Privacy Policy

Update Date: 3 Dec, 2024

Effective Date: 3 Dec, 2024

Deye has developed this Privacy Policy to explain how we may collect, retain, process, share and transfer your personal information when you use our following services as a registered user (Each a “User” and referred to together in this Policy as, the “Users”, “you” or “your”). Deye Cloud Mobile Application and Web Application (“Deye Cloud Services”), as defined in Deye Cloud Terms and Conditions, are provided by Ningbo Deye Inverter Technology Co., Ltd., a company incorporated in People's Republic of China (referred to in this Policy as “Deye”, “we”, “us” or “our”). Deye acts s as the “Data Controller” of your personal information under General Data Protection Regulation (the “GDPR”) and other applicable law for the activities described in this Policy.

Information We Collect

We collect, process and use personal information from and about you, including when you create an account and interact with us to make use of our Cloud Services.

We collect the following certain necessary information from Users:

1.1 Information you provide us

To use Deye Cloud Service and Products, you need to have an account, and to create an account, you need to provide us the necessary information.

Personal Account. If you create an account, you should provide us the necessary information so that we could provide the services to you. This includes your username, your email address or your mobile phone number; your password; your display language; and third-party single sign-in information (if you choose this sign-in method). If you do not provide the necessary account information to us, you should not be able to use our Deye Cloud Services. In addition to the necessary account information, you can also provide the avatar and nickname associated with your account, that is optional and can be customized based on your preferences and needs.

Photovoltaic (PV) Plant Information. In order to use the PV plant management and monitoring service of Deye Cloud Services, you will need to provide us the Plant Name, Region, Address, Plant GPS Coordinates, Serial Number of Logger Device and Serial Number of sub-devices including Inverter and Meters.

Customer Service Information. In order to inquire about our Services or file a complaint, you will need to provide your contact information, including email address or mobile phone number, and the detailed information regarding your inquiry or complaint. If you do not provide the necessary contact information, we may not respond and provide you with appropriate feedback.

1.2 Information we collect when you use our Services

When you use our services, we collect the information about how you use our services and what data the PV Plant generated.

Device Information. We collect information about and from the devices you use to access Deye Cloud Services, that includes: (1) Information about your devices, such as device model, operation system, browser information, Unique Device Identifier (a string that the manufacturer assigns to your device to uniquely identify the device), and other information about your device. (2) Information about your connection to Deye Cloud Service, such as your IP address, network connection status and type, network condition and related information.
PV Plant Data. We collect PV Plant data in order to allow you to manage and monitor the PV Plant. The PV Plant data includes Serial Number of data logger devices and sub-devices (such as inverters, meters and other similar devices), and their continuous device data flow. We may use the PV Plant data to analyze and diagnose the PV Plant situation in order to help you to maintain and improve the plant.
Log Information. When you use Deye Cloud Services, we collect the operation logs, service logs, service failure information and other activity logs, even if you have not created an account or are signed out, that includes: IP address and related information; device IDs and operation system information; browser information; pages visited; and identifiers associated with cookies. We also collect the Mobile/Web application performance data, crash data and the source of Mobile Application in order to ensure the information security and improve the system performance.
Cookies and similar technologies. We use cookies and similar technology to operate our services, discover how users use our services and improve the service performance. Cookies and similar technology could help you to keep login to Deye Cloud Services and protect your account security, and help us to improve and understand how users use our services in order to improve the user experience. You can manage or delete the cookies according to your preferences by browser settings or mobile phone system settings. For additional information, you can find in our Cookies Policy.
Interactions with third-parties. When you authorize the Maintenance Service Provider to access, manage and monitor your PV Plant, we collect the interaction information in order to provide Maintenance Service Provider with the necessary data to fulfil their obligations.

1.3 Information we receive from third parties

We may receive information about you from third-parties whom are authorized by you to provide your PV Plant information to us on behalf of you. These third-parties include your Maintenance Service Provider, Plant System integrator, Equipment Dealer and other agents you designated. We may also receive information about you from our Users, Partners and corporate affiliates who could help us to evaluate the security and quality of Deye Cloud Services.

2. How We Use the Information

2.1 Operate and improve our services

We use the information we collect to provide you the Deye Cloud Services. In order to use our Deye Cloud Services, you should create an account and provide the Personal Account information. In order to use the PV Plant management and monitoring services of Deye Cloud Services, you should create a PV Plant instance and provide the necessary PV Plant Information. We use your device information and cookies information to provide you the better user experience when you use mobile or web application to access our Deye Cloud Services.

2.2 Ensure security

We use information we collect to ensure the security of our users, services, and your account. This includes verifying your identity, ensuring secure login, preventing unauthorized use, and detecting illegal activities. In the event of a security incident, we may utilize your information to assess the situation and conduct thorough investigations.

