Control iD Privacy Policy for U.S. Customers and Users

Last Updated:  June 3^rd, 2024

Section 1 – GENERAL PRIVACY POLICY

This Privacy Policy applies to CONTROLID INDÚSTRIA, COMÉRCIO DE HARDWARE E SERVIÇOS DE TECNOLOGIA LTDA, an ASSA ABLOY Group company, (collectively "Control iD”, "we", or “us”) and is only applicable to Control iD customers and users located in the United States. 

This Privacy Policy describes the Personal Information that we collect about you through your use of Control iD websites, products, services, programs, applications, online stores, and related transactions as described in the “How Does Control iD Use Your Personal Information?” section below (together “Control iD Services”). 

Your use of Control iD Services signifies your acceptance of the Privacy Policy.

What Personal Information Does Control iD Collect?

Through your use of Control iD Services, we collect Personal Information from you, which is individually identifiable information about an individual consumer.  You may choose not to provide some Personal Information, however, we may not be able provide Control iD Services, including processing orders, providing services, and completing transactions. 

We may collect the following types of Personal Information:

• Information you voluntarily provide to us such as:
• first and last name, title, address, email address, and phone number;
• login account information to log into your account, send inquiries, feedback, or otherwise interact with us;
• biometric information;
• corporate and financial information;
• purchase history;
• credit history information; and
• any other identifier that permits the physical or online contacting of a specific individual.

 

·       Information collected automatically through your use of Control iD Services such as:

o   Usage information:  such as the pages on the sites you access, the frequency of access and what you click on while on the sites;

o   Device information:  information about the device you are using, including hardware model, operating system, application version and browser;

o   Mobile device information:  when using Control iD Services on your mobile device, information about whether you are using a mobile device or tablet, device type and carrier; and

o   Location information:  information such as IP addresses and geolocation information, location of your device or computer, version and time zone settings.

 

·       Information From Other Sources:  We collect information from other sources, such as Shopify, Google, LinkedIn and Facebook, to help us update and analyze our records and to identify new customers.  If your Personal Information is shared to us by other sources, we advise you to check the privacy policy and cookies policy of any such sources before providing your information to them.

How Does Control iD Use Your Personal Information?

Control iD uses your Personal Information to provide Control iD Services to you, to develop and improve Control iD Services, for certain business-related purposes, and to protect legal rights – except as otherwise notified at the point of collection.  We may use your Personal Information for:

·       Account creation:  to set up an account, to provide customer support and training, and communicate with you about the use of Control iD Services.

·       Sales orders and delivery of Control iD Services:  to process orders for and deliver Control iD Services, including communicating with you, processing payments, providing support and service for Control iD Services, and sending promotional offers.

·       Improving Control iD Services:  to analyze and improve the performance and effectiveness of Control iD Services.

·       Product registration and warranty:  to register and track warranty information and communicate with you for registration and warranty purposes.

·       Communicate with you:  to communicate with you about Control iD Services (e.g., by phone, email, chat).

·       Marketing purposes:  to send marketing communications about Control iD Services and events, to respond to inquiries, and to display interest-based ads for Control iD Services that might be of interest to you.  We do not use information that personally identifies you to display interest-based ads. 

·       Sweepstakes and contests:  to enter you into sweepstakes and contests if you choose to enter into sweepstakes and contests.

·       Surveys and polls:  to obtain information from you for market research purposes if you choose to participate in surveys and polls.

·       Fraud prevention:  to detect fraud and abuse to protect the security of Control iD and its systems, including Control iD Services, our customers and others.

·       Legal obligations:  to comply with legal obligations such as the prevention, detection, or investigation of a crime, to verify identity, to meet our internal and external audit requirements, for information security purposes, or as we believe to be necessary or appropriate to comply with applicable laws, and to respond to regulatory, law enforcement and other legal inquiries.

What Information Does Control iD Collect and Process for Cookies?

We use cookies and other identifiers to enable our systems to recognize your browser and to provide and improve Control iD Services.  You may limit the collection of cookies on our sites, however, you may not be able to fully use the available Services.  For more information about how cookies are handled, please read the Cookies Notice available on the individual Control iD website with which you are interacting.

Does Control iD Share Your Personal Information?

We share your Personal Information to global ASSA ABLOY affiliates and other third parties as described below that follow practices at least as protective as those described in this Privacy Policy.

