GDPR
PRIVACY POLICY
Foreword
SecuriTec strives to provide its customers with a trusted service by processing your data transparently and in strict compliance with applicable regulations, in accordance with your own preferences but also in compliance with the General Data Protection Regulation adopted on 27 April 2016 (Regulation 2016/679) – GDPR which came into force on 25 May 2018.
This Policy explains how SecuriTec ensures the protection, confidentiality and security of the personal data of clients using its services, and how it respects their privacy.
Why do we use your data?
SecuriTec only processes personal data for specific, explicit and legitimate purposes. SecuriTec will not process personal data in a way that is contrary to these purposes.
To this end, SecuriTec pursues the following objectives:
- Managing your commercial relationship with us;
- Providing you with the service or information you request;
- Providing you with a more efficient after-sales service.
For each of the uses indicated above, your personal data is processed on the basis of the following elements:
- The fact that it is necessary for the performance of a contract concluded between you and SecuriTec, or for the performance of pre-contractual measures taken at your request;
- The fact that it is necessary to comply with a legal obligation to which SecuriTec is subject;
- The fact that you have consented to processing.
SecuriTec ensures that your personal data is processed in a manner that is fully compatible with the purposes indicated above. If your data is to be further processed for a purpose other than that for which it was originally intended, you will be given all the necessary information beforehand. You will then be able to object to this further processing.
What type of personal data do we collect?
Your ‘personal data’ refers to any information relating to you as a natural person that can be used to identify you, directly or indirectly.
The personal data that SecuriTec may collect or process includes:
- Basic identification data, such as your first and last names, postal address, e-mail address, telephone numbers, etc.;
- Technical connection data, such as the IP address of your devices or TeamViewer ID, the specifications of your devices (type, brand, etc.), the username you use to connect, connection information (connection panel, switches, routers, etc.), etc.
Some of the information collected is necessary to achieve the aforementioned objectives, while other information is optional. You will always be informed whether information is mandatory or optional when it is collected. Failure to fill in certain mandatory fields may prevent SecuriTec from providing you with the product or service concerned or from ensuring the quality of services expected.
Whatever the purpose of processing your personal data, no ‘sensitive data’ as referred to in the regulation will be processed during your customer relationship with SecuriTec.
When do we collect your personal data?
SecuriTec may collect your personal data in different places or at different times when:
- You contact us;
- You fill in an order form for a purchase;
- When we install and commission your equipment;
- You give us your opinion on our products and services.
SecuriTec only collects data that is strictly necessary for the provision of the services you wish to use.
With which organisations are we likely to share your data?
The personal data we collect from you will mainly be used by SecuriTec's internal departments authorised to process it. It may, however, be sent to suppliers used by SecuriTec to provide certain services, such as, for example, hosting and operating intruder alarm or video surveillance systems.
SecuriTec may transfer some of your personal data to a third party at the request of the judicial authorities or any other administrative authority authorised by law.
In addition, SecuriTec ensures that any data transferred to authorised third parties will not be transferred to a country outside the European Union without appropriate additional safeguards, in particular to ensure that you can exercise your rights.
How long do we keep your personal data?
Personal data collected and processed by SecuriTec is kept only for as long as is strictly necessary to achieve the processing objectives set and to guarantee compliance with a legal obligation imposed by applicable legislation.
Accordingly, depending on the type of data processed and the purposes envisaged, SecuriTec's retention period will be as follows:
- A maximum of 3 years from the end of your business relationship with SecuriTec, for technical data processed to guarantee the service provided;
- A maximum of 10 years from the end of your business relationship with SecuriTec, for data relating to contractual aspects (agreements, guarantees, complaints, debt recovery and disputes, etc.) or accounting aspects (invoicing, purchase orders, delivery receipts, etc.)
How does SecuriTec protect your personal data?
SecuriTec implements appropriate and reasonable security measures in accordance with the risks presented by the processing carried out in order to protect your data against destruction, loss, alteration, unauthorised disclosure or access and against any other form of unlawful processing. These measures are adapted according to the sensitivity of the data processed and the level of risk presented by the processing or its implementation.
All SecuriTec employees and suppliers who have access to your personal data in the course of their work are bound by a strict obligation of confidentiality. They only access the data they need to carry out their work and are regularly made aware of and trained in the compliance and security rules applicable to your personal data. Data is also protected by several passwords and firewalls designed to prevent any unwanted attempts to connect. Access to our business premises is secured by an intelligent key system.
In addition, in the event of a personal data breach likely to result in a risk to your rights and freedoms, SecuriTec undertakes to comply with its obligation to notify the CNPD of such personal data breaches.
What are your rights?
When SecuriTec processes your personal data, you may exercise the following rights at any time and to the extent permitted by law:
- To be informed about the processing of your personal data by SecuriTec;
- To access your personal data (find out what data has been collected and processed and obtain a copy), ask for it to be corrected if it is incorrect or incomplete, ask for it to be deleted if it is out of date;
- To refuse its processing on legitimate grounds;
- If the preconditions are met, you may request that the processing of your personal data be restricted or that it be completely erased (right to be forgotten);
- To request a copy of the personal data you have provided to SecuriTec in a structured format (data portability), unless this would infringe the rights and freedoms of third parties;
- To withdraw your consent to processing based on this consent at any time.
You may exercise any of these rights free of charge by contacting the SecuriTec DPO, whose contact details are listed below:
Contact details of the Data Protection Officer SecuriTec SARL – DPO, 21 Klengbousbierg, L-7795 BISSEN
E-mail:
In order for us to respond to your request securely and prevent identity theft, you may be asked to provide proof of identity.
SecuriTec undertakes to respond within a maximum of one month from receipt of your duly completed request.
You can also file a complaint with the National Commission for Data Protection (CNPD) via its website: