PRIVACY POLICY FOR USERS OF AIR STAGE CLOUD AND AIRSTAGE CLOUD LIGHT

Last updated: August, 2022

This Privacy Policy (the “Privacy Policy”) describes how Fujitsu General Limited and its affiliates listed in Section 12 below (“we”, “us”, “our”, “FGL”) collect and process your Personal Information (as defined in Section 2 below) when you use:

  • The AIRSTAGE Cloud Account Manager application (“ACAM”), the AIRSTAGE Edge Controller (“ASEC”) and the AIRSTAGE Cloud web application (“ASC Web App”) (ACAM, ASEC and the ASC Web App together “ASC”); and
  • The AIRSTAGE Cloud Light mobile application (the “ASCL Mobile App”) and the AIRSTAGE Cloud Light management web application (the “ASCL Management Web App”) (the ASCL Mobile App and the ASCL Management Web App together “ASCL”), (together the “Platforms”) for our heating, ventilation and air conditioning units (“HVAC Units”).

For more information about the Platforms’ functionalities, please consult your copy of the user guide, available below.

1. WHICH USERS ARE COVERED BY THIS PRIVACY POLICY

There are various user types that can use the Platforms and HVAC Units, depending on the individual or entity contracting with FGL for the use of the Platforms (the “Customer”) and the relevant Platform. This Privacy Policy covers the processing of Personal Information (as defined in Section 2 and 3 below) of the following users:

For ACAM:

  • Head user (i.e., the Customer)

For the ASC Web App and ASEC, as designated by the head user:

  • Admin account (can create and manage ASC user accounts)
  • Technician account (can control HVAC Units, including scheduling of heating/cooling)
  • Client user (can access basic functionalities for the HVAC Units)

For the ASCL Management Web App:

  • Admin account (typically a senior employee of the Customer who can create and manage ASCL user accounts)
  • Member account (other Customer employees who can support the admin account)

For the ASCL Mobile App:

  • End user account (an individual who can directly operate the HVAC Unit via the ASCL Mobile App)

2. WHAT INFORMATION WE COLLECT THROUGH ASC

“Personal Information” is information that identifies you as an individual or relates to an identifiable individual.

We collect the following Personal Information through ASC:

The ASC User Data that comprise the following types of information about the relevant ASC user and ACAM user:

  • Name and user type (e.g., contractor, employee, or resident);
  • Telephone number (work or personal), including emergency contact phone number;
  • e-mail address (work or personal);
  • User name and password for logging into ASC;
  • Account creation date;
  • Preferred language;
  • Region;
  • User photo (if the user chooses to provide it); and
  • In the case of ASC head users only, the name and address of the ASC head user’s company.
  • The relevant ASC user’s IP address when accessing ASC.

If/When] ASC User Data are connected to other data, as listed below, the following data may also be treated as Personal Information and may be subject to this Privacy Policy:

The ASC HVAC Data that comprise:

  • Control value of the HVAC Unit (e.g., whether it is on or off, temperature setting, whether on heating or cooling, and timer settings);
  • Status value of the HVAC Unit (e.g., thermostat temperature, compressor/fan speed, and expansion valve opening status);
  • Data regarding ASEC (e.g., name of model, serial number, cloud connection mode, IP address, and MAC address).
  • If the Wireless Lan adapter (“WLA”) of an HVAC Unit is detected by ASEC when it is registered with ASC, data regarding the WLA (e.g., the name, DHCP, IP address, MAC address, and SSID of the WLA adapter model);
  • Error data, such as abnormalities regarding the HVAC Unit;
  • Product data regarding the outdoor and/or indoor HVAC Units, in particular the model name of the relevant HVAC Units and the function of the HVAC Units (e.g., the presence or absence of a wind vane, the number of levels of movement the vane has, and the levels of wind speed);
  • GPS coordinates of the outdoor HVAC Unit (if the user chooses to provide them); and
  • Data regarding third party devices (e.g., third party ventilators), connected to the ASEC (e.g., the device type, whether it is on or off, the operating mode, the outdoor and indoor temperature, fan speed, air volume, ventilation volume, CO2 content, and timer information).

