Trust Hub
Confidentialité
Comment nous traitons les données que nous collectons et offrons transparence et contrôle sur nos pratiques de traitement des donnéesLa confidentialité fait partie de l’ADN de nos produits. Depuis notre création, nous nous sommes efforcés de concevoir nos produits et nos services en tenant compte de la confidentialité. Nous le faisons de sorte que nos plateformes puissent offrir à nos clients la sécurité et le fonctionnement qu’ils souhaitent, et de manière à respecter la confidentialité des personnes qui interagissent avec leur organisation. Notre engagement continu envers la confidentialité commence par ces principes :
- Les données client, c’est-à-dire les données générées par l’utilisation de nos produits (telles que les enregistrements des caméras), sont détenues et contrôlées par nos clients. Grâce à cela, nos clients peuvent :
- choisir la durée de traitement et de stockage des enregistrements des caméras sur leurs appareils
- décider quels clips vidéo sont archivés et avec qui ils sont partagés
- décider quand les employés autorisés de Verkada peuvent visionner leurs enregistrements uniquement à des fins de dépannage et de développement logiciel
… et bien plus encore. Nous voulons que nos clients soient entièrement propriétaires de leurs données.Les clients contrôlent également quand et comment leurs données sont consultées ou partagées. Par exemple :- Les administrateurs d’une organisation déterminent les personnes qui ont accès à leur système et ce qu’elles peuvent faire avec cet accès, à l’aide du contrôle d’accès en fonction des rôles de Command.
- Les administrateurs voient l’utilisation de leur système à des fins de conformité, de contrôles internes ou de chaîne de traçabilité via des journaux d’audit conservés à la fois au niveau de l’appareil et de l’organisation.
- Nous ne mélangeons ni n’agrégeons les données des clients, telles que les enregistrements des caméras, avec les données d’autres clients sans autorisation expresse préalable.
- Nous n’utilisons pas les données des clients pour améliorer nos produits et nos services sans demander et obtenir le consentement de nos clients au préalable.
- Verkada ne vend pas les données que les clients génèrent à l’aide de nos produits. Nous n’en avons pas besoin et nous ne souhaitons pas le faire.
- Nous concevons nos produits et nos services en tenant compte de la confidentialité afin que notre plateforme offre à nos clients la sécurité et le fonctionnement qu’ils souhaitent, de manière à respecter la confidentialité des personnes qui interagissent avec leur organisation. Les produits Verkada sont expédiés sans paramètres sensibles activés par défaut. Ainsi, les clients n’ont pas à se soucier des paramètres à la réception des produits et peuvent activer ces fonctionnalités quand et s’ils le souhaitent. Par exemple :
- Par défaut, les enregistrements des caméras sont stockés sur l’appareil, sous le contrôle et la propriété de notre client, et ne sont stockés dans le cloud en tant que sauvegarde que si le client choisit spécifiquement cette option.
- Nos produits ne surveillent pas les mouvements des personnes en dehors des lieux où ils sont installés.
- La fonctionnalité d’analyse des personnes est désactivée par défaut, ce qui permet au client de décider quand et s’il souhaite l’activer.
- Nous nous engageons à offrir à nos clients une visibilité sur leur système et leurs paramètres afin qu’ils puissent prendre des mesures pour se conformer à leurs propres normes et fournir aux visiteurs une visibilité sur leurs pratiques. Par exemple :
- Nombre de nos fonctionnalités impliquant des questions de confidentialité sont désactivées par défaut, et lorsqu’un utilisateur les active, nous envoyons des notifications directement sur les produits afin de nous assurer qu’il en est informé et conscient.
- Les clients peuvent voir quelles actions ont été effectuées sur la plateforme Command de Verkada, qui a accédé aux données (y compris l’accès par le service d’assistance Verkada) et qui accède en direct aux enregistrements via les journaux d’audit.
- Les clients peuvent partager des liens vers des flux en direct et, grâce à la fonctionnalité Spectateurs en direct, les administrateurs peuvent voir qui consulte les flux à l’intérieur et à l’extérieur de leur organisation.
- Si Verkada reçoit une demande d’application de la loi pour des données générées par les clients, nous en informerons le client (sauf si nous ne sommes pas légalement autorisés à le faire) afin qu’il puisse être entendu avant que nous ne soumettions ses données.
