Privacy Policy v.1

Date of revision 16^th October 2024

Gigabit IQ, part of Grayshott Gigabit Limited (the ‘Company’) provides infrastructure and data communication services to domestic, business and wholesale clients in a secure and resilient manner, and recognises that data and network security is an integral part of our business performance.

We take protecting and sharing your personal data seriously. See how we will use and share your personal data.

General 5

Use of your data. 6

Personal information: collection and retention. 7

Marketing. 8

Tracking. 8

Sharing. 8

Safety and compliance. 8

Data security. 8

Access to information. 9

Disclosure of information. 9

Cookies. 10

What are Cookies?. 10

Advertising Cookies. 10

Information collection and use. 12

Security. 12

Changes. 12

Appendix. 13

Gigabit IQ Mobile App. 13

How Gigabit IQ Collects Your Information. 13

How Gigabit IQ Uses the Information. 13

Plume Home Pass Mobile App. 14

PERSONAL INFORMATION WE COLLECT. 14
HOW WE USE PERSONAL INFORMATION.. 16
HOW WE DISCLOSE YOUR PERSONAL INFORMATION.. 18
DATA RETENTION.. 18
CHILDREN’S PRIVACY. 19
DATA SECURITY. 19
YOUR RIGHTS AND CHOICES. 19
CROSS-BORDER DATA TRANSFERS. 20
CHANGES TO THIS POLICY. 21
HOW TO CONTACT US. 21

eero Privacy Notice for the United Kingdom (UK) 22

What Personal Information We Collect 23

Disclosure of your Personal Information. 25

Your Choices Regarding Your Personal Information. 27

Safeguarding and retention of your Personal Information. 28

Changes to this Privacy Notice; Terms of Service. 29

Additional Privacy Law Disclosures. 29

Cookie Notice. 30

Privacy Policy

The Company operates in the telecommunications sector.

The Company is committed to respecting and protecting your privacy, to handling the information that we collect from you in a secure and responsible manner and to compliance with to the guidelines published in the United Kingdom Data Protection Act and the General Data Protection Regulation (EU) 2016/679 which are applicable from the 25th May 2018.

Any questions relating to this policy should be sent to yourdata@gigabitiq.com

Please read this privacy policy, which explains how we use your personal information, in particular:

What information is collected from you through our trading website(s) including social media
How the information is used
With whom the information may be shared
How you can correct any inaccuracies in the information

General

Once you choose to provide us with personally identifiable information (any information by which you can be identified), you can be assured that it will only be used to support your customer relationship with The Company.

When you register with The Company website you may be asked for the following details:

Name
Address (both service delivery and billing)
E-mail address

Contact telephone number (s)

Longitude and Latitude coordinates for the service delivery address

We will store your details safely and will not sell or share your details to third parties without your consent. We will only share your information in the way described in this statement.

Use of your data

The Company may pass your data to our service partners, contractors, if you request details about:

Voice over Internet Protocol (VoIP)
Fibre to the premise orders
Other copper line services
Mobile services orders
Gigabit IQ Mobile app services
Plume Homepass app services
Eero app services

The Company may pass your data to the following third parties, especially if there is a legal or statutory requirement:

Data requests received under The Regulation of Investigatory Powers Act 2000, known as RIPA.
Data requests for cases of legal infringement, for example, piracy, copyright infringement.
Government agencies providing grants and or subsidies for your installation.
Employers paying for your service.

If you nominate a third party, such as an IT support Company, or another family member to engage the Company to discuss your account and service then we must have this request in writing clearly stating what personal data and service information we can share with them. We respectfully will decline any and all approaches from anyone other than the account holder without this authority. Authority requests and changes to authorised third party of family members should be made in writing to yourdata@gigabitiq.com

The Company may use your personal details to contact you about news and special offers that we think may be of interest to you as part of the contractual and consent process. If you wish to subsequently amend your consent, please e-mail the Data Manager at yourdata@gigabitiq.com.

Please also use these contact details to let us know if you would like us to delete any information from your records and we will do so at any time.

Personal information: collection and retention

We will only collect sufficient information about you to allow us to communicate with you in an appropriate way. This information will include your name and contact details as appropriate.

The Company uses your information to better understand your needs and provide you with better service. Specifically, we use your information to communicate back to you, to update you on products, service and benefits. We will always give you the opportunity to unsubscribe.

The Company will not sell, rent, or lease your personally identifiable information to others, unless we are required by law. We will also provide you the opportunity to let us know if you do not wish to receive unsolicited communications from us and we will honour such requests.

The use of our website will result in the organisation receiving information from you. This will be used in examples such as viewing services or making online requests for services.

The Company requires this information to provide our online services to book appointments or engineer visits to your service delivery address.

To make an online booking for sales or raising a ticket due to a service delivery issue we require the following;

Customer Name
Customer Business Name (where applicable)
Customer contact details, such as email address, mobile and landline telephone numbers
Customer billing and service address details including LAT/LONGs of service address.

As part of our duty of care we will contact you with reference to necessary engineer visits, network maintenance and telephone based technical support.

The Company may use your personal information for general marketing purposes as part of the contractual or consent process.

If you subsequently wish to amend your consent on general marketing, service and reminders then please request that by sending an email to yourdata@gigabitiq.com or a written request to:

The Data Controller, Gigabit IQ, 1 London Road, Hindhead, GU26 6AB

Please be aware that if you call the Company your calls may be monitored or recorded for training purposes.

If you visit our offices we use CCTV to monitor our premises in this event your image and your vehicle registration can potentially be stored for a period of weeks.

Our data retention periods are reviewed on a regular basis and we will only hold your personal information as long as it deemed relevant for the required service/activity or as required for legal reasons or as stated in any relevant contract that we have in place with you.

