REHAU is pleased that you have decided to use our NEA SMART 2.0 control system. In the following, you will learn how the personal data collected in connection with the use of the system is processed.
What data do we store?
When you use the REHAU app for your NEA SMART 2.0 control system, the data you enter is stored.
We may collect the following data:
- Contact details, e.g. name, address, email address, telephone number
- Data associated with your REHAU account, e.g. name, email address, preferred language
- Payment data, if you use fee-based services or order products from us
- Data associated with your heating/cooling installation, e.g. number of rooms, room names and zones assigned by you, target and actual temperatures, etc.
- Location data for your heating/cooling installation and location of connected mobile devices
- All heating/cooling installations assigned to your REHAU account
- Other REHAU applications assigned to your REHAU account
- Usage data such as time programmes and holiday periods that you specify in the app
- Device data, e.g. about the smartphones, tablets or other devices you use including their type, device ID number, operating system and other services connected to our application; this data may also include the IP address as well as the internet and mobile network provider
- Your feedback on REHAU surveys or any promotional campaigns in which you participate
- Your communication with our support department, e.g. via email, phone or social media
- Contact details for your heating system maker or service partner, if you provide these
Please help us keep your information up to date by informing us of changes to your personal data, in particular your contact details.
What do we use your data for?
We use all data provided by you to offer you the full functionality of the app and the control system. The legal basis for this processing is Art. 6 (1) lit. b GDPR.
You can decide whether to provide us with all the necessary information and thus gain access to the full range of functions.
For example, it is necessary to specify the address in order to be able to display the weather data for the location of the control system. We use your email address to inform you about updates to the system if an automatic update is not possible or not planned in individual cases.
You can decide on an individual basis whether to use the geo-fencing function on each mobile device on which the NEA SMART 2.0 app is installed. If you enable this function, the current location of your mobile device will be determined at regular intervals. Location determination will also be active in the background when the app is closed. The benefit of using this function is that the heating or cooling of your building will be reduced when it is unoccupied. The heating can be automatically activated while you are on your way home, thereby making the functionality of your heating/cooling system even more effective.
Furthermore, the system sends measured values from the device operation to a server. These measured values are processed in order to present you with various evaluations in the app. The evaluations include, for example, history of room temperatures and humidity as well as information on energy savings.
If you include room names in the app, the data will be used to save and reuse settings you have made. This also prevents different family members from making conflicting entries or settings. Other data is also visible in the app to other users of the same heating/cooling installation.
For servicing purposes, you can give our customer service staff, or a service partner commissioned by you, temporary or permanent access to your heating/cooling installation and, in some versions, access to your usage data (including usage history). This person will then have access to any data you have provided.
Your personal data will also be used by us, or marketing companies commissioned by us, to contact you by email, push notification, post or phone for market research purposes. The legal basis for this use is Art. 6 (1) lit. f GDPR. You can object to this future use of your data for advertising purposes at any time.
The data obtained is statistically evaluated within the framework of the safeguarding of legitimate interests and used for the further development and troubleshooting of our products. In the context of this further development, the data will only be used anonymously as far as technically possible.
How can you delete your personal data?
In the same way that you make the personal data available to us, you can also delete the personal data yourself at any time. If you delete your personal data yourself, REHAU will not keep a copy of the deleted personal data. The functions for which the personal data was collected can then no longer be used.
The previous paragraph refers to the personal data entered in the app. If you also want to delete your entire REHAU user account, please contact firstname.lastname@example.org. Please note that deleting your REHAU user account may also affect other REHAU applications, e.g. Re.Guard, to which you would then no longer have access.
Once you have deleted your personal data, we will no longer be able to attribute any stored measurement data to you.
Other processing purposes
REHAU is subject to a number of other legal obligations. In order to fulfil these obligations, we process your data to the required extent and, if necessary, pass them on to the responsible authorities within the framework of statutory reporting obligations. The legal basis for this processing is Art. 6 (1) lit. c GDPR. A corresponding processing takes place further on the basis of commercial and fiscal storage regulations according to the Commercial Code and the Tax Code.
If you have given us such consent or if this is permissible under legitimate interests, REHAU will also use the address to maintain customer relations, e.g. to send you interesting information on new products in the area of Smart Home/Heating Control. In order to better respond to your wishes and to adapt our products to your interests, it may be necessary for us to pass on your data to third parties.
You may object to this processing at any time for reasons arising from your particular situation or revoke your consent at any time without stating reasons.
Name and address of the controller and data protection officer
REHAU Industries SE & Co. KG
Data protection officer: email@example.com
We shall save your personal data only for as long as for the purpose, for which they were intended, required and/or for as long as a storage is ordered legally or within the framework of official regulations. We will delete or block your data as soon as it is no longer required.
Usage data (historical performance data) will be deleted after 24 months at the latest.
Installation data will be deleted no later than 15 years after the end of its use.
Fully anonymised data will not necessarily be deleted.
Furthermore, we will delete or block your data immediately in the event of a revocation of your consent and in the event of a justified objection to the processing.
Planned data transmission to third countries
Data is transferred to branches outside the EEA either on the basis of an adequacy decision by the Commission (Art. 45 (3) GDPR) or on the basis of standard data protection clauses (Art. 46 (2) lit. c GDPR), which contain appropriate guarantees for the data subject.
Disclosing data to third parties
We may also disclose your personal information to third parties outside the REHAU companies to use technical or organisational services that we need to fulfil for the purposes mentioned above or for our other business activities. Our service providers are contractually obliged to process personal data exclusively on our behalf and according to our instructions. We also oblige our service providers to comply with technical and organizational measures that ensure the protection of personal data. If the service providers are located in countries where the applicable laws do not provide for the protection of personal data comparable to European law, we will contractually ensure that the relevant service providers comply with the statutory level of data protection (standard data protection clauses or EU-US Privacy Shield Framework). For more information, please contact our data protection officer.
You have the possibility of verifying the observation of the data protection specifications by REHAU. You have the following rights in this regard:
- Right to information
- Right of access and objection
- Right of correction, deletion and limitation
- Right of data portability
- Right to lodge a complaint with the supervisory authority