Privacy Policy

This document serves to inform you about the manner we process personal data. The document comprehensively addresses information on the processing of personal data while using the Tesla Smart application (hereinafter as the “Application“), whereas the controller of this personal data is the company TESLA Solar, s.r.o., with its registered office at Rubeška 215/1, Vysočany, 190 00 Prague, Company ID: 29046785, entered in the Commercial Register kept at the Municipal Court in Prague under file No. C 162579 (hereinafter as “Controller“). The application will be used by users to manage purchased products, collect data from these products and use the services that each product offers (hereinafter as the “Services”). The processing may take place automatically or manually, we will inform you about the individual methods of processing below.

We take the protection of personal data seriously, and therefore we would like to use this document to transparently acquaint you with the processing of personal data, purposes, storage time and other areas important for the protection of personal data.

In this Privacy Policy we will explain to you:

  • what personal data we will process,
  • how we use the personal data obtained and on what legal basis,
  • who has access to your personal data,
  • period for which we will process your personal data,
  • how we secure your personal data,
  • what are your rights in relation to the protection of your personal data.

In the case you do not understand any part of the text, please do not hesitate to contact us at privacy@teslasmart.com. Terms such as personal data, personal data controller, personal data processing and others may also appear in the text, and for simple explanation we recommend to read the following  handbook published by the Office for Personal Data Protection.

We process all personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (“GDPR”).

1. What personal data we will process

When using the Services or shopping in the E-shop, personal data will be processed. We will always process only the necessary data in connection with the use of the Services or for purchases in the E-shop and only to the extent specified herein. It is up to you whether you provide us with the data in the above cases, but if you do not do so, you will most likely not be able to use all of our Services or make a purchase in the E-shop. Depending on which Services you will use or whether you will order products from our E-shop, we will process the following personal data:

Personal data processed by Controller:

  • Personal data for registration in the Application. In order to create a User Account for you in the Application, where you will be able to manage individual products and use the Services, you will need a User Account. In such a case, we will require your e-mail address and password, or other data obtained during the registration process or during the use of the Application, such as uploaded photos, nicknames, language preferences, information about assigned roles, etc. The manner of using the User Account is governed by the Terms of Use.
  • Personal information that you provide to us and submit when you use the Services. This is your personal data that you provide to us when communicating with us. This includes especially personal data resulting from the Services provided when you contact us (whether via the Application, via chat with support or otherwise), send us requests and suggestions or voluntarily communicate them in connection with the Services used. The following categories of personal data may be included in particular:

    1) Information about assigned roles. In the Application preferences, you may set the assignment of roles to individual devices and thus set the control options for individual products.
    2) User information. In the Application preferences, you may add your own personal data and also let other persons use the Application.

  • Personal Information we collect when you use the Services. We collect information about the products you purchase from us and manner in which you use the Services. Due to the fact that the Application is connected to your products during the use of the Services, the scope of personal data will differ depending on which Services and products you use. Namely, the following personal data may be involved:

    1) Device (product) information and related information – while using the Services and Applications, information may be collected about connected devices, device ID, status, type, model, advertising ID, installed software version information, IP address, MAC address of your device, type of operating system, etc. This data may also be stored automatically or in the background of the Application when the Application is not open.
    2) Information obtained through individual devices (products) – individual products (devices) may collect your personal data, such as videos, information about your movement, special categories of personal data (pressure, heart rate, blood oxygenation) or other data obtained through individual devices (products)). Individual devices (products) may also evaluate the input information and provide us with additional personal data based thereon. This data may also be stored automatically.
    3) Location data – in case of using certain Services or products, your location data may also be stored in real time (such as for the following products: smart watches, GPS trackers, fitness bracelets).
    4) Audio – Certain products may also record audio to utilize their functionality (security cameras, products that are compatible with voice control).
    5) Logs – when using the Services, various logs will be stored, such as frequency of using the device, whether there were any complications during use, how intensively the device is used, etc.

  • Information about your activity in the Application and on the website. When you use our Application and website (www.viha.cz), cookies are stored. We use them to analyse functionality and for customization. When you use our Application or visit our website, we collect information about your behaviour, such as the number of pages visited, length of visit, pages visited, repeat visits, etc. We never associate this information with any of your personal information, such as information you fill in the forms or your IP address. Further information on the use of cookies is provided in Annex A hereto.

The Services are not intended for persons under the age of fifteen (15).

2. For what purposes do we use personal data and on what legal basis

  • We use the personal data that you submit when registering in the Application or subsequently during the use thereof, for the purposes of creating your account, providing functionalities that the Application offers, ensuring functionality of the Application and processing your requirements. The legal basis for such processing is, pursuant to Art. 6 (1) (b) of the GDPR, the necessity for the performance of the Contract, where you are one of the parties. In addition, the legal basis is also our legitimate interest pursuant to Art. 6 (1) (f) of the GDPR, which consists in ensuring the functionality of the application and protection against your claims. We may also use the e-mail address you submitted for the purpose of sending news about the Application, changing functionalities or information on the wording of new conditions. The legal basis may be the performance of the Contract pursuant to Art. 6 (1) (b) of the GDPR, or our legitimate interest pursuant to Art. 6 (1) (f) of the GDPR, in the case of a commercial message consisting of direct marketing.
  • We use the data that you provide (communicate) to us and that we obtain when you use the Services in order to be able to provide you with the Services, to contact you, provide you with information that you have inquired about or that we think may be of interest to you. We also use the data to send you other non-marketing messages, such as information on the current functionality or malfunction of equipment (products) or other information. The legal basis is the fulfilment of mutual contractual obligations pursuant to Art. 6 (1) (b) of the GDPR. We also use the information we collect to send or display commercial messages to you, i.e. to inform you about events, upcoming changes or new products/services that we provide. The legal basis is our legitimate interest pursuant to Art. 6 (1) (f) of the GDPR, which consists of direct marketing. Based on a legitimate interest, we may also use the obtained data for the purpose of correcting errors or analysing other problems that occur during the use of the Services. The legitimate interest consists in improving our Services. In the case of personalized display of advertisement, we will require your explicit consent to the processing of personal data in accordance with Art. 6 (1) (a) of the GDPR, which you grant us for the period of using the Application, or until you revoke it.
  • In the event that the personal data obtained include special categories of personal data within the meaning of Art. 9 of the GDPR, we will process them only on the basis of your express consent pursuant to Art. 6 (1) (a) of the GDPR.
  • We will use the location data to provide the Services in the Application so that the individual functionalities of the products (goods) can be fully used. The legal basis will be your express consent pursuant to Art. 6 (1) (a). (a) of the GDPR, which we obtain so that we can store this data, whereas you know about their storage. Subsequently, this data may also be used in connection with the performance of the Contract and the provision of services pursuant to Art. 6 (1) (b) of the GDPR.
  • We may also use all data submitted by you or obtained through the use of products (equipment) ) for the purpose of evaluating the effectiveness, analysis and other marketing activities, which consist in customizing the Services, personalizing and improving our marketing communication. We will always do so only on the basis of your express consent pursuant to Art. 6 (1) (a) of the GDPR.
  • In addition, we may use all of your data for purposes necessary to meet legal obligations to comply with requests from government agencies and institutions, or to use the data to manage and protect our claims. The legal basis will be the fulfilment of legal obligations pursuant to Art. 6 (1) (c) of the GDPR and our legitimate interest pursuant to Art. 6 (1) (f) of the GDPR, which consists in the protection of own claims.
  • We use the information collected from cookies to improve the user environment and the overall quality of our Services. To this end, we use several third-party services (see Annex A – USE OF COOKIES, including Section 3.2. – Third-party Functions). For example, if we save your language settings, we will be able to show you services in the language you prefer. When displaying customized advertisement, we will not associate an identifier from cookies or similar technologies with your personal information.

If you receive a commercial message from us, you can reject it at any time and it will not affect our other mutual relations. If you are unsure whether consent to receive such messages has been granted or you wish to revoke it, simply send us an e-mail with the appropriate request to privacy@teslasmart.com or to another address from which you received the commercial message from us. Revoking your consent does not affect the lawfulness of processing based on the consent that was granted before it has been revoked.

3. Who has access to your personal data

We only share your personal data with third parties, about whom we inform you herein, and we always try to minimize the number of persons who will have access to your personal data. In the event that we transfer your personal data to third parties, we always do so on the basis of an adequate contract with these parties or on the basis of general conditions, so that we can control how the third parties handle your personal data.

