Privacy Statement for IKEA Home smart System and Application

Thank you for trusting us at IKEA of Sweden AB (“IKEA”, “we”, “us” or “our”) with your personal data. The IKEA vision is to create a better everyday life for the many people. That’s a big job and one that we at IKEA take seriously.

When you use your IKEA Home smart System (the “System”) and control your connected smart products within the System, such as a lamp, via the IKEA Home smart Application (the “Application”), we will process your personal data. We will collect most of your personal data by using cookies and similar technologies. How we do this is described in our text about cookies which you find here.

We commit ourselves to be transparent with you by providing clear information about what personal data we collect; what we do with it and why; who we disclose it to; how we protect personal data and what choices you have regarding the use of your personal data by us and third parties.

In short: Your personal data – for what purposes do we use it?

make the System and the Application function properly,
enable you to control the System via the Application outside your home,
enable you to control the System via the Application on multiple devices,
enable you to save and adjust your favourite scenes,
give you support regarding the System and the Application,
analyse how the System and the Application are used in order to make improvements based on such information,
send push notifications regarding the System,
enable you to connect the System to smart products from third parties (e.g. Google Home, Alexa, and Apple HomeKit), and
enable you to connect the System to your speakers from Sonos.

Of course, you are not required to provide your personal data to us. But if you want to use certain functionalities, as further set out below, in the System and the Application, we will need certain personal data about you to make the System and the Application function in a secure and satisfactory manner. To protect your privacy, we have taken measures to avoid identifying you directly when you use the System and the Application.

Do not hesitate to contact us with any questions you have regarding this Privacy Statement!

Your rights

Below you will find a detailed description of your rights and how to exercise them. In summary, you have the following rights:

the right to lodge a complaint with a supervisory authority,
the right to withdraw your consent,
the right to access what personal data we process about you,
the right to rectification of any personal data that is inaccurate,
the right to erasure of the personal data we process,
the right to restrict our processing,
the right to data portability, and
the right to object to our processing of your personal data.

Below you can read more about:
By pressing the selected heading, you will be transferred to the relevant paragraph.

The company responsible for the processing of your personal data and how to contact us

Who do we share your personal data with?

Where is your personal data processed?

What are your rights when we process your personal data? Detailed description

A detailed description of how we process your personal data

The company responsible for the processing of your personal data and how to contact us

We, IKEA of Sweden AB, with company registration no. 556074-7551, Tulpanvägen 1, 343 34 Älmhult, Sweden are responsible for the processing activities when you use the System and the Application.

If you have questions about our Privacy Statement or practices, please feel free to get in touch. You can contact us at [email protected]

Who do we share your personal data with?

Your personal data is initially collected and processed by us and we do not sell your personal data.

Nevertheless, to conduct our business, we need to work with service providers and business partners who will process your personal data. We are responsible for any sharing of your personal data and to make sure your personal data is safe when shared with third parties as set out below.

We share your personal data with our service providers who process the personal data on our behalf, which means that we remain responsible for the data they are processing. Currently, we share your personal data with the following categories of service providers:

IT-service providers, e.g. for specific functionalities and hosting, who will process the personal data on our behalf and on our instructions to ensure good and secure IT operations. We only share your personal data with our IT service providers if it is necessary for them to fulfil their obligations towards us according to the contract that we have with them.

We also share your data with other business partners, who will be responsible for certain processing of your personal data. These business partners are:

Google: When you use the System and the Application, and consent to us doing so, we will also share your personal data with Google (Google Analytics) which provides the service that we use to analyse the use of the System and the Application.
OLD ~~Google: When you use the System and the Application, and consent to us doing so, we will also share your personal data with Google (Google~~ ~~Firebase) which provides the~~ ~~service to notify you about a problem or needed update in the System by push notifications~~.
NEW Google: When you use the System and the Application, and you enabled push notifications, we will also share your personal data with Google (Google Firebase) which provides the service to notify you about a problem in the System by push notifications.
Google, Amazon, and Apple: When you connect and control the System via smart products from third parties, such as Google (i.e. Google Home), Amazon (i.e. Alexa), and Apple (i.e. Apple HomeKit) we will share your personal data with these companies in order to make such integration.
Sonos: When you connect your Sonos speaker to the System we will share your personal data with Sonos in order to make such integration.

If you have any questions regarding how we share your personal data or want to know more about who we share your personal data with, please feel free to contact us.

Where is your personal data processed?

