Skip to main content

      Privacy Policy

      Your privacy is important to us. This policy explains how we handle personal information and other data we obtain from you anytime you interact with Securitas, such as when you browse our website or when you use our service to upload or download content.

      DATA PROTECTION NOTICE FOR CUSTOMERS

      This Data Protection Notice (“Notice”) sets out the basis on which Securitas Singapore (“we”, “us”, or “our”) may collect, use, disclose, or otherwise process the personal data of our customers in accordance with the Personal Data Protection Act (“PDPA”). This Notice applies to personal data in our possession or under our control, including personal data in possession of organizations in which we have engaged in collecting, using, disclosing, or processing personal data for our purposes.

      PERSONAL DATA 

      1. As used in this Notice:

      customer” means an individual who (a) has contacted us through any means to find out more about any goods or services we provide or (b) may, or has, entered into a contract with us for the supply of any goods or services by us; and

      personal data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

      1. Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include name, email address, telephone number, photograph, employment information, and financial information.
      2. Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).            

      COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

      1. We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us (your “authorized representative”) after (i) you (or your authorized representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorized representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose that has not been notified to you (except where permitted or authorized by law).

      2. We may collect and use your personal data for any or all of the following purposes:
      • performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;
      • verifying your identity;
      • responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
      • managing your relationship with us;
      • processing payment or credit transactions;
      • complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or assisting in law enforcement and investigations conducted by any governmental and/or regulatory authority;
      • any other purposes for which you have provided the information;
      • transmitting to any unaffiliated third parties, including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
      • any other incidental business purposes related to or in connection with the above.
      1. We may disclose your personal data:
      • where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you; or
      • to third-party service providers, agents, and other organizations we have engaged to perform any of the functions with reference to the above-mentioned purposes.
      1. The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).

      RELIANCE ON THE LEGITIMATE INTERESTS EXCEPTION

      1. In compliance with the PDPA, we may collect, use or disclose your personal data without your consent for the legitimate interests of Securitas Singapore or another person. In relying on the legitimate interests exception of the PDPA, Securitas Singapore will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect.

      2. In line with the legitimate interests’ exception, we will collect, use or disclose your personal data for the following purposes:

        1. Fraud detection and prevention;

        2. Detection and prevention of misuse of services;

        3. Network analysis to prevent fraud and financial crime, perform credit analysis; and

        4. Collection and use of personal data on company-issued devices to prevent data loss.

      The purposes listed in the above clause may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way for a reasonable period thereafter.

      WITHDRAWING YOUR CONSENT

      1. The consent that you provide for the collection, use, and disclosure of your personal data will remain valid until such time it is withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using, and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

      2. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within thirty (30) business days of receiving it.

      3. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you, and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause eight above.

      4. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use, and disclosure without consent is permitted or required under applicable laws.

      ACCESS TO AND CORRECTION OF PERSONAL DATA

      1. If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.

      2. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

      3. We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) days of receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

      PROTECTION OF PERSONAL DATA

      1. To safeguard your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, we have introduced appropriate administrative, physical, and technical measures such as a minimized collection of personal data, authentication, and access controls (such as good password practices, need-to-basis for data disclosure, etc.), encryption of data, up-to-date antivirus protection, regular patching of operating system and other software, securely erase storage media in devices before disposal, web security measures against risks, usage of one-time password(OTP)/2-factor authentication (2fa)/multi-factor authentication (MFA) to secure access, and security review and testing performed regularly.

      1. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

      ACCURACY OF PERSONAL DATA

      1. We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete, and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.

      RETENTION OF PERSONAL DATA

      1. We may retain your personal data for as long as it is necessary to fulfill the purpose for which it was collected or as required or permitted by applicable laws.

      2. We will cease to retain your personal data or remove the means by which the data can be associated with you as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected and is no longer necessary for legal or business purposes.

      TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE

      1. We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

      EFFECT OF NOTICE AND CHANGES TO NOTICE

      This Notice applies in conjunction with any other notices, contractual clauses, and consent clauses that apply in relation to the collection, use, and disclosure of your personal data by us.

      We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgment and acceptance of such changes.

       

      General Privacy Notice Leadoo

       

      1. About this Privacy Notice

      We at Securitas ("Securitas", "we" or "us"), affiliated companies worldwide (“Securitas Group”), are multinational global security firm focused on delivering protective and digital services for our clients. We respect your integrity and this General Privacy Notice describes how we collect and process personal data about you.

      This General Privacy Notice applies to the personal data processing towards any:

      · Client or prospective clients,

      · Visitors of our premises,

      · Suppliers, prospective suppliers or other thirds parties providing services to us,

      · Visitors of our websites and social media channels,

      · Business events attendees,

      · Other thirds parties whose data received from publicly available sources or/and shared by other third parties,

      being natural persons or legal persons (their employees, representatives, or other staff) whose personal data we process).