·       Within the global ASSA ABLOY Group.  ASSA ABLOY is a global company with offices and locations around the world.  Functional and operational support may be provided by other ASSA ABLOY Group companies and your Personal Information may be shared within and processed by the global ASSA ABLOY Group companies to provide Control iD Services, to fulfill orders, for account administration, to facilitate sales and marketing initiatives, for customer and technical support, and to promote business and product development.  The global ASSA ABLOY Group companies are not permitted to share or use your Personal Information for any purpose other than to provide services to Control iD.

·       With Service Providers.  We engage service providers around the world and your Personal Information may be shared to them when necessary to fulfill the services they provide to us such as software, system, and platform support; direct marketing services; payment processing; cloud hosting services; advertising; data analytics; order fulfillment and delivery, and for compliance and audit purposes.  Our service providers are not permitted to share or use your Personal Information for any purpose other than to provide services to Control iD.

·       With Independent Sales Agencies and Distribution Partners.  We have relationships with independent sales agencies and distribution partners to provide Control iD Services to you, deliver Control iD products to you and to fulfill orders.  The independent sales agencies and distribution partners are not allowed to share or use your Personal Information for any purpose other than to provide services to Control iD.

·       With Third Parties for Legal Reasons.  We will share your Personal Information when we believe we are legally required to, such as: 

o   under applicable law or legal process;

o   to protect our rights, users, systems and Control iD Services;

o   as part of an investigation of unlawful conduct; to comply with requests from government agencies, including law enforcement and other public authorities, which may be outside your country of residence; and

o   in the event of a change of business structure (e.g., merger, sale, restructure, acquisition).

How is Your Personal Information Secured?

We maintain physical, electronic, and procedural safeguards and features in connection with the collection, storage and disclosure of Personal Information.  In your use of Control iD Services, we take reasonable steps to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction.  Control iD trains employees on its information security policies and guidelines and makes them available to its business partners as necessary.  In addition, Control iD and its business partners enter into confidentiality agreements that require that (i) care and precautions be taken to prevent loss, misuse, or disclosure of Personal Information and (ii) any service providers only use Personal Information to perform services on behalf of Control iD.

How Long Do We Keep Your Personal Information?

Control iD retains Personal Information for a period of time determined by the type of Personal Information and the business purpose for retaining it, along with applicable legal requirements.  The retention periods also take into account the expectations and requirements of our customers, business partners, service providers, suppliers and others who share their Personal Information with us.  When we no longer need Personal Information, we securely delete or destroy it. 

Opting Out of Marketing Emails

To opt out of marketing emails, you can use the unsubscribe link found in the email communication you received from us.  You may also use the “Contact Us” option within the relevant service to opt out and elect not to receive further emails from us.  Please provide the name of Control iD Service or email address from which you are receiving communications.

Targeted Advertising

We may use cookies and other technologies on our websites to collect information about your online activities over time and across different websites you visit in order to provide you with internet-based advertising.  You can generally opt out of receiving interest-based advertisements from members of the Network Advertising Initiatives or the Digital Advertising Alliances by visiting their opt-out pages.  When you opt out using those links, please note that you may still receive advertisements, although they will not be personalized based on your interests.

“Do Not Track” Signals

Some internet browsers incorporate a “do not track” feature that signals to websites you visit that you do not want to have your online activity tracked. We are unable to respond to Do Not Track requests at this time because our platforms are not currently configured to detect such signals.

Google Analytics

We may use Google Analytics to collect and process information about your use of Control iD Services.  Google uses this information to provide reports to us so that we better understand and measure how users interact with Control iD Services.  To learn more about how Google uses data, visit Google's Privacy Policy and Google’s page on "How Google uses data when you use our partners' sites or apps."  You may download the Google Analytics Opt-out Browser Add-On for each web browser you use, but this does not prevent the use of other analytics tools.  To learn more about Google Analytics cookies, visit Google Analytics Cookie Usage on Websites.

Children’s Privacy

We do not provide Control iD Services to children.  This website is not intended for anyone under the age of 18.  We do not knowingly collect Personal Information from children under the age of 16 without the consent of the child’s parent or guardian.

Changes to this Privacy Policy

Control iD reserves the right to change or update this Privacy Policy at any time.  Revisions will be posted to this website along with the date the policy is posted and in effect.  When visiting our website, please be sure to review the Privacy Policy, which may have changed.  Your continued use of Control iD Services after any posted revision indicates your consent to our use of your Personal Information in accordance with any revised and posted Privacy Policy.

How to Contact Control iD:

Click here (https://www.privacy.assaabloydss.com/en/do-not-sell-my-personal-information) for our interactive data subject inquiry web form.

