Privacy Policy

Effective Date: the 25th day of October, 2023

Overview

This Privacy Policy ("Policy") is issued by Anker Innovations Limited and its affiliates (together, “Anker”, “we”and“us” ) and is addressed to individuals outside our organization with whom we interact, including personnel from our partners such as installation service providers and dealers (“you”). Defined terms used in this Policy are explained in Section (10) below.

We may update this Policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our application prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

You may also have certain rights regarding the information we collect about you. Specifically, the rights of Data Subjects under the GDPR are explained in Section (6) below.

Intended Audience: Our websites or applications (including ankersolix-professional-us.anker.com, ankersolix-professional-eu.anker.com and Anker SOLIX Professional App, collectivelly, "Our Site and App") is not directed to children under the age of 18. As a result, our Site and App do not request or knowingly collect personal data from individuals under the age of 18. If you are not 18 or older, you should not visit or use our Site and App.

List of Contents

1. How We Collect Your Personal Data

2. How We Use Your Personal Data

3. How We Share Your Data

4. International transfer of Personal Data

5. Data retention

6. Your privacy rights

7. Children's Data Protection

8. Links to other websites

9. Contact Us

10. Definitions

1. How We Collect Your Personal Data

1.1 Categories of Personal Data We Process

When you use our Site and App, we may collect the following data from and/or about you:

• Information for account registration: such as names, telephone number, email addresses and and passwords, and company names users are employed with；
• Customized settings: usernames, language preferences and other preference settings, such as profile pictures;
• Network information: such as Wi-Fi names and passwords when you link the APP to the devices the devices you install;
• Device information: such as firmware version, model and serial number of devices you install;
• Usage data: such as device and APP log files, settings (including settings history), usage history, device and service settings, and device status;
• Device owners' information: When you record the device owner's information in the APP, we will collect the details you provide, such as the owners' names, email addresses, phone numbers, the addresses where devices are installed, and installation position pictures. Therefore, before proceeding with the Owner Information Record, it's crucial to clearly inform the owners about the purpose, method, and scope of the collection and processing of their personal data, and that this information will be shared with Anker. Obtaining device owners' consent for this is essential.

1.2 Permissions

Our App may request your permission to access your mobile device's connection information, storage capabilities, sensors or other features. We only require access when it is necessary or useful for the provision of our APP:

• Wi-Fi and Bluetooth -- The APP requires Wi-Fi and Bluetooth permissions to link the APP to the device, and to connect your system to our server. Blocking these permissions would impair the functions of our devices.
• Location -- The APP requires location permission to collect the longitude and latitude where the device is installed.
• Camera-- The APP will request access to your camera when you upload images of the installation site or use the scanning feature, enabling photo capture and scanning functions.

You may change the permission settings at any time under the settings of your operating system, but please be informed that revoking permissions may affect the performance of our APP.

1.3 Legal Basis for Processing Personal Data

Purpose	Type of Personal Data	Legal Basis for Processing Personal Data
Account registration and login	Email address and passwords	Obtaining your consent
Review your identity	Name, email address and company name you are employed with	Performance of contracts with your employer
Customized setting	usernames, language preferences and profile pictures	Obtaining your consent
Provide product after-sales service to end users, such as device installation, device maintenance, etc.	Name, telephone number, email address and company name you are employed with; Device owners' names, addresses, phone numbers, and the addresses where devices are installe	Performance of contracts with your employer and end users, and Obtaining your consent

2. How We Use Your Personal Data

We process your Personal Data as necessary for the provision of features of our Site and App and the performance of our contract with you/your employer. For example, we need to process your personal data to enable the following:

• Provide product after-sales service to end users, such as device installation, device maintenance, etc.;
• Operate, evaluate and improve our business, including developing software updates, developing new features, analyzing the current features, aggregating and anonymizing data, performing data analytics, auditing and other internal functions;
• Network security, specifically for the prevention, detection, and protection against fraud, abuse, criminal activities, and other abnormal activities；
• Comply with regulation requirements, enforcement and compliance with legal requirements, for the execution of claims, including relevant industry standards, and our policies.

We may combine data we obtain about you for the purposes described above. We may also use the data we obtain for other purposes for which we provide specific notice at the time of collection or otherwise with your consent.

3. How We Share Your Data

We may also share, transmit, disclose, grant access to, make available, and provide Personal Data with and to third parties, as described below.

• Anker Affiliates: As we are a globally active group of companies, in some cases we may disclose Personal Data to other entities with brands owned or controlled by Anker, and other companies owned by or under common ownership as Anker. We will do so for legitimate business purposes and the operation of our Site and App, and in accordance with applicable law.

• Legal Obligations and Rights: We may disclose Personal Data to third parties, such as legal advisors and law enforcement agencies, regulators, other authorities and other third parties for legal reasons if we reasonably believe that such action is necessary:

  • in connection with the establishment, exercise, or defense of legal claims;
  • to comply with laws or to respond to lawful requests and legal process;
  • to protect our rights and property and the rights, personal safety and property of others, including to enforce our agreements and policies;
  • to detect, suppress, or prevent fraud or other criminal activity; or
  • as otherwise required by applicable law.

• Independent advisors: We may disclose Personal Data to our independent advisors such as accountants, auditors, consultants, and other outside professional advisors to Anker, subject to binding contractual obligations of confidentiality;

• Corporate Transactions: We may transfer any information we collect in the event we sell or transfer all or a portion of our business or assets (including any shares in the company) or any portion or combination of our products, services, businesses and/or assets. Should such a transaction occur (whether a divestiture, merger, acquisition, bankruptcy, dissolution, reorganization, liquidation, change of control or similar transaction or proceeding), we will use reasonable efforts to ensure that any transferred information is treated in a manner consistent with this Privacy policy.

4. International transfer of Personal Data

Because of the international nature of our business, we transfer Personal Data within the Anker group, and to third parties as noted in Section (3) above, in connection with the purposes set out in this Policy. For this reason, we transfer Personal Data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located, including China, the EEA, the UK, and the USA.

In the event of a transfer by Anker, we ensure that international transfers of your Personal Data are made pursuant to appropriate safeguards, such as:

(1) Ensuring that the Personal Data is only transferred to countries recognized as Adequate Jurisdictions. The current adequate decisions can be found here. There is currently no adequate decision for the United States and China; or

(2) The transfer is made pursuant to appropriate safeguards, such as Standard Contractual Clauses adopted by the European Commission or UK Secretary of State (as applicable) in connection with appropriate supplementary measures. The decision and the template text of these Standard Contractual Clauses can be found here.

If you wish to enquire further about these safeguards, including the specific contracts entered into, used, please contact us using the details set out under Section (9) of this Policy.

Please note that when you transfer any Personal Data directly to any Anker entity established outside the UK, Switzerland, or the EEA (as applicable), this is considered a direct collection, to which the safeguards mentioned in this Section (4) may not apply. We will nevertheless process your Personal Data, from the point at which we receive those data, in accordance with the provisions of this Privacy Policy.

5. Data retention

We will retain your personal data for a period necessary to fulfil the purpose for which it was collected, until you remove your data, or for a period required by applicable regulations. When we no longer require your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your Personal data has been stored in backup archives), then we will securely store your Personal data and isolate it from any further processing until deletion is possible. If we anonymize your personal data (so that it can no longer be associated with you), we may use this data indefinitely without further notice to you.