If you have registered your personal details with the Company in order to be connected to our network but we were unable to fulfil your order we will retain your details for a maximum of three years. This data will help shape the future growth of our

network and potentially result in you being able to become a subscriber. If you subsequently wish to amend your consent on general marketing, service and reminders then please request that by sending an email to: yourdata@gigabitiq.com or a written request to: The Data Controller, Gigabit IQ, 1 London Road, Hindhead, GU26 6AB

Marketing

The Company will contact you with reference to our duty of care for services delivered OR where there is a contractual requirement for us to do so. If you have agreed to receive marketing from The Company by form of consent you will have the option to select which form of marketing you would like to receive. You may choose to amend your consent to receive such marketing from us and you can do this by sending an email to : yourdata@gigabitiq.com or a written request to: The Data Controller, Gigabit IQ, 1 London Road, Hindhead, GU26 6AB

We encourage you to use these methods to unsubscribe from our marketing services.

If you have agreed to receive marketing from The Company we may inform you of new products available from companies within our organisation or third-party partners.

Tracking

We track your movements on the website to analyse trends and public interest in our products and services to administer the site and gather information for aggregate use. The information we gather in this way is anonymous and is not linked to personal information from which you can be identified.

Sharing

We share information within The Company to offer you the full range of our services, but your personal data is not disclosed to any third parties outside The Company without your consent. If you consent to a credit search with respect to a finance application then we will be required to submit your information outside of the Company. This information will not be used for any other purpose other than to obtain a credit limit, which we will communicate, to you.

Safety and compliance

For warranty and product safety requirements, you may be contacted by The Company. An example would be a manufacture recall of a batch of routers.

Data security

You should be aware that the transmission of information via the internet is not completely secure though we will endeavour to protect your personal data. However, The Company cannot guarantee the security of your data in transit. After receiving your information, The Company will use clear procedures and security measures to try to prevent unauthorised access.

The Company will never ask you to email your bank details, usernames, passwords, or ask you through an email or text for personal banking information.

If you suspect you have become a victim of fraud please report this instance to the police through ‘Action Fraud’ via the website

www.actionfraudpolice.co.uk or by calling 03001 232040. The Company would also recommend contacting the Information and Commissioners Office (ICO) via the website www.ico.gov.uk.

Access to information

You may request a copy of your personal information that the Company holds about you at no cost. If you wish to access or update your personal information please contact The Company by sending an email to yourdata@gigabitiq.com or a written request to: The Data Controller, Gigabit IQ, 1 London Road, Hindhead, GU26 6AB

If you want us to delete any of the personal information the Company holds please request this via email or writing to the above address. However, if your personal information relates to any legal investigation then it may be not be removed.

If there are any concerns that the Company are not using your information in accordance with our processes, and with legal precedence, or you are not satisfied with our response to your data request that are made you can refer to the Information Commissioners Office (ICO) – www.ico.gov.uk

Disclosure of information

The Company may disclose your personal information to other members of our organisation as described above.

The Company may disclose your personal information to other parties in the event of:

If we sell any of our businesses we may disclose your personal information to the prospective buyer of the relevant business.
In the event of a duty of disclosure due to compliance with legal obligation then your personal information may be shared.
To enforce or to comply with our terms and conditions of use for non-compliance.
Data may be shared with other organisations for purposes of fraud protection and credit risk reduction.
In the event of a data cleansing organisation being sourced under contract to ensure accuracy of data information.
In the use of live chat and phone calls your information may be collected and shared with our third-party providers.

Cookies

We use cookies to make this website as useful to you as possible.

Cookies are small text files that we put in your browser to track usage of our site to improve and enhance your web browsing experience but they do not tell us who you are. Absolutely no uniquely identifiable information is stored in any of our cookies.

What are Cookies?

A cookie is a piece of data/text file that is placed in your computer’s memory when you visit a website. The information the cookie contains is set by our website’s server and, depending on the type of cookie, may be used each time you visit our website.

Cookies are widely used to make our website work, or work more efficiently for you as well as to provide companies with information about traffic through our website.

Cookies are designed to remember things that you have done on a website in the past, which can include putting products in your basket, logging in, or clicking on links. This can save you time when you visit a website more than once.

Cookies may also be used to:

To remember your preferences.
To remember your password.
To find out what the website doesn’t do well and make improvements to it in future.
Allow you to share pages with social networks like Facebook.
To make personalised product recommendations, based upon your previous times you’ve visited our website.
Make sure advertising on other websites is relevant to you.
They can also help us to see how many people are visiting our website and which pages are the most popular (see Google Analytics).

Advertising Cookies

Our website uses cookies/advertising IDs for the purpose of advertising. This enables us to show our advertisements to visitors who are interested in our products on partner websites, apps and emails. Re-targeting technologies use your cookies or advertising IDs and display advertisements based on your past browsing behaviour. You can opt-out of interest-based advertising by visiting the Network Advertising Initiative opt out page.

Cookies are not dangerous. They are not computer programs and cannot be used to circulate viruses. They are not used to identify you personally.

Google analytics

This is a behavioural tracking service that shows us what pages people have visited, for how long and in what order. It also tells us whether people are using desktops or mobile devices to view the website, and other helpful information. This data helps us find out what can be improved on the website and how important it is.

List of cookies

Here is a list of the main cookies we use, and what we use them for on our website. You can at any time refuse the use of cookies.

IP Addresses

The additional cookies that run during your session will collate information regarding your computer in the form of server logs including where available your IP addresses, operating system and browser types regarding your systems administration. This is for the purpose of statistical data and disabling cookies ensures that your IP address will not be recorded. You can update your cookie preferences in your browser settings. Please note that disabling cookies will ensure that your IP address will not be recorded. The Company would request that the cookies are accepted, as they are used for:

Customisation of the website layout and content.
Recognition of when a user has visited and how many unique visits are received.
Remembering your preferences and settings.
Recognition of devices so as to not need to provide the same information on visits to the website.
Identification of errors for resolution.
Identification of what is relevant whilst browsing the website.
Collation of statistical and anonymous information around the use of our digital services.
Effectiveness of our website and online message.

