Privacy Notice

ASSA ABLOY Global Solutions AB, together with its affiliated entities, is committed to safeguarding the privacy of our customers, business partners, and professional contacts.

This Privacy Notice applies to individuals interested in our products, customers, business partners, and professional contacts. It explains how we collect, use, disclose, and protect Personal Data, and describes your rights and choices under applicable data protection laws.

ASSA ABLOY Global Solutions AB (referred to as “we”, “our”, or “us”), registered in Sweden under company number 556666‑0618 with its principal office at Förmansvägen 11, 117 43 Stockholm, serves as the data controller responsible for the processing of your Personal Data.

We collect “Personal Data,” which means any information that can identify or help identify a person, as per relevant privacy laws. Personal Data may be collected directly from you when you engage with our Services, or, in certain circumstances, from third-party sources. We may also analyze and combine data to derive insights regarding your preferences, interests, characteristics, or behavioral patterns, to enhance your experience with our Services.

1.1 Personal Data Collected Directly from You

Personal Data is collected through your interactions with our Services, including but not limited to:

• Contacting us via our website forms
• Registering an account, for example in our eStore
• Engaging with customer support
• Making product warranty inquiries
• Participating in contests or competitions
• Subscribing to marketing communications
• Navigating our Services
• Attending events or tradeshow that we participate in
• Making purchases
• Communicating with us
• Becoming a partner or vendor

We collect the following categories of Personal Data in accordance with our use of Personal Data:

• Contact Information: Name, prefix, email address, telephone number, address, title, country.
• Account Information: Login credentials, profile, username, products, license information, cart contents, and purchase history.
• Audio, Electronic, Visual, and Similar Information: Images, audio, video, or call recordings generated in connection with our business activities.
• Transaction Information: Purchase and order details, payment information, company bank account information, and billing address.
• Device Information: IP address, also used to calculate your approximate location e.g. city area, technical details about your device you are using to access our services e.g. website, such as device type and model, system language, browser details, operating system, and device or other advertising identifiers such as Android Advertising ID or Apple’s Identifier for Advertisers.
• User Content: Information you choose to provide to us through structured interactions such as surveys, forms, or feedback tools, only to the extent necessary for the purposes described in Section 2
• Professional Characteristics: Company details, job title, industry, certifications, relevant trainings, and experience.
• Usage Information: Browsing behavior, purchasing patterns and trends, engagement metrics (e.g. page visits, clicks, visit frequency, return intervals) only to the extent necessary for the purposes described in Section 2.
• Preferences: Payment method, purchased/viewed/recommended products, preferred language, marketing communication preferences, and cookie preferences.
• Social Media Information: Name, company name, email address, and publicly available interactions or comments with our social media posts such as on LinkedIn and YouTube, in accordance with our Privacy Notice.
• Communication History: Details of your interactions and any additional information you provide as part of emails, meetings, and other communication with us. In relation to customer support cases, we may, where relevant.

We use your Personal Data only to the extent necessary to achieve the purposes described below. Where required under applicable data protection laws, we rely on one or more of the following legal bases for processing your Personal Data: performance of a contract, compliance with legal obligations, legitimate interests, or your consent. Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms, implemented appropriate safeguards, and you may object to such processing as described in Section 8 below.

2.1 Respond to Inquiries and Manage Leads

We process your Personal Data when you contact us, request information, submit forms on our websites, or otherwise express interest in our products or services. This includes using your Contact Information, Professional Characteristics, Communication History, Social Media Information and any other information you choose to provide to respond to your inquiries, provide requested information, assess your needs, and manage potential business relationships. These activities rely on legitimate interests in responding to your inquiry regarding our products and services.

2.12 Process Orders, Billing, and Financial Administration

We process your Contact Information, Account Information, Transaction Information, Device Information, Preferences, and Communication History to process orders and returns, including warranty and product registration, payments, exchanges, or refund requests, as well as to manage billing, invoicing, accounting, accounts receivable, accounts payable, and related financial administration. These activities are undertaken to manage our contractual relationship with you and/or to take steps at your request prior to entering into a contract, and to comply with applicable accounting and financial reporting obligations.

