Effective Date: 20 May 2020
1. Table of Contents
2. Information We Collect
We collect information directly from you and automatically through your use of the Allegion Applications. To the extent permitted by law or with your consent, we may combine all of the information that we collect about you from various sources.
Information we collect directly from you. We collect information from you when you register to access the Allegion Applications, populate or update your account information (including your user profile) on the Allegion Applications, apply for a job with us or register to our talent management platform, request information from us, contact us, or otherwise use our products and services through the Allegion Applications. The information we collect varies depending on your interaction with us, and may include, but is not limited to, identifiers like your name, mailing address, telephone numbers, fax number, and e-mail address, as well as commercial information like billing address, transaction and payment information (including financial account numbers or credit or debit card numbers), and purchase history. We also collect any other information that you choose to provide to us (e.g., registration information if you register for one of our training programs or subscribe to our My Allegion News newsletter, such as username and password; drawings or design content if you interact with one of our product or specification collaboration applications; information you provide while participating in discussion forums; or professional or employment-related information like job function or information you provide when you apply for a job with us or register to receive information about career opportunities at Allegion) through the Allegion Applications.
If you choose not to provide us with any personal data you may not be able to take advantage of the Allegion Applications’ offerings (e.g. access to informational, marketing or collaboration-related content).
Information we collect when you visit our Allegion Applications. When you visit our Allegion Applications, the information that we automatically collect includes, but is not limited to: domain name; device and browser type and operating system; search terms and other usage information (including web scrolling, browsing, and click data to determine what webpages are viewed and links are clicked); geolocation; Internet protocol (“IP”) address; the date, time, and length on the Allegion Applications or using our applications or services; and the referring URL, search engine, or the web page that led you to our Allegion Applications. The legal basis for such processing is our legitimate interest to ensure the stability and security of the Allegion Applications, which is technically necessary for us to provide you with these services.
Information we collect through cookies when you visit our Allegion Applications: With regard to personal information we collect through cookies, web beacons, and other technologies when you visit our Allegion Applications or use our related services we refer to the section “Cookies and Tracking Mechanisms” below.
To the extent permitted by law or with your consent, we may combine this information with other information that we have collected about you, including from our vendors who help us provide services to you. Please see “Cookies and Tracking Mechanisms” below for more information.
4. Use of Your Information (Purposes)
We use your information, including your personal data, for the following purposes:
The legal basis for such processing is - depending on the specific case - either your consent or our legitimate interest.
5. Disclosure/Recipients of Your Information
We may disclose your information, including personal data, as follows:
6. Cookies and Tracking Mechanisms
Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies, which are embedded invisibly on web pages. We or our service providers may use clear GIFs (also known as web beacons, web bugs or pixel tags) in connection with our Allegion Applications to track the activities of users of our Allegion Applications, help us manage content, and compile statistics about usage of our Allegion Applications. We or our service providers may also use clear GIFs in HTML e-mails to our users, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded. The legal basis for the use of these technologies is your consent.
7. Do Not Track Disclosure
Currently, our systems do not recognize browser “do-not-track” requests. You may disable certain tracking as discussed above in our “Cookies and Tracking Mechanisms” section (e.g., by disabling cookies). To learn more about do-not-track signals, please see this resource.
8. Third-Party Links
Our Allegion Applications may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy but instead is governed by the privacy policies of those third-party websites. We are not responsible for the privacy, security and information practices of such third-party websites.
9. International Transfers and Offshore Storage of Personal Data
We may use, disclose, process, transfer or store information, including personal data, outside the country in which it was collected, such as to the United States and other countries, which may not guarantee the same level of protection for personal data as the country in which you reside.
Additionally, there are situations when personal data is transmitted to third-party service providers (in the United States and/or other countries, including countries in which Allegion operates or has offices) to provide services for Allegion, such as payment processing and web hosting and other services required by law. Allegion uses third-party service providers to process personal data for service-related and administrative purposes. Such service providers are located in the United States and other locations where Allegion does business. When Allegion retains another company to perform a function of this nature, such third party will be required to protect the personal data and will not be authorized to use the personal data for any other purpose.
The countries that we may use, disclose, process, transfer or store your information in are likely to be Australia, Austria, Belgium, Canada, Chile, China, Colombia, Denmark, France, Germany, Hong Kong, India, Ireland, Italy, Malaysia, Mexico, Netherlands, New Zealand, Panama, Poland, Russia, Singapore, South Korea, Spain, Sweden, Switzerland, Turkey, UAE, the United Kingdom and the United States.
With regard to residents in the EU: your personal data will only be transmitted outside the EU or the European Economic Area if the other conditions for such transmission under the GDPR are fulfilled (e.g., signing of EU standard contractual clauses with the service provider(s) pursuant to Art. 46 (2) c) GDPR).
