Integrity Policy

At Securitas Sverige AB, we care about your personal integrity. Your everyday security and data protection are important to us. We want to be open about how and when we use your personal data. This integrity policy establishes and provides you with simple and clear information about how we process and protect your personal data in our business operations.

Processing conducted by Securitas as personal data controller
Official reporting


Why does Securitas use your personal data and on what legal basis?
Securitas, which carries out guarding services on behalf of its customers, serves as controller for the processing of personal data that occurs during the execution of services carried out by its personnel, and the manner in which security personnel or personnel with a certain position within the security company are to process personal data is specifically prescribed by law or other regulations. One example of such a situation is when a guard, during the course of his or her security work, suspects or becomes aware that a crime which falls within the domain of public prosecution and may result in imprisonment is being committed against the object which the security service is intended to protect. The same applies to security services in a control center or when a guard arrests a person with the support of the law. Processing is carried out because it is necessary for implementing a legal obligation.


What categories of personal data are processed?
Name, personal identity number and address, if this information is known.


Who is permitted to access your personal data?
The police and other public-sector authorities specified by law as well as the customer of the security assignment are permitted to access the information.


How long is your personal data saved by Securitas?
Securitas does not store your information any longer than is necessary to be able to report the information and demonstrate compliance with the regulations by law. As soon as the information has been submitted to the authority, Securitas erases the information and retains only information about the incident, as long as Securitas does not require the information for future evidence. Reporting made via the control center, for example, must be saved for at least one year as it is required for maintaining a journal in accordance with applicable certification and the law.

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests. You can do this by contacting us at dpo@securitas.se. Securitas may nonetheless continue to process your data if Securitas can demonstrate that there are compelling legitimate interests that weigh heavier than your interests in not processing the data or if Securitas needs to retain the data to exercise or defend legal claims. 


Control center services for private individuals


Why does Securitas use your personal data and on what legal basis?
Securitas needs the data to manage the service it provides and to address incoming alarms on behalf of you as the customer. Or perhaps you are the customer’s contact person or report receiver. The legal basis for the use of your personal data is that processing is necessary to fulfill the agreement with you or, if the contract is not with you, there is a legitimate interest on the part of a third party with which Securitas has entered an agreement.    

What categories of personal data are processed?
Name, object and address. Image material.

Who is permitted to access your personal data?
Alternative control center according to applicable rules and Securitas employees.

How long is your personal data saved by Securitas?
Image material is stored in accordance with applicable laws and other personal data is stored for up to 13 months.

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests. However, it is important to note that Securitas is obligated by law to store audio recordings and journals for a certain amount of time according to regulations with which Securitas will comply when there are compelling legitimate grounds that weigh heavier than the interests of the data subject.


Other guarding services


As a rule, Securitas’ customers serve as personal data controllers for the actions taken by Securitas when carrying out guarding services and when Securitas provides its customers with technical security equipment as part of the service. Securitas then assumes the role of personal data processor. Accordingly, it is best to our customers if you want to know more or receive information.


Visitors to Securitas office premises


Why does Securitas use your personal data and on what legal basis?
Securitas needs your personal data to manage your visit and to be able to prepare an evacuation list or help you in some other way in the event of a fire, an accident or another sudden, unforeseen incident. Securitas has a compelling legitimate interest to have control over the individuals present in the premises.

What categories of personal data are processed?
Name, telephone number and, where appropriate, company name, which is considered personal data if the company in question is a sole proprietorship.

Who is permitted to access your personal data?
Employees of Securitas or the Securitas AB Group who manage your visit or whom you intend to visit.  The County Administrative Board, which is the supervisory authority for security services companies, may also access your personal data. The data may also be processed by a third party that provides the visitor system, but only for the purpose of improving the service or providing support.

How long is your personal data saved by Securitas?
Your data is stored for up to 12 months, after which it is automatically erased from the system.

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests by contacting dpo@securitas.se. Securitas may nonetheless continue to process your data if Securitas can demonstrate that there are compelling legitimate interests that weigh heavier than your interests in not processing the data or if Securitas needs to retain the data to exercise or defend legal claims. Contract management, including administration before, during and after contract management.

