• If you are a user of the Tuya App, the Service provider is Tuya Smart Inc.
• If you are a user of the SmartLife App, the Service provider is Volcano Technology Limited.

• Tuya Customer Service Department: 1-844-672-5646 or service@tuya.com
• Tuya Privacy Office: privacy@tuya.com

• Volcano Customer Service Department: 1-844-672-5646 or dpo@volcano-smart.com
• Volcano Privacy Office: dpo@volcano-smart.com

Definitions

What Personal Data Do We Collect?

1) Information You Voluntarily Provide to Us

• Login Information: When you log in, we collect your nickname, user account, home name, language preferences, and time zone information.
• Smart Conversation: We provide conversational and interactive services based on generative artificial intelligence model technology. You can send us text and other content through the dialogue box, and we will automatically receive this information to provide you with conversational services. When you use the search service, we will automatically receive the information you actively enter and automatically provide you with real-time search results. Some search results may be related to your location (such as weather inquiries). To display these search results, we will collect your geographic location information (i.e., the home location information you set in the app).
• If you wish to opt out of this information collection, you can contact us as described in Section 10 of this agreement.
• We promise that the content you enter will not be used for model training.
• You can also provide feedback on the content we output, such as liking, disliking, and copying. We will continuously improve our service quality based on your feedback on the product.
• If the chat information or other content you enter contains the personal information of others, please ensure that you obtain their legal authorization before providing this information to avoid improper disclosure of their information.
• You can view and learn more about the basic principles, purposes, and main operating mechanisms of the model technology used by "Hey Tuya" here:
  • Basic Algorithm Principles: Hey Tuya provides intelligent dialogue services based on generative AI algorithms. Users can communicate with Hey Tuya via text or voice . The system uses natural language understanding and generation models to identify user intent based on user input, question type (e.g., IoT device control, function usage, etc.) and knowledge base information, generating appropriate text or voice responses to achieve a natural, multi-turn intelligent dialogue experience.
  • Algorithm Operation Mechanism: Hey Tuya identifies user intent and generates corresponding answers by integrating third-party large language models. The system has a built-in content security and compliance detection mechanism that filters and reviews the generated results in real time to prevent the output of illegal, harmful, or misleading content.
  • Algorithm Application Scenarios: Hey Tuya provides users with services such as device control guidance, function consultation, and problem diagnosis. Through natural language interaction, users can quickly obtain product usage assistance and scenario-based suggestions. The system is not used for automated decision-making or legally binding actions; AI output is only for auxiliary information.
  • Algorithm Purpose and Design Intent: Hey Tuya aims to provide users with functions such as home device control, data analysis, and Q&A chat. Hey Tuya adheres to the principles of "human-centered, transparent and controllable, and responsible AI," providing human support or review channels when necessary to ensure that AI output does not individually affect user rights or decision-making results.

2) Information We Collect Automatically

• Service Log Information: When you use the services provided by Tuya.ai, in order to provide you with a better user experience and improve and optimize our services, system and error logs will be uploaded for analysis. This includes your IP address, preferred language, operating system version, access date or time, and usage information, so that we can accurately identify problems and help you resolve issues during your use of the service.

Purposes and Legal Basis for Processing Personal Data

• To provide you with services: We process your account information, usage information, and location information to provide the services you request. The legal basis for this processing is the performance of our contract with you under our Tuya.AI Service Agreement.
• To improve our services: We process your usage information to ensure the functionality and security of our services, develop and improve our products and services, analyze our operational efficiency, and prevent and track fraudulent or improper use. The legal basis for this processing is the performance of our contract with you under our Tuya.AI Service Agreement.
• Non-marketing communications: We process your personal information to send you important information related to services, changes to terms/conditions and policies, and/or other administrative information. We will also send you notifications for alert services. You can manage whether you wish to receive such communications by checking the [Message Push] settings in the Tuya/SmartLife APP (Me > Message Center > Setting > Notification Setting). When you choose to turn off push notifications, we will no longer send you such information. The legal basis for this processing is the performance of our contract with you under our Tuya.AI Service Agreement.
• Compliance: We process your personal information only when required by law to disclose information, or when we believe it is necessary or appropriate to:
• (a) comply with applicable laws and regulations, legal processes, or requests from public and governmental authorities;
• (b) enforce our terms of use and other agreements, policies, or standards, including investigating any potential violations;
• (c) protect the rights, privacy, safety, or property of ourselves and/or other users, including you;
• (d) and seek available remedies, prevent, mitigate, or limit damages we may need to provide, or resolve security, fraud, or technical issues.

Who do We Share Personal Data with?

