Privacy Policy

Overview

Mazsa Star Electronics Trading LLC. is a limited liability company incorporated under the laws of the People’s Republic of China (hereinafter referred to as “we”). We take the maintenance and protection of users’ personal data seriously.

This policy applies to all of our products and services.

Last updated: Jun. 1, 2023.

This policy mainly explains to you:

I. what personal data we collect from you

II. how we use personal data

III. how we store and protect personal data

IV. general circumstances under which we provide your personal data to the public

V. particular circumstances under which we provide your personal data to the public

VI. your rights

VII. special agreement on minors’ personal data

VIII. updates to this policy

IX. how to contact us

We understands the importance of personal data to you and will do our utmost to protect the security and reliability of your personal data. We are committed to maintaining your trust in us and protecting your personal data. At the same time, We warrants that we will protect your personal data with appropriate security measures in accordance with proven industry security standards.

Please read and understand this Privacy Policy carefully before adopting our products or services. We will strictly comply with this policy. We will make the following important commitments to you through this policy. If you want to know more details, please read the corresponding sections in accordance with the above headings.

  1. We will explain the types of personal data we collect from you and the corresponding purposes one by one for you to learn the types, use reasons and collection methods of specific personal data that we collect for a particular product, service or function.
  2. Personal data we collect may contain your sensitive data, which, once leaked, illegally provided or abused, may endanger personal and property safety, or easily lead to damage to personal reputation, mental & physical health, discriminatory treatment, etc. For such collections, we will mark them in boldface to prompt you to note them.
  3. You can access, correct or delete your personal data and withdraw consent, cancel App account, complain and report and set privacy features through methods or channels listed in this policy to control your personal data.

You understand that this policy is closely related to your use of products and services. We encourage you to read this policy and make the choice that you think appropriate. We strive to explain it in plain and concise expressions, and the terms that have or may have a significant relationship with your rights and interests will be marked in boldface to prompt you.

If you have any questions, complaints or suggestions on or related to this policy, please send an email to info@mazsatrade.com to contact our Data Protection Department. We are glad to deal with your concerns directly.

You know and agree that as long as you click to accept this policy and complete the App account registration process, or use our products and services, it means that we are allowed to collect, use, store and share your applicable information in accordance with this Privacy Policy.

I. What personal data we collect from you

Some common terms are explained to facilitate your clearer understanding of this policy.

Mobile terminals refer to mobile devices running the App, such as mobile phones and tablet computers.

Robot vacuum products refer to intelligent hardware equipment that can access IoT platforms through the App.

In order to provide our services to you, we will ask you for personal data that is necessary for us to successfully provide those services. If you do not provide us with such personal data, we may not be able to provide our products or services to you.

The basic business functions of the products and services that we provide include:

  1. all functions of your robot vacuum products (as specified in product instructions);
  2. pairing the App with your robot vacuum products, and controlling and recording their operation;
  3. communicating and solving the problems related to the use and operation of the App and the robot vacuum products paired with the App.

We only collect necessary information for specific, explicit and lawful purposes and do not further process the information in a manner incompatible with those purposes. We collect the following data (whether they are personal or not).

(I) Information you provide to us

When you start the App for the first time, we will ask you to confirm where you live and select the language of the App. The App account is the premise for you to use the App business functions on mobile terminals containing the App after the download, and will collect all kinds of data provided and received by you in the App. When you register an account in the App, we will collect your email address and password.

(II) Information related to mobile terminals and App operation

We may collect information related to mobile terminals running the App, information about the cellular network operators that your mobile terminals use, and App crash information.

(III) Device information

We may collect information about robot vacuum products binding on your account, such as device type, MAC address, SN code, device network status (IP/network signal), Android ID (device identification of Android phone), firmware version and router MAC address.