- Les clients peuvent montrer aux personnes qui interagissent avec leur système une liste des types d’appareils installés et quelles fonctionnalités sont activées sur ces appareils sur un site spécifique grâce aux Déclarations publiques de confidentialité et de sécurité de Verkada.
Nous nous engageons également à fournir une transparence sur les données que nous collectons, sur ce que nous en faisons et sur le fonctionnement de nos produits. Ces informations sont fournies dans notre Centre d’aide et nos Fiches techniques et sont inscrites dans notre Déclaration de confidentialité et notre Contrat utilisateur. - La mission de Verkada est de concevoir des produits qui protègent les personnes et les lieux dans le respect de la vie privée. Pour ce faire, nous proposons des fonctionnalités qui collectent, présentent ou conservent des données en quantités proportionnelles au cas d’utilisation particulier. Par exemple,
- Le paramètre Zones de confidentialité permet aux clients d’empêcher l’enregistrement de zones spécifiques dans le champ de vision d’une caméra.
- Les fonctionnalités susceptibles de capturer des données plus sensibles, telles que l’analyse des personnes, sont désactivées par défaut, ce qui permet à nos clients de choisir délibérément leur utilisation de ces fonctionnalités et les données qu’ils collectent au cours du processus.
- La fonctionnalité Floutage des visages permet aux clients de flouter les visages lors du partage de séquences archivées avec des tiers.
- Verkada’s products and solutions –cameras, access controls, intercoms and sensors– are designed to help customers collect and process personal information in a privacy-sensitive way. This Canadian FAQ provides a general overview of Canadian privacy law requirements and is designed to help our Canadian customers comply with their privacy obligations when using Verkada’s products and services.What Canadian privacy laws apply?
In Canada, there are federal, provincial, public, private and health sector privacy laws that regulate the collection, use, disclosure and other processing of “personal information”, which is generally defined in Canada as information about an identifiable individual. This includes such things as names, contact information, geolocation, biometric information, still images, audio and video recordings , access logs or other records of site visits. While not expressly defined under Canadian privacy legislation, certain information such as biometric information is considered sensitive information and requires a higher degree of protection (more below).
Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (“PIPEDA”), applies to organizations throughout the country that collect personal information in the course of commercial activity. Certain provinces, such as Alberta, Quebec and British Columbia, have enacted provincial legislation that may apply instead of PIPEDA when personal information is collected, used, or disclosed within the relevant province, however, these laws are broadly consistent with it.
What should I know about PIPEDA ?PIPEDA is based on 10 fair information principles that regulate the manner in which organizations may collect, use, or disclose personal information. Key features of PIPEDA include:a broad concept of “personal information”, including not simply factual information such as contact information, personal ID numbers, ethnic origin, or blood type, but also subjective information such as opinions, evaluations, and comments, or information about social status
consent is generally required prior to the collection, use or disclosure of personal information, but it can be implied through the use of signage in the case of overt video surveillance in the private sector (more below)
sensitive data, like biometric data, however, may require express consent under certain circumstances and in some places, such as Quebec
an organization may collect, use or disclose personal information only for purposes that a reasonable person would consider are appropriate in the circumstances
personal information must be protected by appropriate security relative to the sensitivity of the information. Enhanced security safeguards will be expected by Canadian regulatory authorities when processing sensitive information, such as biometric information
Does PIPEDA prevent the transfer of personal data outside of Canada?NO. Canadian privacy legislation does not prohibit organizations from processing personal information outside of Canada, including the United States, but organizations need to ensure that any personal information accessed, transferred or stored outside of the country is adequately protected.When using video surveillance in Canada, what are some key considerations?The following practices should be considered when deploying a Verkada product that enables video surveillance:Reasonableness: Video surveillance technologies should generally be implemented in a manner that is reasonable and appropriate under the circumstances, taking into account:
- a proven need (e.g., history of theft, vandalism, drug use, assault)
- establishing how cameras will help meet that need
- balancing any loss of privacy relative to the benefit gained
- whether there are less privacy-invasive ways to meet the need
Notice: Provide notice to individuals prior to the collection of personal information through video surveillance, which includes contact information in case the individual has questions or requests access to their images (e.g., signage before individuals enter the store/premises).
Transparency and openness: Include appropriate references to video surveillance (including the purposes for its use) in relevant internal and external privacy policies (posting them using Verkada’s Privacy and Security Disclosure feature can help).
