Remote Service Privacy Notice
Lutron respects your privacy and provides you with control of your personal data. This Privacy Notice is intended to assist you in making informed decisions when requesting remote support from the Remote Services team of Lutron Service Co., Inc. Please take a moment to read and understand this Privacy Notice. This Privacy Notice explains the data we collect and how we use that data. The primary purpose of collecting data is to provide you with the capability to receive remote support via a remote access session.
What Data Do We Collect?
What Data Do We Collect?
- Your data you provided to request remote support services:
In order to receive any remote service, you need to provide your contact information including name, phone number and email address as well as a valid Lutron Job Number. With this information, Lutron will create a Remote Session Security Verification (RSSV) form for your job and send it to you. You need to complete the Remote Session Security Verification form, sign it and return it to Lutron before the session begins.
Lutron may use this data for the following purposes:
- To contact you via email to ask you to complete a post-session survey regarding the service you were provided and your satisfaction level.
- To contact you via email for security related communications. As an example of security related notifications, we may send an email containing information about security updates that have been made to your Lighting Control System (LCS) components that you could request to have applied by our service team.
- To contact you via email regarding warranty information and important service updates, such as warranty expiration dates, upcoming training information, technical support information, etc.
- To email you marketing communications, such as information about Lutron and third-party products. You may unsubscribe from these marketing emails at any time by clicking “unsubscribe” in the email.
- For US and Canadian contacts only, to phone or email you regarding additional products and services available that you can purchase.
The legal basis for use of your personal data is to perform our obligations in accordance with any contract that we may have with you, to provide you with the functionality you requested, or to deliver sales and marketing information as consented to by you.
- A recording of the remote session:
When using GoToAssist, a recording of the remote session is created. Only the video portion of the remote session is recorded. The audio portion is not available to be recorded. This recording is kept on a secure server for 180 days, after which it is permanently destroyed.
Lutron uses this information to:
- Assist the remote service technician recall the events of the session so that the Work Order Details can be documented. A copy of the Work Order with these details is sent to the Site Contact and Scheduling Contact once the Work Order is completed.
- Assist the security team with a record of events in the event there is a reported security incident.
The legal basis for use of such personal data is to perform our obligations in accordance with any contract that we may have with you, to provide you with the functionality you requested, or to deliver marketing information as consented to by you.
- Customer-specific Quantum and associated log files
We retain the following information that has been designated as possibly containing Data Subject Data:
Personal Data Name
(Including Support Files)Data Description Job Name The name of the project as provided by the customer Job Number The Lutron-generated number associated with the project Job Location Address of the project Case Number Lutron-generated number used for tracking problem jobs Quantum Database Customer configuration information contain in SQL Server database Processor Event Log Text file containing historical events that occurred on a quantum processor GUI Logs Text file containing historical events that occurred while using the user interface Transfer Output Parser files Text files containing historical events that happened during a transfer of a database to processor(s) Backup of ELMAH SQL Server database Database used for version history Backup of Q-Admin SQL Server database Database used for historical information Windows Event Viewer Log
(System & LSM)Text file containing historical information about Windows operating system Wireshark capture Text file containing network traffic information iTunes log Text file containing information about Q-Control app Local Area Network Address Local Machine address used to allow remote connectivity software to access the machine We use this data for the purpose of troubleshooting and diagnosing any issues that require additional assistance for our Engineering team. In order to properly diagnose an issue, replication of the exact site conditions is required. We also use this data to provide a securely archived recovery point in the event of a catastrophic failure of your server. The data can also be used to identify ways to better optimize the Quantum software suite. We do not sell this data.
The legal basis for use of such personal data is to perform our obligations in accordance with any contract that we may have with you, in this case to troubleshoot any issues that arise and better optimize the software.
- Getting help from us
In the event you decide to contact us for assistance, we will collect data that you decide to provide to us. We may collect your name, email address, phone number and the content of any discussion, email, or chats. You may request assistance from us by sending additional information or files to assist in troubleshooting. For select technical issues, we may share your data with third-party contractors.
The legal basis for use of such personal data is to perform our obligations in accordance with any contract that we may have with you, in this case to respond to your request for assistance.
How to Access Your Data and Your Rights
How to Access Your Data and Your Rights
If you are an EU national and reside in the EU, or are non-EU national residing in the European Economic Area (EEA), you have the following rights in relation to the personal data we hold about you:
- Your right of access. If you ask us, we’ll confirm whether we’re processing your personal data and, if so, provide you with a copy of that personal data (along with certain other details).