 

ASSA ABLOY/Control iD

Data Privacy Manager

110 Sargent Drive

New Haven, CT  06511

privacy.americas@assaabloy.com

1-833-648-0107

 

SECTION 2 - U.S. STATE-SPECIFIC PRIVACY DISCLOSURE

 

Certain U.S. states provide you with rights to your Personal Information.  This disclosure is made in compliance with applicable U.S. state laws, supplements the information in Section 1 above, and applies solely to residents of California, Colorado, Connecticut, Utah, Virginia, Tennessee, Texas, Montana, Oregon, Indiana, Iowa and other U.S. states with similar data protection laws who utilize ASSA ABLOY Services (“Data Subjects”), as required by applicable laws.

 

Additional Information About the Collection and Processing of Your Personal Information

 

·       We do not sell your Personal Information.

·       We do not sell or share Personal Information of consumers under the age of 16.

·       We do not use or disclose Sensitive Personal Information for purposes other than listed below.

 

During the last 12 months, we collected and processed the following General Personal Information and Sensitive Personal Information:  

 

General Personal Information Collected	Source from which it is collected	Purpose for collection	Categories of Third Parties to whom it may be disclosed
Identifiers, such as name, postal address, email address, phone number, account information, customer number or other similar identifiers.	·  Consumers ·  Customers/Clients ·  Business Partners ·  Third-party companies such as service providers or website marketing partners	·  Provide ASSA ABLOY Services ·  Enhancing algorithms and analytics to improve ASSA ABLOY Services and enhance user experience. ·  Monitoring and maintaining the security and functionality of ASSA ABLOY Services and systems. ·  Communicating information to customers, clients and consumers such as newsletters, promotions, contests, account information, event registrations, contests and sweepstakes, and products/services information, including from our brands, subsidiaries and affiliates. ·  Service providers that verify identity and provide credit check information. ·  For compliance and legal obligations, and to exercise our legal rights.	·  Service providers such as website marketing partners and others that help transact ASSA ABLOY Services. ·  Business partners including independent sales agencies and distribution partners ·  ASSA ABLOY Group companies (global) ·  Advertising Networks such as technology partners that collect website usage details using cookies, web beacons and similar technology.
Internet or network activity information, such as browsing and search history; information about interactions with websites, applications or advertisements; cookies, beacons, pixel tags, mobile ad identifiers or similar technology; and IP addresses.	·  Consumers ·  Customers/Clients ·  Site users ·  Business Partners ·  Third-party companies such as service providers or website marketing partners	·  Provide ASSA ABLOY Services ·  Enhancing algorithms and analytics to improve ASSA ABLOY Services and enhance user experience. ·  Monitoring and maintaining the security and functionality of ASSA ABLOY Services and systems. ·  Communicating information to customers, clients and consumers such as newsletters, promotions, contests, account information, event registrations, contests and sweepstakes, and products/services information, including from our brands, subsidiaries and affiliates. ·  For compliance and legal obligations, and to exercise our legal rights.	·  Service providers such as website marketing partners and others that help transact ASSA ABLOY Services. ·  Business partners including independent sales agencies and distribution partners ·  ASSA ABLOY Group companies (global) ·  Advertising Networks such as technology partners that collect website usage details using cookies, web beacons and similar technology.
Inferences drawn from any of the Personal Information, such as a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligences, abilities, and aptitude drawn from purchase or browsing history.	·  Consumers ·  Customers/Clients ·  Business Partners ·  Third-party companies such as service providers or website marketing partners	·  Provide ASSA ABLOY Services ·  Enhancing algorithms and analytics to improve ASSA ABLOY Services and enhance user experience. ·  Monitoring and maintaining the security and functionality of ASSA ABLOY Services and systems. ·  Communicating information to customers, clients and consumers such as newsletters, promotions, contests, account information, event registrations, contests and sweepstakes, and products/services information, including from our brands, subsidiaries and affiliates. ·  For compliance and legal obligations, and to exercise our legal rights.	·  Service providers such as website marketing partners and others that help transact ASSA ABLOY Services. ·  Business partners including independent sales agencies and distribution partners ·  ASSA ABLOY Group companies (global) ·  Advertising Networks such as technology partners that collect website usage details using cookies, web beacons and similar technology.
Commercial information, such as purchasing history (actual and potential), payment information, transaction history or purchasing or consuming histories or tendencies.	·  Consumers ·  Customers/Clients ·  Site users ·  Business Partners ·  Third-party companies such as service providers or website marketing partners	·  Provide ASSA ABLOY Services ·  Enhancing algorithms and analytics to improve ASSA ABLOY Services and enhance user experience. ·  Monitoring and maintaining the security and functionality of ASSA ABLOY Services and systems. ·  Communicating information to customers, clients and consumers such as newsletters, promotions, contests, account information, event registrations, contests and sweepstakes, and products/services information, including from our brands, subsidiaries and affiliates. ·  For compliance and legal obligations, and to exercise our legal rights.	·  Service providers such as website marketing partners and others that help transact ASSA ABLOY Services. ·  Business partners including independent sales agencies and distribution partners ·  ASSA ABLOY Group companies (global) ·  Advertising Networks such as technology partners that collect website usage details using cookies, web beacons and similar technology.

