This is the Privacy and Cookies Policy (“Policy”) for Snap One, LLC as well as our subsidiaries and affiliates (collectively, “we”, “us” and “our sites” or “our Devices” and note we trade as “Control4” as applicable). It is addressed to the users of our products and services (“End Users”), to our authorized independent dealers and integrators (“Dealers”) who resell our products to End Users, and to other partners from whom we may collect personal information (“Partners”). The purpose of this Policy is to explain how we collect personal information, personal data, personally identifiable information, and/or non-public personal information about you (collectively, “personal data”), why we collect it, and what we do with it.
This Policy covers the use of any of our connected devices and related applications and services (“Devices”). This includes but is not limited to the following Devices:
This Policy also covers the use of any of our connected devices and related applications (“Devices”) (including but not limited to 4Sight, Access Networks, Araknis, Control4, Episode, Luma, Visualint, Wattbox, OvrC, Dragonfly, Triad, and SunBrite).
Visit our website here for a full list of Snap One’s products and services.
This Policy also covers the use of the websites operated by us or on our behalf, including but not limited to:
We are committed to protecting and respecting your privacy.
Please read this Policy carefully before accepting and/or using our products or services to understand our views and practices regarding your personal data and how we will treat it.
By accepting and/or using our products or services, either for your own use or for resale, you acknowledge you have read and understood this Policy. If you have any questions, you can contact us using the details at the end of this Policy.
Snap One LLC or whichever of its affiliates or subsidiaries you engage with is the data controller, as this term is defined in the GDPR, the UK GDPR, or any other applicable European Economic Area data protection law (the “European Data Law”), with respect to your data we collect directly from you. We may also act as a data processor or service provider in certain circumstances, including for our Dealers that use our OvrC platform.
Information we collect about you
As a preliminary matter, we do not knowingly process sensitive personal data (called Special Category data in European Data Law) or information about children. We may collect location data if you use location dependent features, as described below, but we do not use this information for other purposes or to infer characteristics about you.
We will collect and process and may have, in the last 12 months, collected and processed the following types of personal data:
Information you give us
This is information about you that you give us directly when you interact with us.
This includes information about you that you give us by filling in forms on our sites or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our sites, register purchases with us, subscribe to our services, search for a product or an independent Dealer on our sites, place an order on our sites, report a problem with our sites, or participate in discussion boards or other social media functions, enter a competition, promotion or survey, or submit a query, on or via our sites.
The information you give us may include your name, address, e-mail address and phone number, employer, title/position/role, financial and credit card information, personal description, login and password details, and other information that alone or in combination with other information could constitute personal data.
We may also ask you to provide details of the products you use (either our products or third-party products connected to our products) such as model or serial number. We will also ask you for information about problems you report with our products or services, or about related incidents or support needs. You may not be able to configure your device until you have accepted our End User License Agreement and once you have done so we will keep a record of your acceptance.
Information we collect about you from your use of our sites
We may automatically collect information from you each time you visit our sites and/or use our mobile apps. This includes technical information and information about your visit.
Technical information may include the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Information about your visit may include the full Uniform Resource Locators (URL); clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks, and mouse-overs); methods used to browse away from the page; and any phone number used to call our customer service number or social media handle used to connect with our customer service team.
Information we receive from our products
If you use our Devices and services that connect to the internet (e.g., Control4 or OvrC) we will collect information about the extent, nature, and frequency of your usage as part of our monitoring of the Devices directly from the Devices. Through your use of our Devices we will collect:
Model and serial numbers of those products
Media Access Control (MAC) address of those products
The version and type of software collected
Names of third party services and devices with which you integrate with or to our products, potentially including usernames and passwords you input
Names you give to rooms/locations where you have connected Devices
Your general location (e.g. latitude and longitude).
Information about how you have configured our Devices
If you use our Devices and services that connect to the internet we will collect Information about how you have configured our Devices, and, if you use our networking products with our remote monitoring capability, we may collect similar identifying information, configuration information, and status information about devices you have connected to your network through our OvrC software platform.
Some Devices may also inform us of:
When, where and how you use them.
Your Device settings and alterations you make.
