Privacy Policy for KlimaNowBox

At KlimaNowBox we prioritize your privacy while delivering smart climate solutions for everyday comfort. This policy explains what personal information we collect, how it is processed, the legal bases we rely on, and your choices regarding your data. Our approach is to minimize data collection, keep processing transparent, and enable you to control your information. If you have questions, contact our data protection contact listed below.

2026-02-26 KlimaNowBox privacy@klimanowbox.pro

Key Definitions

To make this policy clear, we define terms used throughout. These definitions align with common data protection terminology and help explain how KlimaNowBox handles information related to our product and services.

Personal data means any information relating to an identified or identifiable individual, such as name, contact details, device identifiers, account records, and usage data that can be linked to a person. We treat such information with care and apply technical and organizational measures to protect it.
Processing refers to any operation performed on personal data, including collection, storage, use, transmission, aggregation, anonymization, deletion and other actions necessary to operate our services and fulfil contractual or legal obligations.
User refers to an individual who uses KlimaNowBox services, purchases devices from KlimaNowBox, or visits our website. This includes device owners, account holders and people interacting with our support team.
Service means the KlimaNowBox product ecosystem, including device firmware, mobile or web apps, cloud services, account management, support, and related features provided under the brand KlimaNowBox and reachable at KlimaNowBox.pro.
Cookies are small text files placed on a user's device to store certain information about browsing preferences and site interactions. We use cookies and similar technologies to operate the site, understand usage patterns, and manage sessions securely.

What Data We Collect

We collect only the data needed to provide, improve and secure our products and services. Data collection falls into three categories: data you provide, data collected automatically, and data obtained from third parties when necessary for service delivery.

Data You Provide Directly

When you sign up, make a purchase, contact support, or configure a device, you provide data that enables account management, product activation, and customer service.

  • Contact details: name, billing address, shipping address, email address, and phone number required to process orders and communicate about purchases.
  • Account credentials: username and hashed password used to access your KlimaNowBox account and manage devices.
  • Payment and billing information: processed through our secure payment partners to complete transactions; KlimaNowBox does not store full payment card details unless explicitly required and secured.
  • Device setup information: device names, room assignments, Wi‑Fi network identifiers necessary to configure and operate your KlimaNowBox devices.
  • Customer support communications: messages, logs and attachments you share when requesting help so we can diagnose and resolve issues.
  • Marketing preferences and consent choices you provide for receiving updates, offers and newsletters from KlimaNowBox.

Data Collected Automatically

We also collect technical and usage information automatically to operate the service, maintain security and improve functionality. This data is kept to the minimum required for those purposes.

  • Device telemetry and operational logs such as temperature readings, runtime statistics, device health indicators and firmware version to keep devices performing as expected.
  • Connection and network metadata including IP addresses, timestamps and session identifiers to manage secure connections between devices, apps and our servers.
  • Usage analytics anonymized or pseudonymized to understand how people use KlimaNowBox features and where to focus product improvements.
  • Error reports and crash data that help our engineering team identify and fix issues affecting device or app reliability.
  • Cookies and local storage identifiers used for session management, login persistence, and basic site preferences.
  • Location-related metadata limited to the granularity needed for regional settings and compliance with local laws; precise continuous tracking is not performed without explicit user consent.

Data from Third Parties

When necessary to provide services, we may receive data from third-party providers. We evaluate partners for security and compliance before sharing information.

  • Payment processors and fraud prevention partners provide transaction status and verification data to complete purchases securely.
  • Cloud and hosting providers process encrypted device and account data to enable remote access and storage.
  • Analytics and advertising providers may supply aggregated, non-identifying reports about site usage unless you opt out.

How We Use Your Data

We process personal data for legitimate business purposes and to deliver the KlimaNowBox service. Processing is limited to what is necessary and aligned with user expectations.

