Privacy Policy

Online Shop Privacy Policy

Effective Date: February 27, 2025. Last Updated: February 27, 2025.

This Privacy Policy (“this Policy”) provides details on how Roborock Inc. and its affiliated companies (“Roborock”) treat your personal information when you use Roborock official websites, including our online shop service (“the website”). Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions.

If you do not agree with this Policy and no longer wish to use our services, or you have any concerns regarding this Policy or our data handling practice you may erase your account by emailing us at privacy@roborock.com (if you are a European Union user under General Data Protection Regulations, please send an e-mail to privacy@roborock-eu.com ). Please note that, if you withdraw your consent to this Policy or ask us to erase your account or other personal information necessary for online shopping service and other website service (“the service”), we may not be able to provide you with the service.

OUR COMMITMENT TO YOU

This Policy sets out how we collect, use, disclose, process and protect any of the information you provide us when you use our website. All of our information processing practices will be in accordance with this Policy and/or other terms and conditions for users.

This Policy is designed with your privacy rights in mind, and it is important that you have a comprehensive understanding of our customer information collection and usage practices, as well as full confidence that ultimately you have control of any personal information provided to Roborock.

In order to comply with applicable laws, including local data protection legislation (e. g. General Data Protection Regulation (hereinafter referred to as “GDPR”) in Europe Union; Law on Protection of Personal Data No.6698 in Turkey (hereinafter referred to as “Turkey PDPA”)) Furthermore, we are committed to protecting your privacy and security of your personal information, and we are equally committed to ensuring that all our employees and agents uphold these obligations.

WHAT INFORMATION IS COLLECTED AND HOW WE USE IT

I. Collection and Use of Your Personal Information for the Purpose of Providing Online Shop Service and Other Basic Website Function

To provide you with the online shop service and other basic website services, we collect and use the personal information necessary to enable these functions. If you use the service within the European Economic Area, we process your personal information for the purpose of fulfilling the contract on the basis of Art.6(1)(b) of the GDPR. If you use the service within Turkey, we process your personal information for the purpose of fulfilling the contract on the basis of Article 5(2)(c) of the Turkey PDPA. There is no legal obligation for you to provide the following personal information, however, we may not be able to offer you the online shop service without such information.

1. Roborock Account Creation and Login

Roborock online platforms, products and services (including but not limited to the website and the App) share the same account system. To assist you in successfully creating a Roborock account, you need to provide your email address to us and set a password for your Roborock account. When you log into your Roborock account, we will collect your account username, password and use cookies to help you stay logged in. Besides, when you create or log in your Roborock account, we also collect the region of the website you log into to assist in identifying the data center used to store your information. If you choose to log in with a third-party account, including a Facebook account, or Google account, we will collect the email address associated with your third-party account.

2. Product/Service Information Display and Reminders

To display products or services to you, we will collect your cart information, order information, return and after-sales information, and delivery address. We may also collect your pre-order information to send you reminder notification when the product becomes available for purchase.

3. Order placement and management

When you place an order for a specific product, the system will generate an order for the product you purchased. You need to fill in at least the recipient’s name, delivery address and email address. You may also choose to fill in the phone number of the recipient. The order will also include the order number, the product or service you purchased, order creation time, payment method, the amount you need to pay, points or coupons, and any notes you provide. All of the above information constitutes your “Order Information”.

To help you with order-related services, we will use your Order Information to confirm the transaction, process payment, complete delivery, query and display order details, and provide customer service and after-sales support.

If you wish to access special group discounts, you may undergo third-party verification. We will not collect your verification details, only the result of the verification.

4. Order payment

After you place an order, you can choose to complete the payment through the payment service provided by our partnered third-party payment institutions (such as PayPal, Google Pay, Shopify, credit cards, and other payment methods, depending on the actual supported payment methods, hereinafter referred to as “Payment Service Providers”). We need to share your order information and transaction amount with these Payment Service Providers to confirm your payment instructions and complete the payment.

For some websites that support invoice services, if you require an invoice, we may also collect your invoice title, taxpayer identification number, and the email address for receiving the invoice.

5. Delivery of goods or services

After you place an order and complete the payment online, our partnered third-party logistics service providers will be responsible for completing the delivery of your orders. The third-party logistics service providers will use your order information during this process to ensure that the goods you ordered are delivered safely. To provide you with after-sales and dispute resolution services, we need to stay informed about and confirm the delivery progress and status. You agree that we may collect delivery-related information from the logistics service provider.

