Privacy Statement for IKEA Home smart System and Application

Thank you for trusting us at IKEA of Sweden AB (“IKEA”, “we”, “us” or “our”) with your personal data. The IKEA vision is to create a better everyday life for the many people. That’s a big job and one that we at IKEA take seriously.

When you use your IKEA Home smart System (the “System”) and control your connected smart products within the System, such as a lamp, via the IKEA Home smart Application (the “Application”), we will process your personal data. We will collect most of your personal data by using cookies and similar technologies. How we do this is described in our text about cookies which you find here.

We commit ourselves to be transparent with you by providing clear information about what personal data we collect; what we do with it and why; who we disclose it to; how we protect personal data and what choices you have regarding the use of your personal data by us and third parties.

In short: Your personal data – for what purposes do we use it?

Of course, you are not required to provide your personal data to us. But if you want to use certain functionalities, as further set out below, in the System and the Application, we will need certain personal data about you to make the System and the Application function in a secure and satisfactory manner. To protect your privacy, we have taken measures to avoid identifying you directly when you use the System and the Application.

Do not hesitate to contact us with any questions you have regarding this Privacy Statement!

Your rights

Residents of some countries have specific rights with respect to the processing of their personal data. Below, we provide a detailed description of data subject rights under the GDPR and information about how to exercise them. In summary, you have the following rights:

Please note that residents of some U.S. states have similar data subject rights under state data protection laws. For more information, please see our U.S. State Supplemental Privacy Notice, available here.

Below you can read more about:
By pressing the selected heading, you will be transferred to the relevant paragraph.

The company responsible for the processing of your personal data and how to contact us

Who do we disclose your personal data to?

Where is your personal data processed?

What are your rights when we process your personal data? Detailed description

A detailed description of how we process your personal data

U.S. State Supplemental Notice

The company responsible for the processing of your personal data and how to contact us

We, IKEA of Sweden AB, with company registration no. 556074-7551, Tulpanvägen 1, 343 34 Älmhult, Sweden are responsible for the processing activities when you use the System and the Application.

If you have questions about our Privacy Statement or practices, please feel free to get in touch. You can contact us at Data.Protection@inter.ikea.com

Who do we disclose your personal data to?

Your personal data is initially collected and processed by us.

Nevertheless, to conduct our business, we need to work with service providers and business partners who will process your personal data. We comply with applicable law with respect to disclosure of your personal data and we take measures make sure your personal data is safe when disclosed to such entities as set out below.

We disclose your personal data to our service providers who process the personal data on our behalf, which means that we remain responsible for the data they are processing. Currently, we disclose your personal data to the following categories of service providers:

We also disclose your data to other business partners, who will be responsible for certain processing of your personal data. These business partners are:

If you have any questions regarding how we disclose your personal data or want to know more about who we disclose your personal data to, please feel free to contact us.

Where is your personal data processed?

Your personal data will in most cases be processed outside of the EU/EEA if the service providers we use are based outside of the EU/EEA.

our personal data will be transferred outside the EU/EEA in the following cases:

In the above situations, the transfers only take place in accordance with applicable data protection legislation, meaning that we will transfer your personal data outside the EU/EEA when we can ensure an appropriate level of protection of your personal data. We will transfer your personal data under the Standard Contractual Clauses (article 46.2 (c) GDPR), Module 1 (controller to controller) and Module 2 (controller to processor) respectively, together with supplementary measures. You can find the Standard Contractual Clauses here.

If you want to know more about what safeguards we implement for transfers of personal data or receive a copy of the safeguards you are always very welcome to contact us.

What are your rights when we process your personal data? Detailed description

You have certain rights that you can exercise to affect how we process your personal data. Below, we provide a more detailed description about those rights below.

If you want to know more about your rights or if you want to exercise any of your rights, please contact us and we will help you.

Please note that residents of some U.S. states have similar data subject rights under state data protection laws. For more information, please see our U.S. State Supplemental Privacy Notice, available here.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR)

You have the right to lodge a complaint with a supervisory authority.

