- Plume Legal
- Terms of Service for Plume Services
- HomePass Service Terms
- WorkPass Service Terms
- HomePass Membership and Cloud Services Agreement
- WorkPass Membership and Cloud Services Agreement
- WorkPass Guest Wi-Fi Terms
- Uprise Service Terms
- Plume Product Descriptions for Trials
- Service Level Agreement
- Terms of Sale
- End User License Agreement
- Business Code of Conduct
- Sustainability Policy
- Global Anti-Corruption Policy
- Global Trade Compliance Policy
- Accessibility Statement
- Acceptable Use Policy
- Privacy Rights Notice (U.S.)
- Data Processing Agreements
- GDPR FAQ
- FCC, Exposure and Conformity
- SNE Energy Information
- California Resident Privacy FAQ
- Website Terms
FOR U.S.A. and CANADA
Last Updated: December 20, 2022
If you are a U.S. resident, please also see our Privacy Rights Notice (California / U.S.), effective January 1, 2023, to learn more about how to exercise the privacy rights available under state law.
- CSP means a communication service provider that is a Plume customer
- controller means the person or entity that determines why and how personal information is processed
- Customer Network means the Wi-Fi network created through use of the Plume Services by a Plume customer or a CSP’s customer, together with Customer Network Equipment
- Customer Network Equipment means Plume’s SuperPods and similar Wi-Fi extenders, OpenSync-enabled gateways and other on-premise Wi-Fi network equipment, whether CSP-provided equipment or equipment acquired by the customer
- personal information means information that identifies or can be used to identify an individual person and, under some privacy laws that may apply to Plume, information that identifies a specific entity
- processing means any operation (or set of operations), such as collecting, combining and storing, performed on personal information
- processor means the person or entity processing personal information for or on behalf of a controller
Plume’s processing of personal information is subject to the laws in the jurisdictions in which Plume operates.
IF YOU HAVE QUESTIONS ABOUT PLUME'S PERSONAL INFORMATION PROCESSING PRACTICES, PLEASE CONTACT PLUME USING THE CONTACT INFORMATION HERE
- WHAT PERSONAL INFORMATION DOES PLUME COLLECT AND WHY?
- HOW DOES PLUME USE PERSONAL INFORMATION?
- DOES PLUME USE AUTOMATED PROCESSING?
- HOW DOES PLUME SHARE PERSONAL INFORMATION?
- HOW DOES PLUME PROTECT PERSONAL INFORMATION?
- HOW LONG DOES PLUME RETAIN PERSONAL INFORMATION?
- WHAT CHOICES ARE AVAILABLE FOR PERSONAL INFORMATION?
- HOW DOES PLUME PROTECT CHILDREN'S PRIVACY?
- DOES PLUME TRANSFER PERSONAL INFORMATION TO OTHER COUNTRIES?
- WHO DO I CONTACT WITH QUESTIONS?
- Plume is a controller of personal information that Plume processes for service management purposes, such as to identify and track and record support, to ensure the security and integrity of the Plume Services, for billing and account management and to analyze, measure the effectiveness of and improve the Plume Services.
- Plume is the controller of personal information generated by or derived from use of the Plume Services. Plume refers to this data as Services Data.
WHAT PERSONAL INFORMATION DOES PLUME COLLECT AND WHY?
Plume processes personal information to provide and promote the Plume Services, and for the other purposes listed below. The specific types of personal information that Plume collects from or about you depends on how you interact with Plume, the Plume Services used and the applicable law.
a. Information you choose to give us
We collect the personal information you choose to share with us. The personal information that you choose to give to us typically includes the following types of personal information:
|Types of Personal information||Why this Personal Information is Collected|
|Contact and account information |
Name, email address or other username, password, telephone number and similar contact information and purchase related contact information (e.g., billing and delivery address, payment information and similar information necessary to complete a purchase); profile nicknames and profile photos.
|Location Data |
location is derived from IP addresses on a Customer Network
|Information associated with a social media account|
|Personal information you share through the Plume Services|
b. Information about use of Plume Mobile Apps
When you download and install one of the Plume Mobile Apps on your mobile device or tablet (Mobile Device), the information that Plume collects depends on your Mobile Device’s operating system and permissions. The Plume Mobile Apps need to use certain features and data from your Mobile Device in order to function such as mobile operating system and version, usage data and crash reports for the Plume Mobile Apps. Some information also is automatically collected by the Plume Services (as described in sub-section c below)..
To learn more about the specific information collected by one of the Plume Mobile Apps, please check your Mobile Device’s settings or review the permissions information available on the particular mobile app platform (e.g., Google Play or App Store) from which you downloaded the Plume Mobile App. Certain Plume Mobile Apps also allow you to check or change your status for certain data collection in the Plume Mobile Apps’ settings. If you change your settings, certain features may not function properly.
To stop collection of all information through a Plume Mobile App, please uninstall the Plume Mobile App.
c. Information automatically collected by the Plume Services
The Plume Services automatically collect certain information generated from and about use of the Plume Services and Customer Networks. Automatically collected information is used to help ensure that the Plume Services deliver the best Wi-Fi experience, quality of service and security for Customer Networks. Some automatically collected information is personal information under certain laws.
|Category of Personal Information that Plume Automatically Collects||Types of Personal Information Automatically Collected|
|Information about Customer Networks|
|Digital well-being data |
(Data about use of a Customer Network available to a Customer Network’s administrator when certain safety controls and security features are turned on in the Plume Services.)
|Information specific to a Customer Network created using HomePass|
|Information specific to a Customer Network created using WorkPass|
|Data collected using cookies, pixel, web beacons and similar data collection technology (collectively, data collection technology)|
d. Information collected from third parties
From time to time, Plume receives personal information from third parties that helps Plume learn more about customers and more effectively promote and improve the Plume Services.
The types of personal information that we receive from third parties are:
- Information from internet-connected devices and services when using the Plume Command (Voice Assistant) service, such as technical data and usage information from a Google or Amazon device connected to a Customer Network. Plume does not receive or process audio files.
- Location information use of MaxMind's GeoIP service
- Personal information associated with purchases through Plume's on-line store. Plume does not have access to complete bank account numbers, credit card numbers or debit card numbers. Payments for purchases are processed by third-party payment processors.
- Personal information from marketing services providers to help identify individuals who may be interested in learning more about the Plume Services and to supplement personal information Plume already has.
- Personal information from publicly available sources
- Personal information from law enforcement and other government authorities (but only in rare cases)
When Plume combines personal information from third-party data sources to enhance the personal information that Plume or its customers hold, Plume requires that each third party confirm in writing the lawfulness of its sharing of personal information with Plume.
e. Other information collected with your consent
Plume may ask you for your consent to collect specific types of personal information, such as when you choose to participate in events, request exclusive content or participate in testing new products or features.
3. HOW DOES PLUME USE PERSONAL INFORMATION?
Plume uses personal information to provide and improve the Plume Services, manage our business (including advertising and marketing), protect customers and other users, enforce our legal rights and comply with law.
To operate and provide the Plume Services for Plume's business customers:
- create user accounts and verify user identity
- provide customer support and respond to customer requests
- identify security threats (e.g., malicious Internet locations or websites) and activity that may indicate unauthorized use of Customer Networks
- schedule network optimizations and firmware updates for Customer Network Equipment
- enable Customer Network administration, such as by offering tools for administrators to manage access, security and confidentiality policies, blocking content identified as inappropriate in accordance with content filters set by the Customer Network administrator and generating live motion visuals and motion history for Customer Networks
- offer data analytics tools that enable customers to match and augment their own data sets with data generated by Customer Networks to help improve market and audience segments, identify and analyze trends and create better advertising campaigns
Whether Plume is a controller or processor examples of a personal information depends on the customer relationship. If you have questions about whether Plume is a processor or controller of your personal information, please contact the administrator of the Customer Network you are using or [email protected].
For Plume’s lawful and legitimate operational purposes. Plume processes personal information as a controller to:
- monitor use of and protect the Plume Services and information processed through the Plume Services
- track customer support, billing and account management
- analyze, measure the effectiveness of and improve the Plume Services
- identify customer needs and develop new products and services to meet them
- conduct marketing about the Plume Services or related third-party products and services (where permitted)
- invite customers and others to participate in market research and testing of current and new features or products
- create statistical analyses and segment and combine data sets to identify trends
- detect and prevent fraud (e.g., if you provide a credit or debit card, we may use third parties to check the validity of the sort code, account number and card number you submit)
- enforce Plume’s customer contracts and other legal agreements
- prevent, investigate and/or report security incidents, crime, fraud or other violations of law
To comply with applicable laws and protect legal rights. Plume processes personal information as a controller to:
- enforce and investigate actual or suspected violations of our legal agreements
- protect the safety, security and legal rights of customers and users of the Plume Services
- detect, prevent and remediate fraud or other unlawful behavior, security issues and other technical issues related to the Plume Services
With consent. Plume processes personal information as a controller based on consent for certain marketing activities and advertising practices for automated processing (as described below).