Your personal data will in most cases be processed outside of the EEA, Switzerland or UK if the service providers we use are based outside of the EEA, Switzerland or UK. Your personal data will be transferred outside the EEA, Switzerland or UK in the following cases:

If the IT service providers are based outside of the EEA, Switzerland or UK. However, we protect your personal data and reduce the risk of it being transferred outside of the EEA, Switzerland or UK by striving to only store your personal data on the IT service providers’ servers within the EEA, Switzerland or UK.
If you have consented to us using the analytic services from Google (Google Analytics), your personal data will be transferred to the United States since Google is based there. We have pseudonymized your personal data as far as possible to avoid your personal data being transferred outside of the EEA, Switzerland or UK.
If you connect and control the System via smart products from third parties, such as Google, Amazon, and Apple, your data will be processed by those third parties for their own purposes and which may involve your personal data being transferred outside the EEA, Switzerland or UK, including to the United States since these companies are based there.
If you connect your Sonos speaker to the System, your personal data will be transferred to the United States since Sonos (the provider) is based there.

In the above situations, the transfers only take place in accordance with applicable data protection legislation, meaning that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection of your personal data. We will transfer your personal data under the Standard Contractual Clauses (article 46.2 (c) GDPR), Module 1 (controller to controller) and Module 2 (controller to processor) respectively, together with supplementary measures. You can find the Standard Contractual Clauses here.

If you want to know more about what safeguards we implement for transfers of personal data or receive a copy of the safeguards you are always very welcome to contact us.

What are your rights when we process your personal data? Detailed description

You have certain rights that you can exercise to affect how we process your personal data. You can read a more detailed description about those rights below.

If you want to know more about your rights or if you want to exercise any of your rights, please contact us and we will help you.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority.

The supervisory authority in the United Kingdom is the Information Commission’s Officer and you can make a complaint here.

In detail. Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the country of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred.

Right to withdraw consent (Article 7.3 GDPR)

OLD: You have the right to withdraw your consent at any time. This can easily be done in the Application under privacy settings. When you withdraw your consent, it will be done on behalf of all others using the same System as you. Notwithstanding the foregoing, when you withdraw your consent in relation to receiving push notifications regarding the System it will only affect you since such push notifications are sent to your specific device.

NEW You have the right to withdraw your consent at any time. This can easily be done in the Application under privacy settings. When you withdraw your consent, it will be done on behalf of all others using the same System as you.

In detail. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to access (Article 15 GDPR)

You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data.

In detail. The information we provide includes the following:

the purposes of the processing,
the categories of personal data concerned,
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations,
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period,
the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing,
the right to lodge a complaint with a supervisory authority, and
the appropriate safeguards pursuant to Article 46 GDPR relating to the transfer of personal data to a third country.

For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means the information will be provided to you in a commonly used electronic form, unless otherwise requested by you.

Right to rectification (Article 16 GDPR)

You have a right to obtain, without undue delay, the rectification of inaccurate personal data concerning you.

In detail. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including the means of providing a supplementary statement.

We will notify each recipient to whom the personal data has been provided of any correction that has been made unless this turns out to be impossible or entails a disproportionate effort. If you want information about these recipients, you are welcome to contact us.

Right to erasure (“the right to be forgotten”) (Article 17 GDPR)

You can at any time ask us to delete some or all of your personal data.

In detail. You have the right to obtain from us the erasure of your personal data and we have the obligation to erase your personal data without undue delay where one of the following grounds applies:

the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed,
you withdraw your consent and there is no other legal ground for the processing,
you object to the processing pursuant to Article 21.1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21.2 GDPR,
the personal data have been unlawfully processed, or
the personal data have to be erased for compliance with a legal obligation in Union or Member State law that applies to us.

We will notify each recipient to whom the personal data has been provided about any erasure of personal data according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.

Note that our obligation to erase and inform according to the above shall not apply to the extent that processing is necessary according to the following reasons:

for exercising the right of freedom of expression and information,
for compliance with a legal obligation which requires processing by Union or Member State law that applies to us, or
for the establishment, exercise, or defence of legal claims.

Right to restriction of processing (Article 18 GDPR)

You have the right to demand restriction on the processing of your personal data.

In detail. The right applies if:

the accuracy of the personal data is contested by you, during a period enabling us to verify the accuracy of the personal data,
the processing is unlawful, and you oppose the erasure of the personal data and instead request the restriction of the use,
you need the personal data for the establishment, exercise, or defence of legal claims even though we no longer need the personal data for the purposes of the processing, or
you have objected to processing pursuant to Article 21.1 GDPR pending the verification of whether our legitimate grounds override yours.

Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defence of legal claims or the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We will notify you before the restriction of processing is lifted.

We will notify each recipient to whom the personal data has been provided about any restriction of processing according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.

Right to data portability (Article 20 GDPR)

You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and, where technically feasible, have your personal data transferred to another data controller (“data portability”).

In detail. The right applies to our processing of your personal data when it is based on the lawful basis of consent (Article 6.1 (a) GDPR or contract (Article 6.1 (b) GDPR) and the processing is carried out by automated means.

The exercise of the right to data portability shall be without prejudice to the right to be forgotten, Article 17 GDPR.

Your right to data portability shall not adversely affect the rights and freedoms of others.

Right to object (Article 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data that is based on the lawful basis legitimate interest (Article 6.1 (f) GDPR), including profiling.

In detail. If you object, we shall then no longer process the personal data in question, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of you, or for the establishment, exercise, or defence of legal claims.

Balancing of interests’ assessments when processing personal data based on the lawful basis of “legitimate interest”

As we state in the tables below, for some purposes, we process your personal data based on our “legitimate interest”. By carrying out a balancing of interests’ assessment concerning our processing of your personal data, we have concluded that our legitimate interest for the processing outweighs your interests or rights which require the protection of your personal data.

If you want more information in relation to our balancing of interests’ assessments, please do not hesitate to contact us.

A detailed description of how we process your personal data

We are happy that you share your personal data with us! We want to make your experience with us as joyful, meaningful, and simple as possible. To achieve this, we collect some information about you. This section tells you what personal data we collect and process, why we process it, and the lawful basis and storage period for the personal data in question.

For the functionality of the System and the Application
What processing we perform	What personal data we process	Our lawful basis for the processing
To enable you to use the System and the Application and to make sure that the System and the Application work in a satisfying and secure manner we process your personal data to: Enable you to connect your device and smart products to the System and control the System, e.g. identify the actions made by your device in the System. Enable you to use the different functionalities in the Application. Identify where the System is used to find the country origin and the nearest server for you to connect to. The majority of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.	IP-address. A country code and time zone based on the Wi-Fi you connect the System to. Information about the different parts of the System, including your device and your smart products, such as information that distinguish your device and smart products (hardware serial number and a unique ID associated with the device or the smart products) from others.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to use the System and the Application, including the different functionalities. You need to provide the personal data to us, otherwise, you will not be able to use the System and the Application, including the different functionalities.
Gather information to detect problems in the System’s and the Application’s functionality. This information is essential for us to be able to fix problems we detect in the System’s and the Application’s functionality.	IP-address. A country code and time zone based on the Wi-Fi you connect the System to. Information about the different parts of the System, including your device and your smart products, such as information that distinguish your device and smart products (hardware serial number and a unique ID associated with the device or the smart products) from others. Information about your use of the System and the Application and their functions, including how your connected smart products are used. Diagnostic data, e.g. snapshot of the System if an error occurs.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for us to detect and fix problems in the System’s and the Application’s functionality. You need to provide the personal data to us, otherwise, we will not be able to ensure that the System and the Application, including the different functionalities, will function in a satisfying manner.
Analyse information regarding detected problems in the System’s and the Application’s functionality in order to make improvements. To do this we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website. This information is essential for us to be able to improve the System’s and the Application’s functionality based on the analyses of detected problems and how the System and the Application are used. To best ensure your privacy while doing so, we mostly process personal data on an aggregate level. This means that we are able to see a certain pattern of use connected to a certain user of the System and the Application, but not who the user is.	Information about your use of the System and the Application and their functions, including how your connected smart products are used. Diagnostic data, e.g. snapshot of the System if an error occurs.	Legitimate interest (Article 6.1 (f) GDPR). The processing is necessary for purposes of our legitimate interest to be able to detect problems in the System and the Application’s functionality.
Storage period: We will store your personal data for as long as you use the System and the Application, including specific connected smart products. We will however regularly delete such personal data that we no longer need for the functionality of the System and the Application. For example, we delete the IP address after thirty (30) days.

