1. What Personal Information We Collect
2. Purposes and Legal Basis for Processing Personal Information
3. With Whom We Share Your Personal Information
4. Transfer of Collected Information
5. Rights Related to Personal Information
6. Information Security Measures
7. Information Retention Period
8. Protection of Children's Personal Information
9. Notice Regarding Policy Changes
10. Contact Us

Definitions

I. What Personal Information Do We Collect

• Device IP address, operating system type, device model, and network information related to smart device network configuration;
• If your smart device requires location services, we will obtain location information with your authorization;
• This information is used to identify the device's connection status with the service to complete device network configuration, control, and display;
• Upon exiting the "Try as Guest" mode, we will immediately delete all temporary data and will not retain copies or backups.

1. Information You Voluntarily Provide to Us

• Account Registration Information: When you register an account with us, we will collect your account name and contact information, including your email address, phone number, username, and login password. During your interaction with our products, we may further collect your account nickname, country code, language preference, or time zone information. - User Feedback: When you use our services and submit service-related feedback and suggestions, we will collect your email address, mobile phone number, and feedback content (including any attached images or videos). This information will be used to promptly address your app issues and smart device-related malfunctions.

Information Collected for Additional Features

• Additional Services Based on Location Information:
  • When you enable the positioning function of your mobile device through system authorization and use location-based services, we will collect and use your location information (coarse location information, latitude and longitude) to facilitate network pairing between the Tuya app and your smart device. Furthermore, when you use certain of our products or services (weather services/home management), with your consent, we will collect real-time precise or non-precise geolocation information about you. When you use the geofencing feature and create scenes that change location, we will request background location permission to locate the user's location and perform automated user pre-screening. You can disable the collection of your location information by disabling the positioning service in your mobile device's system. Adding a device requires location permission (Android only). To add a device, searching for nearby devices requires Bluetooth scanning, which requires Bluetooth positioning, otherwise it will affect the user's device addition. - Go to [Me] - [Settings] - [Privacy Settings] and turn off/on the [Location] permission.
• Additional Services Based on the Camera:
  • After enabling Camera Permission, you can use this feature to scan a QR code to add your purchased device. Please note that even if you have agreed to enable camera permissions, we will only obtain information when you actively scan a QR code or take a photo with the camera. The QR code scanning feature collects light sensor information, which determines whether to use the flash function.
  • Go to [Me] - [Settings] - [Privacy Settings] and turn off/on the [Camera] permission.
• Additional Services Based on Photo/Video Access and Upload:
  • After enabling Camera Permission, you can use this feature to upload your photos/videos to provide proof of device usage issues and to upload photos/videos to certain device panels. When you report a device issue, we will use the uploaded photos/videos to identify the issue. - Go to [Me] - [Settings] - [Privacy Settings] and turn off/on the [Picture] permission.
• Additional Services Related to Microphone-Based Voice Technology:
  • After enabling the Microphone Permission, you can use the microphone for voice functions, including recording videos, waking up voice/AI assistants, and certain special panels (such as video doorbell calls). For these functions, we will collect your Voice Information to identify your commands or provide you with corresponding services. Please note that even if you have agreed to enable the Microphone Permission, we will only collect Voice Information through the microphone when you actively click the microphone icon in the app or record a video.
  • Go to [Me] - [Settings] - [Privacy Settings] and turn off/on the [Microphone] permission.
• Additional Services Based on the Storage Permission (Android):
  • We request this permission to ensure stable client operation. After you enable permission to read/write your device storage, we will read or write necessary information, such as images, files, and videos, from your device's storage to provide you with information publishing and local crash log recording.
  • Go to [Me] - [Settings] - [Privacy Settings] and turn off/on the [Access storage permissions].
• Additional features based on the Message Notification permission:
  • We request this permission to push notifications about our products or services, especially alerts for purchased services so you can get real-time updates.
  • Go to [Me] - [Message Center] - [Settings] in the upper right corner and turn off/on the [Device Alert] permission.
• Additional features based on the "Floating Window" (Android):
  • We request this permission to display the camera's live feed in a floating window when you've linked your camera to the app.
  • Turn off/on the [Floating Window] permission through your phone's system's permission settings.
• Additional services based on Bluetooth technology:
  • After enabling Bluetooth permission, you can use Bluetooth features, including device control, device status acquisition, device discovery, and device network pairing. During these features, we communicate with the device via Bluetooth. Please note that even if you have agreed to enable Bluetooth permissions, we will only use Bluetooth for communication in the following scenarios: displaying device status on the home page and device panel; controlling devices on the home page and device panel; and discovering and pairing devices on the home page and add device page.
  • Go to [Me] - [Settings] - [Privacy Settings] and turn off/on [Bluetooth(iOS) / Access to nearby devices permissions (Android)] permissions.
• Additional Services Based on HomeKit Technology (iOS only):
  • After enabling HomeKit permissions, you can enable related features, including device discovery, pairing, control, and status. For these features, we exchange data with the iOS Home app through HomeKit. Please note that even if you have agreed to enable HomeKit permissions, we will only use them in the following scenarios: on the homepage and on the Add Device page for discovering HomeKit devices and pairing them with the network; and in [Me] - [HomeKit Information] for discovering HomeKit devices and pairing them with the network.
  • To manage [HomeKit] permissions, go to the iPhone system [Settings] - [Privacy & Security] - [Home Accessories], then select the current app to toggle permissions on or off.
• Additional Services Based on HealthKit Technology (iOS only):
  • After enabling HealthKit permissions, you can use related features, including weight and height data, and running and swimming data. For these features, we use HealthKit to exchange data with the iOS Health app. Please note that even if you have agreed to enable HealthKit permissions, we will only use them in the following scenarios: writing data to HealthKit from scales, wristbands, and watches; and reading data from HealthKit in the Health Center.
  • To manage [HealthKit] permissions, go to the iPhone system [Settings] - [Privacy & Security] - [Health], then select the current app to toggle permissions on or off.
• Additional Services Based on Face ID Technology (iOS only):
  • After enabling Face ID, you can use related features to securely and conveniently log in to your account without a password using iOS facial recognition, eliminating the need to repeatedly enter your account and password. iOS does not provide Face ID data to us, and we do not and cannot collect or store your Face ID data. You can also enable/disable this feature at any time. - Go to [Me] - [Settings] - [Account and Security] - Turn off/on [Face ID]
• Additional features based on Fingerprint permissions (Android only):
  • We request this permission so you can log in to the app without a password using Fingerprint ID. We will not store or upload your fingerprint information.
  • Go to [Me] - [Settings] - [Account and Security] - Turn off/on [Fingerprint ID]