Links

The Websites associated with the Company may contain links to and from the websites of our partner networks. In the event of you following these links, these websites will have their own privacy policies, the Company do not accept any responsibility or liability for these policies.

The Company would advise that you check these policies before you submit any personal information to these websites.

Social networks

The Websites associated with the Company may offer you opportunity to share or follow information about the business using third party social networking functionality; share, like or follow buttons.

We offer this functionality in order to generate interest toward our website and services among members of your social networks.

You should be aware that sharing personal information within a social network may result in that being collected by the social network provider. This could result in that information becoming publicly available in internet search engine results.

The Company do no exercise or endorse controls, policies or practices or any third party social network that you may access through our websites.

Please read the privacy policy of any social network with which you may share information with.

Log data

Like many site operators, we collect information that your browser sends whenever you visit our site (“Log Data”). This log data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this.

Information collection and use

While using our site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”).

Security

The security of your personal information is important to us but remember that no method of transmission over the internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security

Changes

Any updates to our privacy policy we will be published onto our website. You should check periodically for any updates. If you are a customer with active services we will also let you know via email as well.

Appendix

Gigabit IQ Mobile App

How Gigabit IQ Collects Your Information

Gigabit IQ collects, and processes information provided directly by you when you install the App and register for an account to use the App. Specifically, this information includes:

Your name, email address, location, phone number.
Browser information and session cookies related to your access and use of the App.
Data insights Gigabit IQ attains based on correlation and analytics of your information collected in providing the App, which may be used in aggregated and dis-aggregated formats or to obtain trend analytics, to provide the App; and
Use of the above-described collected information in aggregated and dis-aggregated formats to enhance our current App or to provide App features.

How Gigabit IQ Uses the Information

Gigabit IQ uses the information collected as described in this Privacy Policy, including personal information, to:

Provide you with the App as described in the Agreement.
Implement, improve and/or enhance the App, including to make future releases available to you.
Carry out Gigabit IQ obligations as described or authorized in the Agreement and this Privacy Policy.
Enforce Gigabit IQ rights arising from the Agreement between you and Gigabit IQ and
Fulfill any other purpose authorized by you and reasonably required for the App.

Plume Home Pass Mobile App

Plume Design, Inc. and its subsidiaries and affiliates (collectively, “Plume”, “we”, “our” or “us”) design products and services that optimize Wi-Fi connectivity and provide visibility and control to connected devices on the Wi-Fi or wired network. This Privacy Policy (“Policy”) explains how we collect, use, share, and safeguard your Personal Information. It also tells you about rights and choices that you may have with respect to your Personal Information, and how you can contact us if you have any questions or concerns.

This Policy applies to the Plume products and services, including our websites, apps, devices and other software or hardware that we may offer, collectively referred to as our “Services”. It applies to the activities for which Plume is a “data controller” which means that Plume decides why and how Personal Information is processed. We may also process Personal Information as a “data processor” when providing services to our business customers. In that context we process Personal Information on their behalf and they determine why and how the Personal Information is processed. To learn more about this processing of Personal Information, please refer to their respective privacy policies, unless you are specifically referred to this Policy.

1. PERSONAL INFORMATION WE COLLECT

We collect Personal Information from various sources, which are described below. For the purpose of this Policy, “Personal Information” means any information relating to any identified or identifiable individual. Where applicable, we will indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide your Personal Information, when requested, you may not be able to benefit from our Services if that information is necessary to provide you with them or if we are legally required to collect it.

A. PERSONAL INFORMATION PROVIDED BY YOU

When you create a Plume account

You must create a Plume account to set up your Plume network. When you create a Plume account, we ask for some Personal Information, including your name and email address. Your email address will be your Plume account username, which you will need to use to log in to your account.

B. INFORMATION COLLECTED VIA AUTOMATED MEANS

When you use Plume Services

To deliver the best Wi-Fi experience, quality of service and security, we automatically collect some information when you use our Services, such as your Plume network at home (“HomePass”) or a Plume network at a small business location (“WorkPass”) such as:

Information about your connected devices. This information includes the type of device you use, operating system version, along with attributes gleaned from its network metadata including (but not limited to) its dynamic host configuration protocol (“DHCP”) fingerprint, hypertext transfer protocol (“HTTP”) user agent information, UPnP and mDNS discovery information, a sampling of domain name system (“DNS”) requests, device hostname, the nicknames given to the device and network access points, the unique addresses of the device and network access points.
Person Profiles. This information includes person profiles, profile nicknames and profile photos to allow us to provide you with a user-friendly view of your connected client devices.
Network topology map. This information depicts the connections between client devices you use and the Plume network access points serving Wi-Fi.
Network and connectivity status. This information indicates the networking addresses of the devices and system used to communicate with Plume and the Internet along with the operating statistics of the Wi-Fi and Internet connections.
Data consumption from your devices, the Internet and Plume system interfaces. This information includes the current and historical data transfer speeds and data amount consumed.
Plume Services statistics and logs. We collect certain information to help us create statistics and optimize our Services. Such information includes your Internet service provider (“ISP”) name and Internet protocol (“IP”) address, ISP speeds and outages, Wi-Fi operating environment, mobility of devices within Plume, and Plume HomePass App usage stats (e.g., number of features used or screen views). We also collect log information such as messages from the Plume pods regarding Plume connected devices, device inventory data, and software and hardware versions.
Safety controls and Internet security features. Safety controls and Internet security features require the monitoring of device network traffic like source and destination traffic headers, IP addresses, ports, size and counts of transferred bytes and packets, applications consumed and DNS requests. If you are using the WiFi of someone while the safety controls and security features are On, note that the user of the Plume HomePass App may link the activity on your device to you, and see in the Plume HomePass App information about your use of the WiFi, such as whether your device is currently connected to the WiFi, how long it has been connected, any blocked domain name that you tried to access, and the time when you tried to access it.
Crash reports. We collect crash reports for the Plume Software, the Plume HomePass App and the Plume WorkPass App. These reports can include information such as the type of crash, the software version you are running and the operating system version of the device running the Plume HomePass or WorkPass App.

