Lutron privacy policy
Applies to: Multi-Country
Revised: December 31, 2023

Residential Systems

Lutron understands that your privacy is important, and that you care about how we use your personal information. This Privacy Notice explains how Lutron uses your personal information, and the rights you have with its use. Lutron is committed to the security and privacy of our customers’ information. We design with security and privacy in mind.
 

This Privacy Notice applies to users of the Lutron residential system (“homeowners” or “occupants”) and explains the Data (defined in the table below) we collect from Lutron Systems and Software. If you are a professional installer, or a homeowner who has hired a professional installer, refer to the myLutron privacy notice to understand how Lutron uses data on the installer’s activities (including technical information about the devices in this system).

What Data categories do we collect, for what purpose, and who do we share it with?

Category:Examples:Disclosed to:
Personal Data/identifiersEmail address, internet protocol (IP) address or other similar identifiers

Third-party providers, including:

  1. Cloud service providers
  2. Service providers that facilitate email communications from Lutron
Third-party integrators – information only disclosed for services that you requested.
General geolocation at the town/city level 
Technical lighting system informationDevices you have linked to your Lutron system, room names, scene details, usage activity, timeclock event details, device names, log files, programming information, third-party integration details, serial numbers, network configuration information, operating system information, and the MAC IDs of Lutron devices and devices running Lutron software. 

Technical information may include personal information or information that could when combined with other identifiers be deemed personal (e.g., logins, serial numbers, and MAC IDs). When classified as technical information, data has been either disassociated from other identifiers and/or has been anonymized using industry-standard techniques (e.g., one-way salting and hashing) to protect your privacy.

Third-party providers, including:

  1. Cloud service providers
  2. Third-party integrators – information only disclosed for services that you requested
  3. Service providers that monitor for up-time reliability and system security

For what purpose do we collect the Data?

  1. Personal Data/identifiers:

    When you install a Lutron system, you may need to establish an account with Lutron. We use this Information for the following purposes:
    1. To provide you with the ability to control your lighting control system (combined with the lighting and technical information – see below).

      We share your Data with third-party providers, primarily cloud service providers, to assist us in providing system functionality. If you have requested to integrate your Lutron system with a third party, we share your Data with that third party. See the section—"Your request to share Data with third-party systems” for more information.

    2. To email you important service updates, such as account password reset requests, information on security updates, technical support information, etc.

      We may contact you by email for service and security-related notifications. An example of a security-related notification is an email confirming your account initiation, password changes, and similar changes that allow you to monitor any unauthorized access to your account. Additionally, we may send you a product support email approximately 1 week after your account is initiated to provide you with customer support contact information. Because this information is provided for system functionality, you cannot opt out of receiving these service and security related emails.

      We share your Data with third-party providers that assist us in delivering these emails to you.

    3. We use this data to assess system up-time performance, to monitor for security threats and data quality, and to enable us to make informed business decisions.
       
    4. If you have opted into marketing communications, we will use Data to contact you about Lutron and third-party products or to ask you to provide feedback about your experience. You may unsubscribe from marketing communications at any time by clicking “unsubscribe” in the email.

      For European Union (“EU”) and United Kingdom (“UK”) users: The service providers we use are located within the United States (or for select technical issues in India) and the transfer and use of Data is governed by transfer mechanisms deemed adequate (e.g., The EU-US Data Privacy Framework, UK-US Data Bridge, and/or appropriate transfer agreements based on EU/UK approved standard contractual clauses). The legal basis for our use of your Data for the purposes in this section is to perform our obligations in accordance with any contract that we may have with you or your installer, to provide you with the functionality you requested, and/or to deliver marketing information as consented to by you.

  2. Technical lighting system information 

    We collect technical information to enable the system to function, to understand how people use Lutron systems and software, assess system up-time performance, to monitor for security threats and data quality, and to enable us to make informed business decisions (e.g., tracking and understanding channel distribution and sale of devices at the professional and retail level disassociated from the individual level).

    We share your Data with third-party providers, primarily cloud service providers, to assist us in providing the functionality for your lighting control system. If you have requested to integrate your Lutron system with a third party, we share your Data with that third party. See the section—"Your request to share Data with third-party systems” for more information.

    For European Union (“EU”) and United Kingdom (“UK”) users: The service providers we use are located within the United States (or for select technical issues in India) and the transfer and use of your Data is governed by transfer mechanisms deemed adequate (e.g., The EU-US Data Privacy Framework, UK-US Data Bridge, and/or appropriate transfer agreements based on EU/UK approved standard contractual clauses). The legal basis for our use of your Data for the purposes in this section is to perform our obligations in accordance with any contract that we may have with you or your installer, to provide you with the functionality you requested, and/or to deliver marketing information as consented to by you.
     
