I was aware of most of these since I read the privacy policy, and Wyze employees have also discussed these in various threads in the past. We were reassured that Wyze doesn’t sell our personal data and their responses to the questions being asked in the past were pretty reasonable IMO. Wyze has been pretty straightforward with it as far as I saw. Here are some selections of interest from the privacy policy:
Sales of Personal Data: Wyze does not sell your personal information. We do allow third parties to collect certain device identifiers and internet and electronic network activity via our Services for advertising purposes. Please see the “Advertising and Analytics Services Provided by Others” section above for more details.
We allow others to provide analytics services and serve advertisements for us across the web and in mobile applications. These entities may use cookies, web beacons, device identifiers and other technologies to collect information about your use of the Services and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in apps, links clicked, and conversion information. This information may be used by Wyze and others to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services and other websites and online services, and better understand your online activity. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit www.aboutads.info/choices in the United States or www.youradchoices.ca in Canada.
Location Information: We derive the approximate location of your computer or mobile device from your IP address. When you use our mobile app, we also collect information about the precise location of your mobile device in accordance with the permission process established by your mobile device.
If you initially consent to our collection of precise location from our mobile app, you should be able to subsequently stop this collection by changing the preferences on your mobile device. If you do so, our mobile applications, or certain features, may no longer function properly. You may also stop our collection of this information by deleting our app from your mobile device.
(ie: we are allowed to change settings to not have our location tracked, we’ll just lose location-based rules and some functionality like I like to use for a lot of my automations…but we absolutely can restrict that info if we want)
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
Website and Mobile App Log and Usage Information: When you use our websites and mobile apps, we collect log and usage information, including the type of browser you use, app version, access times, pages viewed or features selected, IP address, and the page you visited before navigating to our websites.
(basically the same thing 99% of domains do when we visit them…)
Computer or Mobile Device Information: We collect information about the computer or mobile device you use to access our websites and mobile apps, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
(Same as 99% of all domains)
Information Collected by Cookies and Similar Tracking Technologies: We use different technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. Web beacons (also known as “pixel tags” or “clear GIFs”) are electronic images that may be used in our Services or emails and help deliver cookies, count visits, and understand usage and campaign effectiveness.
And many other things. They have been pretty upfront about what they collect, and a lot of those things are not uncommon with competitor companies offering IOT devices and services. On phones, some permissions are totally lumped together with others. As an example, I recall that if someone wants to allow Bluetooth permissions to an app, the phone requires that you also give the app location permissions even if they don’t use or care about location for any reason. Android does this to ensure the user knows their location may leak when they use Bluetooth. So in many cases, privacy apps would say an app is collecting their location when in fact it is not, but it is indicating that this information COULD be collected because it was given the permission to do so by giving it bluetooth permissions. So sometimes it gets tricky between what an app actually does vs what we gave it permissions to be able to do.
What is important [to me] is that they have a policy that they are not selling our personal data to others to do whatever they want with it, but some of it is needed for certain functionality. For example, I like being able to have rules based on my location, so I want them to track my location, and I give them those permissions so I can have that extra functionality…but I can also disable that permission if I want. I can also hide my IP address by using a VPN if I want. There are a number of things that could be done if one is concerned. I, personally, am just not concerned as they don’t seem to be doing anything unreasonable that isn’t also being done on the same level or often being done worse by their competitors.
Regardless, the above screenshots are really interesting. I am tempted to try to download and use that new DuckDuckGo app. I appreciate you sharing, that is pretty cool to see everything it can tell us about each app!
EDIT UPDATE:
I downloaded the DDG app and got approved for the App Tracking Protection Beta so I could check it out and learn more about it. Just to clarify, they basically have a list of known tracking companies and block them specifically. For example as it relates to the Wyze app, if you disable location permissions to the Wyze app, the Wyze app will not track your location at all, BUT the DDG beta will still say that GPS and location are items commonly tracked by Braze or Segment-io in some apps. That does not mean your GPS location is necessarily actually being tracked, and in fact it is definitely not being tracked if you have disabled the permission to that app in your settings. Some trackers are contracted with a company to only collect specific information based on their particular agreement with the company. So while a tracker in question may collect GPS coordinates for a particular client app, it may not be part of the contract nor even possible to do through another client app they contract with. The list of all the things a tracker is known to collect in some cases does not mean all that information is infact being tracked and logged from you in this particular case. DDG just lists every known possibility so that you can make informed decisions, including possibly changing or verifying your permission settings to a particular app. Basically, the DDG app tells us that Wyze has contracts with Braze and Segment-io (which they already disclosed to us in past posts, including what they use them for), but DDG does not tell us exactly what is actually being tracked with each logged attempt, just what the companies have ever tracked for other contracted parties. If you disabled the location permission, then they aren’t tracking your location because they don’t have access to it. If you did give it the location permission to track GPS for automations to execute based on whether you’re home or away, it also doesn’t mean that those third parties are necessarily trying to log that every time DDG shows a ping attempt for something related to the Wyze app, nor exactly what counts as a “tracking Attempt.”