Updated as of 16 May, 2018.
1.1.Securitas offers protective services to a wide range of customers in a variety of industries and customer segments. In the framework of its activities, Securitas sometimes collects, holds, discloses or otherwise processes personal data.
1.2. We, at Securitas, are committed to ensuring the privacy and safety of personal data in compliance with the applicable data protection legislation. This Privacy Notice provides you with general information about how Securitas manage personal information. The Privacy Notice also describes your rights and how you can exercise those rights in regards to Securitas.
1.3. If you have any other question or request in relation to the processing of your personal data, you may contact us at any time in writing at the address indicated above. You may also contact our Data Protection Officer at email@example.com.
2. GENERAL DATA PROTECTION PRINCIPLES THAT WE ABIDE TO
2.1. Securitas highly value and respect the privacy and the security of your personal data. Personal data means any information relating to an identified or identifiable natural person (the ‘data subject’).
2.2. In the framework of our activities, Securitas aims to ensure, at all time, that personal data are:
processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’);
collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
accurate and, where necessary, rectified or kept up to date (‘accuracy’); kept in a form which permits identification of the data subjects for no longer than is necessary for the purposes for which the personal data is processed (‘storage limitation’);
processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
2.3. Processing of your personal data will only be performed for achieving specific legitimate purposes (see title 5 below, ‘Purposes of the processing: Why do we process your personal data’) and when justified on the basis of a valid legal ground (see title 6 below, ‘Legal Basis for the Processing of Your Personal Data’).
3. WHAT CATEGORIES OF DATA DO WE PROCESS?
3.1. Securitas may have to collect or otherwise process the following personal data:
your address, email, phone number or other contact details; your language preferences;
information about the use you make of our products or services.
3.2. Depending on the product or service you are interested in, you may also be asked to provide us with the following information:
bank account details;
insurance, financial, credit or bankruptcy histor
4. HOW DO WE COLLECT YOUR PERSONAL DATA?
4.1. When providing our services or products to you, we may collect or receive your data via different channels:
via written forms;
via the internet, including our website, online forms or emails;
via telephone contact;
in person to person contact.
4.2. We may receive your personal data directly from you, from another entity of the Securitas Group, from a business partner or from publicly available information. Securitas will only disclose or receive personal data from a third-party in compliance with the applicable data protection legislation. For more information in this respect, please refer to the title 7 “To whom may we disclose your personal data?”.
5. PURPOSES OF THE PROCESSING: WHY DO WE PROCESS YOUR PERSONAL DATA?
5.1. The collection and processing of the above-listed types of personal data is necessary for us to achieve specific legitimate purposes in the conduct of our business activities. In particular, we process your personal data for the following purposes:
to provide you our protective services and products;
to improve our services and products;
for customer administration, for example to answer requests or questions from customers, customer satisfaction surveys, or manage complaints on a specific product or service;
for supplier administration;
for administration and management of personnel and intermediaries;
for management of commercial relationships with third parties;
for administrative purposes within the Securitas Group;
for back-up or archiving purposes;
to respect our legal obligations vis-à-vis the authorities or in the framework of judicial proceedings;
for statistical research or market research;
for (direct) marketing purposes;
for combating fraud and other crime;
for dispute management;
to protect society, our industry sector or Securitas;
for account management;
for credit approval and management;
for global overview of clientele;
for brokerage / agency services;
for management of personal insurances;
5.2. Securitas commits not to process or further process your personal data in a manner that is incompatible with the above mentioned purposes.
6. LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL DATA
6.1. Securitas commits to process your personal data lawfully, i.e. relying on one of the valid legal bases, as explained below.
6.2. Your personal data will primarily be processed when necessary for the performance of the contract concluded between you and us, or in order to take steps at your request prior to entering into a contract.
6.3. Your personal data might be processed based on your consent. In that case, we will always ensure to have received your free, specific, informed and unambiguous consent.
6.4. Your personal data might be processed based on the legitimate interests pursued by us for example, for administrative purposes, or for the purpose of research and development.
6.5. Your personal data might be processed because it is necessary for compliance with a legal obligation which we are subject to.
6.6. Your personal data might be processed because it is necessary in order to protect somebody’s vital interests (e.g. in case of accidents or incidents), or because necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
7. TO WHOM WE MAY DISCLOSE YOUR PERSONAL DATA?
7.1.Please note that Securitas may disclose your personal data to another entity within the Securitas Group, our agents, representatives or other intermediaries in order to achieve one of the above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’).
7.2. Other recipients of your personal data may also include our service providers or business partners, such as:
IT service providers;
marketing services providers;
claims management service providers;
data storage service provider;
research and development organisations;
if Securitas purchase or sell a company or company assets, Securitas may disclose your personal data to a potential buyer or seller of such company or company assets;
if Securitas or a substantial part of Securitas assets is acquired by a third party, your personal data may be disclosed to that third party buyer;
7.3. In some specific circumstances, we may also disclose your personal data to government, public authorities, statutory or regulatory bodies and enforcement bodies, when compelled to do so.