10. Security of Personal Data
We may store your personal data in electronic format. We have implemented reasonable measures to protect the personal data we collect from damage, misuse, interference, loss, alteration, destruction, unauthorized or accidental use, modification, disclosure, access or processing, and other unlawful forms of processing data. However, please be aware no data security measures can guarantee 100% security. While we monitor and maintain the security of the Allegion Applications, we do not guarantee that the Allegion Applications or any products or services are impervious to attack or that any use of the Allegion Applications or any products or services will be uninterrupted or secure. In addition, information that you transmit over the Internet, including through e-mail or SMS message, is not secured by us and is inherently vulnerable to attack or interception.
11. Retention of Personal Data
We will retain your personal data for as long as we have a reasonable legal or commercial need for it, after which time we will destroy it through currently available secure destruction means. Personal data collected for recruitment purposes will be retained for a reasonable period of time in accordance with applicable law, unless you are hired in which case some of this information will be stored in your employment record.
12. Your Rights and Choices
As long as your relationship with us exists, you have the responsibility to make sure that all your data is up to date. Please be advised that in order to exercise the ARCO rights (Access, Rectification, Cancellation & Opposition) set forth in the Mexican Federal Law on Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares), you may contact, at any time, the privacy officer to request information regarding the treatment that is given to your data at the following email address: email@example.com.
In the event that you exercise an ARCO right, you must submit a request, which must contain at least the following information: (i) full name and e-mail or domicile to inform you the answer to your request; (ii) the documents evidencing your identity or, as the case may be, the legal representation; (iii) a clear description of the personal data respect to which you seek to exercise any of the above mentioned rights; and (iv) any other element or document that facilitates the location of the personal data. Your request will be answered within the period permitted by law and we will inform you if the same proceeds through the e-mail or address that you have provided us for these purposes.
We will inform you if your request proceeds by e-mail or in writing within the following 20 (twenty) business days, but in case it is necessary additional information may be requested. In case it proceeds, we will answer your request within a term of 15 (fifteen) business days after the previous term.
You may revoke the consent that, as the case may be, you granted us for the handling of your personal data. However, it is important that you keep in mind that not in all the cases we will be able to answer your request or immediately conclude the use thereof as it is possible that due to some legal obligation we will be required to continue handling your personal data. To revoke your consent, you must send your request to the following e-mail address: firstname.lastname@example.org.
13. Special Information for California Consumers
California residents may request a list of certain third parties to which we have disclosed certain personal data for their own marketing purposes. You may make one request per calendar year. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. You may request this information in writing by contacting us using the information in the “Contact Us” section below. Please allow up to thirty (30) days for a response.
14. Changes to this Policy
We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on the Allegion Applications. If we make any changes to this Policy that materially affect our practices with regard to the personal data we have previously collected about you, we will endeavour to provide you with notice in advance of such change by highlighting the change on the Allegion Applications or e-mailing you. Your continued use of our Allegion Applications or the related applications or services or your provision of further information further to the change in this Policy constitutes your acceptance of our revised Policy. You can obtain a copy of our current Policy by contacting us.
15. Contact Us
Please contact us at email@example.com if you have any questions or concerns about this Policy, the personal data we have about you, require assistance in managing your choices, or have other questions, comments or complaints regarding our privacy practices. The messages you send to us will be transferred to and reviewed in the United States. California residents may submit requests to exercise their rights under the California Consumer Privacy Act by using this web form or calling us at 1-877-671-7011.
If your personal data is subject to the purview of the Office of the Australian Information Commissioner, and if you are still concerned about the way in which any privacy issue has been handled, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (www.oaic.gov.au) for guidance on alternative courses of action which may be available. If you are still concerned about the way in which any privacy issue has been handled, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (www.oaic.gov.au) for guidance on alternative courses of action which may be available.
Additional Rights (from 25 May 2018)
As of 25 May 2018, with regard to personal data subject to the General Data Protection Regulation of the European Union, you also have the following rights:
Where personal data is subjected to restriction in this way we will only process it with your consent or for the establishment, exercise or defense of legal claims.
You also have the right to lodge a complaint with a supervisory authority, in particular in your Member State of residence, if you consider that the processing of your personal data infringes the European Union's General Data Protection Regulation.
For further information regarding your rights, or to exercise any of your rights, please contact firstname.lastname@example.org.
[SA1]Note that aside from CCPA requests to opt out of sale, the CCPA gives businesses 45 days to substantively respond requests from consumers to exercise their access and deletion rights. Cal. Civ. Code § 1798.130(a)(2); Modified draft regulations § 999.313(a)(2). Under the modified draft regulations businesses have 10 days to confirm receipt of a request to access or delete personal information. § 999.313(a)(1), Consider softening this language to something along the lines of “within a reasonable period of time.”