Effective date: June 17th, 2019
You may reach us at:
Or, for residents of the European Union or EEA, you may reach our representative in the European Union which is:
Paradox Luxembourg S.ΰ.r.l.
This page informs you of our policies regarding the collection, use, disclosure and any other processing of Personal Data (as defined below) when you use our Mobile Application, our Website, Paradox Services and/or Paradox Devices and the choices you have associated with the processing of such data.
(a) Us offline or through any other means, including on any other website operated by any third party;
(b) Any third party, through any application or content (including advertising) that may link to or be accessible from or on the Website.
Cookies are small pieces of data stored on your devices. They contain small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your devices.
Customer means a purchaser of Paradox Devices and/or Paradox Services.
Customer Site means a site, area, zone, or location where any Paradox Devices and/or Paradox Services are installed and operational for a Customer.
Data Controller is an expression frequently used in personal information protection laws to mean a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
(a) We are a Data Controller only in respect of the Personal Data we collect from our Customers, Users, Third Party Installers, Distributors and from Website visitors.
(b) When our Customers and the Users upload Personal Data to the Mobile Application or Paradox Devices, we are not the Data Controller but solely act as Data Processor of that information. In such a case, the Customer acts as the Data Controller and is responsible for compliance of its affiliated Users with applicable personal information protection laws. Through its Users acting as representatives, the Customer is responsible for complying with applicable Personal Data protection laws, which entails among others obtaining the consent of Data Subjects whose Personal Data is collected and processed, managing the consent-revoking process and enabling the right to access the Personal Data collected.
Data Processor (or Service Providers) means a natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller (other than its own employees).
We may use the services of various Service Providers in order to process your data more effectively, all in accordance with this policy.
Device Data means, with respect to Paradox Devices, the IP address, last communication time, LAN IP address, MAC address, panel serial number, panel version, communication ports, serial number, device type and firmware version, which in certain cases when associated together or with other data may constitute Personal Data;
Distributor means any authorized distributor of Paradox;
Paradox Devices means Paradox products that are installed in or on a Customer Site.
Paradox Services means a Paradox service that is active and operational with respect to a Paradox Device, including the Mobile Application.
Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Site Data means the following data regarding a Customer Site: site name, the identification of each Paradox Device contained in a Customer Site, your email associated with the main Customer Site, the email of the Third Party Installer (if provided by the Customer or Distributor), panel information (panel serial number, Customer Site associated with, whether panel has been used in a paid Customer Site or not and panel type), push devices (e.g.: Phone) registered to the Customer Site and site expiration date, which in certain cases when associated together or with other data may constitute Personal Data.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website.
Third Party Installer means a natural or legal person, which is authorized to install Paradox Devices and/or Paradox Services on or in a Customer Site.
Usage Data includes information about how you use our Website, products, and services.
User means the natural person using our Mobile Application, the Website, Paradox Devices and/or Paradox Services. The User may correspond to the Data Subject, who is the subject of Personal Data.
Website means the website operated by Paradox at www.paradox.com.
2. Sources of Personal Data
We process the Personal Data that originated from the creation of your account (for the Mobile Application and/or the Website) and from your use of the Mobile Application, including the portion of the Mobile Application that requires the creation of an account to access Paradox Devices and/or Paradox Services.
We also process the Personal Data provided by our Customers, our Users and our Distributors in the context of their use of the Mobile Application, Website, Paradox Devices and/or Paradox Services.
3. Purposes of Processing and Legal Basis
Among the data we collect, either directly or through Third Party Installers, we process the following types of Personal Data for the following purposes to provide and improve our Mobile Application, Website, Paradox Devices and/or Paradox Services:
3.1 Account Information . To use our Mobile Application, Paradox Device and/or Paradox Services, the User will need to activate their account using their email address and serial number of their Paradox Devices. The User will receive a temporary token during the activation process and will receive a request for token activation for any changes following the activation.
3.1.1 Purposes and Legal Basis. We process each Users email address and associated token because the User needs to use them to sign in and connect to their account. The legal basis to this processing is our legitimate interest in protecting the Users accounts security.
We also process our Users email address to recognise them when they use our customer support. The legal basis for this processing is our legitimate interest in providing the best customer support we may offer you.
We also process our Users email address for the purpose of sending them important information about the Mobile Application, Paradox Device and/or Paradox Services such as important safety information or material changes to this policy. The legal basis to this processing is our legitimate interest in providing our Users with important safety or other important information regarding the Mobile Application, Paradox Devices and/or Paradox Services or changes in this policy.