4. DOES PLUME USE AUTOMATED PROCESSING?
Plume uses automated processing tools to:
- To analyze certain personal information for targeted marketing strategies
- To support interconnections with Facebook, Google and similar providers for advertising on behalf of a CSP partner
- For customer segmentation analysis, such as when Plume segments users based on machine learning-determined “traits” of a particular location
- For data loss prevention
- To monitor use of the Plume Services in accordance with content, governance and information security policies.
- To comply with legal obligations and defend legal rights
- To prevent, investigate and/or detect unauthorized or illegal use of the Plume Services
As required by applicable law, we will provide notice and obtain consent for, and/or allow you to opt out of, certain types of automated processing, such as when Plume’s automated processing produces legal or similarly significant effects for you and does not involve human input.
When consent to automated processing is required, Plume works to provide meaningful information about the logic involved in automated processing to help ensure that consent is specific, informed and voluntary and to ensure that users of the Plume Services are not adversely affected by a decision to withhold or revoke consent to automated processing.
5. HOW DOES PLUME SHARE PERSONAL INFORMATION?
How Plume shares personal information depends on the Plume Services used. Generally, Plume shares personal information according to customer contracts, with people and businesses that help operate the Plume Services and otherwise when Plume is legally permitted or required to do so.
Plume shares personal information with the following categories of recipients:
- Professional advisors, such as lawyers, accountants, insurers and information security and forensics experts.
- Marketing vendors that help promote the Plume Services (such as by email marketing) and supplement personal information that we already have. For example, Meta receives and uses certain data related to the use of the Plume Services to help us deliver personalized advertising on its platform and assess the effectiveness of this advertising.
- Service providers to enable them to perform services on our behalf, including data analytics, geo-location based on IP address analytics, data security, cloud storage providers, ecommerce operations, surveys, research, administration of promotions, offers and promotions and otherwise to help us carry out our business.
- Business customers when Plume is acting as a processor of personal information.
- Business partners, such as the providers of the internet-connected devices and services that a customer chooses to connect to a Customer Network (e.g., Google Nest and Amazon Alexa). If you acquire the Plume Services through a CSP or reseller, Plume shares personal information with that CSP or reseller.
- Our affiliates and subsidiaries, such as Plume’s entities in Poland, Slovenia, Switzerland and Taiwan.
- Competent law enforcement, government regulators and courts when we believe disclosure is necessary (i) to comply with the law, (ii) to exercise, establish or defend legal rights, or (iii) to protect the vital interests of users, business partners, service providers or another third party.
- Other third parties with consent.
When Plume shares anonymized data, Plume takes administrative measures to prohibit efforts by recipients to re-identify the anonymized data.
6. HOW DOES PLUME PROTECT PERSONAL INFORMATION?
Plume uses technical, physical, and administrative safeguards intended to protect the personal information that we process from unauthorized access and use.
Our safeguards are designed to provide a level of security appropriate to the risk of processing your personal information and include (as applicable) measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and a procedure for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of personal information. Like any other organization, Plume cannot fully eliminate security risks associated with the processing of personal information.
You are responsible for maintaining the security of your account credentials. Plume will treat access to the Plume Services through your account credentials as authorized by you.
We may suspend your use of all or part of the Plume Services without notice if we suspect or detect any breach of security. If you believe that information you provided to Plume or your account is no longer secure, please notify us immediately at [email protected].
If we become aware of a breach that affects the security of your personal information, we will provide you with notice as required by applicable law. When permitted by applicable law, Plume will provide this notice to you through the email address associated with your account or other permitted method associated with your account.
UNAUTHORIZED ACCESS TO PERSONAL INFORMATION AND THE PLUME SERVICES – INCLUDING SCRAPING – IS PROHIBITED AND MAY LEAD TO CRIMINAL PROSECUTION.
7. HOW LONG DOES PLUME RETAIN PERSONAL INFORMATION?
Plume retains personal information associated with a customer’s account for as long as the account is active and as required by Plume’s customer contracts and otherwise for as long as necessary to carry out the purposes described above. Plume also retains personal information for as long as Plume believes necessary to comply with our legal obligations, resolve disputes and enforce our legal agreements.
When determining the relevant retention period, Plume takes into account the Plume Services used, the nature and length of Plume’s relationship with the customer, mandatory retention periods provided by law and other relevant criteria.
