Privacy Policy

We at Janus International Europe (“Janus” or “JIE”) take the privacy of all visitors to our websites and Nokē™ Smart Entry applications very seriously. This privacy policy informs you how Janus handles privacy matters and processes your personal data.

REVIEWED: 04/09/2023

At Janus International Europe Limited (“Janus”, “we”, “us” or “our”) we take our obligations under data protection and privacy laws seriously. This includes all individuals that come into contact with us and whose information we process in the course of operating our business, such as our customers, partners, suppliers, service providers, and the tenants and users of facilities that are equipped with our Nokē™ technology, but also users of our website and our mobile app (collectively “you” or “your”).

As part of our commitment to transparency and safe custody of your personal information we are registered as a data controller with the Information Commissioner’s Office (“ICO”), the supervisory authority responsible for oversight of data protection and privacy matters in the UK, under registration number ZA524026. We have also developed this Privacy Policy (“Policy”) to inform you how we collect and handle your personal information.

Important information about this Policy

This Policy applies in all situations when we collect or otherwise process your personal information and provides an explanation as to what happens to any personal information that that we collect either directly or indirectly, including when we process the information of:

individuals obtaining our products and services, including facility operators, tenants and permitted users;
organisations that we work in order to provide our products and services (including in each case their officers, employees, contractors and agents);
users of all Janus websites (including www.januseurope.com and any other websites operated by us, collectively the “site”) and our mobile app; and
enquirers and correspondents, to the extent that we receive and respond to product and service-related enquiries that are submitted through our websites, our app, by email or via any other communication channels that we make available the data that is shared by a visitor with us whether directly via , Nokē™ or via email (hereinafter “site(s)”). This policy provides an explanation as to what happens to any personal data that you share with us, or that we collect from you either directly via these websites or via email. By using the sites, you agree to the terms and conditions of this Privacy Policy.

We ask that, where we have an ongoing relationship with you and any of the data you have provided become or are no longer accurate, you keep us informed of this so that we can amend our records accordingly. By using our services, the site and our app, you agree to the terms of this Policy.

Information we collect

We collect different types of personal information at different times and for different reasons depending on the nature of your relationship with us. There may also be specific purposes for collecting and processing your information on certain occasions, where your failure to provide that information could prevent us from being able to enter into a contract with you or perform elements of an existing contractual arrangement.

However, the types of personal information that we collect will generally include the following categories:

Identity Data: your first and last name.
Contact Data: your address, email address, telephone number and, where you’re representing or acting on behalf of an organization, the identity and nature of that organization, your position/role and location of engagement.
Communications Data: information contained in communications with us.
Service User Data: tenant unique identifier, storage unit number and other identifiers, storage unit information and activity (including availability status, access records and details of any tenant authorized end users), and geolocation (when location tracking is enabled in the app).
Image Data: photographs or images that you submit to us or that we otherwise collect from the public domain.
Transaction Data: your financial institution, bank account and payment card details, records of payments to and from you and other details of your purchasing history.
Technical Data: your web and internet protocol (IP) address, device model and other identifiers, login credentials, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the site or our Nokē™ app.
Platform Usage Data: information about how you use the site and our app, such as your access history and length of time spent on specific pages.
Marketing Data: your preferences for receiving news, updates and other marketing communications from us as well as records of marketing campaigns previously conducted.

We do not collect sensitive types of “special category” data. We also do not provide our products or services to children and do not knowingly collect or otherwise process the personal information of legal minors. Accordingly and to assist us with this, we also ask that you do not submit any information to us that constitutes “special category data” or relates to minors.

For more information about how we collect Technical Data and Platform Usage Data through the use of cookies and other tracking technologies, then please read our Cookie Policy.

How we collect your information

Most of the personal information that we collect will be provided directly by you, for example when you submit a product or service related enquiry or otherwise communicate with us and when you engage our services. However, in some circumstances we may collect your information from third parties, such as where your details are provided to us by a facility operator or a tenant, or where you are representing or acting on behalf of an organization and we are provided with your information by that organization.

In addition, Technical Data and Platform Usage Data is typically collected automatically, including by third parties that we engage provide specific marketing, data analytics and other services.

Use of your personal information

We will only process your personal information where we have a specific purpose and lawful basis to do so. Since this may vary depending on the circumstances and the nature of your relationship with us, we have included this information in the table below. However, please note that the bases described are not mutually exclusive and it may be possible for processing to be conducted on more than one basis depending on the activity in question.

