Tower Security

New-TS-Logo
Book now

01 6292456

info@towersecurity.ie

New-TS-Logo

Privacy Policy

Introduction

1.1 This External Privacy Policy (‘Policy’) is used by Tower Security, legally registered in Dublin, Ireland. Tower Security can be reached via info@towersecurity.ie.

1.2 When using Tower Security, camera images are created. It is possible that natural persons will be identified based on this imagery or that this imagery can be used to identify someone. This type of data is called ‘Personal Data’. The persons that these Personal Data regard are called the ‘Data Subjects’.

1.3 The processing of Personal Data is governed by the General Data Protection Regulation (‘GDPR’). The GDPR prescribes how Personal Data must be treated.

1.4 There are various ways in which you as Data Subjects may interact with Tower Security. You may encounter our cameras because you live or work in an area where our cameras have been installed. This Policy is intended for all these Data Subjects and indicates how you can expect Tower Security to handle your Personal Data. Additionally, you are informed about where you can refer to if you have questions regarding your Personal Data.

1.5 Tower Security can change this Policy at any time. When this happens, the Policy will be published in a modified form on the website of Tower Security: Privacy Policy – Tower Security. In addition, this Policy can be requested via info@towersecurity.ie.

Processing of Personal Data by Tower Security 

2.1 Tower Security sells its products to clients, enabling them to secure the sites they are responsible for.
Tower Security creates camera images on behalf of the client. These images may show: 

2.1.1 Whether a Data Subject is present on the site;

2.1.2 When a Data Subject enters and leaves the site;

2.1.3 The physical characteristics of the Data Subjects;

2.1.4 Any possible physical defects of a Data Subject.

Operation of Tower Security

3.1 When Tower Security is deployed by a client, our product, also referred to as the ‘tower’, is installed visibly at the site. Various cameras are attached to this tower, filming the site for the benefit of the client. In this manner, Personal Data are processed automatically.

3.2 When the cameras perceive something that must be reported, Personal Data are sent to the client by Tower Security, or to a control room affiliated with Tower Security, depending on the arrangement with the client. Analysis of the imagery, and thereby of Personal Data, occurs, after which action is taken by the client where necessary.

Client

4.1 Tower Security always works for the benefit of a client who engages us for the security of a delimited area.

4.2 The client deploys Tower Security for purposes they establish themselves. The client also establishes the means themselves. That is why the client is the ‘data controller’ in the sense of the GDPR. This means that the client ultimately decides where, why, for how long, and when the cameras of Tower Security process Personal Data. It is also the party you must inform regarding the purposes chosen and the legal grounds for the processing of your Personal Data. We therefore advise you to review the privacy statement of the client.

4.3 Besides the client, Tower Security wants to inform you, as the ‘processor’ in the sense of the GDPR, how we take care of the protection of Personal Data. This document only applies as additional information to the information provided by the client.

4.4 Under the GDPR, a ‘data controller’ and ‘processor’ are obliged to conclude a processor agreement. In this agreement, Tower Security commits to comply with the provisions of Article 28 GDPR. This means, for example, that Tower Security follows the instructions of the client, observes the level of security that the GDPR requires, and removes Personal Data after the end of the processing for the benefit of the client or returns such and removes existing copies.

Grounds and Purposes

5.1 The GDPR prescribes that Personal Data may only be processed for well-defined, expressly described, and legitimate purposes. This is called the limitation of purpose.

5.2 The GDPR also prescribes that the processing is only lawful if there are legal grounds for such processing.

5.3 The establishment of the purpose of the processing and the establishment of the legal grounds is a task of the ‘data controller.’ As indicated, this is the client, who establishes the purpose of and means for the processing of Personal Data. Tower Security does not establish the grounds for the processing and does not determine the purpose either.

5.4 For most of our clients, the purpose is to secure a site. For most clients, the legal grounds are the necessity of processing Personal Data to defend the legitimate interests of the client or a third party.

5.5 For more information about the client relevant to you, the privacy statement of the client, and specific information about the purposes and legal grounds that the client has established, you can contact the client or consult their privacy statement. If you are unable to reach the relevant client, Tower Security can assist you. In that case, you can contact us via the contact details included in this Policy.