The ASC Property Data that comprise:

  • Information about the owner of the property where the HVAC Unit is located (where the property owner is a company): The company name, address, phone number, logo/photo, GPS coordinates of the property (if the user chooses to provide them), and website URL;
  • Area of the property (state/city): The operation of HVAC Units is influenced by external conditions specific to the region (e.g., weather conditions, such as outside temperature, and structure of the house);
  • Quantity of properties;
  • Quantity of outdoor and/or indoor HVAC Units and the quantity of devices connected to the ASEC;
  • Quantity of WLAs and quantity of ASECs;
  • Serial number of the relevant ASEC; and
  • Address of the property (commercial building or private residence) where the HVAC Units will be installed and ASEC is placed.

3. WHAT INFORMATION WE COLLECT THROUGH ASCL

We collect the following Personal Information through the ASCL Platform:

The ASCL User Data comprise the same categories of information as the ASC User Data, in addition to user ID for the relevant ASCL user, which associates that user with the relevant WLA.

For ASCL Mobile App users only, the following is also collected as part of the ASCL User Data:

  • The number of HVAC Units registered by the ASCL Mobile App user;
  • The OS version of the ASCL Mobile App user’s mobile device;
  • Last log-in date on the ASCL Mobile App; and
  • The ASCL Mobile App account creation date.

If/When ASCL User Data are connected to other data, as noted below, the following data may also be treated as Personal Information and may be subject to this Privacy Policy:

The ASCL HVAC Data comprise the same categories of information as ASC HVAC Data (apart from information about third party devices and the ASEC’s MAC address, which are not collected). In addition to this, ASCL HVAC Data include the HVAC Unit’s nickname (e.g., “Dining”), model name, firmware version, connection status, registration date, date of last connection, on/off mode, time zone, and strength of signal.

The ASCL Property Data that comprise:

  • Quantity of outdoor and/or indoor HVAC Units; and
  • Quantity of WLAs.

HOW WE COLLECT PERSONAL INFORMATION

We and our service providers collect Personal Information through the Platforms, for example, when you input Personal Information directly onto the Platforms, when we collect Personal Information using cookies and similar technologies, or when we collect Personal Information directly from the HVAC Units.

We need to collect Personal Information to provide the requested services on the Platforms to you. If you do not provide the information requested, we may not be able to provide the services.

PERSONAL INFORMATION OF OTHER PEOPLE

If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Platforms, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

Cookies

Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the Platforms, pages visited, language preferences, and other traffic data. We and our service providers use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Platforms in order to continually improve its design and functionality, understand how they are used, and assist us with resolving questions regarding them. We do not currently respond to do-not-track signals. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also wish to refer to https://www.allaboutcookies.org/manage-cookies/.

https://www.allaboutcookies.org/manage-cookies/

If, however, you do not accept cookies, you may experience some inconvenience in your use of the Platforms.

Pixel tags and other similar technologies

Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Platforms, measure the success of our marketing campaigns, and compile statistics about usage of the Platforms and response rates.

ANONYMIZED INFORMATION

We also use anonymized and/or aggregated information (such as how many individuals in general use the Platforms) (“Anonymized Information”). Such information on its own does not identify you, so it does not qualify as Personal Information, unless otherwise provided by applicable law. We will not re-identify, or attempt to re-identify, such Anonymized Information. We use or disclose Anonymized Information for any purpose, in accordance with applicable law. This Privacy Policy does not apply to such Anonymized Information.

SENSITIVE PERSONAL INFORMATION

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Platforms or otherwise to us.

4. HOW WE USE INFORMATION

We use your Personal Information for the following purposes:

Providing the functionality of the Platforms and fulfilling your requests.

  • To provide the Platforms functionality to you, such as arranging access to your account and allowing you to control and monitor HVAC Units through the Platforms.
  • To allow you to create accounts for other users reporting to you, manage those users’ status and enlist those users to perform tasks on your behalf.
  • To allow certain parties authorized by FGL to carry out certain installation, maintenance, operation, diagnosis, and repair services for the HVAC Units via the Platforms.
  • To send administrative information to you, such as changes to the Platforms’ terms, conditions, and information about updates to the Platforms.
  • To respond to your inquiries about problems relating to the Platforms or the relevant HVAC Unit and provide installation and maintenance support by FGL.
  • To identify the causes of cloud system downtime and failures when they occur.
  • To manage customer complaints and other issues.

We will engage in these activities to manage our contractual relationship with you, and/or to take steps at your request prior to entering into a contract, and/or to comply with a legal obligation.

Aggregating and/or anonymizing Personal Information.