In detail. Your right to complain exists without prejudice to any other administrative or judicial remedy. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state of your habitual residence, place of work, or place where the alleged infringement of applicable data protection laws has allegedly occurred.

Right to withdraw consent (Article 7.3 GDPR)

You have the right to withdraw your consent at any time. This can easily be done in the Application under privacy settings. When you withdraw your consent, it will be done on behalf of all others using the same System as you.

In detail. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to access (Article 15 GDPR)

You have the right to obtain confirmation as to whether we are processing personal data concerning you or not. You can make a request by contacting us. If we do process your personal data, you also have a right to obtain a copy of the personal data processed by us as well as information about our processing of your personal data.

In detail. The information we provide includes the following:

For any further copies of the personal data undergoing processing requested by you, we may charge a reasonable fee based on administrative costs. If you have made the request by electronic means the information will be provided to you in a commonly used electronic form, unless otherwise requested by you.

Right to rectification (Article 16 GDPR)

You have a right to obtain, without undue delay, the rectification of inaccurate personal data concerning you.

In detail. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including the means of providing a supplementary statement.

We will notify each recipient to whom the personal data has been provided of any correction that has been made unless this turns out to be impossible or entails a disproportionate effort. If you want information about these recipients, you are welcome to contact us.

Right to erasure (“the right to be forgotten”) (Article 17 GDPR)

You can at any time ask us to delete some or all of your personal data.

In detail. You have the right to obtain from us the erasure of your personal data and we have the obligation to erase your personal data without undue delay where one of the following grounds applies:

We will notify each recipient to whom the personal data has been provided about any erasure of personal data according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.

Note that our obligation to erase and inform according to the above shall not apply to the extent that processing is necessary according to the following reasons:

Right to restriction of processing (Article 18 GDPR)

You have the right to demand restriction on the processing of your personal data.

In detail. The right applies if:

Where the processing has been restricted according to the above, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defence of legal claims or the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. We will notify you before the restriction of processing is lifted.

We will notify each recipient to whom the personal data has been provided about any restriction of processing according to the above unless this turns out to be impossible or entails a disproportionate effort. If you want more information about these recipients, you are welcome to contact us.

Right to data portability (Article 20 GDPR)

You have the right to receive your personal data from us in a structured, commonly used and machine-readable format and, where technically feasible, have your personal data transferred to another data controller (“data portability”).

In detail. The right applies to our processing of your personal data when it is based on the lawful basis of consent (Article 6.1 (a) GDPR or contract (Article 6.1 (b) GDPR) and the processing is carried out by automated means.

The exercise of the right to data portability shall be without prejudice to the right to be forgotten, Article 17 GDPR.

Your right to data portability shall not adversely affect the rights and freedoms of others.

Right to object (Article 21 GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data that is based on the lawful basis legitimate interest (Article 6.1 (f) GDPR), including profiling.

In detail. If you object, we shall then no longer process the personal data in question, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of you, or for the establishment, exercise, or defence of legal claims.

Balancing of interests’ assessments when processing personal data based on the lawful basis of “legitimate interest”

As we state in the tables below, for some purposes, we process your personal data based on our “legitimate interest”. By carrying out a balancing of interests’ assessment concerning our processing of your personal data, we have concluded that our legitimate interest for the processing outweighs your interests or rights which require the protection of your personal data.

If you want more information in relation to our balancing of interests’ assessments, please do not hesitate to contact us.

A detailed description of how we process your personal data

We are happy that you share your personal data with us! We want to make your experience with us as joyful, meaningful, and simple as possible. To achieve this, we collect some information about you. This section tells you what personal data we collect and process, why we process it, and the lawful basis and storage period for the personal data in question.

For the functionality of the System and the Application

What processing we perform

What personal data we process

Our lawful basis for the processing

To enable you to use the System and the Application and to make sure that the System and the Application work in a satisfying and secure manner we process your personal data to:

  • Enable you to connect your device and smart products to the System and control the System, e.g. identify the actions made by your device in the System.
  • Enable you to use the different functionalities in the Application.
  • Identify where the System is used to find the country origin and the nearest server for you to connect to.