Retention and Transmission of Personal Data

6.1 Tower Security retains your Personal Data for as long as necessary to comply with the arrangements with the client. When Tower Security is subject to a legal obligation to keep Personal Data longer, we will do so.

6.2 Even though Tower Security creates imagery of the site, and these images may be usable for a different purpose, we do not provide these images to third parties in principle. In some cases, we do, for example, when the client instructs us to do so, when we are subject to a legal obligation, or if the oversight agency imposes this on us. Additionally, we naturally transmit the Personal Data to the relevant client, and where necessary, we engage a party that processes Personal Data jointly with Tower Security for the benefit of the client.

6.3 Tower Security does not process any Personal Data outside the European Union and does not transmit such outside the European Union.

Security

7.1 Tower Security takes the protection of Personal Data very seriously. On behalf of our clients, and because we are obliged to do so ourselves, we implement appropriate technical and organisational measures to ensure a level of security that is aligned with the risk. When determining these measures, we consider the state of the art, implementation costs, and the nature, scope, context, and purposes of the processing. We also consider the risks to the rights and freedoms of the Data Subjects, which vary according to probability and severity.

7.2 To maintain robust security, Tower Security does not disclose all measures taken. However, the following measures are always applied:

7.2.1 Encryption of (the transmission of) Personal Data;
7.2.2 Assurance of the confidentiality, integrity, availability, and resilience of processing systems and services;
7.2.3 Assurance of the ability to restore the availability of and access to Personal Data in the event of a physical or technical incident; 7.2.4 Maintenance of a procedure for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures to secure processing; 7.2.5 Securing access to Personal Data in the mast; 7.2.6 Implementation of an adequate policy regarding potential violations related to Personal Data.

7.3 The security measures taken by Tower Security are regularly reassessed. We consider the processing risks, especially those resulting from the possible destruction, loss, alteration, or unauthorised provision of or access to forwarded, stored, or otherwise processed Personal Data, whether accidental or unlawful.

7.4 In addition to the measures listed above, Tower Security ensures that every natural person acting under our authority and having access to Personal Data only processes such data on the client’s instructions, unless required to do so by Union or member state law.

Data Protection Officer

8.1 Tower Security has appointed a Data Protection Officer (‘DPO’). The DPO can be contacted for all matters related to the processing of Personal Data and the exercise of rights under the GDPR.

8.2 The contact details of the DPO are: info@towersecurity.ie.

Your Rights

9.1 Under the GDPR, you have various rights regarding your Personal Data, depending on the circumstances:

9.1.1 The right to request access to Personal Data;
9.1.2 The right to request rectification of Personal Data;
9.1.3 The right to request the removal of Personal Data;
9.1.4 The right to request the restriction of processing;
9.1.5 The right to object to processing;
9.1.6 The right to data portability;
9.1.7 Where processing is based on consent: the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
9.1.8 The right to lodge a complaint with a supervisory authority, such as the Data Protection Commission in Ireland.

9.2 Tower Security has arrangements with its clients to implement requests from Data Subjects based on the rights mentioned above. These arrangements may vary per client. If you wish to exercise your rights, you can contact Tower Security via the contact details listed in this Policy, or contact the client directly.

Questions

10.1 If you have questions about this Policy, the relevant client, or other matters regarding your Personal Data, you can contact Tower Security via info@towersecurity.ie or our DPO via the contact details listed above.

Third Party Processors

11.1 Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

11.1.1 Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, which may result in the compliant processing of personal information. Our appointed data processors include:

Market Forever Global, www.market-forever.com, You can contact Gisela by sending an email to gisela@market-forever.com who is there DPO.

We use lead generation services Hubspot and Hotjar. These tools recognise company visits to our website based on IP addresses and show us publicly available information, such as company names or addresses. Additionally, the tools set two first-party cookies to evaluate user behaviour on our website and process domains from form entries to correlate IP addresses with companies and improve services.

When we process website traffic data, this processing is based on our legitimate interest (Art. 6 (1) lit. f GDPR) to optimise our products, services, sales, and marketing. To prevent this processing activity, you (website visitor) can install and configure suitable ad-blockers or use no-script plugins in your browser.