2.3 Provide our Services

We process your Contact Information, Account Information, Device Information, Preferences, Communication History, and Other Related Personal Data you share to provide you with the Products and Services you request in a personalized and efficient manner. This may include installation and integration services, project management, trainings, opening and maintaining your account, and sending administrative information related to your account. These activities are undertaken to manage our contractual relationship with you.

2.4 Provide Customer Service

We process your Contact Information, Account Information, Device Information, Preferences, Communication History, Customer Support Information and Other Related Personal Data to address customer service requests, deliver support, and resolve enquiries and complaints. These activities are conducted to manage our contractual relationship with you or rely on legitimate interests in servicing our products and services.

2.5 Marketing Communications

We use your Contact Information, Account Information, User Content, Professional Characteristics, Preferences, Social Media Information, Communication History, and Transaction Information, including inferences derived from such information, to identify your preferences and provide personalized advertising and marketing communications about our Services, new products, and company news.

For existing customers, we may send marketing communications, promotions, or contests based on our legitimate interests, where permitted by applicable law. For individuals who have not received an offer or previously purchased our products or services, we will obtain your consent prior to sending marketing communications.

In every instance, you may opt out of marketing communications or adjust your preferences at any time by utilizing the links included in each marketing email.

2.6 Digital Advertising

We use Usage Information collected through cookies and similar technologies to tailor and deliver advertisements. Our online advertising initiatives include platforms such as Google Ads (including YouTube), LinkedIn Ads, and in limited cases Meta Ads. These platforms help us promote our products and services and share relevant content with you.

Audience targeting may involve the use of cookie data and, where applicable, email‑based audience matching. Such processing is conducted in accordance with the marketing purposes and legal bases described in Section 2.4 (Marketing Communications) of this Privacy Notice. Where required by applicable law, such processing is based on your consent.

You have control over how your data is used for advertising. You can adjust your preferences directly in your account settings on Google Ad Center, LinkedIn Ad Settings, or Facebook & Instagram Ad Preferences. You can also withdraw cookie consent at any time using the “Adjust cookie settings” button in our Cookie Notice.

For additional details, please read our Cookie Notice. For more information about how cookies work, please also refer to www.allaboutcookies.org.

We will only share your Personal Data with third parties as described in this Privacy Notice. Third-party processors are engaged only to the extent necessary to achieve the purposes set out above and are contractually obligated to observe the security and integrity of your Personal Data. Some processors will have access to your Personal Data as necessary to perform their functions but may not share it with other third parties or use it for other or own purposes.

• Affiliated entities: ASSA ABLOY Global Solutions AB may share Personal Data with affiliated entities within the ASSA ABLOY Global Solutions division that function as data processors on our behalf. These affiliates process Personal Data in accordance with our instructions, for the purposes described in this Privacy Notice, and are subject to appropriate contractual safeguards, including data processing agreements, to ensure compliance with applicable data protection laws.
• Third party companies: Limited to vendors or other companies e.g. consulting acting as service providers or data processors to Us.

We may also share limited Contact Information (name, email address, and phone number) with the following categories of recipients. These recipients may function as independent data controllers and process your Contact Information in accordance with their own privacy practices.

We operate globally and may collect Personal Data from individuals located in different countries. Regardless of where Personal Data is collected, it may be accessed, stored, or processed in countries where ASSA ABLOY Global Solutions AB, its affiliates, or its service providers operate.

For individuals located in the European Economic Area (EEA), this may include transfers of Personal Data outside the EEA. Such transfers may be made to countries recognized by the European Commission as providing an adequate level of data protection or countries that are not subject to an adequacy decision.

We leverage AI technologies to process your Personal Data to deliver enhanced services aligned with the purposes described above. This processing is conducted based on our legitimate interests, while respecting your privacy rights. AI enables us to respond to your requests promptly and accurately. All AI usage complies with internal ASSA ABLOY policies, incorporates appropriate safeguards, and does not involve automated decision-making with significant impact, within the meaning of applicable data protection laws.

As part of this process, we utilize your Contact Information, Account Information, Transaction Information, User Content, Usage Information, Communication History and Professional Characteristics when you interact with us as a customer, business partner, or representative of an organization interested in our offerings. This may include details related to products and services you have expressed interest in or acquired from us, installation, maintenance or support activities, project-related tasks, and billing or financial information when a contact person from your company is required.