(IV) Distribution network access information

Data collected in the distribution process, which may involve using Cookies for storage so that you can view the distribution network history next time, are not all identifiable personal data, including:

  1. App name;
  2. Mac address, operating system and its version;
  3. SSID, network standard, displayed IP address, location, time zone, and time when the distribution network request is made to our server of the same Wi-Fi network that your mobile devices and your robot vacuums are connected to;
  4. type, SN code, and Mac address of your robot vacuum;
  5. status and fault type that you met in the distribution network process.

(V) Permissions for invoking mobile terminals

We will need to invoke the following permissions on your mobile terminals:

  1. “mobile data”, “Wi-Fi information” and “local network” permission for distribution network connection and App functions available with the network connection, as well as “positioning” and “Bluetooth” permissions of your mobile terminals for efficient distribution network;
  2. “storage” permission for storing the App service log and updating the App;
  3. “device information” for protecting your App account security;
  4. “notification” permission for pushing messages related to your account to your mobile terminals.

II. How we use personal data

We may use your personal data to:

  1. create your account. The email address collected when creating an account through your mobile terminals are used to create your personal account and profile page.
  2. guarantee the basic functions of the App and devices. We collect your login information to ensure the basic functions of the App; and collect device information bound to an account to ensure the basic functions of devices.
  3. access to devices. When devices need to be connected to the network, you need to perform corresponding network settings on devices through the App. In this process, you need to enter the Wi-Fi name and password, and combine the collected time zone settings, rough location information, account name, and Token, which are only used for the distribution network of devices. You can clear your Wi-Fi name and password at any time by resetting your devices and deleting the App.
  4. display the device status. You can view your device status remotely to check the online status.
  5. provide push services. Your account will be used for push services and sending you device notifications and system notification messages.
  6. verify the user’s identity. The App uses a password to verify your identity, ensuring that unauthorized persons cannot log in.
  7. maintain the login status. Token will be used to help you maintain the login status, and you do not need to enter the login account information again.
  8. collect user feedback. The feedback you choose to provide is invaluable in helping us improve our services and in helping you resolve any problems you may encounter during use. To track the feedback you provide, your account name, input feedback, mobile terminal model name and system version will be retained on the server side.
  9. provide firmware upgrade function. We will inform you of upgrading the firmware according to the firmware version information of all devices bound by your account through the App when the corresponding upgrade package is available.
  10. improve products and services. We use information about the operation of your mobile terminals and App to improve our products and services.

III. How we store and protect personal data

  1. We will store the location of your personal data. We will store personal data collected and generated in China on our servers rented from Alibaba Cloud in China. In case of transferring relevant personal data collected in China to overseas institutions due to business or applicable laws, we will comply with laws, administrative regulations and the provisions of relevant regulatory authorities, and ask overseas institutions to keep personal data confidential through effective measures, including signing agreements and verifying.
  2. Our data security ability and policy. We warrant that we will make information security protection meet the security level required by laws and regulations. To protect your information, we are committed to using all kinds of security technologies and a supported management system to prevent your information from being disclosed, damaged, or lost. In the meantime, we have set up a personal data protection responsibility department, established a relevant internal control system, and adopted the principle of least-sufficient authorization for staff who may have access to your information to strictly control the data access process and approval mechanism.
  3. Our handling of personal data security incidents. Please understand that due to limited technology and possible malicious means, personal data security incidents may unfortunately occur due to factors beyond our control. In case of any security incident, we will inform you in a timely manner under laws and regulations of the basic situation and possible impact of security incidents, disposal measures we have taken or are going to take, suggestions for your autonomous prevention and risk reduction, remedial measures for you, etc. We will inform you of incidents timely by email, letter, phone or push notification. If it is difficult to inform you one by one, we will take a reasonable and effective way to release announcements. At the same time, we will take the initiative to submit the disposal conditions of personal data security incidents as required by regulatory authorities.
  4. We will delete your personal data. We will only retain your personal data as long as necessary for the purposes described in this policy and for the maximum period permitted by laws and regulations (the earlier expiry prevails), after which we will delete or anonymize in a timely manner. If we stop all or part of your services or relevant operations, we will promptly stop collecting your relevant personal data and inform you of it in accordance with the User Agreement, and delete or anonymize your personal data held by us. We will also respond to your requests to delete your personal data collected by us in accordance with applicable laws. However, we have the right to retain your personal data in accordance with applicable laws, such as the provision on the storage period of the weblog, or to retain your personal data in consideration of other legal relationships that still exist between us. We will also retain the records of the consent you have given us to collect and use personal data, subsequent changes or withdrawals of consent (we will avoid new collection of personal data arising from such retention) to respond to legal obligations and threatened litigations.