When you use HomePass, we may also automatically collect the following information:

Motion at home. We collect this information for the Plume HomePass App. The information collected is regarding disruptions in WiFi waves in the periphery of Plume network access points and devices connected to the Plume network to provide you with visuals of the live motion and motion history in your home.
Digital wellbeing related features. We collect this information for the Plume HomePass App. Digital wellbeing requires collection of device network traffic metadata about time spent online using various Internet applications.

When you use WorkPass, we may also automatically collect the following information:

Captive Portal and Guest Analytics. We collect this information for the Plume WorkPass App from guests of the small business. We may receive guests’ first and last name, email, city, country, year of birth, gender, phone number, profile photo and social media handle to process guest sign-in before Wi-Fi network access is granted and allow the business owner to know who is connecting to the Wi-Fi network at a small business location.

2. HOW WE USE PERSONAL INFORMATION

We process your Personal Information for the following purposes:

To operate and provide you with our Services and fulfill our contract with you, for example if you make a purchase from us or otherwise use our Services. This may include creating your account, verifying your identity, taking payments, communicating with you, providing customer support, arranging the delivery or other provision of products and services, better identifying your devices to more accurately represent your devices in the Plume HomePass App, providing more accurate security threat identification, providing you with more visibility into your distributed network, providing reports that help you better understand your network bandwidth and the devices that are consuming network resources, scheduling network optimizations, firmware updates and internet freeze for your devices, presenting you with live motion visuals and motion history, providing you with visibility and control over time spent by users on various Internet applications, alerting you of malicious Internet locations or websites and content that has been identified as inappropriate in accordance with the content filters set by the Plume HomePass App user, preventing home devices from being hacked, app reporting and analytics, and identifying device behavior that may indicate an anomaly or attack.
To enable our business in accordance with our legitimate interests, in particular:
- we monitor use of our Services and may use your Personal Information to help us analyze, troubleshoot, protect, improve and further develop our Services and other products and services;
- we may send you marketing messages about our or third-party products and services (you may opt out to receiving such messages as set out in section 7 of this Policy);
- we may use your Personal Information to tailor our Services to you;
- we may use your Personal Information to invite you to take part in market research and testing of new features or products and to conduct these activities;
- we may de-identify information collected about your use of our Services to create statistical analysis and aggregated reports to identify trends;
- we may use your Personal Information to prevent fraud (e.g., if you provide a credit or debit card, we may use third parties to check the validity of the sort code, account number and card number you submit); and
- we may monitor any customer account to enforce the Plume Terms of Use and to prevent, investigate and/or report security incidents, crime, fraud or misrepresentation, all in accordance with applicable law.
With your consent, where appropriate or required by applicable law, such as for certain marketing activities and advertising practices.
To comply with applicable laws and protect our business interests and legal rights in connection with legal claims, compliance, regulatory and investigative purposes. For example, we may access, use, preserve, transfer, or disclose, at any time, your Personal Information as reasonably necessary:
To comply with any applicable law, regulation, subpoena, legal process or litigation, or respond to any governmental requests or regulatory investigation and to cooperate with law enforcement, if we believe such action is required or permitted by law;
To enforce this Policy or the Plume Terms of Use including investigating any potential violations;
To protect the safety, integrity, rights, or security of our users, our Services or equipment, or any third party; and
To detect, prevent, or otherwise address fraud, security, or technical issues related to our Services or those of our business customers.
To provide our Services to our business customers, including small business customers, on whose behalf we may process Personal Information. To learn more about the processing of your Personal Information in this context, please refer to the privacy policy of the relevant business customer.

3. HOW WE DISCLOSE YOUR PERSONAL INFORMATION

We may share your Personal Information under the following circumstances described below or otherwise disclosed to you at the time of collection:

With our affiliates and subsidiaries, such as Plume’s entities in the U.S., Poland, Slovenia, Switzerland and Taiwan.
With vendors that we have selected to provide us with services and process some Personal Information on our behalf to operate our Services (e.g., for Internet security and threat protection, motion detection, order fulfillment, email management, payment processing, data analytics, etc.). These companies are contractually obligated to safeguard any Personal Information they receive from us.
We may share Personal Information with third parties with your express, affirmative consent. For example, you may give us permission to share Personal Information with others for marketing uses, authorize a third-party web client or application to access your account, or ask us to share your feedback with a business.
We may share Personal Information with data analytics providers.
If you acquired your Plume product from your Internet service provider, we may share your Personal Information with that Internet service provider.
If we believe that disclosure is reasonably necessary to comply with a law, regulation, valid legal process (e.g., subpoenas or warrants served on us), or governmental or regulatory request, to enforce or apply the Terms of Use, to protect the security or integrity of the Plume Services, and/or to protect the legitimate interests, rights, property, or safety of Plume, its employees, users, or others.
We may share or transfer Personal Information as part of a business deal such as the financing, sale, merger, bankruptcy, sale of assets or reorganization of our company.
We may share Personal Information with our business customers when we process it on their behalf.
We may share Personal Information with other third parties for whom we have obtained your permission to disclose your Personal Information.

We also may de-identify and aggregate your Personal Information to share it with partners and the public in a variety of ways, such as by providing research reports about Wi-Fi usage. When we provide this information, we perform appropriate procedures so that the information does not identify you and we contractually prohibit recipients of the information from trying to re-identify you.