      This General Privacy Notice covers typical data processing within the scope of our economic activity. Please note that since Securitas is an international company, thus this General Privacy Notice may be replaced or supplemented in order to fulfill local requirements, as well as to provide you with additional information on why and how we process your data. You may be also provided with “just in time” privacy notice before such processing takes place, e.g. if you wish to use our Securitas Integrity Line.

      1.1. Data controller

      Where we determine the purpose and means of processing personal data, Securitas will be a data controller. Where we act as a processor in our capacity of providing protective and digital services to our clients, we will only process personal data in accordance with the instructions of our clients and act as a data processor (e.g. your data included in the guards’ reports).

      Securitas is represented in many countries, and it is generally your local Securitas company that is responsible for the processing of your data. For information on what Securitas company are processing your information and how to get in contact with us at: esther.lim@securitas-singapore.com. You can also contact our global privacy team at: privacy@securitas.com

      2. How do we get information about you

      In general, we collect personal data about you directly from you (e.g. is you contacting us, providing your feedback, performing concluded agreement, etc.) or from third parties (e.g. your business contact details received from the company for which you work for).

      We may also collect personal data based on the use of our premises (e.g. CCTV system, visitor logbook), our infrastructure (when you receive an access to our IT systems) or collected automatically on the basis of your visits on our websites (e.g. through chatbot and cookies on our websites. For further information about cookies, please refer to our Cookie Policy).

      We may also collect limited personal data from third parties or publicly available sources such as news, announcements, public registers of companies and other sources including services accessible (e.g. to create newsletters or security reports). In accordance with Singapore’s PDPC and GDPR’s principle of data minimization, we limit the amount of such

      information collected as much as reasonably possible. We also anonymize or delete all copies of such information before producing any newsletters or reports or otherwise sharing the results of our research and analysis with any third parties.

      3. Categories of personal data

      The following information is processed about you, however, the exact scope of data processed varies depending on relevant circumstances, such as your business relation with us.

      In general, we may process the following information related to you:

      Categories of personal data Examples

      Identity data name, business title, your organization, photographs

      Contact information address, email, phone number, country

      Financial information Your account to process payment for the services

      Client service data client matter number, beneficial owner, company announcements and policies, information from messages to us/ forms you fill in, including responses to surveys and feedback provided

      Marketing and communications data information on when you receive and read marketing communications from us, open email/ click data, newsletters requests, events you attend and marketing and communication preferences Additional information about the personal data we process in connection with marketing is included with the marketing communications we send you and your interaction with us Chatbot conversation (anything submitted by a data subject into the chat box when using the chatbot) to navigate website visitor to requested content

      Usage technical and browsing data Your use of our websites, language used, IP address (including information about the company that provides the IP address), log data, device data, unique device identifies, cookies and other data linked to a device, data usage of our websites, user generated data. For more information about cookies, please refer to our Cookie Policy

      Conversation Logs We may record conversations with the chatbot for quality improvement and troubleshooting for up to 13 months. These recordings will be anonymized to protect your privacy.

      Limited publicly available

      information From public announcements, news, publicly available data bases or other publicly available sources which will be further included in our newsletters and security reports

      Information from guards’ reports

      and other received information from

      thirds parties Information included in the guards’ reports created under the instructions of our clients and other data received from client (only if permitted under the relevant agreement concluded with the client) and only processed for anonymization purposes before further use for analytics, enhancement of our services as well as development of new services

      CCTV and physical security data Footages from CCTV or from other sources such as visitor logbook, access card usage

       

      4. Processing your personal data

       

      4.1. Purpose and the legal basis of processing

      Securitas always process your personal data for a specific purpose and we only process the limited relevant personal data to achieve that purpose. It means that we will use your personal data only for the purposes for which it was originally collected unless we reasonably need it for another compatible purpose and there is a lawful basis for further processing.

      We process your personal data only if we have a relevant legal basis to do so. Where we require your consent, you will find opt-in mechanisms and you have the ability to withdraw consent at all times. you can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. The exact legal basis depends on the context of our relation with you.