2.3 Analyze and improve inverter and other devices

We use information we collect to measure and analyze data generated by inverter and other devices to diagnose the related device situation. We will alert when there are unusual and error device situation, so that you could assess and investigate your PV Plant.

We also use PV Plant data we collect to help us and our partners to improve the design and implementation of devices. When we conduct the research and development to improve the inverter and other devices, we use the anonymized plant and device data.

2.4 Communicate with you about our services

We use information we collect to communicate with you about Deye Cloud Services, including our service updates, term of service updates, privacy policy updates, and other inverter modular and firmware updates. We may also send you the marketing message about our service update.

2.5 Research

We use the information you provide to us including survey, service testing and troubleshooting information that could help us to improve the Deye Cloud Service.

3. What is Purpose and Legal Basis

The purposes and legal basis upon which we process your personal information include:

Processing Purpose	Personal Data	Lawful basis of Processing
Operate our services and Ensure safety and security.	All personal information listed in “1. Information We Collect”.	Contractual necessity, Your Consent and Legitimate interests
Analyze and improve the Inverter and other devices, in order to diagnose the issues and improve device design.	PV Plant Data	Contractual necessity and Legitimate interests
Communicate with you about our services	Personal Account, PV Plant Information, PV Plant Data, Interactions with third-parties and Customer Service Information.	Contractual necessity
Research and make your experience of our Services and Products more efficient and effective.	PV Plant Information, PV Plant Data, Device Information, Log information and Cookies and similar technologies	Legitimate interests

We may process your personal information based on our legitimate interests, but we will always carefully consider your rights and interests. We will not proceed with such processing if we believe that your interests or fundamental rights and freedoms related to your personal information would be prejudiced.

You have the right to object to the processing of your personal information when it is carried out for our legitimate interests. If you object, we will assess the situation and cease processing your personal information unless there are compelling legitimate grounds that override your rights.

4. How We Share Information

4.1 Share upon your decision

You can share your Personal Account information, PV Plant Information and PV Plant Data with your designated Maintenance Service Provider, in order to authorize the Maintenance Service Provider to help you manage and monitor your PV Plant.

4.2 Share with third parties

We may share your information with our service providers that perform functions and provide services on our behalf, including Amazon Web Services who provide the infrastructure cloud service to us. Before engaging third parties to assist us in performing functions and providing services, we have established pre-assessment procedures to verify the quality and suitability of these third parties. We carefully evaluate their data protection practices and compliance with applicable privacy laws.

4.3 Integrations with third-party

We integrate third-party Software Development Kit (SDK) in our mobile application to enhance the functionality, provide the better experiences and collect analytics data. These third-party SDK service providers act as the data controller or data processor in the respective scenarios:

SDK and Service Provider	Data Processing	Purpose and Privacy Policy
AutoNavi positioning SDK AutoNavi Software Co., Ltd.	Geographic location (approximate location source, precise location source), WIFI information, list of running applications, sensor information, network operator, SIM information, MAC address	When the user edits the plant location https://lbs.amap.com/pages/privacy/
JPush SDK Shenzhen Hexunhuagu Information Technology Co., Ltd.	Device information, geographic location, network information	Use when pushing notifications or messages to users https://docs.jiguang.cn/compliance_guide/foreign_data_security/foreign_data_security/
FCM SDK Google LLC	Device information, geographic location, network information	Use when pushing notifications or messages to users https://developers.google.com/terms/api-services-user-data-policy
TalkingData SDK Beijing Tengyuntianxia Technology Co., Ltd.	Unique device OAID/identification (IMEI/MEID/Android ID/IDFA/OPENUDID, SIM card IMSI or ICCID	When performing statistical analysis in APP https://www.talkingdata.com/privacy.jsp?languagetype=en_us

4.4 When required by law

We may preserve, use, disclose, or share your information if we believe it is reasonably necessary to: comply with applicable law, protect the safety and integrity of our Services, protect your and our rights or property.

4.5 With our Affiliates

We may share information amongst our affiliates to provide our services.

5. How and How Long We Store Information

For users in North and South America, your personal information is stored on our servers in the United States. For those in the European Economic Area (EEA) and other regions outside of China, your personal information is stored on our servers within EEA. When we share data with our affiliates and our service providers, we implement appropriate security measures, including EU-Commission approved standard contractual clauses (SCCs) and other relevant agreements to ensure the protection of your personal information.

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.

We retain your account information and other information for the duration of your account until you choose to deregister or until your account is terminated for any other reasons.
We may retain certain information for longer periods than stated in our policies to comply with legal requirements and ensure safety and security.
Once the specified retention periods expire, we will delete or anonymize your personal information, unless otherwise mandated by laws and regulations.