2. Information We Collect Automatically

• Mobile Device Information: When you interact with our products, we automatically collect mobile device information, including mobile device model, login IP address, wireless connection information, operating system type and version, application version number, push notification identifier, log files, and mobile network information, to ensure your normal use of our services, maintain the normal operation of our services, improve and optimize our service experience, and protect your account security. To accurately locate service failures, we collect your ID information (including account ID, device/Virtual ID, order ID, Home ID, and Scene ID). We also collect your software version number. To ensure the security of the operating environment or to provide services, we collect information about the mobile applications and other software you use, as well as a list of installed applications (for application performance monitoring). - Service Log Information: When you use our applications, system and exception logs will be uploaded for analysis to provide you with a better user experience and improve our services. These logs include your IP address, preferred language, operating system version, access date and time, and usage information, so we can accurately identify issues and help you resolve them.

3. Smart Device Information

• Basic Smart Device Information: When you use a smart device connected to our products or services, we collect basic information about the smart device, including its name, device ID, online status, activation time, firmware version, and upgrade information.
• Information collected when connecting to smart devices: When using the Tuya app and services, we will receive and record information about your device based on your specific actions and the type of smart device you wish to connect to, to facilitate device identification, activation, and control, collect data statistics and analysis, and ensure the security and quality of network access and service operations. We will collect the following information when you access the Add Device homepage to perform self-discovery and search for devices to be paired, as well as when you actively pair devices:

• Information reported by smart devices: We will collect information reported by your smart devices based on the different smart devices you choose to connect to our products or services. To help you better understand how to use our services, we'll use the following smart devices as examples. The information they report only applies when you use that type of service:

1. Smart body fat scales or fitness trackers: Height, weight, body fat mass (BFM), body mass index (BMI), skeletal muscle mass (SMM), body fat percentage, muscle mass, body fat index, obesity level, ideal weight, weight control, visceral fat index, lean body weight, body water content, bone mass, protein content, BMR, metabolic age, body score, body shape, subcutaneous fat percentage, subcutaneous fat mass, heart rate;
2. Wristbands and similar smart devices: Heart rate, steps, calories, mileage, heart rate, sleep history, training history, body temperature, blood oxygen level, systolic blood pressure, diastolic blood pressure, and stress;
3. Smart fitness devices such as smart skipping ropes: Start time, skipping mode, number of skips, workout duration, calories burned, maximum number of sustained jumps, number of skips, average speed, maximum speed, and heart rate during exercise

• If you choose to use Apple Health, please carefully review the relevant User Agreement and Privacy Policy published by Apple Health. For details, please visit: https://www.apple.com/legal/privacy/en-ww/
• If you choose to use Fitbit, please carefully review the relevant User Agreement and Privacy Policy published by Fitbit. For details, please visit: https://www.fitbit.com/global/us/legal/privacy-policy

4. Auto-start Scenario Description (Android Only)

• When you create a smart scene and the execution conditions in the smart scene are triggered;
• When you control a smart device through the app;
• When you use voice control through a voice assistant.

II. Purposes and Legal Basis for Processing Personal Information

• Providing you with services: We process your account information, mobile device information, usage information, location information, and smart device-related information to provide the products and services you requested. The legal basis for this processing is the performance of our contract with you under our User Agreement.
• Improving our services: We process your mobile device information, usage information, location information, and smart device-related information to ensure the functionality and security of our products, develop and improve our products and services, analyze our operational efficiency, and prevent and track fraudulent or inappropriate use. The legal basis for this processing is the performance of our contract with you under our User Agreement.
• Non-marketing communications: We process your personal information to send you important information about our services, changes to our terms/conditions and policies, and/or other administrative information. We may also send you notifications related to your purchased services, including alerts. You can manage whether you wish to receive these communications by checking the "Device Alert" section in the Tuya app ([Me] - [Message Center] - [Settings] - [Device Alert]). If you choose to turn off push notifications, we will no longer send you these communications. The legal basis for this processing is the performance of our contract with you under our User Agreement.
• Feature Experience Upgrade Program (Android and iOS only): To enable you to better enjoy the convenience of smart devices, we will analyze your usage of Tuya services or smart devices, as well as products or usage scenarios relevant to you, to help you better enjoy the convenience of our products. We will use your linked smart device information to recommend other smart devices that can be intelligently linked to your linked devices (smart device recommendation service). If you do not consent to our data analysis, you can go to the Tuya app's privacy settings ("Me" - "Settings" - "Privacy Settings" - "Service Maintenance & Improvement Activity" to disable your consent. The legal basis for this processing is your consent.
• Personalized Recommendation Service (Android and iOS only): We process your account information, usage information, and mobile device information to provide you with tailored services based on your device type (including recommending and displaying product information and advertisements tailored to you), and invite you to participate in user surveys for the products you use. This information is necessary for personalized recommendations. If you refuse to provide it, we will be unable to recommend personalized information or services, display recommended purchase services, or send targeted push messages. Currently, Tuya does not make automated decisions regarding the processing of your personal information and only provides scene-based recommendations based on your smart device type. If you do not consent to Tuya processing your personal information for personalized services, you can disable this option when accessing the Tuya app or in the app's privacy settings ([Me] - [Settings] - [Privacy Settings] - [Personalized Recommendations]). The legal basis for this processing is your consent. Please note that the basic scene recommendation feature only provides available scene services (including device automation and convenient execution) based on your network-connected devices and is not a personalized recommendation service.
• Compliance: We process your personal information only when we are required to disclose it by law or when we believe it is necessary or appropriate to:
• (a) comply with applicable laws and regulations, legal process, or requests from public and governmental authorities;
• (b) enforce our Terms of Use and other agreements, policies, or standards, including investigating any potential violations;
• (c) protect the rights, privacy, safety, or property of us and/or other users, including you;
• (d) pursue available measures to detect, prevent, remedy, or limit damages we may be required to provide or address security, fraud, or technical issues.

III. With whom do we share your personal information?

• With third-party service providers who provide us with certain business-related services, including website hosting, data analysis, payment and credit card processing, infrastructure provision, IT services, customer support services, email delivery services, and other similar services to enable them to provide our services.
• With customers and other business partners who directly or indirectly provide you with smart devices and/or the networks and systems you use to access and use our websites and services.
• With affiliates or other third parties in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or a portion of our business, assets, or stock (including, without limitation, in connection with any bankruptcy or similar proceedings). In such an event, you will be clearly notified via email and/or our website of any change in ownership, any incompatible new uses of your personal information, and choices you may have regarding your personal information. We may share your personal information as reasonably necessary or appropriate to:

IV. Transfer of Collected Information

V. Rights Related to Personal Information

1. Accessing Personal Information You can access your personal information in this app through the following paths:

1. Obtaining a copy of your personal information. You can obtain a copy of your personal information through "Me - Settings - Privacy Policy Management - Export Personal Information" within the app.
2. Correcting your personal information. You can correct your personal information in the app through the following paths:

1. Deleting personal information. You can delete your personal information in the app through the following paths:

1. Withdrawing Authorization. You can withdraw your authorization in the app through the following paths:

1. Delete Account. You can deregister your App account through "Me - Settings - Account and Security - Delete Account." Please understand that account deregistration is irreversible. Seven days after you request account deregistration, we will cease providing services to you and delete the personal information associated with your account, unless otherwise required by law or regulation.
2. Restricting Automated Decisions by Information Systems. The App's business functions may make decisions based on non-human automated decision-making mechanisms, including information systems and algorithms. If such decisions significantly impact your legal rights and interests, please contact us using the contact information set forth in Section 10 of this Policy.
3. Right to Restrict Processing. You can restrict or refuse the processing of your information through "Me - Settings - Account and Security -Delete Account." You may also exercise your rights by contacting us using the contact information set forth in Section 10 of this Policy.

VI. Information Security Measures

• For device access, we use Tuya's proprietary algorithms to ensure data isolation, access authentication, and authorization.
• For data communication, we support the use of secure algorithms and transmission encryption protocols, as well as commercial-grade information encryption transmission based on dynamic keys.
• For data processing, we implement strict data filtering and verification, as well as a comprehensive data review process.
• For data storage, all confidential user information will be securely encrypted for storage.

VII. Information Retention Period

1. To fulfill your requested products and services in accordance with the User Agreementand this Policy;
2. When you explicitly request deletion of your personal information, we will consider this a requirement and will no longer retain your personal information.

VIII. Protection of Children's Personal Information

IX. Notice Regarding Policy Changes

X. Contact Us