  3.  Your choices:
    1. Timeclocking/Scheduling: When setting up your system you may be asked for permission to access your device’s location (a one-time snapshot of the location of your device) and time zone of your system to establish the general location of the system and to provide timeclocking/scheduling functionality.

      We obtain only the general location (within a .6 mile/1 km area) of the system, such as your city. The exact location is not recorded by us as it is not required to provide timeclocking/scheduling functionality.

      Timeclocking/scheduling allows you to program your system based on your sundown and sunrise times. For example, you may program an outside light to turn on 30 minutes after sunset and turn off 30 minutes before sunrise. By providing the general location of the system you allow the system to automatically adjust as sunset and sunrise times change throughout the year including any daylight savings time. If you choose not to provide location permissions, the system will be assumed to be Lutron headquarters in Coopersburg, Pennsylvania, USA
       
    2. Enable Geofencing. To enable geofencing functionality, you provide us with the relative location of your device. Geofencing gives you the ability to program your lighting control system to activate based on your device’s location. Examples of geofencing include turning the garage lights on as you arrive home and turning interior lights off when you leave.

      If you enable geofencing, we receive a notice from your device running the Lutron App as to the relative location of your device compared to the lighting control system location. We do not log or track the location of your device, but rather we receive a signal from your device notifying us of its proximity to the lighting control system.

      We share your Data with third-party providers, primarily cloud service providers, to assist us in providing the geofencing functionality. Additionally, if you have requested to integrate your Lutron system with a third party, we share your Data with that third party. See the section—"Your request to share Data with third-party systems” for more information.

      For European Union (“EU”) and United Kingdom (“UK”) users: The service providers we use are located within the United States and their use of your Data is governed by transfer mechanisms deemed adequate (e.g., The EU-US Data Privacy Framework, UK-US Data Bridge and/or appropriate transfer agreements based on EU/UK approved standard contractual clauses). The legal basis for our use of your Data for the purposes in this section is to perform our obligations in accordance with any contract that we may have with you or your installer, to provide you with the functionality you requested, and/or to deliver marketing information as consented to by you.
       
    3. Your request to share Data with third-party systems:
      Your lighting control system can inter-operate with many third-party systems such as Apple® HomeKit™, Google Assistant™, Amazon Alexa™, etc. It is your choice to permit these third-party systems to access your lighting control system. Also, by requesting such third-party interoperability, you are requesting an ongoing transfer of your Data to the third-party system. Each third-party has varying requirements of the quantity of your Data needed for their interoperability to function. Please be aware that some third parties require a complete set of your Data to be continuously transferred for their interoperability to function.

      To initiate the interoperability, you are generally required to enroll via the third party’s system. By enrolling, you are authorizing Lutron to share your Data with a third party. Any Data we provide to the third party at your request is not covered by this Privacy Notice as that data is no longer under our control. Any Data that you request us to provide to a third party is controlled by that third party’s privacy policy.

      For some third-party systems you may disable interoperability within the Lutron software. If you wish to disable interoperability, we also recommend you do so by selecting the appropriate controls within that third-party system.

How to contact us to: request a copy of your data, request to have your personal data erased, or for other privacy inquiries.

  1. www.lutron.com/DataPrivacyRequest
  2. DataPrivacy@Lutron.com
  3. 1 (844) LUTRON1

For security reasons, we will need to verify that the person initiating a data request is authorized. As you must have an account for this App to function, upon our receipt of a Data request we will advise you to send certain information from within the App while you are logged into your account. We must receive the requested information within the provided time period in order for us to initiate your Data request. Should you use an authorized agent to initiate a data request on your behalf, you will need to coordinate the sending of the required account verification information to us with your authorized agent.

If you are contacting us via email or telephones, please be sure to include the nature of your request (e.g. request a copy of your data, request data erasure, etc.). Initiating a request will not impact your service level of the operation of your lighting controls system.

If you request erasure of required operational data, certain functionality provided by the App and bridge will be lost such as: the ability to use the App to remotely control your lighting control system, timeclocking, and third-party integrations. If you request erasure of your account, you can later create a new account and re-use the existing lighting control system hardware, however you may need to reprogram your system.

We are required to advise residents of California that they may request the following

  • A copy of your personal information collected by Lutron
  • Deletion of your personal information;
  • Opt-out of the sale of personal information;
  • Correction of inaccurate personal information;
  • Limit the use and disclosure of sensitive personal information. 

The following is required to be provided to EU users regarding Data access and rights:

You have the following rights in relation to the Data we hold about you:

  1. Your right of access. If you ask us, we’ll confirm whether we’re processing your Data and, if so, provide you with a copy of that Data (along with certain other details).

