At Genetec, we are committed to protecting our customers’ personal data. This document will help you understand how we collect, manage and use their and their users’ personal data as part of our provision of our products and services to you.
In this document, the expression “personal data” means information pertaining to an identifiable individual. Such information may include the person’s name, address, contact information (such as telephone numbers or email addresses), age, gender, and so forth. We further use the term “product” to refer to any product, service, solution or other offering made available by Genetec.
WE STRONGLY ENCOURAGE YOU TO CAREFULLY READ THIS DOCUMENT. YOUR (INCLUDING YOUR USERS’) USE OF OUR PRODUCTS WILL MEAN THAT YOU HAVE ACCEPTED THE TERMS AND CONDITIONS DESCRIBED HEREIN, AND AGREED TO OUR COLLECTION, STORAGE, USE AND DISCLOSURE OF PERSONAL DATA IN THE MANNER DESCRIBED IN THIS DOCUMENT.
Why we need to collect personal data
What kind of personal data may be concerned
We make available a variety of products, any combination of which may be procured by Customer. Consequently, the scope and nature of information collected by us varies based on the products used by Customer. In any case, we access and collect personal data only to the extent necessary to ensure that Customer can access and use the products that it has procured. We may further collect information to identify and associate Customer with its Genetec account. This includes Customer’s name, contact information, including mailing address, email addresses of certain users entitled to access and use the products for or on behalf of Customer, as well as other unique identifiers attributed to Customer (including its users) by us or by other service provider, as the case may be. Additionally, we may collect and store personal data that Customer (including its users) chooses to provide to us, at its sole discretion, without us requiring it to do so. This may occur, for example, where you disclose certain personal data to us when you contact us, or when you choose to store certain personal data in our products as part of your use of such offerings.
Generally, our products may be grouped in four categories: on-premise software, cloud services, hybrid products and mobile applications. Below, you will find an overview of the type of information that may be collected and processed by us in relation to your use of our products. However, we encourage you to refer to the relevant product privacy sheet to better understand what information may be collected and processed by us in relation to your use of such product.
The first category combines our software products that are installed on infrastructure provided by or on behalf of Customer. In these cases, all personal data remains store in the Customer’s systems, and will not be shared with Genetec. Customer may, however, for its convenience, choose to enable the automated modules – known as the Genetec Update Service (GUS) and the System Availability Monitor (SAM) – which would respectively allow Customer, among other things, to receive automated software and firmware updates, security notifications, and other relevant non marketing content, and monitor the status of their physical security infrastructure. These modules, when enabled, will monitor and send to our systems information pertaining to the configuration, status and health of software and hardware associated with your installation of our on-premise products.
The second category groups cloud products that are hosted on systems made available by us. The extent of personal data that may be collected and processed by us as part of our cloud products will vary based on the type of cloud product being used.
Our hybrid products category represents products that are generally installed on infrastructure provided by or on behalf of Customer (with all of the personal data being hosted on-premise, as outlined above), but additionally require an internet connection to ensure that Customer holds a valid subscription to use such hybrid product.
We may also make available certain mobile applications to Customer in relation to its use of our products. Generally, our mobile applications are an extension of Customer’s other Genetec products. Our mobile applications only collect and send to our systems a limited set of information, which includes hardware and operating system information, web browser version, certain anonymous usage data, as well as the mobile device’s geographic location. All other information remains stored on the mobile device or in the relevant Genetec product.
When you create a customer account with us in association with any Genetec product, we will require you to submit to us certain personal data to identify you (including your users) as the holder of such customer account, but also to protect information associated with your customer account from unauthorized disclosure. Such personal data may include, but is not limited to, Customer full name, user full name, address, contact information, you Genetec account username and password. It is your responsibility to provide all necessary information to, and obtain all relevant approvals and consents from all your users in relation to their access and use of our products.
Finally, when Customer contacts us, whether by phone, chat, email, through our websites or otherwise, we may keep a record of such communications to help solve issues that Customer might be dealing with, but also for training, quality assurance and statistical purposes, as well as to improve our products. Please note that we may aggregate personal data to generate various performance, analytical and statistical data, as well as to develop new products. When we do so, we ensure that such information becomes anonymized and may no longer be associated with an identifiable individual. Please refer to product privacy sheets for more information.
