PRIVACY NOTICE

Last updated: October, 11, 2024

This Privacy Notice describes how your personal data are collected and processed, related to the use of the “Sennheiser Smart Control Plus” Application (“Mobile App”). The processing of your personal data comply, according to your country, with local law requirements, including the Swiss Federal Data Protection Act (“FDPA”), the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”), or the Cyber Security Law of People’s Republic of China (“PRC”) and the Personal Information Protection Law of PRC (“PIPL”).

This Privacy Notice may be updated from time to time. In this case, we will inform you that this Privacy Notice has been modified and the “last updated” date on top of this document will be modified. We recommend that you periodically review the latest version of this Privacy Notice.

Please note that the following information is required to establish a connection to your device:

  • For Android: Bluetooth address, access rights to location information of the device.

The use of the app on Android devices mandatorily requires the activation of location services to enable the functioning of the Mobile App and the operation of your Sennheiser product.

  • For iOS: BLE UUID.

This information is not transferred to us and we do not process your location information.

1. Who we are

Sonova Consumer Hearing GmbH, Am Labor 1, 30900 Wedemark, Germany, which is part of Sonova Group, acts as a Controller for the processing listed in the following section (hereafter “Sonova”).

2. Personal data we collect from you and why

Sonova processes your personal data for the following purposes listed in this section. Please note that we do not necessarily have access to all the data listed, as some are only stored on your Mobile App, and as some are not permanently stored. Please read this section carefully for further details.

Based on your consent (those processing are not mandatory and will occur only if you agree and consent to it):

  • Manage your customer account information. You have the choice to create an account and/or log in (you can use the Mobile App without logging in): information on your registration (email address or phone number or reference to 3rd party registry); first name and last name (optional); login name; country of registration (regional allocation); type of touchpoint for registration and access timestamp.
  • Mobile App & product analytics and statistics. At the launch of the Mobile App, you have the possibility to give your consent to this processing. You can also give your consent by selecting the appropriate setting in the “Privacy” section of the Mobile App menu, or withdraw it at any time.
    • Mobile App: frequency, type, duration of Mobile App use; settings made on the device such as equalizer, Active Noise Cancellation (ANC) mode or other device-specific settings; type of device used with the Mobile App; operating system and version number; number of firmware updates performed; error reports in case of Mobile App crash.
    • Product (when used with products of the Sennheiser wireless Bluetooth headset series): operating time, number of usage cycles; duration of use of the various ANC programs and number of switchovers; accumulated charging time and number of charging cycle ; total duration in phone mode and number of times it was switched to phone mode; accumulated connection time of two devices and number of connections of an additional device; duration of audio playback and number of times playback was started; crashes.
  • Send newsletter communications: email address, name (utilized in welcome formula).
  • Provide the last known location of my device: If you select the ‘Find Headphones’ function, you have the option of consenting to the application storing your last known location when using your device. Only the latitude and longitude data will be exchanged between the Mobile App and the Mapbox service, while article information and timestamps will remain exclusively on the app: unique device Bluetooth-address; article name; article part (l/r); latitude; longitude; timestamp.
  • Ensure the functionality and security of the Mobile App and provide personalized settings and features. If you create an account and/or log in, the following data are processed automatically. They are stored to ensure the functionality of the features on multiple devices and after reinstallation. You can prevent the storage of those data in the Mobile App settings at any time, but then you will no longer be able to access them from other devices and benefit from personalized settings: location information; userEQ settings; equalizer presets; sound zones and sound personalization profile.

Based on the performance of your contract or the service you required (some of those processing are mandatory to ensure the proper functioning of the Mobile App or the service you required):

  • Update the firmware of your product. Those data are not stored permanently and are only used for the purpose of transferring firmware updates. If the device on which the Mobile App is installed is connected to the internet, the following list of data is transferred to our servers. If you do not want this data to be transferred and processed, do not establish an Internet connection: hardware identifier; hardware revision number; firmware version of the product; operating system type (Android, IOS) and version; version of the Mobile App.
  • Display “vital data” if you connect to MOMENTUM Sport. Only if you use MOMENTUM Sport devices, those are equipped with sensors. The Mobile App can only show these data, they are not stored in the Mobile App, and cannot be assigned to you, even if you are logged into your account. Those data are not visible nor accessible to us as they flow between your MOMENTUM Sport devices and the Mobile App when Bluetooth is activated: heart rate; body temperature.

Based on legitimate interest:

  • Send you surveys via the Mobile App in order to improve our products and services. A pop-up appears just once, asking you to rate your satisfaction: product feedback; unique Mobile App installation ID; model name; IP address.