The majority of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

  • IP-address.
  • A country code and time zone based on the Wi-Fi you connect the System to.
  • Information about the different parts of the System, including your device and your smart products, such as information that distinguish your device and smart products (hardware serial number and a unique ID associated with the device or the smart products) from others.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to use the System and the Application, including the different functionalities.

You need to provide the personal data to us, otherwise, you will not be able to use the System and the Application, including the different functionalities.

Gather information to detect problems in the System’s and the Application’s functionality.

This information is essential for us to be able to fix problems we detect in the System’s and the Application’s functionality.

  • IP-address.
  • A country code and time zone based on the Wi-Fi you connect the System to.
  • Information about the different parts of the System, including your device and your smart products, such as information that distinguish your device and smart products (hardware serial number and a unique ID associated with the device or the smart products) from others.
  • Information about your use of the System and the Application and their functions, including how your connected smart products are used.
  • Diagnostic data, e.g. snapshot of the System if an error occurs.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for us to detect and fix problems in the System’s and the Application’s functionality.

You need to provide the personal data to us, otherwise, we will not be able to ensure that the System and the Application, including the different functionalities, will function in a satisfying manner.

Analyse information regarding detected problems in the System’s and the Application’s functionality in order to make improvements. To do this we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website.

This information is essential for us to be able to improve the System’s and the Application’s functionality based on the analyses of detected problems and how the System and the Application are used.

To best ensure your privacy while doing so, we mostly process personal data on an aggregate level. This means that we are able to see a certain pattern of use connected to a certain user of the System and the Application, but not who the user is.

  • Information about your use of the System and the Application and their functions, including how your connected smart products are used.
  • Diagnostic data, e.g. snapshot of the System if an error occurs.

Legitimate interest (Article 6.1 (f) GDPR).

The processing is necessary for purposes of our legitimate interest to be able to detect problems in the System and the Application’s functionality.

Storage period: We will store your personal data for as long as you use the System and the Application, including specific connected smart products. We will however regularly delete such personal data that we no longer need for the functionality of the System and the Application. For example, we delete the IP address after thirty (30) days.

To enable you to control the System via the Application outside your home

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to control the System via the Application from outside of your home, e.g. when not connected to the same Wi-Fi as the System, we process your personal data to identify your device to ensure that it is a part of the System and to enable you to control the System via the Application from outside your home.

Most of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of all technical attributes since they, if connected with other personal data, could constitute personal data.

  • Information about your device, e.g. information about what hardware and device you use and information that distinguishes your device (e.g. hardware serial number and a unique ID associated with the device) from other devices.
  • An encrypted version of your email address in order for you (or the other users in the same System) to know who has access to your System.
  • A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct.
  • The names you have chosen to call the connected smart products in the System, e.g. a lamp.
  • Information about the state of a connected smart product, e.g. if a lamp is on or off.
  • Information about what different actions you take, e.g. if you turn on a lamp, in order to perform such action in the System.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to control the System via the Application from outside your home.

You need to provide the personal data to us, otherwise, you will not be able to control the System via the Application from outside your home.

Storage period: We will store your personal data for as long as you use this feature “control the System via the Application outside of your home”.

To enable you to use and control the System via the Application on multiple devices

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to use and control the System via the Application on multiple devices and to remember your trusted devices connected to System.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

  • Information to identify the System.
  • Randomised ID that distinguishes your device from others.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to control the System via the Application on multiple devices.

You need to provide the personal data to us, otherwise, you will not be able to control the System via the Application on multiple devices.

Storage period: Your personal data will be stored for as long as the Application is installed on your device.

To enable you to save and adjust your favourite scenes

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to create and save a scene, for instance when it comes to connected lamps - to turn on the lights in the bedroom at seven o’clock as per your chosen scene.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

  • Information regarding connected smart products to the System.
  • Settings for the specific scene.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to create and save a scene.

You need to provide the personal data to us, otherwise, you will not be able to create and save such a scene.