Who may have access to personal data
At Genetec, we recognise and respect the importance of protecting our customer’s personal data. Keeping personal data in strict confidence is a core part of our commitment to service excellence. We do not sell or rent any personal data to any third party. However, in order to provide Customer with our products, we may share Customer’s personal data with our affiliated companies, parent entities and subsidiaries, for internal business purposes, as well as with our partners acting on our behalf in relation to the provision of such products.
These measures also include protecting personal data within our organisation. Such information may only be accessible by those employees, agents, representatives and contractors of Genetec who need to know such information as part of their duties. We further ensure that our employees, agents, representatives and contractors perform their duties in a way compatible with the terms and conditions described in this document.
We may be required to disclose information that we have on Customer and its users (including its and their personal data) to governing and law enforcement authorities, including where required by law, a court order, or by other legal obligations that we may have in any jurisdiction.
How we protect personal data
We work diligently to maintain administrative, technical and physical controls consistent with industry best practices to protect Customer’s personal data against unauthorized access or use. We leverage industry-leading technologies, including server authentication and data encryption, to protect personal data during transit over the internet and at rest.
Where personal data may be processed
While our global headquarters are based in Montreal, Canada, Genetec, together with our partners and affiliated companies, operate in various locations worldwide. As a result, we may store or otherwise process personal data in many places around the world, including outside the state, province or country where Customer is located, in which case personal data may become subject to foreign laws, and, therefore, may be available to the governing authorities under local laws and regulations. We will use various legal and contractual means to ensure that data transfers are done in compliance with applicable laws and industry best practices.
In certain cases, we may enable Customer to choose the location of data centers where we will store Customer’s personal data. Please note that the availability of choice of data center locations varies based on the product, as well as on Customer’s geographical location.
Keeping personal data accurate and up-to-date
We rely considerably on your personal data to ensure that we provide Customer with the best possible experience. It is, therefore, important that your personal data available to us remains up to date. As such, if you notice that the information that we have on Customer in our files is no longer accurate or is incomplete, we strongly encourage you to contact us with the most current information. Not doing so may, in some cases, affect our capacity to deliver to our products. Note that before updating Customer’s personal data, we may ask you to verify your identity before we can act on the request.
Retention of personal data
Customer’s personal data will be stored in accordance with our retention policies and processes. We will keep Customer’s information only for as long as it is necessary for us to fulfill our obligations. Thereafter, we will put necessary efforts to permanently dispose of your personal data, unless we are required to keep it for legitimate business or legal purposes.
Note that you may withdraw your consent any time with regards to our use or other processing of personal data for any secondary purposes, which may include marketing and promo communications, by contacting us. However, we may still contact you using your contact information to share important information relation to your account or use of your products.
Openness and accountability
If, for any reason, you consider our response to be unsatisfactory or incomplete, please don’t hesitate to contact our privacy team by email at [email protected], or by mail at the following address: 2280 Alfred-Nobel Blvd., Suite 400, Montreal, QC, H4S 2A4, Canada.
You may also contact our privacy team if you wish to request access to your personal data within our possession or control. Note however that, in some cases, it could impossible for us to provide you access to your personal data. This may occur when providing such access would be likely to impact the privacy or the security of a third party, reveal confidential information of Genetec or cannot be disclosed for other valid reasons. In these events, we will advise you in writing of the grounds of our decision.
At last, if we are unable to resolve an issue to your satisfaction, it may choose to request assistance from the privacy authorities, such as the Privacy Commissioner of Canada, who may be contacted at 1-800-282-1376, or by visiting www.priv.gc.ca.
The revised version of this document terms will take effect as soon as it is made available on our website with regards to all new customers. For customers existing as of the date of publication of such revised version, the updated policy will only apply to you thirty (30) days following the date of publishing. Customer’s (including its users’) access or use of our products after such date will signify Customer’s acceptance of the new terms and conditions. If any revision to this policy outlines any material changes to the way that we use or otherwise process any personal data, we will provide a more prominent notice.
Where applicable, we will also provide Customer with instructions on how to opt in to or opt out from our new products, or communications. Note that some aspects of our products may not be available to Customer if Customer chooses to opt out from certain communications.