      Purpose of the processing Legal bases

      Deliver services to our clients such as protective

      and digital services Performance of the contract Legal or regulatory obligation (e.g. accounting obligations) Legitimate interests: ensuring that you are provided with the best services and other client care related purposes

      Manage our business relationship with our clients Legitimate interest: to offer you the best possible service and respond to any future market trends Your consent

      Manage payments Performance of the contract Legitimate interest: securing a prompt payment of any fees, costs and debts and collection of money owed to us

      Marketing activities, including building client

      profile and related profiling such as engagement

      scoring

      Legitimate interest for direct marketing purposes for existing clients You consent for direct marketing purposes as prospective client Legitimate interest for building client profile and related profiling such as engagement scoring (e.g. on the basis of preferences, behavior on website, interaction with Securitas content) for direct marketing purposes for existing and prospective clients, promoting our services and identifying ways to improve and expand our services

      Interacting with chatbot Legitimate interest (to answer questions and requests from website visitors in the chat and follow up on email as well as for quality improvement and troubleshooting) Legitimate interest for company identification that provides the IP address used Your consent to collect your contact details for marketing communication purposes

      Quality and staff training purposes Legitimate interest: to improve the level of services provided your consent

      Asking for your feedback and other market research & business development activities Legitimate interest: identifying ways to improve and expand our services Your consent

      Manage and protect our business, including

      improving data security, troubleshooting data

      and systems, system maintenance and testing,

      data hosting, managing our premises Legal and regulatory obligation Legitimate interest: ensuring the efficient and secure running of our business, including through office and facilities administration, maintaining information technology services, network and data security, fraud prevention and improving or reorganizing our infrastructure or Securitas Group

      Check conflict of interest/ ethic check, beneficial

      owner, AML, fraud and other background

      screening Performance of the contract, Legal or regulatory obligation (if required under the local law) Legitimate interest (ensuring we act in line with Securitas internal policies, e.g. all parties concerned understand any conflict of interest or ethic dilemma which may arise for us in a matter and we do not deal with proceeds of criminal activities or assist in any other unlawful or fraudulent activities) (if permitted under the relevant local law)

      Prepare newsletters, security reports and other

      related content Legitimate interest: to collect limited publicly available data and data included in guards reports (in this regard following its anonymization) to conduct industry and market research and similar inquiries to help us understand trends and client needs in order to better provide content to our clients and others and to provide services to our clients

       

      4.2. Marketing profiling and building client’s profile (data sets matching)

      Securitas uses profiling in limited circumstances relating to our marketing activities. Securitas combines data obtained to build the client marketing profile which helps us determine what products and services might be of interest to you as a client or prospective client and when you might be ready to make a purchase based on repeated interaction with our websites, emails, and content (e.g. on the basis of engagement scoring derived from your interaction with our content such as open clicks, webforms sent, etc.).

      For instance, if we see that you are regularly viewing articles dedicated to small and medium enterprises on our website, and you clicked on our advertisement for small and medium enterprises we may tailor our web content to your interests.

      The automated solution profiles the information to evaluate your interest in our service offerings and/or promotions. This enables us to identify and target prospective clients and/or business partners and aims to provide you with relevant and timely content based on your indicated interests. Securitas marketing and sales personnel are involved in this process and no automated decisions are made that would result in legal effects or similarly significantly affect an individual.

      For this purpose, we store one or more cookies on your end device, with the help of which we collect information for marketing and optimization purposes, which in turn is stored and further processed on the third party servers. The collected information can be combined with your further details as our current client or which you voluntarily leave on our website by analyzing the information about your online behavior and your interactions with Securitas content, for example by accepting cookies and similar technologies via our cookie banner, to create a client profile.

      You can always object to the direct marketing and related profiling, and we will always respect your decision.

      You can always withdraw your consent to prevent your personal data being used this way at any time using the Cookie Settings. To learn more about deleting cookies, please see our Cookie Policy.

      4.3. Transparency about GenAI

      When using chatbot on our website, you are interacting with a generative AI. This technology allows us to provide automatically generated responses to your inquiries. While the chatbot is trained to be informative and comprehensive, it is still under development.

      4.4. How long we keep your data?

      We retain your personal information only for as long as is necessary for as long as necessary to fulfil the purposes they collected it for and no longer than we are permitted under the law.

      Usually, when it’s client or supplier’s relationship, we retain your data as long as it is necessary to perform the contract and then as long it is necessary for legal and regulatory purposes (e.g. to satisfy accounting and tax obligations). When the processing is based on your consent, we process data as long as your consent is effective until it’s revoked.

      All personal data is held in accordance with our local data retention policy. If you would like more details, please contact us.

       

      5. Who do we share your personal data with?

      Securitas will only share your personal data with those who have a legal basis, including the legitimate interest for it. Each time we share your personal data, we will ensure the personal data is used in a manner consistent with this General Privacy Notice and taking into consideration the nature of the data.

      Service Providers and Subcontractors: your personal data will be processed by our service providers or subcontractors (including data storage service providers, technical support, and maintenance of the service) on instruction from Securitas. All service providers and subcontractors act as Securitas personal data processors and are under contractual arrangements only allowed to process data for the purposes as set out above. Furthermore, the personal data processor (service provider or subcontractor) and those acting under instructions of the processor will not access more personal data than is required for the performance of the service covered by the agreement with Securitas.