6. Security Measures and Device Permissions

We recognize the importance of protecting and managing your personal information and take all necessary steps to safeguard your personal information. We use a variety of security, organizational and technical measures designed to help protect your personal information from unauthorized access, use, disclosure, alteration or destruction consistent with applicable data protection and privacy laws and regulations.

However, you are also responsible for maintaining the security of your account for the Deye Cloud Service in your possession or control. We recommend that you do not divulge your password to anyone. Our staff will never ask you for your password in an unsolicited phone call or in an unsolicited email. If you share a computer with others, you should not choose to save your account information on that shared computer.

When you use our mobile application of Deye Cloud Services, we may need to activate some device permissions, including Storage/Photo, Camera, Location, Bluetooth and WIFI.

Device Permission	Purpose
STORAGE/PHOTO	Used to set the cover of the PV plant and set the personal avatar.
CAMERA	Used to set the cover of the PV plant, set the personal avatar, scan the device SN
LOCATION	Used to set the PV plant location, device distribution network, device local mode
BLUETOOTH	Used to set the device distribution network, device local mode
WIFI	Used to set the device distribution network, device local mode

You have the option to disable these permissions within the mobile application's System Settings or the device's Settings, thereby preventing us from collecting the corresponding personal information. Please note that the process for displaying and disabling permissions may vary depending on your specific device. We recommend referring to your device's system description or instructions for guidance on managing permissions.

7. Your Rights and Options

You have the following data subject rights and options regarding your personal data:

Right to Access: You have the right to request a copy of your personal information. We will need to verify your identity before taking any action.
Right to Rectification: If the personal information we hold is incorrect, you have the right to request its amendment.
Right to Erasure: You have the right to request the deletion of your personal information that we hold. However, there may be legal and regulatory reasons that prevent us from deleting your data.
Right to Withdraw Consent: You can withdraw your consent to the processing of your personal information at any time (if we process your personal information based on your consent). Please note that withdrawing consent may impact our ability to provide certain services to you, but it does not affect the lawfulness of our processing prior to the withdrawal.
Right to Data Portability: You have the right to receive certain personal information you have provided to us in a machine-readable format, or to have it transmitted to a third party with your explicit authorization.
Right to Restrict Processing: Under certain conditions listed in our policies, you can restrict the processing of your personal information.
Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of Personal Data concerning you which is based on a task carried out in the public interest or on a legitimate interest.
Right to Lodge a Complaint: If your privacy rights are violated or you have suffered as a result of unlawful processing of your personal information, you have the right to lodge a complaint with the relevant supervisory authority.

To exercise your rights, we may need to request specific information to confirm your identity and ensure your right to access your personal information or exercise any other rights. This is a security measure to protect your information. We may also contact you for further details related to your request. To exercise your rights, please contact us using the details provided in the "Contact Us" section below. Please note that we may need to verify your identity before proceeding with your request. We aim to respond to your request within 30 days, and if more time is required, we will inform you and keep you updated.

8. Children Policy

Our Deye Cloud Services are not directed towards children under 18 years old. Deye does not knowingly collect personal information from children under 18. If you are under 18, please do not use our Deye Cloud Services, or submit any personal information to us.

9. Policy Update

We reserve the right to change, amend, or revise this Privacy Policy periodically. We will make efforts to notify you of any significant or material changes. You can access the latest version of this Privacy Policy on our website and mobile application at any time. We encourage you to regularly review the Privacy Policy to stay informed about any updates before using the Cloud Services mentioned in this Policy.

If you do not agree with any of the changes and no longer wish to use our Services, you have the option to close your Account. By continuing to use our Services after receiving notice of changes or when changes are published on our Services, you indicate your acceptance of the changes and consent to the modified version of this Privacy Policy.

10. Contact Us

If you have questions or requests about the privacy issues relating to the processing of your personal information, you can contact the privacy office of your Data Controller, Ningbo Deye Inverter Technology Co., Ltd.:

<Data Controller>

Ningbo Deye Inverter Technology Co., Ltd

Attn: Data Protection Officer (DPO)

Email: PrivacyProtection@deye.com.cn

Address: No.26, Southern YongJiangRoad, Beilun District, NingBo City, China

If you are in EEA, you may contact our Data Protection Officer, our EU representative below or you may lodge a complaint with a supervisory authority in the EEA.

<EU Representative>

Deye Neue Energie GmbH

Attn: DEYE EU Representative

Email: PrivacyProtection@deye.com.cn

Address: Franz-Rücker-Allee 19-21, 60487 Frankfurt am Main

[END]