IV. General circumstances under which we provide your personal data to the public

(I) Overview

Generally, we will only provide your personal data to the public to

offer the business functions described in this policy, collect and use personal data in accordance with this policy, and inevitably use third party technology (such as using a third-party technical database to build the technical framework of an App or your robot vacuums). Other third-party service may also be involved. Thus, such third party may know that you agree to provide your personal data by this policy (for example, for operating the App through servers lent from any third party or storing your robot vacuums’ data and database).

According to the last method mentioned above, the third-party’s contact with your personal data can be divided into the following categories.

[How to collect your personal data]

Entrusted data processors will indirectly obtain your personal data from us

Shared parties will indirectly obtain your personal data from us

Co-controllers will obtain your personal data directly at the same time as us through the App’s built-in interface

Third parties of other Apps that access will obtain your personal data directly at the same time as us through the App’s built-in interface

[Personal data control subject]

Entrusted data processors: only us (Entrusted data processors are entrusted by us and have no right to independently decide how to process your personal data)

Shared parties: we and shared parties respectively control the process of your personal data

Co-controllers: we and co-controllers respectively control the process of your personal data

Third parties of other Apps that access: only we or we and third parties of other Apps that access have the control right

[Has the App offered the option to opt out of the involvement of the third party? Has the third party asked your consent for a separate privacy policy?]

Entrusted data processors: No

Shared parties: No

Co-controllers: No

Third parties of other Apps that access: Yes

It is hereby clarified that the marketing information we publish for third-party merchants in the App does not include sending your personal data to such third parties.

Please notice that the above third parties may have an independent privacy policy or personal data protection policy applicable to you and may collect and use your personal data separately from the App or your devices. This situation does not apply to this policy and we will not be liable for it. Read the latest version of the privacy policy published by these third parties from time to time or contact them directly to learn more. If you find that webpages or applications created or developed by third parties are at risk, you are advised to terminate relevant operations to protect your legitimate rights and interests.

(II) Descriptions of entrusted processing

We make commitments to you that, when we entrust third parties to process personal data, we will

  1. ask them to conduct entrusted analysis within the scope that we have obtained your consent, unless in a case that does not require your consent;
  2. evaluate the data security ability of the entrusted data processors in advance to ensure that their ability meets the requirements of laws and regulations;
  3. restrain responsibilities and obligations of entrusted data processors through contracts to make them comply with the applicable laws and ask them to comply with our obligations to you no less than our standards;
  4. record and store the entrusted processing of personal data to guarantee your information security as well as the effective access and control of your entrusted processed personal data;
  5. ask entrusted data processors to delete your personal data and destroy all data copies if the entrustment relationship is terminated, or if we delete or anonymize your personal data according to this policy.

(III) Descriptions of sharing

We do not currently process your personal data by sharing. We will only share your personal data for lawful, legitimate and necessary purposes, and the shared parties receiving the data have no right to use the personal data we share for other purposes beyond the scope of this policy.

  1. We will share your personal data necessary to provide you with products and services.

(1) We will learn and review the recipients and implementers of such third parties, the content of personal data to be shared, the sharing time, the purpose of use, and relevant security measures, carry out a personal data security impact assessment in advance, and take effective measures to protect personal data subjects based on the assessment results.