The following recipients may have access to your personal data:

  • controllers personnel who provide development, analysis, and other activities related to the maintenance of the Application,
  • a provider of server, web, cloud or IT services and a company providing support and operation of the Application and individual devices,
  • company providing marketing services,
  • companies Google, Apple a Facebook,
  • state administration bodies in accordance with our legal obligations, in particular the Financial Administration of the Czech Republic or other bodies that request the transfer of personal data.

Personal data may also be stored outside the Czech Republic or the EU. All suitable guarantees for transfer thereof are set forth above. We may also request your consent to share the data in cases where there are no other suitable guarantees for the transfer.

4. Period for which we will process your personal data

We will only process your personal data for the period strictly necessary to fulfil the aforementioned purposes for which they were collected. These needs may vary for different types of data in the context of different products and Services, and therefore the actual retention period may vary significantly. The criteria on the basis of which the retention period is determined include the following:

  • For what period is personal data needed to ensure the Services and to ensure the Company’s functioning? This includes activities such as maintaining and improving the Services, maintaining the security of our systems, and maintaining appropriate business and financial records. This is a general rule, which in most cases forms the basis for determining the retention period.
  • Do you provide us with your data with the expectation that we will retain it until you explicitly want to delete it? If so, we will keep them for this period.
  • Is this personal data sensitive? If so, we will set the shortest possible storage of this data.
  • Have we implemented and announced a specific retention period for a particular data type? If so, we will definitely never exceed it.
  • Have you given your consent to the processing of personal data? If so, we will store the data in accordance with your consent.
  • Do we have legal, contractual or similar obligations to retain data? Examples include laws governing mandatory data retention, government regulations to retain data related to investigations, or data that must be retained for litigation purposes.

Do you have a question about the period for which we keep specific data that you have provided to us or that we have informed you about above? Do not hesitate to contact us at  privacy@teslasmart.com

5. How we secure your personal data

We are aware that securing personal data so that it cannot be misused is our important obligation towards you. Therefore, we strive to effectively use the best possible security measures to prevent misuse or other unauthorized interference with your personal data. As part of our activities, we will do everything in our power to prevent such a security incident, in particular we will regularly train all our employees who come into contact with your personal data on personal data protection, we will recruit and acquaint employees with internal company data regulations governing the protection of your personal data and we will always use only the state-of-the-art technical solutions to secure the processing, such as data encryption, complex passwords and the most appropriate software.

However, in the case that, despite our best efforts, a security incident occurs and this incident could pose a high risk to your rights and freedoms, we will promptly notify you at the provided e-mail address and by posting such information on our website, including all necessary details.

6. What are your rights in relation to the protection of your personal data

You have the following rights in relation to the processing of your personal data carried out by us:

  • the right of access your personal data,
  • the right to correction,
  • the right to erasure (“right to be forgotten”),
  • the right to restrict data processing,
  • the right to object to the processing,
  • the right to data portability,
  • the right not to be subjected to automated decision-making,
  • the right to revoke consent,
  • the right to file a complaint about the processing of personal data.

Your rights are explained below so that you can get a clearer idea of their content.

The right to access means that you can request our confirmation at any time as to whether or not the personal data concerning you are being processed and, if so, for what purposes, to what extent, to whom they are made available, for what period we will process them, whether you have the right to correct, erase, restrict the processing or raise an objection, from where we obtained your personal data, and whether there is an automated decision-making process based on the processing of your personal data, including possible profiling. You are also entitled to obtain a copy of your personal data, while the first provision is free of charge, for the next provision we can demand a reasonable payment of administrative costs, namely in the amount of CZK 100.

The right to correction means that you can ask us at any time to correct or supplement your personal data if it is inaccurate or incomplete.

The right to erasure means that we must erase your personal data in the case (i) they are no longer needed for the purposes for which they were collected or otherwise processed, (ii) the processing is illegal, (iii) you object to the processing and there are no overriding legitimate reasons for processing, (iv) it is subject to a legal obligation or (v) in relation to personal data for which you have given your consent, you revoke such consent.

The right to restrict processing means that until we resolve any disputes regarding the processing of your personal data, we may not process your personal data in any other manner than by storing it and possibly using it only with your consent or for the purpose of determining, enforcing or defending legal claims.

The right to object means that you can object to the processing of your personal data, which we process on the basis of tasks in the public interest, in the exercise of public authority, for direct marketing purposes or for legitimate interest, including profiling based on our legitimate interest. In the event that you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. In the case you object to processing based on other reasons, this objection will be evaluated and we will then inform you whether we have complied with it and will no longer process your data, or that the objection was not justified and processing will continue. In any case, processing will be restricted until the objection is resolved.

The right to portability means that you are entitled to obtain personal data concerning you and provided to us by consent or contract, which are also processed automatically, in a structured, commonly used and machine-readable format, and you are entitled to have this personal data transferred directly to another controller.

The right not to be subjected to automated decision-making means that in the event that a decision made by us is based on an automated decision-making, including profiling, you are entitled to make a decision based on human intervention.

The right to revoke consent means that you can revoke your consent at any time, as follows:

  • By clicking on the link, which is located in the footer of each commercial message that you receive to your registered e-mail or by sending a request to privacy@teslasmart.com

If you have any comments or complaints regarding the protection of personal data or a question about the person responsible for data protection in our company or you exercise any of your rights, please contact our responsible person at privacy@teslasmart.com. We will answer your questions or comments within one month.

Our activities are also supervised by the Office for Personal Data Protection, where you can file a complaint in case of your dissatisfaction. Find out more on the Office’s website at ( www.uoou.cz).

Policy changes

Our Privacy Policy may change from time to time. We will post any changes to our Privacy Policy to https://www.teslasmart.com/privacy-policy and will notify you in more detail if there are any significant changes (by sending an e-mail message to the address specified for the User Account or via the Application). At the same time, we encourage you to periodically review this Privacy Policy for any changes you do not agree with. We are archiving previous versions of this Policy for you to access in the future. These versions are available on the websites listed above.

This Policy is effective from 01. 04. 2021

Annex A
Use of cookies on our website

1. What are cookies

Cookies are small text files that a website stores on your computer or mobile device when you start using the website. This way, the website remembers your preferences and the actions you take on them for a period of time (such as login information, language, font size, and other display preferences), so you do not have to re-submit the information and skip from one website to another.

Our website uses third-party cookies listed below. Our Application stores logs and product information, which we can also use to remember various preferences and actions.

2. Why do we use cookies?

We use cookies for the following purposes:

  • to make our website work as you would expect,
  • acceleration and better security,
  • continuous improvement of our website,
  • to make our marketing more effective (which in turn allows us to provide our Services and products in the best possible condition).

We do not use cookies to:

  • collect any sensitive data,
  • transfer personal data to third parties,
  • get commissions from sales.

You can find out about all the cookies we use below.

3. More information about cookies

3.2 Third-party Functions

All data is collected through our website using the following marketing tools:

Google Analytics and Google Tag Manager

As part of these services, we use the following cookies (the period of their storage is given in parentheses):

  • _ga (730 days) – used to collect anonymous data about how users behave, what sites they visit, and how much time they spend on them,
  • _gid (1 day) – used to collect anonymous data about how users behave, what sites they visit, and how much time they spend on them,
  • _gat (1 minute) – used to limit user requests
  • _gat_gtag (90 days) – used to correctly match each user’s campaigns,
  • _gcl_au (90 days) – used to the correct assignment of campaigns of individual users,
  • _dc_gtm_UA-* (1 minuta) – used to store information about the number of service requests.

A more detailed description of individual cookies, including information on what data this third party may use, can be found at: 
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Exponea

As part of these services, we use the following cookies (the period of their storage is given in parentheses):

  • __exponea_etc__ (7-1095 days) – used to collect anonymous data about how users behave, what sites they visit, and how much time they spend on them,
  • xnpe_[project-token] (1095 days) – used to collect anonymous data about how users behave, what sites they visit, and how much time they spend on them,
  • __exponea_time2__ (60 minutes) – used to inform about the timestamp offset between the browser and server time.

A more detailed description of individual cookies, including information on what data this third party may use, can be found at:
https://docs.exponea.com/docs/cookies-storage

3.2 How to reject the use of cookies

Some functions of our website are based on cookies. Even if you have given your consent to the use of cookies which monitor your behaviour on the website, you can subsequently block their use. In the case you choose to block cookies, you may not be able to log in or use these features, and your cookie-based preferences may be lost. The use of cookies can be set using your Internet browser. Most browsers automatically accept cookies by default. You can use your web browser to reject cookies or set it to use only certain cookies.

You can find information about browsers and how to set preferences for cookies at the following websites:

An effective cookie management tool is also available at
http://www.youronlinechoices.com/