4. DATA RETENTION

We take measures to retain your Personal Information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law. Please note that we have a variety of obligations to retain your Personal Information, including to ensure that transactions can be appropriately processed, settled, refunded or charged-back, to help our service providers handle their obligations, and to comply with laws and regulations. Accordingly, we may retain your Personal Information even after you’ve closed your Plume Account to meet our obligations. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with our Services, the impact on the Services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.

5. CHILDREN’S PRIVACY

Plume’s services are not directed to children, and Plume does not knowingly collect information from children under the age of 13. If you learn that a child has provided us with Personal Information in violation of this Policy, then you may alert us at privacy@plume.com.

6. DATA SECURITY

Plume uses a combination of technical and administrative security controls designed to maintain the security of your Personal Information and protect it against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. We use commercially reasonable physical, administrative, and technological methods to transmit your Personal Information securely and store your Personal Information using Amazon’s Cloud Services. However, as our Services are hosted electronically, Plume can make no guarantees as to the security or privacy of your Personal Information.

7. YOUR RIGHTS AND CHOICES

Depending on your jurisdiction and as otherwise provided by law, you may have certain rights regarding the Personal Information we maintain about you and certain choices about what Personal Information we collect from you, how we use it, and how we communicate with you:

Marketing opt out.You can opt out of receiving regular summaries, contests, giveaways, surveys and promotional emails by following the instructions contained in our marketing communications. Opting out of these promotional emails will not end transmission of administrative services-related emails that are required to use our Services.
Profile settings.You may assign nicknames to your network access points and devices and may create person profiles with profile nicknames and photos. You may assign personal devices to these profiles, using the device network addresses.
Internet security controls.You may configure policies for security protection, schedules, parental controls, or content filters through your settings. You may disable some of these security features for some or all home devices at any time through your settings, which will prohibit the monitoring and collection of device network traffic for this purpose.
Motion detection settings.You can disable the motion detection features that allow you to view live motion and motion history through your settings, in which case we will no longer receive visuals of and information about the live motion around network access points.
Digital wellbeing related features. You can disable the digital wellbeing features for some or all home devices through your settings, in which case we will no longer receive device network traffic metadata about time spent online using various Internet applications.
Account deactivation.You can deactivate your Plume account at any time by contacting Customer Support.
Opt out from cookies.Most Internet browsers automatically accept cookies, but you may be able to change the settings of your browser to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you set your browser to reject cookies, parts of our website may not work for you. Additionally, some of our advertising partners are members of the Network Advertising Initiative or the Digital Advertising Alliance. If you prefer to not receive targeted advertising, you may be able to opt out of some network advertising programs by visiting the Digital Advertising Alliance Opt-Out Page (http://optout.aboutads.info/?c=2&lang=EN) and the Network Advertising Initiative Opt-Out Page (http://optout.networkadvertising.org/?c=1#!/). Please note, depending on your type of device or browser, it may not be possible to delete or disable all cookies and similar technologies on your device. Your selection of the “Do Not Track” option provided by your browser may not have any effect on our collection of cookie information for analytic and internal purposes, as we do not respond to Do Not Track signals.
European Privacy Rights.If you are located in the European Economic Area (“EEA”), Switzerland, or the UK, you are entitled to reach out to us via the contact details in this Policy and ask us for an overview of your Personal Information or ask for a copy of your Personal Information stored in the Plume Cloud. In addition, you may request us to update and correct inaccuracies, delete your Personal Information, restrict processing of your Personal Information, or exercise your right to data portability and to easily transfer your Personal Information to another company. In some cases, you may object to the processing of your Personal Information and where we have asked you for your consent to process your Personal Information, you can withdraw it at any time. We always enjoy hearing from you and appreciate your business. Should you nonetheless have unresolved concerns, you have the right to lodge a complaint with the supervisory authority of your residence, place of work or where the incident took place.

Please note that the rights described above are not absolute, and that your requests cannot always be met entirely. For example, under specific circumstances we may not be able to delete or restrict the processing of your Personal Information as we may have legal obligations or contractual obligations to keep certain information.

We will use commercially reasonable efforts to timely respond to any changes you request. Many such changes are accomplished using batch processing (i.e. collecting a number of similar change requests and making all such changes at once), so the changes may not be immediately effective but may take 30 days or longer. If you require a more immediate change to your Personal Information and are unable to make such a change using the available website resources, please contact us.

8. CROSS-BORDER DATA TRANSFERS

Our Services are hosted and operated in multiple geographic regions. Any Personal Information that we collect may be transferred, accessed and processed outside of your country. If you are located in the EEA, Switzerland, the UK, Canada, or other regions with laws governing the processing of Personal Information that may differ from U.S. law, please note that your Personal Information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information.

We comply with applicable legal requirements providing adequate safeguards for the transfer of Personal Information to countries other than the country where you are located. In particular, we may transfer Personal Information to countries for which adequacy decisions have been issued by the European Commission or use contractual protections for the transfer of Personal Information to third parties, such as the European Commission’s Standard Contractual Clauses. You may contact us to obtain a copy of the safeguards we use to transfer Personal Information outside the EEA, Switzerland, or the UK.

9. CHANGES TO THIS POLICY

Because we’re always innovating and finding new ways to improve the Wi-Fi and in-home digital experience for our users, this Policy may change over time. We will post the new Policy online and we will change the “Last Updated” date. You should consult this Policy regularly for any changes. If we materially change the ways in which we use or share information from or about you or your devices previously collected from you through the Services, we will make reasonable efforts to notify you of the changes by sending a notice to the primary email address provided to us and/or by placing a notice on our Services.