• To our third-party service providers who perform certain business-related functions for us, such as website hosting, data analysis, infrastructure provision, IT services, notification pushing services and other similar services to enable them to provide services to us.
• To subsidiaries or affiliates within our corporate family for purpose of regular business activities based on our instructions and in compliance with applicable law, this Policy and other appropriate confidentiality and security measures.
• To an affiliate or other third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including without limitation in connection with any bankruptcy or similar proceedings). In such an event, you will be notified via email and/or a prominent notice on our website of any change in ownership, and choices you may have regarding your Personal Data.
• As we believe in good faith that access to, or use, preservation, or disclosure of the information is reasonably necessary or appropriate to:
• (a)Comply with applicable law, regulation, legal process, or lawful governmental request;
• (b)Enforce our User Agreement and other agreements, policies, and standards, including investigation of any potential violation thereof;
• (c) Protect our operation and business systems;
• (d)Protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law; or
• (e)Perform risk management, screening and checks for unlawful, fraudulent, deceptive or malicious activities.

Cookies and similar tracking technologies

Data Transfer

Data Subject Rights

• Via the “Me > Settings > Account and Security” or via “Me > HelpCenter” in the Tuya/SmartLife APP;
• By emailing us at 【For Tuya App Users: privacy@tuya.com； For SmartLife App Users: dpo@volcano-smart.com】;

• Request access to the Personal Data that we process about you: "Me-Setting-Privacy Settings-Personal Data Export";
• Request that we correct inaccurate or incomplete Personal Data about you: 1) Modify your account number (email address or phone number): "Me-Setting-Account and Security-Change your Account"; 2) Modify the nickname and/or time zone: "Me-Personal Information";
• Request deletion of Personal Data about you: "Me-Setting-Account and Security-Delete Account", when you confirm the deletion of your account, your Personal Data will be deleted accordingly.
• Request restrictions, temporarily or permanently, on our processing of some or all Personal Data about you: Please send over your request through "Help Center", or submit the request via email;
• Request transfer of Personal Data to you or a third party where we process the data based on your consent or a contract with you, and where our processing is automated: Please send over your request through "Help Center", or submit the request via email;
• Right of Data Portability: Request to have Personal Data provided to you so that you can provide or “port” them to another provider, by sending the request via email.
• Request of Withdrawal of Consent:You have the right to withdraw or object to our use and processing of your Personal Data, where such use and processing is based on your consent or our legitimate interests. Please kindly check the following instructions detailed in the section below for details:
  • 1)For privacy permissions acquired through device system settings, your consent can be withdrawn by changing device permissions, including location, camera, photo album (picture library/video library), microphone, Bluetooth settings, notification settings and other related functions;
  • 2)You may opt-out the non-marketing communication through “Me > Message Center > Notification Settings” to manage your selection;
  • 3)You may opt-out the data analysis features through “Me > Settings > Privacy Settings”;
  • 4)You may opt-out the Personalization feature through “Me > Settings > Privacy Settings > Personalization”;
  • 5)Unbind the Smart Device through the App, and the information related to the Smart Device will not be collected;
  • 6)By using product with the Try Now mode, and not enable certain location setting for particular smart scene, we will not collect any Personal Data about you;
  • 7)If you previously agreed to associate Tuya account with a third-party service, such as a health platform, please unbind it on the third-party platform.

• Deletion of the Account: You can find the Delete function through “Me > Settings > Account and Security > Delete Account” (Deactivate Account).
• Right to Object: the right, at any time, to object to us processing your personal data on grounds relating to your particular situation;the right to object to your personal data being processed for direct marketing purposes.

Security Measures

• As for device access, we proprietary algorithms are employed to ensure data isolation, access authentication, applying for authorization.
• As for data communication, communication using security algorithms and transmission encryption protocols and commercial level information encryption transmission based on dynamic keys are supported.
• As for data processing, strict data filtering and validation and complete data audit are applied. As for data storage, all confidential information of users will be safely encrypted for storage. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), you could immediately notify us of the problem by using the contact information provided in this Policy.
• As for data storage, all confidential information of users will be securely encrypted for storage.

Data Retention

• The period of time during which an ongoing relationship with you is retained and Smart Devices and/or our Services are provided to you (also see the Tuya.AI Service Agreement. For instance, your Personal Data is retained for as long as your account with us remains valid or you keep using the Smart Devices and/or our Services;
• Whether we have a legal obligation to keep your Personal Data; or
• Whether retention is advisable in light of our legal position (such as in regard to the enforcement of our agreements, the resolution of disputes, and applicable statutes of limitations, litigation, or regulatory investigation).The following chart shows the details of different scenarios:

Dispute Resolution

Children’s Privacy

Your California Privacy Rights

Changes to this Policy

Contact Us

• Tuya Smart Inc.
• Postal Mailing Address: 333 West San Carlos Street Suite 600 San Jose, CA 95110
• Email: privacy@tuya.com.

• Volcano Technology Limited
• Postal Mailing Address: Suite 603, 6/F Laws Commercial Plaza, 788 Cheung Sea Wan Road, Kowloon, Hong Kong
• Email: dpo@volcano-smart.com

If you are in India: