Abode Home Security Platform Privacy Policy
Introduction
Kings Security Systems Limited (referred to as “we”, “us” or “our” in this Privacy Policy) is the controller of the personal data we collect about you when you sign-up to our Abode home security platform.
This Privacy Policy tells you about how and why we collect and use the personal data which you provide to us or which we collect about you. We are committed to protecting your personal data and respecting your privacy in accordance with applicable laws.
We want you to be fully informed about how we use your data, how we keep it secure and your rights.
We trust this Privacy Policy will answer any questions you have, but if not, please get in touch with us using the contact details provided at the end of this Privacy Policy.
We may need to update this Privacy Policy from time to time by updating this page. We will notify you of any significant changes, but would encourage you to come back and review it from time to time.
Ensuring the Lawful Use of your Data
We will only use your personal data where we have a lawful basis to use it. We will usually only use your data where it is necessary for us to perform our contract with you (for example, to provide you with services you have requested), or in a way which might reasonably be expected as part of running our business and which does not materially impact your interests, rights or freedoms. For example, we might use your personal data to allow us to improve our platform/services. Please contact us at support@abode.co.uk if you would like further information about this.
We may sometimes need to use data to comply with our legal obligations (for example, to pass on details of people who are involved in fraud).
In some cases we will ask for your consent to use your data, for example, where you agree to receive marketing from us by signing up to our newsletter.
Further details of how we will use your personal data are provided below.
How we use your information
When you subscribe to our Abode platform we will gather and process your personal data. The data we collect and how we use it will depend on which subscription package you choose.
The data may be provided directly by you, [or a keyholder]. Where you provide personal data relating to another person, such as a keyholder, you must ensure that we have a lawful basis to process that data and you must make them aware of the information in this Privacy Policy.
Subscription packages (more information is available at www.abode.co.uk :
Basic: We will provide you with an Abode, access to the Abode platform and app and you can use to manage and control your system
Intermediate – we will provide you with all features of the basic plus video cloud video storage for a single camera. Where Monitoring is added we will monitor the system in the event of activation.
Advanced – in addition to the intermediate service monitoring is included when armed and you will have access to storage for up to 10 cameras
Category of personal data | Purpose for processing | Legal Basis |
Your name, telephone number and email address | We will use these details to: - Process your order, deliver the equipment that you have purchased as well as for customer relations and maintenance purposes. - Support/enable you to use the Abode platform. - Contact you, a nominated keyholder or the emergency services in the event of any activation of an alarm where you have subscribed to a monitoring service. - Send you invoices, notifications of alarm incidents and reports, at your request. - Where you have provided your consent, send you communications updating you on products or services. | Performance of contract. - Performance of contract/legitimate interests. - Consent |
Address of protected premises | Respond to any activations or to send you equipment. | Performance of contract. |
The name, telephone number and email address of any Keyholders or contacts/users that you add to the system | Contact in the event of an activation (Where a monitored subscription/service is purchased). | Performance of contract. |
Payment details and details of your transactions | Collect the recurring fees or any adhoc fees linked to the subscriptions/services that you procure, to respond to any payment queries you may have and for fraud prevention and detection. | Performance of contract/legitimate interests. |
Applicable depending on the level of service you have purchased:
Category of personal data | Purpose for processing | Legal Basis |
Video Images | Where a monitoring subscription/service is purchased to process images from your premises in order to protect against, deter from and detect crime. We will only review images when an alarm is activated. Access to stored images is restricted to those who require access to fulfil contractual duties only. |
|
Technical Data
Category of personal data | Purpose for processing | Legal Basis |
Information collected when you use our platform including your IP address, device type, which pages you visit and how long you spend on each page. | To improve our products and services. | Legitimate interests to develop our business, improve our platform and to inform our marketing strategy. |
These will be stored in the system to enable you to use the Abode App or MyAbode portal to manage the system. | Performance of contract. |
| Audio recordings | Where a monitoring subscription/service is purchased to process recordings from your premises in order to protect against, deter from and detect crime. We will only review recordings when an alarm is activated. Access to recordings are restricted to those who require access to fulfil contractual duties only.
These will be stored in the system to enable you to use the Abode App or MyAbode portal to manage the system. | Performance of contract. |
You do not have to provide us with any personal data, but if you do not provide us with certain data, such as your contact details and payment details, we will be unable to provide you with our services.
Your data will only be kept for as long as it is required for the purposes described in this Privacy Policy in line with our data retention and destruction policy and statutory and regulatory requirements. You can request a copy of any of our security policies at any time by contacting compliance@kingsltd.co.uk, or alternatively use our ‘contact us’ section below.
Recipients of data
In order to achieve the purposes set out above, we may share your data with trusted third parties, including those who provide the following services:
Payment processors.
IT and technical support providers.
Marketing support providers.
Cloud providers.
We have privacy agreements in place with all our suppliers and have a rigorous selection process to ensure your data is protected at all times.
Abode Systems Inc.
We have partnered with Abode Systems Inc. who will host and manage the Abode home security platform on our behalf and provide technical support where necessary.
Alarm and Video Monitoring
We use a platform called Sentinel to monitor your Abode system. This database holds the
information of the protected property and recorded keyholder information as detailed in section 3 of this policy. The database is stored on a local server on Kings’ premises and any unauthorised access is not permitted. Any data we store is limited to what is necessary for the fulfillment of your contract.
We may also share your personal data:
In connection with a business transition (such as a merger, acquisition by another company, or a sale of all of or portion of our assets). In these circumstances, we may need to share your personal data with a prospective buyer and external professional advisors such as accountants, insurers, lawyers or financial institutions.
Where we have a duty or a legal obligation to do so, such as with the police, administrative authorities, other enforcement, regulatory or Government bodies, or in order to enforce or apply any agreements which we enter into with you.
International Data Transfers
Abode Systems Inc. will process your personal data in the US, which is outside the European Economic Area (“EEA”). Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it as within the EEA by ensuring that adequate safeguards have been implemented (such as entering into Standard Contractual Clauses with the recipient of the data), unless a specific derogation applies or the recipient country has been deemed to provide an adequate level of protection for personal data by the European Commission:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Cookies
We also use “cookies” and similar applications to evaluate the use of our platform and improve the experience of visitors to it.
A cookie is a small file that is placed on your computer’s hard drive. The cookie helps to analyse web traffic or remembers you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Security
We are committed to ensuring that your personal data is secure and we have put in place suitable organisational and technical measures to protect your personal data from loss, theft, unauthorised use, disclosure or modification. We are externally audited to ISO 27001, the international standard of approval for Information Security Management Systems and all Kings personnel with access to personal data are security screened to BS 7858 as a minimum. Additional security clearance is in place for some employees at customer’s specification.
In addition, we have appropriate measures in place to make sure that the personal data it retains is accurate and up-to-date.
Links to other websites
Our platform may contain links to other websites. However, once you have used these links to leave our site, you should note that we may not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Your rights
Under the Acts, you have the following rights in relation to the personal data which we hold about you, which you can exercise by contacting us using the details provided in Section 10 of this Privacy Policy:
The right to be informed – this privacy policy outlines how and why we process your data.
The right of access – you may request a copy of all of your personal data held by Kings at any time.
Right to rectification – if you believe any data we hold is incorrect you may request that we update it.
Right to erasure – you have the right to request your information be erased in certain circumstances.
Right to restrict processing – this enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to data portability – this enables you to obtain a copy of your personal data in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller.
Rights related to automated decision making – we do not use automated decision-making.
Right to withdraw consent – where we rely on consent to process your personal data, you have the right to withdraw your consent at any time.
Right to Object
Where we are processing your personal data on the basis of our legitimate interests, you can ask us to stop processing it and we must do so unless we believe we have an overriding legitimate reason to continue processing your personal data or we need to process it for the establishment, exercise or defence of legal claims.
You also have the right to object where we are processing your personal data for direct marketing purposes.
Contact Us
If you wish to exercise your rights, have a complaint or any questions about how we process your personal data you can contact us using the following details: support@goabode.co.uk, or our registered Head Office address: 4 St Dunstans Technology Park, Bradford, BD4 7HH, alternatively call 0330 678 0635 and ask to speak to the Compliance Team.
Complaints
If you are unhappy about how your personal data has been used, please contact us using the details provided in the ‘Contacting Us’ section above. You also have a right to complain to the supervisory authority, which in the United Kingdom is the Information Commissioner's Office https://ico.org.uk/, which regulates the processing of personal data.
This Privacy Policy was last updated on 31 July 2020.
Definition of Data Protection Terms
The ‘Acts’ means the UK Data Protection Act 2018 and the General Data Protection Regulation 2016/679, as may be amended, updated or replaced from time to time.
Data is recorded information whether stored electronically, on a computer, or in certain paper-based filing systems.
Data subjects for the purpose of this policy include all living individuals about whom Kings holds personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal data.
Personal data means data relating to an identified or identifiable living individual. Personal data can be factual (such as a name, address or date of birth) or it can be an opinion (such as a performance appraisal). It can even include a simple e-mail address.
Controllers are the people or organizations who determine the purposes for which, and the manner in which, any personal data is processed. They have a responsibility to establish practices and policies in line with the Acts.
Data Users include employees whose work involves using personal data. Data Users have a duty to protect the information they handle by following the company’s data protection and security policies at all times.
Processors include any person who processes personal data on behalf of a data controller. Employees of data controllers are excluded from this definition but it could include suppliers which handle personal data on the company’s behalf.
Processing is any activity that involves use of the data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.
Special Category Personal Data means information about a person's racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, physical or mental health or condition or sexual life.
Bob Forsyth
Chief Executive Officer