6. Customer service and after-sales support

When you require customer service or after-sales support related to your order information, we will query your order information. During your communication with customer service, we will collect the information you voluntarily provide to customer service to better resolve your issue. Depending on the type of after-sales service you choose, we may use your order information, corresponding SN number, and other personal information you provide, including email address, recipient’s name, delivery address, recipient’s phone number, and a description of the issue.

7. Products feedback

When you share feedback on a purchased product, we may collect and publicly display your comments (including text, images, etc.) and your nickname on our official website.

8. Loyalty Points

We reward you with loyalty points based on certain activities you perform, such as registering on the website, logging into the forum, and placing orders. These points may be accumulated and used for various benefits, such as discounts or special offers.

II. Collection and Use of Your Personal Information for the Purpose of Providing Additional Functions

To deliver more convenient and exceptional services for you and enrich your experience with the website, we may collect and use your personal information to provide the following additional functions. If you use the website within the European Economic Area, we process your personal information on the basis of your consent in accordance with Art. 6(1)(a) of the GDPR. If you use the service within Turkey, we process your personal information for the purpose of fulfilling the contract on the basis of Article 5(1) of the Turkey PDPA. There is no legal or contractual obligation for you to provide the following personal information. Without such information, the aforementioned online shop service and other basic website service will remain accessible to you, but you may not be able to use those additional functions designed to offer enhanced premium service experience.

1. Event Participation

We periodically organize events, and if you choose to participate, we may collect your name, email address, delivery address, and other information required for the specific event, typically in the form of a questionnaire. The exact details will depend on the event you are participating in. If you successfully participate, this information will help us contact you and send you any rewards or gifts. For example, in a referral program, we may collect your name, email address, and that of the friend you are referring.

2. Feedback and suggestions

Your feedback is invaluable in helping us improve our services and resolve any issues you encounter. To track the feedback you provide, we may collect the information you choose to share, including your name, email address, country, product model, and a description of the issue.

3. Product Updates and Promotions

If you’d like to receive the latest product updates and promotional offers, you can voluntarily enter your email address in the subscription section on our homepage. We will then send you the latest product news and offers. You can unsubscribe at any time by clicking the unsubscribe button in the emails we send, or by clicking the link of 【Unsubscribe】. You may also choose to provide your phone number when submitting an order, and we will send you product news and promotional offers with your consent.

4. Forum

When you use the forum feature on Roborock website, you can post information and participate in discussions. Before you use the forum, we will present you with a separate privacy policy, which will explain to you how your personal information is processed.

III. Analytics and Usage Data

We collect information related to your use of certain features, and websites to ensure the secure operation of the site, as well as to analyze and develop statistical insights into the usage of our products and services to help us improve them. If you use the website within the European Economic Area, we process your personal information based on your consent, in accordance with Article 6(1)(f) of the GDPR. If you use the service within Turkey, we process your personal information for the purpose of fulfilling the contract on the basis of Article 5(2)(f) of the Turkey PDPA. This information may include data such as cookies, other anonymous identifiers, IP addresses, network request information, temporary message history, standard system logs, crash data, device-related information (e.g., browser type, operating system), the URLs you visit on the Roborock website, the specific services and features you use, language preferences, and the date and time of your visits.

COOKIES AND OTHER TECHNOLOGIES

Technologies such as cookies, tags, and scripts are used by Roborock and our Third Party Service Providers. These technologies are used to analyze trends, manage the site, track users’ browsing on the website and to gather demographic information about our user base as a whole. We may receive reports generated with these technologies by these companies on an individual as well as aggregated basis. For more information about cookies, please refer to our Cookie Policy by clicking on the “Learn more” link of the Cookie icon at the bottom of our website.

HOW WE ENTRUST OTHERS TO PROCESS, SHARE, TRANSFER AND PUBLICLY DISCLOSE YOUR PERSONAL INFORMATION

I. Entrusted Processing

We may entrust third-party service providers (including mailing companies, delivery service providers, data storage service providers, technology support providers, customer service providers, advertising and marketing service providers, and data analytics service providers) to process your personal information in order to provide you with the corresponding products or services. In addition, these third-party service providers only process your personal information on our behalf for the purposes stated in this Policy. For the companies, organizations, and individuals we entrust with the processing of personal information, we enter into strict confidentiality agreements or other data protection related agreements with them, stipulating that they must process personal information strictly in accordance with our instructions. They are also required to adhere to the privacy protection requirements in your jurisdiction, and to implement further measures to safeguard the confidentiality and security of your personal information.

