Data Privacy Notice
Last updated: 15 July 2024
This Privacy Notice applies to information we collect about individuals who use our Horizon, Worldcue, GWTS, GRM or TopoONE applications (“Apps”) and associated services such as push notifications and hotline access (“Services”). It explains what Personal Information we collect, how we use it and who we may share the data with.
In this Privacy Notice, “Crisis24”, “we”, “us”, and “our” refer to the Crisis24 Group of companies comprised of Crisis24 Inc, Crisis24 SAS, Crisis24 Limited, Crisis24 Consulting Limited, Crisis24 GmbH, Crisis24 Pte. Limited, Crisis24 Pty. Limited, Crisis24 Protective Solutions, LP., Crisis24 Medical Solutions, Inc., Crisis24 Protective Solutions Limited, Crisis24 Protective Solutions, Inc., Crisis24 Assistance Services Limited, FAM International Logistics Inc., Patriot Global Group, Inc., and their subsidiaries, which are wholly owned subsidiaries of Garda World Security Corporation (“Crisis24,” “We,” or “Us”).
We respect the privacy of individuals and value the confidence of our clients, customers, employees, consumers, business partners, and others. Crisis24 strives to collect, use, disclose and otherwise process Personal Information and other information in a manner consistent with applicable laws, and prides itself on upholding the highest ethical standards in its business practices. Crisis24 complies with applicable data protection laws including the European Union’s General Data Protection Regulation (“GDPR”), the United Kingdom’s (“UK”) Data Protection Act 2018 and the GDPR as incorporated into UK legislation (“UK GDPR”), in respect of which Crisis24 undertakes its responsibilities as a Data Processor for our clients (the Data Controllers) as the terms Data Processor and Data Controller are defined in the GDPR.
Our details
The entities listed below are the companies that make up Crisis24 and which collect Personal Information through your use of our Apps and associated services.
In the USA:
Crisis24 Inc, Crisis24 Protective Solutions Inc, Crisis24 Protective Solutions LP, FAM International Logistics Inc, Patriot Group Inc, Patriot Global NYC LLC
185 Admiral Cochrane Drive #300,
Annapolis, Maryland 21401 USA
In the United Kingdom:
Crisis24 Limited, Crisis24 Consulting Limited, Crisis24 Protective Solutions Limited and Crisis24 Assistance Services Limited
Two London Bridge,
London. SE1 9RA
In France:
Crisis24 SAS
203 Rue du Faubourg
Saint-Honoré, 75008 Paris, France
In Germany:
Crisis24 GmbH
Byk-Gulden-Straße 24
D-78467 Konstanz
Germany
In South Africa:
Crisis24 Pty Limited
Block A, The Terraces,
Steenberg Office Park,
Westlake, 7945
Cape Town,
South Africa
In Singapore:
Crisis24 Pte. Limited
137 Market Street, 10-01,
Singapore 048943
If you have any comments or questions about this Privacy Notice, please contact us at [email protected].
Content
What Personal Information we collect, how we get it, why we have it and the lawful bases we rely on for processing this information
Information We Collect on Behalf of Our clients
With Whom the Information May be Shared
How Long We Store Personal Information
Privacy Protections for Children
Your Rights Regarding the Collection, Use and Distribution of Personal Information and Other Information
What Kind of Security Procedures We Use to Protect the Loss, Misuse, or Alteration of the Information Under Our Control
Use of Artificial Intelligence in our Services
International Transfer
Dispute Resolution
Contacting the Regulator
Changes to This Privacy Notice
What Personal Information we collect, how we get it, why we have it and the lawful bases we rely on for processing this information
Crisis24 collects Personal Information when you register for the Apps and use the Services. Crisis24 does not collect any Sensitive Personal Information, known as Special Categories under GDPR, unless expressly directed to do so by you or your employer.
“Personal Information” is any information or set of information relating to an identified person or an identifiable person who can be identified, directly or indirectly, by reference to an identifier such as an identification number, location data, an online identifier or one or more factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity. For example, Personal Information includes name, address, email address, employer’s company name, job title, phone or fax number, employee ID, travel itineraries, including emergency contact information and, if requested by a client, passport numbers. For the purpose of the California Consumer Privacy Act (“CCPA”), Personal Information includes information which identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. “Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, or trade union membership, that concerns an individual’s health or sex life, criminal proceedings, or that is designated in writing by a third party as Sensitive Personal Information.
