The SleepMapper mobile application ('App') provides you with information and control over your SmartSleep Deep Sleep Headband device and SmartSleep Sleep & Wake-up Light device and other services ('Services'). This Privacy Notice is meant to help you understand our privacy practices when you use our Services, including what data we collect, why we collect it and what we do with it, as well as your individual rights.
SleepMapper uses personal data collected or processed by the SmartSleep Deep Sleep Headband, and SmartSleep Sleep & Wake-up Light device(s) ('Device') and/or the SleepMapper mobile application ('App').
This Privacy Notice applies to personal data collected or processed by the Device and/or the App, which is controlled by or under control of Koninklijke Philips N.V. or any of its affiliates or subsidiaries ('Philips', 'our', 'we' or 'us').
What Personal Data are collected and for which Purposes
We receive or collect personal data, as described in detail below, when we provide our Services, including when you access, download or install the Device or the App, or use our Services. We may use this personal data to perform the Services requested by you as a contractual necessity, to operate, provide, improve, customise, support and market our Services based on our legitimate interest, or to comply with a legal obligation to which we may be subject. If you do not want us to collect and process your personal data, you may not be able to use all the Services provided by the App.
Before we collect sensitive personal data, we will inform you and ask for your explicit consent. The sensitive data collected in the App includes your sleep patterns, sleep metrics such as when you went to sleep; when you wake; your total sleep time; your slow wave activity; tones delivered by the device; duration of tones delivered; your sleep stages; how many times you wake at night and for how long. Additionally, environmental sensor data such as temperature, humidity, light level and sound pressure in the room will be collected if you are using the SmartSleep Sleep & Wake-up Ligh device. You may withdraw your consent at any time, without affecting the lawfulness of processing based on the consent before withdrawing your consent.
Sensitive Personal Data
We ask that you not send us and you not disclose any sensitive personal data (e.g. social insurance numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the App or otherwise to us.
We collect your personal data when you create an account. You may log in to the App using a MyPhilips account or you can create a new Philips account. The personal data we collect include your username, name, email address, country, language and password.
- The data collected are used to create and manage your App account. You can use your account to securely log in to the App. Your account will be used to send you a welcome email to verify your email address, to communicate with you in response to your enquiries, and to send you strictly service-related announcements, for instance, if our service is temporarily suspended for maintenance. Your account will be used to uniquely identify you to provide information related to your use of your device(s) and your sleep data. We will use the device serial number and CTN product number to identify the type of device you use if you call our Customer Care service for product support and questions. We will use your registration information to create and manage your account or register your purchase, or order a product or service.
Other Provided Data
These data include information provided by you. The data that you enter into the App include your gender, birth date (month/year), your average sleep time and your target sleep time.
- The data collected are used to calculate your personalised sleep score. This will help you improve your habits regarding going to sleep, sleeping and waking up, and allow you to make changes to help you achieve your sleep goals and improve your sleeping routine. In measuring your goal progress and by providing information such as when you are going to sleep, sleeping and waking up, recommendations can be provided about how to meet your goals.
We may collect device-specific information when you install, access or use the Device. This includes information about your Device, including the unique user device number. We also collect session and usage data, which are related to your use of the Device.
If you use the SmartSleep Deep Sleep Headband Device, the Device records (sleep patterns, signal and impedance, sleep metrics such as: when you went to sleep, when you wake, your total sleep time, your slow wave activity, tones delivered by the device, duration of tones delivered, your sleep stages, how many times you wake at night and for how long, and syncs it to the App. This data also includes unique user Device number, session and usage data, which are information about your use of the Device.
- The data collected are used to provide you and Philips with information related to your use of the device. The App might use these data to display whether you are achieving improved sleep over time by tracking and visualising your sleep results or to display the environmental data and sleep-related events. Philips uses these data to improve your experience with these products (e.g. quality and functionality) and other Philips products. We also use these data to provide you with relevant tips and to conduct research to develop and enhance your experience with these products and innovate and improve these products.
If you use the SmartSleep Sleep & Wake-up Ligh Device, the Device records device settings and environmental sensor data, such as temperature, humidity, light level and sound pressure, and streams them to the App. These data also include unique user Device number, session and usage data, which are information about your use of the Device(s).
- The data collected record the settings you have enabled such as functions like alarm, relaxed breathing, dusk function (e.g. what time the alarm is set up for, chosen light curve and sound), night light and start bedtime. It also records your environmental sensor data such as temperature, humidity, light level and sound pressure]. SmartSleep Sleep & Wake-up Ligh also tracks your unique User Device number, session and usage data (e.g. light, sound, display and feature usage), firmware updates, Device resets, location, time zone and WiFi signal strengths, which provides information about your use of the Device. The collected data will be synchronised via WiFi with the App and/or other data storage.
When you allow access to location data, we may collect the geographical location of your mobile device. You can block geo-location collection at any time through the settings of your App or mobile device.
- Your device location data will be used to enable Bluetooth services (Android Only).
You may provide us with information related to your use of our Services, including your interaction with Philips and how to contact you, so we can provide you with customer support. We operate and provide our Services, including providing customer support, and improving, fixing and customising our Services. We also use your information to respond to you when you contact us.
We may combine your personal data, including account data, other data provided by you, Device data, cookies, location data, data collected during your interactions emails, apps and connected products, IP address, cookies, device information, communications you click on or tap, and location details. We combine and use anonymised data to help us improve the content, functionality and usability of the App, device(s), our products and services and to develop new products and services.
- We may combine and use anonymised data collected from the device and App and share them with other companies of the Philips Group and with trusted third parties.
- We may combine and use anonymised data to further scientific research related to sleep, for clinical or scientific publication purposes, such as peer-reviewed journals, white papers or professional symposiums, which may be used for product marketing communication purposes.
If you purchase additional Philips connected devices we may combine the data from the devices within the App to improve your sleep experience and App functionality only after we have obtained your consent to do so.
If you opt in to receive promotional communications about Philips products, services, events and promotions that may be relevant to you, we may send you marketing and promotional communications via email. You may opt out and unsubscribe from such communications at any time.
The App may request your permission to access your phone or sensors (e.g. camera, Wi-Fi, geo-location or Bluetooth) or other data (e.g. photos, agenda or contacts) on your mobile device.
- We use such data only when they are needed to provide you the Services and only after you provided your explicit consent. We use time-related data to present your sleep data in alignment with your mobile device.
Sometimes the permission is a technical precondition of the operating systems of your mobile device. In such case, the App may ask your permission to access such sensors or data, however we will not collect such data, except where they are required to provide you the App Service and only after you have provided consent.
With whom are Personal Data shared?
Philips may disclose your personal data to third-party service providers, business partners or other third parties in accordance with this Privacy Notice and/or applicable law.
We work with third-party service providers to help us operate, provide, improve, understand, customise, support and market our Services.
We may share your personal data with the following service providers:
- IT and Cloud Providers
These service providers deliver the necessary hardware, software, networking, storage, transactional services and/or related technology required to run the App or provide the Services.
- Analytics Service Providers
These providers deliver specific services for Adobe Analytics, and Apptentive such as marketing analytics and reporting tools.
Philips requires its service providers to provide an adequate level of protection to your personal data similar to the level that we provide. We require our service providers to process your personal data only in accordance with our instructions and only for the specific purposes mentioned above, to have access to the minimum amount of data they need to deliver a specific service, and to protect the security of your personal data.
Other third parties
Philips may also work with third parties who process your personal data for their own purposes. Please read their privacy notices carefully as they inform about their privacy practices, including what type of personal data they collect, and how they use, process and protect them.
If Philips shares personal data with a third party that uses your personal data for their own purposes, Philips will ensure to inform you and/or obtain your consent in accordance with applicable laws before we share your personal data.
Philips sometimes sells a business or a part of a business to another company. Such a transfer of ownership could include the transfer of your personal data directly related to that business to the purchasing company. All of our rights and obligations under our Privacy Notice are freely assignable by Philips to any of our affiliates, in connection with a merger, acquisition, restructuring, or sale of assets, or by operation of law or otherwise, and we may transfer your personal data to any of our affiliates, successor entities or new owner.
Your personal data may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer (if any) of information to countries outside of your country of residence, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal data.
If you are located in the EEA, your personal data may be transferred to our affiliates or service providers in non-EEA countries that are recognised by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here [http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm]. For transfers from the EEA to countries not considered adequate by the European Commission, such as United States, we have put in place adequate measures, such as our Binding Corporate Rules for Customer, Supplier and Business Partner Data and/or standard contractual clauses adopted by the European Commission to protect your Personal Data. You may obtain a copy of these measures by following the link above or by contacting email@example.com.
How long do we keep your data?
We will retain your personal data for as long as needed or permitted in light of the purpose(s) for which the data are collected. The criteria we use to determine our retention periods include: (i) the length of time you use the App and Services; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Your choices and rights
If you would like to submit a request to access, rectify, erase, restrict or object to the processing of personal data that you have previously provided to us, or if you would like to submit a request to receive an electronic copy of your personal data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at firstname.lastname@example.org. We will respond to your request consistent with applicable law.
In your request, please make clear what personal data you would like to access, rectify, erase or restrict, or to whose processing you would like to object. For your protection, we may only implement requests with respect to the personal data associated with your account, your email address or other account information that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that if you make use of (some of) your choices and rights, you may not be able to use, in whole or in part, our Services anymore.
We protect your personal data
We take seriously our duty to protect the data you entrust to Philips against accidental or unauthorised alteration, loss, misuse, disclosure or access. Philips uses a variety of security technologies and technical and organisational measures to help protect your data. For this purpose, we implement steps including access controls, firewalls and secure protocols.
Special information for parents
While the Services are not directed at children, as defined under applicable law, it is Philips policy to comply with the law when it requires parent or guardian permission before collecting, using or disclosing personal data of children. We are committed to protecting the privacy needs of children and we strongly encourage parents and guardians to take an active role in their children’s online activities and interests.
If a parent or guardian becomes aware that his or her child has provided us with his or her personal data without the consent of that parent or guardian, please contact us at email@example.com. If we become aware that a child has provided us with personal data, we will delete his or her data from our files.
Local specific information: Your California Privacy Rights (US Only)
California Civil Code Section 1798.83 permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please visit our privacy website: http://www.philips.com/a-w/privacy/questions-and-feedback.html
Changes to this Privacy Notice
Our Services may change from time to time without prior notice to you. For this reason, we reserve the right to amend or update this Privacy Notice from time to time. When we update this Privacy Notice, we will also update the date at the top of this Privacy Notice.
We encourage you to regularly review the latest version of this Privacy Notice.
The new Privacy Notice will become effective immediately upon publication. If you do not agree to the revised notice, you should alter your preferences, or consider stopping use of our Services. By continuing to access or make use of our Services after those changes become effective, you acknowledge that you have been informed and agree to the Privacy Notice as amended.
If you have any question about this Privacy Notice or about the way in which Philips uses your personal data, please contact our Data Protection Officer at firstname.lastname@example.org. Alternatively, you have the right to lodge a complaint with a supervisory authority competent for your country or region.
Koninklijke Philips N.V.
High Tech Campus 5