  • To register and manage customer accounts, complete purchases, deliver devices and handle returns or repairs.
  • To operate devices and associated cloud services, enabling remote control, scheduling and firmware updates that improve device reliability and safety.
  • To provide customer support, handle inquiries, troubleshoot problems and maintain records of interactions.
  • To protect accounts and devices against fraud and unauthorized access through security monitoring and incident response.
  • To perform billing, tax and regulatory compliance tasks required by Swiss and applicable international laws.
  • To improve products and services through analysis of aggregated usage data and performance metrics.
  • To send service-related notifications, updates about firmware and critical security information affecting KlimaNowBox devices.
  • To respect your marketing choices and deliver communications in line with the preferences you set when creating an account.

Legal Bases for Processing

We rely on appropriate legal bases for processing personal data under applicable data protection laws, including contractual necessity, legitimate interests, consent where required, and legal obligations.

  • Contract performance: processing necessary to deliver devices, provide the service and complete transactions.
  • Legal compliance: processing required to meet tax, accounting and regulatory obligations in Switzerland and other jurisdictions.
  • Legitimate interests: processing for fraud prevention, service improvement, and security, balanced against user privacy rights.
  • Consent: where we ask for explicit consent, such as certain analytics or marketing communications, you may withdraw consent at any time.

Data Protection and Your Rights

Although KlimaNowBox is based in Switzerland, we respect GDPR principles for users in the European Economic Area. We provide the rights and protections described below to EU/EEA individuals when applicable.

  • Right of access: you may request confirmation of whether we process your personal data and receive a copy of that data.
  • Right to rectification: you can request correction of inaccurate or incomplete personal data we hold about you.
  • Right to erasure: you may request deletion of personal data where it is no longer necessary for the purposes collected, subject to legal or contractual retention obligations.
  • Right to restriction of processing: you may ask us to restrict processing under certain circumstances, for example while a dispute is resolved.
  • Right to data portability: where processing is based on consent or contract and carried out by automated means, you can request a portable copy of your data.
  • Right to object: you may object to processing based on legitimate interests, including profiling, unless we have compelling legitimate grounds to continue.

Cookies and Similar Technologies

Our website and apps use cookies and similar technologies to provide core functionality, analyze usage, and support preferences. You can manage cookie settings through your browser or device.

Types of cookies used include essential cookies for login and security, performance cookies for anonymous analytics, and preference cookies to store language or layout choices. We do not use persistent tracking cookies for advertising without consent.

Cookie categories: essential (required for site operation), analytics (usage measurement), functional (preferences), and optional marketing (requires consent). Essential cookies cannot be disabled without affecting site functionality.

You can manage cookie choices via the cookie banner on first visit, through your browser settings, or within app preferences. Deleting or blocking cookies may reduce some site features and affect device setup processes.

View detailed cookie settings

Data Sharing and Disclosure

We share personal data only as necessary to operate services, comply with law, and work with trusted partners. Sharing is limited and governed by contractual safeguards and confidentiality requirements.

  • Service providers: cloud hosting, payment processors, logistics and customer support vendors that process data on our behalf.
  • Legal and regulatory authorities when required by law, court order, or to protect legal rights and public safety.
  • Mergers and corporate transactions: in the event of a sale, acquisition or restructuring, customer data may be transferred under confidentiality and data protection terms.
  • Aggregated or anonymized data: non-identifiable summaries used for research and product development may be shared with partners.
  • Security partners contribute potential abuse or threats to KlimaNowBox systems to maintain service integrity.
  • Third parties where you explicitly request integration or data sharing as part of optional features or third-party connections.

International Data Transfers

KlimaNowBox may transfer data to processors and affiliates outside Switzerland and the EEA to operate global cloud services. When transfers occur, we ensure appropriate safeguards are in place such as standard contractual clauses or equivalent protections recognized under applicable law.

We assess third-party processors for security and data protection practices and use contractual commitments, technical controls and, where applicable, approved transfer mechanisms to maintain an adequate level of protection for your data.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined or as required by law. Retention periods vary by data type and business need.