6. Your privacy rights

Under the GDPR or applicable laws, you may have the following rights regarding the Processing of your Relevant Personal Data:

• the right not to provide your Personal Data to us (however, please note that we may be unable to provide you with the full features of our Site and App, if you do not provide us with your Personal Data);

• the right to request access to, or copies of, your Relevant Personal Data, together with additional information, such as information regarding the nature, Processing and disclosure of those Relevant Personal Data;

• the right to request rectification of any inaccuracies or incompleteness in your Relevant Personal Data;

• the right to request, on legitimate grounds:

  • erasure of your Relevant Personal Data without undue delay; or
  • restriction of Processing of your Relevant Personal Data (limiting the purposes for which we Process your Personal Data);

• the right to have certain Relevant Personal Data transferred to another Controller, in a structured, commonly used and machine-readable format, to the extent applicable;

• where we process your Relevant Personal Data on the basis of your consent, the right to withdraw that consent at any time (noting that such withdrawal does not affect the lawfulness of any processing performed prior to the date on which we receive notice of such withdrawal)；

• the right to request the deletion or removal of your Relevant Personal Data where there is no compelling reason for us to keep using it. Please note that we may not be able to immediately remove the information from the backup system due to applicable laws and regulations or technological limitations. If this is the case, we will isolate your Relevant Personal Data from nay further processing until the backup can be deleted or be made anonymous;

• the right to lodge complaints regarding the Processing of your Relevant Personal Data with a competent Data Protection Authority (in particular, the UK Information Commissioner’s Office, or the Data Protection Authority of the EU Member State in which you live, or in which you work, or in which the alleged infringement occurred. If you live in Germany, the relevant Data Protection Authority is the "Bayerisches Landesamt für Datenschutzaufsicht", Promenade 18, 91522 Ansbach). However, we encourage you to first contact us so that we can together solve any concerns you may have.

Under the GDPR , you also have the following additional rights:

• the right to object, on grounds relating to your particular situation, to the Processing of your Relevant Personal Data by us or on our behalf, where such Processing is based on Articles 6(1)(e) (public interest) or 6(1)(f) (legitimate interests) of the GDPR; and
• the right to object to the Processing of your Relevant Personal Data by us or on our behalf for direct marketing purposes.

This does not affect your statutory rights.

To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section (9) below. Please note that:

• in some cases it will be necessary to provide evidence of your identity before we can give effect to these rights; and
• where your request requires the establishment of additional facts (e.g., a determination of whether any Processing is non-compliant with applicable law) we will investigate your request reasonably promptly, before deciding what action to take.

7. Children's Data Protection

Our Site and App are not intended to be operated by children. Given that our Site and App does not permit user registration and only allows personnel from Anker's partners to register, it is thereby incapable of collecting any personal data from children.

8. Links to other websites

This Policy applies only to Anker practices, technologies, and services. Our online properties may include links to websites and online services that are operated by other companies not under the control or direction of Anker. If you provide or submit Personal Data to those websites or online services, the privacy policies on those websites or online services apply to your Personal Data. We encourage you to carefully read the privacy policies of any website you visit.

9. Contact Us

If you have questions or concerns with respect to our Privacy Policy or practices, you may contact us at support@anker.com or DPO@anker.com.

We answer all inquiries and concerns within 30 days.

10. Definitions

• “Adequate Jurisdiction” means a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for Personal Data.
• “Controller” means the entity that decides how and why Personal Data are Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
• “Data Protection Authority” means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
• “EEA” means the European Economic Area.
• "EU" means the European Union.
• “GDPR” means the General Data Protection Regulation (EU) 2016/679, or, where applicable, the “UK GDPR” as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 GDPR.
• "Subject to the GDPR" refers to all persons located in the EEA, Switzerland, or the UK, or whose data is Processed by an Anker entity that is located in the EEA, Switzerland or the UK.
• “Personal Data” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
• “Process”, “Processing” or “Processed” means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• “Processor” means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
• “Relevant Personal Data” means Personal Data in respect of which we are the Controller.
• “Standard Contractual Clauses” means template transfer clauses adopted by the European Commission or adopted by a Data Protection Authority and approved by the European Commission, in their respective valid, current form (currently in the version of 4 June 2021).