Why does Securitas use your personal data and on what legal basis?
Securitas processes contact information and other personal data required to prepare, sign, manage, deliver, receive or follow up contracts with you or the company by which you are employed or work for as a consultant. If the contract is with you as a private individual, the legal basis for processing is that it is necessary to fulfill the contract to which you are party. For other contracts, the legal basis is that both Securitas and the company you represent have a legitimate interest in processing the data to enable both the transaction and the obligations relating to the transaction which are presented in the contract between the parties.

What categories of personal data are processed?
Securitas processes the data subject’s name, telephone number and e-mail address for processing operations in which the data subject itself is not party to the contract.
If you are an authorized signatory, we may also process your personal identity number to confirm your identity and that you are entitled to sign contracts. There are also cases in which we obtain personal data through company credit assessments to check who is an authorized signatory for the customer. For processing in which the customer is party to the contract, the following categories are also processed: customer number, order number, contract number and encrypted credit card information.

Who is permitted to access your personal data?
Recipients of the data may include subcontractors who are to perform the services, Securitas employees who require the data to manage contracts relating to services or products, and customers who are affected, for example, if you represent a supplier. Your data is not provided to third parties for marketing purposes.

How long is your personal data saved by Securitas?
Your personal data is stored as long as the contractual relationship continues or until we receive a message that you have ceased to be employed by Securitas’ contractual partner. If there is data in our business system, we will remove the data as soon as you have informed us that we are not to process your data. In certain cases, Securitas is obligated by law to retain your personal data since it appears in a supporting document for accounting purposes or forms part of a contract. Whenever your personal data appears in bookkeeping documentation, the data is stored in accordance with accounting rules. 

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests by contacting dpo@securitas.se. Securitas may nonetheless continue to process your data if Securitas can demonstrate that there are compelling legitimate interests that weigh heavier than your interests in not processing the data or if Securitas needs to retain the data to exercise or defend legal claims.

Securitas employees and employee contact persons


If, as an employee, you want to know how Securitas processes your personal data, refer to Securitas’ internal control documents. The information below is for employee contact persons.

Why does Securitas use your personal data and on what legal basis?
As an employee contact person, your personal data is used to enable us to contact you if something happens to the employee or if another sudden and unforeseen incident occurs and we determine that the employee’s contact person needs to be contacted to assist the employee in the situation. The data is obtained from the employee or from you as a relative. As an employee contact person at Securitas, you will be informed when and if we process your data since the employee has provided us with the data.

What categories of personal data are processed?
Name, address and telephone number.

Who is permitted to access your personal data?
The Securitas employee and other authorized personnel at Securitas. Data may also be provided to a third party, such as a public authority, for example, in the event of an accident.

How long is your personal data saved by Securitas?
Your personal data will be stored for as long as the employee remains employed or until you inform us that you no longer want to be the contact person for the employee.

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests by contacting dpo@securitas.se. If, as an employee contact person, you do not want to have your data processed by us, we will naturally comply with your request and erase the data, as long as Securitas, as an exception, does not need to retain the data to exercise or defend legal claims. Telephone calls to and from the control center and contact center

Why does Securitas use your personal data and on what legal basis?
Securitas uses your data to perform services in the control center and when either you or the control center personnel have been in contact by telephone.
Securitas’ legal grounds rest on a necessary legal obligation since security companies with an authorized control center are specifically required by law to be certified in accordance with the Swedish Theft Prevention Association’s rules for control centers, SSF 136:4 (“the regulatory framework”). According to the regulatory framework, Securitas is obligated to have special voice registration equipment and to document incoming and outgoing calls.

What categories of personal data are processed?
Audio files and logs (telephone number, object and time).

Who is permitted to access your personal data?
Only authorized personnel employed by Securitas Sweden. 

How long is your personal data saved by Securitas?
Audio files are stored by us for 13 months before they are automatically erased from the system.

Other information
When you call us or we call you, we provide no information about us recording the call. This is because we have deemed that we do not want to extend the response time or the contact time with you as a customer, since we mainly handle calls regarding alarms that require some form of action in the shortest time possible.