Data minimization: Where possible, limit the collection of video surveillance to what’s truly necessary to meet your needs (e.g., consider the viewing range of cameras and/or the amount of time that cameras are recording).
Limitation on use: Only use the video surveillance you collect for the reasons you include in your notices/policies or as otherwise permitted by law (Verkada’s audit log and video share functions can help).
Safeguards: Store any recorded surveillance images or recordings in a secure location with limited access, and securely destroy video surveillance images or recordings when they are no longer required for the purposes for which they were obtained (Verkada’s security features provide these important safeguards, see more below).
Policies/Practices: Implement internal policies, practices and procedures related to the video surveillance tool(s).
Data Subject Access Requests (DSAR): Provide individuals with access to their video surveillance images or recording where permitted by Canadian privacy law (Verkada audit logs and video share mechanisms can help).
How can Verkada help Canadian customers comply with their privacy obligations?Verkada’s products and solutions include the following privacy and security features:Data segregation: Customer instances are logically segregated on the Command platform (Limitations on use; Safeguards).
User access can be managed at scale: Customers grant access using role-based controls, and can further limit access to specific users on an as-needed basis (Limitations on use).
Access is monitored: Detailed audit logs are generated for both physical devices and user accounts (Safeguards).
Encryption: Data and other information generated through Verkada’s products and solutions is encrypted at rest and in transit (Safeguards).
Strong authentication: Multi-factor and single sign-on authentication methods are supported to gain access to Command (Safeguards).
Automatic system updates: System updates are automatically released on devices and the Command platform, ensuring that patches and updates are promptly deployed without user intervention (Safeguards).
Regular assessments: Verkada’s cloud security practices are regularly assessed by independent third parties, including through the use of penetration testing. Verkada maintains SOC2 Type2, ISO 27001/27017/and 27018 certifications. Audits reports are available to customers upon request (Safeguards).
Vendor management: Verkada conducts assessments of its third-party vendors to help ensure that they maintain the appropriate information security controls (Safeguards).
For more information about Verkada’s information security practices and procedures, please see here.Locations: Verkada customers can choose from several cloud locations where their data can be stored, including the United States, Canada, Australia and Ireland. In addition, Verkada has EU, Australian and US cloud data centers where both data processing and storage are available.
Retention: Customers configure retention periods to suit their legal or business needs from as short as 30 to 365 days (or more) in the cloud.
What about Privacy Impact Assessments in Quebec – how does Verkada help?In the Province of Quebec (and elsewhere in Canada where privacy-sensitive technologies, such as biometrics, are used or for public sector organizations in certain jurisdictions) customers may have to first complete a privacy impact assessment (PIA) before deploying video surveillance or other privacy-impacting technologies. Customers are responsible for completing their PIAs, which typically include questions about such things as choice of camera location, supporting internal policies, balancing privacy interests against business needs, etc. Those kinds of questions can only be answered by our customers, but information about Verkada’s security practices and procedures found here can help.More InformationFor more information about the use of video surveillance tools or the collection of biometric information in Canada, please see the following resources issued by Canadian privacy regulatory authorities:Video Surveillance
Guidelines for Overt Video Surveillance in the Private Sector (Office of the Privacy Commissioner of Canada, March 2008)
Guide to Using Overt Video Surveillance (Office of the Information and Privacy Commissioner of British Columbia, October 2017)
Video Surveillance Guidelines for Public Bodies (Office of the Saskatchewan Information and Privacy Commissioner, January 2018)
Guidelines for the Use of Video Surveillance (Office of the Information and Privacy Commissioner of Ontario, October 2015)
Video Surveillance - Fact Sheet (Office of the Information and Privacy Commissioner of Ontario, November 2016)
Video Surveillance Guidelines (Office of the Information and Privacy Commissioner for Nova Scotia, December 2019)
Guidelines for the Use of Video Surveillance Systems in Schools (Office of the Information and Privacy Commissioner of Newfoundland and Labrador, February 2013)
Guidelines for Video Surveillance by Public Bodies in Newfoundland and Labrador (Office of the Information and Privacy Commissioner of Newfoundland and Labrador, June 2015)
Biometrics
Data at Your Fingertips Biometrics and the Challenges to Privacy (Office of the Privacy Commissioner of Canada, February 2011)
Guidelines for identification and authentication (Office of the Privacy Commissioner of Canada, June 2016)
Draft Guidance for processing biometrics – for organizations (Office of the Privacy Commissioner of Canada, 2023)
Draft Guidance for processing biometrics – for public institutions (Office of the Privacy Commissioner of Canada, 2023)
Biométrie (French only) (Commission d’accès à l’information du Québec, September 2022)
Biométrie : principes à respecter et obligations légales des organisations (French only) (Commission d’accès à l’information du Québec, September 2022)
- While the GDPR is broadly applicable across the EU, various countries have additional camera and/or biometric laws that apply to the use of video surveillance with or without biometrics. Likewise, local privacy regulators have differing views across the EU on how camera surveillance may be conducted under the GDPR. We examine some key country specific laws and regulatory guidance below to help our customers comply with their EU privacy obligations.
