or incineration to ensure complete destruction.
We collect and process your personal information directly in China to provide services to you.
We implement measures to protect your personal information in accordance with Article 29 of the Personal Information Protection Act and Articles 30 and 30-2 of its Enforcement Decree. These measures are designed to prevent your personal information from being lost, stolen, leaked, altered, or damaged. The specific measures we take include:
Establishing and operating an organization dedicated to information protection, developing and implementing an information protection management system, minimizing the number of personnel who handle personal information, and providing regular training for employees on personal information protection
Implementing access controls and restrictions on access rights, monitoring systems to prevent leaks or damage to personal information, encrypting important personal information and securing communication channels, utilizing security programs, such as antivirus software, conducting regular backups and managing access logs
Installing and operating systems in areas with restricted access to the outside
We want to inform you about our use of cookies when you visit our website. Cookies are small text files stored on your device that allow your browser or device to be recognized when you return to the site, providing you with a customized online experience. Cookies enable us and third parties to monitor your online activity and display advertisements tailored to your interests.
Here’s how to disable automatic data collection in apps:
Our services are not intended for users under the age of 14. If you become aware that a child under 14 has registered for our services, please notify us. If we discover that we have collected personal information from a child without the consent of a legal guardian, as required by law, we will delete that information in accordance with applicable laws and regulations.
We are committed to properly handling personal information and have appointed the following personal information protection officer to address complaints and provide remedies related to personal information management.
Department responsible for personal information protection
- Department name: Personal Information Protection Implementation Team
- Person in charge: Jia Sun
- Contact information: privacy@roborock.com
You can seek dispute resolution or consultation from the Personal Information Dispute Mediation Committee, the Personal Information Infringement Report Center of the Korea Internet & Security Agency, and other organizations to receive assistance for personal information infringements. For additional reports or consultations regarding personal information issues, please contact the following organizations.
If we make any additions, deletions, or modifications to the Privacy Policy due to changes in laws, policies, or security technologies, we will inform you of the reasons and details of these changes. You will be notified at least seven days prior to the changes taking effect, and this information will be available on our website.