Your Swidget Privacy Guide
In this document, we outline how we deal with your privacy, and protect your personal data. To make things easier for you, we have put together a summary below.
Swidget values you and your household’s privacy. We design our products and services with privacy and security at the core.
- We respect your household’s data rights
- You are always in control of your data
- You are the person that benefits from your data
There is a lot of information covered on this page, so we’ve included what we think you would care most about, up front. However, we encourage you to read through this document to learn more about your rights, your choices and how to enact them, and how we manage your personal information.
- We don’t share your personal data with others without your explicit consent
- We don’t store your household data or share it with others without your explicit consent
- We only process data to deliver or improve a service to you
6-677 Innovation Dr.
Kingston, ON K7K 6E7
Essential Cookies – These cookies are necessary to provide users with features and functionality.
|Google Tag Manager||Essential|
Performance and Functionality – These cookies help identify users across different site pages for performance. While not necessary, these cookies enhance functionality of the website.
Stores a unique user ID for live chat.
Used in connection with customer login and shopping cart, respectively.
Analytics and Customization – This information helps show how the website is being used by users, allowing our team to understand if marketing campaigns are effective, and enables enhancements of user experience.
Tracks landing page and Shopify analytics.
Uniquely identify users (2 yrs.), uniquely identify users (24 hrs.).
Advertising and targeting – These cookies are used to control target advertisements to users.
|Facebook Custom Audience||
|Twitter Button||Social Media|
|Google+ Platform||Social Media|
|Twitter Syndication||Social Media|
|Platform and usage||Data|
To store and track visits across websites.
Shopify analytics relating to marketing & referrals (2).
Tracks the usage of services.
Our website has forms to help users get in contact with our team. This is what they look like:
The Contact Us page has a contact form that is linked to the email@example.com mailbox. Its purpose is to facilitate and capture inquiries to allow us to respond quickly and efficiently.
- "Interested In" Drop down
- A section to add a customized message
Our emails are managed by Shopify.
The Swidget website has a virtual assistant that allows the user to enter information. The information given to the chatbot contact form is linked to the firstname.lastname@example.org mailbox. Any information gathered from this form is for the purpose of helping service your request.
- A section to add a customized message
- A place to add optional attachments
Our virtual assistant is managed by Zendesk.
The Swidget website also has a form for signing up for the Swidget Newsletter. The purpose of this form is to gather the necessary contact information to send correspondence.
Our newsletter is managed by MailChimp.
Swidget utilizes third-party processors to help create a better customer experience. These reputable services only process your information in accordance with their respective data-processing agreements. Third party services that Swidget currently uses are listed below:
We use Google to understand our website traffic, and have implemented demographic and interest
analytics. We compile first and third-party identifiers to optimize ad impressions and other ad service
Opt-out of Googles Ad Personalization here. You can find more info about opting out here.
Swidget uses WordPress to manage contact information and email addresses that are submitted in the forms on our website. We receive your:
- Customized Message
Here is how WordPress is protecting your information.
If you use Amazon to buy our products, they collect the necessary information to fulfill your order. To do this, Amazon requires:
- Shipping Address
- Phone Number
If your order is fulfilled by Amazon, then your credit card information and billing address is processed by Amazon Payments, and Swidget never sees your payment information.
More information on how Amazon protects your data can be found here.
We use MailChimp to communicate with our customers. Once we’ve received your consent, this can include sharing new product innovations, offers, and more. Signing up for the Swidget newsletter is completely optional, and consent can be withdrawn at any time. If you sign up, MailChimp asks for the following information:
Here is how MailChimp protects your information.
We use Zendesk to provide you with a better customer service experience. Whether you choose to obtain support via telephone or email, Zendesk allows us to keep track of your support request to ensure that we can quickly resolve your issues. If required, we use Jira to track and resolve product related technical issues. To do this, Zendesk and Jira may collect the following information:
- Time zone
- Operating System Version
- Device Type
- Firmware Version
Our website uses Shopify to help you buy our products. To do so, Shopify collects the following information:
- Marketing Consent
- Order Details
- Tax Exemption Status
Here is how Shopify protects your information.
Your credit card information and billing address is processed by Stripe. Here is more information about how they protect your data. In select order fulfillment cases, your name, address and telephone number will be shared with FBA (Fulfilled by Amazon). Neither Swidget nor Amazon or other third parties will see your payment information.
Your personal information is kept on secured cloud-based servers, accessible by a limited number of employees who have restricted access and are bound to keep the information confidential. We also implement security measures for when a user enters, sends, or accesses their information to ensure the confidentiality of your personal information.
