Privacy Policy for Nest Web Sites
Note: If you use your Nest devices and services with a Google Account, then your data will be handled as described in the Google Privacy Policy and as explained in more detail in this Privacy FAQs Help Centre page. Please also read Google’s commitment to privacy in the home.
This privacy policy for Nest websites describes information that Nest Labs, Inc. and its subsidiaries and affiliates (collectively, 'Nest') collect, use, share and store, including personal information (i.e. information that personally identifies you, such as your name, email address or billing information, or other data that can be reasonably used to infer this information).
This document focuses on information related to the operation of the public websites available at nest.com and nest.com subdomains (each a 'Site'), including our online store.
We provide additional details about how we collect and use information in connection with Nest products and services in our Privacy statement for Nest products and services.
COLLECTION AND USE: Nest collects information about you through our Sites in several ways. This information is used to provide users with Nest products and services, to allow us to understand how visitors navigate our Site and to provide advertising that is relevant to your interests.
Purchase and login information: If you pre-order or purchase Nest products from our Site, we request that you provide your name, email address, billing and delivery address, credit card information and any other information necessary to complete the transaction. If you create a Nest account, your name, billing and delivery address and the last four digits of your credit card information can be stored by Nest. We do not collect or store your full credit card information. Our credit card processing service provider, CyberSource, will collect and store full payment card information from you, even as a guest user, when an order is placed until it is dispatched. If you create a Nest account and elect to have payment card information saved, CyberSource will store your payment information.
Mailing list information: You may choose to submit your email address via a submission form located on our Site or when you sign up for a Nest account. Your email address may be used to send you news about Nest-related services, surveys, products or promotions. We may use one or more service providers, including to administer these messages, but we do not share your email address with spammers or any other third parties without your permission.
Device usage information: If you visit our Site and are logged in to your Nest account, we record the IP address that you visit our Site from, and if you have a Nest device or other connected device, we record adjustments that you make to the product through the website interface. We store this data along with your email address, information about your Nest device, data collected directly by the device, a history of your device settings and any other information that we have collected about your use of Nest products and services. See our Privacy statement for Nest products and services to learn more about the usage information collected through our products.
Online tracking and your choices:
Website use information: Like many websites, we and our third-party partners analyse log file information and other data collected through cookies, web beacons and other tracking technology to collect information about your browsing behaviour when you visit our Site, including for example your browser type, domains, page views, IP address, referring/exit pages, information about how you interact with our Site’s web pages and with third-party links, traffic and usage trends on the service, etc. We use session cookies to keep you logged in while you use features of our Site; these disappear after you close your browser. We also use persistent cookies, which stay in your browser and allow us to recognise you when you return to the Site. We use this to remember your information so that you will not have to re-enter it to better understand how you use our website and products and services, to diagnose and fix technology problems and otherwise enhance our Site, products and services. In some of our email messages, we use a 'click-through URL' linked to content on the Site. We track this click-through data to help us measure the effectiveness of our customer communications. We also use third-party analytics tools (including Google Analytics) to assist us with analysing and improving our service. Most Internet browsers automatically accept cookies, but you may be able to change the settings of your browser to stop accepting cookies or to prompt you before accepting a cookie from the websites that you visit. If you set your browser to reject cookies, parts of our Site may not work for you. Please note, depending on your type of device or browser, it may not be possible to delete or disable all tracking mechanisms on your device.
- Your selection of the 'Do Not Track' option provided by your browser may not have any effect on our collection of cookie information for analytic and internal purposes. The only way to completely 'opt out' of the collection of any information through cookies or other tracking technology is to actively manage the settings on your browser or mobile device to delete and disable cookies and other tracking/recording tools. (To learn more about cookies, clear gifs/web beacons and related technologies, you may wish to visit allaboutcookies.org).
