Securitas Digital Privacy Notice
About this Privacy Notice
We at Securitas ("Securitas", "we" or "us") respect your integrity. This Privacy Notice for Securitas Digital Services ("the Service") describes how we collect and process personal data when you register for and use the Service. It is important for us that you read and understand this Privacy Notice before you use the Service. You are welcome to contact us if you have any questions.
For information on what Securitas company are processing your information and how to get in contact with us, please see the Personal Data Controllers document, which you can find at https://www.securitas.com/en/about- us/securitas-digital-services--legal-documents/. The Personal Data Controllers document also covers any amendments or modifications to this Privacy Notice that applies to a specific country, so called Country Unique Terms. If a part of the Privacy Notice is amended by specific Country Unique Terms the remainder of the Privacy Notice remains unchanged. Relevant changes are listed under each country, if nothing is listed, there are no local variations. |
Responsibility for the processing of personal data
Securitas is the controller of personal data processing. This generally means that the local Securitas entity in your country is responsible for ensuring that processing is compliant with applicable laws in relation to personal data. When another Securitas entity is responsible for the processing, you will be informed about this before the processing takes place.
Please note that this Privacy Notice does not cover personal data in guard reports or other client-specific content in the Service, which is only displayed to you as an authorized user. This is because Securitas client, your employer, is the controller for such processing of personal data, and Securitas is only processing it on instructions from the controller.
Categories of personal data
The following information will be processed when you register a user account or user credentials, log in or use the Service.
User Credentials: Username, such as email or different authentication method.
Contact Information: First and last name, role in a company, phone number, email, business area, and similar contact details. Some contact information is optional and only processed if you enter it.
Engagement information: Years of experience in the security field, bought services, years as a Securitas customer. Engagement Information is optional and processed only if you participate in the Customer Panel.
User Generated Data: Information you enter into the Service both manually and automatically, including automatically generated information such as browsing information, IP-address, device name, device information, information about how and what you use in the Service including features you do not use and when and for how long you are logged into the Service.
The purpose and the lawful basis for the processing
Securitas is processing the personal data you provide to us, or that is a result of your use of the Service as described below:
Purpose of processing |
Lawful basis for processing |
We process your User Credentials and User Generated Data to be able to provide and administer the Service in a safe manner to the authorized users |
The processing is necessary for the performance of a contract |
We process your User Credentials, User Generated Data, and Contact Information to be able to provide the Service to you as a user |
The processing is necessary for the performance of a contract |
We process your User Credentials, User Generated Data, and Contact Information to be able to send you important information about the Service |
The processing is necessary for the performance of a contract |
We process your User Credentials, Contact Information, and User Generated Data to send you information about the Service, updates, and how to get the most out of the Service tailored to your usage |
The processing is necessary for a legitimate interest. The following interest has been considered; ¾ Securitas interest to offer a user-friendly and engaging Service |
We process User Credentials and User Generated Data on an aggregated level to be able to assess, further develop and enhance the Service |
The processing is necessary for a legitimate interest. The following interests have been considered; ¾ Securitas interest to assess, develop and enhance the Service and to ensure a functioning and continuously improved service. ¾ To ensure Securitas interest to offer a safe, user friendly, and well-functioning service. |
If you have opted-in, we process your User Credentials and User Generated Data on an identifiable level to be able to assess, further develop and enhance the Service |
The processing is necessary for a legitimate interest. The following interests have been considered; ¾ Securitas interest to assess, develop and enhance the Service and to ensure a functioning and continuously improved service for specific types of users. ¾ To ensure Securitas interest to offer a safe, user- friendly, and well-functioning service. |
If you have consented, we will process your User Credentials, User Generated Data, Engagement Information, and Contact Information to communicate with you within the customer panel |
The processing is based on your consent |
For example, by sending questionnaires, performing interviews, sending information, asking for comments on new or unpublished features, or similar actions. |
|
If you have opted-in, we will process your User Credentials, User Generated Data, and Contact Information for direct marketing purposes |
The processing is necessary for a legitimate interest. The following interests have been considered; ¾ Securitas interest to reach you as a user of the Service to be able to offer you new features and Services. ¾ To send you relevant offers related to your use of the Service. |
If you want to limit the processing of user-generated data or object to direct marketing
User generated data
If you as a user wish to limit what user generated data we process, you can adjust your settings in the Service and change the settings in your browser and the options in the cookie banner so that collection and processing of such data are adjusted in line with the options provided. Please see the cookie policy to read more about the cookies used within the service.
Direct marketing
After opting-in, you can always opt-out of direct marketing in your settings in the Service or by using the option described in each direct marketing reach out to you. This typically means that you can respond to a text message or use a link in the marketing email.
Who do we share your personal data with?
Service Providers and Subcontractors: Your personal data will be processed by our service providers or subcontractors (including data storage service providers, production development agencies, customer research and operations management companies, technical support, and maintenance of the service) on instruction from Securitas. All service providers and subcontractors act as Securitas personal data processors and are under contractual arrangements only allowed to process data for the purposes as set out above. Furthermore, the personal data processor (service provider or subcontractor) and those acting under instructions of the processor will not access more personal data than is required for the performance of the service covered by the agreement with Securitas.
Securitas Group: Your personal data may be processed by companies within the Securitas Group that provide services to Securitas in relation to the Service, such as product development, support, and administration. In such a case, Securitas Group companies act as Securitas personal data processor or joint controller with Securitas. The processor or joint controller may only process personal data under the purposes or instructions provided by Securitas for the processing and only process data for the purposes as set out above. Furthermore, the personal data processor and those acting under the processor's instructions will not access more personal data than is required for the performance of the service covered by the agreement with Securitas.
Government agencies: Securitas may share your personal data with government agencies (such as the police, the tax authority, or other authorities) if we are required by law to do so or if you have agreed that we do so. We may also share your personal data with government agencies when we believe in good faith that it is necessary to protect our rights, protect your security or the safety of others, investigate crimes, or respond to a government request. Government agencies that receive your personal data will be the data controller for such processing, which means that it is not Securitas who governs how your personal data is processed if shared with an authority. Thus, if your personal data is shared with authorities, this Privacy Notice will not cover that subsequent processing.
Partnered companies and other third parties: Securitas will not sell, trade, or in other ways forward your personal data to third parties outside the Securitas Group unless you have separately agreed to this transfer.
We may offer you services not performed by a Securitas company but from a partnered company within the Service. If you inquire about or purchase a service from one of our partnered companies, we will only forward the personal data necessary for the partnered company to contact you or, in some cases, start performing the service, depending on the service and partnered company you have chosen to purchase from. You will be informed what personal data will be shared when you interact with the partnered offer within the Service.
Please note that any personal data you share with the partnered company through the partnered companies site, app, or other means of communication is solely the partnered company's responsibility, and Securitas is not responsible for any processing or other event that transpires as a result of the service contracted between you as a customer and the partnered company.
Where we are processing your personal data
To provide you with the Service, we, or a partner processing data on our behalf, process your information primarily within EU/EAA. We enter into confidentiality and data processing terms with all our partners to ensure they comply with high levels of confidentiality, data protection laws, and best practices in privacy and security standards.
Your data may be transferred to a third country for digital communication with you outside of the Service (such as emails or text messages). To ensure that your data is sufficiently safeguarded outside the EU, we have included the EU model Standard Contractual Clauses (SCC) in our agreement with the partner and the actions mentioned above.
How long do we keep your personal data
We will retain the Personal Data covered by this Privacy Notice for as long as you have a registered account with us and for an additional six months after. We keep your data for a further six months because we need to show our clients that we entered into the contractual arrangement for the service, who used the service, and how.
Personal Data used to assess, further develop and enhance the Service is, however, only retained for a maximum of 25 months.
If your account is not used for 12 months, we will remove your account and the information associated with it after a 30 day grace period where we inform you of the account's imminent deletion.
How we protect your data
Securitas takes appropriate technical and organizational measures to protect your personal data. Securitas is constantly working to protect your personal data from an accidental or unlawful destruction, loss or alteration, unauthorized disclosure of, or unauthorized access to the personal data transferred, stored, or otherwise processed by Securitas.
Your rights
We respect your integrity and your rights under legislation related to the processing of personal data. The rights you have means that you can request a copy of the personal data we process about you, request incorrect information about you to be corrected, and even under certain conditions, request the erasure of information. You may also, in some cases, have the right to object to Securitas' processing of your personal data and exercise your right to data portability.
To exercise your rights, don't hesitate to get in touch with your Securitas entity with the contact details provided in the Personal Data Controllers document, which you can find at https://www.securitas.com/en/about-us/securitas-digital- services--legal-documents/.
You also always have the right to lodge complaints to the Swedish Authority for Privacy Protection (or your national equivalent) if you have objections to our processing of your personal data.
Changes to this Privacy Notice
We reserve the right to change this Privacy Notice. If we make any significant changes to this Privacy Notice, we will notify you by, apart from updating the Privacy Notice online, requesting a re-login, or informing you of the updated version in another appropriate manner. Please note that pure editorial or similar minor changes will not prompt a re-login or specific information.
This Privacy Notice was last updated on: 2022-10-03.