Effective date: May 5th, 2019
You may reach us at:
Paradox Security Systems (Bahamas) Ltd.
Data Protection Officer
Or, for residents of the European Union, you may reach our representative in the European Union which is:
Paradox Bucharest SRL
Data Protection Officer
This page informs you of our policies regarding the collection, use, disclosure and any other processing of Personal Data (as defined below) when you use our Mobile Application, Paradox Services and/or Paradox Devices and the choices you have associated with the processing of such data.
“Affiliates” means the entities of Paradox Group, being Paradox Security Systems (Bahamas) Ltd and Paradox Bucharest SRL.
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Cookies” are small pieces of data stored on your devices. They contain small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your devices.
“Customer” means a purchaser of Paradox Devices and/or Paradox Services.
“Customer Site” means a site, area, zone or location where any Paradox Devices and/or Paradox Services are installed and operational for a Customer.
“Data Controller” is an expression frequently used in personal information protection laws to mean a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
(a)We are a Data Controller only in respect of the Personal Data we collect from our Customers, Users, Third Party Installers and from Website visitors.
(b)When our Customers and the Users upload Personal Data to the Mobile Application or Paradox Devices, we are not the Data Controller but solely act as Data Processor of that information. In such a case, the Customer acts as the Data Controller and is responsible for compliance of its affiliated Users with applicable personal information protection laws. Through its Users acting as representatives, the Customer is responsible for complying with applicable Personal Data protection laws, which entails – among others – obtaining the consent of Data Subjects whose Personal Data is collected and processed, managing the consent-revoking process and enabling the right to access the Personal Data collected.
“Data Processor” (or “Service Providers”) means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller (other than its own employees).
We may use the services of various Service Providers in order to process your data more effectively, all in accordance with this policy.
“Device Data” means, with respect to Paradox Devices, the IP address, last communication time, LAN IP address, MAC address, panel serial number, panel version, communication ports, serial number, device type and firmware version, which in certain cases when associated together or with other data may constitute Personal Data;
“Paradox Devices” means Paradox products that are installed in or on a Customer Site.
“Paradox Services” means a Paradox service that is active and operational with respect to a Paradox Device, including the Mobile Application.
“Site Data” means the following data regarding a Customer Site: site name, the identification of each Paradox Device contained in a Customer Site, your email associated with the main Customer Site, the email of the Third Party Installer (if provided by the Customer or Paradox authorized distributor), panel information (panel serial number, Customer Site associated with, whether panel has been used in a paid Customer Site or not and panel type), push devices (e.g.: Phone) registered to the Customer Site and site expiration date, which in certain cases when associated together or with other data may constitute Personal Data.
“Third Party Installer” means a natural or legal person, which is authorized to install Paradox Devices and/or Paradox Services on or in a Customer Site.
“User” means the natural person using our Mobile Application, Paradox Devices and/or Paradox Services. The User may correspond to the Data Subject, who is the subject of Personal Data.
We process the Personal Data that originated from the creation of your account and from your use of the Mobile Application, including the portion of the Mobile Application that requires the creation of an account to access Paradox Devices and/or Paradox Services.
We also process the Personal Data provided by our Customers and Users in the context of their use of the Mobile Application, Paradox Devices and/or Paradox Services.
Among the data we collect, either directly or through Third Party Installers, we process the following types of Personal Data for the following purposes to provide and improve our Mobile Application, Paradox Devices and/or Paradox Services:
We also process our Users’ email address to recognise them when they use our customer support. The legal basis for this processing is our legitimate interest in providing the best customer support we may offer you.
We also process our User’s email address for the purpose of sending them important information about the Mobile Application, Paradox Device and/or Paradox Services such as important safety information or material changes to this policy. The legal basis to this processing is our legitimate interest in providing our Users with important safety or other important information regarding the Mobile Application, Paradox Devices and/or Paradox Services or changes in this policy.
We also process the Site Data to deactivate the Paradox Services at the expiration or termination of Paradox Services to a Customer. The legal basis to this processing is our legitimate interest to cease to provide Paradox Services when Customer no longer has a Paradox Service agreement in force with Paradox.
We process your Personal Data on the servers of our cloud Service Providers mentioned in Section Service Providers. hereafter which are located in United States of America, Germany and Singapore. Therefore, your information, including Personal Data, may be processed on — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction of residence.
Paradox commits to keeping your Personal Data confidential and not to share your Personal Data with third parties, except in the limited cases and solely for the purposes described below.
We may employ third-party Service Providers to facilitate our Mobile Application, to provide the Mobile Application on our behalf, such as distributors and Third Party Installers, to perform services related to the Mobile Application or to assist us in analyzing how our Mobile Application is used. These third-party Service Providers have access to such portions of your Personal Data that is necessary for them to perform these tasks on our behalf and are obligated to maintain the confidentiality of your Personal Data and not to use such Personal Data for any purpose other than providing services to us.
More precisely, here are the recipients or categories of recipients to whom we may transfer your Personal Data.
Third-party Cloud Servers. We use the following Data Processor to store and otherwise process your Personal Data on their servers:
Under certain circumstances, Paradox may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Paradox may disclose your Personal Data in the good faith belief that such action is necessary to:
(f)To comply with a legal obligation;
(g)To protect and defend the rights or property of Paradox;
(h)To prevent or investigate possible wrongdoing in connection with the Mobile Application;
(i)To protect the personal safety of users of the Mobile Application or the public; or
(j)To protect against legal liability.
The security of your Personal Data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Nevertheless, we are providing you with updated measures of protection and physical, electronic and operational security, pursuant to the best standards and practices of the industry.
Paradox aims to take reasonable steps to allow its Customers to correct, amend, delete, limit or oppose to the process of their Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
Our Customers may at any time withdraw any consent they gave us to process your Personal Data in the preference settings of their account or, in such instances where they do not have an account within the Mobile Application, by contacting us. In this case, we will, as soon as commercially and reasonably possible, delete from our systems all your Personal Data obtained on the legal basis of your consent and request our Data Processors, if any, to do the same. By doing so, please be aware that you may not access all of the features of the Mobile Application.
Without limiting the foregoing, in certain circumstances, our Customers have the right:
Our Customers have the right to data portability for the information provided to Paradox. Our Customers have the right to receive their Personal Data in a structured, commonly used and machine-readable format and have the right to transmit such data to another Data Controller without hindrance from us. Our Customers have the right to have their Personal Data transmitted directly from us or the Data Controller to another Data Controller, where technically feasible.
Depending of your jurisdiction (e.g.: Canada and European Union), you may have the right to lodge a complaint with a supervisory authority.
Please note that we may ask you to confirm your identity before responding to such requests.
8.2. Third-Party Rights
As described in Section Definitions, we may process Personal Data in the role of a Data Processor. If your Personal Data has been submitted to us by a Customer or a User and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Customer or User directly. We may only access a Customer’s data upon instruction from that Customer. If you wish to make your request directly to us, please provide to us the name of the User or Customer who submitted your Personal Data to us. We will refer your request to that Customer or to the Customer associated with the User you provided, and will support them as needed in responding to your request within a reasonable timeframe. Customers and Users of Paradox are required to comply with all applicable privacy laws.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our Mobile Application does not address anyone under the age of 16 (“Children”).
We do not knowingly collect Personal Data from anyone under the age of 16. If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
* * *
Copyright © Paradox Security Systems (Bahamas) Ltd. All rights reserved.