Privacy Policy

Securitas Critical Infrastructure Services, Inc. Policy

Effective Date: January 1, 2020

Securitas Critical Infrastructure Services, Inc. and our subsidiaries, (“SCIS” “us”, “we”, or “our”) operates the https://www.scisusa.com  and the https://www.parasys.com websites (“Website”), and provides various services to clients in a wide range of industries and customer segments. We offer security solutions including on-site guarding, electronic security, fire and safety services, and corporate risk management (hereinafter collectively referred to as the “Services”).

SCIS cares about your personal integrity. Therefore, this Privacy Policy is provided to equip you with information on how SCIS processes the personal data that you share with us when using contact forms on our website.

As noted above, our Privacy Policy is designed to advise you about how we collect, use, protect, and disclose the information that we collect and/or receive about you.  It also explains your privacy rights, and how you can manage the privacy of your Personal Information.  Please note that this Privacy Policy does not govern the practices of third parties, including our partners, third party service providers, and/or advertisers, even when those services are branded as, or provided on behalf of, SCIS. Information collected from you by others, such as third party websites that you access through links on the Website, are governed by those entities’ privacy policies.

Definitions

  • Personal Information (also known as “Personal Data”): Personal Information means data about a particular individual or household that identifies, relates to, describes, could be reasonably linked with, or could be used to identify that person or household (or from those and other information either in our possession or likely to come into our possession). It also includes other information that may be associated with your Personal Information, such as your Usage Data (defined below), location, preferences or interests, if that information can be used to identify you or your household.
  • Services: As noted above, our Services include the https://www.scisusa.com and https://www.parasys.com websites owned and operated by SCIS as well as any services provided, including, but not limited to, on-site guarding, fire and safety services, and corporate risk management.
  • Cookies: Cookies are small files stored on your device (computer or mobile device).
  • Data Controller: The natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.  For the purpose of this Privacy Policy, we are a Data Controller of your Personal Information.
  • Data Processors: Any natural or legal person who processes the data on behalf of the Data Controller.  We may use the services of various Service Providers in order to process your data more effectively.
  • User (or “Data Subject”): Any individual who uses our Services and is the subject of Personal Information collected and/or processed.

Information Collection and Use

We use your information to provide the Services that you request, and to improve the Services we offer to you. By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

Included below is a list of several different types of information for various purposes to provide and improve our Service to you.

  • Personal Information. While using our Services, we may ask you to provide us with or otherwise obtain certain personally identifiable information that can be used to contact or identify you (“Personal Information,” as defined above). Such Personal Information may include, but is not limited to, your name, address, email address, username, payment card information, and any other information that may identify you.
  • Generic Information. Generic information is information that does not directly reveal the identity of a SCIS customer, or visitor to the Website.  This information may include Usage Data and other aggregate usage metrics such as total number of Website visitors, pages viewed, and usage patterns within the Website, etc.  This may also include information about your device.  We may automatically gather some Generic Information from our members, customers, and Website visitors.  At times, the combination of various types of data, including Generic information and Usage Data, may enable you to be identified, and may therefore qualify as Personal Information.
  • Usage Data: We may also collect information on how you access and use our Services (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
  • Tracking & Cookies Data. We use cookies and similar tracking technologies to track the activity on our Website, and we hold certain information.  Cookies are files with a small amount of data which may include an anonymous unique identifier.  Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Services.

Examples of Cookies and other technologies we may use include, but are not limited to:

_ga cookies: These are used by Google Analytics and sends information to Google which is used to distinguish users. A unique identifier associated with each user is sent with each hit in order to determine which traffic belongs to which user. This allows the website’s owner to track a user’s behavior and monitor website performance. These cookies are stored for two (2) years.

 

_gat: These are used by Google Analytics to throddle request rates and do not store any information. Rather, they are used to improve the website’s performance. These cookies are only stored for ten (10) minutes and sends information back to Google.

_gid: These are used by Google Analytics. This is used to distinguish users and enables SUSA to track a visitor’s behavior and measure the website’s performance. These cookies are stored for twenty-four (24) hours and sends information back to Google.

NET: These cookies are session identifiers and are used to keep track of a user’s navigation through the SCIS website. Moreover, it is used to transfer information between pages and to store information that the user might reuse on different pages. These are only stored during the session, while the user is browsing the site.

CookiesAccepted: These are used to keep track of whether the user has accepted the cookie usage or not. This is not set unless the visitor clicks “Accept” in the cookie banner at the top of the website. There is no limit to how long these cookies may be stored for.

 

Third Party Cookies. SCIS permits third-party service providers, advertisers and other companies to use cookies or other similar technologies on our Website. These companies may collect your information, track your behavior on our Website, and gather information about your use of our Websites or Services and other online services over time and across different services.  Additionally, some companies may use information collected to deliver targeted ads on behalf of us or other companies, including on other websites or online services.  We are not responsible for the functioning of cookies and other technologies used and placed by third parties on your device.

Your Cookie Choices

You may set your browser to block or otherwise control what cookies your browser or mobile device accepts via your browser or mobile device settings.  Additionally, you can choose to modify your settings and delete those cookies that are otherwise stored on your device.  Please consult the instructions provided by your browser or your mobile device’s manufacturer to determine how you can limit the placement of and/or remove cookies or other technologies. Please note, however, that limiting or disabling the use of cookies and other technologies may impact or adversely affect your ability to perform certain transactions on, use certain functionalities of, and access certain content on our Website.

How We Collect Information

SCIS collects and obtains your information in a few ways:  there is information that you choose to give to us, information we obtain through your use of our Services – including our Website – and information we obtain from third parties.

Information You Give Us

We collect information that you decide to share with us.  At times, we may require you to provide certain information – including Personal Information – in order to use certain parts of our Website, fulfill your requests with us, or provide you with certain Services.  For instance, we may require you to provide your name, email address or other contact information when you contact us with a question or comment. Additionally, we may need you to provide certain Personal Information to use other portions of our Services.

Information We Obtain When You Use Our Services

As noted above, we collect certain information from you through your use of our Services, such as Usage Data.  For instance, in using our Website, we may collect information about the device you use to log into, access, and use the Website.  We may collect other Generic Information in relation to how you use our Website or other Services (for example, aggregate metrics on how often certain pages on our Website are accessed and viewed).

We also may collect information through the use of cookie, pixel tags, or other technologies, as described above.

Information We Obtain from Third Parties

We may also obtain information about you from our third party service providers who help us provide our Services to you.

Purposes for Collecting, Processing, and Using Your Information

Business and Other Purposes for Collection

SCIS collects, processes (or asks our service providers to process on our behalf), and uses your information to provide the Services we make available to you.  We therefore will collect and use your information for a variety of reasons, including, but not limited to:

  • To perform a contract with you, or provide those Services you have requested of SCIS.
  • You have otherwise given us your consent and permission to do so.
  • The collection and processing is in our legitimate interests or the legitimate interests of a third party, and is not outweighed by any applicable rights you may have. For instance, we may use your information to assist with fraud prevention, improve the security of our networks, assist with enhancing the physical security of our customers, and reporting suspected criminal activity to law enforcement.  We may also use your information in relation to certain direct marketing events.
  • To comply with applicable laws, in response to a lawful and enforceable request by a law enforcement, judicial, or other public authority, or in connection with an applicable legal obligation.

How We Use Your Information

As noted elsewhere in this Privacy Policy, SCIS uses your information to provide our Services to you, including our Website.

Such general uses include, but are not limited to:

  • To fulfill your information request and to receive information and materials from us, such as brochures or reports.
  • To provide and maintain our Services.
  • To notify you about changes to our Services.
  • To gather analysis or valuable information so that we can improve our Services.
  • To monitor the usage of our Services.
  • To detect, prevent and address technical issues.
  • To provide you with news via special offers, marketing or promotional materials, general information about other Services that are similar to those that you have already purchased or enquired about, unless you have opted out of such information. You may opt out of receiving any, or all, of these communications from us by contacting us at the contact information provided in this Privacy Policy.
  • Various aspects of the Website, such as content on the Website, and email messages we send you in connection with your use of the Website may include advertisements that may be selected for you based on your demographic information, interests, preferences, and usage patterns within the Website.
  • We may also use “automatically collected” information and “cookies” information to:
    • personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Website;
    • provide customized third party advertisements, content, and information;
    • monitor and analyze the our effectiveness and third party marketing activities;
    • monitor aggregate usage metrics such as total number of visitors, pages viewed, etc.; and
    • track your entries, submissions, and status in any promotions or other activities.