10. HOW TO CONTACT US

The entity responsible for the processing of your Personal Information is Plume Design, Inc., unless we are acting on behalf of one of our business customers. If you have questions or comments about this Policy or our privacy practices, please contact us at privacy@plume.com or at:

eero Privacy Notice for the United Kingdom (UK)

Last updated June 12, 2024

At eero LLC (“eero” or “we”), we know that you care how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly. This Privacy Notice describes how eero processes your Personal Information (as defined below) collected through eero’s easy-to-use wifi and networking systems and related services, which include:

eero Devices: hardware devices manufactured by eero or its affiliates that use eero Software to enable you to create or extend an eero network (a “Network”), and
eero Software: eero device, cloud, and mobile software, and related eero software and services; eero websites such as eero.com and eero.com sub-domains (each, an “eero Site”), the eero mobile and web applications (the “eero App”), and eero subscription services and features.

We refer to all of these together as the “Products.” The Products work together to provide fast, reliable wifi and networking, along with additional useful features and capabilities.

Quick links to our Privacy Promises

What Personal Information We Collect
Use of your Personal Information
Disclosure of your Personal Information
Your Choices Regarding Your Personal Information
Safeguarding and retention of your Personal Information
Changes to this Privacy Notice; Terms of Service
Additional Privacy Law Disclosures
Cookie Notice

What Personal Information We Collect

We will be clear about the Personal Information we collect and how we use it. “Personal Information” means information that allows someone to identify or contact you, including, for example, your name, telephone number, email address, as well as any other information about you that is associated with or linked to any of the foregoing information, and may also include Product Information (as defined below). This Privacy Notice applies to the Personal Information we collect from all users of the Products, which can include:

- Account holders – users who create an account with eero and who may also be:
  - Network Owners – users who are the primary administrative owner of a Network and have an eero Account, or
  - Network Administrators – users who have administrative control over a Network and have an eero Account
- Connected Users – users without an eero Account who connect their device to a Network through a wired or wireless connection
- eero Site visitors – users without an eero Account who visit an eero Site

Information you provide to us

We collect Personal Information that you provide in relation to the Products, such as:

1. - Your first name, last name, email, and telephone number(s) when you create an account to log in to our services (“Account”).
  - Your name, phone number, credit card information, billing information, and shipping information when you order or request Products from eero.
  - Your name, phone number, and/or email address, as well as any other content included in the communication, when you provide us with feedback or contact us via phone, email, or otherwise (for example, for support purposes or when you participate in one of our surveys).
  - Information you enter or settings you apply through the Products (such as your eero App settings, your network settings like SSID and password, or network profile names), where eero has associated this information with your Account.
  - Other Personal Information that you provide to us from time to time, including feedback or testimonials we receive from you on an eero Site or any comments on a blog or forum on an eero Site.

Information collected via our Products

eero Networks do not track where you go on the internet. We automatically collect Product Information when you use or manage the Products (including when you join a Network as a Connected User). “Product Information” means product and performance information to the extent that it is associated with or linked to information that allows someone to identify or contact you, such as:

1. - Information collected about your use of Networks, including:
    - Performance statistics, including network speeds, network Internet service provider (“ISP”), and other eero Device information (e.g., temperature, CPU, memory).
    - Network bandwidth usage statistics (e.g., the volume of data transferred and the protocol of packets).Other general Network information (e.g., MAC addresses for eero Devices and connected devices, IP addresses, device hostnames, firmware data, wifi channel usage information, types of connected devices, the association of devices with a specific network profile, and wifi signals from other wifi systems in the area).
  - Information about your access to Products from your personal device, including through the eero App (e.g., your personal device’s unique device ID number and manufacturer, MAC address, hostname, IP addresses, eero App engagement information, and eero App crash data, including personal device model software version and device carrier).
  - Information about your access to an eero Site (e.g., your personal device’s unique device ID number and manufacturer, your ISP, IP addresses, headers, firmware data, browser type, operating system, eero Site engagement information including clickstream data and which domains you’ve visited on an eero Site, and date/time stamps).

We may use third-party benchmarking companies to collect Product Information to perform speed and other tests that measure the performance of user Networks.

Information from other sources

We might receive Personal Information about you from other sources, such as account contact details from Amazon if you link your eero Account and Amazon account, or a customer account identifier from an ISP if you use a Deployed Device described in Section 3.

Use of your Personal Information

In general, we use your Personal Information to operate, provide, develop, and improve the products and services that we offer. Examples of how we use your Personal Information as a data controller include to:

- Create and secure your Account and identify you as a user of our Products;
- Provide, improve, and troubleshoot the usability, performance, quality, and security of products and services;
- Measure the performance of your internet service;
- Communicate with you, including welcome emails, alerts, reminders, responses to your inquiries, and other notifications to you (e.g., notification that a device has joined your Network), as well as administrative communications, such as security, support, and maintenance emails;
- Tailor our Products to your interests, including performing research and analysis about your use of, or interest in, our Products;
- Manage our business including processing and fulfiling orders; and
- Send newsletters, surveys, offers, and other promotional materials related to our Products and to services made available by third parties and for other marketing purposes of eero.

In addition, we may publish feedback and other content we receive from you (such as testimonials and comments left on our forum) and we may identify you with first and last name and home city. We obtain your express consent prior to posting your last name along with the testimonial, and otherwise we will share your feedback with first name and last initial only. If you make any comments on a blog or forum associated with an eero Site, you should be aware that any Personal Information you submit in such comments can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.

The EU GDPR and UK data protection laws require a legal basis for our use of Personal Information. Our basis varies depending on the specific purpose for which we use Personal Information. We use:

- Performance of a contract when we provide you with Products, or communicate with you about them. This includes when we use your Personal Information to take and handle orders, deliver Products, and process payments.
- Our legitimate business interests and the interests of our customers, including when we improve eero Products, when we detect and prevent fraud and abuse in order to protect the security of our customers, ourselves, or others, and when we share your Product Information and Personal Information with a relevant Service Provider in order to enable the Service Provider to provide you with customer network support and service enhancements or improvements for the eero Device(s) and the services that they provide to you (see below).
- Your consent when we ask for your consent to process your Personal Information for a specific purpose that we communicate to you. When you consent to our processing your Personal Information for a specified purpose, you may withdraw your consent at any time and we will stop processing of your data for that purpose.
- Compliance with a legal obligation when we use your Personal Information to comply with laws.
- These and other legal bases depending on the purpose for which we use Personal Information.