At the end of relevant retention period, Plume either deletes or anonymizes personal information or, if Plume cannot delete or anonymize the personal information, then Plume segregates and securely stores personal information until deletion or anonymization is possible. Plume uses anonymized data subject to applicable law and contracts.
8. WHAT CHOICES ARE AVAILABLE FOR PERSONAL INFORMATION?
The privacy rights that may apply to you are:
- Right to know the personal information that Plume holds about you and how it is processed
- Right to request that Plume corrects the personal information that Plume holds about you
- Right to receive a copy of your personal information in a structured, common and machine-readable format
- Right to request that Plume restricts the collection, processing or disclosure of your personal information
- Right to object to the processing of your personal information, such as when the basis of the processing is our legitimate interest (pursuant to Art. 6 para. 1f) GDPR) or the right to opt out of the sale of your personal information and targeted advertising in the U.S.
- Right to request that Plume deletes your personal information
These rights are not absolute. In some cases, your ability to access or control your personal information is limited by applicable law.
If you are a resident of California or Virginia, please see Plume’s Privacy Rights Notice (U.S.) (U.S. State Privacy Rights Notice), which is effective January 1, 2023, for more information about the rights available to you. The U.S. State Privacy Rights Notice applies to Consumers, as defined under the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (CPRA)) (together, CCPA), the Colorado Privacy Act (CPA), the Virginia Consumer Data Protection Act (CDPA), the Utah Consumer Privacy Act (UCPA), Connecticut’s Act Concerning Personal Data Privacy and Online Monitoring (CTPA), and all laws implementing, supplementing or amending the foregoing, including regulations promulgated thereunder (collectively, U.S. Privacy Laws). The U.S. State Privacy Rights Notice also serves as our Notice at Collection for purposes of CCPA.
Plume's tools for exercising choices about personal information processing, also include:
> Opting out of Plume’s Marketing Emails. To stop receiving promotional emails from Plume, please click the “Unsubscribe” link at the bottom of the email. Your account settings also may allow you to change your notification preferences. After you opt out, we may still send you non-promotional communications, such as receipts for purchases or administrative information about your account.
> Customer Network Administrator Tools. Please contact the administrator of the Customer Network that you use about the following options:
- Profile settings: Depending on the Plume Services used, a Customer Network administrator may assign profiles and nicknames to Customer Network Equipment and Mobile Devices connected to a Customer Network.
- Privacy more setting: Certain Plume Services also offer a privacy mode setting. When on, this setting blocks all data exchange.
- Internet security controls: A Customer Network’s administrator may configure policies for security protection, schedules, parental controls or content filters through the account settings.
- Motion detection settings: A Customer Network’s administrator can disable the motion detection features that allow the Plume Services to generate live motion and motion history reports. Once disabled, Plume no longer collects information about the live motion within a Customer Network and can no longer generate the reports.
> Account deactivation. You can deactivate your Plume account through the Plume Services and by contacting Customer Support.
> Mobile Device Tools. Mobile operating systems and mobile app platforms (e.g., Google Play, App Store) have permission settings for specific types of mobile device data and notifications, such as for access to contacts, geo-location services and so-called push notifications. You can use the settings on your Mobile Device to consent to or deny certain information collection and/or push notifications. You can stop all information collection from a Plume Mobile App by uninstalling it. If you uninstall a Plume Mobile App, please also consider checking your operating system’s settings to confirm that the unique identifier and other activity associated with your use of the Plume Mobile App is deleted from your Mobile Device.
9. HOW DOES PLUME PROTECT CHILDREN'S PRIVACY?
To learn more about HomePass parental controls, please see https://support.plume.com/hc/en-us/sections/360002021834-Content-Parental-Control.
10. DOES PLUME TRANSFER PERSONAL INFORMATION TO OTHER COUNTRIES?
Plume may transfer personal information across borders to any of the places where Plume and its suppliers and partners do business. Other jurisdictions may have data protection laws that are different from (and, in some cases, less protective) than the laws where you reside.
To request information about Plume’s standard contractual clauses or model contracts and other safeguards for cross-border personal information transfers, please contact [email protected].
12. WHO DO I CONTACT WITH QUESTIONS?
The entity responsible for the processing of your Personal Information is Plume Design, Inc., unless Plume is acting as processor or service provider on behalf of one of Plume’s business customers.
- by email at [email protected]
- by mail at:
Plume Design, Inc.
325 Lytton Ave, Suite 200
Palo Alto, CA 94301
Prior versions: June 29, 2022, September 30, 2021