Enable you to create and save a scene that will be initiated at sunrise and/or sunset, for instance when it comes to connected lamps - to turn on the lights in the bedroom at sunrise as per your chosen scene.

The majority of these technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

  • Location, i.e. GPS location from the device using the Application.
  • Information regarding connected smart products to the System.
  • Settings for the specific scene.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to create and save a scene.

You need to provide the personal data to us, otherwise, you will not be able to create and save such a scene.

Storage period: Your personal data for as long as you have such scene saved in the System.

To give you support regarding the System and the Application

What processing we perform

What personal data we process

Our lawful basis for the processing

Communicate with you when you contact us related to your usage of the System and the Application, e.g. for support matters.

  • Contact details, e.g. phone number and e-mail address.
  • Information regarding your support matter, e.g. such information you provide us during such support matter and information to identify your System.

Legitimate interest (Article 6.1 (f) GDPR).

The processing is necessary for the purposes of our legitimate interest to provide customer service, i.e. support.

Storage period: We will store your personal data for as long as necessary to perform our support in relation to the System and the Application, however no longer than one (1) year after your support matter has been solved.

To improve the System and the Application, including different functionalities

What processing we perform

What personal data we process

Our lawful basis for the processing

Collect information that is necessary in order to improve the System and different functionalities.

We will collect information about you to acknowledge patterns in how the System and the different functions are used. To best ensure your privacy while doing so, we only process personal data on an aggregate level.

  • IP-address.
  • Geographical location (only on an aggregate level and not exact address).
  • Information regarding how you use the System, e.g. what features you enable in the System as well as your use of the features (e.g. if you turn on a connected lamp).

Consent (Article 6.1 (a) GDPR).

The personal data will be processed based on your consent. When you consent, it will be done on behalf of all others using the same System as you.

You can withdraw such consent at any time in the Application under privacy settings.

The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.

Collect information that is necessary in order to improve the Application and different functionalities. To do this we use the analytic service from Google (i.e. Google Firebase Analytics including Google Analytics). You can find more information on how Google processes your personal data on Google’s website.

This analytics service from Google will collect information about you to acknowledge patterns in how the Application and the different functions are used. To best ensure your privacy while doing so, we only process personal data on an aggregate level.

  • IP-address.
  • Geographical location (only on an aggregate level and not exact address).
  • Information regarding how you use the Application, e.g. what features you enable in the System as well as your use of the features (e.g. if you turn on a connected lamp) and what you click on in the Application.

Consent (Article 6.1 (a) GDPR)

The personal data will be processed based on your consent. When you consent, it will be done on behalf of all others using the same System as you.

You can withdraw such consent at any time in the Application under privacy settings.

The withdrawal of consent does not affect the lawfulness of the processing based on consent before its withdrawal.

Storage period: We will store your personal data for as long as necessary to perform our analysis and further improve the System and the Application and no longer than one (1) year.

Google will continue to store your personal data for its own purposes and Google will inform you separately about such storing.

To notify you about the information that you have required in relation to the System by push notifications

What processing we perform

What personal data we process

Our lawful basis for the processing

Send you push notifications regarding events in the System that you have chosen to get notifications about.

In order to send you such push notifications, we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website.

The information is used to send you push notifications about such events that you have chosen to get notifications about.

  • Information to identify the device which you use the Application on, i.e. a push token.
  • Information to identify the System and a specific connected smart product.
  • Information regarding a specific event that you have chosen to get notifications about.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to receive push notifications essential for the functionality of the connected smart products.

You need to provide the personal data to us, otherwise, you are unable to receive notifications from the System.

Send you push notifications in relation to the maintenance of the System, e.g. low battery in a connected smart product, or when a product is not working.

In order to send you such push notifications, we use services from Google (Google Firebase). You can find more information on how Google processes your personal data on Google’s website.

The information is used to help you detect and solve a problem in the System when it is needed, in order to make the System and the different functionalities work in a satisfying manner.