Disclosure of your Personal Information

Information about our customers is an important part of our business, and we are not in the business of selling our customers’ Personal Information to others. We share customers’ Personal Information only as described in this Privacy Notice. We will ask your permission before sharing your Personal Information with third parties in ways not described in this Privacy Notice.

User Direction

We may share or disclose your Personal Information at your direction, such as when you authorise someone (such as a Network Owner or a Network Administrator) to access your Account or when you link your eero Account to a third-party application. We have no control over, do not review, and cannot be responsible for these third parties.

Vendors

We may share your Personal Information with our vendors and other third parties to perform functions on our behalf. Examples include to:

1. - provide you with the Products and technical support, including facilitating Account creation, fulfiling orders, processing credit card payments, or other functions necessary for our business;
  - provide you with additional services through an eero subscription service, including VPN software, anti-virus software, password management software, and other offerings;
  - conduct testing and analyse the performance and use of Networks and the Products; and
  - provide marketing services, including emails about eero products and services.

These third parties have access to Personal Information needed to perform their functions, but may not use it for other purposes.

Service Partners

Certain eero Devices (“Deployed Devices”) are purchased or rented from third party service providers such as ISPs, telecommunications companies, home security system companies, professional audio-visual or network system integrators, or property owners or managers (“Service Partners”). We may share Product Information, such as eero Device model number and firmware version, collected from Deployed Devices (“Deployed Product Information”) and other Personal Information, such as WAN IP address and Network settings, with the associated Service Partner or with their designated third parties, such as a Service Partner’s customer service or broadband network service vendor (“Designated Vendor”). We do this solely to enable that Service Partner to provide you its services and offer customer support and service enhancements to you.

A Service Partner or their Designated Vendor may continue to have access to Deployed Product Information even if the original Service Partner customer no longer continues to receive services from that Service Partner. Please contact customer support using the contact information specified in the “Help” section of the eero App (or via email at privacy@eero.com) to disable the sharing of Deployed Product Information with a Service Partner or their Designated Vendor if (i) you no longer receive services from your Service Partner, but you have purchased or otherwise properly retained and intend to continue using the Deployed Device(s); or (ii) you have sold or otherwise properly transferred ownership or control of the Deployed Device(s) or Network(s) to someone who is not a customer of your Service Partner.

Network Owners and Network Administrators

If you are a Connected User, we may share your Personal Information (e.g., device type and MAC address) with the Network Owner(s) or Network Administrator(s) for a Network you have joined.

Affiliates

We may share some or all of your Personal Information with our affiliates that are either subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice.

Corporate Restructuring

As we and our affiliates continue to develop our business, we might sell or buy other businesses or services. In those transactions, Personal Information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the customer consents otherwise). Also, if eero or substantially all of its assets are acquired, Personal Information would be one of the transferred assets.

Other Disclosures

Regardless of any choices you make regarding your Personal Information (as described below), we may disclose Personal Information if we believe in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on eero or as otherwise permissible by law; (c) to protect or defend the rights, property, or safety of eero, users of the Products, or others; or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Notice, or our Terms of Service.

Your Choices Regarding Your Personal Information

If you choose not to provide us with your Personal Information, we may not be able to provide you with some or all of the Products, or the Products may have reduced functionality.

eero App

You can access certain Personal Information, including your name, email address, phone number, network settings, assigned names and profiles for connected devices, and SSID and password for your Network, in the eero App if you are an Account holder. The eero mobile application also includes settings that provide you with options concerning notifications.

You can stop all collection of information by the eero mobile application by uninstalling the eero mobile application and by unplugging all of your eero Devices. You may use the standard application uninstall processes as may be available as part of your personal device or via the applicable application marketplace.

When you use the eero App, you may grant certain permissions to us for your personal device. Most personal devices provide you with information about enabling or disabling these permissions.

Promotional Communications

We will periodically send Account holders, or eero Site visitors who choose to submit an email address via our eero Site, promotional newsletters and emails as described in this Privacy Notice, subject to your initial “opt-in” consent to the extent required by applicable law.

We provide easy ways to opt-out of marketing emails. All users may decline promotional communications by following the unsubscribe instructions provided in promotional emails, or by contacting us directly (please see below for how to contact eero). Account holders have the option to decline promotional communications from eero by changing your settings in the eero mobile application. Despite your indicated email preferences for promotional messages, we may continue to send you Product-related notifications (such as security updates or subscription renewal notices).

Changing, accessing, or deleting your Personal Information

We aim to ensure that any Personal Information we have collected is accurate, complete, and current as required for the purposes for which the information is used. However, we require your assistance to help us. If we have Personal Information about you that is not accurate, you may correct any of your Personal Information in your Account by editing your profile within your Account or by sending an email to privacy@eero.com. Account holders may also update certain categories of Personal Information by editing the information within the eero App.

You may request a copy of your Personal Information from us, or deletion of your Personal Information by contacting us at privacy@eero.com. Please note that if you are a Network Owner, once your Personal Information is deleted, your eero Devices will automatically reset as access points and you will have to create a new Account and new Network to continue using your eero Devices to provide wifi. Account holders may also initiate account closure and data deletion directly from the eero mobile application.

Please be advised that eero is legally required or entitled to retain some information, such as your order history. We do this in line with applicable laws, including for tax, accounting, and fraud prevention purposes.

If you have any questions, concerns or complaints about our Privacy Notice or our data collection or processing practices, please contact eero Customer Support via email at privacy@eero.com. If you want to report any security concerns to us, click here for our Security team contact information.

