- Who is Genasys?
- What types of personal information do we collect?
- How do we collect your personal information?
- Why do we collect and for what purposes do we use personal information?
- With whom do we share your personal information?
- How do we protect your personal information?
- What choices are available to you and how do you exercise these choices over how we use or disclose your personal information?
- If you are a California consumer, the following notices and disclosures apply to you:
- Your privacy rights under the California Consumer Privacy Act of 2018 (“CCPA”).
- Notice at Collection
Who is Genasys?
Our communications solutions include the software as a service (“SaaS”) applications known as the Genasys Emergency Management SaaS Solution, Genasys Zonehaven EVAC, Genasys Zonehaven AWARE, as well as the unified hardware and software Integrated Mass Notification System (IMNS) and National Emergency Warning System (NEWS). These communications solutions are collectively referred to as “the Services.” As a user of the Services, you may receive geo-targeted alerts, notifications, instructions and information before, during and after public safety threats and critical business events.
What types of personal information do we collect?
We collect the following personal information, online and offline:
- Contact information – your name, email and postal addresses, landline and mobile telephone number. Please note that in order to use certain functions within the Services and receive notifications, mobile phone geolocation information is required.
- Information from public sources – including social media sites and your interaction with them. If you subscribe to certain services within the Services, you may receive notifications through your social media apps and accounts.
- Subscriptions & preferences – when you subscribe to receive product, service, or potential employment information, alerts, and updates to help us provide you with information you are interested in receiving from us, as well as emergency notifications through the Services.
- Online data – the following information may be collected when you visit our web sites or use the Services: device type and model, MAC address, IP address, other unique device identifiers, network information, operating system, browser type and version, click stream to, through, and from our web sites, length of visits and interactions on our web pages and emails. We do not collect personal data about your online activities across web sites other than our own. [Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a method for users to instruct web sites and certain other services that they do not want certain information about their webpage visits collected over time and across web sites or online services. Please note that we do not respond to or honor DNT preferences or similar instructions transmitted by web browsers.]
- Cookies – a cookie is a small data file that our web site places on your browsing device (desktop/laptop computer or mobile device). Learn more about cookies and how we use them in our Cookies Notice. [List cookies and how they are used. May be helpful to use a table.]
- Attendance data – including your signature, to record your visits to our offices and events.
- Inferences – including your behavior and movements when you use the Services.
- Employment information – professional and educational background and other information provided in connection with your application for employment with us.
- Sensitive personal information – including disability, dietary, religious, or similar requirements for employment, meetings, and events. If you choose not to provide us with this information, we may not be able to provide you with an accommodation or respond to your needs or preferences. This data will be provided to us by you.
- Criminal record data – where and to the extent permitted by law, and when appropriate under the circumstances. This data will be provided to us by you and/or the organizations who assist us in complying with our legal obligations for screening and regulatory compliance.
Our web sites and the Services are intended to be used by individuals aged 16 and over. We do not knowingly collect personal information from those under the age of 16. If your child or ward under the age of 16 has provided us with their personal information, please contact us at firstname.lastname@example.org so that we may delete the personal information.
How do we collect your personal information?
- Directly from you – We collect information which you may choose to provide in your communications with us, such as when you request that we send you newsletters, alerts, or other marketing materials; register for a webinar or event; fill out a form; respond to a survey; use the Services; or otherwise communicate or interact with us.
- From other sources – We may receive and collect personal information about you from other sources, including publicly available sources; our affiliated companies; entities to which we provide our products and services such as your employer and first responders located within the communities in which you reside, work, and visit; and social media platforms. For example, we may also collect personal information from your social media channels if you choose to link or provide access to them using the Services.
Why do we collect and for what purposes do we use personal information?
We collect your personal information for business and commercial purposes. Our business purposes include providing products and services to you, maintaining security, maintaining and improving the functionality of our products and services, internal research for technological development, verification or maintenance of the quality or safety of our products and services, responding to your inquiries, and providing customer service. An example of this would be when you use the Services we collect information about your location, device, and network. We collect and use your personal information to provide you with communications and alerts specific to your location.
Commercial purposes include promoting and advancing our commercial or economic interests, such as by soliciting you to buy, rent, lease, license, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction. This includes sending you newsletters, alerts, and other information that may interest you. Examples of this include our advertising, marketing, and sales efforts in expanding our customer base.
We also use personal information to review and evaluate your employment application and in connection with our employment and on-boarding process. We may use anonymized, pseudonymous, de-identified, or aggregated information so that it will no longer be considered personal information and use and disclose such information as permitted by applicable law.
Genasys also uses and discloses personal information to comply with the law, including in response to subpoenas, investigations, and civil and criminal proceedings.
With whom do we share your personal information?
Genasys shares personal information with its service providers, including server and platform hosts, in connection with our provision of products, services, and law enforcement and first responder organizations and their personnel. If you created an account to use the Services, other users of your account will have access to your personal information. If Genasys is acquired or merges with another company, we will share or transfer personal information to the acquiring or surviving company.
We do not sell or share your personal information for direct marketing purposes.
How do we protect your personal information?