3.2 Device Data. We associate Device Data to your email address and the Customer Site.
3.2.1 Purposes and Legal Basis. We process the Device Data to be able to connect your Paradox Devices with our systems in order to provide you with Paradox Services. Device Data is required to identify the exact Paradox Product that needs to be operated remotely. The legal basis to this processing is the performance of the agreement between you and Paradox to provide you Paradox Services.
3.3 Site Data. For each Customer Site, we process Site Data.
3.3.1 Purposes and Legal Basis . We process the Site Data to link each of your Paradox Devices with a Customer Site, with you, with the Third Party Installer, if any, who installed the Paradox Device and with your push devices (e.g.: Phone) in order to provide you with Paradox Services. The legal basis to this processing is the performance of the agreement between you and Paradox to provide you Paradox Services.
We also process the Site Data to deactivate the Paradox Services at the expiration or termination of Paradox Services to a Customer. The legal basis to this processing is our legitimate interest to cease to provide Paradox Services when Customer no longer has a Paradox Service agreement in force with Paradox.
3.4 Image Data. We process the image data that our Customers elect to record and to transmit pursuant to the features available through the Mobile Application, Paradox Devices and/or Paradox Services. By using the Mobile Application, Paradox Devices and/or Paradox Services, you hereby certify that you either (i) have a legal right to film or record such images; or (ii) you have obtained, prior to filming or recording, the consent of all individuals which images are to be recorded and transmitted on the Mobile Application, Paradox Devices and/or Paradox Services (in such case, you will not record any minors, except if you have obtained the consent of their legal guardians).
3.4.1 Purposes and legal basis. We process image data in order to offer the features provided through the Mobile Application, Paradox Devices and/or Paradox Services. The legal basis for this processing is the performance of the agreement between you and Paradox to provide you with Paradox Services.
3.5 Push Data . We process your push devices (e.g.: Phone) data such as token, device type, model, OS version and application version and process different push notification data such as: title of notification, message body, module type which sent the notification, push device type (Android/iOS), serial number, type of notification (Alarm, Arm/Disarm/Trouble/Loss/Restore/etc.), video filename, event time, Customer Site linked to device, zone, area and your email address.
3.5.1 Purpose and legal basis . We process such data in order to send you notifications and alerts which are features provided through the Mobile Application, Paradox Devices and/or Paradox Services and to allow you to access your Paradox Services, your Paradox Devices and manage and configure your Customer Site. The legal basis for this processing is the performance of the agreement between you and Paradox to provide you with Paradox Services.
3.6 Website Data. We process Technical Data, Usage Data, orders of Paradox Devices and Paradox Services and the tracking of such orders via our Website.
3.6.1 Purposes and legal basis. We process Technical Data, orders of Paradox Devices and Paradox Services and the tracking of such orders via our Website to allow our Distributors or Third Party. Installers to access to firmware, software downloads and place orders. The legal basis for this processing is our legitimate interest to have a Third Party. Installer install your Paradox Devices adequately and facilitate its work.
3.6.2 Purposes and legal basis. We process Technical Data to protect our business and the Website (including safety measures against intrusion into our systems). The legal basis for this processing is our legitimate interests for network security, to prevent fraud and prevent Personal Data breach).
3.7 Distributors Data. We process the name, address, email address, ID, and phone number of our Distributors personnel and their Technical and Usage Data.
3.7.1 Purposes and legal basis. We process such data to store the data related to Distributors in our systems. The legal basis for this processing is the performance of the distribution agreement between Distributor and Paradox.
We also process such Distributors data to create a link between a Paradox employee and the Distributor ID. The legal basis for this processing is the performance of the distribution agreement between Distributor and Paradox.
We also process such Distributors data to create an association between the Distributor ID and the country ID, streets address, HTML code, Web ID, List ID, Group ID, old Distributor ID, specific discount rate, shipping information (address and phone number), inventory number, currency code, pricing information, language code, Distributor email and second email. The legal basis for this processing is the performance of the distribution agreement between Distributor and Paradox.
3.8 Receipt Data. When we issue a receipt for Paradox Services, we process the Customer Site, the email address, the panel data, the service plan, the date, the end of subscription, the type of services (new vs renewal), the last 4 digits and type of the credit card used to pay the Paradox Services, linked to the receipt.
3.8.1 Purposes and legal basis. We process such data to properly identify the Paradox Services provided to the Customer for billing purposes. The legal basis for this processing is our legitimate interest in providing you with the best possible customer service.
3.9 Account Index Data . We process the type of notification sent to your device or your Paradox Device (Alarm/Arm/Disarm/Trouble/Loss/Restore/etc.), video filename (if your Paradox Device has a camera), event time, zone, area and associated email.
