Scope and purpose
Securitas AB (reg.no. 556302-7241) (“Securitas“, “we” or “us“) is responsible for the personal data that we collect when you request to receive information from us by using our website and is therefore the data controller for the processing of your personal data in this regard. Please see further contact details below.
How we use the information we collect
Purpose of the processing
- To fulfill your information request to receive information and materials from us, such as brochures or reports
- To fulfill your request to receive newsletters from us
Legal basis for the processing
Sharing of your personal data
We may share your personal data under the following circumstances:
Securitas Group companies: We may share your personal data to our subsidiaries or affiliated companies for the purpose of processing your personal data to respond to your request. We will only provide your personal data to the subsidiary or affiliated company that needs to receive your personal data in order to provide you with the information you have requested. Our subsidiaries or affiliated companies will process your personal data to respond to your request and when doing so they will act as data controller for the processing conducted by them.
Third party service providers: We may also disclose your personal data to third party service providers who assist Securitas to facilitate or to provide certain services in relation to Securitas business and therefore process personal data on Securitas’ behalf. This will include:
- IT service companies that host our website or assist us in developing our website;
- IT support service providers; and
- other third party service providers,such as software providers and service providers, which facilitates or provides certain services to us in order for us to be able fulfil your requests, such as services for the purpose of providing you with our newsletters.
These third party service providers are authorised to use your personal data only as necessary to provide its services to us.
The Securitas Group companies and third party service providers may be located within or outside the EU/EEA.
Transfer of your personal data outside the EU/EEA
Securitas Group companies: We may share your personal data to our subsidiaries or affiliated companies for the purpose of that the relevant subsidiary or affiliated company will process your personal data to respond to your request. Consequently, we will only transfer your personal data to the subsidiary or affiliated company that needs to receive your personal data in order to provide you with the information you have requested. By submitting the request form you consent to our transfer of your personal data to our subsidiaries or affiliated companies that may be established in a country outside the EU/EEA (i.e. a so-called third country), including countries which the EU Commission does not consider to have an adequate level of protection for personal data. Please be aware that countries which are outside the EU/EEA may not offer the same level of data protection as the EU/EEA and, thus, you may not have the same rights as under the laws applicable to us.
We may transfer your personal data to our subsidiaries or affiliated companies established in any of the countries (including so-called third countries) listed here.
Third party service providers: The personal data that we collect from you may be transferred to and processed in a country outside the EU/EEA (i.e. a so-called third country), including countries which the EU Commission does not consider to have an adequate level of protection for personal data. In such case we will take all necessary steps required under applicable law in order for such transfer of your personal data across borders to be compliant with applicable law. We will only transfer your personal data to a country outside the EU/EEA where; (i) the EU Commission has decided that the third country ensures an adequate level of protection, or (ii) where the transfer is being safeguarded by the use of EU model clauses (under Article 46.2 in the General Data Protection Regulation (2016/679) (“GDPR“)) or where the recipient is certified under the US-EU Privacy Shield Framework (under Article 45 in the GDPR).
We may transfer your personal data to third party service providers established in the following countries outside the EU/EEA: USA. You can find further information about the rules on data transfers outside the EU/EEA, including the mechanisms that we rely upon, on the European Commission website here.
Securitas takes all reasonable technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. Securitas also takes all reasonable legal, technical and organisational measures to ensure that your personal data is treated securely and with an adequate level of protection when transferred to or shared with the above referred to third parties (see section “Sharing of your personal data”).
Whilst we take appropriate technical and organisational measures to safeguard the personal data that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal data that you transfer over the Internet to us.
We will keep the personal data we collect about you to fulfill your request to receive information and materials from us, such as brochures or catalogs, for as long as necessary for us to respond to your request or forward your request to the relevant individual, however, we will not keep such personal data for a longer period than three (3) months from your request and will delete it after that time except where we will keep the personal data we collect about you to fulfill your request to receive newsletters from us until you unsubscribe from our newsletter. If you unsubscribe from our newsletter we will thereafter delete your personal data except where we need to keep any personal data to comply with our legal obligations, resolve disputes, or enforce our agreements.
Cookie and similar technologies
Technologies such as cookies, beacons, tags and scripts are used by us and our analytics or service providers. These technologies are used e.g. in analysing trends, administering this website and tracking users’ movements around this website.
You have the right to, at any time, receive a copy of the personal data that we hold about you and information about the processing. Please note that Securitas needs to, in order to be able to answer your request, be able to determine your identity.
You have the right to, without undue delay, have incorrect, incomplete or irrelevant personal data about you corrected.
You have the right to have your personal data deleted without undue delay and Securitas is obliged to delete your personal data without undue delay if, for example one of the following grounds applies: the personal data are no longer necessary in relation to the purpose for which they were collected or otherwise processed, or if you withdraw consent on which the processing is based and where there is no other legal ground for the processing. Please note that we are not obliged to delete the personal data if we can show that the processing is necessary, for example, for compliance with a legal obligation to which Securitas is subject or the establishment, exercise or defence of a legal claim, or when there are other legitimate grounds to keep the data.
Furthermore, you have the right to request that Securitas restricts the processing of your personal data under certain conditions, for example if you contest the accuracy of the personal data, the processing may be restricted for a period enabling Securitas to verify the accuracy of the personal data or if Securitas no longer needs the personal data for the purposes of the processing but you require the personal data for the establishment, exercise or defence of legal claims.
You have the right to object, on grounds relating to your particular situation, at any time to Securitas’ processing of your personal data if the processing is based on, for example, legitimate interests, including marketing and/or profiling based on a legitimate interest. If you object to such processing, Securitas will no longer be entitled to process your personal data based on such legal basis, unless Securitas can demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedom or if it is conducted for the establishment, exercise or defense of a legal claim.
You have, under certain conditions, the right to receive the personal data concerning you and which you have provided to Securitas, in a structured, commonly used and machine-readable format and have the right to transmit such personal data to another data controller without Securitas trying to prevent this, where Securitas’ processing of your personal data is based on your consent or on a contract and the processing is carried out by automated means. You have in such case the right to request that the personal data from Securitas shall be transmitted directly to another data controller, where technically feasible.
You also have the right to, at any time, withdraw your consent given to Securitas for the processing of your personal data. If you withdraw your consent, please note that this does not affect the lawfulness of the processing based on your consent before its withdrawal and that Securitas may, under certain circumstances, have another legal ground for the processing and therefore may be entitled to continue the processing. Please also note that if you withdraw your consent, Securitas may not be able to fulfill your request for information.
If you are unhappy with our processing of your personal data and/or consider it to be in contrary to applicable legislation you may lodge a complaint with a competent supervisory data protection authority (“DPA“) (such as with the DPA in your country of residence, the DPA in the country of your place of work or the DPA in the country where the alleged infringement has occurred).
If you wish to receive a copy of the personal data we process about you, or if you want to exercise any of the above mentioned rights, please contact us (please see contact information below).
P.O. Box 12307
102 28 Stockholm
Contact our data protection officer on:
Att: Data Protection Officer
P.O. Box 12307
102 28 Stockholm