ICO Mobile Application Privacy Policy

Last Updated: January 27, 2025

1. Introduction

Ondilo takes the utmost care to protect the personal data it collects.

This Privacy Policy applies to individuals who download and use our mobile application ICO - The Connected Island (hereinafter the “Application”) to connect their Connected Object, as described on our website https://ondilo.com/en/ or in commercial documentation.

As part of our commitment to protecting your personal data, we aim to inform you about:

How and why Ondilo collects and processes your personal data through the Application;
The legal basis for processing your personal data;
Your rights and our obligations regarding data protection.

This policy applies to users in the United States (including California) and the European Economic Area (EEA).

2. When Do We Collect Personal Data?

Ondilo collects personal data as part of:

Downloading and setting up the Application, during which we act as the data controller.
Data collected via the Connected Object, which includes water quality parameters such as pH, disinfection levels, temperature, etc. We process this data as a service provider.

3. What Personal Data Do We Collect and Why?

Categories of Personal Data

Purpose	Categories of Personal Data Processed	Legal Basis
Customer Account Management	Name, email, password	Necessary for contract performance
Customer Support & Service Requests	Name, email, phone, country, purchase details, product UUID, OS used, request details	Necessary for contract performance or legitimate interest
Pool/Spa Monitoring & Recommendations	Pool/Spa type, treatment details, chemical levels, water temperature, pool/spa equipment, filter type, and usage	Necessary for service provision and legitimate interest
Device Data Collection	Smartphone OS, UUID number, IP address, geolocation (with consent)	Necessary for service provision and legitimate interest
Service Improvement & Analytics	Profile, behavior analysis, anonymized usage data	Legitimate interest (data is anonymized)

4. Who Has Access to Your Data?

Ondilo ensures that personal data is only shared when necessary and under strict data protection requirements.

Recipients of Personal Data

Ondilo: We use your personal data to provide services, monitor usage, and improve customer experience.
Retailers & Distributors: If you purchased a Connected Object from a retailer, we may share relevant data with them only for service purposes. They cannot use your data for marketing or sell it.
Service Providers: We use third-party providers to support technical functions. They cannot use or share your data beyond the agreed services.
Smart Assistants (Optional): If you choose to connect to Amazon Alexa, Google Home, or other smart home devices, data may be shared with them per their privacy policies.
Legal Compliance & Authorities: We may disclose data if required by law or regulatory authorities.
Business Transfers: In the event of a merger, acquisition, or sale, personal data may be transferred to the acquiring entity.

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy.

Customer account data: Retained until account deletion.
Service & transaction data: Retained for legal and operational purposes (e.g., warranties, legal compliance).
Anonymized data: Retained indefinitely for analytics and service improvement.

Upon request, your personal data will be deleted within 30 days. However, anonymized data may be retained for statistical purposes.

6. Your Rights

Under CCPA (for California residents) and GDPR (for EU/EEA users), you have the following rights:

6.1. Right to Access

You can request a copy of your personal data and details on how we process it.

6.2. Right to Correct Data

If your data is incorrect, you may request corrections.

6.3. Right to Delete Data

You may request data deletion under the following circumstances:

Data is no longer needed.
You withdraw consent.
Processing is unlawful.

Exceptions: Legal retention requirements (e.g., tax or compliance obligations) may prevent deletion in some cases.

6.4. Right to Restrict Processing

You can request that we limit the use of your personal data.

6.5. Right to Object to Processing

If processing is based on our legitimate interest, you may object to it.

6.6. Right to Data Portability

You may request your data in a structured, machine-readable format for transfer to another provider.

6.7. Right to Withdraw Consent

If processing is based on consent, you can withdraw it at any time.

6.8. Right to File a Complaint

EU Users: You can file a complaint with your local Data Protection Authority.
US Users (California): You may file a complaint with the California Attorney General.

6.9. Do Not Sell My Personal Information

Ondilo does not sell your personal data to third parties.

If you are a California resident and wish to opt-out of any potential future data sharing, you can contact us at:

📧 Email: rgpd@ondilo.com
📍 Address: Ondilo, 162 Avenue Robert Schuman, ZA la Pile, 13760 Saint-Cannat, France

We will process your request within 30 days as required by law.

7. How We Protect Your Data

Ondilo uses state-of-the-art security measures to protect your data:

Data encryption (TLS, HTTPS) for secure transmission.
Access controls to restrict data access.
Regular security audits to detect vulnerabilities.
Anonymization for analytical data.

Our third-party service providers must comply with data protection laws and follow strict security policies.

8. Compliance with US Privacy Laws

This Privacy Policy complies with:

CCPA (California Consumer Privacy Act):
- California residents can request data access, deletion, and opt-out of personal data sharing.
COPPA (Children’s Online Privacy Protection Act):
- The Application is not intended for children under 13.
- We do not knowingly collect data from children without parental consent.
GDPR (General Data Protection Regulation):
- Applies to EU-based users and ensures strict data processing and rights.

9. Updates to This Policy

We reserve the right to update this policy due to regulatory changes or service updates.

Any changes will be accessible via the Application under “Privacy Policy.”

Contact Us
For any questions or concerns regarding this policy, please contact us at:
📧 Email: rgpd@ondilo.com
📍 Address: Ondilo, 162 Avenue Robert Schuman, ZA la Pile, 13760 Saint-Cannat, France

Shopping Cart