Account information is retained for the duration of your active account and for a reasonable period afterwards to support account recovery, handle returns, and comply with legal obligations.

Support communications and contact records are retained to provide consistent customer service and to maintain an audit trail for service issues, for a period aligned with operational needs and legal requirements.

Technical logs, error reports and telemetry are retained in aggregated or anonymized form for analysis and troubleshooting. Raw logs that include personal data are kept only as long as necessary to resolve incidents.

When data is no longer necessary, we securely delete or anonymize it. You can request deletion of your personal data in accordance with the rights outlined in this policy, subject to certain exceptions for legal or operational retention needs.

Security Measures

We implement industry-standard administrative, technical and physical safeguards to protect data from unauthorized access, loss, alteration and disclosure. Security measures are regularly reviewed and updated to reflect evolving threats.

  • Encryption of data in transit and at rest where technology and risk assessment warrant it.
  • Access controls and role-based permissions to restrict employee and vendor access to only the data necessary to perform their duties.
  • Monitoring, incident response procedures and regular vulnerability assessments to identify and address security issues promptly.

Your Rights

You have rights regarding your personal data. To exercise these rights, contact our privacy team. We will respond within applicable legal timeframes and verify identity as required to protect your information.

  • Access: request a copy of the personal data we hold about you and information about processing purposes and recipients.
  • Correction: ask us to update inaccurate or incomplete personal data.
  • Deletion: request erasure of personal data when no longer necessary for the purposes collected and consistent with legal obligations.
  • Restriction and objection: request restriction of processing or object to certain processing activities, particularly where processing is based on legitimate interests.
  • Portability and consent withdrawal: request a portable copy of data you provided and withdraw consent for processing where applicable. For marketing preferences, use the unsubscribe link in communications or update preferences in your account.
  • Right to restrict automated processing: You may request limitations on decisions made exclusively by automated means when these affect you in a significant way. KlimaNowBox will assess each request and respond with available options and next steps.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw that consent at any time. Withdrawal affects future processing but does not make past processing unlawful if it was validly carried out.
  • Right to lodge a complaint: If you believe your data protection rights are infringed, you can file a complaint with the competent supervisory authority in Switzerland. KlimaNowBox will cooperate with authorities and provide information on the steps taken.

How to exercise your privacy rights

To exercise any of the rights described, please submit a request by email or post including your full name, contact details, and a clear description of the request. We may require additional information to confirm your identity and to process the request securely. KlimaNowBox aims to handle straightforward requests promptly and to keep you informed of progress.

info@klimanowbox.pro

Response time: We strive to acknowledge receipt of requests within 7 business days and to provide a substantive response within 30 days. Complex requests may require additional time; in such cases we will inform you of expected timelines and reasons for delay.

Marketing communications and choices

KlimaNowBox uses contact details provided by customers to send relevant product news, offers and tips about smart climate devices that improve everyday comfort. Marketing messages are sent only with your consent where required, or where there is an existing customer relationship and communications relate to similar products or services. We limit marketing to content that helps you optimize comfort and energy use with practical suggestions.

To stop marketing communications, click the unsubscribe link in any marketing email or contact us. Unsubscribing will be processed promptly and will not affect messages necessary for order confirmations, deliveries or important service notifications.

Children's privacy

Our products and services are designed for adults and household use. We do not intentionally collect personal data from children under 16 without appropriate parental consent. If we learn that we have collected data from a child without proper authorization, we will take steps to delete it and to notify the parent or guardian as appropriate.

Third-party links

Our website and product interfaces may contain links to third-party sites, services or integrations. KlimaNowBox is not responsible for the privacy practices or content of those third parties. We recommend reviewing their privacy policies before sharing personal information or enabling integrations with third-party systems.

Changes to this privacy notice

We may update this privacy notice to reflect changes in our operations, legal requirements or product features. Material changes will be communicated via our website or by email where appropriate. We encourage you to check this notice regularly for updates.