Purpose/Activity

Type of Information

Basis of Processing

To enter into and subsequently to manage our business relationship with you, including:

· responding to product or service related enquiries and providing client support

· negotiating and concluding agreements for products or services

· enabling you to download and use our Nokē™ app

· managing and processing transactions in relation to the provision of goods or services

· Identity Data

· Contact Data

· Communications Data

· Transaction Data

· Necessary for our legitimate interests (to manage our business relationships and administer our operations including through the keeping of appropriate records)

· Performance of a contract with you

To manage the effective delivery of our products and services, including:

· arranging site attendance and/or installation

· enabling you to obtain and utilise our Nokē™ technology and app for security and access purposes

· providing customer support

· monitoring and analysing our business performance to enable us to enhance and improve our existing offering as well as to identify and develop new opportunities

· notifying you about changes to our terms of business or Privacy Policy

· Identity Data

· Contact Data

· Communications Data

· Service User Data

· Image Data

· Necessary for our legitimate interests (to manage our business relationships and to administer and improve our operations including through the keeping of appropriate records)

· Performance of a contract with you

· Necessary to comply with legal obligations

To administer and protect our business, site and app including:

· Maintaining business records for legal purposes and to comply with tax requirements

· Defending and advancing legal claims

· Ensuring effective site maintenance and security

· Identity Data

· Contact Data

· Service User Data

· Technical Data

· Necessary for our legitimate interests (running our business, facilitating administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

· Necessary to comply with legal obligations

To make decisions about how best to deliver relevant content and advertisements to you, and to better understand their effectiveness

· Transaction Data

· Technical Data

· Platform Usage Data

· Marketing Data

Necessary for our legitimate interests (better understanding website functionality and how website users navigate and interact with the site)

To advance and promote our business including contacting you regarding products, services or promotions that may be of interest to you based on products or services you have previously obtained from us, and to enable the submission of reviews and surveys

· Identity Data

· Contact Data

· Transaction Data

· Marketing Data

Necessary for our legitimate interests (to enhance our products and services, improve our marketing strategies and develop our business)

Sharing your personal information

Sometimes it may be necessary to share your information with third parties, to enable us to communicate and interact with you and to facilitate the operation of our business. We may share your information with the following third parties:

Third party suppliers, agents, and contractors. We may use other companies, agents or contractors (“Service Providers”) to perform services on our behalf or to assist us with providing services to you. For example, we may engage Service Providers to process credit card transactions or other payment methods. Or, we may engage Service Providers to provide marketing, advertising, communications, infrastructure and IT services, r customer services, to collect debts, and to analyze and enhance data (including data about users’ interactions with our service). These Service Providers may have access to your personal or other information in order to provide these functions. In addition, some of the information we request may be collected by third party providers on our behalf. We do not authorize them to use or disclose your personal information except in connection with providing their services.
Regulatory and governmental authorities, law enforcement agencies, courts and our professional advisors. We may share your information in this way where reasonably necessary to comply with legal process and obligations, to protect our business and its reputation, and to bring and defend legal claims (including in obtaining specialist advice for any such purposes when appropriate) In rare circumstances we may also share your information where we believe that disclosure is in the public interest, for example to detect, prevent, or otherwise address security or technical issues, and any activities that are illegal or suspected to be illegal (including fraud).
Other entities within our group of companies. As an international business, members of our group of companies and our corporate affiliates operating in different jurisdictions will need to share information between them, to enable the effective functioning of the group and to ensure that we can properly advance our product and service offering.
The purchaser and its professional advisors in the event of a disposal of all or part of our business. We may engage in a merger, acquisition, or other form of business reorganization in the future, in which case your information will be shared with the ultimate purchaser and any professional advisors that are appointed.

International transfers of your personal information

As an international business operating in multiple jurisdictions we may sometimes need to transfer your personal information overseas, including to destinations outside of the UK and the European Economic Area (EEA). In particular, members of our group of companies are located in the US which is also where the site is operated from.

However, we will only transfer your data to another country where we are confident that an appropriate degree of protection will be provided. Specifically, we will only transfer your personal data to countries that have either been deemed to provide an adequate level of protection for personal data, or where there are specific contractual clauses in place to protect the transfer of your data. For more information about how we use approved Standard Contractual Clauses in this way, then please contact us using the details provided below.

Storage of your personal information

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or other mandatory reporting requirements. To determine the appropriate retention period we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process it, whether we can achieve those purposes through other means and the applicable legal requirements.

To the extent data is held in connection with contractual rights and obligations, then we will also take into account any specific limitation periods that apply under local law which will generally involve related data being stored for 6 years after termination of the relevant contract.

Security of your personal information

We have implemented appropriate technical and organizational measures to protect your personal information, including in encrypting transaction details. These measures have been specifically designed to prevent your information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and service providers who have a business need to know. They will only process your information on our instructions and are subject to a formal duty of confidentiality.

