Paradox Security Systems (Bahamas) Ltd - PRIVACY & COOKIE POLICY
Effective date: May 5th, 2019
Paradox Security Systems (Bahamas) Ltd., a corporation incorporated under the laws of Bahamas and its Affiliates (“Paradox” “us”, “we”, or “our”) operates the Paradox online interface for its mobile application (the “Mobile Application”), the access and use of which are reserved to its Customers (defined below). For the purpose of this privacy & cookie policy (the “Privacy Policy”), Paradox Security Systems (Bahamas) Ltd. is the entity among its Affiliates that controls the finalities of the process of your Personal Data.
You may reach us at:
Paradox Security Systems (Bahamas) Ltd.
Data Protection Officer
Email: dpo@paradox.com
Or, for residents of the European Union, you may reach our representative in the European Union which is:
Paradox Bucharest SRL
Data Protection Officer
Email: dpo@paradox.com
This page informs you of our policies regarding the collection, use, disclosure and any other processing of Personal Data (as defined below) when you use our Mobile Application, Paradox Services and/or Paradox Devices and the choices you have associated with the processing of such data.
“Affiliates” means the entities of Paradox Group, being Paradox Security Systems (Bahamas) Ltd and Paradox Bucharest SRL.
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Cookies” are small pieces of data stored on your devices. They contain small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your devices.
“Customer” means a purchaser of Paradox Devices and/or Paradox Services.
“Customer Site” means a site, area, zone or location where any Paradox Devices and/or Paradox Services are installed and operational for a Customer.
“Data Controller” is an expression frequently used in personal information protection laws to mean a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
For the purpose of this Privacy Policy, we have two separate and distinct roles:
(a)We are a Data Controller only in respect of the Personal Data we collect from our Customers, Users, Third Party Installers and from Website visitors.
(b)When our Customers and the Users upload Personal Data to the Mobile Application or Paradox Devices, we are not the Data Controller but solely act as Data Processor of that information. In such a case, the Customer acts as the Data Controller and is responsible for compliance of its affiliated Users with applicable personal information protection laws. Through its Users acting as representatives, the Customer is responsible for complying with applicable Personal Data protection laws, which entails – among others – obtaining the consent of Data Subjects whose Personal Data is collected and processed, managing the consent-revoking process and enabling the right to access the Personal Data collected.
“Data Processor” (or “Service Providers”) means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller (other than its own employees).
We may use the services of various Service Providers in order to process your data more effectively, all in accordance with this policy.
“Data Subject” means any natural person who is the subject of Personal Data. For the purpose of this privacy policy, the Data Subject may be the User or any person who is the subject of Personal Data processed on the Mobile Application, Paradox Devices or through Paradox Services.
“Device Data” means, with respect to Paradox Devices, the IP address, last communication time, LAN IP address, MAC address, panel serial number, panel version, communication ports, serial number, device type and firmware version, which in certain cases when associated together or with other data may constitute Personal Data;
“Paradox Devices” means Paradox products that are installed in or on a Customer Site.
“Paradox Services” means a Paradox service that is active and operational with respect to a Paradox Device, including the Mobile Application.
“Site Data” means the following data regarding a Customer Site: site name, the identification of each Paradox Device contained in a Customer Site, your email associated with the main Customer Site, the email of the Third Party Installer (if provided by the Customer or Paradox authorized distributor), panel information (panel serial number, Customer Site associated with, whether panel has been used in a paid Customer Site or not and panel type), push devices (e.g.: Phone) registered to the Customer Site and site expiration date, which in certain cases when associated together or with other data may constitute Personal Data.
“Third Party Installer” means a natural or legal person, which is authorized to install Paradox Devices and/or Paradox Services on or in a Customer Site.
“User” means the natural person using our Mobile Application, Paradox Devices and/or Paradox Services. The User may correspond to the Data Subject, who is the subject of Personal Data.
We process the Personal Data that originated from the creation of your account and from your use of the Mobile Application, including the portion of the Mobile Application that requires the creation of an account to access Paradox Devices and/or Paradox Services.
We also process the Personal Data provided by our Customers and Users in the context of their use of the Mobile Application, Paradox Devices and/or Paradox Services.
Among the data we collect, either directly or through Third Party Installers, we process the following types of Personal Data for the following purposes to provide and improve our Mobile Application, Paradox Devices and/or Paradox Services:
We also process our Users’ email address to recognise them when they use our customer support. The legal basis for this processing is our legitimate interest in providing the best customer support we may offer you.
We also process our User’s email address for the purpose of sending them important information about the Mobile Application, Paradox Device and/or Paradox Services such as important safety information or material changes to this policy. The legal basis to this processing is our legitimate interest in providing our Users with important safety or other important information regarding the Mobile Application, Paradox Devices and/or Paradox Services or changes in this policy.
We also process the Site Data to deactivate the Paradox Services at the expiration or termination of Paradox Services to a Customer. The legal basis to this processing is our legitimate interest to cease to provide Paradox Services when Customer no longer has a Paradox Service agreement in force with Paradox.
Paradox will retain your Personal Data for the duration of your continued access to and use of the Mobile Application, Paradox Devices and/or Paradox Services and for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Note that we do not keep or store any video feeds, we only relay such data to your own device. Nevertheless, push data is kept for 60 days and deleted afterwards and image data referred in Section Image Data, is only stored on your personal device (e.g. phone).
We process your Personal Data on the servers of our cloud Service Providers mentioned in Section Service Providers. hereafter which are located in United States of America, Germany and Singapore. Therefore, your information, including Personal Data, may be processed on — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction of residence.
We have put in place with such Data Processors, when required by privacy laws, appropriate safeguards to ensure your rights under this Privacy Policy and applicable privacy laws will be respected by such Data Processors. You may contact our Data Protection Officer at the coordinates provided at the beginning of this Privacy Policy to obtain a copy of such safeguards, if any.
Paradox will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your Personal Data. For any transfer of Personal Data to a jurisdiction that is not automatically considered as an adequate jurisdiction for a transfer of your Personal Data without additional requirement, all steps necessary to satisfy those requirements are taken by us, such as using Model Contractual Clause, for the European Union.
Paradox commits to keeping your Personal Data confidential and not to share your Personal Data with third parties, except in the limited cases and solely for the purposes described below.
We may employ third-party Service Providers to facilitate our Mobile Application, to provide the Mobile Application on our behalf, such as distributors and Third Party Installers, to perform services related to the Mobile Application or to assist us in analyzing how our Mobile Application is used. These third-party Service Providers have access to such portions of your Personal Data that is necessary for them to perform these tasks on our behalf and are obligated to maintain the confidentiality of your Personal Data and not to use such Personal Data for any purpose other than providing services to us.
More precisely, here are the recipients or categories of recipients to whom we may transfer your Personal Data.
Third-party Cloud Servers. We use the following Data Processor to store and otherwise process your Personal Data on their servers:
Amazon Web Services, Inc. We invite you to consult its privacy policy that you may find by clicking this hyperlink or by visiting its Web site: https://aws.amazon.com/privacy/?nc1=f_pr.
If Paradox is involved in a merger, acquisition or asset sale, your Personal Data may be transferred if the assignee is compliant with all legislations regarding Personal Data that apply to you and is taking equal or better means than us to protect your Personal Data. We will notify you before transferring your Personal Data and subjecting it to a different Privacy Policy.
Under certain circumstances, Paradox may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Paradox may disclose your Personal Data in the good faith belief that such action is necessary to:
(f)To comply with a legal obligation;
(g)To protect and defend the rights or property of Paradox;
(h)To prevent or investigate possible wrongdoing in connection with the Mobile Application;
(i)To protect the personal safety of users of the Mobile Application or the public; or
(j)To protect against legal liability.
The security of your Personal Data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Nevertheless, we are providing you with updated measures of protection and physical, electronic and operational security, pursuant to the best standards and practices of the industry.
Paradox aims to take reasonable steps to allow its Customers to correct, amend, delete, limit or oppose to the process of their Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
Our Customers may at any time withdraw any consent they gave us to process your Personal Data in the preference settings of their account or, in such instances where they do not have an account within the Mobile Application, by contacting us. In this case, we will, as soon as commercially and reasonably possible, delete from our systems all your Personal Data obtained on the legal basis of your consent and request our Data Processors, if any, to do the same. By doing so, please be aware that you may not access all of the features of the Mobile Application.
Without limiting the foregoing, in certain circumstances, our Customers have the right:
Our Customers have the right to data portability for the information provided to Paradox. Our Customers have the right to receive their Personal Data in a structured, commonly used and machine-readable format and have the right to transmit such data to another Data Controller without hindrance from us. Our Customers have the right to have their Personal Data transmitted directly from us or the Data Controller to another Data Controller, where technically feasible.
Depending of your jurisdiction (e.g.: Canada and European Union), you may have the right to lodge a complaint with a supervisory authority.
Please note that we may ask you to confirm your identity before responding to such requests.
8.2. Third-Party Rights
As described in Section Definitions, we may process Personal Data in the role of a Data Processor. If your Personal Data has been submitted to us by a Customer or a User and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Customer or User directly. We may only access a Customer’s data upon instruction from that Customer. If you wish to make your request directly to us, please provide to us the name of the User or Customer who submitted your Personal Data to us. We will refer your request to that Customer or to the Customer associated with the User you provided, and will support them as needed in responding to your request within a reasonable timeframe. Customers and Users of Paradox are required to comply with all applicable privacy laws.
Our Mobile Application may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our Mobile Application does not address anyone under the age of 16 (“Children”).
We do not knowingly collect Personal Data from anyone under the age of 16. If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Mobile Application, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If you have any question about this Privacy Policy, please contact our Data Protection Officer at the address, telephone number and email address mentioned at the beginning of this Privacy Policy.
* * *
Copyright © Paradox Security Systems (Bahamas) Ltd. All rights reserved.