The personal data protection statement Nomnio IoT Platform regulates the protection of end-user personal data with Nomnio IoT Platform service.
By using Nomnio IoT Platform service, the user acknowledges that he is aware of the contents of the Personal data protection statement and agrees to its terms.
Personal data protection statement Nomnio IoT Platform is available at www.nomnio.com.
NOMNIO d.o.o., Tržaška cesta 85A, SI-2000 Maribor, Slovenia (hereinafter: provider), reserves the right to change or amend the Personal data protection statement without prior notice. Unless otherwise specified, the amended Personal data protection statement shall enter into force on the day of publication at Nomnio IoT Platform website available at www.nomnio.com.
In this statement, the terms used shall have the following meanings:
Contractual data processor is an organization or an individual, authorized by the data controller to process the users’ personal data for a specific task in accordance with the requirements of the data controller.
Data controller is the provider of Nomnio IoT Platform service.
General Terms and Conditions for using Nomnio IoT Platform service are terms and conditions of the provider and are available at Nomnio IoT Platform website www.nomnio.com.
Personal data is any data that relates to an individual, regardless of the form in which it is expressed.
Personal data processing means any operation or set of operations which is performed in connection with personal data, which is subject to automated processing or manual processing (processing means) of personal data collection or is intended for inclusion in the collection of personal data, in particular the collection, entry, editing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, communication, dissemination or otherwise making available, alignment or integration, blocking, anonymizing, erasure or destruction.
User is the end-user, i.e., customer that use Nomnio IoT Platform services.
ZVOP-1 is the Public-Private Partnership Act (OG RS, No. 94/07).
The legal basis for processing and collecting the personal data provided by the user is the user’s explicit consent. This statement specifies when the user’s explicit consent is deemed to have been provided.
Personal data of minors can be processed with their parents’ consent or the consent of their legal representatives. It is considered that the consent of the parents or legitimate representatives is provided if they, as the holders of the Nomnio IoT Platform environment, allow the minor to create a user account.
The following user data is collected and processed:
The data is processed in order to personalize the service, identify with the repairer, and to provide technical support.
The data is collected in order to personalize the service, identify with the repairer, and to provide technical support.
If the user registers with the Clausius application with their email account, the data is processed for the purpose of sign-in identification, notices on upgrades and other services performed by the provider, and for promotional emails. The users can always choose to cancel the promotional emails by clicking the link at the bottom of the promotional email or by sending a written request to terminate this feature to the official email address of the provider.
The user provides its phone number for the purpose of notices on upgrades, technical support, and other notifications via text messages or calls.
The data is collected in order to personalize the service, identify with the Repairer, and to provide technical support.
The data is collected to prevent unwanted visitors (crawlers, DDOD, etc.) and abuse. If an incorrect password for user account is entered 10 times, the IP address through which the incorrect password was entered is blocked from accessing the service. The user is informed about the blocked access via an email and can re-enable it.
The following data are collected and processed: device model, state of connectivity (online, offline), device software version, Wi-Fi network SSID, and the information about when the device was last connected (if offline).
The following data are collected and processed: all changes in status, i.e., measurements of temperature sensors, all changes in status, i.e., measurements of relays, and heating system settings.
The following data is collected and processed:
Device data from point 4.2 is processed in order to ensure the operation of Nomnio IoT Platform service, technical support, and servicing. Anonymous data are processed in order to develop and improve new and existing products and services, to provide better solutions for a more convenient and cost-efficient heating control, and for general analysis of Nomnio IoT Platform service usage.
User account registration is performed in accordance with the General Terms and Conditions for using Nomnio IoT Platform service available at Nomnio IoT Platform website www.nomnio.com.
I the account registration is performed via email or social network, the Auth0 authentication (located in the EU) by Auth0, Bellevue, Washington, United states is used.
If more than one user account is created for one Nomnio IoT Platform environment, the holder of the Nomnio IoT Platform environment (administrator) cannot be a minor.
The provider will store personal data as long as necessary to achieve the purpose for which it was collected.
Furthermore, the provider will store personal data in order to process it for historical, statistical and scientific research purposes, all in anonymized form, and shall erase them after the processing has been completed.
The user can, at any time, request an overview of its stored data or changes to stored data if they are incorrect or incomplete, and request the provider to erase them. The request to data access, modification or deletion is made by the user in the manner specified in the General Terms and Conditions for using Nomnio IoT Platform service. Upon the user’s request, the provider, as the data controller, will erase all data except for those required to be stored longer under legislation.
Without a prior notice to users, the provider may entrust individual tasks of personal data processing to a contractual data processor who is registered for performing such an activity and who provides appropriate procedures and measures for personal data protection. The contractual data processor may perform individual tasks relating to the processing of personal data within its authorizations and may not process personal data for any other purpose.
Under the provisions laid down in Article 63 ZVOP-1, the provider may supply personal data to the contractual data processors in a third country.
The user has the right to demand information on all contracted data processors from the provider. The user sends the request for information via email to firstname.lastname@example.org. The provider undertakes to process the request in the time period and manner set out by ZVOP-1.
Kelvin application is the dedicated application for repairers and support.
The data from point 3, collected by the Clausius application, will also be processed in the Kelvin application in order to provide support to the operation and use of the heating system.
Kelvin application can be accessed exclusively by the provider and its contractual processors (authorized repairers and its other authorized legal persons providing services relating to and necessary for the proper operation of Nomnio IoT Platform service for the provider).
Upon the prior consent of the user, an authorized repairer will have access to the information specified in point 3 . A prior consent for data access is deemed to have been given under the following circumstances:
The protection of personal data for Nomnio IoT Platform users is ensured in such a way that all employees and all external associates of the provider are informed with the provisions of the provider’s internal rules that regulate the field of personal data protection as well as technical and organizational procedures for securing personal data, preventing unauthorized access or disclosure of such data, maintaining the accuracy and proper use of personal data.
The personal data controller is obliged to disclose the user’s personal data to competent authorities where the latter require such disclosure on the basis of legal authorisation.
In the event of a reorganization, merger or sale of the provider or the contractual data processor, it may disclose personal data within the scope of powers it possesses to a third party for the processing of personal data.
Platform, do not hesitate to contact us at email@example.com.
The provider undertakes to answer all questions sent to the abovementioned email address within 10 working days. However, the provider is not obliged to provide an answer in the case of questions or problems explained in this statement, at Nomnio IoT Platform website www.nomnio.com in the FAQ section, or to which the provider has already provided an answer or explanation.
The legal validity of these provisions, the relationship between the provider and the user, as well as resolving possible disputes, falls under the jurisdiction of the regulations in force in the territory of the Republic of Slovenia, except insofar as the regulations governing the field of consumer protection and which apply in the country of the user provide a more comprehensive protection. All possible disputes shall be resolved by the court having jurisdiction at the place where the provider has its principal place of business.
Insofar as an individual provision of this Protection of personal data statement proves invalid, this does not affect the validity of other provisions.
The Protection of personal data statement enters into force on 10/17/2017.