Digital Privacy Notice
About this Privacy Notice
We at Securitas Digital respect your integrity.
This privacy notice ("Privacy Notice") describes how Securitas Intelligent Services AB, reg. no. 556655-4670 ("Securitas Digital", "we", "us" or “our”) collect and process personal data about you as:
- Online visitor – When you browse Securitas Digital’s webpages (the “Webpages”) and/or any of our external channels (such as through social media) and submit personal data to us through in order to come in contact with us or to receive information and materials from us;
- Service subscriber – When you subscribe on the Webpages, on behalf of the organization you represent, for the services offered by us; or
- Report recipient – When you receive our reports because of that the organization you represent has subscribed to the risk intelligence services made available by Securitas Digital.
The purpose of this Privacy Notice is to provide visitors of the Webpages and recipients of the reports ("you") with information on how Securitas Group processes personal data in the cases mentioned above.
Please note that the Webpages may contain links to non-Securitas Group webpages. The Securitas Group is not responsible for the privacy policies or practices of such webpages.
Responsibility for the processing of personal data
Securitas Intelligent Services AB, reg. no. 556655-4670, is the controller of the personal data processing. This means that we are responsible to ensure that the processing is compliant with applicable laws in relation to personal data. Please find our contact details at the bottom of this document.
Details of processing
In the tables below, please find information about the categories of personal data that will be processed by us, for which purposes we process such information, what our legal bases are for that processing and for how long we process your personal data. The tables below are split into the three categories listed at the top of this Privacy Notice: Online visitors, service subscribers and report recipients.
|Personal data||Your e-mailnddress, what company you represent, browsing information (e.g. IP address) and any other information you decide to share with us.|
|Purpose||To accommodate your request (e.g. reach out to you or share requested information with you). If you also provide your consent marketing by the Securitas Group, we will process the personal data for such purposes which might include sharing the personal data with other companies within the Securitas Group for their independent use.|
|Retention time||As long as is necessary to complete your request or until the withdrawal of your consent.|
|Personal data||Contact details such as name, e-mail address and the company you represent. Where applicable and depending on (i) method of payment, (ii) which payment features that are available on the Webpages, and (iii) the choices made by you throughout the checkout, the personal data could also include payment account details (e.g. name, debit/credit card account number, card expiration date, and card verification value or similar security code), bank account details, billing/shipping address, name, date/time/amount of transaction, device ID, email address, IP address/location, order ID, payment card details, tax ID/status, unique customer identifier and/or identity information including government issued documents (e.g., national IDs, driver’s licenses and passports).|
|Purpose||To (a) enable you to subscribe to and pay for the services on behalf of the company you represent, (b) undertake any required pre-contractual obligations, (c) provide marketing regarding Securitas Digital’s offerings, and (d) handle any sub-sequent enquiries, issues and/or obligations imposed upon us.|
|Lawful basis||To enable you to subscribe to and pay for the services on behalf of the company or organization you represent, we rely on performance of the contract between us and the organization you represent. To handle any enquiries or issues that might arise due to the subscription, we may rely on performance of the contract if it relates to our delivery whereas we may rely on legitimate interest if it for example relates to preventing fraud against ourselves. We also rely on our legitimate interest to provide you with marketing regarding Securitas Digital’s offerings (from which you can unsubscribe at any point in time). Furthermore, we may rely on our legal obligations in relation to made payments, e.g., to maintain proper records, be able to make re-funds etc.|
|Retention time||Depending on the type of personal data and the purpose, the full term of your subscription and for as long afterwards as is required by legal obligations.|
We use Stripe for payment, analytics, and other business services. The personal data mentioned above is processed by Stripe on behalf of us (i.e. as data processor) in order to facilitate payment transactions and servicing the Stripe platform. In other words, we are the data controller for the processing mentioned above. A significant part of the data mentioned above (such as technical data and debit/credit card or bank account details) will not be available to and thus not processed by Securitas Digital.
If you, when subscribing for the services on behalf of the company or organization you represent, also consent to marketing by the rest of the Securitas Group, we will process your personal data as described above under “Online visitors”.
|Personal data||Your e-mail address and what company you represent.|
|Purpose||To provide you with the reports.|
|Lawful basis||Performance of the contract between us and the organization you represent.|
|Retention time||Until you inform us you no longer want to receive the reports or the company you represent unsubscribes (whichever is earlier).|
Who we share your personal data with
Service providers and subcontractors: Your personal data may be processed by our service providers and/or subcontractors (including but not limited to data storage service providers, payment service providers, developers, customer research and operations management companies, technical support and maintenance of the service) on instruction from Securitas Digital. All service providers and subcontractors act as Securitas Digital’s personal data processors and are under contractual arrangements only allowed to process data for the purposes as set out above. Furthermore, the personal data processor (service provider or subcontractor) and those acting under instructions of the processor will not access more personal data than is required for the performance of the service covered by the agreement with Securitas Digital.
Securitas Group: Your personal data may be processed by companies within the Securitas Group that provide services to Securitas Digital such as product development, service delivery, support and administration. In such case, Securitas Group companies act as Securitas Digital’s personal data processor or joint controller with Securitas Digital. The personal data processor or joint controller may only process personal data in accordance with the purposes or instructions provided by Securitas Digital for the processing. If you have consented to marketing by the Securitas Group, we may also share your personal data to other companies within the Securitas Group for their use as independent data controllers.
Government agencies: Securitas Digital may share your personal data with government agencies (such as the police, the tax authority or other authorities) if we are required by law to do so, or if you have agreed that we do so. We may also share your personal data with government agencies when we believe in good faith that it is necessary to protect our rights, protect your security or the safety of others, investigate crimes, or respond to a government request. Government agencies that receive your personal data will be the data controller for such processing, which means that it is not Securitas Digital who governs how your personal data, if shared with an authority, is processed. Thus, if your personal data is shared with authorities, this Privacy Notice will not cover that processing.
Other third parties: Securitas Digital will not sell, trade or in other ways forward your personal data to third parties outside the Securitas Group unless you have given a separate consent.
Where we are processing your personal data
Securitas Group: We may share your personal data to our subsidiaries or affiliated companies for the purposes set forth in this Privacy Notice. You consent to our transfer of your personal data to our subsidiaries or affiliated companies that may be established in a country outside the EU/EEA (i.e. a so-called third country), including countries which the EU Commission does not consider to have an adequate level of protection for personal data. Please be aware that countries which are outside the EU/EEA may not offer the same level of data protection as the EU/EEA and, thus, you may not have the same rights as under the laws applicable to us.
Third party service providers: The personal data that we collect from you may be transferred to and processed by a third party service provider established in a country outside the EU/EEA (i.e. a so-called third country), including countries which the EU Commission does not consider to have an adequate level of protection for personal data. In such case we will take all necessary steps required under applicable law in order for such transfer of your personal data across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA where; (i) the EU Commission has decided that the third country ensures an adequate level of protection, or (ii) where the transfer is being safeguarded by the use of EU model clauses (under Article 46.2 in the General Data Protection Regulation (2016/679) ("GDPR")).
We may transfer your personal data to third party service providers established in countries outside the EU/EEA. You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the EU Commission’s webpage.
How we protect your data
Securitas Digital takes appropriate technical and organizational measures to protect your personal data and Securitas Digital is constantly working to protect your personal data from accidental or unlawful destruction, loss or alteration, unauthorized disclosure of or unauthorized access to the personal data transferred, stored or otherwise processed by Securitas Digital.
We respect your integrity and your rights under legislation related to the processing of personal data. The rights you have mean that you can request a copy of the personal data we process about you, you can request incorrect information about you to be corrected and even under certain conditions you can request erasure of information. You may also in some cases have the right to object to Securitas Digital's processing of your personal data and to exercise your right to data portability.
Changes to this Privacy Notice
We reserve the right to change this Privacy Notice. If we make material changes to this Privacy Notice, we will notify you by announcing the update of the Privacy Notice online or in another appropriate manner inform you of the updated version. This Privacy Notice was last updated on November 15, 2023.
Complaints and Contact information
If you have any questions regarding the processing of your personal data, this Privacy Notice or otherwise have comments on Securitas Digital's processing of your personal data, please contact our privacy team on:
|Privacy team||Data Protection Officer|
Securitas Intelligent Services AB
Securitas Intelligent Services AB
You also always have the right to lodge complaints to your Data Protection Authority if you have objections in relation to our processing of your personal data.