Contact form


Why does Securitas use your personal data and on what legal basis?
Securitas processes your data to be able to respond and provide feedback to you regarding the question or questions you put to us.

What categories of personal data are processed?
Securitas processes your name, address, company, e-mail address, telephone number and other personal information that you provide on the contact form. 

Who is permitted to access your personal data?
Securitas employees.

How long is your personal data saved by Securitas?
E-mail addresses are erased continuously and stored as long as required for the purpose.


E-mail


Why does Securitas use your personal data and on what legal basis?
Securitas processes your data to be able to communicate with you on various matters. Our legal basis for processing your personal data is that, after considering the various interests at stake, we believe that we will need to process your personal data to be able to communicate with you regarding business that involves you, for example, when we are to sign a contract or address other matters on your behalf.

What categories of personal data are processed?
Securitas processes your name, address, telephone number, e-mail address and other personal information that you send to us by e-mail. We do not want you to send us data of a sensitive nature.

Who is permitted to access your personal data?
Securitas employees and other parties that we need to provide with information to be able to help you with your inquiry.
 
How long is your personal data saved by Securitas?
E-mail addresses are erased continuously and stored as long as required for the purpose.

 
Rights as a data subject


What rights do you have as a data subject?
As a customer or supplier to us, you can request that incorrect data pertaining to you be corrected, that data be erased or that processing be restricted. In certain cases, you may also have the right to object to Securitas’ processing of your personal data and exercise your right to data portability.

Correcting and erasing personal data
If you, as one of our customers or suppliers, need to correct or erase the personal data we have registered for you, get in touch with our customer service or your contact person. Since we are established locally and have many different offices, we have many different points of contact. The easiest way to see who you should contact is to look at your invoice, which shows the telephone number for the relevant customer service office. You are entitled to request erasure of your data in the event that the data is no longer required for the purpose for which it was collected. However, there may be legal obligations that prevent us from erasing some of your data. For certain services, there may be a need for identification using your personal code.

Right to access
You are entitled to request information and access to the data relating to you that is being processed. If you want to request an extract from the register, please contact the data protection officer.

Right to object to processing of personal data
As a data subject, you are entitled to object to the processing of your personal data based on Securitas’ legitimate interests by contacting dpo@securitas.se. If you do not want to have your data processed by us, we will naturally comply with your request and erase the data, as long as Securitas, as an exception, does not need to retain the data to exercise or defend legal claims.

Right to data portability
If you have agreed to the processing of your personal data or specific categories of data and have provided these in a structured manner, you are entitled to request that the data be transferred to another personal data controller, provided that this is technically possible. At Securitas, we support the most common standard formats. To enable the transfer of data, the recipient must also be able to handle the standard format on transfer. Please also note that we do not store the data longer than necessary. For this reason, it is possible that your data no longer exists. Should you submit a request, we may also need to confirm your identity and may therefore ask control questions or request that you use your mobile BankID. If you wish to request that the processing of your personal data be restricted or exercise data portability, please contact the data protection officer.

Security of personal data
Securitas takes care to maintain a high level of security for the personal data that we process and employs appropriate technical and organizational measures to protect your personal data from unauthorized access. All personnel employed by Securitas undergo screening and are approved by the County Administrative Board. Obligations of secrecy apply to all employees.

Do you have any comments on how Securitas processes your personal data?
If you want to complain about how Securitas Sverige AB processes your personal data, please address your complaint in the first instance to our data protection officer (DPO). Describe your views or your complaints in an e-mail; state your name and telephone number – or your e-mail address if you prefer that we contact you that way. The e-mail address is: dpo@securitas.se.You also have the possibility to report Securitas Sweden’s personal data processing to the Swedish Data Protection Authority. There is a form on their website that you can complete and submit to them.

Contact information for the data protection officer (DPO)
If you wish to contact our data protection officer, send an e-mail to: dpo@secutitas.se
Changes to this Integrity Policy. This Integrity Policy may be changed from time to time by Securitas and we will ensure that the most recent version is always updated on Securitas’ websites.

Are you unable to find what you are looking for?
Do you have questions or thoughts relating to the General Data Protection Regulation (GDPR) and your personal data? Send an e-mail to dpo@securitas.se and we will help you.