  • We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.

We will engage in this activity with your consent or where we have a legitimate interest.

Accomplishing our business purposes.

  • For data analysis, for example, to (i) propose better operation methods to a specific customer (e.g., to save energy or improve reliability of the equipment), (ii) understand usage trends of a specific customer so automation of certain functions can be proposed to that customer, (iii) propose ways in which the HVAC Units can be optimally maintained (e.g., preventative maintenance and failure prediction), (iv) understand what type of, and how many, HVAC Units are connected in your property, or (v) provide effective insight into the behavior and use of the HVAC Units.
  • For enhancing, improving, repairing, maintaining, or modifying the Platforms and underlying services, as well as undertaking quality and safety assurance measures (including fixing bugs and errors within the Platforms) to ensure the Platforms provide a certain level of service to our customers.
  • For identifying usage trends, including, understanding which services or features of the Platforms are of most interest to our customers and the Platform users.
  • For operating and expanding FGL’s business activities, including, understanding which parts of the Platforms and underlying services are of most interest to our customers so we can focus our energies on meeting their interests.
  • For determining the effectiveness of FGL’s promotional campaigns, so that FGL can adapt its campaigns to the needs and interests of its end-users.
  • For audits, to verify that FGL’s internal processes function as intended and to address legal, regulatory, or contractual requirements.
  • For fraud prevention and fraud security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or based on our legitimate interest.

5. HOW WE DISCLOSE INFORMATION

We disclose Personal Information about you:

  • To the entities directly or indirectly controlling, controlled by or under common control with FGL (“Affiliates”) (listed in Section 12) for the purposes described in this Privacy Policy.
  • To our service providers who provide services such as data analytics, information technology and related infrastructure provision, platform hosting/maintenance/troubleshooting, customer service, product development, auditing, advisory and other services.
  • To additional recipients, as agreed by you and us.
  • To a third party in the event of reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our, or any of our Affiliates’, business, assets or stock (including in connection with any bankruptcy or similar proceedings).

We also use or disclose Personal Information, as necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our Terms of Service; (e) to protect our operations or those of any of our Affiliates; (f) to protect our rights, property or safety, and/or that of our users, you, our or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

6. SECURITY AND RETENTION

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with Section 12 below (“How Can You Contact Us?”).

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Platforms to you (for example, for as long as you have an account with us or keep using the Platforms);
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

7. YOUR PRIVACY RIGHTS

If you would like to request to access, update, correct, suppress, restrict, or delete your Personal Information provided to us, object to the processing of your Personal Information, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you can do this by emailing or writing to us as detailed in Section 12 below (“How Can You Contact Us?”). We will respond to your request consistent with applicable law.

In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may only implement requests with respect to the Personal Information associated with the particular e-mail address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion).

ADDITIONAL INFORMATION REGARDING THE EEA: You may also lodge a complaint with a data protection authority for your country or region where you have your habitual residence or place of work, or where an alleged infringement of applicable data protection law occurs. A list of the EEA data protection authorities is available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.html.

https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.html

8. CROSS BORDER TRANSFERS

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Platforms you understand that your information will be transferred to countries outside of your country of residence, including the United States and Japan, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

ADDITIONAL INFORMATION REGARDING THE EEA: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en/).

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en/

For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with Section 12 below (“How Can You Contact Us?”).

9. THIRD PARTY SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Platforms link. The inclusion of a link on the Platforms does not imply endorsement of the linked site or service by us or by our Affiliates.

In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as, Google, IFTTT, Amazon, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with the Platforms.

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en/

For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with Section 12 below (“How Can You Contact Us?”).

In addition, we are not responsible for processing of third parties that may have access to some information and act as independent controllers in certain situations, such as owners of the property where your HVAC Unit is located or property management companies in charge of the property where your HVAC Unit is located.

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en/

For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with Section 12 below (“How Can You Contact Us?”).

10. USE OF PLATFORMS BY MINORS

The Platforms are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.

11. UPDATES

We may make changes to this Privacy Policy at any time, so please review it periodically. We will update the effective date of the Privacy Policy at the time a change is made. The “Last Updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Platforms.

12. HOW CAN YOU CONTACT US?

FGL and the local Affiliates (included in the list below) are responsible for Personal Information used under this Privacy Policy. If you have any questions or complaints about this Privacy Policy, or how we process your Personal Information, please contact us at the contact details, relevant to where you are based, in the list below.

