Privacy Governance

At Home Connect, we prioritize privacy by default, collecting only the minimum amount of data necessary to deliver our services. Data is retained solely for the duration required to fulfill its intended purpose, as outlined in our Privacy Policy, service-specific privacy notices, or as mandated by law.

Our approach includes clear consent mechanisms, empowering clients to choose whether to share specific data. Home Connect’s data practices reflect our commitment to respecting user choices and maintaining transparency.

Home Connect follows a cross-functional approach to privacy governance, encompassing both customer and employee data. Our Privacy and Compliance team works alongside our Legal and Product teams to integrate privacy protections from the ground up in each service we design. This collaborative approach ensures that data is used exclusively for its intended, lawful purposes.

Home Connect also has a Privacy Committee composed of senior representatives across Legal, Product, Compliance, and Information Security. This committee sets privacy standards company-wide, providing guidance on privacy compliance and serving as an escalation point for addressing any privacy-related issues. Additionally, the committee oversees instances where data is managed by third-party vendors on behalf of Home Connect, conducting initial and ongoing assessments to ensure they meet our stringent security and privacy standards.

Our Board of Directors’ Compliance Oversight Committee also monitors privacy and data security, supporting accountability and alignment with our privacy commitments.

To ensure all employees understand and uphold our privacy values, Home Connect requires annual Business Conduct Training, which includes privacy education tailored to each role’s level of data access and responsibility. For employees handling sensitive or high volumes of personal data, additional privacy and security training is provided, including updates to address evolving laws such as GDPR and CCPA. Compliance with Home Connect’s privacy and security standards, including data de-identification, is subject to audit by our Privacy Compliance Audit team.

Employees are encouraged to raise privacy-related questions or concerns directly with our Privacy Team through a dedicated contact channel. The Privacy Team addresses each query promptly, ensuring responsive privacy governance across the organization.

Home Connect integrates Privacy Impact Assessments (PIAs) for major services and products, reviewing potential privacy implications from initial development through launch. PIAs include evaluating any data-driven or algorithmic systems to assess their impact on individuals and their rights. Regular reassessments are scheduled based on the assigned risk level, typically within one- to two-year intervals. Privacy reviews for any third-party partnerships or acquisitions are also integral to the PIA process, helping us maintain high standards across all operations.

Home Connect is committed to maintaining certification standards such as ISO 27001 and 27018, undergoing regular audits to uphold our security and privacy practices.

Data Security and Incident Response

Home Connect is dedicated to protecting your personal data through robust privacy safeguards. We implement access management and controls aligned with the sensitivity of data, ensuring that data access is tied to a legitimate business purpose, such as providing you with personalized support. Our systems and practices are designed to prioritize security and integrity at every level of our services.

If Home Connect identifies a potential data security incident that could impact users' personal data, our dedicated incident response team promptly investigates the situation to understand what occurred and determine appropriate actions. Should we detect any user impact, we work quickly to address the issue, applying necessary remediation steps, which may include system updates or adjustments to our security measures.

In line with applicable laws, industry standards, and Home Connect’s commitment to privacy, we assess each incident to determine if notifications to affected users or regulators are warranted. When required, we promptly notify affected individuals, typically via phone or email, providing information and guidance to help reduce any potential risks.

We are committed to timely and transparent communication regarding any incidents and aim to support affected users with relevant information and assistance.

Privacy Complaints

If a user submits a privacy-related complaint that signals a material privacy issue, Home Connect will take action to address and resolve the issue at the earliest opportunity. If a privacy concern has led to a substantial negative impact on a user or associated party, we will work directly with the affected individual to resolve the matter effectively and equitably.

Privacy Policy Updates

In the event of a significant change to our Privacy Policy, Home Connect will post a notice on the webpage where our Privacy Policy is available, at least one week before the update takes effect. Additionally, we will directly inform users about the change if we have their contact information on file.