Thank you for choosing Stalco Mower provided by STALCO! This Privacy Policy of Stalco Mower (hereinafter referred to as the "Policy") explains in detail how we collect, use and store your personal data when you use Stalco Mower, as well as the rights you are entitled to in this regard. The key information is as follows:
● "STALCO" (hereinafter referred to as "we" or "us") in this Policy refers to the service provider of Stalco Mower, STALCO Spółka z ograniczoną odpowiedzialnością S.K.A, with its registered address at ul. Ofiar Katynia 1, 32-050 Skawina, Poland. Contact: +48 12 350 04 10.STALCO Spółka z ograniczoną odpowiedzialnościąK.A. is the controller of your personal data.
● "Stalco Mower" in this Policy refers to the Stalco Mower application software and its corresponding smart lawn mower hardware.
● We will collect some of your personal information after obtaining your authorization and consent. For example, when you log in for the first time, you must verify your mobile phone number or email address to experience the services; we will record your mobile number or email address. You may also have certain rights; information about consumer rights can be found in Section VII below.
● Target Audience:Our products or services are not directed at minors, and we do not require or intentionally collect personal information from minors. If you are a minor, you should not access or use our products or services.
● This Policy may be revised or updated from time to time to reflect changes in our handling of personal information or changes in applicable laws. We encourage you to read this Policy carefully and review this page periodically to stay informed about any changes we may make according to the terms of this Policy.
● You can obtain relevant supplementary information by reviewing our specific jurisdiction appendices.
● Last Updated Date:12 Januray , 2025
● Effective Date:12 January, 2025
Ⅰ. How We Collect and Use Your Personal Information
To ensure the proper functioning of our products and services, we must process your personal data in certain situations. We have implemented appropriate technical and organizational measures to protect the security of personal data in accordance with applicable laws and regulations.
(I) Purposes of Collecting Personal Information
For the purposes listed below, your personal information will be collected and used during your use of this product:
1. To help you register as a Stalco Mower user and safeguard the security of your personal information.
2. To help you operate the machine through Stalco Mower.
3. To efficiently and conveniently resolve issues you encounter while using the product.
(II) Types of Personal Information Collected
1. Personal Information Collected Based on Basic Product Functions
● Identity Information
You can register an account using your phone number or email address. The legal basis for processing such information is the performance of the contract between you and us (Article 6(1)(b) of the GDPR). If you choose not to provide the above identification information, it may restrict your use of Stalco Mower.
After the account is deleted, the data are erased or anonymized, except for data that must be retained for a longer period pursuant to applicable laws (e.g. accounting or tax regulations).
● Geolocation Information
After you authorize and consent to our use of geolocation permissions (on Android systems, the Google framework requires location access to establish a Bluetooth connection) and Bluetooth permissions, the application will collect your geolocation information to scan for and connect to the mower via Bluetooth.
These data are not used to determine the user’s actual location, are not stored, and are not transmitted to STALCO’s servers.
The legal basis for the processing is Article 6(1)(b) of the GDPR – processing necessary for the performance of a contract.
If you refuse to provide the above personal information, you may not be able to use your phone to bind the mower.
● Network Connection Information
We will collect some of your information to use the App to configure the network for the machine. Data collected and used during the network configuration process includes: 1) The IP address displayed on the mobile device; 2) Mobile operating system and version; 3) Machine model and serial number; 4) IP address and time of activation for network configuration; 5) Wi-Fi information (SSID, Wi-Fi password); 6) Network type.
These data are processed exclusively locally, in an encrypted manner, for the time necessary to carry out the configuration process and are not transmitted to STALCO’s servers.
The legal basis for the processing is Article 6(1)(b) of the GDPR – performance of a contract.
If you refuse to provide the above personal information, you will not be able to use the network connection function.
● Mapping Information
You can confirm the mowing range of the smart mower by creating a map and defining no-go zones, work areas, and passages. We will collect your mapping information. The legal basis for the processing is Article 6(1)(b) of the GDPR – performance of a contract. If you refuse, functions such as mapping and defining mowing areas and methods may not be available.
● Mowing Preference Information
You can set the mowing preferences of the smart mower, execute and view mowing tasks and their progress. We will collect your mowing preference settings (speed, height), schedule settings (start time), operation records, mowing task information, task result information, etc. The legal basis for the processing is Article 6(1)(b) of the GDPR – performance of a contract. If you refuse, customized mowing functions may not be available.
● Camera Information
Please note that the smart lawn mower hardware is equipped with two cameras. Their purposes of use include the following business functions: 1) Identifying grass versus non-grass; 2) While the Stalco Mower is performing a mowing task, if it encounters an environment suspected to be a restricted area, it will take photos and perform intelligent obstacle avoidance. The processing of images from the cameras is necessary for the implementation of the smart obstacle avoidance and device return-to-charging-station functions and takes place exclusively locally on the device. The images are neither transmitted to the cloud nor stored outside the device.; 3) Identifying and returning to the charging station.
Please understand that if you place the device in your or other individuals' private spaces, or choose to operate it during your or other individuals' private activities, the photos taken by the cameras after activating the above functions may contain personal information such as the privacy, likeness, or facial information of you or others. Please pay attention to protecting your privacy and safety, and avoid placing the device in private spaces.
2. Information Collected for Service Provision and Product Improvement
● Service and After-Sales Related Personal Information
If you choose to contact our online customer service, customer service hotline, or email for feedback, we may need you to provide necessary personal information for identity verification to protect your account security. We may also save your contact details (the phone number, email, or other contact methods you use or provide voluntarily), records and content of your communications with us, and other necessary information to provide and record customer service.
The legal basis for the processing is Article 6(1)(b) and (f) of the GDPR.
● Device and Application Operation Information
We will collect your device information, including device failure information, configuration information, performance information, log information, etc., to analyze the operation of our products for product maintenance and security assurance. The legal basis for processing such information is Article 6(1)(a) and (b) of the GDPR - your consent and necessity for the performance of the contract. Relevant information includes phone model, system version, system time zone, system language, network operator, App version number, device SN, android_id, etc. These data by themselves are not used for the direct identification of a natural person; however, in certain situations, they may constitute personal data within the meaning of the GDPR when processed together with other information.
Ⅱ.How We Use Cookies and Similar Technologies
To ensure our services operate normally and to provide you with a smoother, easier user experience, we may sometimes place small data files called Cookies on your computer, mobile terminal, or machine device. We may use various technologies to collect and store data related to your visits to our website or mobile application. This can identify you, save you the trouble of repeatedly entering registration information, or help determine the security status of your account. These data files may be Cookies, Clickstream, Web, other local storage provided by your browser or associated applications (hereinafter collectively referred to as "Cookies"). Thus, whenever you return to the App or browse pages, you don't have to re-enter information or reconfigure user settings repeatedly. You can clear the cache in your browser or the corresponding App settings. Please understand that some of our services can only be implemented by using Cookies.
Ⅲ.How We Share, Transfer, and Disclose Your Personal Information
According to applicable laws and for legitimate business operational purposes, we integrate Software Development Kits (SDKs) provided by third-party service providers to achieve the relevant functions described in this Privacy Policy. These functions include providing us with data storage services, message push notifications, log analysis, etc. We conduct strict security monitoring of the SDKs used by these service providers to obtain information, in order to protect data security. For specific third-party SDKs used by this App, please refer to the "List of Third-Party SDK Information Collection".
We will share the following information with data storage service providers and the OEM service provider:
● Identity identifiers and profile data. For example, user email address, phone number, username and login credentials, nickname, country code, language preference, and timezone information.
● Customer service communication information. Includes user email address, phone number, and customer service communication and feedback records.
● Device information. Includes device name, device ID, device location information, etc.
● Device and network configuration information: Includes the device's MAC address, IP address, wireless connection information, operating system type and version, application version number, push notification identifier, log files, and mobile network information.
● Mobile terminal information. When you interact with our products, to ensure your normal use of our services, maintain the normal operation of our services, and protect your account security, we may automatically collect mobile terminal information, such as terminal identification information (IDFA, OAID, Android ID), current application information (application name, application version number), terminal parameters and system information (system properties, device model, operating system, operator information).
● Log information. When you use our application, system and exception logs may be uploaded, including your IP address, language used, operating system version, date or time of access, etc.
Ⅳ.How We Transfer Your Personal Information Globally
Users’ personal data may be processed and stored on servers located within the European Economic Area (EEA), in particular in Germany. In certain cases, related to the use of IT infrastructure or services provided by our trusted providers, personal data may be transferred to third countries outside the EEA, in particular to the United States and Singapore.
Transfers of data to third countries are carried out solely on the basis of mechanisms provided for in Chapter V of the GDPR, in particular:
– decisions confirming an adequate level of protection (Article 45 GDPR), including the EU–US Data Privacy Framework,
– standard contractual clauses adopted by the European Commission (Article 46(2)(c) GDPR), together with additional technical and organizational measures,
– or other legally permissible safeguards.
