Last updated: January 2024 – see previous versions
WiZ PRIVACY NOTICE
This Privacy Notice will help you understand who we are, what personal data we collect about you, why we collect it and what we do with it. When you use our products and services or when you interact with us, we may be processing your personal data.
Our approach to respecting your privacy is based on the following principles:
• We do not sell your personal data.
• We only collect the personal data that we need, when we need it and for as long as we need it.
• We are transparent and offer you meaningful choices.
WHO ARE WE?
Signify is the company that develops WiZ products and services under the WiZ brand. Signify is a global lighting organisation with recognised expertise in the development, manufacturing and application of innovative lighting products, systems and services.
When this Privacy Notice mentions “we” or “us”, it refers to the Data Controller; the Signify affiliate with which you had, have, or will have a relationship or that otherwise decides which of your personal data are collected and how they are used, as well as Signify Netherlands B.V. (Registration number 17061150 - High Tech Campus 48, 5656 AE, Eindhoven, the Netherlands). Please note that the Signify affiliates include the subsidiary companies in which Signify N.V. has control, either through direct or indirect ownership.
We protect your personal data in line with our Binding Corporate Rules (“Signify Privacy Rules”).
WHEN DOES THIS PRIVACY NOTICE APPLY?
This Privacy Notice covers the personal data processed in your interaction with WiZ and its products and services. For example, it covers the following:
• when you visit or use our websites, applications or social media channels.
• when you buy our products or services directly from our WiZ web shop.
• when you use a WiZ product, service or application.
• when you subscribe to our marketing communications or marketing initiatives.
• when you contact or interact with our consumer care team.
• when you sign up for a WiZ Beta Programme.
• when you use WiZ for Business.
If you have a direct relationship with us but do not fall within the scope of this WiZ Privacy Notice, your personal data will be governed by a different Signify Privacy Notice which is accessible in our Signify Privacy Centre.
This Privacy Notice only applies to you in case we are the Data Controller for the processing of your personal data. In case we are acting as a Data Processor, the Privacy Notice of the Data Controller will govern the processing of your personal data.
Please keep in mind that since we are an international company, this Privacy Notice may be replaced or supplemented to fulfil local legal requirements, as well as to provide you with additional information on how we process your personal data through specific WiZ products, services, systems or applications.
WHAT TYPES OF PERSONAL DATA DO WE COLLECT?
Depending on how you interact with us and what products or services you use, or how you use them, we process different personal data about you.
IF YOU USE OUR WiZ PRODUCTS OR SERVICES
IF YOU PURCHASE A PRODUCT OR SERVICE FROM US
Data source | Personal data being used |
Purchase and return pages | Product or service subscription information, order information such as contact details, shipment and invoice address, invoice information and history, and payment status. We do not capture, store or have access to any banking or credit card information other than the general payment status (payment successful, payment declined or payment on hold). If applicable, we also process return or exchange information. |
IF YOU INTERACT WITH US
HOW DO WE USE YOUR PERSONAL DATA?
We use your personal data to provide you with a secure, reliable and personalised experience with our WiZ products and services. We may also improve our products based on your feedback, provide customer support or engage in personalised marketing communications, amongst others.
Purposes | Examples |
Providing the service, conclusion and execution of agreements | • This purpose includes the use of personal data in connection with the conclusion and execution of agreements with you and includes activities such as sales, billing (incl. settlement of payment transactions), shipment of products or services, registration on mobile applications or websites, warranty, transactional, service or legal communications, account management, as well as the provision of essential product functionalities. • Processing your personal data when requested or consented by you. |
Providing personalised support including replying to a query | • This purpose includes providing personalised support via communication channels, such as consumer care. You may be able to call, chat or send us messages via social networks. |
Relationship management, personalised communications and (direct) marketing | • This purpose includes the use of personal data in connection with activities such as maintaining and promoting contact, external communications, account management, product recalls, execution and analysis of market surveys and marketing strategies, and the execution of direct marketing communications. • Providing a personalised experience by presenting products and offers tailored to your preferences, interests or profile through personalised emails, messages or ads, which are presented through different digital touchpoints such as email, our mobile applications or social media channels. |
Product and service personalisation | • This purpose includes personalising our products, services and functionalities by tailoring them to your preferences and interests (such as personalisation on our websites or applications). |
Product and service improvement and development | • This purpose includes improving the products, services, product functionality, communications or mobile applications and developing innovative technologies or functionalities. • Sending survey communications for market-research purposes. We only send you these types of communications with your prior consent unless this is not required under applicable law. |
Compliance with legal obligations | • This purpose includes the use of personal data in connection with the performance of a task carried out to comply with a legal obligation to which we are subject, including the disclosure of personal data to government institutions or supervisory authorities, including tax authorities and other competent authorities for the sector in which we operate. In case of a request from an authority to disclose the personal data of our consumers, we will follow our WiZ Agency Disclosure Requests notice. |
Defence of legal claims | • This purpose includes the use of personal data in connection with activities such as preventing, preparing for or engaging in dispute resolution. |