- Swidget implements security best practices as defined by the Center for Internet Security (CIS), NIST and other cybersecurity standards. Vulnerability scanning is performed regularly, and our devices and services undergo external third-party penetration testing.
- As Swidget does not process payments or payment information directly, we are not required to scan to PCI standards.
The Swidget ecosystem uses a combination of edge and cloud computing for delivering the services made available through the Swidget App. Unless you pay for cloud storage via our subscription based premium services, or opt-in to the donation of your anonymized data, Swidget does not store user-identifiable data on its servers, with the exception of the following data that is collected through the Swidget App:
- Network information (storage of network name and password utilizes your phone’s secure network locker)
- Geo Location Data (optionally enabled through mobile device)
- Rules & Definitions
- Energy Cost Rates
Your information is only used for purposes to which you consent.
Sensor data collected and stored on your devices locally can be transmitted and sent to our Cloud-based servers for the purposes of displaying that information via the app on your mobile device. This data is not stored unless you have enabled cloud storage via our paid subscription services, or have opted-in to sharing your anonymized data with us. Your Swidget sensor information is aggregated on your local devices to provide you access to daily or monthly usage averages. Depending on the sensor, the device can collect and store the following information:
- Atmospheric Pressure
- Air Quality
- Occupancy Status
- Power Consumption (Instantaneous & Aggregate)
- On/Off State
- Dimming Value
- Network Status
- Vibration Events
- Light Conditions
Swidget provides you full control over how that data is managed and stored, directly in the Application (on iOS or Android). Privacy settings are made available under the application settings tab, and allow you to specify:
- The duration that data is stored in your devices
- Whether you consent to Swidget to access anonymized data for improving our services
- How your devices share data with third party integrations that you have chosen to use
Swidget uses Amazon Web Services to provide its cloud services. Swidget maintains its cloud systems utilizing the security scanning and software tools made available through AWS. Here is how Swidget and Amazon Web Services is protecting your data.
While we do use third parties to process data on Swidget's behalf, we do not otherwise sell, trade, or transfer your information without your explicit consent.
As we hold ourselves to the highest standards, we strive to adhere to the following policies and legislation:
- California Online Privacy Protection Act (CalOPPA)
- Do Not Track
- Children Online Privacy Protection Act (COPPA)
- CAN-SPAM Act
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- California Consumer Protection Act (CCPA)
- General Data Protection Regulation (GDPR)
In addition to adhering to global regulations, we also find it important for you, as a global citizen, to be aware of your rights. To that end, we have compiled a list of global rights you have in regard to your data privacy and security.
Right to Access
According to GDPR Art. 15 | CCPA 1798.100 | PIPEDA FIP 9
Individuals have the right to access and receive a copy of their personal data, and supplementary information. Must be free, accessible and reasonable.
Right to Correct, Modify, or Rectify
According to GDPR Art. 5(1)(D) & 16 | PIPEDA FIP 9
Individuals have the right to ensure inaccurate personal data is rectified or completed if it is incomplete.
Right to Object
According to GDPR Art. 21
Individuals have the right to object to the processing of their personal data in certain circumstances (e.g., marketing).
Right to Opt-Out
According to CCPA 1798.120
Individuals have the right to opt-out of the sale of personal data.
Right to Delete or Erasure
According to GDPR Art. 17, CCPA 1798.105
Individuals have the right 'to be forgotten.'
Right to the Restriction of Processing
According to GDPR Art. 18 & 19
Individuals can request the 'suppression' of their personal data, where it is stored, but the company cannot use it.
Right to Data Portability
According to GDPR Art. 20, Canada's New Digital Charter
Enables individuals to obtain and reuse their personal data for their own purposes, across different services. Move, copy, or transfer to another IT environment in a secure way, without affecting usability.
Right to be Informed
According to GDPR Art. 13 & 14 | CCPA 1798.110 & 1798.115
Individuals have the right to be informed about the collection and use of their personal data. Your purposes for processing their personal data, your retention periods for that personal data, and with who it will be shared. Inform individuals either at time of collection, or if it is from another source, within one month. Must be brief, transparent, intelligible, easily accessible, and in clean and plain language.
Right to not be Subject to Discrimination
According to CCPA 1798.125
Individuals cannot be discriminated against for enacting their rights granted to the by the CCPA.
Rights Related to Automatic Decision Making
According to GDPR Art. 22
Applies to all automated individual decision-making and profiling.
The privacy guide was last updated February 2022. Future privacy updates will be identified on this webpage.
Information Access Request
To perform a subject access request and see any personal information that Swidget stores, please open the Swidget app.