  • Information to identify the device which you use the Application on, i.e. a push token.
  • Information to identify the System.
  • Information regarding a detected problem in the System, e.g. low battery in a connected smart product or a lamp that is not working.
  • Information regarding the software for the System.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to receive push notifications essential for the functionality of the connected smart products.

You need to provide the personal data to us, otherwise, you are unable to receive notifications from the System.

Storage period: We will store your personal data for as long as you have chosen to receive push notifications regarding the System.

To connect and control the System via your smart products from third parties

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to connect to and control the System via smart products from Google (i.e. Google Home).

We and Google (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

You can find more information on how Google processes your personal data on Google´s website.

  • Information to identify the System.
  • Access token for such smart product from Google (i.e. Google Home).
  • An encrypted version of your email address stated when connecting the smart product from Google (i.e. Google Home).
  • Integration status and timestamp.

When using the “Remote login”:

  • A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Google.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Google.

Enable you to connect to and control the System via smart products from Amazon (i.e. Alexa).

We and Amazon (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

You can find more information on how Amazon processes your personal data on Amazon´s website.

  • Information to identify the System.
  • Access token for such smart product from Amazon (i.e. Alexa).
  • An encrypted version of your email address stated when connecting the smart product from Amazon (i.e. Alexa)
  • Integration status and timestamp.
  • Which region such a smart product from Amazon (i.e. Alexa) is located.

When using the “Remote Login”:

  • A verification code that will be sent to the specified e-mail address to verify that the e-mail address is correct.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Amazon.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Amazon.

Enable you to connect to and control the System via smart products from Apple (i.e. Apple HomeKit).

We and Apple (i.e. the third party provider of such smart product) will process your personal data to authenticate the user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

You can find more information on how Apple processes your personal data on Apple´s website.

  • Information to identify the System.
  • Access token for such smart product from Apple (i.e. Apple HomeKit).

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control the System via such smart product from Apple.

You need to provide the personal data to us, otherwise, you are unable to connect and control the System via such a smart product from Apple.

Storage period: We will store your personal data for as long as such smart product from third parties connected to the System.

To connect the System with your speakers from Sonos

What processing we perform

What personal data we process

Our lawful basis for the processing

Enable you to connect your Sonos speakers to the System and control your Sonos speakers via the Application.

We and Sonos (the provider) will process your personal data in order to make the integration between the System and the Sonos Speakers function, i.e. perform the actions made by your device when you use the Application to control the Sonos speaker.

These technical attributes that we collect are best described as codes and do not reveal your name or other personal data that directly can identify you. However, to be as transparent as possible, we inform you of our processing of these technical attributes since they, if connected with other personal data, could constitute personal data.

You can find more information on how Sonos processes your personal data on Sonos’ website.

  • Information to identify the System.
  • Information to identify such Sonos speaker you want to connect to the System.

Performance of the contract (Article 6.1 (b) GDPR).

The processing is necessary for you to be able to connect and control your Sonos speakers via the Application.

You need to provide the personal data to us, otherwise, you are unable to connect and control your Sonos speakers via the Application.

Storage period: We will store your personal data for as long as such speaker from Sonos is connected to the System.

U.S. State Supplemental Notice

Last Updated: October 1st 2022

Thank you for trusting us at IKEA of Sweden AB (“IKEA”, “we”, “us” or “our”) with your personal data. The IKEA vision is to create a better everyday life for the many people. That’s a big job and one that we at IKEA take seriously.

This notice supplements our Privacy Statement for IKEA Home smart System and Application by providing specific disclosures applicable to residents of certain U.S. states.

A. Residents of Colorado, Connecticut, Utah, and Virginia

In conjunction with our Privacy Statement for IKEA Home smart System, this notice provides information about the categories of personal data we collect and process, our purposes for processing such personal data, the categories of personal data we disclose to third parties, and the categories of third parties to whom we disclose personal data, in relation to the IKEA Home smart System and Application.

We do not sell or share Personal Information to Third Parties or process Personal Information for purposes of targeted advertising, as the terms “sell,” “process,” and “targeted advertising” are defined in Colorado’s, Connecticut’s, Utah’s, and Virginia’s data protection statutes.