Security and protection of our interests/assets | • This purpose includes the use of personal data in connection with the security and protection of our interests and/or assets and our consumers, business customers and business partners, including the safeguarding of the security and integrity of their business sector. In particular, it includes activities such as detecting, preventing, investigating and combating (attempted) fraud, criminal or objectionable conduct directed against us, our employees or customers (including the use of and participation in our incident registers and sector warning systems), activities such as those involving health and safety, authentication of customer, supplier or business partner status and access rights (such as required screening activities for access to our premises or systems), and activities such as deploying and maintaining technical and organisational security measures. |
Assessment and (re)screening of (potential) customers, suppliers and/or business partners (WiZ Pro) | • This purpose includes the use of personal data in connection with the assessment and acceptance of certain third parties (such as consumers, business customers, suppliers and business partners), including confirming and verifying the identity of relevant Individuals (which may include the use of a credit reference agency or other third parties), conducting due diligence and screening against publicly available government and/or law enforcement agency sanction lists and other third-party data sources, using and participating in our incident registers and sector warning systems and/or third-party verification services. |
Business process execution, internal management and management reporting | • This purpose includes the use of personal data in connection with activities such as management of company assets (including IT systems and infrastructure), finance and accounting, credit assessment (including setting credit limits) and risk management, conducting (internal) audits and investigations, implementing business controls, provision of central personal data facilities for efficiency purposes, management of alliances, ventures, mergers, acquisitions and divestitures, reorganisations or disposals and integration with purchaser, management reporting and analysis, archive and insurance purposes, legal or business consulting, government and legal affairs, and intellectual property management. |
HOW DO WE USE YOUR PERSONAL DATA FOR PERSONALISED COMMUNICATIONS, MARKETING AND PRODUCT/SERVICE PERSONALISATION?
With your prior consent or when allowed by applicable law, we may send you tailored direct marketing communications about our products, services, events and promotions. We may contact you via different channels such as email, our websites, mobile applications or through third parties such as social media or other publishers.
We can tailor the communications to your preferences and behaviour and provide you with a personalised experience by way of analysing and combining the personal data associated with you. In essence, we strive to make our products and their functionalities contextualised to respond to your preferences and needs. We are aiming to provide smarter and more enriching experiences.
We may also collect and use measurements deriving from these communications to create segments of our audience showing which of our products and services users are interested in and track the success of our marketing efforts.
We may use your personal data to invite you for consumer feedback or market research campaigns as we are constantly working to improve our products and services and to make them more in line with what consumers want. We only send you these types of communications with your prior consent unless this is not required under applicable law.
If at any moment you decide that you no longer want to receive these personalised communications, you can always unsubscribe from them. To unsubscribe, you can click on the unsubscribe button found at the end of every marketing communication we send or contact us, and we will do this for you.
Please note that even if you opt out from receiving marketing communications, you may still receive administrative, service or transactional communications from us, such as technical and/or security updates of our products, order confirmations, notifications about your account activities and other important notices. You cannot unsubscribe from these types of communications.
WHAT IS THE LEGAL BASIS FOR OUR USE OF YOUR PERSONAL DATA?
There are several legal bases on which we rely to process your personal data:
Legal Basis | Explanation |
Consent | Where required by law, we may ask for your consent to use your personal data. If this is the case, we may provide you with more specific information. You can withdraw your consent at any time by contacting us. |
Performance of a contract | Your personal data may be required to enter or carry out a contractual agreement that involves you. This could include fulfilling the purchase of a WiZ product or service, managing your account registration and maintenance, resolving delivery-related problems, processing returns, ensuring the secure and reliable functioning of your WiZ product and addressing your requests. |
Compliance with a legal obligation | Your personal data may be used to ensure compliance with applicable laws, such as fulfilling legal requests from law enforcement authorities and adhering to regulatory investigations and compliance requirements. |
Legitimate interests | We may use your personal data for our legitimate interests. This includes analysing and enhancing our WiZ products and services, along with the content of our websites and apps, personalising our products and services, keeping you informed about software updates or other transactional, legal or service-related information, using your personal data for administrative purposes and for detecting and preventing fraud. We may also rely on our legitimate interest to send relevant personalised marketing communications, or for our direct marketing efforts unless it is required by applicable law to obtain your consent. |
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We keep your personal data for the period necessary to fulfil the purposes for which it has been collected. Please keep in mind that in certain cases a longer retention period may be required by law. The criteria used to determine our retention periods include:
- How long is the personal data needed to provide you with our products or product functionalities or to operate our business?
- Do you have an account with us? In this case, we may keep your personal data while your account is active or for as long as needed to provide the product functionalities to you.
- Are we subject to a legal, contractual or similar obligation to retain your data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation or data that must be retained for litigation, protection against a possible claim or tax purposes.
Your personal data processed is retained for as little time as necessary, after which we anonymise or delete it when there is no longer a consumer, legal or business need for your personal data to be retained.