7.4.Securitas will only disclose your personal data to parties providing sufficient guarantees to ensure the protection of your data and the realisation of your rights as data subject (see title 10 below, ‘What are your rights as data subject?).
8. TRANSFER OF YOUR PERSONAL DATA OUTSIDE OF THE EEA
8.1. Securitas always strive to process your personal data within the EEA. But, in order to achieve one of the above mentioned purposes, your personal data may have to be transferred to countries outside of the European Economic Area (EEA).
8.2. Securitas will only transfer your data to a third-party located in countries outside of the EEA after a careful check and/or the signing of a specific agreement, in order to ensure that this third-party:
provides appropriate safeguards regarding the level of protection of your personal data;
properly informs the data subject hereof;
ensures the enforceability of your rights as data subjects; and provides effective legal remedies to you.
8.3. You may always obtain a copy of the data transferred to these third-parties upon request to us.
9. HOW LONG DO WE STORE YOUR PERSONAL DATA?
9.1. Securitas undertake to comply with the storage limitation principle. In that perspective, we will not store your personal data for longer than necessary for the performance of our contract and/or for achieving one of the other above-mentioned purposes (see title 5 above, ‘Purposes of the processing: Why do we process your personal data’). Please notice that Securitas may also be legally obliged to store your personal data for a minimum time period to comply with statutory requirements.
9.2. We will perform regular checks to identify personal data which no longer serve any purpose in order to delete them or otherwise anonymize them.
10. WHAT ARE YOUR RIGHTS AS DATA SUBJECT?
10.1.You have right to control the way your personal information is used, as listed below.
10.2. Your rights as data subject are:
The right to access: you may at any time request to access your personal data. Upon request, we will provide a copy of your personal data undergoing processing. For any further copies, we may charge a reasonable fee based on administrative costs. If you request a copy of your data by electronic means, and unless otherwise requested, we will provide you all relevant information in a commonly used electronic form.
The right to rectification: you have the right to obtain from us, without undue delay, the rectification or completion of any
inaccurate or incomplete personal data concerning you.
The right to be forgotten: you may request us to delete (part of) your personal data in the following situations:
when the processing was based on your consent and you have decided to withdraw that consent;
when your data are no longer necessary for achieving the purposes for which they were collected or otherwise processed;
when you objected to the processing of your data for direct marking purpose;
when you objected to the processing of your data (see ‘right to objection’ below), and it appeared upon verification that your rights, freedoms or personal interests prevail over our legitimate interests;
when your personal data have been unlawfully processed (e.g. because your consent was not validly obtained);
when your personal data have to be erased in compliance with a legal obligation to which Securitas is subject.
The right to object: you may object at any time to the processing of (part of) your personal data when used for profiling or direct marketing purposes. You may also object to the processing of your personal data, when such processing is based on our legitimate interests. In that latter case, we will no longer process your personal data, unless we have compelling legitimate grounds to do so, or because such a processing is necessary in the establishment, exercise or defence of a legal claim.
The right to restriction of processing: you may in any case request from us to restrict the processing of your personal data in the following situations:
when contesting the accuracy of your data;
when the processing appears to be unlawful;
when we no longer need your personal data for the purposes of the processing; or
pending verification whether our legitimate grounds override yours in the framework of an objection.
In case your exercise your right to restriction of processing, we will only be allowed to process your data with your consent, with the exception of storage.
The right to data portability: upon request, you have in some cases the right to receive all your personal data in a structured, commonly used and machine-readable format, in order to transmit those data to another entity. Where technically feasible, you may also request from us to transfer your personal data directly to this other entity. Your right to portability may be denied to the extent that it has an adverse effect on the data protection rights of other individuals.
The right to withdraw your consent: when processing is based on your consent, you remain free at all time to withdraw your consent. To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make to exercise your data protection rights.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
10.3. In case of issue in relation to your personal data or other privacy concern, you may also lodge a complaint with the Information Commissioner’s Office (ICO).
11. HOW DO WE ENSURE THE SECURITY OF YOUR PERSONAL DATA?
11.1. Securitas highly value the security of your data.
We, at Securitas, take all the necessary administrative, technical and organisational measures to ensure the security and confidentiality of your personal data and to protect your personal data against unauthorised or accidental access, loss, misuse, disclosure, alteration or destruction.
11.2. Prior to disclosing your personal data to a third-party / data processor, we will always ensure that this third-party / data processor offers an adequate level of security.
We encourage you to review and check our website regularly for any updates to this Privacy Notice. If you would like a copy of this Privacy Notice, please contact us at firstname.lastname@example.org
Securitas Privacy Notification was last updated 16th May 2018