We apply uniform security measures to ensure the protection of personal data, including encryption, access control, and risk assessment procedures for data transfers.
Users may obtain a copy of the safeguards applied or additional information regarding data transfers by contacting us at the address provided in this Privacy Policy.
Operating Country/Region | Data Storage Location |
Asia Pacific (excluding Mainland China) | Singapore |
USA and other North American countries | USA |
Europe | Germany |
Ⅴ.How We Protect Your Personal Information
When you provide us with your personal information, we will retain your personal information only for the period necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. We have appropriate organizational safeguards and security measures in place to protect your personal information from accidental loss, unauthorized use or access, alteration, or disclosure. For example, where possible, we use encryption technologies to transmit and store data. We use access controls and confidentiality commitments to further restrict access to this data.
We recommend that you pay full attention to the protection of personal information, especially login accounts, passwords, and other important personal information, when using this product. We will also strive to ensure the security of your personal information. In the unfortunate event of a personal information security incident, we will activate emergency plans to prevent the expansion of damages. Simultaneously, we will proactively report the handling of the personal information security incident as required by relevant laws and regulations and regulatory authorities. As required by relevant laws and regulations, we may, when necessary, inform you of the basic circumstances of the security incident and the remedial measures we are about to take or have already taken via App push notifications, emails/SMS, or phone calls. If it is difficult to notify individuals one by one, we will issue warnings through announcements or other methods.
Ⅵ.How We Handle Minors' Personal Information
Our APP and corresponding terminal products are not directed at minors. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us to have it deleted.
Ⅶ.How We Ensure You Can Exercise Your Rights
We are committed to complying with data protection laws worldwide. According to applicable laws, you may exercise the following rights:
Right of Access: You have the right to obtain confirmation as to whether we are processing your personal data, to access your personal data, and to receive a copy of them. The scope and form of data provision may be subject to limitations imposed by applicable law.
Right to Rectification: If you find errors or incompleteness in the personal information you provided, you have the right to update or correct your personal information.
Right to Erasure: You have the right to request that we delete your personal information. We will evaluate your deletion request and, if it meets the relevant regulations, take appropriate steps, including technical measures, to process it. You can directly apply to delete your account within our application. Personal accounts are generated based on your phone number or email. You can delete your account via "Account Management". Please note that deleting your account may result in the clearing of all information related to your account; please proceed with caution.
Right to Data Portability: The right to request the transfer of your personal information to another party.
Right to Restriction of Processing: The right to request the suspension of processing of your personal data.
Right to object: You have the right to object to the processing of your data for the purposes of direct marketing (including profiling) or when the processing is based on our legitimate interests. We will consider your request within one month and inform you of the outcome.
Right to Object to Automated Decision-Making: If automated decision-making has legal effects concerning you or otherwise significantly affects you, you have the right to object to decisions based solely on automated processing of your personal information. We do not use your personal information in automated decision-making that has legal or other similarly significant effects on you.
Depending on applicable law, you may also have other rights, such as the right to be informed about your data processing circumstances and the right to lodge a complaint with a supervisory authority. If you have questions about the rights you have or how to exercise them, please contact us.
Ⅷ.How This Policy Is Updated
We may periodically update this Privacy Policy, in particular in the event of changes to product features, the scope of services provided, applicable laws, or organizational structure.
The current version of the Privacy Policy is always available on this page along with its effective date.
In the case of significant changes affecting the scope or manner of personal data processing, we will inform you in advance by displaying an appropriate notice in the application upon login or by other effective means.
Changes to the Privacy Policy do not affect the lawfulness of personal data processing carried out prior to their entry into force.
Ⅸ..How to Contact Us
We have not appointed a Data Protection Officer. If you have any questions about this Privacy Policy, or if you have any complaints or opinions regarding the processing of your personal information, you can provide feedback through the "Help Center" in the App settings. You can also contact us via:
● Phone: +48 12 350 04 10
● E-mail: centrala@stalco.pl
● Office Address: ul. Ofiar Katynia 1, 32-050 Skawina, Poland
We will respond to you within the period stipulated by law. If you are not satisfied with our response, especially if our processing of personal information has infringed upon your legitimate rights and interests, you may also file a complaint with the data protection supervisory authority.
Ⅹ.Other Provisions
In the event of any discrepancy between the English version of this agreement and any version in another language, the English version shall prevail.