Third party devices you have connected to or integrated with our products.
We work closely with third parties (including, for example, service providers and / or sub-contractors in technical, hosting, payment and delivery services, advertising networks, analytics providers, and search information providers (see list here)). Our Partners (including independent Dealers that may install, service and remotely monitor and troubleshoot your Devices) should have their own privacy policies about how they use your data that they will make available to you.
Video surveillance use and storage
Privacy and video surveillance laws in your jurisdiction may apply to your use of our products and services (including Control4 Chime Video Doorbell, Clarevision, and Luma). You are solely responsible for ensuring that you comply with applicable law when you use our video enabled products or services. For example, you may need to display a notice that alerts visitors to your home that you are using our products or services. Capturing, recording or sharing video or audio content that involves other people may affect their privacy rights.
Please visit our product pages for specific information about our retention policies for video feeds that may be stored on our cloud servers through your use of the Control4 Chime Video Doorbell.
How we use your information
We use information held about you in the following ways:
Information you give to us:
We will use this information to:
Take steps in order to enter into any contract or carry out our obligations arising from any contract entered into between you and us including:
Provide you with support services, configuration services, and device maintenance that you have signed up for.
Notify you about changes to our products and services.
Provide you with information about our products or services we feel may interest you, if you have given your consent to receiving marketing material from us at the point we collected your information, where required by law or otherwise in our legitimate interests provided these interests do not override your right to object to such communications. See the section titled ‘Our promotional updates and communications’ of this Policy.
Ensure in our legitimate interests that:
Content from our sites is presented in the most effective manner for you and for your computer or device.
We provide you with the information, products and services (including support services) that you request from us.
Information we collect about you from your use of our sites and connected products and your engagement with e-mails we send you
We will use this information in our legitimate interests, where we have considered these are not overridden by your rights:
To allow you to participate in interactive features of our products or services, when you choose to do so.
• We may use the location of your device to provide location dependent features, such as to determine the sunrise/sunset times or likely temperatures, if you have configured your Devices to require such information e.g. to open blinds or turn on heating. This location information is used only to provide location dependent features. We do not use this information for other purposes or to infer any characteristics about you.
Depending upon how you configure your devices, we may use data from some Devices to trigger specific actions from other devices or to provide you notifications (e.g. automatically locking doors when alarms sound or an auto-generated message to you checking whether you meant to lock your doors or leave a window open).
To evaluate and improve our Devices, including developing new products and services, analyzing our Devices and customer base, aggregating and anonymizing data, performing data analytics, and undertaking accounting, auditing, and other internal functions.
To administer our sites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
To keep our sites safe and secure.
For measuring or understanding the effectiveness of marketing we serve to you and others, and to deliver relevant marketing to you.
To improve our sites to ensure that content is presented in the most effective manner for you and for your computer or devices.
Information we receive from other sources
We may combine this information with information you give to us and information we collect about you in our legitimate interests (where we have considered that these are not overridden by your privacy rights). We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
We may link your account or system to a specific independent Dealer of record, but will allow you to amend this information upon request.
Our promotional updates and communications
Where permitted in our legitimate interest or with your consent, we will use your personal data for marketing analysis and to provide you with promotional update communications by e-mail about our products and services.
You can object to further marketing at any time by checking and updating your contact details within your account, or selecting the “unsubscribe” link at the end of all our marketing and promotional update communications to you.
Who we give your information to
We may give your information to:
Any member of our group, which means our subsidiaries, affiliates, and our holding company and its subsidiaries, who support our processing of personal data under this policy. If any of these parties are using your information for direct marketing purposes, we will only transfer the information to them for that purpose with your consent.
Organizations that process your personal data on our behalf and in accordance with our instructions and the law (including European Data Law and California privacy laws, if applicable). This includes in supporting the services we offer through our sites in particular those providing website and data hosting services, providing fulfilment services, distributing any communications we send, supporting or updating marketing lists, facilitating feedback on our services and providing IT support services from time to time, in addition to other advisors we may have such as legal, tax, and technical advisors. We require these organizations (which may include third party suppliers, agents, sub-contractors and/or other companies in our group) to only use your information to the extent necessary to perform their service and support functions. A list of our third-party service providers or data processors that may process your personal data can be found here.