To enable you to control the System via the Application outside your home
What processing we perform	What personal data we process	Our lawful basis for the processing
Enable you to control the System via the Application from outside of your home, e.g. when not connected to the same Wi-Fi as the System, we process your personal data to identify your device to ensure that it is a part of the System and to enable you to control the System via the Application from outside your home. Most of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of all technical attributes since they, if connected with other personal data, could constitute personal data.	Information about your device, e.g. information about what hardware and device you use and information that distinguishes your device (e.g. hardware serial number and a unique ID associated with the device) from other devices. An encrypted version of your email address in order for you (or the other users in the same System) to know who has access to your System. A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct. The names you have chosen to call the connected smart products in the System, e.g. a lamp. Information about the state of a connected smart product, e.g. if a lamp is on or off. Information about what different actions you take, e.g. if you turn on a lamp, in order to perform such action in the System.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to control the System via the Application from outside your home. You need to provide the personal data to us, otherwise, you will not be able to control the System via the Application from outside your home.
Storage period: We will store your personal data for as long as you use this feature “control the System via the Application outside of your home”.

To enable you to use and control the System via the Application on multiple devices
What processing we perform	What personal data we process	Our lawful basis for the processing
Enable you to use and control the System via the Application on multiple devices and to remember your trusted devices connected to System. These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.	Information to identify the System. Randomised ID that distinguishes your device from others.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to control the System via the Application on multiple devices. You need to provide the personal data to us, otherwise, you will not be able to control the System via the Application on multiple devices.
Storage period: Your personal data will be stored for as long as the Application is installed on your device.

To enable you to save and adjust your favourite scenes
What processing we perform	What personal data we process	Our lawful basis for the processing
Enable you to create and save a scene, for instance when it comes to connected lamps - to turn on the lights in the bedroom at seven o’clock as per your chosen scene. These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.	Information regarding connected smart products to the System. Settings for the specific scene.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to create and save a scene. You need to provide the personal data to us, otherwise, you will not be able to create and save such a scene.
Enable you to create and save a scene that will be initiated at sunrise and/or sunset, for instance when it comes to connected lamps - to turn on the lights in the bedroom at sunrise as per your chosen scene. The majority of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.	Location, i.e. GPS location from the device using the Application. Information regarding connected smart products to the System. Settings for the specific scene.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to create and save a scene. You need to provide the personal data to us, otherwise, you will not be able to create and save such a scene.
Storage period: Your personal data for as long as you have such scene saved in the System.

To give you support regarding the System and the Application
What processing we perform	What personal data we process	Our lawful basis for the processing
Communicate with you when you contact us related to your usage of the System and the Application, e.g. for support matters.	Contact details, e.g. phone number and e-mail address. Information regarding your support matter, e.g. such information you provide us during such support matter and information to identify your System.	Legitimate interest (Article 6.1 (f) GDPR). The processing is necessary for the purposes of our legitimate interest to provide customer service, i.e. support.
Storage period: We will store your personal data for as long as necessary to perform our support in relation to the System and the Application, however no longer than one (1) year after your support matter has been solved.

To improve the System and the Application, including different functionalities
What processing we perform	What personal data we process	Our lawful basis for the processing
Collect information that is necessary in order to improve the System and different functionalities. We will collect information about you to acknowledge patterns in how the System and the different functions are used. To best ensure your privacy while doing so, we only process personal data on an aggregate level.	IP-address. Geographical location (only on an aggregate level and not exact address). Information regarding how you use the System, e.g. what features you enable in the System as well as your use of the features (e.g. if you turn on a connected lamp).	Consent (Article 6.1 (a) GDPR). The personal data will be processed based on your consent. When you consent, it will be done on behalf of all others using the same System as you. You can withdraw such consent at any time in the Application under privacy settings. The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.
Collect information that is necessary in order to improve the Application and different functionalities. To do this we use the analytic service from Google (i.e. Google Firebase Analytics including Google Analytics). You can find more information on how Google processes your personal data on Google’s website. This analytics service from Google will collect information about you to acknowledge patterns in how the Application and the different functions are used. To best ensure your privacy while doing so, we only process personal data on an aggregate level.	IP-address. Geographical location (only on an aggregate level and not exact address). Information regarding how you use the Application, e.g. what features you enable in the System as well as your use of the features (e.g. if you turn on a connected lamp) and what you click on in the Application.	Consent (Article 6.1 (a) GDPR) The personal data will be processed based on your consent. When you consent, it will be done on behalf of all others using the same System as you. You can withdraw such consent at any time in the Application under privacy settings. The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.
Storage period: We will store your personal data for as long as necessary to perform our analysis and further improve the System and the Application and no longer than one (1) year. Google will continue to store your personal data for its own purposes and Google will inform you separately about such storing.