Residents of Colorado, Connecticut, Utah, and Virginia have certain rights with respect to the processing of their personal data. To exercise your data subject rights or (for residents of certain states) to appeal our decision regarding your data subject rights, you may contact us at IKEA.RangeSupply.Privacy@inter.ikea.com.

B. Residents of California

This Notice is intended to provide California consumers with meaningful insight into how we may collect and use your personal information, in accordance with the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”).

IKEA does not sell your personal information, share your personal information for cross-context behavioural advertising, or use your sensitive personal information for purposes beyond those authorized by the CPRA.

Collection and Use of Personal Information

CATEGORIES OF PERSONAL INFORMATION

COLLECTION PURPOSES

Identifiers.

Such as a unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.

  • Enable you to use the System and the Application and to make sure that the System and the Application work in a satisfying and secure manner.
  • Enable you to connect your device and smart products to the System and control the System, e.g. identify the actions made by your device in the System.
  • Enable you to control the System via the Application from outside of your home, e.g. when not connected to the same Wi-Fi as the System.
  • Enable you to use and control the System via the Application on multiple devices and to remember your trusted devices connected to the System.
  • Collect information that is necessary in order to improve the System and different functionalities.
  • Send you push notifications regarding events in the System that you have chosen to get notifications about.
  • Authenticate you as a user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Personal Information Contained in Customer Records

Contact data, such as phone number and email address.

  • Communicate with you when you contact us related to your usage of the System and the Application, e.g. for support matters.
  • Authenticate you as a user and make the integration between the System and the smart product in question function, i.e. perform the actions made by you via such smart product.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Commercial Information

Such as records in relation to the Application and the System, including connected smart products from IKEA.

  • Provide, develop, improve, repair, and maintain the Application and the System, including connected smart products from IKEA.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Internet or other electronic network activity information Such as usage history, product settings you utilize, and other interactions with our products.

  • Enable you to create and save a scene, for instance when it comes to connected lamps – to turn on the lights in the bedroom at seven o’clock as per your chosen scene.
  • Collect information that is necessary in order to improve the System and different functionalities.
  • Send you push notifications regarding events in the System that you have chosen to get notifications about.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Geolocation Data

Such as device location.

  • Identify where the System is used to find the country of origin and the nearest server for you to connect to.
  • Enable you to create and save a scene that will be initiated at sunrise and/or sunset, for instance when it comes to connected lamps – to turn on the lights in the bedroom at sunrise as per your chosen scene.
  • Collect information that is necessary in order to improve the System and different functionalities.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Audio, Electronic, Visual, and Similar Information

Such as information about your use of the System and the Application, diagnostic data regarding your System if an error occurs, information regarding your System’s software, and information you provide when you contact us for technical support.

  • Gather information to detect problems in the System’s and the Application’s functionality.
  • Analyze information regarding detected problems in the System’s and the Application’s functionality in order to make improvements.
  • Send you push notifications in relation to the maintenance of the System, e.g. low battery in a connected smart product, when a connected lamp is not working, or a needed update of the software for the System.
  • Otherwise accomplish our business purposes and objectives, including operating and managing our business, maintaining records, conducting research or data analysis, undertaking quality and safety assurance measures, and personalizing our products and services.
  • Comply with laws and regulations, monitor and enforce our policies, and exercise or defense the legal rights of IKEA and our employees, affiliates, customers, contractors, or agents.

Retention Period: We will store your personal information for the storage periods detailed in our Privacy Statement for IKEA Home smart System and Application. The duration for which we retain a specific piece of personal information may depend on the purpose for which we collected it. In general, we will store your personal data for as long as you use the System and the Application, including specific connected smart products. We will however regularly delete such personal data that we no longer need for the functionality of the System and the Application.

Contact Us: If you have questions about our Privacy Statement, U.S. State Supplemental Notice, or our privacy practices, please feel free to get in touch. You can contact us at IKEA.RangeSupply.Privacy@inter.ikea.com