An independent Dealer authorized to sell, install, or service our products.
Analytics and search engine providers that assist us in the improvement and optimization of our site and subject to the cookie section of this policy (this will not identify you as an individual).
Payment processing providers who provide secure payment processing services.
We will disclose your personal data to third parties:
In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets subject to the terms of this Policy.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of supply and other agreements with you; or to protect the rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime (having sought your consent where we are required by law to do so).
To protect the safety of other users, employees and members of the public and their property.
If required by an audit.
We only share personal data to the extent necessary to meet a legitimate purpose. We do not sell data, including your personal data, for monetary value.
Where we store information collected in the EEA
With respect to information collected inside the UK or European Economic Area (“EEA/UK”), such data may be transferred to, and stored at, a destination outside the EEA/UK that may not be subject to equivalent European Data Law, including to the United States.
Where your information is transferred by us from within to outside the EEA/UK, we will take all steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, and that it is treated securely and in accordance with this Policy.
We may transfer your personal data outside the EEA/UK:
In order to store it.
In order to enable us to provide goods or services to you and fulfil our contract with you. This includes order fulfilment, processing of payment details, and the provision of support services.
Where we are legally required to do so.
In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.
We may transfer your personal data to the following countries and using the following safeguards outside the EEA:
United States - Transfers will be made pursuant to Standard Contractual Clauses (SCC), as approved by the European Commission and the UK’s Information Commissioner’s Office (the “ICO”).
A note on Standard Contractual Clauses
The EU-U.S. Privacy Shield Framework was invalidated by the Court of Justice of the European Union, or CJEU, in a July 2020 decision (also known as “Schrems II”). At present, there are few viable alternatives to the use of SCCs for transfers of personal information from Europe to the United States and other countries that are not the subject of an adequacy decision. We have conducted a Transfer Impact Assessment as recommended by the European Data Protection Board and the ICO and consider that all exports of personal data from the EEA/UK that we make subject to SCCs are lawful under the Schrems II criteria. Further mechanisms may be adopted following the ICO’s approval of a legal mechanism facilitating the transfers from the UK of UK-only personal data.
How we protect your information
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we take commercially reasonable efforts to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk and we will not be responsible or liable for any damages, losses or causes of action arising out of or in connection with the disclosure of your personal information. Once we have received your information, we will use commercially reasonable procedures and security features to try to prevent unauthorized access.
Our site may, from time to time, contain links to external sites. We are not responsible for the privacy policies or the content of such sites. Your use of such external sites is at your own risk.
How long we keep your information
We retain personal data for as long as you have an account with us and for a reasonable period of time thereafter in order to meet our contractual obligations to you and provide the services you’ve requested and as reasonably necessary to identify any issues and resolve any legal proceedings or as otherwise required by law. We may also retain de-identified and aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from de-identified and aggregate information retained or used for these purposes.
You have the right under certain circumstances, depending on your jurisdiction and the applicable laws:
to be provided with a copy of your personal data held by us;
to request the rectification or erasure of your personal data held by us;
to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
to object to the further processing of your personal data, including the right to object to marketing (as mentioned in ‘Our promotional updates and communications’ section’);
to request that your provided personal data be moved to a third party.
Your right to withdraw consent:
Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us. You can also change your marketing preferences at any time as described in the section titled ‘Our promotional updates and communications’.
Once we receive your request and verify your identity, we will disclose such information to you or delete the same, unless a legal exception applies. For example, we may deny your deletion request if retaining the information is necessary for us or our providers to complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
To exercise the rights described above, please submit a request to us using the information at the end of this Policy.
If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority.
Be assured, however, that we do not sell or rent your personal data to any third parties.
Region Specific Sections
a) California Privacy Disclosure
Under the California Consumer Privacy Protection Act (CCPA) and the California Privacy Rights Act (CPRA) (together “California Privacy Law”), we are required to provide California residents with details about the information we may collect, the purposes for which we collect such information, the source of that information, and the categories of third parties with whom we share that information.