HOW DO WE TRANSFER YOUR PERSONAL DATA ABROAD?
As we are a global organisation, your personal data may be transferred to or accessed from different countries.
For cross-border transfers within our companies, we rely on our Binding Corporate Rules (“Signify Privacy Rules”). Our Signify Privacy Rules require all Signify affiliates, subsidiaries and trusted third parties worldwide to use the same or similar standards of protection for personal data regardless of their location.
For cross-border transfers outside our companies, whenever we transfer your personal data outside the European Economic Area (EEA) and/or to a country that does not have an adequacy status, we ensure compliance with applicable data protection laws and implement adequate technical, organisational and legal mechanisms (for instance, by using the Standard Contractual Clauses as approved by the European Commission) that ensure a level of protection that is essentially equivalent to that in the EEA.
HOW DO WE SECURE YOUR PERSONAL DATA?
We have appropriate security measures in place to prevent personal data from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it, including requiring our service providers to use appropriate measures to protect the confidentiality and security of your data. Those processing your information may do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a data security breach where we are legally required to do so. More information on our security-by-design approach can be found here. If you have reason to think that your interaction with us or your personal data is no longer processed securely, please contact us.
WHAT ARE YOUR PRIVACY RIGHTS?
You have the following privacy rights:
• Confirmation: obtain confirmation from us as to whether we process your personal data.
• Access: obtain a copy of your personal data being processed by us.
• Rectification: have your personal data rectified.
• Erasure: have your personal data anonymised or deleted.
• Restriction: have your personal data restricted.
• Object to:
1. (General) the use of your personal data on grounds relating to your situation, unless we can demonstrate prevailing compelling legitimate grounds for the processing of your personal data
2. (Direct marketing) receiving direct marketing communications. If you object to the processing of your personal data for direct marketing purposes, the relevant personal data shall no longer be processed for such purposes.
3. (Automated decision-making) the use of your personal data which is based solely on automated personal data (including profiling), and which results in adverse legal or similarly significant effects concerning you.
• Data Portability: the right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit that personal data to another company.
• File a complaint or contact us at any time: with privacy-related questions and/or complaints regarding the application or violation of our Privacy Rules or Privacy Notice by us.
To exercise your rights, use our privacy request form or contact us.
You also have the right to obtain a copy of our Signify Privacy Rules and make use of your third-party beneficiary rights and/or claim damages. Additionally and if applicable to you, the EU General Data Protection Regulation also gives you the right to lodge a complaint with your local supervisory authority.
The above rights are not absolute and can be reasonably limited, for example when the exercise of such rights adversely affects the rights and freedoms of others. For more detailed information on your rights, please see our Signify Privacy Rules.
DO WE COLLECT PERSONAL DATA FROM CHILDREN?
We do not intentionally collect information from children.
• Special note to children under the legal age of majority: if you are under the legal age of majority in your country of residence, you will need your parent or guardian's consent before sharing your personal data with us.
• Special note to parents of children under the legal age of majority: we recommend that you check and monitor your children's use of our products, systems, services and applications (including websites and other digital channels) to make sure that your child does not share personal data with us without asking for your permission.
WHAT ARE YOUR RESPONSIBILITIES?
We would like to remind you that it is your responsibility to ensure that the personal data you provide us with is accurate, complete and up to date. Furthermore, if you share with us the personal data of other people, it is your responsibility to collect such personal data in compliance with local legal requirements. For instance, you should consider informing other people, whose personal data you provide to us, about the content of this Privacy Notice and obtain their prior consent. It is your responsibility to ensure that the information you share with us does not violate any third-party’s rights.
If you decide to return, sell or share a WiZ product with others, or if you are considering using a second-hand WiZ product, please note that certain WiZ products may internally store personal data relating to you or your use of the product. In such cases, please make sure:
• In case you give access to third parties to your WiZ products or services, you are comfortable with these third parties being able to access the personal data contained within them.
• You consider performing a factory reset of the product.
We strongly encourage you to periodically check which home members have access to your WiZ ecosystem. This can be done through the settings tab in your WiZ mobile application.
CHANGES TO THIS PRIVACY NOTICE
This Privacy Notice may change from time to time. We encourage users to periodically review this Privacy Notice for the latest information on our privacy practices. The most recent version of this Privacy Notice will govern our processing of your personal data and can be found on the WiZ website.
COOKIES AND SIMILAR TRACKING TECHNOLOGIES
We make use of functional cookies, analytic cookies and advertising cookies in our websites and mobile applications. Where required, we will ask for your prior consent.
To learn more, please read our Cookie Notice.
HOW TO CONTACT US
For any questions related to the protection of your personal data by us or regarding this Privacy Notice, you can contact the Signify Privacy Office:
• Mail: Signify – Attn: Privacy Office – Basisweg 10, 1043 AP Amsterdam, the Netherlands; or
• Online: Signify Privacy Centre, 'Privacy request' section.
Please keep in mind that certain communication channels are not always secure. Therefore, please do not include sensitive information in your communications to us.