3. How we share your personal data

Your personal data will be processed according to the instructions we provide to our employees who have received the necessary training in data protection and are subject to an obligation of confidentiality.

Your personal data may also be disclosed to:

  • Other companies in our group of companies, such as our subsidiaries, all of which are required to protect personal data in accordance with applicable privacy and data protection laws;
  • Our business partners, contractors and third-party service providers. These third parties only process personal data that are strictly necessary for the services they provide to us, according to our instructions and in compliance with our privacy and security requirements.
  • Other organizations and public bodies, supervisory and control authorities, including law enforcement agencies, as may be required by law.

By using the Mobile App, only personal data that are strictly necessary for the following purposes are shared (the location of your personal data which are shared may vary depending your country):

Microsoft Corporation (USA) or 21Vianet Group (China) – Azure services (if you log in).

  • Purpose: provide cloud infrastructure hosting our services. Sonova Azure instance is in place in 4 regions: EMEA, AMER, APAC (except China Mainland), CHINA (Mainland). Data will be hosted in the region where the country specified by the user during the registration process belongs to. Dedicated data centers are in place in each of these regions to realize regional and separate data storage.
  • Personal data if user creates an account: information on your registration (email address or phone number or reference to 3rd party registry); first name and last name (optional); login name; country of registration (regional allocation); type of touchpoint for registration and access timestamp.
  • Personal data if user enables personalized settings: location information; userEQ settings; equalizer presets; sound zones and sound personalization profile.

Twilio Ireland Ltd (Ireland) – SendGrid.

  • Purpose: user verification and delivery of the confirmation email or SMS (depending on the selected verification method). Twilio also provides the general authentication service. Your personal data are not stored and are used temporary to execute the verification or authentication process.
  • Personal data: email address or phone number.

Google Ireland Limited (Ireland) – Analytics and Firebase.

  • Purpose: determine statistical characteristics regarding the Mobile App usage, Mobile App distribution and identification of error causes, providing and maintaining the Mobile App and improving the features of the Mobile App. A complete overview of all possible collectable events can be viewed via the following link: https://support.google.com/firebase/answer/6317485. The events relevant to our Mobile App are limited only to the first chapter ‘Automatically collected events’.
  • Personal data: IP address processed by Google for Analytics.

Qualtrics, LLC (USA) – Feedback.

  • Purpose: give feedback on the Mobile App in order to improve the Mobile App and our services.
  • Personal data: product feedback; unique Mobile App installation ID; model name; IP address.

HubSpot GmbH (Germany) - Marketing Automation.

  • Purpose: Automated marketing activities (email marketing).
  • Personal data: email address, first name, last name, country of registration, region of data storage (EMEA, APAC, AMER only - CHINA (mainland) is excluded)

Mapbox, Inc. (USA) - Geolocation Service.

  • Purpose: retrieve geolocation information (longitude, latitude).
  • Personal data: none

Before we disclose any personal data to other third parties than those listed above, we will explicitly ask you for your consent. However, if we are obliged to disclose personal data without your consent, we will only disclose personal data that are strictly necessary for that purpose to fulfil our legal obligations.

4. International personal data transfers

Please note that some of the above-mentioned third parties can be located outside your country. Therefore, your personal data may be transferred to countries that do not provide the same level of protection of personal data as your own country. In such cases, we undertake to:

  • implement adequate procedures to comply with applicable law;
  • adopt appropriate organizational, technical and legal safeguards in order to ensure an adequate level of protection of the personal data transferred;
  • implement, if necessary, and according to applicable law, standard contractual clauses;
  • depending on the country of the importing third party, take additional measures such as a transfer impact assessment.

5. How long we keep your personal data

Sonova will retain your personal data for a minimal period proportional to the time required to fulfil the purposes outlined in Section 2. For example, relevant personal data will no longer be retained if you delete your account or if our contractual obligations are fulfilled. In the event applicable law or other regulations require a longer retention period, we will apply the longer retention period in order to fulfill our legal obligations.

6. Your legal rights

Within the framework of the collection and processing of your personal data, and as per applicable law, you may have the right to request access, rectification, erasure of your personal data, or restriction of processing. In addition, you may object to the processing, request data portability and withdraw your consent at any time. Please note that the exercise of such rights is subject to the limitations provided by applicable law. If you consider that the processing of your personal data infringes applicable law then you may also lodge a complaint with the local supervisory authority or the competent regulator.

You may exercise your rights by using the contact details in the “How to contact us” Section below.

7. How to contact us

In the event of questions about this Privacy Notice, or the processing of your Personal Data, please contact our Data Privacy Team at privacy@sonova.com or contact our customer support team https://www.sennheiser-hearing.com/contact.