ADT’s Guiding Principles for Consumer Privacy
Privacy Starts Here
At ADT, we believe everyone has the right to feel safe. Our commitment to customer safety drives our privacy-by-design philosophy and how we operate our business, from our marketing to the careful way we manage your privacy. Customers trust ADT to make life safe and simple, at home, work and on the go, and that means leading the way on data and privacy protection, too. That’s why we developed the first consumer privacy guidelines for the security industry. These principles guide our business, and we call on other privacy-minded security companies to commit to follow them, too. It’s the right thing to do to ensure our customers know they can trust us to protect and connect them with the things that matter most.
Security Industry Guiding Principles for Consumer Privacy
The security industry includes a wide range of participants—suppliers of security products, software, and solutions; integrators, monitoring companies, and others who provide security services; industry supporting associations and organizations; police, firefighters, and other emergency service providers; and individuals and businesses that purchase and use security products and services. These industry participants may have differing privacy considerations, but each may directly or indirectly impact the privacy of consumers and should all be guided by consumer privacy expectations irrespective of what may be required by law.
Recognizing these particular needs for the security industry, a wide range of industry stakeholders have worked together to develop privacy principles to help guide providers of security products and services in implementing and adhering to privacy best practices that enhance consumer trust.
Privacy Best Practices
The Security Industry Guiding Principles for Consumer Privacy (the “Guiding Principles”) are intended to encourage privacy best practices for the processing of personal and other sensitive information.
- They are intended to evolve with new laws, standards, and technology for the benefit of our customers and consumers generally.
- They are intended to guide the protection of sensitive information used to help ensure the safety and security of our customers.
- This sensitive information may include not only personal information, but other account information, system data, usage data, and data provided under regulatory requirements or local ordinances. It also may include information about others incidentally or inadvertently collected by our customers, such as cameras viewing a public street, in-home devices that record audio or video of guests, or security cameras monitoring general foot-traffic in a store.
Providers of security products and services are encouraged to adopt and adhere to the Guiding Principles below as applicable to their organization and work with others in the security industry to update these principles with evolving consumer expectations on important issues, such as facial recognition and data analytics:
Specified Purposes:We will provide a clear and easy-to-understand explanation of the purposes for which we collect, use, disclose, share, and retain sensitive information.
- We will provide our customers with a clear and easy-to-understand explanation of how they can enhance their privacy when using our security products and services.
- Our products and services use the sensitive information of our customers, first and foremost, to help ensure the safety of our customers, including when sharing sensitive information with police or other first responders.
- We will require an express opt-in to use a customer’s personal information for purposes that have not been disclosed or which are not reasonably expected.
- We will not sell a customer’s personal information for third party marketing purposes without an express opt-in.
- We will not access a customer’s audio or video without notice to that customer.
- We will not share our customer’s audio or video with a first responder without our customer’s consent, except when required by a lawful subpoena, warrant, court order, or other legal process.
Transparency of Changes: We will communicate openly, clearly, and promptly with our customers (and to consumers generally) about any material changes to the types of sensitive information that we collect, use, and retain, the types of partners with whom such data is shared, and why we do so.
Data Minimization: We will only collect, use, share, and retain sensitive information that is reasonably needed to offer our security products and services, and to fulfill our customer expectations of safety and security in the use of our products and services.
- We will provide means for customers to minimize the incidental collection of information about others when using our security products and services.
- We will provide means for customers to control the retention of their audio and video data, except as otherwise required by law.
- We will otherwise only retain sensitive information (particularly geolocation, sensor data, video, audio and audio transcriptions) for as long as reasonably needed for providing our products and services to customers and to meet our legal obligations.
Customer Participation:We will provide our customers with a means to reasonably request to know what personal information about them has been collected about them, and for correcting clear errors in that information.
- We will provide a clear and easily accessible way for customers to review and change their elections regarding our use of any personal information about them that we collect, including the ability to rescind permission altogether where it does not impede our ability to provide our products or services.
- We will provide dedicated service lines or email addresses for existing or prospective customers who want information about our use of their personal information.
Data Quality and Integrity: We will work to ensure that personal information and other sensitive information that we collect about our customers is accurate, relevant, timely, and complete.
- We will employ best practices to help ensure accuracy of any personal information that we collect.
- We will endeavor to promptly correct any inaccuracies in personal information that we collect, relative to the nature of the service we provide.
- We will create an appropriate and easily accessible process to review and correct personal information.
- We will create an appropriate and easily accessible process to request deletion of their personal information in the Sensitive Customer Information that we collect.
- We will enhance Consumer safety by employing processes and technical features to help minimize the risk of misidentification when using video, geolocation, sensor data, and recorded transcriptions.
Data Security: We will implement reasonable security measures and safeguards, proportionate to the type of data, to protect all sensitive data that we collect (including any personal information incidentally captured by our customers) against loss and against unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure.
- We will promptly investigate and mitigate any known or suspected breach involving sensitive information, to promptly notify our impacted customers, and to take any action required by law or that we otherwise believe will reduce the risk of harm to our customers.
- We will protect sensitive information that we collect using reasonable safeguards, proportionate to the type of data, in accordance with data protection standards, frameworks, and best practices as to encryption, anonymization, storage, destruction, and other relevant protection mechanisms.
- We will provide appropriate data protection and privacy training to our workforce.
- We will endeavor to ensure that any parties with whom we share sensitive information undertake these same safeguards.
- We will regularly review and update our security measures and safeguards to keep pace with industry standards and best practices.
Privacy by Design: We will consider data privacy when developing our products and services, including incorporating products and services provided by our business partners.
- We will conduct privacy impact assessments to better understand the flow and potential leakage of sensitive information when using of our products or services.
- We will empower appropriate individuals in our organization to consider and effectuate these privacy considerations on an ongoing basis.
Accountability: We will take reasonable steps to ensure that we, and those that receive sensitive information from us, adhere to these principles, which have been established by the Security Industry Consumer Privacy Initiative, and to be accountable for doing so.
- We are demonstrating our commitment to these principles publicly, adding our name to the list of organizations that have agreed to adopt to them.
- We will use our best efforts to implement policies, processes, standards, and best practices in support of these principles.
- We will meet or exceed the requirements of all applicable privacy laws and regulations, in the interest of earning the trust of our customers, and for consumers generally.