- We permit third-party advertising partners to use cookies and other technology to collect information about your browsing activities over time and across different websites when you use our Site. For example, we use advertising services provided by third-party ad partners, such as Google Display Network and AdRoll, to market our services to you on other websites and online services. Through a process called 'Retargeting', each service places a cookie on your browser when you visit our Site so that they can identify you and serve you ads on other sites around the web based on your browsing activity. To avoid use of this information for advertising by these third-party ad partners, you can change your browser settings to reject cookies or to notify you when cookies are set and you could select the Do Not Track option on your browser, though we have no control over and cannot confirm whether these third-party ad parties honour the Do Not Track browser signal. Additionally, many advertising companies are members of the NAI or DAA and/or provide opt outs on those industry pages at networkadvertising.org/choices or aboutads.info/choices.
Third-party sites and features: Our Site may contain links to other websites operated by third parties and may include social media features such as Facebook and Twitter buttons (such as 'Like', 'Tweet' or 'Pin'). These third-party sites may collect information about you if you click on a link and the social media sites may automatically record information about your browsing behaviour every time that you visit a site that has a social media button. Your interactions with these features are governed by the privacy policy of the company providing the feature, not by our privacy policy. We do not control what information these third parties collect. Please review your privacy settings on your social media sites and think carefully before clicking on links that may take you to a third-party website.
Minors: Our Site does not knowingly collect or store any personal information about children under the age of 13.
DATA SHARING: Under no circumstance do we share personal information for any commercial or marketing purpose unrelated to the delivery of Nest products and services without asking you first. Full stop. We do not rent or sell our customer lists.
The following are the limited situations where we may share personal information:
- With your permission: We may share personal information when we have your permission. One example of this would be if you sign up for programmes offered by our partners (e.g. energy or insurance companies). If you do this, we may share certain information with the partner. This could include things like your enrolment information and the activation status of your device. If you connect third-party devices and services to your Nest products through the 'Works with Nest' programme, you are shown information about any proposed exchange of data. Nest will request your consent to these exchanges on your behalf and you can change your mind at any time. When you use third-party services integrated with the Nest products, their own terms and privacy policies will govern those services.
- For external processing: We have vendors, service providers and technicians who help with some of our processing and storage, including helping to answer your questions. They may also assist with monitoring our servers for technical problems.These technicians (as well as Nest employees) can access certain information about you or your account in line with this work, but they are not allowed to use this data for non-Nest purposes. We also have strict policies and technical barriers in place to prevent unauthorised employee access to video data.
- As part of business transitions: Upon the sale or transfer of the company and/or all or part of its assets, your personal information may be among the items sold or transferred. We will request a purchaser to treat our data under the privacy statement in place at the time of its collection.
- For legal reasons: We may provide information to a third party if we believe in good faith that we are required to do so for legal reasons. For example, to respond to legal process or to comply with state and federal laws (or the applicable laws of foreign countries other than the United States).
We may share non-personal information (for example, aggregated or anonymised customer data) publicly and with our partners. For example, we may publish trends about energy use or elevated carbon monoxide levels in the home. This information may also be shared with other users to help them better understand their energy usage compared to others in the Nest community, raise awareness about safety issues or help us generally improve our system. We may also share non-personal information with our partners, for example, if they are interested in providing demand-response services or other incentive programmes. We take steps to keep this non-personal information from being associated with you and we require our partners to do the same.
Your personal information may be collected, processed and stored by Nest or its service providers in the United States and other countries outside the European Union where our servers reside. As a result, your personal information may be subject to legal requirements, including lawful requirements to disclose personal information to government authorities, in these jurisdictions.
SECURITY: Nest takes security seriously and cares about the integrity of your personal information. We use commercially reasonable physical, administrative and technological methods to transmit and store your data securely. However, Nest cannot guarantee that unauthorised third parties will never be able to defeat our security measures or use your personal information for improper purposes. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
RETENTION: Nest generally stores your personal information on Nest’s servers until you delete or edit it, or for as long as you remain a Nest customer in order to provide you with Nest products. In addition, Nest may store your personal information to resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements and comply with applicable laws. Learn more about our data retention practices here.