II. Sharing

We do not sell any personal information to third parties. We do not share your personal information with other third parties (including companies, organizations, and individuals), except in the following circumstances:

1. Sharing With Explicit Consent: We will share your personal information with third parties after obtaining your explicit consent;

2. Sharing Under Legal Obligations: We may share your personal information with third parties as required by law, for the resolution of litigation disputes, or in compliance with mandatory requests from administrative or judicial authorities.

3. Sharing With Affiliates and Third-Party Partners: To provide you with better services, your information may be shared within Roborock’s affiliates (including those that help us manufacture or sell products or provide after-sales services), in compliance with the data protection laws of the jurisdiction you belong to. In addition, some functions in the website are provided by third-party partners (including website operation, account login, order payment, identity and verification discounts). In compliance with the data protection laws of your jurisdiction, we will share your personal information with third-party service providers to deliver the services you need, but we will only share the necessary personal information and only for the purposes stated in this Policy.

III. Transfer

We will not transfer your personal information to any company, organization, or individual, except under the following circumstances:

1. Transfer With Explicit Consent: We will only transfer your personal information to other parties after obtaining your explicit consent;

2. Transfer In the Event of Mergers, Divisions, Dissolutions, Acquisitions, or Bankruptcy: Should a transfer of personal information be involved in such circumstances, we will inform you of the name and contact details of the recipient. We will ensure that the new entity receiving your personal information continues to be bound by this Policy, or we will require that entity to seek your authorization and consent again.

IV. Public Disclosure

We will only publicly disclose your personal information under the following circumstances:

1. With your separate consent;

2. In cases where it is required by law, legal proceedings, litigation, or mandatory requests from government authorities, we may publicly disclose your personal information.

V. Exceptions to Obtaining Authorization and Consent for Sharing, Transferring, and Publicly Disclosing Personal Information

For the avoidance of doubt, to the extent permitted by the data protection laws in your jurisdiction, and solely to that extent, we may share, transfer, or publicly disclose your personal information without your consent.

OUR SECURITY MEASURES

We are committed to ensuring that your personal information is secure. In order to prevent unauthorized access, disclosure or other similar risks, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect and on Roborock websites. We will use all reasonable efforts to safeguard your personal information.

All your personal information is stored on secure servers that are protected in controlled facilities. We classify your data based on importance and sensitivity, and ensure that your personal information has the highest security level. We make sure that our employees and Third Party Service Providers who access the information to help provide you with our products and services are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet such obligations. All in all, we regularly review our information collection, storage and processing practices, including physical security measures, to guard against any unauthorized access and use.

We will take all practicable steps to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure, and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.

In accordance with applicable legal requirements, including the personal information protection legislation in your jurisdiction, we will promptly notify the relevant regulatory authorities upon occurrence of any personal information leakage; under certain special circumstances, we will also notify the data subjects of the relevant leakage.

YOU CAN HELP TO ENHANCE SECURITY

• You can play your part in safeguarding your personal information by not disclosing your login password or account information to anybody unless such person is duly authorized by you. Whenever you log in as a Roborock Account user on Roborock websites, particularly on somebody else's computer or on public Internet terminals, you should always log out at the end of your session.

• Roborock cannot be held responsible for lapses in security caused by third party accesses to your personal information as a result of your failure to keep your personal information private. Notwithstanding the foregoing, you must notify us immediately if there is any unauthorized use of your account by any other Internet user or any other breach of security.

• Your assistance will help us protect the privacy of your personal information.

HOW LONG WE RETAIN YOUR DATA

We retain your personal information within the period necessary to achieve the purposes of personal information collection, or within that prescribed or permitted by applicable law. Once we determine that the continued retention of personal information is no longer in line with the purpose for which it was collected, we will promptly cease retention and take immediate steps to either delete or anonymize the personal information.

If personal information processing activities are based on the public interest, scientific, historical research, or statistical purposes, we may continue to retain the relevant data, even if further processing is unrelated to the original collection purposes, where permitted by applicable data protection laws.

THE STORAGE LOCATION OF YOUR PERSONAL INFORMATION AND ITS CROSS-BORDER TRANSFER

Roborock uses global cloud services to process and back up your personal information. Currently, Roborock uses the data centers that are in China, Germany and the United States. Based on the website you log into, we will store your information in the nearest data center. For example, if you use the website within the European Economic Area, your personal information will be processed and stored on the server in Germany. In addition, we may also need to transfer your personal information to affiliated companies or third-party service providers outside of your jurisdiction. For this reason, we may transfer personal information to other jurisdictions that may have different laws and data protection compliance requirements to those that apply in the jurisdiction in which you are located.