 

Sensitive Personal Information Collected	Source from which it is collected	Business or Commercial Purpose for collection (as defined above)	Categories of Third Parties to whom it may be disclosed
Geolocation data	·  Consumers ·  Customers/Clients ·  Site users	·   Provide ASSA ABLOY Services.	·  Service providers ·  ASSA ABLOY Group companies (global)
Biometric Information such as fingerprints, faceprints and voiceprints, iris or retina scans, or other physical patterns.	·  Consumers ·  Customers/Clients ·  Business Partners	·  Provide ASSA ABLOY Services.	·  Service providers ·  ASSA ABLOY Group companies (global)

 

Individual Rights Afforded by Some U.S. State Laws

 

Data Subjects may have the following rights regarding their Personal Information:

 

1.     Right to Know:  The right to know what Personal Information we process about you, including the categories of Personal Information collected, the categories of sources from which your Personal information is collected, the business or commercial purpose for collecting it, the third parties to whom we disclose your Personal Information, and the specific pieces of your Personal Information that we have collected.

 

2.     Right to Correct:  The right to request that we correct your Personal Information if you believe it is inaccurate.

 

3.     Right to Delete:  The right to request that we delete your Personal Information.

 

4.     Right to Not Receive Discriminatory Treatment:  The right to exercise your rights as described herein without any resulting discriminatory treatment, including retaliation.

 

Please note that these rights might be limited under the applicable data protection laws.  ASSA ABLOY/Control iD remains the point of contact for your exercise of these rights.  Certain U.S. states allow for an appeal of a denied request; if your request is denied and the law of your state of residence allows for an appeal, we will provide you information on how to file an appeal.

 

Identity Verification

 

We cannot respond to requests or provide Personal Information if we are unable to verify your identity or your authority to make a request and confirm that the Personal Information relates to you.  Depending on the type, sensitivity, and value of the Personal Information, the risk of harm posed by any unauthorized access or deletion, the likelihood that fraudulent or malicious actors may seek the information, whether the identity verification process is sufficiently robust to protect against fraudulent requests or being spoofed or fabricated, the nature of the transaction between you and ASSA ABLOY, and available technology for verification, our verification process may include using existing authentication practices or matching two or three additional data points, and may also include submitting a declaration.  Personal Information provided for identity verification will only be used to verify your identity or authority to make the request. 

 

How to exercise these rights

 

If you or your Authorized Agent wish to exercise any rights applicable to you as outlined in this U.S. State-Specific Privacy Disclosure, or if you have any questions concerning this Privacy Policy, you may:

 

Click here (https://www.privacy.assaabloydss.com/en/do-not-sell-my-personal-information) for our interactive data subject inquiry web form.

 

or contact us:

ASSA ABLOY/Control iD

Data Privacy Manager

110 Sargent Drive

New Haven, CT  06511

privacy.americas@assaabloy.com

1-833-648-0107

 

Requests must include sufficient information that allows us to reasonably verify that the requestor is the person about whom the Personal Information is collected and describe the request with sufficient detail that allows us to properly understand, evaluate and respond to it.  Please include:

·       Personal Data Inquiry in the subject line;

·       Your full name, address and contact telephone number;

·       Any information used by Control iD to identify or distinguish you from others of the same name (account numbers, unique ID’s, etc.); and

·       Details of the specific information you require, any relevant dates, and the action you wish Control iD to perform with respect to your Personal Information.

 

The above Personal Information you provide is necessary in order to fulfill your request and for Control iD to verify your identity and Personal Information we have about you.  If using an Authorized agent, and depending on the nature of the request, we may require proof that you gave the agent signed permission to submit the request.  We may require you to directly verify your identity and confirm that you have provided the agent with permission to submit the request. 

 

In case of complaints, you have the right to lodge a complaint with the competent supervisory authority, for example, the Attorney General in your state of residence.