(2) We will record and store correctly the sharing of your personal data, including without limitation the date, scale, purpose and basic information of data recipients, to help you learn about the use and storing of your personal data by data recipients.

(3) We will ensure your effective access to and control of personal data shared with third parties, such as access, correction, deletion and cancellation of App accounts.

  1. We will share your personal data under the mandatory requirements of laws, regulations and regulatory authorities. We may provide your personal data to relevant competent authorities according to applicable laws and regulations, writs or regulations or other legal procedures, administrative or judicial mandatory requirements. Information sharing in such situations does not need your authorization and consent.

(IV) Descriptions of joint control

We will contract with co-controllers to determine personal data security management rules and security incident handling rules, which cannot be lower than applicable legal requirements. Such co-controllers should ensure that they only use your personal data for such purposes described in this policy after obtaining them, always cooperate with you in exercising your rights related to personal data, and delete your personal data after the expiration of relevant purposes described in this policy. We will supervise them.

(V) Descriptions of third parties of other types that access the App

We will contract with third parties of other types that access the App to determine the personal data security responsibilities and the personal data security measures, properly retain contract and management records, and supervise them to strengthen the personal data security management.

V. Particular circumstances under which we provide your personal data to the public

(I) Transfer

Transfer refers to our losing of the controlling right of your personal data and transferee’s gaining of the right. In principle, we will not transfer your personal data to any company, organization or individual. If it is necessary to transfer personal data, we will transfer according to applicable laws and inform you of the transfer purpose, related personal data and transferee’s situations.

There may be situations where we transfer personal data, for example, if with the continuous development of our business, we may enter into transactions such as mergers, acquisitions and asset transfers (we will inform you of the relevant situation according to the User Agreement). If there is a change in the controller of your personal data or sharing or transfer of them, we will inform you of the changes and any choices you may have regarding your personal data. We will also require the new company or organization holding your personal data to be bound by this policy through contracts and other means, otherwise we will further require the company or organization to re-obtain your express consent and continue to protect or require data recipients to protect your personal data in accordance with laws and regulations and standards no lower than those required by this policy.

We will deal with the transfer of your personal data according to the above commitments on sharing, and inform you of the transferee’s name, contact information, transfer purpose, transfer content, and corresponding legal liabilities of the transferee under applicable laws.

(II) Public disclosure

In principle, we will not disclose your personal data. If it is necessary to disclose, we will inform you in advance of the purpose, information type and personal sensitive information that may be involved in this public disclosure, obtain your consent and fulfill relevant obligations according to applicable laws.

IV. How to access and control your personal data

In accordance with applicable laws, regulations, standards of China and common practices of other countries and regions, we guarantee that you can exercise the following rights on your personal data.

(I) Access and update your personal data

You can log into your App account to view the “User data” and “Settings” interfaces, check or modify your submitted personal data, manage your delivery addresses and associated third-party accounts, or make privacy and security settings. However, due to the consideration of security and identity recognition, or the mandatory provisions of laws, you may not be able to modify part of the initial registration information provided by you during registration. If you cannot access or correct your personal data through the above methods, please contact us through the contact information described in Article IX of this policy. We will continue to develop an interface easy for you to operate by yourself. Please look forward to future updates to the App.

(II) Delete your personal data

There are situations in which you may request us to delete personal data, for example, if

  1. our collecting and use of personal data violate laws and regulations;
  2. our handling of personal data violates your agreement. If we decide to respond to your request for deletion, we will also notify entities that have obtained your personal data from us and require them to delete in time, unless otherwise provided by laws or regulations, or if such entities are independently authorized by you. After you delete or we assist you in deleting the information, we may not be able to immediately delete the relevant information from the backup system due to the applicable laws and security technologies, and we will securely retain your personal data and isolate them from any further processing until the backup can be deleted or anonymized.

(III) Change your consent scope or withdraw your consent

You can change your consent scope by asking us to delete your personal data and prohibiting the App from invoking your mobile terminals, and you can set in the App (see “Cancel Your APP Account”) to withdraw consent or authorization. When the above process is completed, we may be unable to provide APP services due to a lack of necessary information.

(IV) Cancel your App account

You can make a request to cancel your App account through the contact information in Article IX of this policy, or according to the process of “App settings - My - Edit - Cancel account”. After canceling your account, some functions of your devices that are not controlled by the App can still be used.

(V) Unbinding the App with your devices

You can delete your devices by pressing “Device card” long on the homepage of the App. After deleting, the information of devices stored on the cloud will be deleted.

(VI) Responding to your above requests

Before we respond to your requests, for security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity and process your requests within fifteen (15) working days after verification. For special situations, we will respond within thirty (30) days or within the time limit prescribed by laws and regulations or provide a reasonable explanation for failure to respond in a timely manner.

There may be situations where we cannot respond your requests under the laws and regulations, for example, if

  1. they are directly related to national security and national defense security;
  2. they are directly related to public security, public health and major public interests;
  3. they are directly related to criminal investigation, prosecution, trial and execution of judgment;
  4. there is sufficient evidence that you have subjective malice or abuse of rights;
  5. serious damage will be caused to the legitimate rights and interests of you or other individuals and organizations;
  6. it is necessary for protecting your or other individuals’ major legitimate rights and interests, such as life and property, but it is difficult to get your authorization and consent;
  7. they are related to commercial secrets;
  8. they are related to the performance of our obligations under laws and regulations.

VII. Special agreement on minors’ personal data

We do value the protection of the personal data of minors. We shall not actively and directly collect personal data from minors. In cases where the personal data of minors are collected with the consent of their guardians, we will only use, share, transfer or disclose them when permitted by law, agreed by guardians or necessary to protect minors. We expect parents or guardians to direct minors to use our services. If you are under the age of 14 or the age of majority in accordance with the laws and regulations of your location, we recommend that you ask your parents or guardians to read this policy and use our services with their consent, provided that please refrain from providing us with any personal data that can identify you personally. If your guardians disagree with your use of our services in accordance with this policy, or if you provide us with information that can identify you personally, please terminate your use of our services immediately and notify us in time so that we can take appropriate measures in accordance with applicable laws.

VIII. Updates to this policy

Our privacy policy may be modified. If the terms in this policy are modified, we shall show you the modified privacy policy in the form of pushing notifications when you log in and the version is updated. Concerning significant modifications (modifications in business functions, outbound status, use purpose, contact information, etc.) or modifications that may increase your liability, we will give a more prominent notice (we will explain the modified contents in this policy with, including without limitation, email, SMS or special reminders on the browsing page). Please note that we will collect, use and store your personal data in accordance with the updated privacy policy only upon your clicking to confirm your agreement with the modifications in this policy.

You can check the lasted version of this policy on the page of “My - Privacy security - Privacy policy” in the App.

IX. How to contact us

If you have any questions, comments or suggestions regarding this policy or your personal data, please contact us in the following methods.

Brand Owner: Mazsa Star Electronics Trading LLC

Office NO:1404,Al Maktoum Road, Deira,Dubai - UAE

Mob: +97156 285 4818

Tel: +971 4 341 88 99

Email: info@mazsatrade.com

Thank you for taking the time to read our privacy policy!

Generally, we will respond within fifteen (15) working days. You could resort to cyberspace affairs authorities, telecommunications authorities, the police and market supervision and administration authorities and other supervision departments for complaints if you are dissatisfied with our replies or if our processing of personal data harms your legal rights.

Annex I. List of third party SDK

[U-APM SDK] Purpose of Use: Application Performance Monitoring Platform U-APM Data Type: Device Information (IMEI/MAC/Android ID/IDFA/OpenUDID/GUID/SIM card IMSI/ICCID etc.) Official website link: https://www.umeng.com/page/policy