We use Personal Information to provide you with content, products, and services, to fulfil the terms of any agreement you have with us and operate our business. We collect different Personal Information depending on the Services you use. The use of information collected through our Service is limited to the Personal Information which is necessary to provide the Service for which Crisis24 has been engaged. The following table explains the types of Personal Information we collect, the source of the data, the purposes we use it for and the legal bases on which we process your Personal Information.
| Purpose | Source | Personal Information | Legal basis |
| Registration and tailoring of your account, administration of your account, responding to your requests, requesting feedback from you, responding to customer service questions or issues, notifying you of important changes or updates to the Services | Directly from you or your employer | Name, email address, contact number and employer | Fulfil contractual obligations |
Operate our Services, enhance our Services, and deliver messages.
| Directly from you and through the use of cookies or similar technologies | Device operating system and browser type, your Internet service provider, your domain name, your general geographic location | Legitimate interest |
| Send regular updates relating to issues in your general location | Directly from you or your employer | Your general location (e.g. a town or city) and trip details | Fulfil contractual obligations |
| Send push notification alerts regarding issues in your location | Mobile network provider, GPS, WiFi, or cellular network signals from your device Directly from you or your employer | Your precise location | Consent
Fulfil contractual obligations |
| Track your location | Mobile network provider, GPS, WiFi, or cellular network signals from your device | Your precise location | Consent
Fulfil contractual obligations |
Contact service providers to fulfil your requests for assistance including medical assistance
| Directly from you | Name, contact number, email address and information shared by you including address, physical location, passport details, details of any incident, injury or medical condition and any other information provided to us to help us deliver services to you. We may collect the same information about members of your party, including minors, to whom our services are also made available | Consent
Fulfil contractual obligations |
If you use our Apps, precise location data cannot be collected unless you allow the App to use your terminal equipment location. If you would like Crisis24 to stop collecting precise location from your device, you can change these settings in the App.
- Our App collects precise location when you use the “Crisis” or “Check In” or “Alert” buttons or when you use the App to learn about information that is relevant to your current location. The App may collect precise location from your device on a real-time, continuous basis to inform you, and allow your organization to inform you, of incidents and threats near your current location.
- Our Critical Trac® and our Crisis Messenger GPS app may collect precise location from your device on a real-time, continuous basis for tracking purposes and when you use the “Panic” and “Check In” or ‘Alert’ buttons.
Crisis24 may collect location information if you use a Crisis24 application on your mobile device. The iOS and Android (OS 6.0+) platforms will alert you the first time a Crisis24 app wants permission to access certain types of data and will let you consent (or not consent) to that request. You may subsequently manage your location sharing preferences at any time with the iOS and Android (OS 6.0+) platforms by changing the Location Services settings on the device. Android (OS 5.1.1 and earlier) devices will notify you of the permissions that a Crisis24 app seeks before you first use the app, and your use of the app constitutes your consent. Some applications, such as the Worldcue® Mobile app may also permit you to modify location reporting (the transmission of your location information to our servers) from within the application Settings. Please note that the Services require your precise location for certain features to work properly.
Information We Collect on Behalf of Our clients
Crisis24 collects information under the direction of its clients and may have no direct relationship with the individuals whose personal data it processes. If you are a customer or employee of one of our clients and would no longer like to be contacted by one of our clients that use our service, please contact the client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our clients.
If your employer (our client) has purchased Crisis24 products or services on your behalf, Crisis24 may receive Personal Information about you directly from your employer. For individuals residing in the European Union or the United Kingdom, if your employer has given Crisis24 any Personal Information about you in connection with its purchase of a Crisis24 product or service for your benefit, your employer and not Crisis24 will be responsible for determining the method and means by which you will receive notice and the ability to consent to Crisis24’s receipt and use of such information.
An individual who seeks access, or who seeks to correct, amend, restrict, port, or delete Personal Information should direct their query to the Crisis24 client (the Data Controller).
We will retain Personal Information we process on behalf of our clients for as long as needed to provide services to our client. Crisis24 will retain this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
With Whom the Information May Be Shared
We share information within Crisis24 Group and third parties. This will involve transferring your Personal Information inside and outside of the European Economic Area (“EEA”) and the United Kingdom.
We share Personal Information with third parties in the following circumstances:
- To provide and maintain our Services - Crisis24 may share Personal Information we collect with our contractors and third-party service providers, including companies that send email and other messages on our behalf to you, to companies that store such information for these uses, and companies that perform analytics services for us, on a need-to-know basis. These companies are authorized to use your Personal Information only as necessary to provide these services to us.
- For our internal operations - We share information we collect within the Crisis24 Group in order to carry out our internal operations relating to finance and other service fulfilment.
- To fulfil contractual obligations - If a Crisis24 product or service is purchased by an individual’s employer on behalf of the individual, Crisis24 may transfer Personal Information, including precise location, to the employer for its legitimate business purposes, including, without limitation, for purposes of risk management and/or crisis response. We may also share your Personal Information with other third parties such as government officials, healthcare providers, national and/or independent security forces, transportation providers, in the event that you require assistance.