To notify you about the information that you have required in relation to the System by push notifications
What processing we perform	What personal data we process	Our lawful basis for the processing
OLD: Send you push notifications regarding events in the System that you have chosen to get notifications about, such as a specific scene was executed e.g. the lamps in the living room was turned on. NEW Send you push notifications regarding events in the System that you have chosen to get notifications about. In order to send you such push notifications, we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website. The information is used to send you push notifications about such events that you have chosen to get notifications about.	Information to identify the device which you use the Application on, i.e. a push token. Information to identify the System and a specific connected smart product. Information regarding a specific event that you have chosen to get notifications about.	OLD: ~~Consent (Article 6.1 (a) GDPR).~~ ~~The personal data will be processed based on your consent.~~ ~~You can withdraw such consent at any time in the Application under privacy settings.~~ ~~The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.~~ NEW Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to receive push notifications essential for the functionality of the connected smart products. You need to provide the personal data to us, otherwise, you are unable to receive notifications from the System.
OLD: Send you push notifications in relation to the maintenance of the System, e.g. low battery in a connected smart product, when a connected lamp is not working, or a needed update of the software for the System. NEW Send you push notifications in relation to the maintenance of the System, e.g. low battery in a connected smart product, or when a product is not working. In order to send you such push notifications, we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website. OLD: The information is used to help you detect and solve a problem in the System and ensure that you update the software for the System when it is needed, in order to make the System and the different functionalities work in a satisfying manner. NEW The information is used to help you detect and solve a problem in the System when it is needed, in order to make the System and the different functionalities work in a satisfying manner.	Information to identify the device which you use the Application on, i.e. a push token. Information to identify the System. Information regarding a detected problem in the System, e.g. low battery in a connected smart product or a lamp that is not working. Information regarding the software for the System.	OLD: ~~Consent (Article 6.1 (a) GDPR).~~ ~~The personal data will be processed based on your consent.~~ ~~You can withdraw such consent at any time in the Application under privacy settings.~~ ~~The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.~~ NEW Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to receive push notifications essential for the functionality of the connected smart products. You need to provide the personal data to us, otherwise, you are unable to receive notifications from the System.
Storage period: We will store your personal data for as long as you have chosen to receive push notifications regarding the System.

To connect and control the System via your smart products from third parties

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to connect to and control the System via smart products from Google (i.e. Google Home).

We and Google (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

You can find more information on how Google processes your personal data on Google´s website.

Information to identify the System.
Access token for such smart product from Google (i.e. Google Home).
An encrypted version of your email address stated when connecting the smart product from Google (i.e. Google Home).
Integration status and timestamp.

When using the “Remote login”:

A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Google.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Google.

Enable you to connect to and control the System via smart products from Amazon (i.e. Alexa).

We and Amazon (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

You can find more information on how Amazon processes your personal data on Amazon´s website.

Information to identify the System.
Access token for such smart product from Amazon (i.e. Alexa).
An encrypted version of your email address stated when connecting the smart product from Amazon (i.e. Alexa)
Integration status and timestamp.
Which region such a smart product from Amazon (i.e. Alexa) is located.

When using the “Remote Login”:

A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Amazon.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Amazon.

Enable you to connect to and control the System via smart products from Apple (i.e. Apple HomeKit).

We and Apple (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

You can find more information on how Apple processes your personal data on Apple´s website.

Information to identify the System.
Access token for such smart product from Apple (i.e. Apple HomeKit).

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Apple.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Apple.

Storage period: We will store your personal data for as long as such smart product from third parties connected to the System.

To connect the System with your speakers from Sonos
What processing we perform	What personal data we process	Our lawful basis for the processing
Enable you to connect your Sonos speakers to the System and control your Sonos speakers via the Application. We and Sonos (the provider) will process your personal data in order to make the integration between the System and the Sonos Speakers function, i.e. perform the actions made by your device when you use the Application to control the Sonos speaker. These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data. You can find more information on how Sonos processes your personal data on Sonos’ website.	Information to identify the System. Information to identify such Sonos speaker you want to connect to the System.	Performance of the contract (Article 6.1 (b) GDPR). The processing is necessary for you to be able to connect and control your Sonos speakers via the Application. You need to provide the personal data to us, otherwise, you are unable to connect and control your Sonos speakers via the Application.
Storage period: We will store your personal data for as long as such speaker from Sonos is connected to the System.

To notify you about the information that you have required in relation to the System by push notifications