We will only transfer your personal information outside of your jurisdiction with your explicit consent or by implementing appropriate security protection mechanisms in accordance with applicable data protection laws. However, no matter where your personal information is processed, this does not change any of our commitment to safeguard your personal information in accordance with this Policy.

YOUR RIGHTS AND CHOICES

In accordance with the laws and regulations applicable to your jurisdiction, you or any other authorized party may have certain rights over the personal information we hold about you. Roborock ensures that you can exercise the following rights over your personal information and hereby provides relevant control settings.

Under the applicable data protection laws, we may first request you to verify your identity upon receiving your request. Once your identity has been successfully verified, we will respond to your request within the timeframes stipulated by the applicable data protection laws. Generally, we do not charge a fee for reasonable requests. However, for repetitive, excessive, or unreasonable requests, we may impose a reasonable fee based on the circumstances. Requests that are unfounded, require excessive technical means, pose risks to the legitimate rights of others, or are highly impractical may be refused in accordance with the applicable data protection laws. In cases where we cannot fulfill your request, we will provide an explanation for the refusal.

I. Delete Your Personal Information

According to the applicable data protection laws, you have the right to delete your personal information. You can request the deletion of your personal information by contacting us through the methods described in this Policy. Please understand that, after you or we assist you in deleting relevant personal information, we may not be able to immediately remove it from backup systems due to applicable law and security technology constraints. However, we will securely store your information and isolate it from further processing until backups are cleared or anonymized.

II. Access, Copy, Correct,andSupplementYour Personal Information

You have the right to request access to and/or correction of any personal information we hold about you. Upon your request, we can provide a free copy of the personal information records we have collected and processed about you. If you wish to request access to the personal information we hold or if you believe any information we hold about you is incorrect or incomplete, please contact us as soon as possible through the methods described in this Policy.

III. Restrict or Object the Processing of Your Personal Information

Subject to applicable law, you may have the right to restrict or object to our use of your personal information in certain scenarios. You can request to exercise this right by contacting us through the methods described in this Policy.

IV. WithdrawYourConsent

When we process personal information based on your consent, you can submit a request through the methods described in this Policy and therefore withdraw consent for our collection, use, and/or disclosure of your personal information held or controlled by us in accordance with this Policy.

Please note that your withdrawal of consent may result in certain legal consequences. Depending on the scope of your withdrawal of consent, you may not be able to access certain services we provided. However, your withdrawal will not affect the personal information processing activities conducted based on your previous authorization.

V. Request for Explanation

If you have any questions about our processing of your personal information, you can contact us through the methods described in this Policy to request relevant explanations or clarifications.

VI. Transfer your Personal Information

Subject to applicable data protection laws, you have the right, to request the transfer of your personal information to another personal information controller in the manner prescribed by law. You can request to exercise this right by contacting us through the methods described in this Policy.

VII. Other rights

Subject to the data protection laws in your jurisdiction, you may also have other rights. Specifically, if you use the website within the European Economic Area, you have the right to refuse personal information processing activities solely based on automated decision-making, and the right to lodge complaints with the relevant data protection authorities regarding our personal information processing activities.

VIII. Notice to CaliforniaResidents

If you are a California resident, the California Privacy Rights Act (“CPRA”) requires us to provide you with the following additional information:

1. Collection and Use of Your Personal information. We collect and use your personal information in the preceding 12 months as described in above section “WHAT INFORMATION IS COLLECTED AND HOW WE USE IT”.

2. Disclosure of Personal Information. We disclose personal information with third parties for business purposes in the preceding 12 months as described in above section “HOW WE ENTRUST OTHERS TO PROCESS, SHARE, TRANSFER AND PUBLICLY DISCLOSE YOUR PERSONAL INFORMATION”.

3. Your Rights. As a California resident, you may be able to exercise the following rights:

• the right to know any or all of the following information relating to your personal information we have collected and disclosed in the last 12 months, upon verification of your identity: the specific pieces of personal information we have collected about you; the categories of personal information we have collected about you; the categories of sources of the personal information; the categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed; the categories of personal information we have sold and the categories of third parties to whom the information was sold; and the business or commercial purposes for collecting or selling personal information.

• the right to correct any inaccurate personal information we have about you.

• the right to request deletion of personal information we have collected from you, subject to certain exceptions.

• the right to opt-out of the sale and/or the sharing of your personal information and sensitive personal information to third parties now or in the future.