      Securitas Group: your personal data may be processed by companies within the Securitas Group that provide services to Securitas in relation to our common internal services, such as IT support, management and administration. In such a case, Securitas Group companies act as Securitas personal data processor, joint controller with Securitas or as a separate data controller. The processor or joint controller may only process personal data under the purposes or instructions provided by Securitas for the processing and only process data for the purposes as set out above. Furthermore, the personal data processor and those acting under the processor's instructions will not access more personal data than is required for the performance of the service covered by the agreement with Securitas.

      For example, your personal data may be shared within the entities within Securitas Group only if there is a lawful basis to do so, including the legitimate interests above.

      Public authorities: Securitas shares your personal data with public authorities (such as the police, the tax authority, or other authorities) in response to lawful requests by public authorities (such as regulatory bodies, law enforcement authorities, and national security organizations) as well as to manage and defend legal claims. Public authorities that receive your personal data will be the controller for such processing, which means that it is not Securitas who governs how your personal data is processed if shared with an authority. Thus, if your personal data is shared with authorities, this General Privacy Notice will not cover that subsequent processing.

      Other third parties: We may also share your personal data with other third parties who acts as a separate data controllers (i.e. not instructed by us) and have a separate privacy notice for such purposes. For example, where necessary to manage and defend legal claims, we share personal data with legal advisors that we have engaged or if we are legally obliged. Other examples of separate data controllers to whom we may share your personal data are: external parties placing cookies on our websites (e.g. YouTube and Spotify) and only if you consent via cookies (please refer to our Cookie Policy

      for more information). Please note that our websites may contain links to non-Securitas Group websites. The Securitas Group is not responsible for the privacy policies or practices of such websites. You will be clearly informed if the link is to the external service.

       

      6. Where we are processing your personal data

      To provide you with the Service, we, or a partner processing data on our behalf, process your information primarily within EU/EAA. We enter into confidentiality and data processing terms with all our partners to ensure they comply with high levels of confidentiality, data protection laws, and best practices in privacy and security standards.

      Certain services are carried out by subcontractors or partners in third countries. To provide you with the Service, we, or partners processing data on our behalf, may process your personal data outside the EU/EEA and Singapore. Where your personal data is transferred outside these jurisdictions, we ensure that appropriate safeguards are in place to protect your data. These safeguards include, where applicable, the EU Standard Contractual Clauses (SCC), Binding Corporate Rules (BCR), or other measures that provide a level of protection essentially equivalent to that required under applicable data protection laws, including the EU General Data Protection Regulation and the Singapore Personal Data Protection Act 2012. We also enter into confidentiality and data processing agreements with all partners to ensure compliance with high standards of confidentiality, data protection, and privacy and security best practices. For further information, please contact us.

       

      7. How we protect your data

      Securitas takes appropriate technical and organizational measures to protect your personal data. Securitas is constantly working to protect your personal data from accidental or unlawful destruction, loss or alteration, unauthorized disclosure of, or unauthorized access to the personal data transferred, stored, or otherwise processed by Securitas.

       

      8. Your rights

      Securitas respects your integrity and your rights under relevant legislation related to the processing of personal data. You have the following rights which you can exercise depending on the context.

      We have the right to request additional information in order to confirm your identity and ensure the request originates from you before fulfilling your request.

      Details of your rights are covered below:

      · right to information about how your personal data is used,

      · right to access your personal data,

      · right to rectify your personal data if inaccurate or incomplete,

      · right to have your personal data deleted in certain circumstances (i.e. the right to be forgotten),

      · right to restrict processing of personal data in certain circumstances,

      · right to data portability in certain circumstances (i.e. to receive a copy of your personal data in a commonly used electronic format),

      · right to object to processing of personal data in certain circumstances, including where personal data is used for marketing purposes such as direct marketing and related profiling, processing personal data based on legitimate interests,

      · right not to be subject to automated decisions which is based on automated processing where the decision will produce a legal effect or a similarly significant effect on you.

      To exercise your rights, don't hesitate to get in touch with your local Securitas entity or for the details of the relevant personal data protection authority to lodge a complaint.

      9. Changes to this General Privacy Notice

      We reserve the right to change this General Privacy Notice. If we make any significant changes to this General Privacy Notice, we will notify you by displaying a notice on our Securitas website or by communicating to you directly. Please note that pure editorial or similar minor changes will not prompt specific information.

      This General Privacy Notice was last updated on: 9th January 202

      • Name:
        _ga
        Name:
        _gat
        Name:
        _gid
      • Name:
        ai_session
        Name:
        ai_user
      • Name:
        ARRAffinity
      • Name:
        __cfuid
      • Name:
        CookiesAccept
      • Name:
        EPiForm_{FormGuid}:{Username}
        Name:
        .EPiForm_BID
        Name:
        .EPiForm_VisitorIdentifier
      • Name:
        EPI-MAR-<Content GUID>
      • Name:
        ASP.NET_SessionId