Alarm.com's Data Privacy Framework Notice
Alarm.com Incorporated (Alarm.com) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Alarm.com has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the collection, use, retention, transfer, and other processing of Personal Data (as defined below) received from the European Economic Area (EEA) in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Alarm.com has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Data Privacy Framework Notice (Notice) and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, please visit https://www.dataprivacyframework.gov/. To view our certification visit the DPF list at https://www.dataprivacyframework.gov/s/participant-search.For more information about Alarm.com's privacy practices generally, please review Alarm.com's Privacy Policy.Websites and mobile sites to which this Notice applies are United States-based websites, which are subject to United States law. For purposes of this Notice, "Personal Data" means information that (i) is transferred from the EEA, the UK, or Switzerland to the United States, (ii) is recorded in any form, (iii) is about, or relates to, an identified or identifiable consumer, customer, service provider or other individual, and (iv) can be linked to that consumer, customer, service provider or other individual. This Notice outlines our general policy and practices for implementing the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles for Personal Data.Additionally, "consumer" as used in this Notice means any natural or legal person (to the extent a legal person is subject to a national data protection law in the EEA, the UK, or Switzerland), but excludes any individual acting in his or her capacity as a former, current or prospective Alarm.com employee, agent, consultant or contractor.
Data Privacy Framework PrinciplesAlarm.com’s practices regarding the collection, storage, transfer, use and other processing of Personal Data comply with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles of notice, choice, accountability for onward transfer, access, security, data integrity and purpose limitation, and recourse enforcement and liability.
NoticeWe notify our customers and service providers located in the EEA, the UK, and Switzerland about the purposes for which we collect and use Personal Data, the types of third parties to which we disclose the information, the choices customers and service providers have for limiting the use and disclosure of their information, and how to contact us about our practices concerning Personal Data.When we receive Personal Data from our affiliates and service providers in the EEA, the UK, or Switzerland, we will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such Personal Data relates.
Purpose of Collection and Use of Personal DataAlarm.com collects certain Personal Data such as:
- names
- addresses
- phone numbers
- email addresses
- system data (e.g., alarm monitoring, thermostat, light and lock remote control).
We do not collect sensitive Personal Data of customers or service providers, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or other sensitive information as defined by the EU-U.S. DPF, UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF. We use Personal Data of customers and service providers to:
- provide you services and to respond to your requests
- evaluate the quality of our products and services
- communicate with you about our products, services and related issues
- notify you of and administer offers and other promotions
- for internal administrative and analytics purposes and to comply with our legal obligations, policies and procedures.
ChoiceAlarm.com may share Personal Data with its service providers that deliver the Alarm.com services to you, business partners (like other technology providers with whom we integrate our services) among Alarm.com’s subsidiaries and affiliates. With respect to Personal Data we may share with other third parties, we provide customers and service providers located in the EEA, the UK, and Switzerland with an opportunity to opt-out of such sharing. Please email us at support@alarm.com if you would like to opt-out. We do not use Personal Data for purposes incompatible with the purposes for which the information was originally collected without notifying the relevant consumers, customers, suppliers and others of such uses and offering an opportunity to opt-out. Should you opt-out as described above, Alarm.com may not be able to provide you with the services you have requested or access certain features of your system.In addition, we may disclose Personal Data without offering individuals an opportunity to opt-out (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials based on an enforceable government request or as may be required under applicable law, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.Alarm.com also reserves the right to transfer Personal Data in the event that we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation). Should such a sale or transfer occur, Alarm.com will use reasonable efforts to direct the transferee to use Personal Data in a manner that is consistent with this Notice. Following such a sale or transfer, consumers may contact the entity to which Alarm.com transferred their Personal Data with any inquiries concerning the processing of that information.
Accountability for Onward Transfer of Personal DataWe may share Personal Data with service providers we have retained to perform services on our behalf. We require service providers to whom we disclose Personal Data and who are not subject to laws based on the European Union’s General Data Protection Regulation (GDPR) or the data protection laws of Canada (i.e., the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws), as applicable, to either (i) subscribe to the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles or (ii) contractually agree to provide at least the same level of protection for Personal Data as is required by the relevant DPF Principles. If the third party does not comply with its privacy obligations, Alarm.com will take commercially reasonable steps to prevent or stop the use or disclosure of Personal Data. If a third party service provider providing services on Alarm.com’s behalf processes Personal Data from the EEA, the UK, or Switzerland in a manner inconsistent with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles, Alarm.com will be liable unless we can prove that we are not responsible for the event giving rise to the damages.
Access to Personal DataAlarm.com provides consumers, customers, suppliers and others with confirmation of whether or not Alarm.com is processing personal data relating to them and reasonable access to Personal Data maintained about them. We also provide a reasonable opportunity to correct, amend or delete that information where it is inaccurate. We may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles. To obtain access to Personal Data, consumers, customers, suppliers and others may contact Alarm.com as specified in the “How to Contact Us” section of this Notice.
SecurityAlarm.com maintains reasonable and appropriate administrative, technical and physical safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction.
Data Integrity and Purpose LimitationAlarm.com takes reasonable steps to ensure that Personal Data collected by Alarm.com is relevant for the purposes for which it is to be used and that the information is reliable for its intended use and is accurate, complete and current. We depend on our consumers, customers, suppliers and others to update or correct their Personal Data whenever necessary.
Recourse, Enforcement and LiabilityAlarm.com has established procedures for periodically verifying implementation of and compliance with the EU-U.S. DPF Principles and Swiss-U.S. DPF Principles. We conduct an annual self-assessment of our practices with respect to Personal Data to verify that representations we make about our Personal Data privacy practices are true and that related privacy policies have been implemented as represented.Consumers, customers, suppliers and others residing in the EEA, the UK, or Switzerland may file a complaint with our IT and Support Department in connection with Alarm.com’s processing of their Personal Data under the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF.. Alarm.com commits to refer unresolved privacy or data use complaints concerning our handling of Personal Data received in reliance on the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, or Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. The services of TRUSTe are provided at no cost to you. If you have any complaints regarding Alarm.com’s compliance with the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, or Swiss-U.S. DPF, you should first contact us as provided above. A binding arbitration option will also be made available to individuals in accordance with the DPF Principles in order to address complaints not resolved by any other means. The U.S. Federal Trade Commission has jurisdiction over Alarm.com’s compliance with the EU-U.S. DPF, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF.
How to Contact UsPlease address any questions or concerns regarding this Notice or our practices concerning Personal Data by contacting us through email at:
privacy@alarm.comor writing to:Alarm.com Incorporated 8281 Greensboro Drive, Suite 100 Tysons, VA 22102 USA
AmendmentThe Alarm.com Data Privacy Framework Notice may be amended from time to time in compliance with the requirements of the EU-U.S. DPF Principles and/or Swiss-U.S. DPF Principles. Appropriate notice will be given concerning such amendments.This Alarm.com Data Privacy Framework Notice was last updated and posted on October 2, 2023.