- Your right to rectification. If the personal data we hold about you is inaccurate or incomplete, you’re entitled to have it rectified. If we’ve shared your personal data with others, we’ll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we’ll also tell you who we’ve shared your personal data with so that you can contact them directly.
- Your right to erasure. You can ask us to delete or remove your personal data in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If we’ve shared your personal data with others, we’ll let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal data with so that you can contact them directly. Upon deleting your personal data, backups of personal data may linger for a bit with us before they are deleted. However, we may need to retain certain data if required to do so for legal reasons.
- Your right to restrict processing. You can ask us to ‘block’ or suppress the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data or you object to us processing it. It won’t stop us from storing your personal data, though. We’ll tell you before we lift any restriction. If we’ve shared your personal data with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your personal data with so that you can contact them directly.
- Your right to data portability. You have the right, in certain circumstances, to obtain personal data you’ve provided us with (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice. We will provide the information in a common industry format to you via email, or an emailed link, upon your request.
- Your right to object. You can ask us to stop processing your personal data, and we will do so, if we are:
- relying on our own or someone else’s legitimate interests to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or
- processing your personal data for direct marketing.
- Your rights in relation to automated decision-making and profiling. You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.
- Your right to withdraw consent. If we rely on your consent (or explicit consent) as our legal basis for processing your personal data, you have the right to withdraw that consent at any time.
- Your right to lodge a complaint with the supervisory authority. If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal data, you can report it to your country's data privacy oversight and compliance organization.
To request a copy of your data, request to have your personal data erased, or for other privacy inquiries contact us at:
To request a copy of your data, request to have your personal data erased, or for other privacy inquiries contact us at:
Phone: +1 (267) 546-5296. (international call rates may apply)
For security reasons, we will need to verify that the person initiating a data request is authorized. As you must have an account for this App to function, upon our receipt of a data request we will advise you to send certain information from within the App while you are logged in to your account. We must receive the requested information within the provided time period for us to initiate your data request. Should you use an authorized agent to initiate a data request on your behalf, you will need to coordinate the sending of the required account verification information to us with your authorized agent.
How Long is Your Data Kept & How Do We Protect It?
How Long is Your Data Kept & How Do We Protect It?
We retain the information listed in What Data Do We Collect? above. This information will be retained until (10) ten years after system obsolescence or until you request to have your personal data erased. To request to have your personal data erased, contact us at dataprivacy@lutron.com. Please be sure to include the nature of your request.
We take security very seriously and we follow industry best-practices for securing data, monitoring for potential abuse, and updating systems. We do not collect more personal data than we need to fulfil our purposes stated in this Privacy Notice and we will not retain it for longer than is necessary.
International Transfers of Personal Data
International Transfers of Personal Data
Some of our group entities and service providers are located outside of the European Economic Area (EEA), in the United States or India, for instance. We may share this information with such parties, primarily cloud service providers, to assist us in providing you with the functionality you desire.
Accordingly, if you are an EU national and reside in the EU, or are non-EU national residing in the EU, whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- where we use providers based in the US, we may transfer your personal data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
- where we use certain service providers based outside of the US, we may transfer your personal data in accordance with EU data protection law requirements by using standard contractual clauses that have been approved by the European Commission.
Such a transfer may also be necessary in order to perform a contract with you, fulfil your request, and/or through obtaining your explicit consent.
About us
About us
Lutron Electronics Co., Inc. is headquartered in Coopersburg, Pennsylvania, United States. We are approximately 60 miles north of Philadelphia. We are an industry leading manufacturer of lighting control systems and have been in business for more than 50 years.
The following is required to be provided to EU users:
When we transfer personal data from the EU to the United States and India, we use contractual clauses process approved by the European Commission.
For EU regulatory purposes, the data controller is:
Lutron Electronics, Co., Inc.
Attn: Data Privacy
7200 Suter Road
Coopersburg, PA 18036 USA
and our EU representative is:
Lutron LTC.
10, rue du Colisée
75008 Paris France
Changes to this Privacy Notice
Changes to this Privacy Notice
To ensure that you are always aware of how we use your personal information we will update this Privacy Notice from time to time to reflect any changes to our use of your personal information. We may also make changes as required to comply with changes in applicable law or regulatory requirements. This information will be made available at www.lutron.com. However, we encourage you to review this Privacy Notice periodically to be informed of how we use your personal information.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.