You also have the right to be free of discrimination for exercising these rights. However, please note that the exercise of these rights may limit our ability to process personal information. For example, if you submit a deletion request, we may no longer be able to provide you with our products and services or engage with you in the same manner.

4. Limit the Use of Sensitive Personal Information. You also have the right to request limitation of use and disclosure of your sensitive personal information, subject to certain exceptions. If you would like to limit the use of your sensitive personal information, please contact us by using the contact details provided in this Policy. The password of your Roborock account is sensitive personal information as defined by the CPRA. Currently, we use and disclose such data to third-party cloud service provider in order to provide you with Roborock account creation, login, and related services. We do not “sell” or “share” (as defined under the CPRA) your sensitive personal information.

5. Opt-out the Sale or Sharing of Your Personal Information. Based on the definition of “sell” and “share” under the CPRA, we do not believe that we engage in such activity and have not engaged in such activity in the past 12 months from the effective date of this Policy.

6. To submit your California Consumer Rights Requests. You may submit a request to exercise your California Consumer Rights by contacting us using the contact details provided in this Policy. We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your Roborock account. In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law. Subject to certain restrictions, you can have an agent exercise your rights for you. If you have an agent exercising your rights, we must be provided with your written authorization allowing that person to make such a request on your behalf. We reserve the right to deny the agent’s request if we are not reasonably able to confirm proper authorization and/or verify your identity as the requestor.

7. Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in this Policy. If your appeal is denied and you are a California resident, you may contact the California Attorney General about the results of the appeal by submitting a complaint by clicking here: https://oag.ca.gov/contact/consumer-complaint-against-business-or-company .

MINORS

• We consider it the responsibility of parents to monitor their children’s use of our products and services. Nevertheless, it is our policy not to require personal information from minors or offer to send any promotional materials to persons in that category.

• Roborock does not seek or intend to seek to receive any personal information from minors. Should a parent or guardian have reasons to believe that a minor has provided Roborock with personal information without their prior consent, please contact us to ensure that the personal information is removed and the minor unsubscribes from any of the applicable Roborock.

ORDER OF PRECEDENCE

If you have agreed to our applicable User Agreements, in the event of inconsistency between such User Agreements and this Policy, such Policy shall prevail.

UPDATES TO THE POLICY

We keep our Policy under regular review and may update this Policy to reflect changes to our information practices. If we make material changes to our Policy, we will post the changes on the related Roborock websites, so that you may be aware of the information we collect and how we use it. Such changes to our Policy shall apply from the effective date as set out in the notice or on the website. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of products and services on the websites, will be taken as acceptance of the updated Policy. We will seek your fresh consent before we collect more personal information from you or when we wish to use or disclose your personal information for new purposes.

DO YOU HAVE TO AGREE TO ANY THIRD PARTY TERMS AND CONDITIONS?

Our Policy does not apply to products and services offered by a third party. Roborock products and services may include third parties’ products, services and links to third parties’ websites. When you use such products or services, they may collect your information too. For this reason, we strongly suggest that you read the third party’s privacy policy as you have taken time to read ours. We are not responsible for and cannot control how third parties use personal information which they collect from you. Our Policy does not apply to other sites linked from our services.

ABOUT OUR SYSTEMATIC APPROACH TO MANAGE YOUR PERSONAL INFORMATION

If you are Europe Economic Area user under GDPR, Roborock will provide systematic approach to manage personal data deeply engages our people, management processes and information systems by applying a risk management methodology. According to the GDPR, for instance, (1) Roborock set up a Data Protection Officer (DPO) in charge the data protection, and the contact of DPO is dpo@Roborock.com; (2) procedure like data protection impact assessment (DPIA).

CONTACT US

If you have any comments or questions about this Policy or any questions relating to Roborock’s collection, use or disclosure of your personal information, please contact our Data Protection Officer at the address below referencing “Privacy Policy”:

• Personal Information Handler (data controller as defined under the GDPR): Beijing Roborock Technology Co., Ltd.

• Address: Room 1001, Floor 10, Building 3, Yard 17, Anju Road, Changping District, Beijing, P.R. China.

• Email: privacy@roborock.com or privacy@roborock-eu.com (for users from European Economic Area).

• If you use the website within the European Economic Area, you may also contact our DPO by sending an email to  dpo@roborock.com.

If you are not satisfied with our response, especially when you believe that our personal information processing activities have infringed upon your legitimate rights and interests, you may also take legal action in the competent court according to applicable law or resolve your claims through external channels such as lodging a complaint with the competent authority.