3.9.1 Purposes and legal basis. We process such data for monitoring alarm and other events between Third Party Installers and the central monitoring station. The legal basis for such processing is the performance of the agreement between you and Paradox to provide you Paradox Services
We use the following Cookies:
4.1 Strictly necessary Cookies. These are Cookies that are required for the operation of our Website. They include, for example, Cookies that enable you to log into secure areas of our Website such as:
4.2 Analytical or performance Cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily such as the following Google Analytics Cookies: _ga, _gid, _utma, _utmt, _utmb and _utmz.
4.3 Functionality Cookies . These are used to recognise you when you return to our Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region) such as:
All Cookies will expire as provided in Section 5.
As for Technical Data and Usage Data, we retain such data for a maximum of 12 months, except as mentioned in the following tables.
Cookies sets by Google Analytics:
6. Processing and Transfer of Personal Data
We process your Personal Data on the servers of our cloud Service Providers mentioned in Section 7.2 hereafter which are located in United States of America, Germany and Singapore. Therefore, your information, including Personal Data, may be processed on and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction of residence.
7. Disclosure of Personal Data
Paradox commits to keeping your Personal Data confidential and not to share your Personal Data with third parties, except in the limited cases and solely for the purposes described below.
We may employ third-party Service Providers to facilitate our Mobile Application, to provide the Mobile Application on our behalf, such as distributors and Third Party Installers, to perform services related to the Mobile Application or the Website or to assist us in analyzing how our Mobile Application or Website is used. These third-party Service Providers have access to such portions of your Personal Data that is necessary for them to perform these tasks on our behalf and are obligated to maintain the confidentiality of your Personal Data and not to use such Personal Data for any purpose other than providing services to us.
More precisely, here are the recipients or categories of recipients to whom we may transfer your Personal Data.
Third-party Cloud Servers . We use the following Data Processor to store and otherwise process your Personal Data on their servers:
7.3 Business Transaction
7.4 Disclosure for Law Enforcement
Under certain circumstances, Paradox may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
7.5 Legal Requirements
Paradox may disclose your Personal Data in the good faith belief that such action is necessary to:
(a) To comply with a legal obligation;
(b) To protect and defend the rights or property of Paradox;
(c) To prevent or investigate possible wrongdoing in connection with the Mobile Application or the Website;
(d) To protect the personal safety of users of the Mobile Application or the Website or the public; or
(e) To protect against legal liability.
8. Security of Data
The security of your Personal Data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Nevertheless, we are providing you with updated measures of protection and physical, electronic and operational security, pursuant to the best standards and practices of the industry.
9. Your Rights
9.1 Customer Rights
Paradox aims to take reasonable steps to allow its Customers to correct, amend, delete, limit or oppose to the process of their Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
As Customers or Website visitors, you may at any time withdraw any consent you gave us to process your Personal Data in the preference settings of your account or, in such instances where you do not have an account within the Mobile Application or Website, by contacting us. In this case, we will, as soon as commercially and reasonably possible, delete from our systems all your Personal Data obtained on the legal basis of your consent and request our Data Processors, if any, to do the same. By doing so, please be aware that you may not access all of the features of the Mobile Application or the Website.
Without limiting the foregoing, in certain circumstances, you have the right:
(a) To access and receive a copy of your Personal Data held by Paradox;
(b) To rectify any of your Personal Data held by Paradox that is inaccurate;
(c) To request the deletion of your Personal Data held by Paradox; and/or
(d) To object and request restrictions to the processing of your Personal Data.
As Customers or Website visitors, you have the right to data portability for the information provided to Paradox. As Customers or Website visitors, you have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and have the right to transmit such data to another Data Controller without hindrance from us. You have the right to have your Personal Data transmitted directly from us or the Data Controller to another Data Controller, where technically feasible.
Depending of your jurisdiction (e.g.: Canada, European Union, and EEA), you may have the right to lodge a complaint with a supervisory authority.
Please note that we may ask you to confirm your identity before responding to such requests.
9.2 Third-Party Rights
As described in Section 1 , we may process Personal Data in the role of a Data Processor. If your Personal Data has been submitted to us by a Customer or a User and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Customer or User directly. We may only access a Customers data upon instruction from that Customer. If you wish to make your request directly to us, please provide to us the name of the User or Customer who submitted your Personal Data to us. We will refer your request to that Customer or to the Customer associated with the User you provided and will support them as needed in responding to your request within a reasonable timeframe. Customers and Users of Paradox are required to comply with all applicable privacy laws.
10. Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
11. Children's Privacy
Our Mobile Application and Website do not address anyone under the age of 16 (Children).
We do not knowingly collect Personal Data from anyone under the age of 16. If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
* * *
Copyright © Paradox Security Systems (Bahamas) Ltd. All Rights Reserved.