In addition, subject to applicable law, you have the right to request access to, correct and delete your Personal Information, and to ask for data portability. You may also object to our processing of your Personal Information or ask that we restrict the processing of your Personal Information in certain instances. If you wish to do any of these things, please contact privacy@eero.com.

Where you consent to the processing of your Personal Information for a specific purpose, you may withdraw that consent at any time and we will cease processing of your information for that purpose.

Our representative in Europe and the UK is Amazon EU SARL.

You can file a complaint with the Information Commissioner’s Office or with another local authority.

Safeguarding and retention of your Personal Information

We design eero devices with your security and privacy in mind to keep your Personal Information safe and protect against unauthorised access.We take reasonable measures to ensure that Personal Information is kept safe from loss or theft, unauthorised access, use, copying, disclosure or modification. Safeguards include physical, organisational, and technical measures appropriate to the sensitivity of the Personal Information.

We only keep Personal Information for as long as it is required for the reasons it was collected or as otherwise legally required or permitted. The length of time we retain information varies, depending on the Product, the nature of the information, and any business or legal requirements. The retention period may extend beyond your relationship with us. When retaining your Personal Information is no longer required or otherwise permitted, the information is either destroyed, deleted, or de-identified.

Changes to this Privacy Notice; Terms of Service

This Privacy Notice may be updated from time to time for any reason. We will notify you of any changes to our Privacy Notice by posting the new Privacy Notice at www.eero.com/legal/privacy and we will change the “Last Updated” date above. You should consult this Privacy Notice regularly for any changes.

If you choose to use the Products, your use and any dispute over privacy is subject to this Privacy Notice and our Terms of Service, including limitations on damages, resolution of disputes, and application of the law of the Grand Duchy of Luxembourg.

Additional Privacy Law Disclosures

International data transfers

By using our Products and providing us with information, you acknowledge that your Personal Information may be collected, processed, and stored by eero or its vendors in the United States and other countries where our or our vendors’ servers reside. Please be aware that the privacy protections and legal requirements in some of these countries, including the rights of authorities to access your personal information, may not be equivalent to those in your country. If you are using Products from or in the European Economic Area or the UK or other regions with laws governing data collection and use that may differ from United States law, you acknowledge the transfer of your Personal Information to the United States and other countries where eero operates. Whenever we transfer the Personal Information of eero customers residing in the European Economic Area or the UK to countries outside of the European Economic Area or the UK in the course of processing and sharing information as set out herein, we will ensure that your Personal Information is transferred in accordance with this Privacy Notice and as permitted by the applicable laws on data protection. We rely on European Commission adequacy decisions or use contracts with standard safeguards published by the European Commission and similar measures under UK laws for such transfers.

Child Privacy Laws

The administration, configuration, and management of the eero Products (such as use of the eero App) and use of an eero Site are intended for adults over the age of 18. If you are under 18, you cannot register yourself for the Products, and you may connect a device to a Network only with involvement of a parent or guardian. We do not require or knowingly collect any information regarding children under the age of 13. If you believe we might have any Personal Information from a child under 13, please contact us at privacy@eero.com.

Controller of Personal Information

eero LLC at 660 Third Street, 4th Floor, San Francisco, CA USA 94107 is the data controller of Personal Information collected and processed through eero Products. The data protection officer for eero can be contacted at the address above or by emailing privacy@eero.com.

Cookie Notice

To enable an eero Site to recognise your browser or device and to provide and improve our Products, we use cookies and other identifiers. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on an eero Site. We also use “Pixel Tags” (also referred to as clear GIFs, web beacons or web bugs). Pixel Tags are tiny graphic images or snippets of code with a unique identifier, similar in function to Cookies. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in web pages. Pixel Tags also allow us to tell whether emails have been opened to ensure that we are sending only messages that are of interest to our users. To learn more about cookies, clear GIFs/web beacons and related technologies, you may wish to visit https://cookiesandyou.com/. Cookies, Pixel Tags and other technology are used to analyse how users use an eero Site and Products, to make an eero Site more useful, to track online movements of web users, and to tailor the experience with us to meet special interests and needs.

We permit third-party advertising partners to use Cookies, Pixel Tags and other technology to collect information about your eero Site browsing activities over time and across different websites when you use our eero Site. For example, we use advertising services provided by third-party ad partners to market our services to you on other websites and online services. Through a process called “retargeting,” each service places a Cookie on your browser when you visit an eero Site so that they can identify you and serve you ads on other sites around the web based on your browsing activity.

If you decide at any time that you no longer wish to accept cookies from an eero Site for any of the purposes described above, then you can manage your Cookie and web browser Pixel Tag settings by (a) going to our Cookie preferences settings on an eero Site (the “Cookie Controls”) or (b) managing the settings on your browser to delete and disable cookies and other tracking/recording tools (“Browser Settings”). You can see approved third parties that use cookies, and manage how they use them, via the Cookie Controls.

We do not currently respond to the “Do Not Track” browser signal in your Browser Settings. To avoid use of information for advertising by third-party ad partners (as described above), you can use the Cookie Controls, or change your Browser Settings to reject cookies or to notify you when cookies are set, and you could select the “Do Not Track” option on your browser, though we have no control over and cannot confirm whether these third party ad parties honor the Do Not Track browser signal. Additionally, many advertising companies are members of the Network Advertising Initiative or Digital Advertising Alliance and/or provide opt-outs on those industry pages. To learn how to opt out of ad network interest-based advertising in the USA, please visit www.aboutads.info/choices, http://www.networkadvertising.org/choices/, and http://preferences-mgr.truste.com/. In the European Union, please visit www.youronlinechoices.eu.

If you do not accept certain cookies, you may not be able to use all portions of the eero Site(s) or all functionality of the eero Site(s). If you have any questions about how to disable or modify cookies, please let us know at the contact information provided above.