- To comply with applicable law and legal obligations - In addition, Crisis24 may use and disclose Personal Information and other information as it believes reasonably necessary: to comply with applicable law or respond to legal process (for example, a court order, search warrant or subpoena); in response to lawful requests by public authorities (such as to meet national security or law enforcement requirements); to investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our Terms and Conditions, or in other circumstances in which Crisis24 has a good faith belief that its products or Services are being used in the commission of a crime or that there is an emergency that poses a threat to the safety of you or another person; or to protect our rights and property. We may need to share your Personal Information where required under the laws of countries in which we operate.
- For the pursuance of our obligations in the context of our legitimate business interests - Crisis24 may disclose Personal Information and other information to facilitate the financing, securitization, insuring, merger, sale, assignment, bankruptcy, or other disposal of all or part of our business or assets.
- For other purposes where data is de-identified - We may also use and disclose aggregated, de-identified information about users of the Services for any purpose, such as by publishing a report on trends in the usage of the Crisis24 Services.
How Long We Store Personal Information
We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your Personal Information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements, consistent with applicable law.
To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymize your Personal Information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Privacy Protections for Children
The Crisis24 Services are provided for adults only. The Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under the age of 13 through the Services.
Your Rights Regarding the Collection, Use And Distribution of Personal Information and Other Information
Under certain circumstances, you have rights under data protection laws in relation to the Personal Information we hold about you. You have the right to request:
- access to your Personal Information
- to have your Personal Information corrected
- to have your Personal Information deleted
- the restriction of the processing of your Personal Information or otherwise object to such processing
- your Personal Information to be provided to you in a portable form.
You also have the right to:
- withdraw consent for processing of Personal Information which relied on consent as the legal basis, and
- under the CCPA, protection from discrimination for exercising legal privileges.
If your Personal Information changes, you would like to review or correct your Personal Information, or if you no longer desire our Services, you may correct, update, or remove your Personal Information at the member information page or by emailing our Customer Support at [email protected]. Upon request Crisis24 will provide you with information about whether we hold any of your personal information. We will respond to your request within a reasonable timeframe and in accordance with applicable statutory timeframes.
We do not sell your personal data or otherwise exchange your data with third parties for other benefits or consideration. We may still use aggregated, pseudonymized, and de-identified personal information which does not identify you or any individual.
What Kind of Security Procedures We Use to Protect the Loss, Misuse, or Alteration of the Information Under Our Control
Crisis24 takes commercially reasonable administrative, technical, and physical precautions to protect our users’ information against loss, misuse and unauthorized access, disclosure, alteration, and destruction. However, no system is 100% secure, and therefore we cannot guarantee the absolute security of the information that we collect.
Use of Artificial Intelligence in our Services
Crisis24 may use Artificial Intelligence systems (“AI”) to understand more about how you interact with or react to the App, to enhance our products and services. We may, for example, use AI to interpret and analyze your emotional response to any message we send out in emergency situations to improve communications, although this analysis uses anonymous datasets. Crisis24 does not make any decisions based solely on AI inputs.
International Transfer
Crisis24 provides services globally so it may be necessary to transfer your Personal Information internationally. In particular, your Personal Information may be transferred to and processed in the EU, United States, the United Kingdom and/or South Africa and wherever you access Crisis24 provided services while you travel. The data protection and other laws of other countries may provide a less comprehensive or protective standard of protection than those in your country or the country you are in while using our services. Where European Union or UK data protection laws apply, we use Standard Data Protection Clauses in line with the guidance from the Court of Justice of the EU and UK government authorities, a copy of which may be requested.
Dispute Resolution
In compliance with the GDPR, Crisis24 commits to resolve complaints about our collection or use of your Personal Information. EEA and Swiss individuals with inquiries or complaints should first contact Crisis24 at:
Privacy Office
Crisis24
203 Rue du Faubourg
Saint-Honoré,
75008 Paris,
France
[email protected]
Contacting the Regulator
If you feel that your Personal Information has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your Personal Information, you have the right to lodge a complaint.
If you are based in the UK, you have the right to lodge your complaint with the Information Commissioner’s Office. You can contact them by calling +44 (0) 303 123 1113 or online at www.ico.org.uk/concerns. (Please note we can’t be responsible for the content of external websites.)
If you are based in the EEA or Switzerland, you have the right to lodge your complaint with the data protection regulator in your country of residence.
Changes to this Privacy Policy
This Privacy Notice may be amended from time to time, consistent with changing legal, regulatory or client requirements. If we make a material change to this Privacy Notice, we will provide you with appropriate notice by email prior to the change becoming effective.
Updated: 15 July 2024