How We Disclose or Share Your Information

SCIS does not sell your information to any third party without your permission, and will not sell the Personal Information of anyone under the age of 16 without applicable consent. We will only provide your personal data if it is necessary in order to provide you with the information you have requested. However, SCIS may disclose your information in a number of ways in order to provide our Services to you. For instance, we may share your information with our subsidiaries or affiliated companies for the purpose of processing your personal data to respond to your request.

We may also provide your Personal Information to third party service providers who assist SCIS to facilitate or to provide certain services in relation to SCIS business and therefore process Personal Information on SCIS’s behalf. These include:

  • IT service companies that host our website or assist us in developing our website;
  • IT support service providers; and
  • Other third party service providers, such as software providers.

These third party service providers are authorized to use your personal data only as necessary to provide its service to us.

We may also disclose or share your information for the following purposes:

  • To comply with a legal obligation.
  • To protect and defend SCIS’s rights or property.
  • To prevent or investigate possible wrongdoing in connection with the Services.
  • To protect the personal safety of users of the Services or the public.
  • To protect against legal liability.
  • When there is a good faith belief that such action is necessary to investigate or protect against harmful activities to our guests, visitors, associates, or property (including the Website), or to others (including SCIS itself). This may include disclosures to law enforcement to investigate potential criminal activity or other civil violations.

Categories of Third Parties that Receive Personal Information from SCIS

We share or otherwise disclose individuals’ personal information to the following categories of third parties:

  • Service Providers: We employ third party service providers, companies, individuals, and agents to facilitate and help us provide our Services to you.  Such Service Providers perform tasks or functions on our behalf, provide Services-related services, or assist us in analyzing how our Services are used or delivered.  These third parties are granted access to your information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
  • Other SCIS Entities: We may share or disclose your information to SCIS subsidiaries or affiliated companies.
  • Retention of Data: SCIS will keep your personal data as long as necessary for us to respond to your request or forward your request to the relevant individual. However, your data will not be kept for longer than three (3) months from your request and will delete it after that time except when needed in order to comply with legal obligations or enforce agreements.

Transfer of Data

Securitas Group Companies. We may share your personal data to our subsidiaries or affiliated companies for the purpose of that the relevant subsidiary or affiliated company will process your personal data to respond to your request. We will only transfer your personal data to the subsidiary or affiliated company that needs to receive your personal data in order to provide you with the information you have requested. By submitting the request form you consent to our transfer of your personal data to our subsidiaries or affiliated companies that may be established in a country outside the EU/EEA (i.e. a so-called third country), including countries which may not maintain an adequate level of protection for personal data. Please be aware that countries which are outside the EU/EEA may not offer the same level of data protection as the EU/EEA and, thus, you may not have the same rights as under the laws applicable to us.

Third Party Service Providers. The personal data that we collect from you may be transferred to and processed by a third party service provider established in a country outside the EU/EEA (i.e. a so-called third country), including countries which the EU Commission does not consider to have an adequate level of protection for personal data. All necessary steps will be taken as required under applicable law in order for such transfer of your personal data across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA where; (i) the EU Commission has decided that the third country ensures an adequate level of protection, or (ii) where the transfer is being safeguarded by the use of EU model clauses (under Article 46.2 in the General Data Protection Regulation (2016/679) (“GDPR”)) or where the recipient is certified under the US-EU Privacy Shield Framework (under Article 45 in the GDPR).

We may transfer your personal data to third party service providers established in the following countries outside the EU/EEA: India. You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the European Commission website.

Security of Data

All reasonable technical, organizational, and otherwise, measures are taken by SCIS to protect Personal Information collected on our Website and elsewhere from being subject to accidental or unlawful destruction, accidental loss or alteration, disclosure without authorization, and any other unlawful actions taken against otherwise protected information. Moreover, SCIS takes all judicious legal, technical, and organizational measures to ensure that all Personal Information is handled with a sufficient level of security. Furthermore, SCIS takes all reasonable measures to protect Personal Information during transfers of said information to a third party. SCIS does not retain responsibility for Personal Information solely in the control of a third party.

Despite the security measures taken, SCIS cannot guarantee the protection of the data you provide us.