Cameras
The Camera Surveillance Act regulates camera use in Belgium. It applies to companies (public or private) that install cameras for the purpose of securing a premises. Other laws may also apply, such as labor laws, when posting cameras in the workplace. Customers subject to the Act must:
- register cameras with the police before the service starts and annually thereafter
- keep a register of the image processing as required by GDPR (with some additions for cameras)
- post signs and stickers to the camera that include required notices
- communicate a video surveillance camera policy
There are limitations that may apply to private sector use of cameras in open spaces (any space not enclosed and freely accessible to the public, including public roads). Surveillance in open spaces is generally permitted by public authorities.
Biometrics
The processing of biometric data must satisfy the “necessary” and “proportionality” conditions of the GDPR. For example, where an employee is entering a highly sensitive area and badge access alone without a second factor ID would be inadequate. In addition, Belgian regulators may also require the explicit consent of individuals whose biometric information is collected and processed–a challenge in the private workplace given the imbalance of power between the employer and employee. Where an employer allows employees to choose from an array of authentication methods (physical badge, PassApp or PassApp with biometric integration) and the employee self-selects a biometric method, it may be easier to meet the standard.
Technical requirements to consider – carefully position the camera so that it is not directed at a location for which you do not process the data (e.g. public highway)
- restricting access those under a duty of confidentiality and only as needed
- restrictions on sharing with third-parties, other than by policy or legal requirement
- deletion of images after 1 month unless required as evidence of an crime / damage
Finland has two laws that regulate camera surveillance: the Act on the Protection of Privacy in Working Life (2004/79) and the Criminal Code of Finland (1889/39). The former allows the use of surveillance cameras for the purpose of:
- protecting employees and other persons in the workplace
- surveilling the proper operation of production processes, or
- preventing/investigating situations that may endanger them
Limitations on camera surveillance may apply to the surveillance of a particular employee(s) in the workplace or where privacy is expected - bathrooms, changing rooms or other similar places.
Generally, employers may use surveillance in the workplace where it is essential for:
- preventing a clear threat of harm or danger to an employee
- preventing or investigating property crimes if the employee’s work is to handle money, securities or valuables, or
- safeguarding an employee who is to be the subject of the surveillance
The Finnish Criminal Code prohibits illicit observation, meaning unlawful watching or filming a person using a camera, in a private place (e.g., bathroom, dressing room or other similar place that is protected by domestic privacy) or that is closed to the public. The protection does not extend to public places to which the public has free access. Areas protected by the domestic privacy include a residential apartment and a hotel room where a person is staying, private events, other meetings closed to the public and a stay in a hospital.
There are no specific French camera laws, but there is regulatory guidance on biometrics. French regulators may consider whether there are less intrusive solutions for data subjects, such as a physical badge or an entry key, as a first step in determining whether biometric data collection is appropriate.
In the employment context, restrictions on (or requirements for) camera use may apply, such as:
- recording or transmitting an image in a private place without consent
- filming is generally not permitted at:
- workstations except where employees are handling money or valuables
- employee break / rest areas
- bathrooms
- union / personnel representative offices
- notice must be provided prior to use of video surveillance (e.g., via an HR privacy policy)
- where cameras are used to control employee activity, consultation with works council may be required If the cameras are intended to film a place open to the public (public entrance and exit areas, shopping areas) provisions from the French Internal Security Code may also apply, notably that their use is subject to prior authorization.
In Germany, in addition to privacy laws, other local laws may also be relevant such as Artistic Copyright law, Criminal Law, Police Law and Assembly Law. These laws restrict:
- public distribution or display of images without the consent of the person pictured, except in cases of public interest (e.g., images of a criminal act)
- filming private areas (e.g., bedrooms and bathrooms), vulnerable people (victims of violence), or in such a way as to damage a reputation (absent an overriding public interest (e.g., the arts, science, research or teaching)
- police use of video recordings to detect behavioral patterns (to be deleted after 72 hours), and surveillance of protests and assembly
- The processing of biometric data must satisfy the “necessary” and “proportionality” conditions of the GDPR. For example, where an employee is entering a highly sensitive area and badge access alone without a second factor ID would be inadequate. In addition, Dutch regulators may also require the explicit consent of individuals whose biometric information is collected and processed–a challenge in the private workplace given the imbalance of power between the employer and employee. Where an employer allows employees to choose from an array of authentication methods (physical badge, PassApp or PassApp with biometric integration) and the employee self-selects a biometric method, it may be easier to meet the standard.
In addition to the GDPR, the Swedish Camera Surveillance Act (Sw. Kamerabevakningslagen) imposes additional obligations and requires authorizations to be obtained by customers in some circumstances. It applies to cameras set up in Sweden (whether the company operating the cameras is in Sweden or not and regardless of whether biometric data is used). Prior authorization is required if the surveillance will take place in the performance of public interest tasks and will depend upon the location of cameras. For example, surveillance of a schoolyard and entrances may require prior authorization, but surveillance of classrooms or corridors typically would not.
If an authorization is required, a designated form must be completed by the company (Verkada customer). The form is available in Swedish (only) here. The form must include:
- identity of company that will carry out the surveillance or indicate if it will be managed by a third party (determined by customer)
- purpose of the surveillance (determined by customer)
- description of the surveillance, in particular equipment, location, area and time (determined by customer)
- assessment of the need for the surveillance and the proportionality of the surveillance in relation to its purpose (determined by customer)
- assessment of the risks to privacy and a description of mitigations measures (some of Verkada’s practices will help customers evidence how privacy risks are mitigated, for example, deletion of video recordings)
- if not done by a public authority, which law or other statute, collective agreement or decision provides a legal basis for the camera surveillance
- if applied in the employment context, an opinion from a safety representative, a safety committee or an organization representing the workers at the workplace must be submitted at the same time
- customers may benefit from initiating a dialogue with the authority prior to applying for authorization and keep in regular communication throughout the process
Cameras and biometrics
The UK privacy regulator, the ICO, has issued specific guidance for organizations using video surveillance including CCTV, Automatic Number Plate Recognition (ANPR), Facial Recognition Technology and Biometric Data. The guidance is comprehensive and provides, for example:
- Data Protection Impact Assessment (DPIA) will likely always be needed, even if not using biometrics, due to the inherent privacy risks involved with surveillance systems
- processing of sensitive data, such as biometric data, requires a separate “appropriate policy document” explaining the procedures for complying with GDPR principles and the retention and erasure policy (to be regularly updated until six months after the processing ends)
- records of processing documents be kept (documentation requirement of GDPR)
- in the workplace:
- consultation with employees may be needed, especially during the DPIA process
- cameras should be targeted at particular areas of risk
- continuous monitoring should be justified
- alternatives to biometric recognition should be offered
- use of CCTV for crime prevention also requires a data protection fee to the ICO
- registration and payment can be done online (see here for more information)
Technical requirements to consider
- audio should be switched off by default; only used in exceptional circumstances
- security measures should include:
- restricted access and ability to make copies
- sufficient safeguards when the systems are connected to a network
- controls around disclosures to third parties
- employee training
- notice that misuse of surveillance systems could amount to a criminal offense
- when using ANPR, databases must be kept up-to-date, accurate and of sufficient quality to prevent mismatches
- cameras (and any algorithms used) must be of sufficient quality to prevent misidentification of a Vehicle Registration Mark
- DPIA related to facial recognition must explain anti-bias measures
- when using facial recognition technologies or other uses of biometric data, customers must be able to provide:
- a “lawful basis” explanation as to why the use is necessary or in the public interest
- why less intrusive options have been ruled out
- an assessment of the likelihood that the objectives of using facial recognition technologies will be met and
- an explanation as to how its effectiveness will be measured