To understand the categories of personal data we may have collected in the past 12 months, please see the Information We Collect About You section above. We collect personal data for business and commercial purposes described in the How We Use Your Information section above. To view the list of service providers with whom we may have shared your personal data with in the prior 12 months, please review our list of third-party service providers here.
Your California Rights
California residents have the right to request access to or deletion of their personal data. You may exercise these rights as described in the Your Rights section above, or by emailing us at DPO@SnapOne.com. California residents also have the right to request additional details about our information practices and you will not be discriminated against by us for doing so. After submitting a request to access or delete your personal data, please monitor your email address associated with your Snap One account (including Control4, OvrC, Clare Controls, etc.) for correspondence from Snap One aimed at verifying your identity before we process your request. If we receive your request from an authorized agent, we may ask for evidence that you have provided such agent with written authority to submit requests on your behalf. We may also require that you confirm your request and your identity directly with Snap One.
Snap One does not sell personal data in the traditional sense (i.e., in exchange for payment). However, California Privacy Law defines the term “sale” or “share” very broadly, including in such a way that transfers of information relating to advertising cookies could be considered a sale or share of personal data. To reiterate, Snap One does not sell any data (personal or otherwise) derived from the use of our Devices, Products and Services. However, if you are a California resident, and to the extent that the use of any of any website cookies used on our sites is considered a “sale” or “share” of personal information under California Privacy Law, then you have the right to opt-out of the sale, and will be presented with that option on our sites that may deploy such cookies.
b) EEA and UK residents
If you are a resident of the European Economic Area (EEA) or the United Kingdom, please review this additional information.
Legal Basis for Processing
When we process your personal data, we will only do so in the following situations:
We have your consent to do so. For example, we may ask your consent to send you marketing communications.
We need to use your personal data to perform our responsibilities under our contract with you (e.g., processing payments for and providing the products and services you have requested).
We have a legitimate interest in processing your personal data. For example, we may process your personal data to communicate with you about changes to our products and services, to allow our Devices to operate as advertised, and to provide, secure, improve, and ensure proper operation our products and services.
You have certain rights and protections under the law regarding the processing of your personal data. You may access, review, modify, and delete your personal data by following the instructions under Your Rights above.
Cookies and other technologies
Most web browsers automatically accept cookies and similar technologies, but if you prefer, you can change your browser to prevent automatic acceptance and your help screen or manual will tell you how to do this. We also give you information about how to disable cookies in the section titled Disabling Cookies below. However, you may not be able to take full advantage of our sites if you do so.
A number of cookies and similar technologies we use last only for the duration of your web or app session and expire when you close your browser. Others (including third party cookies) are used to remember you when you return to the site and will last for longer.
We use these cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests (where we have considered that these are not overridden by your rights), and, in some cases, where required by law, where you have consented to their use.
We use the following types of cookies:
Strictly necessary cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Social Media cookies. These cookies are set by a range of social media services that may be added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
Performance cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functional cookies. These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Targeting cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. We will use this information, subject to your choices and preferences, to make our sites more relevant to your interests. We may also share this information with third parties for this purpose.
We use Google Analytics to collect information about your use of our websites. Google Analytics collects information such as how often users visit the website, what pages users visit, and what other sites they visited prior to or after coming to the website. More information on how Google Analytics uses your data can be found at www.google.com/policies/privacy/partners. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
The effect of disabling cookies depends on which cookies you disable. However, in general, our sites may not operate properly if all cookies are switched off, most important being functional cookies.
You can find further details on how to disable cookies for your browser in your browser’s support pages.
Changes to this Policy
Any changes we make to our Policy in future will be posted on this page and will be effective upon posting.
Governing Law and Forum
Individuals in the UK or EU have the right to contact their local data protection authority at any time.
For individuals in the UK your local data protection authority is the Information Commissioners Office which can be contacted here
Individuals in the EU can find the details of their local data protection authority here
Questions, comments and requests regarding this Policy are welcomed and should be addressed to:
Snap One, LLC
Attention: Data Privacy Officer
11734 S. Election Road
Salt Lake City, UT 84020