We retain Personal Data only as long as necessary to fulfill the purposes for which it was collected unless a longer retention period is required or permitted by law. Specific retention periods are as follows:

• Contact Information, Communication History for Leads: Retained for up to two (2) years from the last meaningful interaction.
• Contact Information, Account Information, Communication History for Customers and Business Partners: As long as the business relationship persists and five (5) years thereafter.
• Device Information, Audio, Electronic, Visual, and Similar Information, User Content, Usage Information, Social Media Information, Preferences: Deleted after 2 years, aggregate data may be stored longer.

Our websites, applications, products, and services are intended for adults and are not directed at children. We do not knowingly collect or process Personal Data from individuals under the age of sixteen (16), or such higher age as may be required by applicable local law, without verifiable consent from a parent or legal guardian. If we become aware that Personal Data relating to a child has been collected without the required consent or in violation of applicable laws, we will take reasonable steps to promptly delete or anonymize such data.

You have the following rights regarding your Personal Data:

• Right to withdraw consent: If we process your Personal Data with your consent, you can withdraw it at any time. Withdrawal does not affect prior processing's legality, but may limit access to certain services. We will let you know the consequences if you deny or withdraw consent.
• Right to access: You are entitled to request information about which Personal Data we process about you and how it is being processed. You also have the right to request a copy of the Personal Data we process about you.
• Right to rectification: If you consider your Personal Data that we process to be inaccurate, e.g. information concerning your name or address, you have the right to get the inaccurate information corrected and to get the incomplete information completed by providing us with the correct information.
• Right to erasure: You have the right to request that your Personal Data is erased, e.g. if the processing is no longer relevant in relation to the purpose the information was collected for or if you recall your consent to the processing and there are no other legal grounds for the process.
• Right to limitation of processing: You have the right to request limitation of the processing of your Personal Sata, with the exception for storage. Limitation of processing can be requested, for example if you object to the accuracy of the Personal Data or if you consider the processing of your Personal Data to be unlawful.

We may update this Privacy Notice from time to time. The most current version of this Privacy Notice is always available on our website and applies from its effective date as indicated at the top of this page. If you do not agree with the updated terms, you should discontinue use of our Services.

We use cookies and similar technologies to enhance your experience on our website and deliver personalized advertising through platforms such as Google Ads, YouTube, LinkedIn, Facebook, and Instagram. Advertising cookies are placed only with your consent, helping us understand your Preferences and show relevant content.

We also use cookies including from third parties to ensure the best browsing experience. Some cookies may track your use of our website, display personalized content and targeted ads, analyze site traffic, and help us understand audience sources.

We implement security measures to protect personal information from loss, misuse, unauthorized access, alteration, disclosure, or destruction. Additionally, we have measures to ensure the ongoing confidentiality, integrity, and availability of systems and services processing personal information, and to restore data availability and access promptly in case of an incident. We recommend that individuals protect their user accounts and devices with up-to-date security measures.

If you have questions or concerns regarding your Personal Data, or wish to exercise your rights under applicable data privacy laws, please direct your correspondence to the Data Protection Manager at the address above. We encourage you to provide detailed information about your inquiry to help us respond efficiently. Our team is committed to addressing your requests promptly and in compliance with all relevant privacy regulations.

The country‑specific information set out below is intended to reflect certain local data protection laws that may apply depending on your location. This list is not exhaustive, and additional rights or obligations may apply under other applicable national or regional data protection laws.

We are committed to respecting the principles and requirements of applicable data protection laws and to applying appropriate safeguards to protect your Personal Data. Where local law provides specific or additional requirements, we seek to address those requirements in line with applicable legal obligations and our data protection practices.

• ARGENTINA – Personal Data Protection Law 2000 (PDPL) (Law No. 25,326)
• AUSTRALIA – The Privacy Act 1988, Australian Privacy Principles (APPs)
• BRAZIL – Brazilian General Data Protection Law (LGPD) – Law No 13,709/2018.
• CANADA – Personal Information Protection and Electronic Documents Act (PIPEDA) 2000
• COLOMBIA – Data privacy rights and protection are governed by Law 1581/12, Decree 1377/13, Law 1266/08 and Law 1273/09
• HONG KONG – Personal Data Privacy Ordinance (PDPO) 1995
• INDIA – The Digital Personal Data Protection Act (DPDPA) 2023