PRIVACY POLICY FOR ADAFRUIT INDUSTRIES MOBILE APPLICATIONS

This privacy policy governs how Adafruit Industries, LLC collects, stores, uses, and discloses information about users of certain Adafruit mobile applications (each, an “Application”). This policy applies to the Bluefruit LE Connect and Circuit Playground applications, along with any other applications that link to this policy. This policy does not apply to websites, applications, or services that display or link to different privacy statements. Bluefruit LE Connect is used to communicate over Bluetooth Low Energy with Adafruit Bluefruit LE modules, or other Bluefruit LE devices.

What information does the Application obtain?

The personal information we collect depends on how you interact with us, the products you use, and the choices you make. We collect and process personal information about you with your consent and/or as necessary to provide the products you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests.

User Provided Information

The Application obtains the information you provide when you use the Applications, this may include (a) your name, email address, age, and other registration information; (b) transaction-related information, such as when you make purchases, respond to any offers, or download or use Applications from us; (c) information you provide us when you contact us for help, and; (d) information you enter into our system when using the Application.

On our Circuit Playground application, you may take photos or videos of your projects and submit them to us together with descriptions.

When you are asked to provide personal information, you may decline. But if you choose not to provide information that is necessary for certain products or features, those products or features may not be available or function correctly.

We may also combine information users provide with data we collect automatically (as further described below).

Automatically Collected Information

In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.  We may use third parties acting on our behalf to collect such information.

Information You Pass from the Bluefruit LE Connect Application to other Devices Using Bluetooth LE

Bluetooth Low Energy functionality requires location services to be enabled on some platforms, since the Bluetooth Low Energy device address can potentially be used for tracking purposes. Location Services may need to be enabled to make use of certain functionality in the Application.

When you use the Application, you may also use GPS technology (or other similar technology) to determine your current location and share it with your connected devices. We do not receive your location or share it with other users or partners, it is only sent from the Application to the applicable connected device when you request it.

If you do not want the Application to use your location for the purposes set forth above, you should avoid using the functionality that collects and transmits location data over Bluetooth Low Energy to connected devices and disable Location Services for the Application.

In addition to location information, you may use the Application to send other types of information (for example, sensor data) to your connected devices.

How We Use Collected Information

We may use your information for the following purposes:

  • To improve customer service
    • Information users provide helps us respond to their customer service requests and support needs.
  • To improve our services
    • We may use feedback users provide to improve our products and services.
    • We may use information in the aggregate to understand how our users as a group use the services and resources provided on our site.
  • To prevent fraud and abuse
    • We may use the information contained in orders to prevent fraudulent financial transactions and other illicit activity or violations of our terms of service.
    • We may use network addresses and similar data to block or report abusive and harassing users. In cases involving potential harm to individuals, we may submit personally identifiable information to law enforcement or other third parties.
  • To send periodic emails
    • We may use the email address to send users information pertaining to their orders and accounts. It may also be used to respond to their inquiries, questions, and other requests.
    • If our users so choose, we may send them emails about products, events, promotions, and offers.

Do third parties see and/or have access to information obtained by the Application?

In certain specific cases, yes. We will share your information with third parties only in the ways that are described in this privacy statement.

We may disclose the information described in this policy:

  • With your consent;
  • For legal, protection, security, and safety purposes. Including to comply with law or regulatory requirements, to respond to lawful requests and legal process, to protect our rights and to protect our network, or in an emergency;
  • For the purposes of a merger, financing, acquisition, or bankruptcy transaction or proceeding involving the sale or transfer of all or substantially all of our business or assets;
  • with our services providers, consultants, and vendors who work on our behalf and need access to your information to do that work;
  • if Adafruit Industries is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our web site of any change in ownership or uses of this information, as well as any choices you may have regarding this information.

We do not sell, trade, or rent users’ personally identifiable information to others. However, we may share aggregate demographic information, that does not identify any individual user, with our business partners or service providers.

How We Protect Your Information

We adopt appropriate practices and security measures designed to protect against unauthorized access, alteration, disclosure, or destruction of personal information. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

Retention of Personal Information

We retain personal information for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, when logging data to Adafruit.io from the Bluefruit LE Connect app, user credentials are collected and submitted to the server for account validation, but never saved or retained.

Location of Personal Information

The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the United States. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps designed to ensure that the data we collect under this statement is processed according to the provisions of this statement and applicable law wherever the data is located.

We transfer personal information from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal information protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en

Information Choices and Changes

Users may send requests to us regarding their information through our contact information below. They can request to change contact choices and to update, access, delete or make other changes regarding their information. We may not honor all such requests unless required by law and in some cases, deletion of your information may cause your Application to stop working.

Our marketing emails tell recipients how to unsubscribe from further marketing emails. After opting out, we may still send non-marketing emails. Non-marketing emails include emails about accounts and orders.

European Data Protection Rights

If the processing of personal information about you is subject to European Union data protection law, you have certain rights with respect to that data:

  • You can request access to, and rectification or erasure of, personal information;
  • If any automated processing of personal information is based on your consent or a contract with you, you have a right to transfer or receive a copy of your personal information in a usable and portable format;
  • If the processing of personal information is based on your consent, you can withdraw consent at any time for future processing; and
  • You can to object to, or obtain a restriction of, the processing of personal information under certain circumstances.

To make such requests, contact us at [email protected]  You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

Children

Our Applications are not directed towards children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected] We will delete such information from our files within a reasonable time as required by applicable law.

Changes

We update this policy in our discretion at any time by posting the amended version here or by providing such notice about or obtaining consent to changes as may be required by applicable law. When we do, we will revise the updated date at the bottom of this page. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the information we collect.

You can check the history of this policy by clicking here.

Contact us

If you have any questions regarding privacy while using the Application, or have questions about our practices, please contact us at:

Adafruit Industries, LLC

150 Varick Street

New York, New York 10013

[email protected]

This document was last updated on May 18, 2018.