Your Data Protection & Privacy Rights

California residents and data subjects in the European Union (“EU”) / European Economic Area (“EEA”).  SCIS aims to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Information, and exercise other rights available under applicable law.  SCIS therefore informs you that, where applicable under relevant law, you are entitled to the following:

  • Right to Access / Disclosure: to have access to your Personal Information upon simple request – that is, you may receive a copy of such data upon receipt of a verifiable request, along with other information related to the processing.
  • Disclosure of Direct Marketers: to have access upon simple request, and free of charge, the categories and names of addresses of third parties that have received Personal Information for direct marketing purposes.  Please see the “Your California Privacy Rights” section below for more information.
  • Selling, Sharing, or Disclosing Personal Information: upon receipt of a verifiable request, to obtain a list of:
    • The categories of Personal Information collected about you, sold to third parties, or disclosed to third parties for business purposes;
    • The categories of Personal Information sold within the last 12 months;
    • The categories of sources from which Personal Information is collected;
    • The business or commercial purpose for collecting or selling Personal Information; and
    • The categories of third parties with whom Personal Information is shared, sold, or disclosed for a business purpose.
  • Right to Opt-Out of the Sale of Personal Information: As noted, elsewhere, SCIS may sell Personal Information in some situations.  California residents have the right to opt-out of the sale of their Personal Information under certain circumstances.
  • Right to Correction: to correct your Personal Information if you find it is inaccurate, incomplete or obsolete.
  • Right to Deletion / “Right to be Forgotten”: to obtain the deletion of your Personal Information in the situations set forth by applicable data protection law.
  • Withdraw of Consent to Processing: to withdraw your consent to the data processing without affecting the lawfulness of processing, where your Personal Information has been collected and processed based on your consent and not any other basis.
  • Right to Object: to object to the processing of your Personal Information under certain circumstances, in which case we may ask you to justify your request by explaining to us your particular situation.
  • Right to Restrict Processing: to request limits to the processing of your data, when allowed by and in circumstances set forth under applicable law.
  • Right to Data Portability: to have your Personal Information directly transferred by us to a third-party processor of your choice (where technically feasible; may be limited to situations when processing is based on your consent).
  • Right to Non-Discrimination. As defined under relevant law, you have a right to non-discrimination in the Services or quality of Services you receive from us for exercising your rights.

Please contact us at the information in “Contact Us” Section below in relation to exercising these rights.  Note that we may ask you to verify your identity before responding to such requests.

Exercising Your CCPA Rights

Access to Specific Information

California residents have the right to request information from us regarding the manner in which we share certain categories of personal information with this parties for their direct marketing purposes, in addition to the rights set forth above. Under California law, you have the right to send us a request at the designated address at the conclusion of this policy. You may request the following information:

  1. The categories of personal information we collected about you.
  2. The categories of sources for the personal information we collected about you.
  3. Our business or commercial purpose for collecting or selling that personal information.
  4. The categories of third parties with whom we share that personal information.
  5. The specific pieces of personal information we collected about you (also called a data portability request).
  6. If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to limited exceptions. Once we receive a verifiable request, and determine that it is not subject to an exceptions, we will delete your personal information from our records.

However, we may deny your deletion request if retaining the information is necessary for us or any applicable third party to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  3. Debug products to identify and repair errors that impair existing intended functionality;
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  8. Comply with a legal obligation;
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Making a Request

To exercise the access or deletion rights elaborated upon above, please submit a verifiable consumer request to us by either:

Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests initiated by means other than those provided above.

Links to Other Sites

Our Privacy Policy is designed to advise you about how we collect, use, protect, and disclose the information that we collect and/or receive about you. However, our website may also contain links that lead to websites neither owned nor operated by us. As such, this Privacy Policy does not govern the practices of third parties, including partners, third-party service providers, and/or advertisers, even when those services are provided on our behalf or in partnership with us. Information gathered about you by others are governed by those distinct entities’ privacy policies. Therefore, we strongly recommend that you review the privacy policy of every website you visit.

We exercise no control over and assume no responsibility for the content, privacy policies or practices of any third party site or services.

Changes to Our Privacy Policy

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you through a notice on our website homepage.

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone:  844-SCIS-USA

E-mail:  ethics@scisusa.com

Mail:    Ethics Officer

SCIS

13900 Lincoln Park Drive

Suite 370

Herndon, VA  20171