Transmission of information via the Internet and through our web sites is not completely secure; therefore, we cannot guarantee the security of communications and information transmitted between you and us. After we have received your personal information, we will exercise security procedures to try to prevent unauthorized access. All personal information is stored on secure servers and we employ security policies and procedures to limit and restrict access.
What choices are available to you and how do you exercise your choices over how we use or disclose your personal information?
Subject to our data retention policies and practices and the laws of the jurisdiction in which you reside, you have certain rights (including the right to be informed) which you may exercise over your personal information. If you are a California consumer, please access our California consumer notices and disclosures here.
Genasys is the data controller for personal information that we collect from or about you, but we act as a data processor for personal information provided or otherwise made available to us by certain third parties, including your social media channels and first responder organizations, through the Services, which we process on those third parties’ behalf pursuant to our contracts with the applicable third party.
Subject to the law of the jurisdiction in which you reside, you have the following rights in relation to your personal information:
- Right to Be Informed. You have the right to be informed of how we use your personal information, where that data will be processed, how long we plan to hold on to the data and the details of your rights under the GDPR.
- Right of Access. If you request, we will confirm whether we are controlling or processing your personal information and, if so, provide you with a copy of that personal information.
- Right to Rectification. If your personal information is inaccurate or incomplete, you are entitled to request that we correct or complete it. If we have shared your personal information with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal information so you may contact them directly.
- Right to Erasure (“Right to be Forgotten”). You may ask us to delete or remove your personal information. If we’ve shared your data with others, we will tell them about the erasure where possible, unless it requires a disproportionate effort. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your personal information so you may contact them directly.
- Right to Restrict Processing. You may ask us to restrict or ‘block’ the processing of your personal information in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing.
- Right to Data Portability. You have the right to obtain your personal information from us. We will give you your personal information in a structured, commonly used and machine-readable format.
- Right to Object. You may ask us at any time to stop processing your personal information and profiling you for direct marketing purposes. If we are processing your personal information for other purposes, we will stop upon your request unless we have compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
- Right to Not Be Subject to Automated Decision Making and Profiling. You have the right to refuse the automated processing of your personal information to make decisions about you if such decisions significantly affect you or if they produce legal effects.
You may access and correct your personal information in your account settings if you are a user of the Services.
Attention: Privacy Officer
16262 West Bernardo Drive
San Diego, California 92127
California consumer privacy notices and disclosures.
- Your privacy rights under the CCPA. The CCPA became effective on January 1, 2020 and provides consumers who reside in California with certain rights relating to their personal information.
- Right to Know – You have the right to know about the personal information which we collect and how we use and share that information.
Personal information as defined by the CCPA specifically excludes publicly available information that is lawfully made available to the general public from federal, state, or local government records. We collect or have collected in the past 12 months the following categories of personal information:
- Personal identifiers – including name, email address, postal address, IP address, telephone number
- Categories of personal information – identified in California Civil Code section 1798.80 such as name, signature, employment, and financial information
- Commercial information – such as detailed transaction information, purchase, and payment information
- Professional and employment related information – including employer, position/job title, and contact information
- Web and other network activity information (including search and browsing history)
- Inferences which reflect your behavior, derived from geolocation and tracking data when you use the Services
We use, share, and disclose these categories of personal information we collect from and about you consistent with our business and commercial purposes stated in the section entitled, why do we collect and for what purposes do we use personal information.
The CCPA also imposes additional obligations upon businesses that sell personal information to third parties. Genasys does not sell personal information and we have not sold personal information in the last 12 months.
- Right to Request Deletion – You have the right to request the deletion of your personal information, subject to limitations, exceptions, and conditions under the law. These include maintaining personal information to complete transactions, to satisfy our legal obligations, to maintain security and existing functionality, to protect the free speech rights of other consumers, for research purposes that are in the public interest, and for our internal legitimate uses.
- Right to Opt-out of the Sale or Sharing of Personal Information – Under the CCPA, California consumers have the right to opt-out of the sale or sharing of their personal information with third parties for their direct marketing purposes. Genasys does not sell, share for value, rent, or trade personal information with third parties for their direct marketing purposes as provided in the CCPA.
- Right to Limit Use and Disclosure of Sensitive Personal Information – A consumer shall have the right, subject to limitations exceptions, and conditions under the law, at any time, to direct a business that collects sensitive personal information about the consumer to limit its use of the consumer’s sensitive personal information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.
- Right to Non-discrimination – Genasys will not discriminate against you for exercising any of your rights under the CCPA.
To exercise any of your rights under the CCPA, please contact us by submitting your request at https://genasys/legal/ccpa, by calling us 800xxx-xxxx or by submitting your written request to:
Attention: Privacy Officer
16262 West Bernardo Drive
San Diego, California 92127
Please note that you will be required to verify your identity before we act upon your request. If you choose to designate an authorized agent to submit a request on your behalf, we will need to verify your identity and you must submit a written authorization signed by you for the agent to act on your behalf. The agent must be a person or entity who is registered with the California Secretary of State. We will work with you to respond within 45 days of our receipt of your verifiable request; however, we may require an additional 45 days to respond, in which case we will so advise you. The CCPA permits a California consumer to submit personal information requests no more than twice in a 12-month period.