INTERNATIONAL VISITORS AND DATA TRANSFERS
International visitors: The Nest website is hosted in the United States and is intended for United States and Canadian visitors as well as visitors from the United Kingdom, Ireland, France, Belgium, Germany, Austria, Italy, Spain and the Netherlands. If you are accessing the site from the European Union or other regions with laws governing data collection and use that may differ from US law, then please note that you are transferring your personal data to the United States and by providing your personal data, you agree to that transfer.
International data transfers: When we transfer personal data from the European Economic Area ('EEA'), Switzerland or the United Kingdom ('UK') to other countries, including to the United States, we use a variety of legal mechanisms to help ensure that your data is appropriately protected. Nest Labs, Inc. complies with the EU-US Data Privacy Framework ('EU-US DPF'), the UK Extension to the EU-US DPF and the Swiss–US Data Privacy Framework ('Swiss-US DPF') (collectively, the 'Data Privacy Framework' or 'DPF') regarding the collection, use, sharing and retention of personal information received in the US from the EEA, Switzerland or UK in reliance on the DPF. Nest has certified to the Department of Commerce that it adheres to the principles contained in the DPF (the 'Principles'). To learn more about the DPF certification programme and to view our certification, please visit the Data Privacy Framework website.
As part of our participation in the DPF, if you have an enquiry regarding our privacy practices in relation to our DPF certification, we encourage you to contact us at privacy@nestlabs.com. You may also refer a complaint to your local data protection authority and we will work with them to resolve your concern. In certain circumstances, the Data Privacy Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the DPF principles. Nest is subject to the investigatory and enforcement powers of the US Federal Trade Commission ('FTC').
Nest remains responsible for any of your personal information that is shared under the accountability for onward transfer principle with third parties for external processing performed on our behalf, as described in the 'Data sharing' section.
We may share, as described in this privacy policy, information with our affiliates and subsidiaries and third parties. We may disclose information in response to legal process and lawful requests by public authorities in the United States and other countries for the purposes of law enforcement and national security.
Individual rights in the European Economic Area: If you are located in the European Economic Area, you may seek confirmation regarding whether Nest is processing personal information about you, request access to your personal information and ask that we correct, amend or delete your personal information. In addition, you may object to Nest’s processing of your personal information at any time. However, doing so may impact your use of the Nest products and services.
Applicable law may provide you with the right to request access to, (receive) port, object to or restrict processing, seek rectification or request erasure of personal information held about you by Nest. To protect your privacy, Nest will take commercially reasonable steps to verify your identity before granting access to or making any changes to your personal information.
California requirements
If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures and the tools described in this policy so that you can exercise your rights to receive information about our data practices as well as to request access to and deletion of your information. These tools allow you to review, update and delete your information, as well as export and download a copy of it. You can also read more about Nest’s data retention periods and the process that we follow to delete your information.
Nest does not sell your personal information. We share your information as described in this policy. Nest processes your information for the purposes described in this policy, which include 'business purposes' under the CCPA. These purposes include:
- offering and improving Nest products and services
- developing new products and features
- understanding how people use our products and services
- performing research that improves our services for our users and benefits the public
- protecting against harm to the rights, property and safety of Nest, our users and the public
- detecting, preventing or otherwise addressing fraud, abuse, security or technical issues with our services
- maintaining and improving the integrity of our computing systems and protecting our users’ data security
- using service providers to perform services on our behalf, in compliance with our privacy policies and other appropriate confidentiality and security measures
If you have additional questions or requests related to your rights under the CCPA, you can contact us as explained below.
CHANGES TO PRIVACY POLICY:
Please note that this privacy policy may change from time to time. We will provide notice of any changes on the website or by contacting you.
CONTACT:
For users in the United States and other countries outside of the European Economic Area: Nest Labs, Inc. 3400 Hillview Ave, Palo Alto, CA 94304 USA
For users in the European Economic Area: Nest Labs (Europe) Limited Gordon House, Barrow Street, Dublin, 4 Ireland
For users in the United Kingdom: Google UK Ltd Belgrave House, 76 Buckingham Palace Road, London, SW1W 9TQ United Kingdom
If you have any questions or requests about your personal data, please contact us at privacy@nestlabs.com or Nest Support.
Last updated: [1 September 2023]