  2. Your right to rectification. If the Data we hold about you is inaccurate or incomplete, you’re entitled to have it rectified. If we’ve shared your Data with others, we’ll let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we’ll also tell you who we’ve shared your Data with so that you can contact them directly.

  3. Your right to erasure. You can ask us to delete or remove your Data in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If we’ve shared your Data with others, we’ll let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we’ve shared your Data with so that you can contact them directly. Upon deleting your Data, backups of personal information may remain for a reasonable time with us before they are deleted. We may need to retain certain Data if required to do so for legal reasons. To remove the possibility of further Data being sent to us, you should remove the ethernet cable from your bridge and uninstall the App from your device.

  4. Your right to restrict processing. You can ask us to “block” or suppress the processing of your Data in certain circumstances such as where you contest the accuracy of that Data or you object to us processing it. It won’t stop us from storing your Data though. We’ll tell you before we lift any restriction. If we’ve shared your Data with others, we’ll let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we’ll also tell you who we have shared your Data with so that you can contact them directly.

  5. Your right to data portability. You have the right, in certain circumstances, to obtain Data you’ve provided to us (in a structured, commonly used and machine-readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice. We will provide the Data in a comma separated value (CSV) format to you via email upon your request.

  6. Your right to object. You can ask us to stop processing your Data, and we will do so, if we are relying on our own or someone else’s legitimate interests to process your Data, except if we can demonstrate compelling legal grounds for the processing, or processing your Data for direct marketing.

  7. Your rights in relation to automated decision-making and profiling. You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.

  8. Your right to withdraw consent. If we rely on your consent as our legal basis for processing your Data, you have the right to withdraw that consent at any time.

  9. Your right to lodge a complaint with the supervisory authority. If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal information, EU users can report it to the data protection authority within your country.

International transfers of personal data

Some of our group entities and service providers are in the United States or India. We may share information with such parties, and with a contractor located in India, for select technical issues.

For European Union (“EU”) and United Kingdom (“UK”) users: The service providers we use are located within the United States (or for select technical issues in India) and the transfer and use of your Data is governed by transfer mechanisms deemed adequate (e.g., The EU-US Data Privacy Framework, UK-US Data Bridge, and/or appropriate transfer agreements based on EU/UK approved standard contractual clauses). The legal basis for our use of your Data for the purposes in this section is to perform our obligations in accordance with any contract that we may have with you or your installer, to provide you with the functionality you requested, and/or to deliver marketing information as consented to by you.

How long do we keep your Data & how do we protect it?

Lutron takes security very seriously and we follow industry best practices for securing data, monitoring for potential abuse, and updating systems. We collect only the personal data we need to fulfill the purposes stated in this Privacy Policy, and we will not retain personal data for longer than necessary.

Provided you continue to use the lighting control system, we will retain your Data to provide the functionality you have requested. If your system is not used for five years, we will start the process to remove your account from our systems. You will receive at least two emails advising you to log into your account and/or use your system in order to keep your account active. If we close your account due to inactivity, you will need to re-enroll your bridge to re-enable functionality. Note that if your Data is only needed for a shorter period, we may delete it.

About us

Lutron Electronics Co., Inc. is headquartered in Coopersburg, Pennsylvania, United States. We are approximately sixty miles north of Philadelphia. We are an industry leading manufacturer of lighting control systems and have been in business for more than 50 years. 

 

The following is required to be provided to EU and UK users:

When we transfer personal data from the EU and/or the UK, the transfer and use of your personal data is governed by transfer mechanisms deemed adequate (e.g., The EU-US Data Privacy Framework, UK-US Data Bridge, and/or appropriate transfer agreements based on EU/UK approved standard contractual clauses). 

 

For EU regulatory purposes, the data controller is: 

Lutron Electronics, Co., Inc. 

Attn: Data Privacy 

7200 Suter Road 

Coopersburg, PA 18036 USA 

 

and our EU representative is: 

Lutron LTC

10, rue du Colisée 

75008 Paris France 

Changes to this Privacy Notice

To ensure that you are always aware of how we use your personal data we will update this Privacy Notice from time to time to reflect any changes to our use of your personal data. We may also make changes as required to comply with changes in applicable law or regulatory requirements. If Lutron has your email address in our records, we will notify you by email of any material changes. When technically feasible, we will also provide notice of changes via systems and applications. We also strongly encourage you to review this Privacy Notice periodically, and no less frequently than annually, to ensure you are best informed of how we use your personal data.

Lutron is a trademark or registered trademark of Lutron Electronics Co., Inc., in the US and/or other countries.