Your Residence FGL Affiliate Contact Information
United States of America, Anguilla, Aruba, Cayman Islands, Dominica, Turks and Caicos Islands, Mexico, Bahamas, Barbados, Canada, Costa Rica, El Salvador, Grenada, Guatemala, Honduras, Jamaica, Nicaragua, Panama, Puerto Rico, Saint Martin, Trinidad and Tobago, U.S. Virgin Islands Fujitsu General America, Inc. E-MAIL: hvac@fujitsugeneral.com
ADDRESS: 340 Changebridge Road, Building 200, Suite 300, Pine Brook, NJ 07058, U.S.A
TEL: +1-888-888-3424

13. ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS

Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), we are providing the following additional details regarding the categories of Personal Information that we collect, use, and disclose about California residents.

Sources of Personal Information

We collect Personal Information from our interactions with you, for example, when you utilize the Platform or otherwise interact with us, and we collect Personal Information directly from the HVAC Units.

Categories of Personal Information Collected and Disclosed

The following chart details which categories of Personal Information about California residents we may collect, as well as which categories of Personal Information we have collected and disclosed for our operational business purposes in the preceding 12 months.

Categories of Personal Information Disclosed to Which Categories of Third Parties for Operational Business Purposes
Personal information, as defined in the California customer records law, such as name and contact information Affiliates, third-party service providers, and legal authorities
Characteristics of protected classifications under California or federal law, such as primary language Affiliates, third-party service providers, and legal authorities
Commercial information, such as transaction information and payment history Affiliates, third-party service providers, and legal authorities
Internet or network activity information, such as browsing history, search history, and interactions with our online services Affiliates, third-party service providers, and legal authorities
Audio, electronic, visual, and similar information Affiliates, third-party service providers, and legal authorities
Professional or employment-related information Affiliates, third-party service providers, and legal authorities
Geolocation data, such as GPS coordinates of a property or outdoor HVAC Unit, if the user chooses to provide them, and approximate location derived from IP address Affiliates, third-party service providers, and legal authorities

Use of Personal Information

We use these categories of Personal Information for the purposes of operating, managing, and maintaining our business, providing our products and services, and accomplishing our business purposes and objectives, including using Personal Information to:

  • Fulfill your requests and respond to your inquiries;
  • Develop, improve, repair, provide and maintain our products and services;
  • Personalize, advertise, and market our products and services;
  • Conduct research, analytics, data analysis, data aggregation, and data anonymization;
  • Maintain our property and our records, and undertake quality and safety assurance measures;
  • Conduct risk and security control and monitoring, and detect and prevent fraud;
  • Perform identity verification, accounting, audit, and other internal functions, such as internal investigations and record-keeping;
  • Carry out corporate transactions, such as mergers, joint ventures or acquisitions; and
  • Comply with law, legal process, and internal policies, and exercise and defend legal claims.

Under the CCPA, if a business sells Personal Information, it must allow California residents to opt out of the sale of their Personal Information. However, we do not sell and have not sold Personal Information, as “sale” is defined in the CCPA. For example, and without limiting the foregoing, we do not sell the Personal Information of minors under 16 years of age.

Individual Rights and Requests

If you are a California resident, you may request that we :

Disclose to you the following information covering the 12 months preceding your request :

  • The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
  • The specific pieces of Personal Information we collected about you;
  • The business or commercial purpose for collecting Personal Information about you; and
  • The categories of Personal Information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such Personal Information.

Delete Personal Information we collected from you.

To make a request for the disclosures or deletion described above, please contact us at https://www.fujitsu-general.com/global/contact/privacy.html, or +1-888-888-3424. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as telephone number and e-mail address, in order to verify your identity and protect against fraudulent requests. If you make a deletion request, we may ask you to verify your request before we delete your Personal Information.

You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

Authorized Agents

If you want to make a request as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable, proof concerning your status as an authorized agent, which also may include :

  • Proof of your registration with the California Secretary of State to conduct business in California; and / or
  • A power of attorney from the California resident pursuant to Probate Code sections 4121 - 4130.

If you are making a request on behalf of a California resident and have not provided us with a power of attorney from the resident pursuant to Probate Code sections 4121-4130, we may also require the resident to:

  • Verify the resident’s own identity directly with us; or
  • Directly confirm with us that the resident provided you permission to submit the request.