Any third parties involved in handling your personal information will only do so for specific purposes and will be subject to contractual obligations of confidentiality. In the event that we experience any intrusion of our information systems or otherwise suffer a breach of our data security, then we have in place specific procedures designed to deal with such a breach, including protecting the personal information within our control and, where we are legally obliged to do so, notifying you and the relevant authorities.

Please note however that despite our best efforts we cannot guarantee the security of information being exchanged over the internet and, where our website contains links to other sites plug-ins and applications that are not operated by us, clicking on those links or enabling those connections may allow third parties to collect or share data about you. Once you leave our website then we have no control over, and assume no responsibility for, the content, privacy policies or practices of any third party sites or services.

Your rights

Under data protection laws you have certain rights with respect to the processing of your personal data which are listed below. However, please note that not all of these apply in all circumstances.

Right of access: subject to certain exceptions, you have the right of access to your personal information that we hold. However, please note that if you are requesting access to your data then in order to protect the rights of others we may require you to validate your identity before we can release that information to you
Right to rectify your personal information: if you discover that the information we hold about you is inaccurate or incomplete, you have the right to have this information rectified (i.e. corrected).
Right to be forgotten: you may ask us to delete information we hold about you in certain circumstances. This right is not absolute and it may not be possible for us to delete the information we hold about you, for example, if we have an ongoing contractual relationship or are required to retain information to comply with our legal obligations.
Right to restriction of processing: in some cases you may have the right to have the processing of your personal information restricted. For example, where you contest the accuracy of your personal information, its use may be restricted until the accuracy is verified.
Right to object to processing: you may object to the processing of your personal information (including profiling) when it is based upon our legitimate interests. You may also object to the processing of your personal information for the purposes of direct marketing and for the purposes of statistical analysis.
Right to data portability: you have the right to receive, move, copy or transfer your personal information to another controller when we are processing your personal information based on consent or on a contract and the processing is carried out by automated means.

Changes to this Policy

Please note that while we always aim to provide complete and transparent information about how we process your personal information, we reserve the right to update this Policy from time to time or to create additional policies in order to accurately reflect changed circumstances or new legal requirements. As a result, it is important that you read this Policy together with any other privacy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your personal information. Please note that this Policy supplements the other notices and is not intended to override or replace them.

To assist us in ensuring that we provide the most accurate information possible, we ask that you check this Policy for updates from time to time.

The Following Provisions Apply Only to Residents of Singapore

The following provisions apply to you only if your Personal Data is processed in Singapore. Under Singapore’s Personal Data Protection Act 2012 (No. 26 of 2012), you may have certain rights with respect to the processing of your Personal Data. For this Policy, the definition of “Personal Data” set forth in this Section is the definition under the law applicable to the person whose data is collected.

These rights include:
• Right of access: You may have the right to request access to, or copies of, your Personal Data, together with information regarding the nature, processing and disclosure of those data within a year before the date of the request.
• Editing your Personal Data: Should you have an online user account, you may edit and complete your Personal Data directly yourself. If you do not have an online user account, you may contact us, who will upon your request as soon as possible rectify, remove or complete the information which is incorrect, unnecessary, lacking or outdated.
• Right to data portability: You may have the right to have your Personal Data transferred to another controller, in a structured, commonly used and machine-readable format, to the extent applicable.

For purposes of PDPA, and wherever applicable throughout this Policy, Janus is the data controller collecting Information from the sites. We can be contacted at privacy@janusintl.com.
We strive to ensure that the Personal Data we possess are always accurate and therefore we encourage you to update your information in your own account in case any changes have occurred. We take commercially reasonable step to ensure that the Personal Data that we process are limited to the Personal Data that are reasonably required in connection with the purposes set out in this Privacy Policy

Please note that upon exercising any of the rights listed above, you may be requested to provide additional information for identification purposes. Such additional information shall not be used for any other purpose and will be removed after successful identification.

The Following Provisions Apply Only to Residents of Australia

If you are an Australian resident, Australian law may provide you with additional rights regarding our use of your personal information. To learn more about your Australian privacy rights, click go to: www.janusintl.au/privacy-policy

Contacting us

We welcome any queries, comments or requests you may have regarding this Policy. Please do not hesitate to contact us at privacy@januseurope.com or +44 (0) 20 8744 9444.

You can also write to us:
102B The Green,
Twickenham, TW2 5AG
United Kingdom

Complaints

We would always welcome the chance to deal with your concerns in the first instance, but you have the right to make a complaint to the ICO if you feel that we have handled your data improperly. If you would like to contact the ICO, then you can do so by telephone on 0303 123 1113 or through their website at https://ico.org.uk/global/contact-us/live-chat/